diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml index f7e37a1899..432eaee34c 100644 --- a/ansible/roles/neutron/defaults/main.yml +++ b/ansible/roles/neutron/defaults/main.yml @@ -37,6 +37,11 @@ docker_neutron_openvswitch_agent_image: "{{ docker_neutron_registry }}{{ docker_ docker_neutron_openvswitch_agent_tag: "{{ openstack_release }}" docker_neutron_openvswitch_agent_image_full: "{{ docker_neutron_openvswitch_agent_image }}:{{ docker_neutron_openvswitch_agent_tag }}" +kolla_neutron_linuxbridge_agent_container_name: "neutron-linuxbridge-agent" +docker_neutron_linuxbridge_agent_image: "{{ docker_neutron_registry }}{{ docker_neutron_namespace }}/{{ kolla_neutron_base_distro }}-{{ kolla_neutron_install_type }}-{{ kolla_neutron_linuxbridge_agent_container_name }}" +docker_neutron_linuxbridge_agent_tag: "{{ openstack_release }}" +docker_neutron_linuxbridge_agent_image_full: "{{ docker_neutron_linuxbridge_agent_image }}:{{ docker_neutron_linuxbridge_agent_tag }}" + kolla_openvswitch_db_container_name: "ovs-db-server" docker_openvswitch_db_image: "{{ docker_neutron_registry }}{{ docker_neutron_namespace }}/{{ kolla_neutron_base_distro }}-{{ kolla_neutron_install_type }}-{{ kolla_openvswitch_db_container_name }}" docker_openvswitch_db_tag: "{{ openstack_release }}" diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml index eb012420e2..f620ee0185 100644 --- a/ansible/roles/neutron/tasks/config.yml +++ b/ansible/roles/neutron/tasks/config.yml @@ -63,6 +63,12 @@ config_dest: "{{ node_config_directory }}/{{ service_name }}/dhcp_agent.ini" when: inventory_hostname in groups['neutron-agents'] +- name: Copying over config(s) + template: + src: "dnsmasq.conf.j2" + dest: "{{ node_config_directory }}/neutron-agents/dnsmasq.conf" + when: inventory_hostname in groups['neutron-agents'] + - include: ../../config.yml vars: service_name: "neutron-agents" @@ -101,7 +107,7 @@ - include: ../../config.yml vars: - service_name: "neutron-openvswitch-agent" + service_name: "neutron-{{ neutron_plugin_agent }}-agent" config_source: - "roles/{{ project_name }}/templates/neutron.conf.j2" - "/etc/kolla/config/global.conf" @@ -117,12 +123,11 @@ - "{{ node_templates_directory }}/{{ service_name }}/{{ project_name }}.conf_augment" - "{{ node_templates_directory }}/{{ service_name }}/{{ service_name }}.conf_augment" config_dest: "{{ node_config_directory }}/{{ service_name }}/neutron.conf" - when: inventory_hostname in groups['neutron-agents'] or - inventory_hostname in groups['compute'] + when: (inventory_hostname in groups['compute'] or inventory_hostname in groups['neutron-agents']) - include: ../../config.yml vars: - service_name: "neutron-openvswitch-agent" + service_name: "neutron-{{ neutron_plugin_agent }}-agent" config_source: - "roles/{{ project_name }}/templates/ml2_conf.ini.j2" - "/etc/kolla/config/{{ project_name }}/ml2_conf.ini" @@ -130,5 +135,4 @@ - "{{ node_templates_directory }}/{{ service_name }}/ml2_conf.ini_minimal" - "{{ node_templates_directory }}/{{ service_name }}/ml2_conf.ini_augment" config_dest: "{{ node_config_directory }}/{{ service_name }}/ml2_conf.ini" - when: inventory_hostname in groups['neutron-agents'] or - inventory_hostname in groups['compute'] + when: (inventory_hostname in groups['compute'] or inventory_hostname in groups['neutron-agents']) diff --git a/ansible/roles/neutron/tasks/start.yml b/ansible/roles/neutron/tasks/start.yml index 3bb45f73d6..dd85eea2d6 100644 --- a/ansible/roles/neutron/tasks/start.yml +++ b/ansible/roles/neutron/tasks/start.yml @@ -7,8 +7,8 @@ container_name: "openvswitch_db" container_volumes: - "/run:/run" - when: inventory_hostname in groups['compute'] or - inventory_hostname in groups['neutron-agents'] + when: (inventory_hostname in groups['compute'] or inventory_hostname in groups['neutron-agents']) + and neutron_plugin_agent == "openvswitch" - include: ../../start.yml vars: @@ -20,13 +20,25 @@ container_volumes: - "/run:/run" - "/lib/modules:/lib/modules:ro" - when: inventory_hostname in groups['compute'] or - inventory_hostname in groups['neutron-agents'] + when: (inventory_hostname in groups['compute'] or inventory_hostname in groups['neutron-agents']) + and neutron_plugin_agent == "openvswitch" - name: Ensuring OVS bridge is properly setup - command: docker exec openvswitch_vswitchd /opt/kolla/ovs_ensure_configured.sh {{ neutron_bridge_name }} {{ neutron_interface }} + command: docker exec openvswitch_vswitchd /opt/kolla/ovs_ensure_configured.sh {{ neutron_bridge_name }} {{ neutron_external_interface }} register: status changed_when: status.stdout.find('changed') != -1 + when: (inventory_hostname in groups['compute'] or inventory_hostname in groups['neutron-agents']) + and neutron_plugin_agent == "openvswitch" + +- include: ../../start.yml + vars: + container_environment: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + container_image: "{{ docker_neutron_server_image_full }}" + container_name: "neutron_server" + container_volumes: + - "{{ node_config_directory }}/neutron-server/:/opt/kolla/neutron-server/:ro" + when: inventory_hostname in groups['neutron-server'] - include: ../../start.yml vars: @@ -39,8 +51,24 @@ - "/run:/run" - "/lib/modules:/lib/modules:ro" - "{{ node_config_directory }}/neutron-openvswitch-agent/:/opt/kolla/neutron-openvswitch-agent/:ro" - when: inventory_hostname in groups['compute'] or - inventory_hostname in groups['neutron-agents'] + when: (inventory_hostname in groups['compute'] or inventory_hostname in groups['neutron-agents']) + and neutron_plugin_agent == "openvswitch" + +- include: ../../start.yml + vars: + container_environment: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + NEUTRON_BRIDGE: "br-ex" + NEUTRON_INTERFACE: "{{ neutron_external_interface }}" + container_image: "{{ docker_neutron_linuxbridge_agent_image_full }}" + container_name: "neutron_linuxbridge_agent" + container_privileged: "True" + container_volumes: + - "/run:/run" + - "/lib/modules:/lib/modules:ro" + - "{{ node_config_directory }}/neutron-linuxbridge-agent/:/opt/kolla/neutron-linuxbridge-agent/:ro" + when: (inventory_hostname in groups['compute'] or inventory_hostname in groups['neutron-agents']) + and neutron_plugin_agent == "linuxbridge" - include: ../../start.yml vars: @@ -54,12 +82,3 @@ - "{{ node_config_directory }}/neutron-agents/:/opt/kolla/neutron-agents/:ro" when: inventory_hostname in groups['neutron-agents'] -- include: ../../start.yml - vars: - container_environment: - KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" - container_image: "{{ docker_neutron_server_image_full }}" - container_name: "neutron_server" - container_volumes: - - "{{ node_config_directory }}/neutron-server/:/opt/kolla/neutron-server/:ro" - when: inventory_hostname in groups['neutron-server'] diff --git a/ansible/roles/neutron/templates/dhcp_agent.ini.j2 b/ansible/roles/neutron/templates/dhcp_agent.ini.j2 index e9564fca38..8332c5ca5c 100644 --- a/ansible/roles/neutron/templates/dhcp_agent.ini.j2 +++ b/ansible/roles/neutron/templates/dhcp_agent.ini.j2 @@ -1,4 +1,4 @@ +# dhcp_agent.ini [DEFAULT] -# DHCP Agent -#dnsmasq_config_file = /etc/neutron/dnsmasq.conf +dnsmasq_config_file = /etc/neutron/dnsmasq.conf dhcp_delete_namespaces = true diff --git a/ansible/roles/neutron/templates/dnsmasq.conf.j2 b/ansible/roles/neutron/templates/dnsmasq.conf.j2 new file mode 100644 index 0000000000..7cd131994c --- /dev/null +++ b/ansible/roles/neutron/templates/dnsmasq.conf.j2 @@ -0,0 +1,2 @@ +dhcp-option-force=26,1450 +log-facility=/var/log/neutron/dnsmasq.log diff --git a/ansible/roles/neutron/templates/l3_agent.ini.j2 b/ansible/roles/neutron/templates/l3_agent.ini.j2 index 0df28ab486..9d2fcdf748 100644 --- a/ansible/roles/neutron/templates/l3_agent.ini.j2 +++ b/ansible/roles/neutron/templates/l3_agent.ini.j2 @@ -1,8 +1,6 @@ +# l3_agent.ini [DEFAULT] -# L3 Agent router_delete_namespaces = true -#router_distributed = true enable_metadata_proxy = true agent_mode = legacy -external_network_bridge = br-ex -#ha_vrrp_auth_password = c0b4e8f922a7b03d1def93b516da81d8103c83c2 +external_network_bridge = diff --git a/ansible/roles/neutron/templates/metadata_agent.ini.j2 b/ansible/roles/neutron/templates/metadata_agent.ini.j2 index 39ee0e4bc9..f5302889ac 100644 --- a/ansible/roles/neutron/templates/metadata_agent.ini.j2 +++ b/ansible/roles/neutron/templates/metadata_agent.ini.j2 @@ -1,3 +1,4 @@ +# metadata_agent.ini [DEFAULT] nova_metadata_ip = {{ kolla_internal_address }} metadata_proxy_shared_secret = {{ metadata_secret }} diff --git a/ansible/roles/neutron/templates/ml2_conf.ini.j2 b/ansible/roles/neutron/templates/ml2_conf.ini.j2 index fde37c1591..3bc515741e 100644 --- a/ansible/roles/neutron/templates/ml2_conf.ini.j2 +++ b/ansible/roles/neutron/templates/ml2_conf.ini.j2 @@ -1,10 +1,14 @@ -# TODO(SamYaple): Make entire file more configurable configurable - +# ml2_conf.ini [ml2] # Changing type_drivers after bootstrap can lead to database inconsistencies type_drivers = flat,vlan,vxlan tenant_network_types = vxlan + +{% if neutron_plugin_agent == "openvswitch" %} mechanism_drivers = openvswitch,l2population +{% elif neutron_plugin_agent == "linuxbridge" %} +mechanism_drivers = linuxbridge,l2population +{% endif %} [ml2_type_vlan] #network_vlan_ranges = external:1000:1999 @@ -20,7 +24,11 @@ vni_ranges = 1:1000 vxlan_group = 239.1.1.1 [securitygroup] +{% if neutron_plugin_agent == "openvswitch" %} firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver +{% elif neutron_plugin_agent == "linuxbridge" %} +firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver +{% endif %} enable_ipset = true enable_security_group = true @@ -28,8 +36,15 @@ enable_security_group = true tunnel_types = vxlan l2_population = true arp_responder = true -#enable_distributed_routing = true +{% if neutron_plugin_agent == "openvswitch" %} [ovs] -local_ip = {{ hostvars[inventory_hostname]['ansible_' + tunnel_interface]['ipv4']['address'] }} bridge_mappings = physnet1:{{ neutron_bridge_name }} +{% elif neutron_plugin_agent == "linuxbridge" %} +[linux_bridge] +physical_interface_mappings = physnet1:{{ neutron_external_interface }} + +[vxlan] +l2_population = true +{% endif %} +local_ip = {{ hostvars[inventory_hostname]['ansible_' + tunnel_interface]['ipv4']['address'] }} diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index 7d0313d1f2..d5616cd3f8 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -1,3 +1,4 @@ +# neutron.conf [DEFAULT] verbose = true debug = true @@ -9,7 +10,11 @@ api_paste_config = /usr/share/neutron/api-paste.ini notification_driver = neutron.openstack.common.notifier.rpc_notifier +{% if neutron_plugin_agent == "openvswitch" %} interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver +{% elif neutron_plugin_agent == "linuxbridge" %} +interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver +{% endif %} allow_overlapping_ips = true core_plugin = ml2 diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2 index 6c62eacd83..7d3f1569ea 100644 --- a/ansible/roles/nova/templates/nova.conf.j2 +++ b/ansible/roles/nova/templates/nova.conf.j2 @@ -15,7 +15,12 @@ virt_type = kvm security_group_api = neutron network_api_class = nova.network.neutronv2.api.API firewall_driver = nova.virt.firewall.NoopFirewallDriver + +{% if neutron_plugin_agent == "openvswitch" %} linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver +{% elif neutron_plugin_agent == "linuxbridge" %} +linuxnet_interface_driver = nova.network.linux_net.BridgeInterfaceDriver +{% endif %} compute_driver = libvirt.LibvirtDriver allow_resize_to_same_host = true @@ -67,5 +72,5 @@ username = nova password = {{ nova_keystone_password }} [libvirt] -connection_type = libivrt +connection_type = libvirt inject_partition = -2 diff --git a/docker/common/neutron/neutron-linuxbridge-agent/config-external.sh b/docker/common/neutron/neutron-linuxbridge-agent/config-external.sh index 4e0411a9fa..c44d71d84d 100755 --- a/docker/common/neutron/neutron-linuxbridge-agent/config-external.sh +++ b/docker/common/neutron/neutron-linuxbridge-agent/config-external.sh @@ -8,3 +8,13 @@ if [[ -f "$SOURCE" ]]; then chown ${OWNER}: $TARGET chmod 0644 $TARGET fi + +SOURCE="/opt/kolla/neutron-linuxbridge-agent/ml2_conf.ini" +TARGET="/etc/neutron/plugins/ml2/ml2_conf.ini" +OWNER="neutron" + +if [[ -f "$SOURCE" ]]; then + cp $SOURCE $TARGET + chown ${OWNER}: $TARGET + chmod 0644 $TARGET +fi diff --git a/docker/common/neutron/neutron-linuxbridge-agent/start.sh b/docker/common/neutron/neutron-linuxbridge-agent/start.sh index c16b979741..aea4aea890 100755 --- a/docker/common/neutron/neutron-linuxbridge-agent/start.sh +++ b/docker/common/neutron/neutron-linuxbridge-agent/start.sh @@ -2,7 +2,7 @@ set -o errexit CMD="/usr/bin/neutron-linuxbridge-agent" -ARGS="--config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-dir /etc/neutron" +ARGS="--config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini" # Loading common functions. source /opt/kolla/kolla-common.sh diff --git a/docker/common/neutron/neutron-openvswitch-agent/start.sh b/docker/common/neutron/neutron-openvswitch-agent/start.sh index 0c404eafc4..601fcaf879 100755 --- a/docker/common/neutron/neutron-openvswitch-agent/start.sh +++ b/docker/common/neutron/neutron-openvswitch-agent/start.sh @@ -11,7 +11,4 @@ source /opt/kolla/config-sudoers.sh # Config-internal script exec out of this function, it does not return here. set_configs -# Set !requiretty -source /opt/kolla/config-sudoers.sh - exec $CMD $ARGS diff --git a/etc/kolla/config/neutron/neutron-linuxbridge-agent.conf b/etc/kolla/config/neutron/neutron-linuxbridge-agent.conf new file mode 100644 index 0000000000..e69de29bb2 diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index a48580e5df..a213f262d7 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -54,13 +54,17 @@ docker_restart_policy_retry: "10" #################### # The interface to use for various services types network_interface: "eth0" -neutron_interface: "eth1" +neutron_external_interface: "eth1" # These can be adjusted for even more customization api_interface: "{{ network_interface }}" storage_interface: "{{ network_interface }}" tunnel_interface: "{{ network_interface }}" +# Valid options are [ openvswitch, linuxbridge ] +neutron_plugin_agent: "openvswitch" + + #################### # Openstack options ####################