From ec88d2aabf53bd21cf111b05824c4cf7c54c66ab Mon Sep 17 00:00:00 2001 From: Roman Dobosz Date: Fri, 13 Mar 2020 14:00:49 +0100 Subject: [PATCH] Fix IPv6 enabled devstack and namespace subnet plugin. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In case of setting subnet driver to 'namespace', and making use of IPv6 in kuryr devstackā€š we experienced a clash with devstack route, since we used to use shared subnet pool crated by devstack. To avoid such clash, for IPv6 we simply create our own IPv6 shared subnet pool, and subnets within it. Change-Id: Iad40167d28078b2d6811d3afed58b8da4b41cd42 --- devstack/lib/kuryr_kubernetes | 2 +- devstack/plugin.sh | 32 ++++++++++++++++++++++++++------ devstack/settings | 1 + 3 files changed, 28 insertions(+), 7 deletions(-) diff --git a/devstack/lib/kuryr_kubernetes b/devstack/lib/kuryr_kubernetes index 70ecd6f59..600e8a0bb 100644 --- a/devstack/lib/kuryr_kubernetes +++ b/devstack/lib/kuryr_kubernetes @@ -76,7 +76,7 @@ function ovs_bind_for_kubelet() { if [ "$KURYR_IPV6" == "False" ]; then subnetpool_id=${KURYR_NEUTRON_DEFAULT_SUBNETPOOL_ID:-${SUBNETPOOL_V4_ID}} else - subnetpool_id=${KURYR_NEUTRON_DEFAULT_SUBNETPOOL_ID:-${SUBNETPOOL_V6_ID}} + subnetpool_id=${KURYR_NEUTRON_DEFAULT_SUBNETPOOL_ID:-${SUBNETPOOL_KURYR_V6_ID}} fi cidrs=$(openstack subnet pool show "${subnetpool_id}" -c prefixes -f value) subnetpool_cidr=$(python3 -c "print(${cidrs}[0])") diff --git a/devstack/plugin.sh b/devstack/plugin.sh index 135b99c70..84a9d831e 100644 --- a/devstack/plugin.sh +++ b/devstack/plugin.sh @@ -274,8 +274,8 @@ function configure_neutron_defaults { local router local router_id local ext_svc_net_id - local ext_svc_subnet_id - local prot + local addrs_prefix + local subnetpool_name project_id=$(get_or_create_project \ "$KURYR_NEUTRON_DEFAULT_PROJECT" default) @@ -286,11 +286,31 @@ function configure_neutron_defaults { # Neutron module KURYR_IPV6=$(trueorfalse False KURYR_IPV6) if [ "$KURYR_IPV6" == "False" ]; then - export KURYR_ETHERTYPE=IPv4 - subnetpool_id=${KURYR_NEUTRON_DEFAULT_SUBNETPOOL_ID:-${SUBNETPOOL_V4_ID}} + export KURYR_ETHERTYPE=IPv4 + subnetpool_id=${KURYR_NEUTRON_DEFAULT_SUBNETPOOL_ID:-${SUBNETPOOL_V4_ID}} else - export KURYR_ETHERTYPE=IPv6 - subnetpool_id=${KURYR_NEUTRON_DEFAULT_SUBNETPOOL_ID:-${SUBNETPOOL_V6_ID}} + export KURYR_ETHERTYPE=IPv6 + # NOTE(gryf): To not clash with subnets created by DevStack for IPv6, + # we create another subnetpool just for kuryr subnets. + # SUBNETPOOL_KURYR_V6_ID will be used in function configure_kuryr in + # case of namespace kuryr subnet driver. + # This is not required for IPv4, because DevStack is only adding a + # conflicting route for IPv6. On DevStack this route is opening public + # IPv6 network to be accessible from host, which doesn't have place in + # IPv4 net, because floating IPs are used instead. + IPV6_ID=$(uuidgen | sed s/-//g | cut -c 23- | \ + sed -e "s/\(..\)\(....\)\(....\)/\1:\2:\3/") + addrs_prefix="fd${IPV6_ID}::/56" + subnetpool_name=${SUBNETPOOL_KURYR_NAME_V6} + SUBNETPOOL_KURYR_V6_ID=$(openstack \ + --os-cloud devstack-admin \ + --os-region "${REGION_NAME}" \ + subnet pool create "${subnetpool_name}" \ + --default-prefix-length "${SUBNETPOOL_SIZE_V6}" \ + --pool-prefix "${addrs_prefix}" \ + --share -f value -c id) + export SUBNETPOOL_KURYR_V6_ID + subnetpool_id=${KURYR_NEUTRON_DEFAULT_SUBNETPOOL_ID:-${SUBNETPOOL_KURYR_V6_ID}} fi router=${KURYR_NEUTRON_DEFAULT_ROUTER:-$Q_ROUTER_NAME} diff --git a/devstack/settings b/devstack/settings index 7f88946e2..edd61626f 100644 --- a/devstack/settings +++ b/devstack/settings @@ -104,3 +104,4 @@ KURYR_CONTAINERS_USE_LOWER_CONSTRAINTS=${KURYR_CONTAINERS_USE_LOWER_CONSTRAINTS: KURYR_OVERCLOUD_VM_PORT=${KURYR_OVERCLOUD_VM_PORT:-port0} KURYR_IPV6=${KURYR_IPV6:-False} +SUBNETPOOL_KURYR_NAME_V6=${SUBNETPOOL_KURYR_NAME_V6:-"shared-kuryr-subnetpool-v6"}