Merge "Split out OVS/Linuxbridge agent configs from ml2_conf.ini"
This commit is contained in:
commit
734e86a02f
@ -349,18 +349,35 @@ openstack_neutron_auth: "{{ openstack_auth }}"
|
||||
|
||||
neutron_l3_agent_host_rp_filter_mode: 0
|
||||
|
||||
####################
|
||||
# Mechanism drivers
|
||||
####################
|
||||
mechanism_drivers:
|
||||
- name: "linuxbridge"
|
||||
enabled: "{{ neutron_plugin_agent == 'linuxbridge' }}"
|
||||
- name: "openvswitch"
|
||||
enabled: "{{ neutron_plugin_agent == 'openvswitch' }}"
|
||||
- name: "hyperv"
|
||||
enabled: "{{ enable_hyperv | bool }}"
|
||||
- name: "baremetal"
|
||||
enabled: "{{ enable_ironic_neutron_agent | bool }}"
|
||||
- name: "l2population"
|
||||
enabled: "{{ not enable_hyperv | bool }}"
|
||||
|
||||
neutron_mechanism_drivers: "{{ mechanism_drivers | selectattr('enabled', 'equalto', true) | list }}"
|
||||
|
||||
####################
|
||||
# Extension drivers
|
||||
####################
|
||||
extension_drivers:
|
||||
- name: "qos"
|
||||
enabled: "{{ enable_neutron_qos | bool }}"
|
||||
enabled: "{{ enable_neutron_qos | bool and not enable_hyperv | bool }}"
|
||||
- name: "port_security"
|
||||
enabled: true
|
||||
- name: "dns"
|
||||
enabled: "{{ enable_designate | bool }}"
|
||||
enabled: "{{ enable_designate | bool and not enable_hyperv | bool }}"
|
||||
- name: "sfc"
|
||||
enabled: "{{ enable_neutron_sfc | bool }}"
|
||||
enabled: "{{ enable_neutron_sfc | bool and not enable_hyperv | bool }}"
|
||||
|
||||
neutron_extension_drivers: "{{ extension_drivers | selectattr('enabled', 'equalto', true) | list }}"
|
||||
|
||||
|
@ -42,16 +42,16 @@
|
||||
notify:
|
||||
- Restart fake neutron-openvswitch-agent container
|
||||
|
||||
- name: Copying over ml2_conf.ini
|
||||
- name: Copying over openvswitch_agent.ini
|
||||
become: true
|
||||
vars:
|
||||
service_name: "{{ item }}"
|
||||
merge_configs:
|
||||
sources:
|
||||
- "{{ role_path }}/templates/ml2_conf.ini.j2"
|
||||
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron.conf"
|
||||
dest: "{{ node_config_directory }}/neutron-openvswitch-agent-fake-{{ item }}/ml2_conf.ini"
|
||||
- "{{ role_path }}/templates/openvswitch_agent.ini.j2"
|
||||
- "{{ node_custom_config }}/neutron/openvswitch_agent.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/openvswitch_agent.ini"
|
||||
dest: "{{ node_config_directory }}/neutron-openvswitch-agent-fake-{{ item }}/openvswitch_agent.ini"
|
||||
mode: "0660"
|
||||
with_sequence: start=1 end={{ num_nova_fake_per_node }}
|
||||
when:
|
||||
|
@ -107,8 +107,6 @@
|
||||
vars:
|
||||
service_name: "{{ item.key }}"
|
||||
services_need_ml2_conf_ini:
|
||||
- "neutron-linuxbridge-agent"
|
||||
- "neutron-openvswitch-agent"
|
||||
- "neutron-infoblox-ipam-agent"
|
||||
- "neutron-server"
|
||||
merge_configs:
|
||||
@ -126,29 +124,67 @@
|
||||
notify:
|
||||
- "Restart {{ item.key }} container"
|
||||
|
||||
- name: Copying over ml2_conf.ini for XenAPI
|
||||
- name: Copying over linuxbridge_agent.ini
|
||||
become: true
|
||||
vars:
|
||||
service_name: "{{ item.key }}"
|
||||
services_need_ml2_conf_ini:
|
||||
- "neutron-openvswitch-agent-xenapi"
|
||||
service_name: "neutron-linuxbridge-agent"
|
||||
merge_configs:
|
||||
sources:
|
||||
- "{{ role_path }}/templates/linuxbridge_agent.ini.j2"
|
||||
- "{{ node_custom_config }}/neutron/linuxbridge_agent.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/linuxbridge_agent.ini"
|
||||
# TODO(mnasiadka): Remove in V - left to not break existing deployments
|
||||
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
|
||||
dest: "{{ node_config_directory }}/{{ service_name }}/linuxbridge_agent.ini"
|
||||
mode: "0660"
|
||||
when:
|
||||
- neutron_services[service_name].enabled | bool
|
||||
- neutron_services[service_name].host_in_groups | bool
|
||||
notify:
|
||||
- "Restart {{ service_name }} container"
|
||||
|
||||
- name: Copying over openvswitch_agent.ini
|
||||
become: true
|
||||
vars:
|
||||
service_name: "neutron-openvswitch-agent"
|
||||
merge_configs:
|
||||
sources:
|
||||
- "{{ role_path }}/templates/openvswitch_agent.ini.j2"
|
||||
- "{{ node_custom_config }}/neutron/openvswitch_agent.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/openvswitch_agent.ini"
|
||||
# TODO(mnasiadka): Remove in V - left to not break existing deployments
|
||||
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
|
||||
dest: "{{ node_config_directory }}/{{ service_name }}/openvswitch_agent.ini"
|
||||
mode: "0660"
|
||||
when:
|
||||
- neutron_services[service_name].enabled | bool
|
||||
- neutron_services[service_name].host_in_groups | bool
|
||||
notify:
|
||||
- "Restart {{ service_name }} container"
|
||||
|
||||
- name: Copying over openvswitch_agent.ini for XenAPI
|
||||
become: true
|
||||
vars:
|
||||
service_name: "neutron-openvswitch-agent-xenapi"
|
||||
os_xenapi_variables: "{{ lookup('file', xenapi_facts_root + '/' + inventory_hostname + '/' + xenapi_facts_file) | from_json }}"
|
||||
merge_configs:
|
||||
sources:
|
||||
- "{{ role_path }}/templates/ml2_conf.ini.j2"
|
||||
- "{{ role_path }}/templates/ml2_conf_xenapi.ini.j2"
|
||||
- "{{ role_path }}/templates/openvswitch_agent_xenapi.ini.j2"
|
||||
- "{{ node_custom_config }}/neutron/openvswitch_agent_xenapi.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/openvswitch_agent_xenapi.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ service_name }}/openvswitch_agent_xenapi.ini"
|
||||
# TODO(mnasiadka): Remove in V - left to not break existing deployments
|
||||
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
|
||||
- "{{ node_custom_config }}/neutron/{{ service_name }}/ml2_conf.ini"
|
||||
dest: "{{ node_config_directory }}/{{ service_name }}/ml2_conf.ini"
|
||||
dest: "{{ node_config_directory }}/{{ service_name }}/openvswitch_agent.ini"
|
||||
mode: "0660"
|
||||
when:
|
||||
- item.key in services_need_ml2_conf_ini
|
||||
- item.value.enabled | bool
|
||||
- item.value.host_in_groups | bool
|
||||
with_dict: "{{ neutron_services }}"
|
||||
- neutron_services[service_name].enabled | bool
|
||||
- neutron_services[service_name].host_in_groups | bool
|
||||
notify:
|
||||
- "Restart {{ item.key }} container"
|
||||
- "Restart {{ service_name }} container"
|
||||
|
||||
- name: Copying over sriov_agent.ini
|
||||
vars:
|
||||
|
15
ansible/roles/neutron/templates/linuxbridge_agent.ini.j2
Normal file
15
ansible/roles/neutron/templates/linuxbridge_agent.ini.j2
Normal file
@ -0,0 +1,15 @@
|
||||
[agent]
|
||||
{% if neutron_agent_extensions %}
|
||||
extensions = {{ neutron_agent_extensions|map(attribute='name')|join(',') }}
|
||||
{% endif %}
|
||||
|
||||
[linux_bridge]
|
||||
physical_interface_mappings = physnet1:{{ neutron_external_interface }}
|
||||
|
||||
[security_group]
|
||||
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
|
||||
|
||||
[vxlan]
|
||||
l2_population = true
|
||||
local_ip = {{ tunnel_interface_address }}
|
||||
arp_responder = true
|
@ -3,25 +3,14 @@
|
||||
# Changing type_drivers after bootstrap can lead to database inconsistencies
|
||||
type_drivers = {{ neutron_type_drivers }}
|
||||
tenant_network_types = {{ neutron_tenant_network_types }}
|
||||
|
||||
{% if tunnel_address_family == 'ipv6' %}
|
||||
overlay_ip_version = 6
|
||||
{% endif %}
|
||||
|
||||
{% if neutron_plugin_agent == "openvswitch" %}
|
||||
{% if enable_hyperv | bool %}
|
||||
mechanism_drivers = openvswitch,hyperv
|
||||
{% else %}
|
||||
mechanism_drivers = openvswitch,{% if enable_ironic_neutron_agent | bool %}baremetal,{% endif %}l2population
|
||||
{% if neutron_mechanism_drivers %}
|
||||
mechanism_drivers = {{ neutron_mechanism_drivers | map(attribute='name') | join(',') }}
|
||||
{% endif %}
|
||||
{% elif neutron_plugin_agent == "linuxbridge" %}
|
||||
mechanism_drivers = linuxbridge,l2population
|
||||
{% endif %}
|
||||
|
||||
{% if neutron_extension_drivers %}
|
||||
extension_drivers = {{ neutron_extension_drivers | map(attribute='name') | join(',') }}
|
||||
{% elif enable_hyperv | bool %}
|
||||
extension_drivers = port_security
|
||||
{% endif %}
|
||||
|
||||
[ml2_type_vlan]
|
||||
@ -40,49 +29,3 @@ flat_networks = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop
|
||||
|
||||
[ml2_type_vxlan]
|
||||
vni_ranges = 1:1000
|
||||
|
||||
[securitygroup]
|
||||
{% if neutron_plugin_agent == "openvswitch" %}
|
||||
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
||||
{% elif neutron_plugin_agent == "linuxbridge" %}
|
||||
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
|
||||
{% endif %}
|
||||
|
||||
{% if neutron_plugin_agent == "openvswitch" %}
|
||||
[agent]
|
||||
tunnel_types = vxlan
|
||||
{% if nova_compute_virt_type != 'xenapi' %}
|
||||
l2_population = true
|
||||
{% endif %}
|
||||
arp_responder = true
|
||||
|
||||
{% if enable_neutron_dvr | bool %}
|
||||
enable_distributed_routing = True
|
||||
{% endif %}
|
||||
|
||||
{% if neutron_agent_extensions %}
|
||||
extensions = {{ neutron_agent_extensions|map(attribute='name')|join(',') }}
|
||||
{% endif %}
|
||||
|
||||
[ovs]
|
||||
{% if inventory_hostname in groups["network"] or (inventory_hostname in groups["compute"] and computes_need_external_bridge | bool ) %}
|
||||
bridge_mappings = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ bridge }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
{# NOTE: newline above is required for correct config generation. Do not remove. #}
|
||||
datapath_type = {{ ovs_datapath }}
|
||||
ovsdb_connection = tcp:127.0.0.1:{{ ovsdb_port }}
|
||||
{% if enable_nova_fake | bool %}
|
||||
integration_bridge = br-int-{{ item }}
|
||||
{% endif %}
|
||||
{% elif neutron_plugin_agent == "linuxbridge" %}
|
||||
[linux_bridge]
|
||||
physical_interface_mappings = physnet1:{{ neutron_external_interface }}
|
||||
|
||||
[vxlan]
|
||||
l2_population = true
|
||||
{% endif %}
|
||||
|
||||
{% if inventory_hostname in groups["network"] or inventory_hostname in groups["compute"] %}
|
||||
local_ip = {{ tunnel_interface_address }}
|
||||
{% endif %}
|
||||
|
@ -1,5 +1,5 @@
|
||||
{
|
||||
"command": "neutron-linuxbridge-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||
"command": "neutron-linuxbridge-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini",
|
||||
"config_files": [
|
||||
{
|
||||
"source": "{{ container_config_directory }}/neutron.conf",
|
||||
@ -8,8 +8,8 @@
|
||||
"perm": "0600"
|
||||
},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/ml2_conf.ini",
|
||||
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||
"source": "{{ container_config_directory }}/linuxbridge_agent.ini",
|
||||
"dest": "/etc/neutron/plugins/ml2/linuxbridge_agent.ini",
|
||||
"owner": "neutron",
|
||||
"perm": "0600"
|
||||
},
|
||||
|
@ -1,5 +1,5 @@
|
||||
{
|
||||
"command": "neutron-openvswitch-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||
"command": "neutron-openvswitch-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini",
|
||||
"config_files": [
|
||||
{
|
||||
"source": "{{ container_config_directory }}/neutron.conf",
|
||||
@ -8,8 +8,8 @@
|
||||
"perm": "0600"
|
||||
},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/ml2_conf.ini",
|
||||
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||
"source": "{{ container_config_directory }}/openvswitch_agent.ini",
|
||||
"dest": "/etc/neutron/plugins/ml2/openvswitch_agent.ini",
|
||||
"owner": "neutron",
|
||||
"perm": "0600"
|
||||
},
|
||||
|
@ -1,5 +1,5 @@
|
||||
{
|
||||
"command": "neutron-openvswitch-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||
"command": "neutron-openvswitch-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini",
|
||||
"config_files": [
|
||||
{
|
||||
"source": "{{ container_config_directory }}/neutron.conf",
|
||||
@ -8,8 +8,8 @@
|
||||
"perm": "0600"
|
||||
},
|
||||
{
|
||||
"source": "{{ container_config_directory }}/ml2_conf.ini",
|
||||
"dest": "/etc/neutron/plugins/ml2/ml2_conf.ini",
|
||||
"source": "{{ container_config_directory }}/openvswitch_agent.ini",
|
||||
"dest": "/etc/neutron/plugins/ml2/openvswitch_agent.ini",
|
||||
"owner": "neutron",
|
||||
"perm": "0600"
|
||||
},
|
||||
|
25
ansible/roles/neutron/templates/openvswitch_agent.ini.j2
Normal file
25
ansible/roles/neutron/templates/openvswitch_agent.ini.j2
Normal file
@ -0,0 +1,25 @@
|
||||
#jinja2: trim_blocks: False
|
||||
[agent]
|
||||
tunnel_types = vxlan
|
||||
l2_population = true
|
||||
arp_responder = true
|
||||
{% if enable_neutron_dvr | bool %}
|
||||
enable_distributed_routing = True
|
||||
{% endif %}
|
||||
{% if neutron_agent_extensions %}
|
||||
extensions = {{ neutron_agent_extensions|map(attribute='name')|join(',') }}
|
||||
{% endif %}
|
||||
|
||||
[securitygroup]
|
||||
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
||||
|
||||
[ovs]
|
||||
{% if inventory_hostname in groups["network"] or (inventory_hostname in groups["compute"] and computes_need_external_bridge | bool ) %}
|
||||
bridge_mappings = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ bridge }}{% if not loop.last %},{% endif %}{% endfor %}
|
||||
{% endif %}
|
||||
datapath_type = {{ ovs_datapath }}
|
||||
ovsdb_connection = tcp:127.0.0.1:{{ ovsdb_port }}
|
||||
local_ip = {{ tunnel_interface_address }}
|
||||
{% if enable_nova_fake | bool %}
|
||||
integration_bridge = br-int-{{ item }}
|
||||
{% endif %}
|
@ -1,4 +1,3 @@
|
||||
# ml2_conf.ini
|
||||
[DEFAULT]
|
||||
# Use service_name as the log file name for neutron-openvswitch-agent-xenapi,
|
||||
# so that it will use a different log file from neutron-openvswitch-agent.
|
@ -50,7 +50,7 @@ When using Open vSwitch on a compatible kernel (4.3+ upstream, consult the
|
||||
documentation of your distribution for support details), you can switch
|
||||
to using the native OVS firewall driver by employing a configuration override
|
||||
(see :ref:`service-config`). You can set it in
|
||||
``/etc/kolla/config/neutron/ml2_conf.ini``:
|
||||
``/etc/kolla/config/neutron/openvswitch_agent.ini``:
|
||||
|
||||
.. code-block:: ini
|
||||
|
||||
|
@ -0,0 +1,14 @@
|
||||
---
|
||||
upgrade:
|
||||
- |
|
||||
Neutron Linux bridge and Open vSwitch Agents config has been split out into
|
||||
linuxbridge_agent.ini and openvswitch_agent.ini respectively.
|
||||
Please move your custom service config from ml2_conf.ini into those files.
|
||||
deprecations:
|
||||
- |
|
||||
Customizing Neutron Linux bridge and Open vSwitch Agents config via ml2_conf.ini
|
||||
is deprecated. The config has been split out for these agents into
|
||||
linuxbridge_agent.ini and openvswitch_agent.ini respectively.
|
||||
In this release (Ussuri) custom service config ml2_conf.ini overrides will still
|
||||
be used when merging configs - but that functionality will be removed
|
||||
in V release.
|
Loading…
Reference in New Issue
Block a user