Browse Source

Merge "Allow overlay tunnel endpoints on IPv6 address" into stable/rocky

changes/82/681782/1
Zuul 5 months ago
parent
commit
846e463622
7 changed files with 179 additions and 4 deletions
  1. +40
    -0
      environments/external-loadbalancer-vip-v6-all.yaml
  2. +64
    -0
      environments/network-environment-v6-all.j2.yaml
  3. +67
    -0
      environments/network-isolation-v6-all.j2.yaml
  4. +0
    -1
      network_data.yaml
  5. +0
    -1
      network_data_ganesha.yaml
  6. +0
    -2
      network_data_routed.yaml
  7. +8
    -0
      releasenotes/notes/support_IPv6_for_tenant_networks-30938bfdde547969.yaml

+ 40
- 0
environments/external-loadbalancer-vip-v6-all.yaml View File

@@ -0,0 +1,40 @@
# This file allows IPv6 deployment on tenant networks as well.
# This should only be used for new deployments and not for upgrade
# or update.
resource_registry:
OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_v6.yaml
OS::TripleO::Network::Ports::InternalApiVipPort: ../network/ports/internal_api_v6.yaml
OS::TripleO::Network::Ports::StorageVipPort: ../network/ports/storage_v6.yaml
OS::TripleO::Network::Ports::StorageMgmtVipPort: ../network/ports/storage_mgmt_v6.yaml
OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml
OS::TripleO::Controller::Ports::ExternalPort: ../network/ports/external_from_pool_v6.yaml
OS::TripleO::Controller::Ports::InternalApiPort: ../network/ports/internal_api_from_pool_v6.yaml
OS::TripleO::Controller::Ports::StoragePort: ../network/ports/storage_from_pool_v6.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: ../network/ports/storage_mgmt_from_pool_v6.yaml
OS::TripleO::Controller::Ports::TenantPort: ../network/ports/tenant_from_pool_v6.yaml
# Management network is optional and disabled by default
#OS::TripleO::Controller::Ports::ManagementPort: ../network/ports/management_from_pool_v6.yaml

parameter_defaults:
# When using an external loadbalancer set the following in parameter_defaults
# to control your VIPs (currently one per network)
# NOTE: we will eventually move to one VIP per service
#
ControlFixedIPs: [{'ip_address':'192.168.24.251'}]
PublicVirtualFixedIPs: [{'ip_address':'2001:db8:fd00:1000:0000:0000:0000:0005'}]
InternalApiVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0005'}]
StorageVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:3000:0000:0000:0000:0005'}]
StorageMgmtVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:4000:0000:0000:0000:0005'}]
RedisVirtualFixedIPs: [{'ip_address':'fd00:fd00:fd00:2000:0000:0000:0000:0006'}]
ControllerIPs:
external:
- 2001:db8:fd00:1000:0000:0000:0000:0007
internal_api:
- fd00:fd00:fd00:2000:0000:0000:0000:0007
storage:
- fd00:fd00:fd00:3000:0000:0000:0000:0007
storage_mgmt:
- fd00:fd00:fd00:4000:0000:0000:0000:0007
tenant:
- fd00:fd00:fd00:5000:0000:0000:0000:0007
EnableLoadBalancer: false

+ 64
- 0
environments/network-environment-v6-all.j2.yaml View File

@@ -0,0 +1,64 @@
# This file allows IPv6 deployment on tenant networks as well.
# This should only be used for new deployments and not for upgrade
# or update.
resource_registry:
# Network Interface templates to use (these files must exist). You can
# override these by including one of the net-*.yaml environment files,
# such as net-bond-with-vlans-v6.yaml, or modifying the list here.
{%- for role in roles %}
# Port assignments for the {{role.name}}
OS::TripleO::{{role.name}}::Net::SoftwareConfig:
../network/config/single-nic-vlans/{{role.deprecated_nic_config_name|default(role.name.lower() ~ ".yaml")}}
{%- endfor %}

parameter_defaults:
# This section is where deployment-specific configuration is done
#
# NOTE: (Since Rocky)
# ControlPlaneSubnetCidr: It is no longer a requirement to provide this
# parameter. The attribute is resolved from the
# ctlplane subnet(s).
# ControlPlaneDefaultRoute: It is no longer a requirement to provide this
# parameter. The attribute is resolved from the
# ctlplane subnet(s).
# EC2MetadataIp: It is no longer a requirement to provide this parameter. The
# attribute is resolved from the ctlplane subnet(s).
#
#
{% for network in networks if network.enabled|default(true) %}
# Customize the IP subnets to match the local environment
{{network.name}}NetCidr: '{{network.ipv6_subnet}}'
# Customize the IP range to use for static IPs and VIPs
{%- if network.name == 'External' %}
# Leave room if the external network is also used for floating IPs
{%- endif %}
{{network.name}}AllocationPools: {{network.ipv6_allocation_pools}}
{%- if network.gateway_ipv6|default(false) %}
# Gateway router for routable networks
{{network.name}}InterfaceDefaultRoute: '{{network.gateway_ipv6}}'
{%- endif %}
{%- if network.vlan is defined %}
# Customize the VLAN ID to match the local environment
{{network.name}}NetworkVlanID: {{network.vlan}}
{%- endif %}
{%- if network.routes_ipv6 %}
# Routes to add to host_routes property of the subnets in neutron.
{{network.name}}Routes: {{network.routes_ipv6|default([])}}
{%- endif %}
{% endfor %}
{#- FIXME: These global parameters should be defined in a YAML file, e.g. network_data.yaml. #}
# Define the DNS servers (maximum 2) for the overcloud nodes
# When the list is not set (empty) the nameservers on the ctlplane subnet(s) will be used.
# (ctlplane subnet(s) nameservers are confgured by the ``undercloud_nameservers`` option in ``undercloud.conf``)
DnsServers: []
# List of Neutron network types for tenant networks (will be used in order)
NeutronNetworkType: 'vxlan,vlan'
# The tunnel type for the tenant network (vxlan or gre). Set to '' to disable tunneling.
NeutronTunnelTypes: 'vxlan'
# Neutron VLAN ranges per network, for example 'datacentre:1:499,tenant:500:1000':
NeutronNetworkVLANRanges: 'datacentre:1:1000'
# Customize bonding options, e.g. "mode=4 lacp_rate=1 updelay=1000 miimon=100"
# for Linux bonds w/LACP, or "bond_mode=active-backup" for OVS active/backup.
BondInterfaceOvsOptions: "bond_mode=active-backup"
# Specify Tunnel endpoints to be IPv6
NeutronOverlayIPVersion: 6

+ 67
- 0
environments/network-isolation-v6-all.j2.yaml View File

@@ -0,0 +1,67 @@
# This file allows IPv6 deployment on tenant networks as well.
# This should only be used for new deployments and not for upgrade
# or update.
{%- set primary_role = [roles[0]] -%}
{%- for role in roles -%}
{%- if 'primary' in role.tags and 'controller' in role.tags -%}
{%- set _ = primary_role.pop() -%}
{%- set _ = primary_role.append(role) -%}
{%- endif -%}
{%- endfor -%}
{%- set primary_role_name = primary_role[0].name -%}
# NOTE: This template is now deprecated, and is only included for compatibility
# when upgrading a deployment where this template was originally used. For new
# deployments, set "ipv6: true" on desired networks in network_data.yaml, and
# include network-isolation.yaml.
#
# Enable the creation of Neutron networks for isolated Overcloud
# traffic and configure each role to assign ports (related
# to that role) on these networks.
# primary role is: {{primary_role_name}}
resource_registry:
# networks as defined in network_data.yaml
{%- for network in networks if network.enabled|default(true) %}
OS::TripleO::Network::{{network.name}}: ../network/{{network.name_lower|default(network.name.lower())}}_v6.yaml
{%- endfor %}

# Port assignments for the VIPs
{%- for network in networks if network.vip and network.enabled|default(true) %}
OS::TripleO::Network::Ports::{{network.name}}VipPort: ../network/ports/{{network.name_lower|default(network.name.lower())}}_v6.yaml
{%- endfor %}

OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/vip_v6.yaml

# Port assignments by role, edit role definition to assign networks to roles.
{%- for role in roles %}
# Port assignments for the {{role.name}}
{%- for network in networks %}
{%- if network.name in role.networks|default([]) and network.enabled|default(true) %}
OS::TripleO::{{role.name}}::Ports::{{network.name}}Port: ../network/ports/{{network.name_lower|default(network.name.lower())}}_v6.yaml
{%- endif %}
{%- endfor %}
{% endfor %}


parameter_defaults:
# Enable IPv6 for Ceph.
CephIPv6: True
# Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster.
CorosyncIPv6: True
# Enable IPv6 for MongoDB. This is required when MongoDB is using an IPv6 IP.
MongoDbIPv6: True
# Enable various IPv6 features in Nova.
NovaIPv6: True
# Enable IPv6 environment for RabbitMQ.
RabbitIPv6: True
# Enable IPv6 environment for Memcached.
MemcachedIPv6: True
# Enable IPv6 environment for MySQL.
MysqlIPv6: True
# Enable IPv6 environment for Manila
ManilaIPv6: True
# Enable IPv6 environment for Redis.
RedisIPv6: True
# Enable IPv6 environment for OpenDaylight
OpenDaylightEnableIPv6Deployment: True
# Specify Tunnel endpoints to be IPv6
NeutronOverlayIPVersion: 6

+ 0
- 1
network_data.yaml View File

@@ -84,7 +84,6 @@
vlan: 50
ip_subnet: '172.16.0.0/24'
allocation_pools: [{'start': '172.16.0.4', 'end': '172.16.0.250'}]
# Note that tenant tunneling is only compatible with IPv4 addressing at this time.
ipv6_subnet: 'fd00:fd00:fd00:5000::/64'
ipv6_allocation_pools: [{'start': 'fd00:fd00:fd00:5000::10', 'end': 'fd00:fd00:fd00:5000:ffff:ffff:ffff:fffe'}]
- name: External

+ 0
- 1
network_data_ganesha.yaml View File

@@ -81,7 +81,6 @@
vlan: 50
ip_subnet: '172.16.0.0/24'
allocation_pools: [{'start': '172.16.0.4', 'end': '172.16.0.250'}]
# Note that tenant tunneling is only compatible with IPv4 addressing at this time.
ipv6_subnet: 'fd00:fd00:fd00:5000::/64'
ipv6_allocation_pools: [{'start': 'fd00:fd00:fd00:5000::10', 'end': 'fd00:fd00:fd00:5000:ffff:ffff:ffff:fffe'}]
- name: External

+ 0
- 2
network_data_routed.yaml View File

@@ -146,7 +146,6 @@
gateway_ip: '172.16.0.1'
routes: [{'destination':'172.16.0.0/20', 'nexthop':'172.16.0.1'}]
allocation_pools: [{'start': '172.16.0.4', 'end': '172.16.0.250'}]
# Note that tenant tunneling is only compatible with IPv4 addressing at this time.
ipv6_subnet: 'fd00:fd00:fd00:5000::/64'
ipv6_allocation_pools: [{'start': 'fd00:fd00:fd00:5000::10', 'end': 'fd00:fd00:fd00:5000:ffff:ffff:ffff:fffe'}]
routes_ipv6: [{'destination':'fd00:fd00:fd00:5004::/64', 'nexthop':'fd00:fd00:fd00:5000::1'}]
@@ -158,7 +157,6 @@
gateway_ip: '172.16.1.1'
routes: [{'destination':'172.16.0.0/20', 'nexthop':'172.16.1.1'}]
allocation_pools: [{'start': '172.16.1.4', 'end': '172.16.1.250'}]
# Note that tenant tunneling is only compatible with IPv4 addressing at this time.
ipv6_subnet: 'fd00:fd00:fd00:5004::/64'
ipv6_allocation_pools: [{'start': 'fd00:fd00:fd00:5004::10', 'end': 'fd00:fd00:fd00:5004:ffff:ffff:ffff:fffe'}]
routes_ipv6: [{'destination':'fd00:fd00:fd00:5000::/64', 'nexthop':'fd00:fd00:fd00:5004::1'}]

+ 8
- 0
releasenotes/notes/support_IPv6_for_tenant_networks-30938bfdde547969.yaml View File

@@ -0,0 +1,8 @@
---
features:
- |
OVS and neutron now supports endpoint creation on IPv6 networks. New
network-*-v6-all.j2.yaml environment files are added to allow tenant
network to be created on IPv6 addresses. Note that these files are only
to be used for new deployments and not during update or upgrade.
network_data*.yaml files are also edited to reflect the same.

Loading…
Cancel
Save