--- # Copyright 2017, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ### ### Packages ### neutron_packages_list: > {% set packages = neutron_distro_packages -%} {% if (neutron_services['neutron-openvswitch-agent']['group'] in group_names and neutron_services['neutron-openvswitch-agent'].service_en | bool) or (neutron_services['dragonflow-controller-agent']['group'] in group_names and neutron_services['dragonflow-controller-agent'].service_en | bool) or (neutron_services['dragonflow-l3-agent']['group'] in group_names and neutron_services['dragonflow-l3-agent'].service_en | bool) -%} {% set _ = packages.extend(neutron_ovs_distro_packages) -%} {% endif -%} {% if neutron_services['neutron-linuxbridge-agent']['group'] in group_names and neutron_services['neutron-linuxbridge-agent'].service_en | bool -%} {% set _ = packages.extend(neutron_lxb_distro_packages) -%} {% endif -%} {% if neutron_services['neutron-lbaasv2-agent']['group'] in group_names and neutron_lbaasv2 | bool -%} {% set _ = packages.extend(neutron_lbaas_distro_packages) -%} {% endif -%} {% if neutron_services['neutron-vpnaas-agent']['group'] in group_names and neutron_vpnaas | bool -%} {% set _ = packages.extend(neutron_vpnaas_distro_packages) -%} {% endif -%} {{ packages -}} ### ### Python code details ### neutron_requires_pip_packages: - virtualenv - virtualenv-tools - python-keystoneclient # Keystoneclient needed to OSA keystone lib - httplib2 neutron_pip_packages: - configobj - cliff - keystonemiddleware - PyMySQL - neutron - pycrypto - python-glanceclient - python-keystoneclient - python-memcached - python-neutronclient - python-novaclient - repoze.lru neutron_optional_bgp_pip_packages: - neutron_dynamic_routing neutron_optional_calico_pip_packages: - felix - networking-calico - python-etcd neutron_optional_fwaas_pip_packages: - neutron_fwaas neutron_optional_lbaas_pip_packages: - neutron_lbaas neutron_optional_vpnaas_pip_packages: - neutron_vpnaas neutron_optional_dragonflow_pip_packages: - dragonflow - python-etcd neutron_proprietary_nuage_pip_packages: - nuage-openstack-neutron - nuage-openstack-neutronclient - nuagenetlib neutron_developer_constraints: - "git+{{ neutron_git_repo }}@{{ neutron_git_install_branch }}#egg=neutron" - "git+{{ neutron_fwaas_git_repo }}@{{ neutron_fwaas_git_install_branch }}#egg=neutron-fwaas" - "git+{{ neutron_lbaas_git_repo }}@{{ neutron_lbaas_git_install_branch }}#egg=neutron-lbaas" - "git+{{ neutron_vpnaas_git_repo }}@{{ neutron_vpnaas_git_install_branch }}#egg=neutron-vpnaas" - "git+{{ neutron_dynamic_routing_git_repo }}@{{ neutron_dynamic_routing_git_install_branch }}#egg=neutron-dynamic-routing" - "git+{{ calico_git_repo }}@{{ calico_git_install_branch }}#egg=felix" - "git+{{ networking_calico_git_repo }}@{{ networking_calico_git_install_branch }}#egg=networking-calico" - "git+{{ dragonflow_git_repo }}@{{ dragonflow_git_install_branch }}#egg=dragonflow" neutron_bin: "/openstack/venvs/neutron-{{ neutron_venv_tag }}/bin" neutron_venv_download: "{{ not neutron_developer_mode | bool }}" neutron_lib_dir: "{{ neutron_bin | dirname }}/lib/python2.7/site-packages/" ### ### Generic Neutron Config ### neutron_conf_dir: /etc/neutron neutron_lock_path: "/var/lock/neutron" neutron_system_user_name: neutron neutron_system_group_name: neutron neutron_system_comment: neutron system user neutron_system_shell: /bin/false neutron_system_home_folder: "/var/lib/{{ neutron_system_user_name }}" ### ### DB (Galera) integration ### neutron_db_config: "{{ neutron_conf_dir }}/neutron.conf" neutron_db_plugin: "{{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}" ### ### Telemetry integration ### # Please add 'metering' to the neutron_plugin_base list #TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle neutron_metering: "{% if 'metering' in neutron_plugin_base or 'neutron.services.metering.metering_plugin.MeteringPlugin' in neutron_plugin_base %}True{% else %}False{% endif %}" ### ### Neutron Plugins ### neutron_plugin_core: "{{ neutron_plugins[neutron_plugin_type].plugin_core }}" neutron_plugins: ml2.lxb: driver_firewall: iptables driver_interface: linuxbridge drivers_type: "{{ neutron_ml2_drivers_type }}" l2_population: "{{ neutron_l2_population }}" mechanisms: "linuxbridge" l3_agent_mode: "legacy" plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}" plugin_core: ml2 plugin_ini: plugins/ml2/ml2_conf.ini ml2.ovs: driver_firewall: iptables_hybrid driver_interface: openvswitch drivers_type: "{{ neutron_ml2_drivers_type }}" l2_population: "{{ neutron_l2_population }}" mechanisms: "openvswitch" l3_agent_mode: "legacy" plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}" plugin_core: ml2 plugin_ini: plugins/ml2/ml2_conf.ini ml2.ovs.dvr: driver_firewall: iptables_hybrid driver_interface: openvswitch drivers_type: "{{ neutron_ml2_drivers_type }}" l2_population: "{{ neutron_l2_population }}" mechanisms: "openvswitch" l3_agent_mode: "{% if 'nova_compute' in group_names %}dvr{% else %}dvr_snat{% endif %}" router_distributed: True plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}" plugin_core: ml2 plugin_ini: plugins/ml2/ml2_conf.ini ml2.calico: drivers_type: "flat, local" mechanisms: "calico" plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}" plugin_core: ml2 plugin_ini: plugins/ml2/ml2_conf.ini ml2.dragonflow: plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin plugin_ini: plugins/ml2/ml2_conf.ini drivers_type: "{{ neutron_ml2_drivers_type }}" mechanisms: "df" plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}" l3_agent_mode: "legacy" driver_interface: "openvswitch" nuage: plugin_core: neutron.plugins.nuage.plugin.NuagePlugin plugin_ini: plugins/nuage/nuage.ini plugin_conf_ini_overrides: "{{ neutron_nuage_conf_ini_overrides }}" ml2.sriov: driver_types: "{{ neutron_ml2_drivers_type }}" mechanisms: "sriovnicswitch" plugin_ini: plugins/ml2/sriov_nic_agent.ini plugin_conf_ini_overrides: "{{ neutron_sriov_nic_agent_ini_overrides }}" ### ### ML2 Plugin Configuration ### neutron_ml2_mechanism_drivers: >- {%- set _var = [] -%} {%- for plugin in [neutron_plugin_type]|union(neutron_plugin_types) -%} {%- if _var.append(neutron_plugins[plugin].mechanisms) -%}{%- endif -%} {%- endfor -%} {%- if neutron_l2_population | bool -%} {%- if _var.append('l2population') -%}{%- endif -%} {%- endif -%} {{ _var | join(',') }} # OVS _neutron_non_tunnel_types: - flat - vlan - local # Tunnel network types used by the OVS agent neutron_tunnel_types: "{{ neutron_ml2_drivers_type.split(',') | difference(_neutron_non_tunnel_types) | join(',') }}" ### ### L3 Agent Plugin Configuration ### ## Please add 'router' to the neutron_plugin_base list #TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle # Should the neutron-l3-agent service should be enabled on the host neutron_l3: "{% if 'router' in neutron_plugin_base or 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base or 'df-l3' in neutron_plugin_base %}True{% else %}False{% endif %}" ### ### DHCP Agent Plugin Configuration ### neutron_dhcp: "{% if neutron_plugin_type.split('.')[0] == 'ml2' %}True{% else %}False{% endif %}" neutron_dhcp_config: log-facility: "/var/log/neutron/neutron-dnsmasq.log" ### ### Metadata Agent Plugin Configuration ### neutron_metadata: "{% if neutron_plugin_type.split('.')[0] == 'ml2' %}True{% else %}False{% endif %}" ### ### FWaaS Plugin Configuration ### # Please add the 'firewall' to the neutron_plugin_base list neutron_fwaas: "{% if 'firewall' in neutron_plugin_base %}True{% else %}False{% endif %}" ### ### LBaaS Plugin Configuration ### # Deprecated: instead of triggering lbaas through neutron_plugin_core it will be triggered when Octavia is installed, neutron_lbaas_namespace var is set to True, or both: # - neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2 or lbaasv2 neutron_lbaas_namespace: "{% if 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2' in neutron_plugin_base %}True{% else %}False{% endif %}" neutron_lbaas_octavia: False neutron_lbaasv2: "{% if (neutron_lbaas_namespace|bool) or (neutron_lbaas_octavia | bool) %}True{% else %}False{% endif %}" # This complex logic activates either Namespace or Octavia or both or none; if # Octavia is included it will be the default neutron_lbaasv2_plugin_drivers: - "{% if neutron_lbaas_namespace | bool %}LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver{% else %}none{% endif %}" - "{% if neutron_lbaas_octavia | bool %}LOADBALANCERV2:Octavia:neutron_lbaas.drivers.octavia.driver.OctaviaDriver{% else %}none{% endif %}" neutron_lbaasv2_service_provider: "{{ neutron_lbaasv2_plugin_drivers | reject('equalto','none') | join(',') }}{% if neutron_lbaasv2 %}:default{% endif %}" neutron_lbaasv2_device_driver: neutron_lbaas.drivers.haproxy.namespace_driver.HaproxyNSDriver ### ### VPNaaS Plugin Configuration ### # Please add the 'vpnaas' to the neutron_plugin_base list neutron_vpnaas: "{% if 'vpnaas' in neutron_plugin_base %}True{% else %}False{% endif %}" ## Neutron Dynamic Routing Agent's BGP Plugin Configuration # To enable the BGP plugin, add the following item to the neutron_plugin_base list: # neutron_dynamic_routing.services.bgp.bgp_plugin.BgpPlugin # # NOTE(matias): BgpPlugin doesn't have entry points and the full classpath # is required. neutron_bgp: "{% if 'neutron_dynamic_routing.services.bgp.bgp_plugin.BgpPlugin' in neutron_plugin_base %}True{% else %}False{% endif %}" neutron_bgp_speaker_driver: neutron_dynamic_routing.services.bgp.agent.driver.ryu.driver.RyuBgpDriver neutron_bgp_router_id: "{{ neutron_local_ip }}" ### ### Dragonflow Plugin Configuration ### dragonflow_nb_db_class: etcd_nb_db_driver dragonflow_pub_sub_driver: zmq_pubsub_driver dragonflow_pub_sub_multiproc_driver: zmq_pubsub_multiproc_driver dragonflow_pub_sub_multiproc_enabled: "{{ (dragonflow_pub_sub_multiproc_driver | default('', True)) | length > 0 }}" ### ### Services info ### filtered_neutron_services: > {%- set services = neutron_services.copy() %} {%- for key,value in neutron_services.items() %} {%- if value.group not in group_names or not value.service_en %} {%- set _ = services.pop(key) %} {%- endif %} {%- endfor %} {{- services -}} ### ### Internals: neutron_services mappings ### neutron_services: neutron-dhcp-agent: group: neutron_dhcp_agent service_name: neutron-dhcp-agent service_en: "{{ neutron_dhcp | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: dhcp_agent.ini service_rootwrap: rootwrap.d/dhcp.filters config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini --log-file=/var/log/neutron/neutron-dhcp-agent.log" config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_dhcp_agent_init_overrides }}" neutron-openvswitch-agent: group: neutron_openvswitch_agent service_name: neutron-openvswitch-agent service_en: "{{ 'ml2.ovs' in neutron_plugin_type }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: plugins/ml2/openvswitch_agent.ini service_rootwrap: rootwrap.d/openvswitch-plugin.filters config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini --log-file=/var/log/neutron/neutron-openvswitch-agent.log" config_overrides: "{{ neutron_openvswitch_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_openvswitch_agent_init_overrides }}" neutron-linuxbridge-agent: group: neutron_linuxbridge_agent service_name: neutron-linuxbridge-agent service_en: "{{ neutron_plugin_type == 'ml2.lxb' }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: plugins/ml2/linuxbridge_agent.ini service_rootwrap: rootwrap.d/linuxbridge-plugin.filters config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini --log-file=/var/log/neutron/neutron-linuxbridge-agent.log" config_overrides: "{{ neutron_linuxbridge_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_linuxbridge_agent_init_overrides }}" neutron-metadata-agent: group: neutron_metadata_agent service_name: neutron-metadata-agent service_en: "{{ neutron_metadata | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: metadata_agent.ini config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini --log-file=/var/log/neutron/neutron-metadata-agent.log" config_overrides: "{{ neutron_metadata_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_metadata_agent_init_overrides }}" neutron-metering-agent: group: neutron_metering_agent service_name: neutron-metering-agent service_en: "{{ neutron_metering | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: metering_agent.ini config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini --log-file=/var/log/neutron/neutron-metering-agent.log" config_overrides: "{{ neutron_metering_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_metering_agent_init_overrides }}" # Other agents will use neutron_plugins[neutron_plugin_type].driver_interface # for the interface_driver, but that uses a stevedore alias. Metering agent # hasn't been updated to use stevedore alises so that fails. To work around # the problem until metering agent is updated, we should use the full # module.class path to the interface driver. # TODO(hughsaunders): switch back to stevedore when # https://review.openstack.org/#/c/419881/ merges and is backported. interface_driver: neutron.agent.linux.interface.BridgeInterfaceDriver neutron-l3-agent: group: neutron_l3_agent service_name: neutron-l3-agent service_en: "{{ neutron_l3 | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: l3_agent.ini service_rootwrap: rootwrap.d/l3.filters config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/l3_agent.ini --log-file=/var/log/neutron/neutron-l3-agent.log" config_overrides: "{{ neutron_l3_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_l3_agent_init_overrides }}" neutron-lbaasv2-agent: group: neutron_lbaas_agent service_name: neutron-lbaasv2-agent service_en: "{{ neutron_lbaas_namespace | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: lbaas_agent.ini service_rootwrap: rootwrap.d/lbaas-haproxy.filters config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/lbaas_agent.ini --log-file=/var/log/neutron/neutron-lbaasv2-agent.log" config_overrides: "{{ neutron_lbaas_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_lbaas_agent_init_overrides }}" neutron-bgp-dragent: group: neutron_bgp_dragent service_name: neutron-bgp-dragent service_en: "{{ neutron_bgp | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: bgp_dragent.ini config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/bgp_dragent.ini --log-file=/var/log/neutron/neutron-bgp-dragent.log" config_overrides: "{{ neutron_bgp_dragent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_bgp_dragent_init_overrides }}" neutron-vpnaas-agent: group: neutron_l3_agent service_name: neutron-vpn-agent service_en: "{{ neutron_vpnaas | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: vpnaas_agent.ini service_rootwrap: rootwrap.d/vpnaas.filters config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/vpnaas_agent.ini --log-file=/var/log/neutron/neutron-vpn-agent.log" config_overrides: "{{ neutron_vpnaas_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_vpn_agent_init_overrides }}" neutron-server: group: neutron_server service_name: neutron-server service_en: True config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }} --log-file=/var/log/neutron/neutron-server.log {% if neutron_plugin_type == 'ml2.dragonflow' %}--config-file {{ neutron_conf_dir }}/dragonflow.ini{% endif %}" init_config_overrides: "{{ neutron_server_init_overrides }}" calico-felix: group: neutron_calico_dhcp_agent system_user: root system_group: root service_name: calico-felix service_en: "{{ neutron_plugin_type == 'ml2.calico' }}" service_conf_path: /etc/calico service_conf: felix.cfg config_options: --config-file /etc/calico/felix.cfg config_overrides: "{{ neutron_calico_felix_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_calico_felix_init_overrides }}" calico-dhcp-agent: group: neutron_calico_dhcp_agent system_user: root system_group: root service_name: calico-dhcp-agent service_en: "{{ neutron_plugin_type == 'ml2.calico' }}" service_rootwrap: rootwrap.d/dhcp.filters config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf" config_overrides: "{{ neutron_calico_dhcp_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_calico_dhcp_agent_init_overrides }}" neutron-sriov-nic-agent: group: neutron_sriov_nic_agent service_name: neutron-sriov-nic-agent service_en: "{{ 'ml2.sriov' in neutron_plugin_types }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: plugins/ml2/sriov_nic_agent.ini config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/sriov_nic_agent.ini --log-file=/var/log/neutron/neutron-sriov-nic-agent.log" config_overrides: "{{ neutron_sriov_nic_agent_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_sriov_nic_agent_init_overrides }}" dragonflow-controller-agent: group: dragonflow_controller_agent system_user: root system_group: root service_name: df-local-controller service_en: "{{ neutron_plugin_type == 'ml2.dragonflow' }}" config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dragonflow.ini --log-file=/var/log/dragonflow/df-local-controller.log" config_overrides: "{{ neutron_dragonflow_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_dragonflow_controller_agent_init_overrides }}" dragonflow-l3-agent: group: dragonflow_l3_agent system_user: root system_group: root service_name: df-l3-agent service_en: "{{ neutron_plugin_type == 'ml2.dragonflow' and neutron_l3 | bool }}" service_conf_path: "{{ neutron_conf_dir }}" service_conf: l3_agent.ini service_rootwrap: rootwrap.d/l3.filters config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/l3_agent.ini --log-file=/var/log/dragonflow/df-l3-agent.log" config_overrides: "{{ neutron_dragonflow_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_dragonflow_l3_agent_init_overrides }}" dragonflow-pubsub-agent: group: dragonflow_pubsub_agent service_name: df-publisher-service service_en: "{{ neutron_plugin_type == 'ml2.dragonflow' }}" config_options: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dragonflow.ini --log-file=/var/log/dragonflow/df-publisher-service.log" config_overrides: "{{ neutron_dragonflow_ini_overrides }}" config_type: "ini" init_config_overrides: "{{ neutron_dragonflow_pubsub_agent_init_overrides }}" ### ### Internals: Drivers mappings ### neutron_driver_network_scheduler: neutron.scheduler.dhcp_agent_scheduler.WeightScheduler neutron_driver_router_scheduler: neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler neutron_driver_loadbalancer_pool_scheduler: neutron_lbaas.services.loadbalancer.agent_scheduler.ChanceScheduler neutron_driver_metering: neutron.services.metering.drivers.iptables.iptables_driver.IptablesMeteringDriver neutron_driver_dhcp: neutron.agent.linux.dhcp.Dnsmasq neutron_driver_quota: neutron.db.quota.driver.DbQuotaDriver ### ### Internals: py_pkgs ### # This variable is used by the repo_build process to determine # which host group to check for members of before building the # pip packages required by this role. The value is picked up # by the py_pkgs lookup. neutron_role_project_group: neutron_all