diff --git a/playbooks/inventory/group_vars/hosts.yml b/playbooks/inventory/group_vars/hosts.yml index aa87d88062..b0e8b30a0f 100644 --- a/playbooks/inventory/group_vars/hosts.yml +++ b/playbooks/inventory/group_vars/hosts.yml @@ -125,12 +125,6 @@ neutron_service_user_domain_id: default neutron_service_adminuri: "{{ neutron_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ neutron_service_port }}" neutron_service_adminurl: "{{ neutron_service_adminuri }}" neutron_service_region: "{{ service_region }}" -neutron_service_program_enabled: true -neutron_service_dhcp_program_enabled: true -neutron_service_l3_program_enabled: true -neutron_service_linuxbridge_program_enabled: true -neutron_service_metadata_program_enabled: true -neutron_service_metering_program_enabled: true neutron_dhcp_domain: "{{ dhcp_domain }}" diff --git a/playbooks/roles/os_neutron/defaults/main.yml b/playbooks/roles/os_neutron/defaults/main.yml index 551e216626..1c88baca89 100644 --- a/playbooks/roles/os_neutron/defaults/main.yml +++ b/playbooks/roles/os_neutron/defaults/main.yml @@ -33,7 +33,7 @@ neutron_galera_user: neutron neutron_galera_password: "{{ neutron_container_mysql_password }}" neutron_galera_database: neutron neutron_db_config: /etc/neutron/neutron.conf -neutron_db_plugin: /etc/neutron/plugins/ml2/ml2_conf.ini +neutron_db_plugin: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}" neutron_db_max_overflow: 20 neutron_db_pool_size: 120 neutron_db_pool_timeout: 30 @@ -43,7 +43,7 @@ neutron_rabbitmq_userid: neutron neutron_rabbitmq_vhost: /neutron ## Plugins -neutron_plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin +neutron_plugin_core: "{{ neutron_plugins[neutron_plugin_type].plugin_core }}" # Other plugins can be added to the system by simply extending the list `neutron_plugin_base`. # neutron_plugin_base: # - neutron.services.l3_router.l3_router_plugin.L3RouterPlugin @@ -55,6 +55,65 @@ neutron_plugin_base: - neutron.services.metering.metering_plugin.MeteringPlugin neutron_plugin_loaded_base: "{% for plugin in neutron_plugin_base %}{{ plugin }}{% if not loop.last %},{% endif %}{% endfor %}" +# Neutron Plugins +neutron_plugin_type: ml2 + +neutron_plugins: + ml2: + plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin + plugin_ini: plugins/ml2/ml2_conf.ini + plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}" + +neutron_services: + neutron-dhcp-agent: + service_name: neutron-dhcp-agent + service_en: True + service_conf: dhcp_agent.ini + service_group: neutron_agent + service_rootwrap: rootwrap.d/dhcp.filters + config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini + config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}" + config_type: "ini" + neutron-linuxbridge-agent: + service_name: neutron-linuxbridge-agent + service_en: True + service_conf: plugins/ml2/ml2_conf.ini + service_group: neutron_linuxbridge_agent + service_rootwrap: rootwrap.d/linuxbridge-plugin.filters + config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini + config_overrides: "{{ neutron_ml2_conf_ini_overrides }}" + config_type: "ini" + neutron-metadata-agent: + service_name: neutron-metadata-agent + service_en: True + service_conf: metadata_agent.ini + service_group: neutron_agent + config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini + config_overrides: "{{ neutron_metadata_agent_ini_overrides }}" + config_type: "ini" + neutron-metering-agent: + service_name: neutron-metering-agent + service_en: True + service_conf: metering_agent.ini + service_group: neutron_agent + config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metering_agent.ini + config_overrides: "{{ neutron_metering_agent_ini_overrides }}" + config_type: "ini" + neutron-l3-agent: + service_name: neutron-l3-agent + service_en: True + service_conf: l3_agent.ini + service_group: neutron_agent + service_rootwrap: rootwrap.d/l3.filters + config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini + config_overrides: "{{ neutron_l3_agent_ini_overrides }}" + config_type: "ini" + neutron-server: + service_name: neutron-server + service_en: True + service_group: neutron_server + config_options: --config-file /etc/neutron/neutron.conf --config-file "/etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}" + ## Drivers neutron_driver_network_scheduler: neutron.scheduler.dhcp_agent_scheduler.ChanceScheduler neutron_driver_router_scheduler: neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler @@ -121,30 +180,6 @@ neutron_service_region: RegionOne ## Keystone authentication middleware neutron_keystone_auth_plugin: password -neutron_service_program_name: neutron-server -neutron_service_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini -neutron_service_program_enabled: false - -neutron_service_dhcp_program_name: neutron-dhcp-agent -neutron_service_dhcp_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini -neutron_service_dhcp_program_enabled: false - -neutron_service_l3_program_name: neutron-l3-agent -neutron_service_l3_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini -neutron_service_l3_program_enabled: false - -neutron_service_linuxbridge_program_name: neutron-linuxbridge-agent -neutron_service_linuxbridge_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini -neutron_service_linuxbridge_program_enabled: false - -neutron_service_metadata_program_name: neutron-metadata-agent -neutron_service_metadata_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini -neutron_service_metadata_program_enabled: false - -neutron_service_metering_program_name: neutron-metering-agent -neutron_service_metering_program_config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metering_agent.ini -neutron_service_metering_program_enabled: false - ## Agent neutron_external_network_bridge: "" neutron_gateway_external_network_id: "" @@ -262,14 +297,7 @@ neutron_pip_packages: - repoze.lru ## Service Names -neutron_service_names: - - neutron-agent - - neutron-dhcp-agent - - neutron-linuxbridge-agent - - neutron-l3-agent - - neutron-metadata-agent - - neutron-metering-agent - - neutron-server +neutron_service_names: "{{ neutron_services.items()|selectattr('1.service_en')|map(attribute='0')|list }}" ## Tunable overrides neutron_neutron_conf_overrides: {} diff --git a/playbooks/roles/os_neutron/tasks/neutron_post_install.yml b/playbooks/roles/os_neutron/tasks/neutron_post_install.yml index e57317b17b..1b21b64757 100644 --- a/playbooks/roles/os_neutron/tasks/neutron_post_install.yml +++ b/playbooks/roles/os_neutron/tasks/neutron_post_install.yml @@ -40,9 +40,9 @@ dest: "/etc/neutron/neutron.conf" config_overrides: "{{ neutron_neutron_conf_overrides }}" config_type: "ini" - - src: "plugins/ml2/ml2_conf.ini.j2" - dest: "/etc/neutron/plugins/ml2/ml2_conf.ini" - config_overrides: "{{ neutron_ml2_conf_ini_overrides }}" + - src: "{{ neutron_plugins[neutron_plugin_type].plugin_ini }}.j2" + dest: "/etc/neutron/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}" + config_overrides: "{{ neutron_plugins[neutron_plugin_type].plugin_conf_ini_overrides }}" config_type: "ini" - src: "api-paste.ini.j2" dest: "/etc/neutron/api-paste.ini" @@ -61,36 +61,15 @@ tags: - neutron-config -- name: Generate neutron agent only Config +- name: Generate neutron dnsmasq Config config_template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" + src: "dnsmasq-neutron.conf.j2" + dest: "/etc/neutron/dnsmasq-neutron.conf" owner: "{{ neutron_system_user_name }}" group: "{{ neutron_system_group_name }}" mode: "0644" - config_overrides: "{{ item.config_overrides }}" - config_type: "{{ item.config_type }}" - with_items: - - src: "dhcp_agent.ini.j2" - dest: "/etc/neutron/dhcp_agent.ini" - config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}" - config_type: "ini" - - src: "dnsmasq-neutron.conf.j2" - dest: "/etc/neutron/dnsmasq-neutron.conf" - config_overrides: "{{ neutron_dnsmasq_neutron_conf_overrides }}" - config_type: "ini" - - src: "l3_agent.ini.j2" - dest: "/etc/neutron/l3_agent.ini" - config_overrides: "{{ neutron_l3_agent_ini_overrides }}" - config_type: "ini" - - src: "metadata_agent.ini.j2" - dest: "/etc/neutron/metadata_agent.ini" - config_overrides: "{{ neutron_metadata_agent_ini_overrides }}" - config_type: "ini" - - src: "metering_agent.ini.j2" - dest: "/etc/neutron/metering_agent.ini" - config_overrides: "{{ neutron_metering_agent_ini_overrides }}" - config_type: "ini" + config_overrides: "{{ neutron_dnsmasq_neutron_conf_overrides }}" + config_type: "ini" notify: - Restart neutron services when: > @@ -98,6 +77,25 @@ tags: - neutron-config +- name: Generate neutron agent only Config + config_template: + src: "{{ item.value.service_conf }}.j2" + dest: "/etc/neutron/{{ item.value.service_conf }}" + owner: "{{ neutron_system_user_name }}" + group: "{{ neutron_system_group_name }}" + mode: "0644" + config_overrides: "{{ item.value.config_overrides }}" + config_type: "{{ item.value.config_type }}" + with_dict: neutron_services + notify: + - Restart neutron services + when: + - item.value.service_en | bool + - item.value.service_conf is defined + - inventory_hostname in groups['neutron_agents_container'] + tags: + - neutron-config + - name: Drop neutron Configs copy: src: "{{ item.src }}" @@ -106,15 +104,12 @@ group: "{{ neutron_system_group_name }}" with_items: - { src: "rootwrap.d/debug.filters", dest: "/etc/neutron/rootwrap.d/debug.filters" } - - { src: "rootwrap.d/dhcp.filters", dest: "/etc/neutron/rootwrap.d/dhcp.filters" } - { src: "rootwrap.d/ipset-firewall.filters", dest: "/etc/neutron/rootwrap.d/ipset-firewall.filters" } - { src: "rootwrap.d/iptables-firewall.filters", dest: "/etc/neutron/rootwrap.d/iptables-firewall.filters" } - { src: "rootwrap.d/nec-plugin.filters", dest: "/etc/neutron/rootwrap.d/nec-plugin.filters" } - { src: "rootwrap.d/openvswitch-plugin.filters", dest: "/etc/neutron/rootwrap.d/openvswitch-plugin.filters" } - { src: "rootwrap.d/ryu-plugin.filters", dest: "/etc/neutron/rootwrap.d/ryu-plugin.filters" } - { src: "rootwrap.d/lbaas-haproxy.filters", dest: "/etc/neutron/rootwrap.d/lbaas-haproxy.filters" } - - { src: "rootwrap.d/linuxbridge-plugin.filters", dest: "/etc/neutron/rootwrap.d/linuxbridge-plugin.filters" } - - { src: "rootwrap.d/l3.filters", dest: "/etc/neutron/rootwrap.d/l3.filters" } - { src: "rootwrap.d/vpnaas.filters", dest: "/etc/neutron/rootwrap.d/vpnaas.filters" } - { src: "rootwrap.d/ebtables.filters", dest: "/etc/neutron/rootwrap.d/ebtables.filters" } notify: @@ -122,6 +117,21 @@ tags: - neutron-config +- name: Drop neutron agent filters + copy: + src: "{{ item.value.service_rootwrap }}" + dest: "/etc/neutron/{{ item.value.service_rootwrap }}" + owner: "{{ neutron_system_user_name }}" + group: "{{ neutron_system_group_name }}" + with_dict: neutron_services + when: + - item.value.service_en | bool + - item.value.service_rootwrap is defined + notify: + - Restart neutron services + tags: + - neutron_config + - name: Drop iptables checksum fix copy: src: "post-up-checksum-rules" diff --git a/playbooks/roles/os_neutron/tasks/neutron_pre_install.yml b/playbooks/roles/os_neutron/tasks/neutron_pre_install.yml index 63a936464e..f19d27edb0 100644 --- a/playbooks/roles/os_neutron/tasks/neutron_pre_install.yml +++ b/playbooks/roles/os_neutron/tasks/neutron_pre_install.yml @@ -42,7 +42,7 @@ with_items: - { path: "/etc/neutron" } - { path: "/etc/neutron/plugins" } - - { path: "/etc/neutron/plugins/ml2" } + - { path: "/etc/neutron/plugins/{{ neutron_plugin_type }}" } - { path: "/etc/neutron/rootwrap.d" } - { path: "/etc/sudoers.d", mode: "0750", owner: "root", group: "root" } - { path: "/var/cache/neutron" } diff --git a/playbooks/roles/os_neutron/tasks/neutron_upstart_init.yml b/playbooks/roles/os_neutron/tasks/neutron_upstart_init.yml index 491dd9cdb4..da27ddad1a 100644 --- a/playbooks/roles/os_neutron/tasks/neutron_upstart_init.yml +++ b/playbooks/roles/os_neutron/tasks/neutron_upstart_init.yml @@ -15,84 +15,84 @@ - include: neutron_upstart_common_init.yml vars: - program_name: "{{ neutron_service_program_name }}" - program_config_options: "{{ neutron_service_program_config_options }}" + program_name: "{{ neutron_services['neutron-server'].service_name }}" + program_config_options: "{{ neutron_services['neutron-server'].config_options }}" service_name: "{{ neutron_service_name }}" system_user: "{{ neutron_system_user_name }}" system_group: "{{ neutron_system_group_name }}" service_home: "{{ neutron_system_home_folder }}" - when: > - inventory_hostname in groups['neutron_server'] and - neutron_service_program_enabled == true + when: + - inventory_hostname in groups['neutron_server'] + - neutron_services['neutron-server'].service_en | bool tags: - upstart-init - include: neutron_upstart_common_init.yml vars: - program_name: "{{ neutron_service_dhcp_program_name }}" - program_config_options: "{{ neutron_service_dhcp_program_config_options }}" + program_name: "{{ neutron_services['neutron-dhcp-agent'].service_name }}" + program_config_options: "{{ neutron_services['neutron-dhcp-agent'].config_options }}" service_name: "{{ neutron_service_name }}" system_user: "{{ neutron_system_user_name }}" system_group: "{{ neutron_system_group_name }}" service_home: "{{ neutron_system_home_folder }}" - when: > - inventory_hostname in groups['neutron_agent'] and - neutron_service_dhcp_program_enabled == true + when: + - inventory_hostname in groups['neutron_agent'] + - neutron_services['neutron-dhcp-agent'].service_en | bool tags: - upstart-init - include: neutron_upstart_common_init.yml vars: - program_name: "{{ neutron_service_l3_program_name }}" - program_config_options: "{{ neutron_service_l3_program_config_options }}" + program_name: "{{ neutron_services['neutron-l3-agent'].service_name }}" + program_config_options: "{{ neutron_services['neutron-l3-agent'].config_options }}" service_name: "{{ neutron_service_name }}" system_user: "{{ neutron_system_user_name }}" system_group: "{{ neutron_system_group_name }}" service_home: "{{ neutron_system_home_folder }}" - when: > - inventory_hostname in groups['neutron_agent'] and - neutron_service_l3_program_enabled == true + when: + - inventory_hostname in groups['neutron_agent'] + - neutron_services['neutron-l3-agent'].service_en | bool tags: - upstart-init - include: neutron_upstart_common_init.yml vars: - program_name: "{{ neutron_service_linuxbridge_program_name }}" - program_config_options: "{{ neutron_service_linuxbridge_program_config_options }}" + program_name: "{{ neutron_services['neutron-linuxbridge-agent'].service_name }}" + program_config_options: "{{ neutron_services['neutron-linuxbridge-agent'].config_options }}" service_name: "{{ neutron_service_name }}" system_user: "{{ neutron_system_user_name }}" system_group: "{{ neutron_system_group_name }}" service_home: "{{ neutron_system_home_folder }}" - when: > - inventory_hostname in groups['neutron_linuxbridge_agent'] and - neutron_service_linuxbridge_program_enabled == true + when: + - inventory_hostname in groups['neutron_linuxbridge_agent'] + - neutron_services['neutron-linuxbridge-agent'].service_en | bool tags: - upstart-init - include: neutron_upstart_common_init.yml vars: - program_name: "{{ neutron_service_metadata_program_name }}" - program_config_options: "{{ neutron_service_metadata_program_config_options }}" + program_name: "{{ neutron_services['neutron-metadata-agent'].service_name }}" + program_config_options: "{{ neutron_services['neutron-metadata-agent'].config_options }}" service_name: "{{ neutron_service_name }}" system_user: "{{ neutron_system_user_name }}" system_group: "{{ neutron_system_group_name }}" service_home: "{{ neutron_system_home_folder }}" - when: > - inventory_hostname in groups['neutron_agent'] and - neutron_service_metadata_program_enabled == true + when: + - inventory_hostname in groups['neutron_agent'] + - neutron_services['neutron-metadata-agent'].service_en | bool tags: - upstart-init - include: neutron_upstart_common_init.yml vars: - program_name: "{{ neutron_service_metering_program_name }}" - program_config_options: "{{ neutron_service_metering_program_config_options }}" + program_name: "{{ neutron_services['neutron-metering-agent'].service_name }}" + program_config_options: "{{ neutron_services['neutron-metering-agent'].config_options }}" service_name: "{{ neutron_service_name }}" system_user: "{{ neutron_system_user_name }}" system_group: "{{ neutron_system_group_name }}" service_home: "{{ neutron_system_home_folder }}" - when: > - inventory_hostname in groups['neutron_agent'] and - neutron_service_metering_program_enabled == true + when: + - inventory_hostname in groups['neutron_agent'] + - neutron_services['neutron-metering-agent'].service_en | bool tags: - upstart-init