From cd74a120ce6941412bd14310a02137121e3841ab Mon Sep 17 00:00:00 2001
From: Michael Chapman <woppin@gmail.com>
Date: Sat, 3 Dec 2016 12:37:46 +1100
Subject: [PATCH] Add support for external network bridges

Previously NAT was required since bridges can't have addresses,
and the instackenv.json template was expecting an address on the
external bridge to populate pm_addr.

If the external network is designated as a bridge, another network
must be set to NAT in order for the virthost to be able to access
the undercloud, since otherwise there's no address given to
the VM. If no such network is defined, the default libvirt network
(virbr0) is used.

In addition, the requirement to have networks named 'external'
and 'overcloud' has been removed. The first bridge network specified
in the network list will be used as a pxe network regardless of name.

Change-Id: I77f2df7862a71d9a62e4382138bc5287d0687569
---
 roles/common/defaults/main.yml                | 17 ++++++++------
 .../setup/templates/network.xml.j2            |  4 ++++
 .../overcloud/templates/baremetalvm.xml.j2    |  4 +++-
 .../overcloud/templates/instackenv.json.j2    | 16 +++++++++-----
 .../undercloud/templates/undercloudvm.xml.j2  | 22 +++++++++++++++++++
 5 files changed, 50 insertions(+), 13 deletions(-)

diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml
index f5280e930..9ea1bc6e1 100644
--- a/roles/common/defaults/main.yml
+++ b/roles/common/defaults/main.yml
@@ -120,12 +120,18 @@ overcloud_nodes:
     flavor: ceph
 
 # Describe our virtual networks.  These networks will be attached to
-# the undercloud node and to the overcloud nodes (except for the
-# "external" network) in the order in which they are defined.  The
-# playbooks expect to find both an "external" network and a
-# "overcloud" network.
+# the undercloud node and to the overcloud nodes in the order in which
+# they are defined with the following caveats:
+#   *  If no networks are using forward_mode: 'nat', then the default libvirt
+#   network will be attached to the undercloud. This is required to ssh from the
+#   virt host to the undercloud
+#   *  The first bridge network defined will be used for pxe booting
+#
 external_network_cidr: 192.168.23.0/24
 networks:
+  - name: overcloud
+    bridge: brovc
+
   - name: external
     bridge: brext
     forward_mode: nat
@@ -138,9 +144,6 @@ networks:
       - 1024
       - 65535
 
-  - name: overcloud
-    bridge:  brovc
-
 #Enable network isolation with single-nic-vlans for virtualized deployments
 undercloud_network_cidr: 192.168.24.0/24
 undercloud_external_network_cidr: 10.0.0.1/24
diff --git a/roles/environment/setup/templates/network.xml.j2 b/roles/environment/setup/templates/network.xml.j2
index e302a50ac..9ecf1f784 100644
--- a/roles/environment/setup/templates/network.xml.j2
+++ b/roles/environment/setup/templates/network.xml.j2
@@ -4,7 +4,11 @@
 {% set netmask = item.netmask|default('255.255.255.0') %}
 <network>
   <name>{{ item.name }}</name>
+{% if item.forward_mode is defined and item.forward_mode != 'nat' %}
   <bridge name='{{ item.bridge }}' stp='{{ stp }}' delay='{{ delay }}' />
+{% else %}
+  <bridge name='{{ item.bridge }}'/>
+{% endif %}
 {% if item.forward_mode is defined %}
   <forward mode='{{ item.forward_mode }}'>
 {% if item.forward_mode == 'nat' %}
diff --git a/roles/libvirt/setup/overcloud/templates/baremetalvm.xml.j2 b/roles/libvirt/setup/overcloud/templates/baremetalvm.xml.j2
index c822eb9e0..a8fb8317b 100644
--- a/roles/libvirt/setup/overcloud/templates/baremetalvm.xml.j2
+++ b/roles/libvirt/setup/overcloud/templates/baremetalvm.xml.j2
@@ -26,7 +26,8 @@
       <source pool='{{ libvirt_volume_pool }}' volume='{{ item.name }}.qcow2'/>
       <target dev='{{ libvirt_diskdev }}' bus='{{ libvirt_diskbus }}'/>
     </disk>
-{% for network in networks|rejectattr('name', 'equalto', 'external') %}
+{% for network in networks %}
+{% if (network.forward_mode is not defined) or (network.forward_mode is defined and network.forward_mode != 'nat') %}
     <interface type='bridge'>
       <mac address='{{ node_mac_map.get(item.name).get(network.name) }}'/>
       <source bridge='{{ network.bridge }}'/>
@@ -35,6 +36,7 @@
       <virtualport type='{{ network.virtualport_type }}'/>
 {% endif %}
     </interface>
+{% endif %}
 {% endfor %}
     <serial type='pty'/>
     <console type='pty'/>
diff --git a/roles/libvirt/setup/overcloud/templates/instackenv.json.j2 b/roles/libvirt/setup/overcloud/templates/instackenv.json.j2
index e1ddafcd8..43d7f0946 100644
--- a/roles/libvirt/setup/overcloud/templates/instackenv.json.j2
+++ b/roles/libvirt/setup/overcloud/templates/instackenv.json.j2
@@ -1,6 +1,12 @@
-{% set host_ip = (networks |
-                  selectattr('name', 'equalto', 'external') |
-                  list).0.address %}
+{% set lvars = { 'host_ip' : '192.168.122.1', 'pxe_network' : False} %}
+{% for network in networks %}
+{% if (not (network.forward_mode is defined and network.forward_mode == 'nat') and lvars['pxe_network'] == False) %}
+{% if lvars.update({'pxe_network' : network.name}) %}{% endif %}
+{% endif %}
+{% if network.address is defined and lvars['host_ip'] == '192.168.122.1' %}
+{% if lvars.update({'host_ip' : network.address}) %}{% endif %}
+{% endif %}
+{% endfor %}
 {
   "nodes": [
   {% for node in overcloud_nodes %}
@@ -10,7 +16,7 @@
         "pm_password": {{ virt_power_key_pvt | to_nice_json }},
         "pm_type": "pxe_ssh",
         "pm_user": "{{ ansible_user_id }}",
-        "pm_addr": "{{ host_ip }}",
+        "pm_addr": "{{ lvars['host_ip'] }}",
       {% else %}
         "pm_password": "password",
         {% if release == 'ocata' %}
@@ -23,7 +29,7 @@
         "pm_port": "{{ node.virtualbmc_port }}",
       {% endif %}
       "mac": [
-        "{{ node_mac_map.get(node.name).get('overcloud') }}"
+        "{{ node_mac_map.get(node.name).get(lvars['pxe_network']) }}"
       ],
       "cpu": "{{ flavors[node.flavor].vcpu }}",
       "memory": "{{ flavors[node.flavor].memory }}",
diff --git a/roles/libvirt/setup/undercloud/templates/undercloudvm.xml.j2 b/roles/libvirt/setup/undercloud/templates/undercloudvm.xml.j2
index 785b17f37..f247322e4 100644
--- a/roles/libvirt/setup/undercloud/templates/undercloudvm.xml.j2
+++ b/roles/libvirt/setup/undercloud/templates/undercloudvm.xml.j2
@@ -1,3 +1,11 @@
+{% set lvars = { 'use_default_libvirt' : true } %}
+{% for network in networks %}
+{% if network.forward_mode is defined and network.forward_mode == 'nat' %}
+{% if lvars.update({'use_default_libvirt' : false}) %}{% endif %}
+{% if lvars.update({'nat_network' : network.name}) %}{% endif %}
+{% if lvars.update({'nat_bridge' : network.bridge}) %}{% endif %}
+{% endif %}
+{% endfor %}
 <domain type='{{ libvirt_domain_type }}'>
   <name>{{ undercloud_node.name }}</name>
   <memory unit='MiB'>{{ flavors[undercloud_node.flavor].memory }}</memory>
@@ -36,7 +44,20 @@
       <source pool='{{ libvirt_volume_pool }}' volume='{{ undercloud_node.name }}.qcow2'/>
       <target dev='{{ libvirt_diskdev }}' bus='{{ libvirt_diskbus }}'/>
     </disk>
+{% if lvars['use_default_libvirt'] %}
+    <interface type='bridge'>
+      <source bridge='virbr0'/>
+      <model type='virtio'/>
+    </interface>
+{% else %}
+    <interface type='bridge'>
+      <mac address='{{ undercloud_mac_map.get(undercloud_node.name).get(lvars['nat_network']) }}'/>
+      <source bridge='{{ lvars['nat_bridge'] }}'/>
+      <model type='virtio'/>
+    </interface>
+{% endif %}
 {% for network in networks %}
+{% if not (lvars['use_default_libvirt'] == false and network.name == lvars['nat_network']) %}
     <interface type='bridge'>
       <mac address='{{ undercloud_mac_map.get(undercloud_node.name).get(network.name) }}'/>
       <source bridge='{{ network.bridge }}'/>
@@ -45,6 +66,7 @@
       <virtualport type='{{ network.virtualport_type }}'/>
 {% endif %}
     </interface>
+{% endif %}
 {% endfor %}
     <serial type='pty'/>
     <console type='pty'/>