diff --git a/docker/calico-dhcp-agent/Dockerfile.j2 b/docker/calico-dhcp-agent/Dockerfile.j2 new file mode 100644 index 0000000..0b46b9d --- /dev/null +++ b/docker/calico-dhcp-agent/Dockerfile.j2 @@ -0,0 +1,2 @@ +FROM {{ namespace }}/neutron-base:{{ tag }} +MAINTAINER {{ maintainer }} diff --git a/docker/calico-felix/Dockerfile.j2 b/docker/calico-felix/Dockerfile.j2 new file mode 100644 index 0000000..0b46b9d --- /dev/null +++ b/docker/calico-felix/Dockerfile.j2 @@ -0,0 +1,2 @@ +FROM {{ namespace }}/neutron-base:{{ tag }} +MAINTAINER {{ maintainer }} diff --git a/docker/neutron-base/Dockerfile.j2 b/docker/neutron-base/Dockerfile.j2 index 6c36c0e..8b24746 100644 --- a/docker/neutron-base/Dockerfile.j2 +++ b/docker/neutron-base/Dockerfile.j2 @@ -11,9 +11,13 @@ RUN apt-get -y install --no-install-recommends \ openvswitch-switch \ uuid-runtime \ mysql-client \ + net-tools \ && apt-get clean {{ copy_sources("openstack/neutron", "/neutron") }} +{{ copy_sources("projectcalico/libcalico", "/libcalico") }} +{{ copy_sources("projectcalico/calico", "/calico") }} +{{ copy_sources("openstack/networking-calico", "/networking-calico") }} RUN cd /neutron \ && useradd --user-group neutron \ @@ -32,4 +36,12 @@ RUN usermod -a -G microservices neutron \ && chmod 750 /etc/sudoers.d \ && chmod 440 /etc/sudoers.d/neutron_sudoers +RUN /var/lib/microservices/venv/bin/pip --no-cache-dir install --upgrade /libcalico \ + && rm -rf /libcalico \ + && mkdir -p /var/log/calico /etc/calico \ + && /var/lib/microservices/venv/bin/pip --no-cache-dir install --upgrade /calico \ + && rm -rf /calico \ + && /var/lib/microservices/venv/bin/pip --no-cache-dir install --upgrade /networking-calico \ + && rm -rf /networking-calico + ENV PATH /var/lib/microservices/venv/bin:$PATH diff --git a/service/calico-dhcp-agent.yaml b/service/calico-dhcp-agent.yaml new file mode 100644 index 0000000..26a61ba --- /dev/null +++ b/service/calico-dhcp-agent.yaml @@ -0,0 +1,37 @@ +service: + name: calico-dhcp-agent + host-net: true + daemonset: true + containers: + - name: calico-dhcp-agent + image: calico-dhcp-agent + privileged: true + probes: + readiness: "true" + liveness: "true" + volumes: + - name: metadata-socket + type: host + path: /var/lib/neutron/ccp + daemon: + command: calico-dhcp-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini + dependencies: + - neutron-db-sync + - rabbitmq + files: + - neutron.conf + - ml2-conf.ini + - dnsmasq.conf +files: + neutron.conf: + path: /etc/neutron/neutron.conf + content: neutron.conf.j2 + perm: "0600" + ml2-conf.ini: + path: /etc/neutron/plugins/ml2/ml2_conf.ini + content: ml2_conf.ini.j2 + perm: "0600" + dnsmasq.conf: + path: /etc/neutron/dnsmasq.conf + content: dnsmasq.conf.j2 + perm: "0600" diff --git a/service/calico-felix.yaml b/service/calico-felix.yaml new file mode 100644 index 0000000..39b2652 --- /dev/null +++ b/service/calico-felix.yaml @@ -0,0 +1,33 @@ +service: + name: calico-felix + host-net: true + daemonset: true + containers: + - name: calico-felix + image: calico-felix + privileged: true + probes: + readiness: "true" + liveness: "true" + daemon: + command: calico-felix --config-file=/etc/calico/felix.cfg + dependencies: + - neutron-db-sync + - neutron-server + files: + - neutron.conf + - ml2-conf.ini + - felix.cfg +files: + neutron.conf: + path: /etc/neutron/neutron.conf + content: neutron.conf.j2 + perm: "0600" + ml2-conf.ini: + path: /etc/neutron/plugins/ml2/ml2_conf.ini + content: ml2_conf.ini.j2 + perm: "0600" + felix.cfg: + path: /etc/calico/felix.cfg + content: felix.cfg.j2 + perm: "0600" diff --git a/service/files/defaults.yaml b/service/files/defaults.yaml index 18ec18e..a42ff08 100644 --- a/service/files/defaults.yaml +++ b/service/files/defaults.yaml @@ -14,6 +14,9 @@ configs: connection: "unix:/run/openvswitch/db.sock" enable_lbaas: false enable_qos: false + calico: + etcd_host: "etcd-k8s" + etcd_port: 2379 ovs_db: loglevel: "info" @@ -21,3 +24,12 @@ sources: openstack/neutron: git_url: https://github.com/openstack/neutron.git git_ref: stable/newton + projectcalico/calico: + git_url: https://github.com/projectcalico/felix.git + git_ref: 1.4.3 + projectcalico/libcalico: + git_url: https://github.com/projectcalico/libcalico.git + git_ref: v0.17.0 + openstack/networking-calico: + git_url: https://github.com/openstack/networking-calico.git + git_ref: master diff --git a/service/files/felix.cfg.j2 b/service/files/felix.cfg.j2 new file mode 100644 index 0000000..9d12b01 --- /dev/null +++ b/service/files/felix.cfg.j2 @@ -0,0 +1,5 @@ +[global] +MetadataPort = 8775 +MetadataAddr = nova-api +EtcdAddr = {{ calico_etcd_host }}:{{ calico_etcd_port }} +#FelixHostname = hostname diff --git a/service/files/ml2_conf.ini.j2 b/service/files/ml2_conf.ini.j2 index 0f0aec0..5b3f090 100644 --- a/service/files/ml2_conf.ini.j2 +++ b/service/files/ml2_conf.ini.j2 @@ -1,13 +1,20 @@ # ml2_conf.ini [ml2] # Changing type_drivers after bootstrap can lead to database inconsistencies +{% if neutron.plugin_agent == "calico" %} +type_drivers = local, flat +tenant_network_types = local +{% else %} type_drivers = flat,vlan,vxlan tenant_network_types = vxlan +{% endif %} {% if neutron.plugin_agent == "openvswitch" %} mechanism_drivers = openvswitch,l2population {% elif neutron.plugin_agent == "linuxbridge" %} mechanism_drivers = linuxbridge,l2population +{% elif neutron.plugin_agent == "calico" %} +mechanism_drivers = calico {% endif %} {% if neutron.enable_qos %} @@ -50,3 +57,9 @@ physical_interface_mappings = physnet1:{{ neutron.external_interface }} l2_population = true {% endif %} local_ip = {{ network_topology["private"]["address"] }} + +{% if neutron.plugin_agent == "calico" %} +[calico] +etcd_host = {{ neutron.calico.etcd_host }} +etcd_port = {{ neutron.calico.etcd_port }} +{% endif %}