Merge "Deprecate OpenDaylight support"
This commit is contained in:
commit
bd45e1b58d
@ -162,7 +162,6 @@ neutron_ml2_conf_ini_overrides: {}
|
||||
neutron_ml2_conf_genericswitch_ini_overrides: {}
|
||||
neutron_neutron_conf_overrides: {}
|
||||
neutron_nuage_conf_ini_overrides: {}
|
||||
neutron_opendaylight_conf_ini_overrides: {}
|
||||
neutron_openvswitch_agent_ini_overrides: {}
|
||||
neutron_openvswitch_agent_init_overrides: {}
|
||||
neutron_nsx_conf_ini_overrides: {}
|
||||
|
@ -1,156 +0,0 @@
|
||||
========================================
|
||||
Scenario - OpenDaylight and Open vSwitch
|
||||
========================================
|
||||
|
||||
Overview
|
||||
~~~~~~~~
|
||||
|
||||
Deployers can choose to enhance neutron capabilities by means of the
|
||||
OpenDaylight SDN Controller, which works together with Open vSwitch to provide
|
||||
advanced networking capabilities. This document explains how to use them
|
||||
in your environment.
|
||||
|
||||
Recommended reading
|
||||
~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Since this is an extension of the basic Open vSwitch scenario, it is worth
|
||||
reading that scenario to get some background. It is also recommended to be
|
||||
familiar with OpenDaylight and networking-odl projects and their configuration.
|
||||
|
||||
* `Scenario: Open vSwitch <app-openvswitch.html>`_
|
||||
* `OpenDaylight SDN Controller <https://docs.opendaylight.org/en/latest/>`_
|
||||
* `Networking-odl <https://github.com/openstack/networking-odl>`_
|
||||
|
||||
Prerequisites
|
||||
~~~~~~~~~~~~~
|
||||
|
||||
The `OpenDaylight Ansible role <https://wiki.opendaylight.org/view/Deployment#Ansible_Role>`_
|
||||
needs to be available in Ansible's role path.
|
||||
|
||||
OpenStack-Ansible user variables
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Set the following user variables in your
|
||||
``/etc/openstack_deploy/user_variables.yml``:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
### Ensure the openvswitch kernel module is loaded
|
||||
openstack_host_specific_kernel_modules:
|
||||
- name: "openvswitch"
|
||||
pattern: "CONFIG_OPENVSWITCH"
|
||||
group: "network_hosts"
|
||||
|
||||
### Use OpenDaylight SDN Controller
|
||||
neutron_plugin_type: "ml2.opendaylight"
|
||||
odl_ip: "{{ hostvars[groups['opendaylight'][0]]['ansible_facts']['default_ipv4']['address'] }}"
|
||||
neutron_opendaylight_conf_ini_overrides:
|
||||
ml2_odl:
|
||||
url: "http://{{ odl_ip }}:8180/controller/nb/v2/neutron"
|
||||
username: <username>
|
||||
password: <password>
|
||||
|
||||
Most of the content of this file is self-explanatory. The first block is used
|
||||
to deploy Open vSwitch in all network hosts.
|
||||
|
||||
The second block is instructing Ansible to deploy OpenDaylight SDN Controller.
|
||||
This is done by specifying ``neutron_plugin_type`` to ``ml2.opendaylight``.
|
||||
The IP address of the OpenDaylight controller needs to be inferred from the
|
||||
deployment configuration as well. That can be used with a line such as the one
|
||||
in the example.
|
||||
|
||||
After that, some configuration is needed to integrate OpenDaylight and Neutron,
|
||||
using the ``ml2_odl`` section.
|
||||
|
||||
* **url**: OpenDaylight's northbound url. This is automatically retrieved from
|
||||
the deployment configuration, so just need to copy the example line.
|
||||
* **username**: OpenDaylight northbound API username
|
||||
* **password**: OpenDaylight northbound API password for <username>
|
||||
|
||||
Apart from these options, the deployer might want to change the installation
|
||||
method for OpenDaylight Ansible role. This role uses pre-packaged binaries,
|
||||
which can be either ``deb`` or ``rpm`` files, and by default it will download
|
||||
these binaries from OpenDaylight repositories, trying to guess the correct
|
||||
package depending on the underlying operating system.
|
||||
|
||||
Also, the set of features that will be enabled in the OpenDaylight SDN
|
||||
controller defaults to ``odl-netvirt-openstack``, which is the minimum for an
|
||||
OpenStack integration. The deployer can modify this value by providing a list
|
||||
of feature names in the ``opendaylight_extra_features`` variable.
|
||||
|
||||
For more information, see OpenDaylight Ansible role documentation.
|
||||
|
||||
L3 configuration
|
||||
~~~~~~~~~~~~~~~~
|
||||
|
||||
L3 services are by default provided by the neutron-l3-agent. ODL is capable of
|
||||
providing L3 services too and if ODL is deployed, it is actually recommended to
|
||||
use them instead of neutron. Remember that L3 services allow, among other
|
||||
things, to give VMs connectivity to the internet.
|
||||
|
||||
To activate the ODL L3 services, you should add to the above explained
|
||||
variables:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
# Activate the L3 capabilities of ODL
|
||||
neutron_plugin_base:
|
||||
- odl-router_v2
|
||||
- metering
|
||||
|
||||
If you want to use the L3 capabilities, you will need to define a external
|
||||
Neutron network and set a gateway. Note that the br-vlan interface of the nodes
|
||||
could be a perfect interface for that gateway, although it depends on your
|
||||
network topology.
|
||||
|
||||
SFC configuration
|
||||
~~~~~~~~~~~~~~~~~
|
||||
|
||||
It is possible to have an openstack-ansible deployment with SFC capabilities.
|
||||
The following config needs to be added to the above described
|
||||
``/etc/openstack_deploy/user_variables.yml`` :
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
neutron_plugin_base:
|
||||
- router
|
||||
- metering
|
||||
- flow_classifier
|
||||
- sfc
|
||||
|
||||
When using this configuration, networking-sfc will be deployed and SFC features
|
||||
will be activated in ODL. A SFC topology could be then set up through the
|
||||
networking-sfc API or through an orchestrator like tacker (if deployed).
|
||||
|
||||
|
||||
BGPVPN configuration
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
ODL provides support for extending L3 services over DC-GW by BGPVPN. This way
|
||||
Openstack configures ODL as BGP speaker to exchange the routes with DC-GW to
|
||||
establish the communication between Tenant VMs and external world in the
|
||||
data path.
|
||||
|
||||
To activate BGPVPN service, you should add the following variables in addition
|
||||
to the OpenStack-Ansible user variables mentioned above.
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
# Activate the BGPVPN capabilities of ODL
|
||||
neutron_plugin_base:
|
||||
- odl-router_v2
|
||||
- bgpvpn
|
||||
|
||||
|
||||
Security information
|
||||
~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
Communications between the OpenDaylight SDN Controller and Open vSwitch are not
|
||||
secured by default. For further information on securing this interface, see
|
||||
these manuals:
|
||||
|
||||
* `TLS Support on OpenDaylight OpenFlow plugin
|
||||
<https://wiki.opendaylight.org/view/OpenDaylight_OpenFlow_Plugin:_TLS_Support>`__.
|
||||
|
||||
* `Secure Communication Between OpenFlow Switches and Controllers
|
||||
<https://www.thinkmind.org/download.php?articleid=afin_2015_2_30_40047>`__.
|
@ -15,7 +15,6 @@ Neutron role for OpenStack-Ansible
|
||||
app-ovn.rst
|
||||
app-nuage.rst
|
||||
app-nsx.rst
|
||||
app-opendaylight.rst
|
||||
app-genericswitch.rst
|
||||
|
||||
:tags: openstack, neutron, cloud, ansible
|
||||
|
@ -0,0 +1,7 @@
|
||||
---
|
||||
|
||||
deprecations:
|
||||
- |
|
||||
Support for OpenDaylight driver has been deprecated by Neutron team during
|
||||
2023.2 (Bobcat) development cycle and it's support has been removed from
|
||||
OpenStack-Ansible.
|
@ -1,25 +0,0 @@
|
||||
---
|
||||
# Copyright 2018, SUSE Linux GmbH
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Include ODL role
|
||||
include_role:
|
||||
name: opendaylight
|
||||
vars:
|
||||
odl_install_method: "{{ opendaylight_install_method }}"
|
||||
extra_features: "{{ opendaylight_extra_features }}"
|
||||
nb_rest_port: "{{ opendaylight_port | default('8180') }}"
|
||||
when:
|
||||
- neutron_plugin_type == "ml2.opendaylight"
|
||||
- "'opendaylight' in group_names"
|
@ -109,9 +109,6 @@
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Importing dependent_neutron_roles tasks
|
||||
import_tasks: dependent_neutron_roles.yml
|
||||
|
||||
- name: Importing neutron_pre_install tasks
|
||||
import_tasks: neutron_pre_install.yml
|
||||
tags:
|
||||
|
@ -1,18 +0,0 @@
|
||||
---
|
||||
# Copyright 2017, Ericsson AB
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Importing setup_ovs_opendaylight tasks
|
||||
import_tasks: setup_ovs_opendaylight.yml
|
||||
when: neutron_services['neutron-server']['group'] not in group_names
|
@ -1,59 +0,0 @@
|
||||
---
|
||||
# Copyright 2017, Intracom-Telecom
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- name: Retrieve current OvS manager
|
||||
command: ovs-vsctl get-manager
|
||||
register: ovs_manager
|
||||
changed_when: False
|
||||
until: ovs_manager.rc == 0
|
||||
retries: 3
|
||||
delay: 5
|
||||
|
||||
- name: Set ODL as OvS manager
|
||||
changed_when: false
|
||||
command: ovs-vsctl set-manager {{ ovs_manager_list }}
|
||||
when: ovs_manager.stdout | length == 0
|
||||
|
||||
- name: Configure hosts for networking-odl, force kernel datapath
|
||||
changed_when: false
|
||||
command: >-
|
||||
{{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk
|
||||
{% if neutron_provider_networks.network_mappings is defined and 'odl-router_v2' in neutron_plugin_base or
|
||||
'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %}
|
||||
when: ovs_manager.stdout | length == 0
|
||||
|
||||
- name: Retrieve current OvS local ip
|
||||
command: ovs-vsctl get Open_vSwitch . other_config:local_ip
|
||||
ignore_errors: yes
|
||||
register: ovs_local_ip
|
||||
changed_when: False
|
||||
|
||||
- name: Set local ip for OpenvSwitch
|
||||
changed_when: false
|
||||
command: "ovs-vsctl set Open_vSwitch . other_config:local_ip={{ neutron_local_ip }}"
|
||||
when: ovs_local_ip.rc != 0
|
||||
|
||||
- name: Set the bridge mappings
|
||||
changed_when: false
|
||||
command: "ovs-vsctl set Open_vSwitch . other_config:provider_mappings={{ neutron_provider_networks.network_mappings }}"
|
||||
when:
|
||||
- neutron_provider_networks.network_mappings is defined
|
||||
- (neutron_plugin_base == 'odl-router' or neutron_plugin_base == 'odl-router_v2')
|
||||
|
||||
- name: Set the of-tunnel to true
|
||||
changed_when: false
|
||||
command: "ovs-vsctl set Open_vSwitch . external_ids:of-tunnel=true"
|
||||
when:
|
||||
- neutron_plugin_base == 'sfc'
|
@ -259,10 +259,10 @@ lock_path = {{ neutron_lock_dir }}/{{ neutron_system_slice_name }}
|
||||
{% if neutron_services['neutron-server']['group'] in group_names and 'sfc' in neutron_plugin_base %}
|
||||
# ODL-SFC
|
||||
[sfc]
|
||||
drivers = {{ (neutron_plugin_type == 'ml2.opendaylight') | ternary('odl_v2', 'ovs') }}
|
||||
drivers = ovs
|
||||
|
||||
[flowclassifier]
|
||||
drivers = {{ (neutron_plugin_type == 'ml2.opendaylight') | ternary('odl_v2', 'ovs') }}
|
||||
drivers = ovs
|
||||
{% endif %}
|
||||
|
||||
{% if neutron_services['neutron-server']['group'] in group_names and neutron_backend_ssl | bool %}
|
||||
|
@ -7,10 +7,6 @@ tenant_network_types = {{ neutron_provider_networks.network_types if neutron_pro
|
||||
mechanism_drivers = {{ neutron_ml2_mechanism_drivers }}
|
||||
extension_drivers = port_security{% if 'qos' in neutron_plugin_base %},qos{% endif %}{% if 'dns' in neutron_plugin_base %},dns{% endif %}{% if 'dns_domain_ports' in neutron_plugin_base %},dns_domain_ports{% endif %}{% if 'subnet_dns_publish_fixed_ip' in neutron_plugin_base %},subnet_dns_publish_fixed_ip{% endif %}{% if 'dns_domain_keywords' in neutron_plugin_base %},dns_domain_keywords{% endif %}
|
||||
|
||||
{% if neutron_provider_networks.network_mappings is defined and (neutron_plugin_type == 'ml2.opendaylight' and ('odl-router_v2' in neutron_plugin_base or 'odl-router' in neutron_plugin_base)) %}
|
||||
bridge_mappings = {{ neutron_provider_networks.network_mappings }}
|
||||
{% endif %}
|
||||
|
||||
{% if neutron_provider_networks.network_flat_networks is defined %}
|
||||
|
||||
# ML2 flat networks
|
||||
|
@ -51,10 +51,6 @@
|
||||
scm: git
|
||||
src: https://github.com/logan2211/ansible-etcd
|
||||
version: master
|
||||
- name: opendaylight
|
||||
scm: git
|
||||
src: https://github.com/opendaylight/integration-packaging-ansible-opendaylight
|
||||
version: master
|
||||
- name: systemd_service
|
||||
src: https://opendev.org/openstack/ansible-role-systemd_service
|
||||
scm: git
|
||||
|
@ -36,8 +36,7 @@ neutron_needs_openvswitch: >-
|
||||
{{ (neutron_services['neutron-openvswitch-agent']['group'] in group_names and neutron_services['neutron-openvswitch-agent'].service_en | bool)
|
||||
or (neutron_services['neutron-ovn-northd']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool)
|
||||
or (neutron_services['neutron-ovn-controller']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool)
|
||||
or (neutron_services['neutron-server']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool)
|
||||
or ((neutron_services['neutron-server']['group'] not in group_names) and neutron_plugin_type == 'ml2.opendaylight') }}
|
||||
or (neutron_services['neutron-server']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool) }}
|
||||
|
||||
###
|
||||
### Python code details
|
||||
@ -65,11 +64,6 @@ neutron_optional_fwaas_pip_packages:
|
||||
neutron_optional_vpnaas_pip_packages:
|
||||
- "git+{{ neutron_vpnaas_git_repo }}@{{ neutron_vpnaas_git_install_branch }}#egg=neutron-vpnaas"
|
||||
|
||||
neutron_optional_opendaylight_pip_packages:
|
||||
- "git+{{ networking_odl_git_repo }}@{{ networking_odl_git_install_branch }}#egg=networking-odl"
|
||||
- "git+{{ ceilometer_git_repo }}@{{ ceilometer_git_install_branch }}#egg=ceilometer"
|
||||
- "git+{{ networking_bgpvpn_git_repo }}@{{ networking_bgpvpn_git_install_branch }}#egg=networking-bgpvpn"
|
||||
|
||||
neutron_optional_sfc_pip_packages:
|
||||
- "git+{{ networking_sfc_git_repo }}@{{ networking_sfc_git_install_branch }}#egg=networking-sfc"
|
||||
|
||||
@ -109,12 +103,6 @@ neutron_venv_packages: >-
|
||||
(neutron_services['neutron-server']['group'] in group_names) %}
|
||||
{%- set _ = pkg_list.extend(neutron_optional_nuage_pip_packages) %}
|
||||
{%- endif %}
|
||||
{%- if neutron_plugin_type.split('.')[-1] == 'opendaylight' %}
|
||||
{%- set _ = pkg_list.extend(neutron_optional_opendaylight_pip_packages) %}
|
||||
{%- if 'sfc' in neutron_plugin_base %}
|
||||
{%- set _ = pkg_list.extend(neutron_optional_sfc_pip_packages) %}
|
||||
{%- endif %}
|
||||
{%- endif %}
|
||||
{%- if ('ml2.genericswitch' in neutron_plugin_types) and
|
||||
(neutron_services['neutron-server']['group'] in group_names) %}
|
||||
{%- set _ = pkg_list.extend(neutron_optional_ngs_pip_packages) %}
|
||||
@ -206,14 +194,6 @@ neutron_plugins:
|
||||
mechanisms: "sriovnicswitch"
|
||||
plugin_ini: plugins/ml2/sriov_nic_agent.ini
|
||||
plugin_conf_ini_overrides: "{{ neutron_sriov_nic_agent_ini_overrides }}"
|
||||
ml2.opendaylight:
|
||||
drivers_type: "local,flat,vlan,gre,vxlan"
|
||||
mechanisms: "opendaylight_v2"
|
||||
plugin_conf_ini_overrides: "{{ neutron_opendaylight_conf_ini_overrides }}"
|
||||
plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin
|
||||
plugin_ini: plugins/ml2/ml2_conf.ini
|
||||
driver_interface: "openvswitch"
|
||||
l3_agent_mode: "legacy"
|
||||
ml2.ovn:
|
||||
drivers_type: "{{ neutron_ml2_drivers_type }}"
|
||||
driver_interface: openvswitch
|
||||
@ -268,22 +248,6 @@ _neutron_ovs_disabled: >-
|
||||
# Tunnel network types used by the OVS agent
|
||||
neutron_tunnel_types: "{{ neutron_ml2_drivers_type.split(',') | difference(_neutron_non_tunnel_types) | join(',') }}"
|
||||
|
||||
# OpenDaylight
|
||||
opendaylight_extra_features: |-
|
||||
{%- set features = ['odl-netvirt-openstack'] -%}
|
||||
{%- if 'sfc' in neutron_plugin_base -%}
|
||||
{%- set features = ['odl-netvirt-sfc'] -%}
|
||||
{%- endif -%}
|
||||
{{ features }}
|
||||
|
||||
opendaylight_install_method: "{{ (ansible_facts['os_family'] == 'Debian') | ternary('deb_repo', 'rpm_repo') }}"
|
||||
|
||||
ovs_manager_list: |-
|
||||
{% set ovs_managers_odls = [] %}
|
||||
{% for odl_ip_address in groups[neutron_services['neutron-server']['group']] | map('extract', hostvars, 'ansible_host') | list -%}
|
||||
{% set _ = ovs_managers_odls.append('tcp:' ~ odl_ip_address ~ ':6640') %}
|
||||
{%- endfor %}
|
||||
{{ ovs_managers_odls | join(' ') }}
|
||||
###
|
||||
### L3 Agent Plugin Configuration
|
||||
###
|
||||
|
Loading…
x
Reference in New Issue
Block a user