Support migrating from ML2OVS to OVN using ansible.

This patch adds ansible playbooks and roles to carry out migration of
an existing ML2/OVS tripleo setup to ML2/OVN.

In this patch, all the migration tasks are carried out using ansible.
Below are the migration steps

1. Generates a hosts file with the ip addresses of the controllers
and computes.

2. Creates pre migration resources (including a VM) and validates them

3. Runs the overcloud deploy script with ovn-controller's configured to
use a temporary ovs bridge (OVNIntegrationBridge: "br-migration")

4. Carry out the migration tasks
   - Generate the OVN north db by running ovn sync util
   - Configure ovn-controllers to take over br-int
   - Delete all the qrouter/q-dhcp namespaces

5. Validates the pre migration resources again to check if everything is fine
or not.

6. Deletes the pre migration resources and creates and validates post migration
resources.

7. Deletes the post migration resources

8. And finally runs the overcloud deploy script again by setting
"OVNIntegrationBridge: "br-int"

Co-authored-by: Miguel Angel Ajo <majopela@redhat.com>
Change-Id: I29f0d729f8e2ad644aa1eead7c0802995ee279a9
changes/60/510460/18
Numan Siddique 5 years ago
parent 4a5b0564de
commit 6546cb8ed9
  1. 1
      doc/source/index.rst
  2. 143
      doc/source/install/migration.rst
  3. 3
      migration/README.rst
  4. 48
      migration/tripleo_environment/README.rst
  5. 99
      migration/tripleo_environment/network_mtu.py
  6. 153
      migration/tripleo_environment/ovn_migration.sh
  7. 21
      migration/tripleo_environment/playbooks/migrate.yml
  8. 25
      migration/tripleo_environment/playbooks/ovn-migration.yml
  9. 52
      migration/tripleo_environment/playbooks/post-migration.yml
  10. 17
      migration/tripleo_environment/playbooks/pre-migration.yml
  11. 6
      migration/tripleo_environment/playbooks/roles/activate-ovn/defaults/main.yml
  12. 16
      migration/tripleo_environment/playbooks/roles/activate-ovn/tasks/main.yml
  13. 36
      migration/tripleo_environment/playbooks/roles/activate-ovn/templates/activate-ovn.sh.j2
  14. 5
      migration/tripleo_environment/playbooks/roles/delete-neutron-resources/defaults/main.yml
  15. 20
      migration/tripleo_environment/playbooks/roles/delete-neutron-resources/tasks/main.yml
  16. 29
      migration/tripleo_environment/playbooks/roles/delete-neutron-resources/templates/delete-neutron-resources.sh.j2
  17. 6
      migration/tripleo_environment/playbooks/roles/resources/cleanup/defaults/main.yml
  18. 18
      migration/tripleo_environment/playbooks/roles/resources/cleanup/tasks/main.yml
  19. 32
      migration/tripleo_environment/playbooks/roles/resources/cleanup/templates/cleanup-resources.sh.j2
  20. 9
      migration/tripleo_environment/playbooks/roles/resources/create/defaults/main.yml
  21. 22
      migration/tripleo_environment/playbooks/roles/resources/create/tasks/main.yml
  22. 128
      migration/tripleo_environment/playbooks/roles/resources/create/templates/create-resources.sh.j2
  23. 5
      migration/tripleo_environment/playbooks/roles/resources/validate/defaults/main.yml
  24. 12
      migration/tripleo_environment/playbooks/roles/resources/validate/tasks/main.yml
  25. 17
      migration/tripleo_environment/playbooks/roles/resources/validate/templates/validate-resources.sh.j2
  26. 19
      migration/tripleo_environment/playbooks/roles/sync-dbs/tasks/main.yml
  27. 6
      migration/tripleo_environment/playbooks/roles/tripleo-update/defaults/main.yml
  28. 22
      migration/tripleo_environment/playbooks/roles/tripleo-update/tasks/main.yml
  29. 7
      migration/tripleo_environment/playbooks/roles/tripleo-update/templates/generate-ovn-extras.sh.j2
  30. 10
      migration/tripleo_environment/playbooks/setup-ovn.yml
  31. 9
      releasenotes/notes/migration-from-ml2ovs-to-ovn-30ea4dea163d20c0.yaml

@ -21,6 +21,7 @@ Contents
faq/index
admin/index
install/index
install/migration
configuration/index
contributor/index

@ -0,0 +1,143 @@
.. _migration:
Migration Strategy
==================
This document details an in-place migration strategy from ML2/OVS in either
ovs-firewall, or ovs-hybrid mode in a TripleO OpenStack deployment.
For non TripleO deployments, please refer to the file ``migration/README.rst``
and the ansible playbook ``migration/migrate-to-ovn.yml``.
Overview
--------
The migration would be accomplished by following the steps:
a. Administrator steps:
* Updating to the latest openstack/neutron version
* Reducing the DHCP T1 parameter on dhcp_agent.ini beforehand, which
is controlled by the dhcp_renewal_time of /etc/neutron/dhcp_agent.ini
Somewhere around 30 seconds would be enough (TODO: Data and calculations
to back this value with precise information).
* Waiting for at least dhcp_lease_duration (see /etc/neutron/neutron.conf
or /etc/neutron/dhcp_agent.ini) time (default is 86400 seconds =
24hours), that way all instances will grab the new new lease renewal time
and start checking with the dhcp server periodically based on the T1
parameter.
* Lowering the MTU of all vxlan or gre based networks down to
make sure geneve works (a tool will be provided for that). The mtu
must be set to "max_tunneling_network_mtu - ovn_geneve_overhead", that's
generally "1500 - ovn_geneve_overhead", unless your network and any
intermediate router hop between compute and network nodes is jumboframe
capable). ovn_geneve_overhead is 58 bytes. VXLAN overhead is 50 bytes. So
for the typical 1500 MTU tunneling network, we may need to assign 1442.
The migration tool provides a python script `network_mtu.py``. To lower
the MTU, run ``python network_mtu.py update mtu``.
b. Automated steps (via ansible)
* Create pre-migration resources (network and VM) to validate final
migration.
* Update the overcloud stack (in the case of TripleO) to deploy OVN
alongside reference implementation services using a temporary bridge
"br-migration" instead of br-int.
* Start the migration process:
1. generate the OVN north db by running neutron-ovn-db-sync util
2. re-assign ovn-controller to br-int instead of br-migration
3. cleanup network namespaces (fip, snat, qrouter, qdhcp),
4. remove any unnecessary patch ports on br-int
5. remove br-tun and br-migration ovs bridges
6. delete qr-*, ha-* and qg-* ports from br-int
* Delete neutron agents and neutron HA internal networks
* Validate connectivity on pre-migration resources.
* Delete pre-migration resources.
* Create post-migration resources.
* Validate connectivity on post-migration resources.
* Cleanup post-migration resources.
* Re-run deployment tool to update OVN on br-int.
Steps for migration
-------------------
Carryout the below steps in the undercloud:
1. Run ``python network_mtu.py update mtu`` to lower the mtu of the pre
migration vxlan networks.
2. Create ``overcloud-deploy-ovn.sh`` script in /home/stack. Make sure the
below environment files are added in the order mentioned below
* -e /usr/share/openstack-triple-heat-templates/environments/docker.yaml
* -e /usr/share/openstack-triple-heat-templates/environments/docker-ha.yaml
* -e /usr/share/openstack-tripleo-heat-templates/environments/services-docker/
neutron-ovn-ha.yaml
* -e /home/stack/ovn-extras.yaml
If compute nodes have external connectivity, then you can use the
environment file - environments/services-docker/neutron-ovn-dvr-ha.yaml
3. Configure 'dhcp_renewal_time' in
/var/lib/config-data/puppet-generated/neutron/etc/neutron/dhcp_agent.ini
in all the nodes where DHCP agent is configured.
4. Wait till the new MTU values are propagated to all the pre migration VMs.
5. Check the script ``ovn_migration.sh`` and override the environment variables
if desired.
Below are the environment variables
* IS_DVR_ENABLED - If the existing ML2/OVS has DVR enabled, set it to True.
Default value is False.
* PUBLIC_NETWORK_NAME - Name of the public network. Default value is
'public'.
* IMAGE_NAME - Name/ID of the glance image to us for booting a test server.
Default value is 'cirros'.
* VALIDATE_MIGRATION - Create migration resources to validate the
migration.
The migration script, before starting the migration, boots a server and
validates that the server is reachable after the migration.
Default value is True.
* SERVER_USER_NAME - User name to use for logging to the migration server.
Default value is 'cirros'.
6. Set the below tripleo heat template parameters to point to the proper
OVN docker images in appropriate environment file
* DockerOvnControllerConfigImage
* DockerOvnControllerImage
* DockerOvnNorthdImage
* DockerNeutronApiImage
* DockerNeutronConfigImage
* DockerOvnDbsImage
* DockerOvnDbsConfigImage
Eg: Run ``openstack overcloud container image prepare ..
--env-file=/home/stack/docker-images.yaml
-e /usr/share/openstack-tripleo-heat-templates/environments/services-docker
/neutron-ovn-ha.yaml``.
7. Run the script ``ovn_migration.sh``.
Migration is complete !!!

@ -4,6 +4,9 @@ Migration from ML2/OVS to ML2/OVN
Proof-of-concept ansible script for migrating an OpenStack deployment
that uses ML2/OVS to OVN.
If you have a tripleo ML2/OVS deployment then please see the folder
``tripleo_environment``
Prerequisites:
1. Ansible 2.2 or greater.

@ -0,0 +1,48 @@
Migration from ML2/OVS to ML2/OVN in a tripleo deployment
=========================================================
To migrate your existing ML2/OVS deployment to ML2/OVN, run the
script ``ovn_migration.sh``` in the undercloud.
This script does in place migration from ML2/OVS to ML2/OVN i.e the VMs
hosted on the compute nodes are not migrated to other compute hosts, instead
the ovn-controller service manages the OVS integration bridge by the end of
migration.
Steps for migration
-------------------
1. Run ``python network_mtu.py update mtu`` to lower the mtu of the pre migration
vxlan networks. Since OVN uses geneve tunnels, the mtu has to be lowered.
2. Create ``overcloud-deploy-ovn.sh`` script in /home/stack. Make sure the
below environment files are added in the order mentioned below
* -e /usr/share/openstack-triple-heat-templates/environments/docker.yaml
* -e /usr/share/openstack-triple-heat-templates/environments/docker-ha.yaml
* -e /usr/share/openstack-tripleo-heat-templates/environments/services-docker/neutron-ovn-ha.yaml
* -e /home/stack/ovn-extras.yaml
3. Wait till the new MTU values are propagated to all the pre migration VMs
4. Check the script ``ovn_migration.sh`` and override the environment variables if desired.
Below are the environment variables
* IS_DVR_ENABLED - If the existing ML2/OVS has DVR enabled, set it to True.
Default value is False.
* PUBLIC_NETWORK_NAME - Name of the public network. Default value is 'public'.
* IMAGE_NAME - Name/ID of the glance image to us for booting a test server.
Default value is 'cirros'.
* VALIDATE_MIGRATION - Create migration resources to validate the migration.
The migration script, before starting the migration, boots a server and
validates that the server is reachable after the migration.
Default value is True.
* SERVER_USER_NAME - User name to use for logging to the migration server.
Default value is 'cirros'.
5. Run the script ``ovn_migration.sh``.
Migration is complete !!!

@ -0,0 +1,99 @@
# Copyright 2018 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import os
import sys
from openstack import connection
GENEVE_TO_VXLAN_OVERHEAD = 8
def get_connection():
user_domain_id = os.environ.get('OS_USER_DOMAIN_ID', 'default')
project_domain_id = os.environ.get('OS_PROJECT_DOMAIN_ID', 'default')
conn = connection.Connection(auth_url=os.environ['OS_AUTH_URL'],
project_name=os.environ['OS_PROJECT_NAME'],
username=os.environ['OS_USERNAME'],
password=os.environ['OS_PASSWORD'],
user_domain_id=user_domain_id,
project_domain_id=project_domain_id)
return conn
def verify_network_mtu():
print("Verifying the tenant network mtu's")
conn = get_connection()
success = True
for network in conn.network.networks():
if network.provider_physical_network is None and (
network.provider_network_type == 'vxlan') and (
'adapted_mtu' not in network.tags):
print("adapted_mtu tag is not set for the Network "
"[" + str(network.name) + "]")
success = False
if success:
print("All the networks are set to expected mtu value")
else:
print("Please run : \"python network_mtu.py update mtu\" before"
" starting the migration to OVN")
return success
def update_network_mtu():
print("Updating the tenant network mtu")
conn = get_connection()
for network in conn.network.networks():
try:
if network.provider_physical_network is None and (
network.provider_network_type == 'vxlan') and (
'adapted_mtu' not in network.tags):
print("Updating the mtu and the tag 'adapted_mtu"
" of the network - " + str(network.name))
new_tags = list(network.tags)
new_tags.append('adapted_mtu')
conn.network.update_network(
network,
mtu=int(network.mtu) - GENEVE_TO_VXLAN_OVERHEAD)
conn.network.set_tags(network, new_tags)
except Exception as e:
print("Exception occured while updating the MTU:" + str(e))
return False
return True
def print_usage():
print('Invalid options:')
print('Usage: python network_mtu.py verify mtu')
print('Usage: python network_mtu.py update mtu')
if len(sys.argv) < 3:
print_usage()
sys.exit(1)
retval = 1
if sys.argv[1] == "update" and sys.argv[2] == "mtu":
if update_network_mtu():
retval = 0
elif sys.argv[1] == "verify" and sys.argv[2] == "mtu":
if verify_network_mtu():
retval = 0
else:
print_usage()
sys.exit(retval)

@ -0,0 +1,153 @@
#!/bin/bash
# Copyright 2018 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# With LANG set to everything else than C completely undercipherable errors
# like "file not found" and decoding errors will start to appear during scripts
# or even ansible modules
LANG=C
# Complete stackrc file path.
: ${STACKRC_FILE:=~/stackrc}
# Complete overcloudrc file path.
: ${OVERCLOUDRC_FILE:=~/overcloudrc}
# overcloud deploy script for OVN migration.
: ${OVERCLOUD_OVN_DEPLOY_SCRIPT:=~/overcloud-deploy-ovn.sh}
# Is the present deployment DVR or HA. Lets assume it's HA
: ${IS_DVR_ENABLED:=False}
: ${OPT_WORKDIR:=$PWD}
: ${PUBLIC_NETWORK_NAME:=public}
: ${IMAGE_NAME:=cirros}
: ${SERVER_USER_NAME:=cirros}
: ${IS_CONTAINER_DEPLOYMENT:=False}
: ${VALIDATE_MIGRATION:=True}
# Check if the neutron networks MTU has been updated to geneve MTU size or not.
# We donot want to proceed if the MTUs are not updated.
oc_check_network_mtu() {
source $OVERCLOUDRC_FILE
python network_mtu.py verify mtu
if [ "$?" != "0" ]
then
echo "Please update the tenant network MTU by running 'python network_mtu.py update mtu' before starting migration"
exit 1
fi
}
generate_ansible_hosts_file() {
source $STACKRC_FILE
echo "[ovn-dbs]" > hosts_for_migration
ovn_central=True
CONTROLLERS=`openstack server list -c Name -c Networks | grep controller | awk '{ split($4, net, "="); print net[2] }'`
for node_ip in $CONTROLLERS
do
if [ "$ovn_central" == "True" ]
then
ovn_central=False
node_ip="$node_ip ovn_central=true"
fi
echo $node_ip ansible_ssh_user=heat-admin ansible_become=true >> hosts_for_migration
done
echo "" >> hosts_for_migration
echo "[ovn-controllers]" >> hosts_for_migration
for node_ip in $CONTROLLERS
do
echo $node_ip ansible_ssh_user=heat-admin ansible_become=true >> hosts_for_migration
done
for node_ip in `openstack server list -c Name -c Networks | grep compute | awk '{ split($4, net, "="); print net[2] }'`
do
echo $node_ip ansible_ssh_user=heat-admin ansible_become=true >> hosts_for_migration
done
echo "" >> hosts_for_migration
cat >> hosts_for_migration << EOF
[overcloud:children]
ovn-controllers
ovn-dbs
[overcloud:vars]
remote_user=heat-admin
dvr_setup=$IS_DVR_ENABLED
public_network_name=$PUBLIC_NETWORK_NAME
image_name=$IMAGE_NAME
working_dir=$OPT_WORKDIR
server_user_name=$SERVER_USER_NAME
container_deployment=$IS_CONTAINER_DEPLOYMENT
validate_migration=$VALIDATE_MIGRATION
overcloud_ovn_deploy_script=$OVERCLOUD_OVN_DEPLOY_SCRIPT
overcloudrc=$OVERCLOUDRC_FILE
EOF
}
# Step 1. Check if the user has generated overcloud-deploy-ovn.sh file
# If it is not generated. Exit
if [ ! -e $OVERCLOUD_OVN_DEPLOY_SCRIPT ]
then
echo "overcloud deploy migration script : $OVERCLOUD_OVN_DEPLOY_SCRIPT is not present. Please make sure you generate that file before running this"
exit 1
fi
echo "Check if jq and sshpass commands are available or not"
which jq
if [ "$?" != "0" ]
then
echo "Please install jq as it is required during migration"
exit 1
fi
which sshpass
if [ "$?" != "0" ]
then
echo "Please install sshpass as it is required during migration"
exit 1
fi
echo "Checking the tenant network mtu values"
oc_check_network_mtu
echo "MTU is fine"
cat $OVERCLOUD_OVN_DEPLOY_SCRIPT | grep $HOME/ovn-extras.yaml
if [ "$?" == "1" ]
then
echo "ovn-extras.yaml file is missing in $OVERCLOUD_OVN_DEPLOY_SCRIPT. Please add it"
exit 1
fi
# Generate the hosts file for ansible migration playbook.
echo "Generating the hosts file for ansible-playbook"
generate_ansible_hosts_file
# Lets kick start the ansible playbook.
echo "Starting the Migration"
ansible-playbook $OPT_WORKDIR/playbooks/ovn-migration.yml \
-i hosts_for_migration -e working_dir=$OPT_WORKDIR \
-e public_network_name=$PUBLIC_NETWORK_NAME \
-e image_name=$IMAGE_NAME \
-e overcloud_ovn_deploy_script=$OVERCLOUD_OVN_DEPLOY_SCRIPT \
-e server_user_name=$SERVER_USER_NAME \
-e overcloudrc=$OVERCLOUDRC_FILE \
-e container_deployment=$IS_CONTAINER_DEPLOYMENT \
-e validate_migration=$VALIDATE_MIGRATION
echo "Migration complete !!!"

@ -0,0 +1,21 @@
---
- name: Sync Neutron and OVN DBs
hosts: ovn-dbs
roles:
- sync-dbs
- name: Activate OVN controller
hosts: ovn-controllers
roles:
- activate-ovn
- name: Delete Neutron resources
hosts: localhost
roles:
- delete-neutron-resources
vars:
ovn_migration_temp_dir: "{{ working_dir }}/delete_neutron_resources"
# TODO: Remove ovs_hybrid_plug='True' from the pre migation ports' binding_vif_details'

@ -0,0 +1,25 @@
# This is the playbook used by ovn-migration.sh.
# This is the start of the migration
- import_playbook: pre-migration.yml
tags:
- pre-migration
when: validate_migration|bool
- import_playbook: setup-ovn.yml
tags:
- setup
- import_playbook: migrate.yml
tags:
- migrate
- import_playbook: post-migration.yml
tags:
- post-migration
when: validate_migration|bool
- hosts: localhost
tasks:
- name: Migration successful.
debug:
msg: Migration from ML2OVS to OVN is now complete.

@ -0,0 +1,52 @@
- name: Validate pre migration resources after migration
hosts: localhost
roles:
- resources/validate
vars:
ovn_migration_temp_dir: "{{ working_dir }}/pre_migration_resources"
restart_server: true
- name: Delete the pre migration resources
hosts: localhost
roles:
- resources/cleanup
tags:
- post-migration
vars:
ovn_migration_temp_dir: "{{ working_dir }}/pre_migration_resources"
- name: Create post-migration resources
hosts: localhost
roles:
- resources/create
vars:
ovn_migration_temp_dir: "{{ working_dir }}/post_migration_resources"
resource_suffix: "post"
- name: Validate post migration resources
hosts: localhost
roles:
- resources/validate
vars:
ovn_migration_temp_dir: "{{ working_dir }}/post_migration_resources"
- name: Delete the post migration resources
hosts: localhost
roles:
- resources/cleanup
tags:
- post-migration
vars:
ovn_migration_temp_dir: "{{ working_dir }}/post_migration_resources"
resource_suffix: "post"
# Do we really need to do this ?
- name: Rerun the stack update to reset the OVNIntegrationBridge to br-int
hosts: localhost
roles:
- tripleo-update
vars:
ovn_bridge: "br-int"
tags:
- ovn-setup

@ -0,0 +1,17 @@
# Playbook to create pre migration resources
- name: Create the pre migration resource stack
hosts: localhost
roles:
- resources/create
vars:
ovn_migration_temp_dir: "{{ working_dir }}/pre_migration_resources"
tags:
- pre-migration
- name: Validate the pre migration resources
hosts: localhost
roles:
- resources/validate
vars:
ovn_migration_temp_dir: "{{ working_dir }}/pre_migration_resources"

@ -0,0 +1,6 @@
---
tunnel_bridge: "br-tun"
integration_bridge: "br-int"
external_bridge: "br-ex"
activate_ovn_script: activate-ovn.sh.j2

@ -0,0 +1,16 @@
---
- name: Generate OVN activation script
template:
src: "{{ activate_ovn_script }}"
dest: "/tmp/activate-ovn.sh"
mode: 0744
- name: Run OVN activation script
shell: >
/tmp/activate-ovn.sh 2>&1 > /tmp/activate-ovn.sh.log
- name: Delete OVN activate script
file:
state: absent
path: /tmp/activate-ovn.sh

@ -0,0 +1,36 @@
#!/bin/bash
set -x
# Reset OpenFlow protocol version before ovn-controller takes over
ovs-vsctl set Bridge {{ integration_bridge }} protocols=[]
ovs-vsctl set Bridge {{ external_bridge }} protocols=[]
# Delete controller from integration bridge
ovs-vsctl del-controller {{ integration_bridge }}
# Activate ovn-controller by configuring integration bridge
ovs-vsctl set open . external_ids:ovn-bridge={{ integration_bridge }}
ovn_container_id=`docker ps | grep ovn-controller | awk '{print $1}'`
docker restart $ovn_container_id
# Delete ovs bridges - br-tun and br-migration
ovs-vsctl --if-exists del-br {{ tunnel_bridge }}
ovs-vsctl --if-exists del-br br-migration
# Delete the qr-*, qg-* and ha-* ports from integration bridge
for p in `ovs-vsctl show | egrep 'qr-|ha-|qg-' | grep Interface | awk '{print $2}'`
do
# p will be having quotes. Eg. "hr-xxxx". So strip the quotes
port=`echo "$p" | sed -e 's/^"//' -e 's/"$//'`
ovs-vsctl del-port $port
done
# Delete namespaces
for i in `ip netns | grep -v ovnmeta`
do
ip netns delete $i
done
exit 0

@ -0,0 +1,5 @@
---
delete_neutron_resources_script: delete-neutron-resources.sh.j2
ovn_migration_temp_dir: "{{ ovn_migration_temp_dir }}"
overcloudrc: "{{ overcloudrc }}"

@ -0,0 +1,20 @@
- name: Delete temp file directory if present
file:
state: absent
path: "{{ ovn_migration_temp_dir }}"
- name : Create temp file directory if not present
file:
state: directory
path: "{{ ovn_migration_temp_dir }}"
- name: Generate neutron resources cleanup script
template:
src: "{{ delete_neutron_resources_script }}"
dest: "{{ ovn_migration_temp_dir }}/delete-neutron-resources.sh"
mode: 0744
- name: Deleting the neutron agents
shell: >
{{ ovn_migration_temp_dir }}/delete-neutron-resources.sh 2>&1 >
{{ ovn_migration_temp_dir }}/delete-neutron-resources.sh.log

@ -0,0 +1,29 @@
#!/bin/bash
set -x
source {{ overcloudrc }}
# Delete neutron agents
for i in `openstack network agent list | grep neutron- | awk {'print $2'}`
do
openstack network agent delete $i
done
delete_network_ports() {
net_id=$1
for p in `openstack port list --network $net_id | grep -v ID | awk '{print $2}'`
do
openstack port delete $p
done
}
# Delete HA networks
for i in `openstack network list | grep "HA network tenant" | awk '{print $2}'`
do
delete_network_ports $i
openstack network delete $i
done
exit 0

@ -0,0 +1,6 @@
---
cleanup_resource_script: cleanup-resources.sh.j2
ovn_migration_temp_dir: "{{ ovn_migration_temp_dir }}"
overcloudrc: "{{ overcloudrc }}"
resource_suffix: "pre"

@ -0,0 +1,18 @@
---
- name : Create temp file directory if not present
file:
state: directory
path: "{{ ovn_migration_temp_dir }}"
- name: Generate cleanup script
template:
src: "{{ cleanup_resource_script }}"
dest: "{{ ovn_migration_temp_dir }}/cleanup-resources.sh"
mode: 0744
- name: Cleaning up the pre migration resources
shell: >
set -o pipefail &&
{{ ovn_migration_temp_dir }}/cleanup-resources.sh 2>&1 >
cleanup-resources.sh.log

@ -0,0 +1,32 @@
#!/bin/bash
set -x
source {{ overcloudrc }}
openstack server delete ovn-migration-server-{{ resource_suffix }}
openstack port delete ovn-migration-server-port-{{ resource_suffix }}
server_ip=`cat {{ ovn_migration_temp_dir }}/server_public_ip`
openstack floating ip delete $server_ip
openstack router remove subnet ovn-migration-router-{{ resource_suffix }} ovn-migration-subnet-{{ resource_suffix }}
openstack router unset --external-gateway ovn-migration-router-{{ resource_suffix }}
openstack router delete ovn-migration-router-{{ resource_suffix }}
openstack network delete ovn-migration-net-{{ resource_suffix }}
openstack security group delete ovn-migration-sg-{{ resource_suffix }}
openstack flavor delete ovn-migration-{{ resource_suffix }}
openstack image delete cirros-ovn-migration-{{ resource_suffix }}
openstack keypair delete ovn-migration-{{ resource_suffix }}
echo "Resource cleanup done"
exit 0

@ -0,0 +1,9 @@
---
public_network_name: "{{ public_network_name }}"
create_migration_resource_script: create-resources.sh.j2
ovn_migration_temp_dir: "{{ ovn_migration_temp_dir }}"
image_name: "{{ image_name }}"
server_user_name: "{{ server_user_name }}"
overcloudrc: "{{ overcloudrc }}"
resource_suffix: "pre"

@ -0,0 +1,22 @@
---
- name: Delete temp file directory if present
file:
state: absent
path: "{{ ovn_migration_temp_dir }}"
- name : Create temp file directory if not present
file:
state: directory
path: "{{ ovn_migration_temp_dir }}"
- name: Generate resource creation script
template:
src: "{{ create_migration_resource_script }}"
dest: "{{ ovn_migration_temp_dir }}/create-migration-resources.sh"
mode: 0744
- name: Creating migration resources
shell: >
set -o pipefail &&
{{ ovn_migration_temp_dir }}/create-migration-resources.sh 2>&1 >
{{ ovn_migration_temp_dir }}/create-migration-resources.sh.log

@ -0,0 +1,128 @@
#!/bin/bash
set -x
source {{ overcloudrc }}
image_name={{ image_name }}
openstack image show $image_name
if [ "$?" != "0" ]
then
if [ ! -f cirros-0.4.0-x86_64-disk.img ]
then
curl -o cirros-0.4.0-x86_64-disk.img http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
fi
openstack image create "cirros-ovn-migration-{{ resource_suffix }}" --file cirros-0.4.0-x86_64-disk.img \
--disk-format qcow2 --container-format bare --public
image_name="cirros-ovn-migration-{{ resource_suffix }}"
fi
openstack flavor create ovn-migration-{{ resource_suffix }} --ram 1024 --disk 1 --vcpus 1
openstack keypair create ovn-migration-{{ resource_suffix }} --private-key {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key
openstack security group create ovn-migration-sg-{{ resource_suffix }}
openstack security group rule create --ingress --protocol icmp ovn-migration-sg-{{ resource_suffix }}
openstack security group rule create --ingress --protocol tcp --dst-port 22 ovn-migration-sg-{{ resource_suffix }}
openstack network create ovn-migration-net-{{ resource_suffix }}
neutron net-update ovn-migration-net-{{ resource_suffix }} --mtu 1442
openstack subnet create --network ovn-migration-net-{{ resource_suffix }} --subnet-range 172.168.199.0/24 ovn-migration-subnet-{{ resource_suffix }}
openstack port create --network ovn-migration-net-{{ resource_suffix }} --security-group ovn-migration-sg-{{ resource_suffix }} ovn-migration-server-port-{{ resource_suffix }}
openstack server create --flavor ovn-migration-{{ resource_suffix }} --image $image_name \
--key-name ovn-migration-{{ resource_suffix }} \
--nic port-id=ovn-migration-server-port-{{ resource_suffix }} ovn-migration-server-{{ resource_suffix }}
openstack router create ovn-migration-router-{{ resource_suffix }}
openstack router set --external-gateway {{ public_network_name }} ovn-migration-router-{{ resource_suffix }}
openstack router add subnet ovn-migration-router-{{ resource_suffix }} ovn-migration-subnet-{{ resource_suffix }}
server_ip=`openstack floating ip create --port ovn-migration-server-port-{{ resource_suffix }} \
{{ public_network_name }} -c floating_ip_address | grep floating_ip_address \
| awk '{print $4'}`
echo $server_ip > {{ ovn_migration_temp_dir }}/server_public_ip
chmod 0600 {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key
# Wait till the port is ACTIVE
echo "Wait till the port is ACTIVE"
port_status=`openstack port show ovn-migration-server-port-{{ resource_suffix }} -c status | grep status | awk '{print $4}'`
num_attempts=0
while [ "$port_status" != "ACTIVE" ]
do
num_attempts=$((num_attempts+1))
sleep 5
port_status=`openstack port show ovn-migration-server-port-{{ resource_suffix }} -c status | grep status | awk '{print $4}'`
echo "Port status = $port_status"
if [ $num_attempts -gt 24 ]
then
echo "Port is not up even after 2 minutes. Something is wrong"
exit 1
fi
done
echo "VM is up and the port is ACTIVE"
# Wait till the VM allows ssh connections
vm_status="down"
num_attempts=0
while [ "$vm_status" != "up" ]
do
num_attempts=$((num_attempts+1))
sleep 5
openstack console log show ovn-migration-server-{{ resource_suffix }} | grep "login:"
if [ "$?" == "0" ]
then
vm_status="up"
else
if [ $num_attempts -gt 60 ]
then
echo "Port is not up even after 5 minutes. Something is wrong."
# Even though something seems wrong, lets try and ping.
break
fi
fi
done
num_attempts=0
vm_reachable="false"
while [ "$vm_reachable" != "true" ]
do
num_attempts=$((num_attempts+1))
sleep 1
ping -c 3 $server_ip
if [ "$?" == "0" ]
then
vm_reachable="true"
else
if [ $num_attempts -gt 60 ]
then
echo "VM is not reachable. Something is wrong."
# Even though something seems wrong, lets try and ping.
exit 1
fi
fi
done
ssh -i {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key -o StrictHostKeyChecking=no \
-o UserKnownHostsFile=/dev/null cirros@$server_ip /sbin/ip a
rc=$?
echo "Done with the resource creation : exiting with $rc"
exit $rc

@ -0,0 +1,5 @@
validate_resources_script: validate-resources.sh.j2
ovn_migration_temp_dir: "{{ ovn_migration_temp_dir }}"
server_user_name: "cirros"
restart_server: false
resource_suffix: "pre"

@ -0,0 +1,12 @@
- name: Generate resource validation script
template:
src: "{{ validate_resources_script }}"
dest: "{{ ovn_migration_temp_dir }}/validate-resources.sh"
mode: 0744
- name: Run the validation script
shell: >
set -o pipefail &&
{{ ovn_migration_temp_dir }}/validate-resources.sh 2>&1 >
{{ ovn_migration_temp_dir }}/validate-resources.sh.log

@ -0,0 +1,17 @@
#!/bin/bash
set -x
source {{ overcloudrc }}
# This script validates the resources create by the resources/create role.
# It pings to the floating ip of the server and ssh into the server.
server_ip=`cat {{ ovn_migration_temp_dir }}/server_public_ip`
echo "Running ping test with -c 3 to the server ip - $server_ip"
ping -c 3 $server_ip
ssh -i {{ ovn_migration_temp_dir }}/ovn_migration_ssh_key -o StrictHostKeyChecking=no \
-o UserKnownHostsFile=/dev/null cirros@$server_ip date
echo "Done with the validation"

@ -0,0 +1,19 @@
- block:
- name: Get the neutron docker ID
shell:
docker ps | grep neutron-server-ovn | awk '{print $1}'
register: neutron_docker_id
- name: Sync neutron db with OVN db (container) - Run 1
command: docker exec "{{ neutron_docker_id.stdout }}"
neutron-ovn-db-sync-util --config-file /etc/neutron/neutron.conf
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
--ovn-neutron_sync_mode repair
- name: Sync neutron db with OVN db (container) - Run 2
command: docker exec "{{ neutron_docker_id.stdout }}"
neutron-ovn-db-sync-util --config-file /etc/neutron/neutron.conf
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
--ovn-neutron_sync_mode repair
when: ovn_central is defined

@ -0,0 +1,6 @@
---
generate_ovn_extras: generate-ovn-extras.sh.j2
ovn_bridge: "{{ ovn-bridge }}"
ovn_migration_temp_dir: "{{ working_dir }}/temp_files"
container_deployment: "{{ container_deployment }}"

@ -0,0 +1,22 @@
---
- name : Create temp file directory if not present
file:
state: directory
path: "{{ ovn_migration_temp_dir }}"
- name: Create ovn-extras generation script
template:
src: "{{ generate_ovn_extras }}"
dest: "{{ ovn_migration_temp_dir }}/generate-ovn-extras.sh"
mode: 0755
- name: Generate ovn-extras environment file
shell: >
set -o pipefail &&
{{ ovn_migration_temp_dir }}/generate-ovn-extras.sh
- name: Updating the overcloud stack with OVN services
shell: >
set -o pipefail &&
{{ overcloud_ovn_deploy_script }} 2>&1 > {{ overcloud_ovn_deploy_script }}.log

@ -0,0 +1,7 @@
#!/bin/bash
set -x
cat > $HOME/ovn-extras.yaml << EOF
parameter_defaults:
OVNIntegrationBridge: "{{ ovn_bridge }}"
EOF

@ -0,0 +1,10 @@
---
- name: Set up OVN and configure it using tripleo
hosts: localhost
roles:
- tripleo-update
vars:
ovn_bridge: br-migration
tags:
- ovn-setup

@ -0,0 +1,9 @@
---
prelude: >
Support migration from an existing ML2OVS tripleo deployment to ML2OVN
tripleo deployment.
features:
- |
A migration tool is provided to carry out in-place migration of an existing
ML2OVS tripleo deployment to ML2OVN. Please see the relevant documentation
section for more information.
Loading…
Cancel
Save