Adds Neutron Server Support

Previously Kolla did not support Neutron. This patch provides
initial Neutron support by implementing neutron-server
functionality. It also creates a neutron-base image that
provides common config and packages for all Neutron-based
services.

Partially Implements: Blueprint Kubernetes Neutron Container

Change-Id: I2399a1331992fae0f387f01e5b5c1c1d34f0637d
This commit is contained in:
Daneyon Hansen 2014-10-13 16:36:17 +00:00
parent 558dcb5f56
commit de313681f9
11 changed files with 274 additions and 0 deletions

View File

@ -0,0 +1,8 @@
FROM kollaglue/fedora-rdo-base
MAINTAINER Daneyon Hansen <danehans@cisco.com>
RUN yum -y install openstack-neutron-ml2 ; yum clean all
RUN mkdir -p /opt/kolla
COPY config-neutron.sh /opt/kolla/config-neutron.sh

View File

@ -0,0 +1 @@
../../../tools/build-docker-image

View File

@ -0,0 +1,87 @@
#!/bin/sh
set -e
. /opt/kolla/kolla-common.sh
: ${ADMIN_TENANT_NAME:=admin}
: ${NEUTRON_DB_NAME:=neutron}
: ${NEUTRON_DB_USER:=neutron}
: ${NEUTRON_KEYSTONE_USER:=neutron}
: ${KEYSTONE_AUTH_PROTOCOL:=http}
: ${RABBIT_HOST:=$RABBITMQ_SERVICE_HOST}
: ${RABBIT_USER:=guest}
: ${RABBIT_PASSWORD:=guest}
check_required_vars NEUTRON_KEYSTONE_PASSWORD
dump_vars
cat > /openrc <<EOF
export OS_AUTH_URL="http://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/v2.0"
export OS_USERNAME="${NEUTRON_KEYSTONE_USER}"
export OS_PASSWORD="${NEUTRON_KEYSTONE_PASSWORD}"
export OS_TENANT_NAME="${ADMIN_TENANT_NAME}"
EOF
# Rabbit
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
rabbit_host \
"${RABBIT_HOST}"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
rabbit_userid \
"${RABBIT_USER}"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
rabbit_password \
"${RABBIT_PASSWORD}"
# Keystone
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
auth_strategy \
"keystone"
crudini --set /etc/neutron/neutron.conf \
keystone_authtoken \
auth_protocol \
"${KEYSTONE_AUTH_PROTOCOL}"
crudini --set /etc/neutron/neutron.conf \
keystone_authtoken \
auth_host \
"${KEYSTONE_ADMIN_SERVICE_HOST}"
crudini --set /etc/neutron/neutron.conf \
keystone_authtoken \
auth_port \
"${KEYSTONE_ADMIN_SERVICE_PORT}"
crudini --set /etc/neutron/neutron.conf \
keystone_authtoken \
auth_uri \
"${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/"
crudini --set /etc/neutron/neutron.conf \
keystone_authtoken \
admin_tenant_name \
"${ADMIN_TENANT_NAME}"
crudini --set /etc/neutron/neutron.conf \
keystone_authtoken \
admin_user \
"${NEUTRON_KEYSTONE_USER}"
crudini --set /etc/neutron/neutron.conf \
keystone_authtoken \
admin_password \
"${NEUTRON_KEYSTONE_PASSWORD}"
# ML2
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
core_plugin \
"ml2"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
service_plugins \
"router"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
allow_overlapping_ips \
"True"

View File

@ -0,0 +1,17 @@
FROM kollaglue/fedora-rdo-neutron-base
MAINTAINER Daneyon Hansen <danehans@cisco.com>
#Install required packages
RUN yum install -y openstack-neutron \
python-neutronclient \
mariadb \
; yum clean all
VOLUME /var/lib/neutron
EXPOSE 9696
ADD ./start.sh /start.sh
ADD ./check.sh /check.sh
CMD ["/start.sh"]

View File

@ -0,0 +1 @@
../../../tools/build-docker-image

View File

@ -0,0 +1,17 @@
#!/bin/sh
RES=0
. /openrc
if ! keystone token-get > /dev/null; then
echo "ERROR: keystone token-get failed" >&2
RES=1
else
if ! neutron ext-list > /dev/null; then
echo "ERROR: neutron ext-list failed" >&2
RES=1
fi
fi
exit $RES

View File

@ -0,0 +1,104 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-neutron.sh
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
NEUTRON_KEYSTONE_USER NEUTRON_KEYSTONE_PASSWORD \
ADMIN_TENANT_NAME NEUTRON_SERVER_SERVICE_HOST \
PUBLIC_IP
check_for_keystone
check_for_db
mysql -h ${MARIADB_SERVICE_HOST} -u root -p${DB_ROOT_PASSWORD} mysql <<EOF
CREATE DATABASE IF NOT EXISTS ${NEUTRON_DB_NAME} DEFAULT CHARACTER SET utf8;
GRANT ALL PRIVILEGES ON ${NEUTRON_DB_NAME}.* TO
'${NEUTRON_DB_USER}'@'%' IDENTIFIED BY '${NEUTRON_DB_PASSWORD}'
EOF
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:35357/v2.0"
# Configure Keystone Service Catalog
crux user-create -n "${NEUTRON_KEYSTONE_USER}" \
-p "${NEUTRON_KEYSTONE_PASSWORD}" \
-t "${ADMIN_TENANT_NAME}" \
-r admin
crux endpoint-create -n neutron -t network \
-I "${KEYSTONE_AUTH_PROTOCOL}://${NEUTRON_SERVER_SERVICE_HOST}:9696" \
-P "${KEYSTONE_AUTH_PROTOCOL}://${PUBLIC_IP}:9696" \
-A "${KEYSTONE_AUTH_PROTOCOL}://${NEUTRON_SERVER_SERVICE_HOST}:9696"
# Database
crudini --set /etc/neutron/neutron.conf \
database \
connection \
"mysql://${NEUTRON_DB_USER}:${NEUTRON_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${NEUTRON_DB_NAME}"
# Nova
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
notify_nova_on_port_status_changes \
"True"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
notify_nova_on_port_data_changes \
"True"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
nova_url \
"http://${NOVA_API_SERVICE_HOST}:8774/v2"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
nova_admin_auth_url \
"http://${KEYSTONE_ADMIN_SERVICE_HOST}:35357/v2.0"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
nova_region_name \
"RegionOne"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
nova_admin_username \
"nova"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
nova_admin_tenant_id \
"$(keystone tenant-list | grep $ADMIN_TENANT_NAME | awk '{print $2;}')"
crudini --set /etc/neutron/neutron.conf \
DEFAULT \
nova_admin_password \
"${NOVA_ADMIN_PASSWORD}"
# Configure ml2_conf.ini
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
ml2 \
type_drivers \
"gre"
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
ml2 \
tenant_network_types \
"gre"
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
ml2 \
mechanism_drivers \
"openvswitch"
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
ml2_type_gre \
tunnel_id_ranges \
"1:1000"
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
securitygroup \
firewall_driver \
"neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver"
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
securitygroup \
enable_security_group \
"True"
/usr/bin/ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
exec /usr/bin/neutron-server

View File

@ -0,0 +1,30 @@
desiredState:
manifest:
volumes:
- name: neutron-data
source:
emptyDir: {}
containers:
env:
- name: DB_ROOT_PASSWORD
value: password
- name: NEUTRON_DB_PASSWORD
value: password
- name: NEUTRON_KEYSTONE_PASSWORD
value: password
- name: KEYSTONE_ADMIN_TOKEN
value: ADMINTOKEN
- name: NOVA_ADMIN_PASSWORD
value: kolla
image: danehans/fedora-rdo-neutron-server
name: neutron-server
ports:
- containerPort: 9696
volumeMounts:
- name: neutron-data
mountPath: /var/lib/neutron
id: neutron-controller-1
version: v1beta1
id: neutron-controller
labels:
name: neutron

View File

@ -0,0 +1,7 @@
id: neutron-server
kind: Service
apiVersion: v1beta1
port: 9696
containerPort: 9696
selector:
name: neutron-server

View File

@ -8,6 +8,7 @@ mariadb
keystone
glance
nova-controller
neutron-controller
'
for pod in $pods; do

View File

@ -13,6 +13,7 @@ nova-ec2-api
nova-libvirt
nova-metadata-api
rabbitmq
neutron-server
'
for svc in $services; do