openstack/kolla-ansible
Code Issues Proposed changes

Neutron: add support to use legacy iptables

Browse Source 
neutron_legacy_iptables option sets the KOLLA_LEGACY_IPTABLES
environment variable in the neutron-l3-agent, neutron-linuxbridge-agent
and neutron_openvswich_agent container where it should be consumed
by kolla_extended_start script resulting in setting iptables-legacy.

Depends-On: https://review.opendev.org/#/c/683679/
Change-Id: Iaa8b46a2227b61a729b8d54bbe4b20f389f251d1
This commit is contained in:
Jan Vondra 2019-10-01 15:11:16 +02:00 committed by Radosław Piliszek
parent f2042a878e
commit e54edb55e4
3 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ansible/group_vars/all.yml
View File

@ -910,6 +910,9 @@ computes_need_external_bridge: "{{ enable_neutron_dvr | bool and neutron_compute
# Default DNS resolvers for virtual networks # Default DNS resolvers for virtual networks
neutron_dnsmasq_dns_servers: "1.1.1.1,8.8.8.8,8.8.4.4" neutron_dnsmasq_dns_servers: "1.1.1.1,8.8.8.8,8.8.4.4"
# Set legacy iptables to allow kernels not supporting iptables-nft
neutron_legacy_iptables: "no"
####################### #######################
# Nova options # Nova options
####################### #######################

5
ansible/roles/neutron/defaults/main.yml
View File

@ -30,6 +30,8 @@ neutron_services:
image: "{{ neutron_openvswitch_agent_image_full }}" image: "{{ neutron_openvswitch_agent_image_full }}"
enabled: "{{ neutron_plugin_agent == 'openvswitch' and not enable_onos | bool }}" enabled: "{{ neutron_plugin_agent == 'openvswitch' and not enable_onos | bool }}"
privileged: True privileged: True
environment:
KOLLA_LEGACY_IPTABLES: "{{ neutron_legacy_iptables | bool | lower }}"
host_in_groups: >- host_in_groups: >-
{{ {{
( (inventory_hostname in groups['compute'] and nova_compute_virt_type != 'xenapi') ( (inventory_hostname in groups['compute'] and nova_compute_virt_type != 'xenapi')
@ -67,6 +69,7 @@ neutron_services:
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
NEUTRON_BRIDGE: "br-ex" NEUTRON_BRIDGE: "br-ex"
NEUTRON_INTERFACE: "{{ neutron_external_interface }}" NEUTRON_INTERFACE: "{{ neutron_external_interface }}"
KOLLA_LEGACY_IPTABLES: "{{ neutron_legacy_iptables | bool | lower }}"
host_in_groups: >- host_in_groups: >-
{{ {{
inventory_hostname in groups['compute'] inventory_hostname in groups['compute']
@ -91,6 +94,8 @@ neutron_services:
image: "{{ neutron_l3_agent_image_full }}" image: "{{ neutron_l3_agent_image_full }}"
privileged: True privileged: True
enabled: "{{ neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] and not enable_opendaylight_l3 | bool and not enable_onos | bool }}" enabled: "{{ neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] and not enable_opendaylight_l3 | bool and not enable_onos | bool }}"
environment:
KOLLA_LEGACY_IPTABLES: "{{ neutron_legacy_iptables | bool | lower }}"
host_in_groups: >- host_in_groups: >-
{{ {{
inventory_hostname in groups['neutron-l3-agent'] inventory_hostname in groups['neutron-l3-agent']

2
ansible/roles/neutron/handlers/main.yml
View File

@ -25,6 +25,7 @@
common_options: "{{ docker_common_options }}" common_options: "{{ docker_common_options }}"
name: "{{ service.container_name }}" name: "{{ service.container_name }}"
image: "{{ service.image }}" image: "{{ service.image }}"
environment: "{{ service.environment }}"
volumes: "{{ service.volumes|reject('equalto', '')|list }}" volumes: "{{ service.volumes|reject('equalto', '')|list }}"
dimensions: "{{ service.dimensions }}" dimensions: "{{ service.dimensions }}"
privileged: "{{ service.privileged | default(False) }}" privileged: "{{ service.privileged | default(False) }}"
@ -107,6 +108,7 @@
common_options: "{{ docker_common_options }}" common_options: "{{ docker_common_options }}"
name: "{{ service.container_name }}" name: "{{ service.container_name }}"
image: "{{ service.image }}" image: "{{ service.image }}"
environment: "{{ service.environment }}"
volumes: "{{ service.volumes|reject('equalto', '')|list }}" volumes: "{{ service.volumes|reject('equalto', '')|list }}"
dimensions: "{{ service.dimensions }}" dimensions: "{{ service.dimensions }}"
privileged: "{{ service.privileged | default(False) }}" privileged: "{{ service.privileged | default(False) }}"