RETIRED, Tricircle is to provide networking automation across Neutron.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

476 lines
18 KiB

# Devstack extras script to install Tricircle
# Test if any tricircle services are enabled
# is_tricircle_enabled
function is_tricircle_enabled {
[[ ,${ENABLED_SERVICES} =~ ,"t-api" ]] && return 0
return 1
}
# create_tricircle_accounts() - Set up common required tricircle
# service accounts in keystone
# Project User Roles
# -------------------------------------------------------------------------
# $SERVICE_TENANT_NAME tricircle service
function create_tricircle_accounts {
if [[ "$ENABLED_SERVICES" =~ "t-api" ]]; then
create_service_user "tricircle" "admin"
local tricircle_api=$(get_or_create_service "tricircle" \
"tricircle" "Cross Neutron Networking Automation Service")
local tricircle_api_url="$SERVICE_PROTOCOL://$TRICIRCLE_API_HOST/tricircle/v1.0"
if [[ "$TRICIRCLE_DEPLOY_WITH_WSGI" == "False" ]]; then
tricircle_api_url="$SERVICE_PROTOCOL://$TRICIRCLE_API_HOST:$TRICIRCLE_API_PORT/v1.0/"
fi
get_or_create_endpoint $tricircle_api \
"$CENTRAL_REGION_NAME" \
"$tricircle_api_url" \
"$tricircle_api_url" \
"$tricircle_api_url"
fi
}
# create_tricircle_cache_dir() - Set up cache dir for tricircle
function create_tricircle_cache_dir {
# Delete existing dir
sudo rm -rf $TRICIRCLE_AUTH_CACHE_DIR
sudo mkdir -p $TRICIRCLE_AUTH_CACHE_DIR
sudo chown `whoami` $TRICIRCLE_AUTH_CACHE_DIR
}
# common config-file configuration for tricircle services
function init_common_tricircle_conf {
local conf_file=$1
touch $conf_file
iniset $conf_file DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
iniset $conf_file DEFAULT verbose True
iniset $conf_file DEFAULT use_syslog $SYSLOG
iniset $conf_file DEFAULT tricircle_db_connection `database_connection_url tricircle`
iniset $conf_file client auth_url http://$KEYSTONE_SERVICE_HOST/identity
iniset $conf_file client identity_url http://$KEYSTONE_SERVICE_HOST/identity/v3
iniset $conf_file client admin_username admin
iniset $conf_file client admin_password $ADMIN_PASSWORD
iniset $conf_file client admin_tenant demo
iniset $conf_file client auto_refresh_endpoint True
iniset $conf_file client top_region_name $CENTRAL_REGION_NAME
iniset $conf_file oslo_concurrency lock_path $TRICIRCLE_STATE_PATH/lock
iniset_rpc_backend tricircle $conf_file
}
function init_local_nova_conf {
iniset $NOVA_CONF glance api_servers http://$KEYSTONE_SERVICE_HOST/image
iniset $NOVA_CONF placement os_region_name $CENTRAL_REGION_NAME
}
# common config-file configuration for local Neutron(s)
function init_local_neutron_conf {
iniset $NEUTRON_CONF DEFAULT core_plugin tricircle.network.local_plugin.TricirclePlugin
if [[ "$TRICIRCLE_DEPLOY_WITH_CELL" == "True" ]]; then
iniset $NEUTRON_CONF nova region_name $CENTRAL_REGION_NAME
fi
iniset $NEUTRON_CONF client auth_url http://$KEYSTONE_SERVICE_HOST/identity
iniset $NEUTRON_CONF client identity_url http://$KEYSTONE_SERVICE_HOST/identity/v3
iniset $NEUTRON_CONF client admin_username admin
iniset $NEUTRON_CONF client admin_password $ADMIN_PASSWORD
iniset $NEUTRON_CONF client admin_tenant demo
iniset $NEUTRON_CONF client auto_refresh_endpoint True
iniset $NEUTRON_CONF client top_pod_name $CENTRAL_REGION_NAME
iniset $NEUTRON_CONF tricircle real_core_plugin neutron.plugins.ml2.plugin.Ml2Plugin
iniset $NEUTRON_CONF tricircle local_region_name $REGION_NAME
iniset $NEUTRON_CONF tricircle central_neutron_url http://$KEYSTONE_SERVICE_HOST:$TRICIRCLE_NEUTRON_PORT
}
# Set the environment variables for local Neutron(s)
function init_local_neutron_variables {
export Q_USE_PROVIDERNET_FOR_PUBLIC=True
Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS:-}
Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS=${Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS:-}
# if VLAN options were not set in local.conf, use default VLAN bridge
# and VLAN options
if [ "$Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS" == "" ]; then
export TRICIRCLE_ADD_DEFAULT_BRIDGES=True
local vlan_option="bridge:$TRICIRCLE_DEFAULT_VLAN_RANGE"
local ext_option="extern:$TRICIRCLE_DEFAULT_EXT_RANGE"
local vlan_ranges=(network_vlan_ranges=$vlan_option,$ext_option)
Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS=$vlan_ranges
Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS="vni_ranges=$TRICIRCLE_DEFAULT_VXLAN_RANGE"
Q_ML2_PLUGIN_FLAT_TYPE_OPTIONS="flat_networks=$TRICIRCLE_DEFAULT_FLAT_NETWORKS"
local vlan_mapping="bridge:$TRICIRCLE_DEFAULT_VLAN_BRIDGE"
local ext_mapping="extern:$TRICIRCLE_DEFAULT_EXT_BRIDGE"
OVS_BRIDGE_MAPPINGS=$vlan_mapping,$ext_mapping
fi
if [ "$TRICIRCLE_ENABLE_TRUNK" == "True" ]; then
_neutron_service_plugin_class_add trunk
fi
}
function add_default_bridges {
if [ "$TRICIRCLE_ADD_DEFAULT_BRIDGES" == "True" ]; then
_neutron_ovs_base_add_bridge $TRICIRCLE_DEFAULT_VLAN_BRIDGE
_neutron_ovs_base_add_bridge $TRICIRCLE_DEFAULT_EXT_BRIDGE
fi
}
function configure_tricircle_api {
if is_service_enabled t-api ; then
echo "Configuring Tricircle API"
init_common_tricircle_conf $TRICIRCLE_API_CONF
setup_colorized_logging $TRICIRCLE_API_CONF DEFAULT tenant_name
if is_service_enabled keystone; then
create_tricircle_cache_dir
# Configure auth token middleware
configure_auth_token_middleware $TRICIRCLE_API_CONF tricircle \
$TRICIRCLE_AUTH_CACHE_DIR
else
iniset $TRICIRCLE_API_CONF DEFAULT auth_strategy noauth
fi
fi
}
# configure_tricircle_api_wsgi() - Set WSGI config files
function configure_tricircle_api_wsgi {
local tricircle_api_apache_conf
local venv_path=""
local tricircle_bin_dir=""
local tricircle_ssl_listen="#"
tricircle_bin_dir=$(get_python_exec_prefix)
tricircle_api_apache_conf=$(apache_site_config_for tricircle-api)
if is_ssl_enabled_service "tricircle-api"; then
tricircle_ssl_listen=""
tricircle_ssl="SSLEngine On"
tricircle_certfile="SSLCertificateFile $TRICIRCLE_SSL_CERT"
tricircle_keyfile="SSLCertificateKeyFile $TRICIRCLE_SSL_KEY"
fi
# configure venv bin if VENV is used
if [[ ${USE_VENV} = True ]]; then
venv_path="python-path=${PROJECT_VENV["tricircle"]}/lib/$(python_version)/site-packages"
tricircle_bin_dir=${PROJECT_VENV["tricircle"]}/bin
fi
sudo cp $TRICIRCLE_API_APACHE_TEMPLATE $tricircle_api_apache_conf
sudo sed -e "
s|%TRICIRCLE_BIN%|$tricircle_bin_dir|g;
s|%PUBLICPORT%|$TRICIRCLE_API_PORT|g;
s|%APACHE_NAME%|$APACHE_NAME|g;
s|%PUBLICWSGI%|$tricircle_bin_dir/tricircle-api-wsgi|g;
s|%SSLENGINE%|$tricircle_ssl|g;
s|%SSLCERTFILE%|$tricircle_certfile|g;
s|%SSLKEYFILE%|$tricircle_keyfile|g;
s|%SSLLISTEN%|$tricircle_ssl_listen|g;
s|%USER%|$STACK_USER|g;
s|%VIRTUALENV%|$venv_path|g
s|%APIWORKERS%|$API_WORKERS|g
" -i $tricircle_api_apache_conf
}
# start_tricircle_api_wsgi() - Start the API processes ahead of other things
function start_tricircle_api_wsgi {
enable_apache_site tricircle-api
restart_apache_server
tail_log tricircle-api /var/log/$APACHE_NAME/tricircle-api.log
echo "Waiting for tricircle-api to start..."
if ! wait_for_service $SERVICE_TIMEOUT $TRICIRCLE_API_PROTOCOL://$TRICIRCLE_API_HOST/tricircle; then
die $LINENO "tricircle-api did not start"
fi
}
# stop_tricircle_api_wsgi() - Disable the api service and stop it.
function stop_tricircle_api_wsgi {
disable_apache_site tricircle-api
restart_apache_server
}
# cleanup_tricircle_api_wsgi() - Remove residual data files, anything left over from previous
# runs that a clean run would need to clean up
function cleanup_tricircle_api_wsgi {
sudo rm -f $(apache_site_config_for tricircle-api)
}
function configure_tricircle_xjob {
if is_service_enabled t-job ; then
echo "Configuring Tricircle xjob"
init_common_tricircle_conf $TRICIRCLE_XJOB_CONF
setup_colorized_logging $TRICIRCLE_XJOB_CONF DEFAULT
fi
}
function start_central_nova_server {
local local_region=$1
local central_region=$2
local central_neutron_port=$3
echo "Configuring Nova API for Tricircle to work with cell V2"
iniset $NOVA_CONF neutron region_name $central_region
iniset $NOVA_CONF neutron url "$Q_PROTOCOL://$SERVICE_HOST:$central_neutron_port"
# Here we create new endpoints for central region instead of updating the
# endpoints in local region because at the end of devstack, the script tries
# to query the nova api in local region to check whether the nova-compute
# service is running. If we update the endpoint region from local region to
# central region, the check will fail and thus devstack fails
nova_url=$(openstack endpoint list --service compute --interface public --region $local_region -c URL -f value)
get_or_create_endpoint "compute" "$central_region" "$nova_url"
nova_legacy_url=$(openstack endpoint list --service compute_legacy --interface public --region $local_region -c URL -f value)
get_or_create_endpoint "compute_legacy" "$central_region" "$nova_legacy_url"
central_image_endpoint_id=$(openstack endpoint list --service image --interface public --region $central_region -c ID -f value)
if [[ -z "$central_image_endpoint_id" ]]; then
glance_url=$(openstack endpoint list --service image --interface public --region $local_region -c URL -f value)
get_or_create_endpoint "image" "$central_region" "$glance_url"
fi
place_endpoint_id=$(openstack endpoint list --service placement --interface public --region $local_region -c ID -f value)
openstack endpoint set --region $central_region $place_endpoint_id
restart_service devstack@n-api
restart_apache_server
}
function start_central_neutron_server {
local server_index=0
local region_name=$1
local q_port=$2
get_or_create_service "neutron" "network" "Neutron Service"
get_or_create_endpoint "network" \
"$region_name" \
"$Q_PROTOCOL://$SERVICE_HOST:$q_port/" \
"$Q_PROTOCOL://$SERVICE_HOST:$q_port/" \
"$Q_PROTOCOL://$SERVICE_HOST:$q_port/"
# reconfigure central neutron server to use our own central plugin
echo "Configuring central Neutron plugin for Tricircle"
cp $NEUTRON_CONF $NEUTRON_CONF.$server_index
iniset $NEUTRON_CONF.$server_index database connection `database_connection_url $Q_DB_NAME$server_index`
iniset $NEUTRON_CONF.$server_index DEFAULT bind_port $q_port
iniset $NEUTRON_CONF.$server_index DEFAULT core_plugin "tricircle.network.central_plugin.TricirclePlugin"
iniset $NEUTRON_CONF.$server_index DEFAULT service_plugins ""
iniset $NEUTRON_CONF.$server_index DEFAULT tricircle_db_connection `database_connection_url tricircle`
iniset $NEUTRON_CONF.$server_index DEFAULT notify_nova_on_port_data_changes False
iniset $NEUTRON_CONF.$server_index DEFAULT notify_nova_on_port_status_changes False
iniset $NEUTRON_CONF.$server_index client admin_username admin
iniset $NEUTRON_CONF.$server_index client admin_password $ADMIN_PASSWORD
iniset $NEUTRON_CONF.$server_index client admin_tenant demo
iniset $NEUTRON_CONF.$server_index client auto_refresh_endpoint True
iniset $NEUTRON_CONF.$server_index client top_region_name $CENTRAL_REGION_NAME
local service_plugins=''
if [ "$TRICIRCLE_ENABLE_TRUNK" == "True" ]; then
service_plugins+=",tricircle.network.central_trunk_plugin.TricircleTrunkPlugin"
fi
if [ "$TRICIRCLE_ENABLE_SFC" == "True" ]; then
service_plugins+=",networking_sfc.services.flowclassifier.plugin.FlowClassifierPlugin,tricircle.network.central_sfc_plugin.TricircleSfcPlugin"
iniset $NEUTRON_CONF.$server_index sfc drivers tricircle_sfc
iniset $NEUTRON_CONF.$server_index flowclassifier drivers tricircle_fc
fi
if [ "$TRICIRCLE_ENABLE_QOS" == "True" ]; then
service_plugins+=",tricircle.network.central_qos_plugin.TricircleQosPlugin"
fi
if [ -n service_plugins ]; then
service_plugins=$(echo $service_plugins| sed 's/^,//')
iniset $NEUTRON_CONF.$server_index DEFAULT service_plugins "$service_plugins"
fi
local type_drivers=''
local tenant_network_types=''
if [ "$Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS" != "" ]; then
type_drivers+=,vxlan
tenant_network_types+=,vxlan
iniset $NEUTRON_CONF.$server_index tricircle vni_ranges `echo $Q_ML2_PLUGIN_VXLAN_TYPE_OPTIONS | awk -F= '{print $2}'`
fi
if [ "$Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS" != "" ]; then
type_drivers+=,vlan
tenant_network_types+=,vlan
iniset $NEUTRON_CONF.$server_index tricircle network_vlan_ranges `echo $Q_ML2_PLUGIN_VLAN_TYPE_OPTIONS | awk -F= '{print $2}'`
fi
if [ "Q_ML2_PLUGIN_FLAT_TYPE_OPTIONS" != "" ]; then
type_drivers+=,flat
tenant_network_types+=,flat
iniset $NEUTRON_CONF.$server_index tricircle flat_networks `echo $Q_ML2_PLUGIN_FLAT_TYPE_OPTIONS | awk -F= '{print $2}'`
fi
type_drivers+=,local
tenant_network_types+=,local
# remove the heading ","
type_drivers=$(echo $type_drivers | sed 's/^,//')
tenant_network_types=$(echo $tenant_network_types | sed 's/^,//')
iniset $NEUTRON_CONF.$server_index tricircle type_drivers $type_drivers
iniset $NEUTRON_CONF.$server_index tricircle tenant_network_types $tenant_network_types
iniset $NEUTRON_CONF.$server_index tricircle enable_api_gateway False
# reconfigure api-paste.ini in central neutron server
local API_PASTE_INI=$NEUTRON_CONF_DIR/api-paste.ini
sudo sed -e "
/^keystone.*neutronapiapp/s/neutronapiapp/request_source &/;
/app:neutronapiapp/i\[filter:request_source]\npaste.filter_factory = tricircle.common.request_source:RequestSource.factory\n
" -i $API_PASTE_INI
# default value of bridge_network_type is vxlan
if [ "$TRICIRCLE_ENABLE_QOS" == "True" ]; then
local p_exist=$(grep "^extension_drivers" /$Q_PLUGIN_CONF_FILE)
if [[ $p_exist != "" ]];then
if ! [[ $(echo $p_exist | grep "qos") ]];then
sed -i "s/$p_exist/$p_exist,qos/g" /$Q_PLUGIN_CONF_FILE
fi
else
sed -i "s/^\[ml2\]/\[ml2\]\nextension_drivers = qos/g" /$Q_PLUGIN_CONF_FILE
fi
fi
recreate_database $Q_DB_NAME$server_index
$NEUTRON_BIN_DIR/neutron-db-manage --config-file $NEUTRON_CONF.$server_index --config-file /$Q_PLUGIN_CONF_FILE upgrade head
enable_service q-svc$server_index
run_process q-svc$server_index "$NEUTRON_BIN_DIR/neutron-server --config-file $NEUTRON_CONF.$server_index --config-file /$Q_PLUGIN_CONF_FILE"
}
# install_tricircleclient() - Collect source and prepare
function install_tricircleclient {
if use_library_from_git "python-tricircleclient"; then
git_clone_by_name "python-tricircleclient"
setup_dev_lib "python-tricircleclient"
else
pip_install_gr tricircleclient
fi
}
# if the plugin is enabled to run, that means the Tricircle is enabled
# by default, so no need to judge the variable Q_ENABLE_TRICIRCLE
if [[ "$1" == "stack" && "$2" == "pre-install" ]]; then
echo_summary "Tricircle pre-install"
# init_local_neutron_variables before installation
init_local_neutron_variables
elif [[ "$1" == "stack" && "$2" == "install" ]]; then
echo_summary "Installing Tricircle"
elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
echo_summary "Configuring Tricircle"
install_tricircleclient
export NEUTRON_CREATE_INITIAL_NETWORKS=False
sudo install -d -o $STACK_USER -m 755 $TRICIRCLE_CONF_DIR
if [[ "$TRICIRCLE_START_SERVICES" == "True" ]]; then
enable_service t-api t-job
configure_tricircle_api
configure_tricircle_xjob
if [[ "$TRICIRCLE_DEPLOY_WITH_WSGI" == "True" ]]; then
configure_tricircle_api_wsgi
fi
fi
echo export PYTHONPATH=\$PYTHONPATH:$TRICIRCLE_DIR >> $RC_DIR/.localrc.auto
setup_package $TRICIRCLE_DIR -e
if [[ "$TRICIRCLE_START_SERVICES" == "True" ]]; then
recreate_database tricircle
tricircle-db-manage --config-file="$TRICIRCLE_API_CONF" db_sync
if is_service_enabled q-svc ; then
start_central_neutron_server $CENTRAL_REGION_NAME $TRICIRCLE_NEUTRON_PORT
fi
fi
# update the local neutron.conf after the central Neutron has started
init_local_neutron_conf
if [[ "$TRICIRCLE_DEPLOY_WITH_CELL" == "True" ]]; then
# update the local nova.conf
init_local_nova_conf
else
iniset $NOVA_CONF glance region_name $REGION_NAME
fi
# add default bridges br-vlan, br-ext if needed, ovs-vsctl
# is just being installed before this stage
add_default_bridges
elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
echo_summary "Initializing Tricircle Service"
if [[ ${USE_VENV} = True ]]; then
PROJECT_VENV["tricircle"]=${TRICIRCLE_DIR}.venv
TRICIRCLE_BIN_DIR=${PROJECT_VENV["tricircle"]}/bin
else
TRICIRCLE_BIN_DIR=$(get_python_exec_prefix)
fi
if is_service_enabled t-api; then
create_tricircle_accounts
if [[ "$TRICIRCLE_DEPLOY_WITH_WSGI" == "True" ]]; then
start_tricircle_api_wsgi
else
run_process t-api "$TRICIRCLE_BIN_DIR/tricircle-api --config-file $TRICIRCLE_API_CONF"
fi
if [[ "$TRICIRCLE_DEPLOY_WITH_CELL" == "True" && "$TRICIRCLE_START_SERVICES" == "True" ]]; then
start_central_nova_server $REGION_NAME $CENTRAL_REGION_NAME $TRICIRCLE_NEUTRON_PORT
fi
fi
if is_service_enabled t-job; then
run_process t-job "$TRICIRCLE_BIN_DIR/tricircle-xjob --config-file $TRICIRCLE_XJOB_CONF"
fi
fi
if [[ "$1" == "unstack" ]]; then
if is_service_enabled t-api; then
if [[ "$TRICIRCLE_DEPLOY_WITH_WSGI" == "True" ]]; then
stop_tricircle_api_wsgi
clean_tricircle_api_wsgi
else
stop_process t-api
fi
fi
if is_service_enabled t-job; then
stop_process t-job
fi
if is_service_enabled q-svc0; then
stop_process q-svc0
fi
fi