Add environment file to enable DVR

This patch adds support for conditionally enabling DVR by deploying the
L3 and metadata agents on the compute node and setting the proper
configuration values throughout.

Implements: blueprint neutron-dvr-support
Change-Id: I24099795e76ecd520c990ba49d3511288dec7a12

environments/neutron-ovs-dvr.yaml

@@ -0,0 +1,24 @@
+# A Heat environment file that enables DVR in the overcloud.
+# This works by configuring L3 and Metadata agents on the
+# compute nodes.
+resource_registry:
+  OS::TripleO::Services::ComputeNeutronL3Agent: ../puppet/services/neutron-l3-compute-dvr.yaml
+  OS::TripleO::Services::ComputeNeutronMetadataAgent: ../puppet/services/neutron-metadata.yaml
+
+  # With DVR enabled, the Compute nodes also need the br-ex bridge to be
+  # connected to a physical network.
+  OS::TripleO::Compute::Net::SoftwareConfig: ../net-config-bridge.yaml
+
+parameter_defaults:
+
+  # DVR requires that the L2 population feature is enabled
+  NeutronMechanismDrivers: ['openvswitch', 'l2population']
+  NeutronEnableL2Pop: 'True'
+
+  # Setting NeutronEnableDVR enables distributed routing support in the
+  # ML2 plugin and agents that support this feature
+  NeutronEnableDVR: true
+
+  # We also need to set the proper agent mode for the L3 agent.  This will only
+  # affect the agent on the controller node.
+  NeutronL3AgentMode: 'dvr_snat'

overcloud-resource-registry-puppet.yaml

@@ -197,6 +197,8 @@ resource_registry:
   OS::Tripleo::Services::ManilaApi: OS::Heat::None
   OS::Tripleo::Services::ManilaScheduler: OS::Heat::None
   OS::Tripleo::Services::ManilaShare: OS::Heat::None
+  OS::TripleO::Services::ComputeNeutronL3Agent: OS::Heat::None
+  OS::TripleO::Services::ComputeNeutronMetadataAgent: OS::Heat::None
 
 parameter_defaults:
   EnablePackageInstall: false

overcloud.yaml

@@ -424,6 +424,8 @@ parameters:
       - OS::TripleO::Services::ComputeNeutronCorePlugin
       - OS::TripleO::Services::ComputeNeutronOvsAgent
       - OS::TripleO::Services::ComputeCeilometerAgent
+      - OS::TripleO::Services::ComputeNeutronL3Agent
+      - OS::TripleO::Services::ComputeNeutronMetadataAgent
     description: A list of service resources (configured in the Heat
                  resource_registry) which represent nested stacks
                  for each service that should get installed on the Compute Nodes.

puppet/services/neutron-l3-compute-dvr.yaml

@@ -0,0 +1,37 @@
+heat_template_version: 2016-04-08
+
+description: >
+  OpenStack Neutron L3 agent for DVR enabled compute nodes
+  configured with Puppet
+
+parameters:
+  EndpointMap:
+    default: {}
+    description: Mapping of service endpoint -> protocol. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
+  Debug:
+    type: string
+    default: ''
+  NeutronExternalNetworkBridge:
+    description: Name of bridge used for external network traffic.
+    type: string
+    default: 'br-ex'
+
+resources:
+
+  NeutronBase:
+    type: ./neutron-base.yaml
+
+outputs:
+  role_data:
+    description: Role data for DVR L3 Agent on Compute Nodes
+    value:
+      service_name: neutron_l3_compute_dvr
+      config_settings:
+        map_merge:
+          - get_attr: [NeutronBase, role_data, config_settings]
+          - neutron::agents::l3::external_network_bridge: {get_param: NeutronExternalNetworkBridge}
+            neutron::agents::l3::agent_mode : 'dvr'
+      step_config: |
+        include tripleo::profile::base::neutron::l3

puppet/services/neutron-l3.yaml

@@ -16,6 +16,15 @@ parameters:
     description: Name of bridge used for external network traffic.
     type: string
     default: 'br-ex'
+  NeutronL3AgentMode:
+    description: |
+      Agent mode for L3 agent. Must be one of legacy or dvr_snat.
+    default: 'legacy'
+    type: string
+    constraints:
+      - allowed_values:
+        - legacy
+        - dvr_snat
 
 resources:
 
@@ -32,5 +41,6 @@ outputs:
           - get_attr: [NeutronBase, role_data, config_settings]
           - neutron::agents::l3::external_network_bridge: {get_param: NeutronExternalNetworkBridge}
             neutron::agents::l3::router_delete_namespaces: True
+            neutron::agents::l3::agent_mode : {get_param: NeutronL3AgentMode}
       step_config: |
         include tripleo::profile::base::neutron::l3

puppet/services/neutron-ovs-agent.yaml

@@ -37,6 +37,11 @@ parameters:
     description: |
         Comma-separated list of extensions enabled for the Neutron agents.
     type: comma_delimited_list
+  NeutronEnableDVR:
+    default: False
+    description: |
+      Enable support for distributed routing in the OVS Agent.
+    type: boolean
 
 resources:
 
@@ -53,6 +58,7 @@ outputs:
           - get_attr: [NeutronBase, role_data, config_settings]
             neutron::agents::ml2::ovs::enable_tunneling: {get_param: NeutronEnableTunnelling}
             neutron::agents::ml2::ovs::l2_population: {get_param: NeutronEnableL2Pop}
+            neutron::agents::ml2::ovs::enable_distributed_routing: {get_param: NeutronEnableDVR}
             neutron::agents::ml2::ovs::bridge_mappings:
               str_replace:
                 template: MAPPINGS

puppet/services/neutron-server.yaml

@@ -29,6 +29,10 @@ parameters:
     description: The password for the nova service and db account, used by nova-api.
     type: string
     hidden: true
+  NeutronEnableDVR:
+    description: Enable Neutron DVR.
+    default: false
+    type: boolean
 
 resources:
 
@@ -85,5 +89,6 @@ outputs:
                 dport: 4789
               '106 vrrp':
                 proto: vrrp
+            neutron::server::router_distributed: {get_param: NeutronEnableDVR}
       step_config: |
         include tripleo::profile::base::neutron::server