Make external networks workable

Change-Id: I363b23321631b351221e363b4d21da8fadde5cab
2015-07-30 16:22:04 +02:00
parent 3f060aa6fa
commit 1d9bee5a6f
9 changed files with 37 additions and 23 deletions
--- a/14
+++ b/14
@@ -69,8 +69,8 @@ Vagrant.configure(2) do |config|
                      virtualbox__intnet: 'tunnel'
      node.vm.network :public_network,
                      ip: address,
-                      netmask: CONFIG['network']['internal']['netmask'],
-                      bridge: CONFIG['network']['internal']['bridge']
+                      netmask: CONFIG['network']['external']['netmask'],
+                      bridge: CONFIG['network']['external']['bridge']
    end
  end

@@ -80,7 +80,7 @@ Vagrant.configure(2) do |config|
                    ip: '10.0.0.30',
                    virtualbox__intnet: 'tunnel'
    node.vm.network :public_network,
-                    bridge: CONFIG['network']['internal']['bridge'],
+                    bridge: CONFIG['network']['external']['bridge'],
                    auto_config: false
  end

@@ -88,8 +88,8 @@ Vagrant.configure(2) do |config|
    node.vm.hostname = 'storage'
    node.vm.network :public_network,
                    ip: CONFIG['address']['storage'],
-                    netmask: CONFIG['network']['internal']['netmask'],
-                    bridge: CONFIG['network']['internal']['bridge']
+                    netmask: CONFIG['network']['external']['netmask'],
+                    bridge: CONFIG['network']['external']['bridge']
    add_block_device(node, 1, CONFIG['resources']['storage'])
    add_block_device(node, 2, CONFIG['resources']['storage'])
    add_block_device(node, 3, CONFIG['resources']['storage'])
@@ -99,8 +99,8 @@ Vagrant.configure(2) do |config|
    node.vm.hostname = 'controller'
    node.vm.network :public_network,
                    ip: CONFIG['address']['controller'],
-                    netmask: CONFIG['network']['internal']['netmask'],
-                    bridge: CONFIG['network']['internal']['bridge']
+                    netmask: CONFIG['network']['external']['netmask'],
+                    bridge: CONFIG['network']['external']['bridge']
    node.vm.provider 'virtualbox' do |vb|
      memory = CONFIG['resources']['memory'] * 2
      vcpus = CONFIG['resources']['vcpus'] * 2
--- a/ansible/controller.yaml
+++ b/ansible/controller.yaml
@@ -17,7 +17,9 @@
  when: not development
 - template: src=files/openrc.j2 dest=/home/vagrant/openrc owner=vagrant group=vagrant mode=0644
 - lineinfile: dest=/home/vagrant/.bashrc line='source $HOME/openrc'
- copy: src=files/scripts/ dest=/home/vagrant/scripts/ owner=vagrant group=vagrant mode=0755
+- copy: src=files/scripts/nova_fake.sh dest=/home/vagrant/scripts/nova_fake.sh owner=vagrant group=vagrant mode=0755
+- copy: src=files/scripts/rally.sh dest=/home/vagrant/scripts/rally.sh owner=vagrant group=vagrant mode=0755
+- template: src=files/scripts/setup.sh.j2 dest=/home/vagrant/scripts/setup.sh owner=vagrant group=vagrant mode=0755
 - template: src=files/packstack.answers.j2 dest=/home/vagrant/packstack.answers owner=vagrant group=vagrant
 - copy: src=files/gitconfig dest=/home/vagrant/.gitconfig owner=vagrant group=vagrant mode=0644
 - file: src=/home/vagrant/.ssh/id_packstack dest=/home/vagrant/.ssh/id_rsa owner=vagrant group=vagrant state=link
--- a/ansible/network.yaml
+++ b/ansible/network.yaml
@@ -1,6 +1,11 @@
 ---
+- sysctl: name=net.ipv4.ip_forward value=1 state=present
 - yum: name=openvswitch state=present
 - service: name=openvswitch state=started enabled=yes
 - template: src=files/ifcfg-br-ex.j2 dest=/etc/sysconfig/network-scripts/ifcfg-br-ex
 - copy: src=files/ifcfg-enp0s9 dest=/etc/sysconfig/network-scripts/ifcfg-enp0s9
 - service: name=network state=restarted
+- command: /sbin/iptables -t nat -A POSTROUTING -o enp0s3 -j MASQUERADE
+- command: /sbin/iptables -A FORWARD -i br-ex -o enp0s3 -m state --state RELATED,ESTABLISHED -j ACCEPT
+- command: /sbin/iptables -A FORWARD -i br-ex -o enp0s3 -j ACCEPT
+- shell: /usr/sbin/iptables-save > /etc/sysconfig/iptables
--- a/config.yaml.sample
+++ b/config.yaml.sample
@@ -8,13 +8,17 @@ network:
  type: gre
  agent: openvswitch
  tunnel_interface: enp0s8
+  dns1: 208.67.222.222
+  dns2: 208.67.220.220
  internal:
+    network: 192.168.200.0/24
+  external:
+    start: 10.100.50.100
+    end: 10.100.50.200
+    network: 10.100.50.0/16
    bridge: tap0
    netmask: 255.255.0.0
-    gateway: 10.100.0.1
    broadcast: 10.100.255.255
-    dns1: 208.67.222.222
-    dns2: 208.67.220.220
 secret: password
 proxy: http://proxy.dummy.site:3128
 storage_backend: nfs
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@@ -33,19 +33,23 @@ storage controller of the used base box must support at least three ports.
 Networking
 ----------

-Internal network
-~~~~~~~~~~~~~~~~
+Networks
+~~~~~~~~

 ::

    network:
+      dns1: 208.67.222.222
+      dns2: 208.67.220.220
      internal:
+        network: 192.168.200.0/24
+      external:
+        start: 10.100.50.100
+        end: 10.100.50.200
+        network: 10.100.50.0/16
        bridge: tap0
        netmask: 255.255.0.0
        broadcast: 10.100.255.255
-        gateway: 10.100.0.1
-        dns1: 208.67.222.222
-        dns2: 208.67.220.220

 Addresses
 ~~~~~~~~~
--- a/files/ifcfg-br-ex.j2
+++ b/files/ifcfg-br-ex.j2
@@ -4,8 +4,7 @@ DEVICETYPE=ovs
 TYPE=OVSBridge
 BOOTPROTO=static
 IPADDR={{ address.network }}
-NETMASK={{ network.internal.netmask }}
-BROADCAST={{ network.internal.broadcast }}
-GATEWAY={{ network.internal.gateway }}
-DNS1={{ network.internal.dns1 }}
-DNS2={{ network.internal.dns2 }}
+NETMASK={{ network.external.netmask }}
+BROADCAST={{ network.external.broadcast }}
+DNS1={{ network.dns1 }}
+DNS2={{ network.dns2 }}
--- a/files/scripts/nova_fake.sh
+++ b/files/scripts/nova_fake.sh
--- a/files/scripts/rally.sh
+++ b/files/scripts/rally.sh
--- a/files/scripts/setup.sh.j2
+++ b/files/scripts/setup.sh.j2
@@ -21,10 +21,10 @@ fi

 openstack role add admin --project services --user admin
 OS_TENANT_NAME=services neutron net-create floating001 --router:external --provider:physical_network external --provider:network_type flat
-OS_TENANT_NAME=services neutron subnet-create --name floating001 --allocation-pool start=10.100.50.100,end=10.100.50.200 --disable-dhcp --gateway 10.100.0.1 --dns-nameserver 208.67.222.222 --dns-nameserver 208.67.220.220 floating001 10.100.50.0/16
+OS_TENANT_NAME=services neutron subnet-create --name floating001 --allocation-pool start={{ network.external.start }},end={{ network.external.end }} --disable-dhcp --gateway {{ address.network }} --dns-nameserver {{ network.dns1 }} --dns-nameserver {{ network.dns2 }} floating001 {{ network.external.network }}

 neutron net-create internal001
-neutron subnet-create --name internal001 internal001 192.168.200.0/24
+neutron subnet-create --name internal001 --dns-nameserver {{ network.dns1 }} --dns-nameserver {{ network.dns2 }} internal001 {{ network.internal.network }}
 neutron router-create internal001
 neutron router-interface-add internal001 internal001
 neutron router-gateway-set internal001 floating001