Define networking for Multi-node environments

This commit makes makes possible to have multi-node environments, by
having a different way to configure networking.

By default, if multi-node is enabled, vxlan encapsulation of the
usual traffic will be enabled.
If encapsulation is disabled, but multi-node is enabled, the
encapsulation sections will be skipped. The deployer should therefore
define the variables to plug the bridges into the appropriate interfaces
with the variables ``bootstrap_host_bridge_(mgmt|vxlan|storage)_ports``

Change-Id: I6a88b2afa76130575e67601628808b7a573aa834
Signed-off-by: Jean-Philippe Evrard <jean-philippe.evrard@rackspace.co.uk>

tests/roles/bootstrap-host/defaults/main.yml

@@ -14,6 +14,7 @@
 # limitations under the License.
 
 # Boolean option to implement OpenStack-Ansible configuration for an AIO
+# Switch to no for a multi-node configuration
 bootstrap_host_aio_config: yes
 
 ## Swap memory
@@ -43,7 +44,7 @@ bootstrap_host_loopback_nova: yes
 # Size of the Nova loopback disk in gigabytes (GB).
 bootstrap_host_loopback_nova_size: 1024
 
-## Bridge configuration
+## Network configuration
 # The AIO bootstrap configures bridges for use with the AIO deployment.
 # By default, these bridges are configured to be independent of any physical
 # interfaces, and they have their 'bridge_ports' set to 'none'.  However,
@@ -60,6 +61,75 @@ bootstrap_host_loopback_nova_size: 1024
 bootstrap_host_bridge_mgmt_ports: none
 bootstrap_host_bridge_vxlan_ports: none
 bootstrap_host_bridge_storage_ports: none
+bootstrap_host_bridge_vlan_ports: "br-vlan-veth"
+# This enables the VXLAN encapsulation the traditional bridges
+# (br-mgmt, br-vxlan, br-storage)
+bootstrap_host_encapsulation_enabled: "{{ not bootstrap_host_aio_config | bool }}"
+#
+# Default network IP ranges
+mgmt_range: "172.29.236"
+vxlan_range: "172.29.240"
+storage_range: "172.29.244"
+vlan_range: "172.29.248"
+netmask: "255.255.252.0"
+#
+# NICs
+public_interface: eth0
+encapsulation_interface: eth1
+#
+#Encapsulations
+bootstrap_host_encapsulation_interfaces:
+  encap-mgmt:
+    id: 236
+    underlay_device: "{{ encapsulation_interface }}"
+    friendly_name: "Encapsulation of br-mgmt with VXLAN"
+  encap-vxlan:
+    id: 240
+    underlay_device: "{{ encapsulation_interface }}"
+    friendly_name: "Encapsulation of br-vxlan with VXLAN"
+  encap-storage:
+    id: 244
+    underlay_device: "{{ encapsulation_interface }}"
+    friendly_name: "Encapsulation of br-storage with VXLAN"
+  encap-vlan:
+    id: 248
+    underlay_device: "{{ encapsulation_interface }}"
+    friendly_name: "Encapsulation of br-vlan with VXLAN"
+#
+# Bridges
+bootstrap_host_bridges_interfaces:
+  br-mgmt:
+    ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-mgmt', bootstrap_host_bridge_mgmt_ports) }}"
+    ip_address_range: "{{ mgmt_range }}"
+    ip_netmask: "{{ netmask }}"
+  br-storage:
+    ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-storage', bootstrap_host_bridge_storage_ports) }}"
+    ip_address_range: "{{ storage_range }}"
+    ip_netmask: "{{ netmask }}"
+  br-vxlan:
+    ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-vxlan', bootstrap_host_bridge_vxlan_ports) }}"
+    ip_address_range: "{{ vxlan_range }}"
+    ip_netmask: "{{ netmask }}"
+  br-vlan:
+    mode: "{{ bridge_vlan_inet_mode | default('static') }}"
+    ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-vxlan', bootstrap_host_bridge_vlan_ports) }}"
+    ip_address_range: "{{ vlan_range }}"
+    ip_netmask: "{{ netmask }}"
+    state_change_scripts: "{{ bridge_vlan_state_change_scripts }}"
+#
+# Convenience scripts
+bridge_vlan_state_change_scripts: |
+  pre-up ip link add br-vlan-veth type veth peer name eth12 || true
+  pre-up ip link set br-vlan-veth up
+  pre-up ip link set eth12 up
+  post-down ip link del br-vlan-veth || true
+bridge_iptables_rules: |
+  # To ensure ssh checksum is correct
+  up /sbin/iptables -A POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill
+  down /sbin/iptables -D POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill
+  # To provide internet connectivity to instances
+  up /sbin/iptables -t nat -A POSTROUTING -o {{ public_interface }} -j MASQUERADE
+  down /sbin/iptables -t nat -D POSTROUTING -o {{ public_interface }} -j MASQUERADE
 
 ## Extra storage
 # An AIO may optionally be built using a second storage device. If a

tests/roles/bootstrap-host/tasks/prepare_networking.yml

@@ -20,11 +20,21 @@
   tags:
     - networking-dir-create
 
-- name: Copy network configuration
+- name: Copy AIO network configuration
   template:
     src: osa_interfaces.cfg.j2
     dest: /etc/network/interfaces.d/osa_interfaces.cfg
   register: osa_interfaces
+  when: bootstrap_host_aio_config | bool
+  tags:
+    - networking-interfaces-file
+
+- name: Copy multinode network configuration
+  template:
+    src: osa_interfaces_multinode.cfg.j2
+    dest: /etc/network/interfaces.d/osa_interfaces.cfg
+  register: osa_multinode_interfaces
+  when: not bootstrap_host_aio_config | bool
   tags:
     - networking-interfaces-file
 
@@ -37,7 +47,7 @@
 
 - name: Shut down the network interfaces
   command: "ifdown {{ item }}"
-  when: osa_interfaces | changed
+  when: osa_interfaces | changed or osa_multinode_interfaces | changed
   with_items:
     - br-mgmt
     - br-storage
@@ -46,6 +56,24 @@
   tags:
     - networking-interfaces-stop
 
+- name: Shut down the encapsulation network interfaces
+  command: "ifdown {{ item.key }}"
+  when:
+   - osa_multinode_interfaces | changed
+   - bootstrap_host_encapsulation_enabled | bool
+  with_dict: "{{ bootstrap_host_encapsulation_interfaces }}"
+  tags:
+    - networking-interfaces-stop
+
+- name: Start the encapsulation network interfaces
+  command: "ifup {{ item.key }}"
+  when:
+    - osa_multinode_interfaces | changed
+    - bootstrap_host_encapsulation_enabled | bool
+  with_dict: "{{ bootstrap_host_encapsulation_interfaces }}"
+  tags:
+    - networking-interfaces-start
+
 - name: Start the network interfaces
   command: "ifup {{ item }}"
   when: osa_interfaces | changed
@@ -56,3 +84,9 @@
     - br-vxlan
   tags:
     - networking-interfaces-start
+
+- name: Updating the facts due to net changes
+  setup:
+    filter: "ansible_br*"
+  tags:
+    - networking

tests/roles/bootstrap-host/templates/osa_interfaces_multinode.cfg.j2

@@ -0,0 +1,28 @@
+{% if bootstrap_host_encapsulation_enabled | bool %}
+{% for nic_name, nic_details in bootstrap_host_encapsulation_interfaces.iteritems() %}
+# {{ nic_details.friendly_name }}
+auto {{ nic_name }}
+iface {{ nic_name }} inet manual
+    pre-up ip link add {{ nic_name }} type vxlan id {{ nic_details.id }} group 239.0.0.{{ nic_details.id }} dev {{ nic_details.underlay_device }} || true
+    up ip link set $IFACE up
+    down ip link set $IFACE down
+    post-down ip link del {{ nic_name }} || true
+
+{% endfor %}
+{% endif %}
+{%- for nic_name, nic_details in bootstrap_host_bridges_interfaces.iteritems() -%}
+auto {{ nic_name }}
+iface {{ nic_name }} inet {{ nic_details.mode | default('static') }}
+    bridge_stp off
+    bridge_waitport 0
+    bridge_fd 0
+    bridge_ports {{ nic_details.ports }}
+    offload-sg {{ nic_details.offload_sg | default('off') }}
+    {% if nic_details.mode | default('static') == 'static' -%}
+    address {{ nic_details.ip_address_range }}.{{ node_id }}
+    netmask {{ nic_details.ip_netmask }}
+    {% endif %}
+    {%- if nic_details.state_change_scripts is defined %}{{ nic_details.state_change_scripts }}
+    {% endif %}
+
+{% endfor %}