[WIP] Support IPv6 dual subnet

Change-Id: I1a76645e94cb3c612591a0ed349a1aa4649fadeb
2021-07-26 08:14:42 +00:00 · 2021-07-26 08:14:42 +00:00 · c6de6eaf86
parent d8cc88284b
commit c6de6eaf86
5 changed files with 67 additions and 0 deletions
--- a/magnum/drivers/common/templates/fragments/network_switcher_existing.yaml
+++ b/magnum/drivers/common/templates/fragments/network_switcher_existing.yaml
@ -18,6 +18,14 @@ parameters:
    type: string
    default: ""

+  private_ipv6_subnet:
+    type: string
+    default: ""
+
+  existing_ipv6_subnet:
+    type: string
+    default: ""
+
 outputs:

  network:
@ -25,3 +33,6 @@ outputs:

  subnet:
    value: {get_param: existing_subnet}
+
+  ipv6_subnet:
+    value: {get_param: existing_ipv6_subnet}
--- a/magnum/drivers/common/templates/fragments/network_switcher_private.yaml
+++ b/magnum/drivers/common/templates/fragments/network_switcher_private.yaml
@ -18,6 +18,14 @@ parameters:
    type: string
    default: ""

+  private_ipv6_subnet:
+    type: string
+    default: ""
+
+  existing_ipv6_subnet:
+    type: string
+    default: ""
+
 outputs:

  network:
@ -25,3 +33,6 @@ outputs:

  subnet:
    value: {get_param: private_subnet}
+
+  ipv6_subnet:
+    value: {get_param: private_ipv6_subnet}
--- a/magnum/drivers/common/templates/network.yaml
+++ b/magnum/drivers/common/templates/network.yaml
@ -13,10 +13,18 @@ parameters:
    type: string
    default: ""

+  existing_ipv6_subnet:
+    type: string
+    default: ""
+
  private_network_cidr:
    type: string
    description: network range for fixed ip network

+  private_ipv6_network_cidr:
+    type: string
+    description: network range for fixed ip network
+
  private_network_name:
    type: string
    description: fixed network name
@ -43,6 +51,13 @@ resources:
      network: {get_resource: private_network}
      dns_nameservers: {get_param: dns_nameserver}

+  private_ipv6_subnet:
+    type: Magnum::Optional::Neutron::Subnet
+    properties:
+      ip_version: 6
+      cidr: {get_param: private_ipv6_network_cidr}
+      network: {get_resource: private_network}
+
  extrouter:
    type: Magnum::Optional::Neutron::Router
    properties:
@ -60,8 +75,10 @@ resources:
    properties:
      private_network: {get_resource: private_network}
      private_subnet: {get_resource: private_subnet}
+      private_ipv6_subnet: {get_resource: private_ipv6_subnet}
      existing_network: {get_param: existing_network}
      existing_subnet: {get_param: existing_subnet}
+      existing_ipv6_subnet: {get_param: existing_ipv6_subnet}

 outputs:
    fixed_network:
@ -72,3 +89,7 @@ outputs:
      description: >
        Subnet ID where to provision machines
      value: {get_attr: [network_switch, subnet]}
+    fixed_ipv6_subnet:
+      description: >
+        Subnet ID where to provision machines
+      value: {get_attr: [network_switch, ipv6_subnet]}
--- a/magnum/drivers/heat/k8s_fedora_template_def.py
+++ b/magnum/drivers/heat/k8s_fedora_template_def.py
@ -96,6 +96,7 @@ class K8sFedoraTemplateDefinition(k8s_template_def.K8sTemplateDefinition):
                      'heat_container_agent_tag',
                      'keystone_auth_enabled', 'k8s_keystone_auth_tag',
                      'heapster_enabled',
+                      'fixed_ipv6_subnet',
                      'metrics_server_enabled',
                      'metrics_server_chart_tag',
                      'monitoring_enabled',
--- a/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml
+++ b/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml
@ -93,6 +93,11 @@ parameters:
    description: uuid/name of an existing subnet to use to provision machines
    default: ""

+  fixed_ipv6_subnet:
+    type: string
+    description: uuid/name of an existing subnet to use to provision machines
+    default: ""
+
  master_image:
    type: string
    description: glance image used to boot the server
@ -175,6 +180,11 @@ parameters:
    description: network range for fixed ip network
    default: 10.0.0.0/24

+  fixed_ipv6_subnet_cidr:
+    type: string
+    description: network range for fixed ip network
+    default: fd5e:d3bb:de2e::/64
+
  portal_network_cidr:
    type: string
    description: >
@ -1004,6 +1014,7 @@ resources:
      existing_network: {get_param: fixed_network}
      existing_subnet: {get_param: fixed_subnet}
      private_network_cidr: {get_param: fixed_subnet_cidr}
+      private_ipv6_network_cidr: {get_param: fixed_ipv6_subnet_cidr}
      dns_nameserver: {get_param: dns_nameserver}
      external_network: {get_param: external_network}
      private_network_name: {get_param: fixed_network_name}
@ -1038,6 +1049,12 @@ resources:
    type: OS::Neutron::SecurityGroup
    properties:
      rules:
+        - protocol: ipv6-icmp
+          ethertype: IPv6
+        - protocol: tcp
+          port_range_min: 22
+          port_range_max: 22
+          ethertype: IPv6
        - protocol: icmp
        - protocol: tcp
          port_range_min: 22
@ -1084,6 +1101,12 @@ resources:
    type: OS::Neutron::SecurityGroup
    properties:
      rules:
+        - protocol: ipv6-icmp
+          ethertype: IPv6
+        - protocol: tcp
+          port_range_min: 22
+          port_range_max: 22
+          ethertype: IPv6
        - protocol: icmp
        # Default port range for external service ports.
        # In future, if the option `manage-security-groups` for ccm works