diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 27ba18ca2c..30f816bb27 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -158,6 +158,9 @@ tunnel_interface_address: "{{ hostvars[inventory_hostname]['ansible_' + tunnel_i # Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_dvs, opendaylight ] neutron_plugin_agent: "openvswitch" +# Valid options are [ internal, infoblox ] +neutron_ipam_driver: "internal" + # The default ports used by each service. # The list should be in alphabetical order aodh_api_port: "8042" @@ -472,6 +475,7 @@ enable_neutron_bgp_dragent: "no" enable_neutron_provider_networks: "no" enable_neutron_segments: "no" enable_neutron_sfc: "no" +enable_neutron_infoblox_ipam_agent: "no" enable_nova_serialconsole_proxy: "no" enable_octavia: "no" enable_opendaylight: "no" diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index 1b28267032..fabd043a53 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -308,6 +308,9 @@ neutron [neutron-bgp-dragent:children] neutron +[neutron-infoblox-ipam-agent:children] +neutron + # Ceph [ceph-mds:children] ceph diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index e66d3e137d..96305082cd 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -327,6 +327,9 @@ neutron [neutron-bgp-dragent:children] neutron +[neutron-infoblox-ipam-agent:children] +neutron + # Ceph [ceph-mds:children] ceph diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml index 2ea00a1684..b8d4f509df 100644 --- a/ansible/roles/neutron/defaults/main.yml +++ b/ansible/roles/neutron/defaults/main.yml @@ -173,6 +173,18 @@ neutron_services: - "/etc/localtime:/etc/localtime:ro" - "/run:/run:shared" - "kolla_logs:/var/log/kolla/" + neutron-infoblox-ipam-agent: + container_name: "neutron_infoblox_ipam_agent" + image: "{{ neutron_infoblox_ipam_agent_image_full }}" + privileged: True + enabled: "{{ enable_neutron_infoblox_ipam_agent | bool }}" + group: "neutron-infoblox-ipam-agent" + host_in_groups: "{{ inventory_hostname in groups['neutron-infoblox-ipam-agent'] }}" + volumes: + - "{{ node_config_directory }}/neutron-infoblox-ipam-agent/:{{ container_config_directory }}/:ro" + - "/etc/localtime:/etc/localtime:ro" + - "/run:/run:shared" + - "kolla_logs:/var/log/kolla/" #################### @@ -229,6 +241,9 @@ neutron_bgp_dragent_image: "{{ docker_registry ~ '/' if docker_registry else '' neutron_bgp_dragent_tag: "{{ neutron_tag }}" neutron_bgp_dragent_image_full: "{{ neutron_bgp_dragent_image }}:{{ neutron_bgp_dragent_tag }}" +neutron_infoblox_ipam_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-infoblox-ipam-agent" +neutron_infoblox_ipam_agent_tag: "{{ neutron_tag }}" +neutron_infoblox_ipam_agent_image_full: "{{ neutron_infoblox_ipam_agent_image }}:{{ neutron_infoblox_ipam_agent_tag }}" #################### # OpenStack @@ -296,7 +311,7 @@ neutron_service_plugins: "{{ service_plugins|selectattr('enabled', 'equalto', tr #################### neutron_notification_topics: - name: notifications - enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool }}" + enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool or enable_neutron_infoblox_ipam_agent | bool }}" - name: notifications_designate enabled: "{{ enable_designate | bool }}" @@ -349,6 +364,16 @@ vmware_dvs_insecure: "True" vmware_dvs_dvs_name: "VDS-1" vmware_dvs_dhcp_override_mac: "" +#################### +# Infoblox IPAM +#################### +infoblox_cloud_data_center_id: "1" +infoblox_grid_master_host: "192.168.1.1" +infoblox_grid_master_name: "infoblox.localdomain" +infoblox_admin_user_name: "admin" +infoblox_wapi_version: "2.3" +infoblox_wapi_max_results: "-50000" + ###################### # Notification Drivers ###################### diff --git a/ansible/roles/neutron/handlers/main.yml b/ansible/roles/neutron/handlers/main.yml index 74c39cfbaa..70eb837155 100644 --- a/ansible/roles/neutron/handlers/main.yml +++ b/ansible/roles/neutron/handlers/main.yml @@ -325,3 +325,26 @@ or neutron_bgp_dragent_ini | changed or policy_json | changed or neutron_bgp_dragent_container | changed + +- name: Restart neutron-infoblox-ipam-agent container + vars: + service_name: "neutron-infoblox-ipam-agent" + service: "{{ neutron_services[service_name] }}" + config_json: "{{ neutron_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" + neutron_conf: "{{ neutron_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" + neutron_ml2_conf: "{{ neutron_ml2_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" + neutron_infoblox_ipam_agent_container: "{{ check_neutron_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" + kolla_docker: + action: "recreate_or_restart_container" + common_options: "{{ docker_common_options }}" + name: "{{ service.container_name }}" + image: "{{ service.image }}" + volumes: "{{ service.volumes }}" + privileged: "{{ service.privileged | default(False) }}" + when: + - action != "config" + - service.enabled | bool + - service.host_in_groups | bool + - config_json | changed + or neutron_conf | changed + or neutron_ml2_conf | changed diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml index dcda18180c..5da61f539b 100644 --- a/ansible/roles/neutron/tasks/config.yml +++ b/ansible/roles/neutron/tasks/config.yml @@ -62,6 +62,7 @@ - "neutron-lbaas-agent" - "neutron-vpnaas-agent" - "neutron-bgp-dragent" + - "neutron-infoblox-ipam-agent" - "neutron-sriov-agent" merge_configs: sources: @@ -132,6 +133,7 @@ services_need_ml2_conf_ini: - "neutron-linuxbridge-agent" - "neutron-openvswitch-agent" + - "neutron-infoblox-ipam-agent" - "neutron-server" merge_configs: sources: diff --git a/ansible/roles/neutron/templates/neutron-infoblox-ipam-agent.json.j2 b/ansible/roles/neutron/templates/neutron-infoblox-ipam-agent.json.j2 new file mode 100644 index 0000000000..24ef182f8c --- /dev/null +++ b/ansible/roles/neutron/templates/neutron-infoblox-ipam-agent.json.j2 @@ -0,0 +1,29 @@ +{ + "command": "infoblox-ipam-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini", + "config_files": [ + { + "source": "{{ container_config_directory }}/neutron.conf", + "dest": "/etc/neutron/neutron.conf", + "owner": "neutron", + "perm": "0600" + }, + { + "source": "{{ container_config_directory }}/ml2_conf.ini", + "dest": "/etc/neutron/plugins/ml2/ml2_conf.ini", + "owner": "neutron", + "perm": "0600" + } + ], + "permissions": [ + { + "path": "/var/log/kolla/neutron", + "owner": "neutron:neutron", + "recurse": true + }, + { + "path": "/var/lib/neutron/kolla", + "owner": "neutron:neutron", + "recurse": true + } + ] +} diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index 3e1a62f10f..ea4003aea5 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -68,6 +68,8 @@ nsx_extension_drivers = vmware_dvs_dns {% endif %} {% endif %} +ipam_driver = {{ neutron_ipam_driver }} + [nova] auth_url = {{ keystone_admin_url }} auth_type = password @@ -173,3 +175,23 @@ os_interface = internal [privsep] helper_command=sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper + +{% if enable_neutron_infoblox_ipam_agent | bool %} +[infoblox] +keystone_admin_project_domain_id = {{ default_project_domain_id }} +keystone_admin_user_domain_id = {{ default_user_domain_id }} +keystone_admin_project_name = service +keystone_admin_username = {{ neutron_keystone_user }} +keystone_admin_password = {{ neutron_keystone_password }} +keystone_auth_uri = {{ keystone_internal_url }} +keystone_auth_version = v3 +cloud_data_center_id = {{ infoblox_cloud_data_center_id }} + +[infoblox-dc:{{ infoblox_cloud_data_center_id }}] +grid_master_host = {{ infoblox_grid_master_host }} +grid_master_name = {{ infoblox_grid_master_name }} +admin_user_name = {{ infoblox_admin_user_name }} +admin_password = {{ infoblox_admin_password }} +wapi_version = {{ infoblox_wapi_version }} +wapi_max_results = {{ infoblox_wapi_max_results }} +{% endif %} diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml index 0e108f51cd..3bbe452ab2 100644 --- a/ansible/roles/nova/defaults/main.yml +++ b/ansible/roles/nova/defaults/main.yml @@ -249,7 +249,7 @@ nova_ssh_port: "8022" #################### nova_notification_topics: - name: notifications - enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool }}" + enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool or enable_neutron_infoblox_ipam_agent | bool }}" - name: notifications_designate enabled: "{{ enable_designate | bool }}" diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index 8f62b20c7c..f16ff726a5 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -272,7 +272,7 @@ region_name = {{ openstack_region_name }} os_interface = internal [notifications] -{% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool %} +{% if enable_ceilometer | bool or enable_searchlight | bool or enable_designate | bool or enable_neutron_infoblox_ipam_agent | bool %} notify_on_state_change = vm_and_task_state {% endif %} diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index 05116ebca7..5df29eebfd 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -102,6 +102,9 @@ kolla_internal_vip_address: "10.10.10.254" # Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_dvs, opendaylight ] #neutron_plugin_agent: "openvswitch" +# Valid options are [ internal, infoblox ] +#neutron_ipam_driver: "internal" + #################### # keepalived options diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml index 4f63a244c9..2508f4aff1 100644 --- a/etc/kolla/passwords.yml +++ b/etc/kolla/passwords.yml @@ -45,6 +45,11 @@ hnas_nfs_password: ###################### zfssa_iscsi_password: +####################### +# Infoblox IPAM support +####################### +infoblox_admin_password: + #################### # OpenStack options #################### diff --git a/releasenotes/notes/add-neutron-ipam-driver-infoblox-3621f44bb0017e91.yaml b/releasenotes/notes/add-neutron-ipam-driver-infoblox-3621f44bb0017e91.yaml new file mode 100644 index 0000000000..73337d9252 --- /dev/null +++ b/releasenotes/notes/add-neutron-ipam-driver-infoblox-3621f44bb0017e91.yaml @@ -0,0 +1,8 @@ +--- +features: + - | + Add support for the configuration of Infoblox as a pluggable + IPAM driver in neutron. Configure by selecting 'infoblox' as + the 'neutron_ipam_driver'. In addition to handling IP address + management within neutron, an agent will be started to + automatically manage DNS entries within the Infoblox appliance. diff --git a/tests/templates/inventory.j2 b/tests/templates/inventory.j2 index c2d1d4b2eb..806705f5a1 100644 --- a/tests/templates/inventory.j2 +++ b/tests/templates/inventory.j2 @@ -297,6 +297,9 @@ neutron [neutron-bgp-dragent:children] neutron +[neutron-infoblox-ipam-agent:children] +neutron + # Ceph [ceph-mds:children] ceph