From c6de6eaf86b7b416d3be496e006c09addcdee73a Mon Sep 17 00:00:00 2001 From: Bharat Kunwar Date: Mon, 26 Jul 2021 08:14:42 +0000 Subject: [PATCH] [WIP] Support IPv6 dual subnet Change-Id: I1a76645e94cb3c612591a0ed349a1aa4649fadeb --- .../fragments/network_switcher_existing.yaml | 11 +++++++++ .../fragments/network_switcher_private.yaml | 11 +++++++++ magnum/drivers/common/templates/network.yaml | 21 +++++++++++++++++ .../drivers/heat/k8s_fedora_template_def.py | 1 + .../templates/kubecluster.yaml | 23 +++++++++++++++++++ 5 files changed, 67 insertions(+) diff --git a/magnum/drivers/common/templates/fragments/network_switcher_existing.yaml b/magnum/drivers/common/templates/fragments/network_switcher_existing.yaml index e3f14fadb6..3962afb692 100644 --- a/magnum/drivers/common/templates/fragments/network_switcher_existing.yaml +++ b/magnum/drivers/common/templates/fragments/network_switcher_existing.yaml @@ -18,6 +18,14 @@ parameters: type: string default: "" + private_ipv6_subnet: + type: string + default: "" + + existing_ipv6_subnet: + type: string + default: "" + outputs: network: @@ -25,3 +33,6 @@ outputs: subnet: value: {get_param: existing_subnet} + + ipv6_subnet: + value: {get_param: existing_ipv6_subnet} diff --git a/magnum/drivers/common/templates/fragments/network_switcher_private.yaml b/magnum/drivers/common/templates/fragments/network_switcher_private.yaml index 107dd43d63..2fd7f03032 100644 --- a/magnum/drivers/common/templates/fragments/network_switcher_private.yaml +++ b/magnum/drivers/common/templates/fragments/network_switcher_private.yaml @@ -18,6 +18,14 @@ parameters: type: string default: "" + private_ipv6_subnet: + type: string + default: "" + + existing_ipv6_subnet: + type: string + default: "" + outputs: network: @@ -25,3 +33,6 @@ outputs: subnet: value: {get_param: private_subnet} + + ipv6_subnet: + value: {get_param: private_ipv6_subnet} diff --git a/magnum/drivers/common/templates/network.yaml b/magnum/drivers/common/templates/network.yaml index 1ec3370acb..9cbe61f020 100644 --- a/magnum/drivers/common/templates/network.yaml +++ b/magnum/drivers/common/templates/network.yaml @@ -13,10 +13,18 @@ parameters: type: string default: "" + existing_ipv6_subnet: + type: string + default: "" + private_network_cidr: type: string description: network range for fixed ip network + private_ipv6_network_cidr: + type: string + description: network range for fixed ip network + private_network_name: type: string description: fixed network name @@ -43,6 +51,13 @@ resources: network: {get_resource: private_network} dns_nameservers: {get_param: dns_nameserver} + private_ipv6_subnet: + type: Magnum::Optional::Neutron::Subnet + properties: + ip_version: 6 + cidr: {get_param: private_ipv6_network_cidr} + network: {get_resource: private_network} + extrouter: type: Magnum::Optional::Neutron::Router properties: @@ -60,8 +75,10 @@ resources: properties: private_network: {get_resource: private_network} private_subnet: {get_resource: private_subnet} + private_ipv6_subnet: {get_resource: private_ipv6_subnet} existing_network: {get_param: existing_network} existing_subnet: {get_param: existing_subnet} + existing_ipv6_subnet: {get_param: existing_ipv6_subnet} outputs: fixed_network: @@ -72,3 +89,7 @@ outputs: description: > Subnet ID where to provision machines value: {get_attr: [network_switch, subnet]} + fixed_ipv6_subnet: + description: > + Subnet ID where to provision machines + value: {get_attr: [network_switch, ipv6_subnet]} diff --git a/magnum/drivers/heat/k8s_fedora_template_def.py b/magnum/drivers/heat/k8s_fedora_template_def.py index 659069bc28..a445e5b750 100644 --- a/magnum/drivers/heat/k8s_fedora_template_def.py +++ b/magnum/drivers/heat/k8s_fedora_template_def.py @@ -96,6 +96,7 @@ class K8sFedoraTemplateDefinition(k8s_template_def.K8sTemplateDefinition): 'heat_container_agent_tag', 'keystone_auth_enabled', 'k8s_keystone_auth_tag', 'heapster_enabled', + 'fixed_ipv6_subnet', 'metrics_server_enabled', 'metrics_server_chart_tag', 'monitoring_enabled', diff --git a/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml b/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml index 4cfb1b5b4a..87f280f6c7 100644 --- a/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml +++ b/magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml @@ -93,6 +93,11 @@ parameters: description: uuid/name of an existing subnet to use to provision machines default: "" + fixed_ipv6_subnet: + type: string + description: uuid/name of an existing subnet to use to provision machines + default: "" + master_image: type: string description: glance image used to boot the server @@ -175,6 +180,11 @@ parameters: description: network range for fixed ip network default: 10.0.0.0/24 + fixed_ipv6_subnet_cidr: + type: string + description: network range for fixed ip network + default: fd5e:d3bb:de2e::/64 + portal_network_cidr: type: string description: > @@ -1004,6 +1014,7 @@ resources: existing_network: {get_param: fixed_network} existing_subnet: {get_param: fixed_subnet} private_network_cidr: {get_param: fixed_subnet_cidr} + private_ipv6_network_cidr: {get_param: fixed_ipv6_subnet_cidr} dns_nameserver: {get_param: dns_nameserver} external_network: {get_param: external_network} private_network_name: {get_param: fixed_network_name} @@ -1038,6 +1049,12 @@ resources: type: OS::Neutron::SecurityGroup properties: rules: + - protocol: ipv6-icmp + ethertype: IPv6 + - protocol: tcp + port_range_min: 22 + port_range_max: 22 + ethertype: IPv6 - protocol: icmp - protocol: tcp port_range_min: 22 @@ -1084,6 +1101,12 @@ resources: type: OS::Neutron::SecurityGroup properties: rules: + - protocol: ipv6-icmp + ethertype: IPv6 + - protocol: tcp + port_range_min: 22 + port_range_max: 22 + ethertype: IPv6 - protocol: icmp # Default port range for external service ports. # In future, if the option `manage-security-groups` for ccm works