Merge "Implement Neutron LBAAS using haproxy"

2015-10-23 21:02:20 +00:00 · 2015-10-23 21:02:20 +00:00 · 0d059a2e17
commit 0d059a2e17
parent 9316df3b5e fe01c3fe8c
9 changed files with 104 additions and 6 deletions
--- a/etc/openstack_deploy/env.d/neutron.yml
+++ b/etc/openstack_deploy/env.d/neutron.yml
@ -29,6 +29,9 @@ component_skel:
  neutron_l3_agent:
    belongs_to:
      - neutron_all
+  neutron_lbaas_agent:
+    belongs_to:
+      - neutron_all
  neutron_metadata_agent:
    belongs_to:
      - neutron_all
@ -48,6 +51,7 @@ container_skel:
      - neutron_linuxbridge_agent
      - neutron_l3_agent
      - neutron_dhcp_agent
+      - neutron_lbaas_agent
    properties:
      service_name: neutron
      container_release: trusty
--- a/playbooks/inventory/group_vars/hosts.yml
+++ b/playbooks/inventory/group_vars/hosts.yml
@ -183,6 +183,7 @@ keystone_memcached_servers: "{% for host in groups['keystone_all'] %}{{ hostvars
 ## Horizon
 horizon_service_region: "{{ service_region }}"
 horizon_enable_cinder_backup: "{% if cinder_service_backup_program_enabled is defined and cinder_service_backup_program_enabled | bool %}True{% else %}False{% endif %}"
+horizon_enable_neutron_lbaas: "{% if neutron_plugin_base is defined and 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPlugin' in neutron_plugin_base %}True{% else %}False{% endif %}"


 ## Heat
--- a/playbooks/roles/os_horizon/defaults/main.yml
+++ b/playbooks/roles/os_horizon/defaults/main.yml
@ -119,6 +119,9 @@ horizon_default_role_name: _member_
 horizon_launch_instance_legacy: True
 horizon_launch_instance_ng: False

+## Neutron features to enable
+horizon_enable_neutron_lbaas: False
+
 ## Swift
 horizon_swift_file_transfer_chunk_size: 524288

--- a/playbooks/roles/os_horizon/templates/horizon_local_settings.py.j2
+++ b/playbooks/roles/os_horizon/templates/horizon_local_settings.py.j2
@ -268,7 +268,7 @@ OPENSTACK_NEUTRON_NETWORK = {
    'enable_ipv6': False,
    'enable_distributed_router': False,
    'enable_ha_router': False,
-    'enable_lb': False,
+    'enable_lb': {{ horizon_enable_neutron_lbaas | bool }},
    'enable_firewall': False,
    'enable_vpn': False,
    'enable_fip_topology_check': True,
--- a/playbooks/roles/os_neutron/defaults/main.yml
+++ b/playbooks/roles/os_neutron/defaults/main.yml
@ -71,7 +71,7 @@ neutron_plugin_core: "{{ neutron_plugins[neutron_plugin_type].plugin_core }}"
 # neutron_plugin_base:
 #   - neutron.services.l3_router.l3_router_plugin.L3RouterPlugin
 #   - neutron.services.metering.metering_plugin.MeteringPlugin
-#   - neutron.services.loadbalancer.plugin.LoadBalancerPlugin
+#   - neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPlugin
 #   - neutron.services.vpn.plugin.VPNDriverPlugin
 neutron_plugin_base:
  - neutron.services.l3_router.l3_router_plugin.L3RouterPlugin
@ -135,16 +135,29 @@ neutron_services:
   config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
   config_overrides: "{{ neutron_l3_agent_ini_overrides }}"
   config_type: "ini"
+ neutron-lbaas-agent:
+   service_name: neutron-lbaas-agent
+   service_en: "{{ neutron_lbaas }}"
+   service_conf: lbaas_agent.ini
+   service_group: neutron_agent
+   service_rootwrap: rootwrap.d/lbaas-haproxy.filters
+   config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/lbaas_agent.ini
+   config_overrides: "{{ neutron_lbaas_agent_ini_overrides }}"
+   config_type: "ini"
 neutron-server:
   service_name: neutron-server
   service_en: True
   service_group: neutron_server
   config_options: "--config-file /etc/neutron/neutron.conf --config-file /etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}"

+## Neutron LBaaS
+# Please add the LoadBalancerPlugin to the neutron_plugin_base list
+neutron_lbaas: "{% if 'neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPlugin' in neutron_plugin_base %}True{% else %}False{% endif %}"
+
 ## Drivers
 neutron_driver_network_scheduler: neutron.scheduler.dhcp_agent_scheduler.WeightScheduler
 neutron_driver_router_scheduler: neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler
-neutron_driver_loadbalancer_pool_scheduler: neutron.services.loadbalancer.agent_scheduler.ChanceScheduler
+neutron_driver_loadbalancer_pool_scheduler: neutron_lbaas.services.loadbalancer.agent_scheduler.ChanceScheduler
 neutron_driver_interface: neutron.agent.linux.interface.BridgeInterfaceDriver
 neutron_driver_metering: neutron.services.metering.drivers.iptables.iptables_driver.IptablesMeteringDriver
 neutron_driver_dhcp: neutron.agent.linux.dhcp.Dnsmasq
@ -292,6 +305,9 @@ neutron_apt_packages:
  - libpq-dev
  - ebtables

+neutron_lbaas_apt_packages:
+  - haproxy
+
 neutron_apt_remove_packages:
  - conntrackd

@ -307,6 +323,7 @@ neutron_pip_packages:
  - keystonemiddleware
  - PyMySQL
  - neutron
+  - neutron_lbaas
  - pycrypto
  - python-glanceclient
  - python-keystoneclient
@ -335,3 +352,4 @@ neutron_l3_agent_ini_overrides: {}
 neutron_metadata_agent_ini_overrides: {}
 neutron_metering_agent_ini_overrides: {}
 neutron_linuxbridge_agent_ini_overrides: {}
+neutron_lbaas_agent_ini_overrides: {}
--- a/playbooks/roles/os_neutron/tasks/neutron_install.yml
+++ b/playbooks/roles/os_neutron/tasks/neutron_install.yml
@ -37,6 +37,22 @@
    - neutron-install
    - neutron-apt-packages

+- name: Install apt packages for LBaaS
+  apt:
+    pkg: "{{ item }}"
+    state: latest
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items: neutron_lbaas_apt_packages
+  when:
+    - inventory_hostname in groups['neutron_agents_container']
+    - neutron_lbaas | bool
+  tags:
+    - neutron-install
+    - neutron-apt-packages
+
 - name: remove specific apt packages
  apt:
    pkg: "{{ item }}"
@ -151,4 +167,5 @@
  when: not neutron_venv_enabled | bool
  tags:
    - neutron-install
-    - neutron-pip-packages
+    - neutron-pip-packages
+
--- a/playbooks/roles/os_neutron/tasks/neutron_upstart_init.yml
+++ b/playbooks/roles/os_neutron/tasks/neutron_upstart_init.yml
@ -96,3 +96,17 @@
    - neutron_services['neutron-metering-agent'].service_en | bool
  tags:
    - upstart-init
+
+- include: neutron_upstart_common_init.yml
+  vars:
+    program_name: "{{ neutron_services['neutron-lbaas-agent'].service_name }}"
+    program_config_options: "{{ neutron_services['neutron-lbaas-agent'].config_options }}"
+    service_name: "{{ neutron_service_name }}"
+    system_user: "{{ neutron_system_user_name }}"
+    system_group: "{{ neutron_system_group_name }}"
+    service_home: "{{ neutron_system_home_folder }}"
+  when:
+    - inventory_hostname in groups['neutron_agent']
+    - neutron_services['neutron-lbaas-agent'].service_en | bool
+  tags:
+    - upstart-init
--- a/playbooks/roles/os_neutron/templates/lbaas_agent.ini.j2
+++ b/playbooks/roles/os_neutron/templates/lbaas_agent.ini.j2
@ -0,0 +1,41 @@
+# {{ ansible_managed }}
+
+[DEFAULT]
+# Show debugging output in log (sets DEBUG log level output).
+verbose = {{ verbose | bool }}
+debug = {{ debug | bool }}
+
+# The LBaaS agent will resync its state with Neutron to recover from any
+# transient notification or rpc errors. The interval is number of
+# seconds between attempts.
+periodic_interval = 10
+
+# LBaas requires an interface driver be set. Choose the one that best
+# matches your plugin.
+# Examples:
+# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+# interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
+interface_driver = {{ neutron_driver_interface }}
+
+# Use veth for an OVS interface or not.
+# Support kernels with limited namespace support
+# (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.
+# ovs_use_veth = False
+
+# The agent requires drivers to manage the loadbalancer.  HAProxy is the opensource version.
+# Multiple device drivers reflecting different service providers could be specified:
+# device_driver = path.to.provider1.driver.Driver
+# device_driver = path.to.provider2.driver.Driver
+# Default is:
+device_driver = neutron_lbaas.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver
+
+[haproxy]
+# Location to store config and state files
+# loadbalancer_state_path = $state_path/lbaas
+
+# The user group
+user_group = nogroup
+
+# When delete and re-add the same vip, send this many gratuitous ARPs to flush
+# the ARP cache in the Router. Set it below or equal to 0 to disable this feature.
+send_gratuitous_arp = 3
--- a/playbooks/roles/os_neutron/templates/neutron.conf.j2
+++ b/playbooks/roles/os_neutron/templates/neutron.conf.j2
@ -155,8 +155,8 @@ pool_timeout = {{ neutron_db_pool_timeout }}

 # Service providers
 [service_providers]
-service_provider = LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
-service_provider = VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
+service_provider = LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
+#service_provider = VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default

 {% endif %}