Configure Infoblox as an IPAM driver for neutron
This patch allows configuration of the Infoblox pluggable IPAM driver in neutron [0]. When 'infoblox' is chosen as the driver, an Infoblox IPAM agent can be started as well. The agent allows for enhanced DNS capabilities by listening for neutron and nova notifications. [0] https://github.com/openstack/networking-infoblox/blob/master/README.rst Change-Id: I4f863750a7806a7b6eaf13900d44e5f063afe3de Depends-On: Ia44f0e0d7a0d60cebf0857ad51700e02eba5099b Partially-Implements: blueprint neutron-ipam-driver-infoblox
This commit is contained in:
parent
71033e8f21
commit
2f69b3cbc6
@ -158,6 +158,9 @@ tunnel_interface_address: "{{ hostvars[inventory_hostname]['ansible_' + tunnel_i
|
|||||||
# Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_dvs, opendaylight ]
|
# Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_dvs, opendaylight ]
|
||||||
neutron_plugin_agent: "openvswitch"
|
neutron_plugin_agent: "openvswitch"
|
||||||
|
|
||||||
|
# Valid options are [ internal, infoblox ]
|
||||||
|
neutron_ipam_driver: "internal"
|
||||||
|
|
||||||
# The default ports used by each service.
|
# The default ports used by each service.
|
||||||
# The list should be in alphabetical order
|
# The list should be in alphabetical order
|
||||||
aodh_api_port: "8042"
|
aodh_api_port: "8042"
|
||||||
@ -463,6 +466,7 @@ enable_neutron_bgp_dragent: "no"
|
|||||||
enable_neutron_provider_networks: "no"
|
enable_neutron_provider_networks: "no"
|
||||||
enable_neutron_segments: "no"
|
enable_neutron_segments: "no"
|
||||||
enable_neutron_sfc: "no"
|
enable_neutron_sfc: "no"
|
||||||
|
enable_neutron_infoblox_ipam_agent: "no"
|
||||||
enable_nova_serialconsole_proxy: "no"
|
enable_nova_serialconsole_proxy: "no"
|
||||||
enable_octavia: "no"
|
enable_octavia: "no"
|
||||||
enable_opendaylight: "no"
|
enable_opendaylight: "no"
|
||||||
|
@ -302,6 +302,9 @@ neutron
|
|||||||
[neutron-bgp-dragent:children]
|
[neutron-bgp-dragent:children]
|
||||||
neutron
|
neutron
|
||||||
|
|
||||||
|
[neutron-infoblox-ipam-agent:children]
|
||||||
|
neutron
|
||||||
|
|
||||||
# Ceph
|
# Ceph
|
||||||
[ceph-mds:children]
|
[ceph-mds:children]
|
||||||
ceph
|
ceph
|
||||||
|
@ -321,6 +321,9 @@ neutron
|
|||||||
[neutron-bgp-dragent:children]
|
[neutron-bgp-dragent:children]
|
||||||
neutron
|
neutron
|
||||||
|
|
||||||
|
[neutron-infoblox-ipam-agent:children]
|
||||||
|
neutron
|
||||||
|
|
||||||
# Ceph
|
# Ceph
|
||||||
[ceph-mds:children]
|
[ceph-mds:children]
|
||||||
ceph
|
ceph
|
||||||
|
@ -173,6 +173,18 @@ neutron_services:
|
|||||||
- "/etc/localtime:/etc/localtime:ro"
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
- "/run:/run:shared"
|
- "/run:/run:shared"
|
||||||
- "kolla_logs:/var/log/kolla/"
|
- "kolla_logs:/var/log/kolla/"
|
||||||
|
neutron-infoblox-ipam-agent:
|
||||||
|
container_name: "neutron_infoblox_ipam_agent"
|
||||||
|
image: "{{ neutron_infoblox_ipam_agent_image_full }}"
|
||||||
|
privileged: True
|
||||||
|
enabled: "{{ enable_neutron_infoblox_ipam_agent | bool }}"
|
||||||
|
group: "neutron-infoblox-ipam-agent"
|
||||||
|
host_in_groups: "{{ inventory_hostname in groups['neutron-infoblox-ipam-agent'] }}"
|
||||||
|
volumes:
|
||||||
|
- "{{ node_config_directory }}/neutron-infoblox-ipam-agent/:{{ container_config_directory }}/:ro"
|
||||||
|
- "/etc/localtime:/etc/localtime:ro"
|
||||||
|
- "/run:/run:shared"
|
||||||
|
- "kolla_logs:/var/log/kolla/"
|
||||||
|
|
||||||
|
|
||||||
####################
|
####################
|
||||||
@ -229,6 +241,9 @@ neutron_bgp_dragent_image: "{{ docker_registry ~ '/' if docker_registry else ''
|
|||||||
neutron_bgp_dragent_tag: "{{ neutron_tag }}"
|
neutron_bgp_dragent_tag: "{{ neutron_tag }}"
|
||||||
neutron_bgp_dragent_image_full: "{{ neutron_bgp_dragent_image }}:{{ neutron_bgp_dragent_tag }}"
|
neutron_bgp_dragent_image_full: "{{ neutron_bgp_dragent_image }}:{{ neutron_bgp_dragent_tag }}"
|
||||||
|
|
||||||
|
neutron_infoblox_ipam_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-infoblox-ipam-agent"
|
||||||
|
neutron_infoblox_ipam_agent_tag: "{{ neutron_tag }}"
|
||||||
|
neutron_infoblox_ipam_agent_image_full: "{{ neutron_infoblox_ipam_agent_image }}:{{ neutron_infoblox_ipam_agent_tag }}"
|
||||||
|
|
||||||
####################
|
####################
|
||||||
# OpenStack
|
# OpenStack
|
||||||
@ -296,7 +311,7 @@ neutron_service_plugins: "{{ service_plugins|selectattr('enabled', 'equalto', tr
|
|||||||
####################
|
####################
|
||||||
neutron_notification_topics:
|
neutron_notification_topics:
|
||||||
- name: notifications
|
- name: notifications
|
||||||
enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool }}"
|
enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool or enable_neutron_infoblox_ipam_agent | bool }}"
|
||||||
- name: notifications_designate
|
- name: notifications_designate
|
||||||
enabled: "{{ enable_designate | bool }}"
|
enabled: "{{ enable_designate | bool }}"
|
||||||
|
|
||||||
@ -349,6 +364,16 @@ vmware_dvs_insecure: "True"
|
|||||||
vmware_dvs_dvs_name: "VDS-1"
|
vmware_dvs_dvs_name: "VDS-1"
|
||||||
vmware_dvs_dhcp_override_mac: ""
|
vmware_dvs_dhcp_override_mac: ""
|
||||||
|
|
||||||
|
####################
|
||||||
|
# Infoblox IPAM
|
||||||
|
####################
|
||||||
|
infoblox_cloud_data_center_id: "1"
|
||||||
|
infoblox_grid_master_host: "192.168.1.1"
|
||||||
|
infoblox_grid_master_name: "infoblox.localdomain"
|
||||||
|
infoblox_admin_user_name: "admin"
|
||||||
|
infoblox_wapi_version: "2.3"
|
||||||
|
infoblox_wapi_max_results: "-50000"
|
||||||
|
|
||||||
######################
|
######################
|
||||||
# Notification Drivers
|
# Notification Drivers
|
||||||
######################
|
######################
|
||||||
|
@ -325,3 +325,26 @@
|
|||||||
or neutron_bgp_dragent_ini | changed
|
or neutron_bgp_dragent_ini | changed
|
||||||
or policy_json | changed
|
or policy_json | changed
|
||||||
or neutron_bgp_dragent_container | changed
|
or neutron_bgp_dragent_container | changed
|
||||||
|
|
||||||
|
- name: Restart neutron-infoblox-ipam-agent container
|
||||||
|
vars:
|
||||||
|
service_name: "neutron-infoblox-ipam-agent"
|
||||||
|
service: "{{ neutron_services[service_name] }}"
|
||||||
|
config_json: "{{ neutron_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
neutron_conf: "{{ neutron_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
neutron_ml2_conf: "{{ neutron_ml2_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
neutron_infoblox_ipam_agent_container: "{{ check_neutron_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
|
||||||
|
kolla_docker:
|
||||||
|
action: "recreate_or_restart_container"
|
||||||
|
common_options: "{{ docker_common_options }}"
|
||||||
|
name: "{{ service.container_name }}"
|
||||||
|
image: "{{ service.image }}"
|
||||||
|
volumes: "{{ service.volumes }}"
|
||||||
|
privileged: "{{ service.privileged | default(False) }}"
|
||||||
|
when:
|
||||||
|
- action != "config"
|
||||||
|
- service.enabled | bool
|
||||||
|
- service.host_in_groups | bool
|
||||||
|
- config_json | changed
|
||||||
|
or neutron_conf | changed
|
||||||
|
or neutron_ml2_conf | changed
|
||||||
|
@ -56,6 +56,7 @@
|
|||||||
- "neutron-lbaas-agent"
|
- "neutron-lbaas-agent"
|
||||||
- "neutron-vpnaas-agent"
|
- "neutron-vpnaas-agent"
|
||||||
- "neutron-bgp-dragent"
|
- "neutron-bgp-dragent"
|
||||||
|
- "neutron-infoblox-ipam-agent"
|
||||||
- "neutron-sriov-agent"
|
- "neutron-sriov-agent"
|
||||||
merge_configs:
|
merge_configs:
|
||||||
sources:
|
sources:
|
||||||
@ -126,6 +127,7 @@
|
|||||||
services_need_ml2_conf_ini:
|
services_need_ml2_conf_ini:
|
||||||
- "neutron-linuxbridge-agent"
|
- "neutron-linuxbridge-agent"
|
||||||
- "neutron-openvswitch-agent"
|
- "neutron-openvswitch-agent"
|
||||||
|
- "neutron-infoblox-ipam-agent"
|
||||||
- "neutron-server"
|
- "neutron-server"
|
||||||
merge_configs:
|
merge_configs:
|
||||||
sources:
|
sources:
|
||||||
|
@ -0,0 +1,29 @@
|
|||||||
|
{
|
||||||
|
"command": "infoblox-ipam-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||||
|
"config_files": [
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/neutron.conf",
|
||||||
|
"dest": "/etc/neutron/neutron.conf",
|
||||||
|
"owner": "neutron",
|
||||||
|
"perm": "0600"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"source": "{{ container_config_directory }}/ml2_conf.ini",
|
||||||
|
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||||
|
"owner": "neutron",
|
||||||
|
"perm": "0600"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"permissions": [
|
||||||
|
{
|
||||||
|
"path": "/var/log/kolla/neutron",
|
||||||
|
"owner": "neutron:neutron",
|
||||||
|
"recurse": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"path": "/var/lib/neutron/kolla",
|
||||||
|
"owner": "neutron:neutron",
|
||||||
|
"recurse": true
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
@ -68,6 +68,8 @@ nsx_extension_drivers = vmware_dvs_dns
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
ipam_driver = {{ neutron_ipam_driver }}
|
||||||
|
|
||||||
[nova]
|
[nova]
|
||||||
auth_url = {{ keystone_admin_url }}
|
auth_url = {{ keystone_admin_url }}
|
||||||
auth_type = password
|
auth_type = password
|
||||||
@ -170,3 +172,23 @@ os_interface = internal
|
|||||||
|
|
||||||
[privsep]
|
[privsep]
|
||||||
helper_command=sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper
|
helper_command=sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper
|
||||||
|
|
||||||
|
{% if enable_neutron_infoblox_ipam_agent | bool %}
|
||||||
|
[infoblox]
|
||||||
|
keystone_admin_project_domain_id = {{ default_project_domain_id }}
|
||||||
|
keystone_admin_user_domain_id = {{ default_user_domain_id }}
|
||||||
|
keystone_admin_project_name = service
|
||||||
|
keystone_admin_username = {{ neutron_keystone_user }}
|
||||||
|
keystone_admin_password = {{ neutron_keystone_password }}
|
||||||
|
keystone_auth_uri = {{ keystone_internal_url }}
|
||||||
|
keystone_auth_version = v3
|
||||||
|
cloud_data_center_id = {{ infoblox_cloud_data_center_id }}
|
||||||
|
|
||||||
|
[infoblox-dc:{{ infoblox_cloud_data_center_id }}]
|
||||||
|
grid_master_host = {{ infoblox_grid_master_host }}
|
||||||
|
grid_master_name = {{ infoblox_grid_master_name }}
|
||||||
|
admin_user_name = {{ infoblox_admin_user_name }}
|
||||||
|
admin_password = {{ infoblox_admin_password }}
|
||||||
|
wapi_version = {{ infoblox_wapi_version }}
|
||||||
|
wapi_max_results = {{ infoblox_wapi_max_results }}
|
||||||
|
{% endif %}
|
||||||
|
@ -249,7 +249,7 @@ nova_ssh_port: "8022"
|
|||||||
####################
|
####################
|
||||||
nova_notification_topics:
|
nova_notification_topics:
|
||||||
- name: notifications
|
- name: notifications
|
||||||
enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool }}"
|
enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool or enable_neutron_infoblox_ipam_agent | bool }}"
|
||||||
- name: notifications_designate
|
- name: notifications_designate
|
||||||
enabled: "{{ enable_designate | bool }}"
|
enabled: "{{ enable_designate | bool }}"
|
||||||
|
|
||||||
|
@ -269,7 +269,7 @@ os_region_name = {{ openstack_region_name }}
|
|||||||
os_interface = internal
|
os_interface = internal
|
||||||
|
|
||||||
[notifications]
|
[notifications]
|
||||||
{% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool %}
|
{% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool or enable_neutron_infoblox_ipam_agent | bool %}
|
||||||
notify_on_state_change = vm_and_task_state
|
notify_on_state_change = vm_and_task_state
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
@ -102,6 +102,9 @@ kolla_internal_vip_address: "10.10.10.254"
|
|||||||
# Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_dvs, opendaylight ]
|
# Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_dvs, opendaylight ]
|
||||||
#neutron_plugin_agent: "openvswitch"
|
#neutron_plugin_agent: "openvswitch"
|
||||||
|
|
||||||
|
# Valid options are [ internal, infoblox ]
|
||||||
|
#neutron_ipam_driver: "internal"
|
||||||
|
|
||||||
|
|
||||||
####################
|
####################
|
||||||
# keepalived options
|
# keepalived options
|
||||||
|
@ -45,6 +45,11 @@ hnas_nfs_password:
|
|||||||
######################
|
######################
|
||||||
zfssa_iscsi_password:
|
zfssa_iscsi_password:
|
||||||
|
|
||||||
|
#######################
|
||||||
|
# Infoblox IPAM support
|
||||||
|
#######################
|
||||||
|
infoblox_admin_password:
|
||||||
|
|
||||||
####################
|
####################
|
||||||
# OpenStack options
|
# OpenStack options
|
||||||
####################
|
####################
|
||||||
|
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Add support for the configuration of Infoblox as a pluggable
|
||||||
|
IPAM driver in neutron. Configure by selecting 'infoblox' as
|
||||||
|
the 'neutron_ipam_driver'. In addition to handling IP address
|
||||||
|
management within neutron, an agent will be started to
|
||||||
|
automatically manage DNS entries within the Infoblox appliance.
|
@ -294,6 +294,9 @@ neutron
|
|||||||
[neutron-bgp-dragent:children]
|
[neutron-bgp-dragent:children]
|
||||||
neutron
|
neutron
|
||||||
|
|
||||||
|
[neutron-infoblox-ipam-agent:children]
|
||||||
|
neutron
|
||||||
|
|
||||||
# Ceph
|
# Ceph
|
||||||
[ceph-mds:children]
|
[ceph-mds:children]
|
||||||
ceph
|
ceph
|
||||||
|
Loading…
Reference in New Issue
Block a user