Merge "Deprecate OpenDaylight support"

This commit is contained in:
Zuul 2023-10-11 11:38:43 +00:00 committed by Gerrit Code Review
commit bd45e1b58d
12 changed files with 10 additions and 310 deletions

View File

@ -162,7 +162,6 @@ neutron_ml2_conf_ini_overrides: {}
neutron_ml2_conf_genericswitch_ini_overrides: {}
neutron_neutron_conf_overrides: {}
neutron_nuage_conf_ini_overrides: {}
neutron_opendaylight_conf_ini_overrides: {}
neutron_openvswitch_agent_ini_overrides: {}
neutron_openvswitch_agent_init_overrides: {}
neutron_nsx_conf_ini_overrides: {}

View File

@ -1,156 +0,0 @@
========================================
Scenario - OpenDaylight and Open vSwitch
========================================
Overview
~~~~~~~~
Deployers can choose to enhance neutron capabilities by means of the
OpenDaylight SDN Controller, which works together with Open vSwitch to provide
advanced networking capabilities. This document explains how to use them
in your environment.
Recommended reading
~~~~~~~~~~~~~~~~~~~
Since this is an extension of the basic Open vSwitch scenario, it is worth
reading that scenario to get some background. It is also recommended to be
familiar with OpenDaylight and networking-odl projects and their configuration.
* `Scenario: Open vSwitch <app-openvswitch.html>`_
* `OpenDaylight SDN Controller <https://docs.opendaylight.org/en/latest/>`_
* `Networking-odl <https://github.com/openstack/networking-odl>`_
Prerequisites
~~~~~~~~~~~~~
The `OpenDaylight Ansible role <https://wiki.opendaylight.org/view/Deployment#Ansible_Role>`_
needs to be available in Ansible's role path.
OpenStack-Ansible user variables
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Set the following user variables in your
``/etc/openstack_deploy/user_variables.yml``:
.. code-block:: yaml
### Ensure the openvswitch kernel module is loaded
openstack_host_specific_kernel_modules:
- name: "openvswitch"
pattern: "CONFIG_OPENVSWITCH"
group: "network_hosts"
### Use OpenDaylight SDN Controller
neutron_plugin_type: "ml2.opendaylight"
odl_ip: "{{ hostvars[groups['opendaylight'][0]]['ansible_facts']['default_ipv4']['address'] }}"
neutron_opendaylight_conf_ini_overrides:
ml2_odl:
url: "http://{{ odl_ip }}:8180/controller/nb/v2/neutron"
username: <username>
password: <password>
Most of the content of this file is self-explanatory. The first block is used
to deploy Open vSwitch in all network hosts.
The second block is instructing Ansible to deploy OpenDaylight SDN Controller.
This is done by specifying ``neutron_plugin_type`` to ``ml2.opendaylight``.
The IP address of the OpenDaylight controller needs to be inferred from the
deployment configuration as well. That can be used with a line such as the one
in the example.
After that, some configuration is needed to integrate OpenDaylight and Neutron,
using the ``ml2_odl`` section.
* **url**: OpenDaylight's northbound url. This is automatically retrieved from
the deployment configuration, so just need to copy the example line.
* **username**: OpenDaylight northbound API username
* **password**: OpenDaylight northbound API password for <username>
Apart from these options, the deployer might want to change the installation
method for OpenDaylight Ansible role. This role uses pre-packaged binaries,
which can be either ``deb`` or ``rpm`` files, and by default it will download
these binaries from OpenDaylight repositories, trying to guess the correct
package depending on the underlying operating system.
Also, the set of features that will be enabled in the OpenDaylight SDN
controller defaults to ``odl-netvirt-openstack``, which is the minimum for an
OpenStack integration. The deployer can modify this value by providing a list
of feature names in the ``opendaylight_extra_features`` variable.
For more information, see OpenDaylight Ansible role documentation.
L3 configuration
~~~~~~~~~~~~~~~~
L3 services are by default provided by the neutron-l3-agent. ODL is capable of
providing L3 services too and if ODL is deployed, it is actually recommended to
use them instead of neutron. Remember that L3 services allow, among other
things, to give VMs connectivity to the internet.
To activate the ODL L3 services, you should add to the above explained
variables:
.. code-block:: yaml
# Activate the L3 capabilities of ODL
neutron_plugin_base:
- odl-router_v2
- metering
If you want to use the L3 capabilities, you will need to define a external
Neutron network and set a gateway. Note that the br-vlan interface of the nodes
could be a perfect interface for that gateway, although it depends on your
network topology.
SFC configuration
~~~~~~~~~~~~~~~~~
It is possible to have an openstack-ansible deployment with SFC capabilities.
The following config needs to be added to the above described
``/etc/openstack_deploy/user_variables.yml`` :
.. code-block:: yaml
neutron_plugin_base:
- router
- metering
- flow_classifier
- sfc
When using this configuration, networking-sfc will be deployed and SFC features
will be activated in ODL. A SFC topology could be then set up through the
networking-sfc API or through an orchestrator like tacker (if deployed).
BGPVPN configuration
~~~~~~~~~~~~~~~~~~~~
ODL provides support for extending L3 services over DC-GW by BGPVPN. This way
Openstack configures ODL as BGP speaker to exchange the routes with DC-GW to
establish the communication between Tenant VMs and external world in the
data path.
To activate BGPVPN service, you should add the following variables in addition
to the OpenStack-Ansible user variables mentioned above.
.. code-block:: yaml
# Activate the BGPVPN capabilities of ODL
neutron_plugin_base:
- odl-router_v2
- bgpvpn
Security information
~~~~~~~~~~~~~~~~~~~~
Communications between the OpenDaylight SDN Controller and Open vSwitch are not
secured by default. For further information on securing this interface, see
these manuals:
* `TLS Support on OpenDaylight OpenFlow plugin
<https://wiki.opendaylight.org/view/OpenDaylight_OpenFlow_Plugin:_TLS_Support>`__.
* `Secure Communication Between OpenFlow Switches and Controllers
<https://www.thinkmind.org/download.php?articleid=afin_2015_2_30_40047>`__.

View File

@ -15,7 +15,6 @@ Neutron role for OpenStack-Ansible
app-ovn.rst
app-nuage.rst
app-nsx.rst
app-opendaylight.rst
app-genericswitch.rst
:tags: openstack, neutron, cloud, ansible

View File

@ -0,0 +1,7 @@
---
deprecations:
- |
Support for OpenDaylight driver has been deprecated by Neutron team during
2023.2 (Bobcat) development cycle and it's support has been removed from
OpenStack-Ansible.

View File

@ -1,25 +0,0 @@
---
# Copyright 2018, SUSE Linux GmbH
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Include ODL role
include_role:
name: opendaylight
vars:
odl_install_method: "{{ opendaylight_install_method }}"
extra_features: "{{ opendaylight_extra_features }}"
nb_rest_port: "{{ opendaylight_port | default('8180') }}"
when:
- neutron_plugin_type == "ml2.opendaylight"
- "'opendaylight' in group_names"

View File

@ -109,9 +109,6 @@
tags:
- always
- name: Importing dependent_neutron_roles tasks
import_tasks: dependent_neutron_roles.yml
- name: Importing neutron_pre_install tasks
import_tasks: neutron_pre_install.yml
tags:

View File

@ -1,18 +0,0 @@
---
# Copyright 2017, Ericsson AB
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Importing setup_ovs_opendaylight tasks
import_tasks: setup_ovs_opendaylight.yml
when: neutron_services['neutron-server']['group'] not in group_names

View File

@ -1,59 +0,0 @@
---
# Copyright 2017, Intracom-Telecom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Retrieve current OvS manager
command: ovs-vsctl get-manager
register: ovs_manager
changed_when: False
until: ovs_manager.rc == 0
retries: 3
delay: 5
- name: Set ODL as OvS manager
changed_when: false
command: ovs-vsctl set-manager {{ ovs_manager_list }}
when: ovs_manager.stdout | length == 0
- name: Configure hosts for networking-odl, force kernel datapath
changed_when: false
command: >-
{{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk
{% if neutron_provider_networks.network_mappings is defined and 'odl-router_v2' in neutron_plugin_base or
'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %}
when: ovs_manager.stdout | length == 0
- name: Retrieve current OvS local ip
command: ovs-vsctl get Open_vSwitch . other_config:local_ip
ignore_errors: yes
register: ovs_local_ip
changed_when: False
- name: Set local ip for OpenvSwitch
changed_when: false
command: "ovs-vsctl set Open_vSwitch . other_config:local_ip={{ neutron_local_ip }}"
when: ovs_local_ip.rc != 0
- name: Set the bridge mappings
changed_when: false
command: "ovs-vsctl set Open_vSwitch . other_config:provider_mappings={{ neutron_provider_networks.network_mappings }}"
when:
- neutron_provider_networks.network_mappings is defined
- (neutron_plugin_base == 'odl-router' or neutron_plugin_base == 'odl-router_v2')
- name: Set the of-tunnel to true
changed_when: false
command: "ovs-vsctl set Open_vSwitch . external_ids:of-tunnel=true"
when:
- neutron_plugin_base == 'sfc'

View File

@ -259,10 +259,10 @@ lock_path = {{ neutron_lock_dir }}/{{ neutron_system_slice_name }}
{% if neutron_services['neutron-server']['group'] in group_names and 'sfc' in neutron_plugin_base %}
# ODL-SFC
[sfc]
drivers = {{ (neutron_plugin_type == 'ml2.opendaylight') | ternary('odl_v2', 'ovs') }}
drivers = ovs
[flowclassifier]
drivers = {{ (neutron_plugin_type == 'ml2.opendaylight') | ternary('odl_v2', 'ovs') }}
drivers = ovs
{% endif %}
{% if neutron_services['neutron-server']['group'] in group_names and neutron_backend_ssl | bool %}

View File

@ -7,10 +7,6 @@ tenant_network_types = {{ neutron_provider_networks.network_types if neutron_pro
mechanism_drivers = {{ neutron_ml2_mechanism_drivers }}
extension_drivers = port_security{% if 'qos' in neutron_plugin_base %},qos{% endif %}{% if 'dns' in neutron_plugin_base %},dns{% endif %}{% if 'dns_domain_ports' in neutron_plugin_base %},dns_domain_ports{% endif %}{% if 'subnet_dns_publish_fixed_ip' in neutron_plugin_base %},subnet_dns_publish_fixed_ip{% endif %}{% if 'dns_domain_keywords' in neutron_plugin_base %},dns_domain_keywords{% endif %}
{% if neutron_provider_networks.network_mappings is defined and (neutron_plugin_type == 'ml2.opendaylight' and ('odl-router_v2' in neutron_plugin_base or 'odl-router' in neutron_plugin_base)) %}
bridge_mappings = {{ neutron_provider_networks.network_mappings }}
{% endif %}
{% if neutron_provider_networks.network_flat_networks is defined %}
# ML2 flat networks

View File

@ -51,10 +51,6 @@
scm: git
src: https://github.com/logan2211/ansible-etcd
version: master
- name: opendaylight
scm: git
src: https://github.com/opendaylight/integration-packaging-ansible-opendaylight
version: master
- name: systemd_service
src: https://opendev.org/openstack/ansible-role-systemd_service
scm: git

View File

@ -36,8 +36,7 @@ neutron_needs_openvswitch: >-
{{ (neutron_services['neutron-openvswitch-agent']['group'] in group_names and neutron_services['neutron-openvswitch-agent'].service_en | bool)
or (neutron_services['neutron-ovn-northd']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool)
or (neutron_services['neutron-ovn-controller']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool)
or (neutron_services['neutron-server']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool)
or ((neutron_services['neutron-server']['group'] not in group_names) and neutron_plugin_type == 'ml2.opendaylight') }}
or (neutron_services['neutron-server']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool) }}
###
### Python code details
@ -65,11 +64,6 @@ neutron_optional_fwaas_pip_packages:
neutron_optional_vpnaas_pip_packages:
- "git+{{ neutron_vpnaas_git_repo }}@{{ neutron_vpnaas_git_install_branch }}#egg=neutron-vpnaas"
neutron_optional_opendaylight_pip_packages:
- "git+{{ networking_odl_git_repo }}@{{ networking_odl_git_install_branch }}#egg=networking-odl"
- "git+{{ ceilometer_git_repo }}@{{ ceilometer_git_install_branch }}#egg=ceilometer"
- "git+{{ networking_bgpvpn_git_repo }}@{{ networking_bgpvpn_git_install_branch }}#egg=networking-bgpvpn"
neutron_optional_sfc_pip_packages:
- "git+{{ networking_sfc_git_repo }}@{{ networking_sfc_git_install_branch }}#egg=networking-sfc"
@ -109,12 +103,6 @@ neutron_venv_packages: >-
(neutron_services['neutron-server']['group'] in group_names) %}
{%- set _ = pkg_list.extend(neutron_optional_nuage_pip_packages) %}
{%- endif %}
{%- if neutron_plugin_type.split('.')[-1] == 'opendaylight' %}
{%- set _ = pkg_list.extend(neutron_optional_opendaylight_pip_packages) %}
{%- if 'sfc' in neutron_plugin_base %}
{%- set _ = pkg_list.extend(neutron_optional_sfc_pip_packages) %}
{%- endif %}
{%- endif %}
{%- if ('ml2.genericswitch' in neutron_plugin_types) and
(neutron_services['neutron-server']['group'] in group_names) %}
{%- set _ = pkg_list.extend(neutron_optional_ngs_pip_packages) %}
@ -206,14 +194,6 @@ neutron_plugins:
mechanisms: "sriovnicswitch"
plugin_ini: plugins/ml2/sriov_nic_agent.ini
plugin_conf_ini_overrides: "{{ neutron_sriov_nic_agent_ini_overrides }}"
ml2.opendaylight:
drivers_type: "local,flat,vlan,gre,vxlan"
mechanisms: "opendaylight_v2"
plugin_conf_ini_overrides: "{{ neutron_opendaylight_conf_ini_overrides }}"
plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin
plugin_ini: plugins/ml2/ml2_conf.ini
driver_interface: "openvswitch"
l3_agent_mode: "legacy"
ml2.ovn:
drivers_type: "{{ neutron_ml2_drivers_type }}"
driver_interface: openvswitch
@ -268,22 +248,6 @@ _neutron_ovs_disabled: >-
# Tunnel network types used by the OVS agent
neutron_tunnel_types: "{{ neutron_ml2_drivers_type.split(',') | difference(_neutron_non_tunnel_types) | join(',') }}"
# OpenDaylight
opendaylight_extra_features: |-
{%- set features = ['odl-netvirt-openstack'] -%}
{%- if 'sfc' in neutron_plugin_base -%}
{%- set features = ['odl-netvirt-sfc'] -%}
{%- endif -%}
{{ features }}
opendaylight_install_method: "{{ (ansible_facts['os_family'] == 'Debian') | ternary('deb_repo', 'rpm_repo') }}"
ovs_manager_list: |-
{% set ovs_managers_odls = [] %}
{% for odl_ip_address in groups[neutron_services['neutron-server']['group']] | map('extract', hostvars, 'ansible_host') | list -%}
{% set _ = ovs_managers_odls.append('tcp:' ~ odl_ip_address ~ ':6640') %}
{%- endfor %}
{{ ovs_managers_odls | join(' ') }}
###
### L3 Agent Plugin Configuration
###