Merge "Add flag to allow provider networks"

2017-06-27 16:40:09 +00:00 · 2017-06-27 16:40:09 +00:00 · b560b64e74
commit b560b64e74
parent 70265d3476 f6eefdf388
5 changed files with 34 additions and 2 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -371,6 +371,7 @@ enable_neutron_fwaas: "no"
 enable_neutron_qos: "no"
 enable_neutron_agent_ha: "no"
 enable_neutron_bgp_dragent: "no"
+enable_neutron_provider_networks: "no"
 enable_nova_serialconsole_proxy: "no"
 enable_octavia: "no"
 enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' | bool }}"
@ -519,6 +520,8 @@ designate_ns_record: "sample.openstack.org"
 neutron_bgp_router_id: "1.1.1.1"
 neutron_bridge_name: "br-ex"

+computes_need_external_bridge: "{{ enable_neutron_dvr | bool or enable_neutron_provider_networks | bool }}"
+
 #######################
 # Nova options
 #######################
--- a/ansible/roles/neutron/templates/ml2_conf.ini.j2
+++ b/ansible/roles/neutron/templates/ml2_conf.ini.j2
@ -72,7 +72,7 @@ extensions = qos
 {% endif %}

 [ovs]
-{% if inventory_hostname in groups["network"] or (inventory_hostname in groups["compute"] and enable_neutron_dvr | bool) %}
+{% if inventory_hostname in groups["network"] or (inventory_hostname in groups["compute"] and computes_need_external_bridge ) %}
 bridge_mappings = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ bridge }}{% if not loop.last %},{% endif %}{% endfor %}
 {% endif %}

--- a/ansible/roles/openvswitch/handlers/main.yml
+++ b/ansible/roles/openvswitch/handlers/main.yml
@ -36,7 +36,7 @@
  changed_when: status.stdout.find('changed') != -1
  when:
    - inventory_hostname in groups["network"]
-      or (inventory_hostname in groups["compute"] and enable_neutron_dvr | bool)
+      or (inventory_hostname in groups["compute"] and computes_need_external_bridge)
  with_together:
    - "{{ neutron_bridge_name.split(',') }}"
    - "{{ neutron_external_interface.split(',') }}"
--- a/doc/networking-guide.rst
+++ b/doc/networking-guide.rst
@ -1,5 +1,21 @@
 .. _networking-guide:

+============================
+Enabling Provider Networks
+============================
+Provider networks allow to connect compute instances directly to physical networks avoiding tunnels.
+This is necessary for example for some performance critical applications. Only administrators of
+OpenStack can create such networks. For provider networks compute hosts must have external bridge
+created and configured by Ansible tasks like it is already done for tenant DVR mode networking.
+Normal tenant non-DVR networking does not need external bridge on compute hosts and therefore
+operators don't need additional dedicated network interface.
+
+To enable provider networks modify the configuration file ``/etc/kolla/globals.yml``:
+
+::
+
+    enable_neutron_provider_networks: "yes"
+
 ============================
 Enabling Neutron Extensions
 ============================
--- a/releasenotes/notes/add-flag-for-provider-networks-3fb5de28ba89b128.yaml
+++ b/releasenotes/notes/add-flag-for-provider-networks-3fb5de28ba89b128.yaml
@ -0,0 +1,13 @@
+---
+features:
+  - |
+    Add a new flag to explicitly enable provider networks, i.e. networks where
+    instances directly connect to the physical networks (flat,VLAN). In such
+    cases external bridges must be configured on compute nodes, like it is done
+    for self-service (tenant manageable) networks in DVR mode. Otherwise this flag
+    allows to avoid unnecessary interface and bridge setup on compute nodes
+    in case of tenant networks in non-DVR mode.
+upgrade:
+  - |
+    By default this flag is disabled. If provider networks were used in previous
+    releases please set 'enable_neutron_provider_networks' property to 'yes'.