Browse Source

Create Calico plugin for Fuel 6.1

Change-Id: I96b81f269639c45d2e5765d8859e5eac58922101
tags/liberty-eol
Emma Gordon 4 years ago
parent
commit
a25d0b87de

+ 204
- 0
LICENSE View File

@@ -0,0 +1,204 @@
1
+Copyright 2015 Metaswitch Networks
2
+
3
+Apache License
4
+                           Version 2.0, January 2004
5
+                        http://www.apache.org/licenses/
6
+
7
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
8
+
9
+   1. Definitions.
10
+
11
+      "License" shall mean the terms and conditions for use, reproduction,
12
+      and distribution as defined by Sections 1 through 9 of this document.
13
+
14
+      "Licensor" shall mean the copyright owner or entity authorized by
15
+      the copyright owner that is granting the License.
16
+
17
+      "Legal Entity" shall mean the union of the acting entity and all
18
+      other entities that control, are controlled by, or are under common
19
+      control with that entity. For the purposes of this definition,
20
+      "control" means (i) the power, direct or indirect, to cause the
21
+      direction or management of such entity, whether by contract or
22
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
23
+      outstanding shares, or (iii) beneficial ownership of such entity.
24
+
25
+      "You" (or "Your") shall mean an individual or Legal Entity
26
+      exercising permissions granted by this License.
27
+
28
+      "Source" form shall mean the preferred form for making modifications,
29
+      including but not limited to software source code, documentation
30
+      source, and configuration files.
31
+
32
+      "Object" form shall mean any form resulting from mechanical
33
+      transformation or translation of a Source form, including but
34
+      not limited to compiled object code, generated documentation,
35
+      and conversions to other media types.
36
+
37
+      "Work" shall mean the work of authorship, whether in Source or
38
+      Object form, made available under the License, as indicated by a
39
+      copyright notice that is included in or attached to the work
40
+      (an example is provided in the Appendix below).
41
+
42
+      "Derivative Works" shall mean any work, whether in Source or Object
43
+      form, that is based on (or derived from) the Work and for which the
44
+      editorial revisions, annotations, elaborations, or other modifications
45
+      represent, as a whole, an original work of authorship. For the purposes
46
+      of this License, Derivative Works shall not include works that remain
47
+      separable from, or merely link (or bind by name) to the interfaces of,
48
+      the Work and Derivative Works thereof.
49
+
50
+      "Contribution" shall mean any work of authorship, including
51
+      the original version of the Work and any modifications or additions
52
+      to that Work or Derivative Works thereof, that is intentionally
53
+      submitted to Licensor for inclusion in the Work by the copyright owner
54
+      or by an individual or Legal Entity authorized to submit on behalf of
55
+      the copyright owner. For the purposes of this definition, "submitted"
56
+      means any form of electronic, verbal, or written communication sent
57
+      to the Licensor or its representatives, including but not limited to
58
+      communication on electronic mailing lists, source code control systems,
59
+      and issue tracking systems that are managed by, or on behalf of, the
60
+      Licensor for the purpose of discussing and improving the Work, but
61
+      excluding communication that is conspicuously marked or otherwise
62
+      designated in writing by the copyright owner as "Not a Contribution."
63
+
64
+      "Contributor" shall mean Licensor and any individual or Legal Entity
65
+      on behalf of whom a Contribution has been received by Licensor and
66
+      subsequently incorporated within the Work.
67
+
68
+   2. Grant of Copyright License. Subject to the terms and conditions of
69
+      this License, each Contributor hereby grants to You a perpetual,
70
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
71
+      copyright license to reproduce, prepare Derivative Works of,
72
+      publicly display, publicly perform, sublicense, and distribute the
73
+      Work and such Derivative Works in Source or Object form.
74
+
75
+   3. Grant of Patent License. Subject to the terms and conditions of
76
+      this License, each Contributor hereby grants to You a perpetual,
77
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
78
+      (except as stated in this section) patent license to make, have made,
79
+      use, offer to sell, sell, import, and otherwise transfer the Work,
80
+      where such license applies only to those patent claims licensable
81
+      by such Contributor that are necessarily infringed by their
82
+      Contribution(s) alone or by combination of their Contribution(s)
83
+      with the Work to which such Contribution(s) was submitted. If You
84
+      institute patent litigation against any entity (including a
85
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
86
+      or a Contribution incorporated within the Work constitutes direct
87
+      or contributory patent infringement, then any patent licenses
88
+      granted to You under this License for that Work shall terminate
89
+      as of the date such litigation is filed.
90
+
91
+   4. Redistribution. You may reproduce and distribute copies of the
92
+      Work or Derivative Works thereof in any medium, with or without
93
+      modifications, and in Source or Object form, provided that You
94
+      meet the following conditions:
95
+
96
+      (a) You must give any other recipients of the Work or
97
+          Derivative Works a copy of this License; and
98
+
99
+      (b) You must cause any modified files to carry prominent notices
100
+          stating that You changed the files; and
101
+
102
+      (c) You must retain, in the Source form of any Derivative Works
103
+          that You distribute, all copyright, patent, trademark, and
104
+          attribution notices from the Source form of the Work,
105
+          excluding those notices that do not pertain to any part of
106
+          the Derivative Works; and
107
+
108
+      (d) If the Work includes a "NOTICE" text file as part of its
109
+          distribution, then any Derivative Works that You distribute must
110
+          include a readable copy of the attribution notices contained
111
+          within such NOTICE file, excluding those notices that do not
112
+          pertain to any part of the Derivative Works, in at least one
113
+          of the following places: within a NOTICE text file distributed
114
+          as part of the Derivative Works; within the Source form or
115
+          documentation, if provided along with the Derivative Works; or,
116
+          within a display generated by the Derivative Works, if and
117
+          wherever such third-party notices normally appear. The contents
118
+          of the NOTICE file are for informational purposes only and
119
+          do not modify the License. You may add Your own attribution
120
+          notices within Derivative Works that You distribute, alongside
121
+          or as an addendum to the NOTICE text from the Work, provided
122
+          that such additional attribution notices cannot be construed
123
+          as modifying the License.
124
+
125
+      You may add Your own copyright statement to Your modifications and
126
+      may provide additional or different license terms and conditions
127
+      for use, reproduction, or distribution of Your modifications, or
128
+      for any such Derivative Works as a whole, provided Your use,
129
+      reproduction, and distribution of the Work otherwise complies with
130
+      the conditions stated in this License.
131
+
132
+   5. Submission of Contributions. Unless You explicitly state otherwise,
133
+      any Contribution intentionally submitted for inclusion in the Work
134
+      by You to the Licensor shall be under the terms and conditions of
135
+      this License, without any additional terms or conditions.
136
+      Notwithstanding the above, nothing herein shall supersede or modify
137
+      the terms of any separate license agreement you may have executed
138
+      with Licensor regarding such Contributions.
139
+
140
+   6. Trademarks. This License does not grant permission to use the trade
141
+      names, trademarks, service marks, or product names of the Licensor,
142
+      except as required for reasonable and customary use in describing the
143
+      origin of the Work and reproducing the content of the NOTICE file.
144
+
145
+   7. Disclaimer of Warranty. Unless required by applicable law or
146
+      agreed to in writing, Licensor provides the Work (and each
147
+      Contributor provides its Contributions) on an "AS IS" BASIS,
148
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
149
+      implied, including, without limitation, any warranties or conditions
150
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
151
+      PARTICULAR PURPOSE. You are solely responsible for determining the
152
+      appropriateness of using or redistributing the Work and assume any
153
+      risks associated with Your exercise of permissions under this License.
154
+
155
+   8. Limitation of Liability. In no event and under no legal theory,
156
+      whether in tort (including negligence), contract, or otherwise,
157
+      unless required by applicable law (such as deliberate and grossly
158
+      negligent acts) or agreed to in writing, shall any Contributor be
159
+      liable to You for damages, including any direct, indirect, special,
160
+      incidental, or consequential damages of any character arising as a
161
+      result of this License or out of the use or inability to use the
162
+      Work (including but not limited to damages for loss of goodwill,
163
+      work stoppage, computer failure or malfunction, or any and all
164
+      other commercial damages or losses), even if such Contributor
165
+      has been advised of the possibility of such damages.
166
+
167
+   9. Accepting Warranty or Additional Liability. While redistributing
168
+      the Work or Derivative Works thereof, You may choose to offer,
169
+      and charge a fee for, acceptance of support, warranty, indemnity,
170
+      or other liability obligations and/or rights consistent with this
171
+      License. However, in accepting such obligations, You may act only
172
+      on Your own behalf and on Your sole responsibility, not on behalf
173
+      of any other Contributor, and only if You agree to indemnify,
174
+      defend, and hold each Contributor harmless for any liability
175
+      incurred by, or claims asserted against, such Contributor by reason
176
+      of your accepting any such warranty or additional liability.
177
+
178
+   END OF TERMS AND CONDITIONS
179
+
180
+   APPENDIX: How to apply the Apache License to your work.
181
+
182
+      To apply the Apache License to your work, attach the following
183
+      boilerplate notice, with the fields enclosed by brackets "{}"
184
+      replaced with your own identifying information. (Don't include
185
+      the brackets!)  The text should be enclosed in the appropriate
186
+      comment syntax for the file format. We also recommend that a
187
+      file or class name and description of purpose be included on the
188
+      same "printed page" as the copyright notice for easier
189
+      identification within third-party archives.
190
+
191
+   Copyright {yyyy} {name of copyright owner}
192
+
193
+   Licensed under the Apache License, Version 2.0 (the "License");
194
+   you may not use this file except in compliance with the License.
195
+   You may obtain a copy of the License at
196
+
197
+       http://www.apache.org/licenses/LICENSE-2.0
198
+
199
+   Unless required by applicable law or agreed to in writing, software
200
+   distributed under the License is distributed on an "AS IS" BASIS,
201
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
202
+   See the License for the specific language governing permissions and
203
+   limitations under the License.
204
+

+ 98
- 0
README.md View File

@@ -0,0 +1,98 @@
1
+Calico plugin for Mirantis Fuel
2
+===============================
3
+
4
+Calico provides seamless, scalable, secure Layer 3 Virtual Networking for your
5
+Mirantis OpenStack Deployment.
6
+
7
+By replacing OpenStack’s native networking model, Calico targets deployments 
8
+where the vast majority of workloads only require L3 connectivity, providing 
9
+efficient, easy to troubleshoot networking, without the complexity and 
10
+inefficiency of overlay networking models. Calico does not require any 
11
+additional nodes or Calico specific management – it just works, and gets out 
12
+of your way!
13
+
14
+Limitations:
15
+------------
16
+
17
+In the current release, Calico requires a deployment with a single OpenStack
18
+controller. This limitation will be lifted in future releases.
19
+
20
+Compatible versions:
21
+--------------------
22
+
23
+	Mirantis Fuel 6.1
24
+
25
+
26
+To build the plugin:
27
+--------------------
28
+
29
+- Install the fuel plugin builder, fpb:
30
+
31
+		easy_install pip
32
+
33
+		pip install fuel-plugin-builder
34
+
35
+- Clone the calico plugin repository and run the plugin builder:
36
+
37
+		git clone https://github.com/stackforge/fuel-plugin-calico
38
+
39
+		cd fuel-plugin-calico/
40
+
41
+		fpb --build .
42
+
43
+- Check that the file calico-fuel-plugin-1.0-1.0.0-0.noarch.rpm was created.
44
+
45
+
46
+To install the plugin:
47
+----------------------
48
+
49
+- Prepare a clean fuel master node.
50
+
51
+- Copy the plugin onto the fuel master node:
52
+
53
+		scp calico-fuel-plugin-1.0-1.0.0-0.noarch.rpm root@<Fuel_Master_Node_IP>:/tmp
54
+
55
+- Install the plugin on the fuel master node:
56
+
57
+		cd /tmp
58
+
59
+		fuel plugins --install calico-fuel-plugin-1.0-1.0.0-0.noarch.rpm
60
+
61
+- Check the plugin was installed:
62
+
63
+		fuel plugins --list
64
+
65
+
66
+User Guide
67
+----------
68
+
69
+To deploy a cluster with the Calico plugin, use the Fuel web UI to deploy an
70
+OpenStack cluster in the usual way, with the following guidelines:
71
+
72
+- Create a new OpenStack environment, selecting:
73
+
74
+	Juno on Ubuntu Trusty
75
+
76
+	"Neutron with VLAN segmentation" as the networking setup
77
+
78
+- Under the settings tab, make sure the following options are checked:
79
+
80
+	"Assign public network to all nodes"
81
+
82
+	"Use Calico Virtual Networking"
83
+
84
+- Under the network tab, configure the 'Public' settings (leaving all of the 
85
+  other sections with their default values). For example (exact values will
86
+  depend on your setup):
87
+
88
+	- IP Range: 172.18.203.60 - 172.18.203.69
89
+        - CIDR: 172.18.203.0/24
90
+        - Use VLAN tagging: No
91
+        - Gateway: 172.18.203.1 
92
+	- Floating IP range: 172.18.203.70 - 172.18.203.79
93
+
94
+- Add nodes (for meaningful testing, you will need at least two compute nodes
95
+  in addition to the controller). Note that, in this release of Calico, only
96
+  a single controller node is supported.
97
+
98
+- Deploy changes

+ 163
- 0
deployment_scripts/calico_compute.sh View File

@@ -0,0 +1,163 @@
1
+#!/bin/bash
2
+
3
+exec > /tmp/calico_compute.log 2>&1
4
+
5
+set -x
6
+
7
+echo "Hi, I'm a compute node!"
8
+
9
+this_node_address=$(python get_node_ip.py `hostname`)
10
+controller_node_address=$(python get_controller_ip.py)
11
+
12
+# Get APT key for binaries.projectcalico.org.
13
+
14
+curl -L http://binaries.projectcalico.org/repo/key | apt-key add -
15
+
16
+# Add source for binaries.projectcalico.org, removing the priority files that
17
+# were automatically created by the fuel plugin installer (the version number
18
+# in the file names causes problems as it contains full stops, and the file
19
+# contents aren't what we want).
20
+
21
+rm -f /etc/apt/preferences.d/calico-fuel-plugin-1.0.0 /etc/apt/sources.list.d/calico-fuel-plugin-1.0.0.list
22
+
23
+cat > /etc/apt/sources.list.d/calico.list <<EOF
24
+deb http://binaries.projectcalico.org/fuel6.1 ./
25
+EOF
26
+
27
+cat << PREFS >> /etc/apt/preferences.d/calico-fuel
28
+Package: *
29
+Pin: origin binaries.projectcalico.org
30
+Pin-Priority: 1100
31
+PREFS
32
+
33
+# Add PPA for the etcd packages, and ensure that it has lower priority than
34
+# binaries.projectcalico.org so that we get the fuel versions of the calico
35
+# packages.
36
+
37
+apt-add-repository -y ppa:project-calico/juno
38
+
39
+cat > /etc/apt/preferences.d/calico-etcd <<EOF
40
+Package: *
41
+Pin: origin ppa:project-calico/juno
42
+Pin-Priority: 1075
43
+EOF
44
+
45
+# Pick up package details from new sources.
46
+apt-get update
47
+
48
+# Install etcd and configure it for a compute node.
49
+
50
+apt-get -y install etcd
51
+
52
+service etcd stop
53
+rm -rf /var/lib/etcd/*
54
+awk '/exec \/usr\/bin\/etcd/{while(getline && $0 != ""){}}1' /etc/init/etcd.conf > tmp
55
+mv tmp /etc/init/etcd.conf
56
+cat << EXEC_CMD >> /etc/init/etcd.conf
57
+exec /usr/bin/etcd -proxy on                                                         \\
58
+                   -listen-client-urls http://127.0.0.1:4001                         \\
59
+                   -initial-cluster controller=http://${controller_node_address}:2380
60
+EXEC_CMD
61
+service etcd start
62
+
63
+# Run apt-get upgrade and apt-get dist-upgrade. These commands will
64
+# bring in Calico-specific updates to the OpenStack packages and to
65
+# dnsmasq. 
66
+
67
+apt-get -y upgrade
68
+apt-get -y dist-upgrade
69
+
70
+# Open /etc/nova/nova.conf and remove the linuxnet_interface_driver line.
71
+
72
+cp /etc/nova/nova.conf /etc/nova/nova.conf.pre-calico
73
+
74
+sed -i "/^linuxnet_interface_driver/d" /etc/nova/nova.conf
75
+service nova-compute restart
76
+
77
+# Install some extra packages.
78
+
79
+apt-get -y install neutron-common neutron-dhcp-agent nova-api-metadata
80
+
81
+# Open /etc/neutron/dhcp_agent.ini in your preferred text editor. In
82
+# the [DEFAULT] section, add the following line:
83
+#
84
+# interface_driver = neutron.agent.linux.interface.RoutedInterfaceDriver
85
+
86
+cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.pre-calico
87
+
88
+sed -i "/^interface_driver/d" /etc/neutron/dhcp_agent.ini
89
+
90
+sed -i "/^\[DEFAULT\]/a\
91
+interface_driver = neutron.agent.linux.interface.RoutedInterfaceDriver
92
+" /etc/neutron/dhcp_agent.ini
93
+
94
+# Allow BGP connections through the Fuel firewall. We do this before 
95
+# installing calico-compute, so that they will be included when the 
96
+# calico-compute install script does iptables-save.
97
+iptables -I INPUT 1 -p tcp --dport 179 -j ACCEPT
98
+
99
+# Add sources for BIRD and Ubuntu Precise.
100
+
101
+gpg --keyserver keyserver.ubuntu.com --recv-keys F9C59A45
102
+gpg -a --export F9C59A45 | apt-key add -
103
+
104
+cat > /etc/apt/sources.list.d/bird.list <<EOF
105
+deb http://ppa.launchpad.net/cz.nic-labs/bird/ubuntu trusty main
106
+EOF
107
+
108
+cat > /etc/apt/sources.list.d/trusty.list <<EOF
109
+deb http://gb.archive.ubuntu.com/ubuntu/ trusty main
110
+deb http://gb.archive.ubuntu.com/ubuntu/ trusty universe
111
+EOF
112
+
113
+apt-get update
114
+
115
+# Install BIRD and calico-compute packages.
116
+
117
+# Note that this will trigger the installation of iptables-persistent which
118
+# will attempt to bring up a dialog box. We use debconf-set-selections to set
119
+# the value beforehand to avoid this (so not to interrupt the automated
120
+# installation process).
121
+echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
122
+echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
123
+
124
+apt-get -y install calico-compute bird
125
+
126
+# Configure BIRD. By default Calico assumes that you'll be deploying
127
+# a route reflector to avoid the need for a full BGP mesh. To this
128
+# end, it includes useful configuration scripts that will prepare a
129
+# BIRD config file with a single peering to the route reflector. If
130
+# that's correct for your network, you can run the following command 
131
+# for IPv4 connectivity between compute hosts.
132
+#
133
+# The calico_route_reflector.sh script will set up the required BGP
134
+# Route Reflctor configuration on the controller to allow connections
135
+# from the compute nodes.
136
+#
137
+# If you are configuring a full BGP mesh you'll need to handle the BGP
138
+# configuration appropriately - by editing this script/the Route Reflector
139
+# script. You should consult the relevant documentation for your chosen BGP
140
+# stack.
141
+
142
+calico-gen-bird-conf.sh $this_node_address $controller_node_address 64511
143
+
144
+# Edit the /etc/calico/felix.cfg file:
145
+#     Change the MetadataAddr setting to 127.0.0.1.
146
+#     Change the MetadataPort setting to 8775.
147
+
148
+cp /etc/calico/felix.cfg.example /etc/calico/felix.cfg
149
+
150
+sed -i "/^MetadataAddr/d" /etc/calico/felix.cfg
151
+sed -i "/^\[global\]/a\
152
+MetadataAddr = 127.0.0.1
153
+" /etc/calico/felix.cfg
154
+
155
+sed -i "/^MetadataPort/d" /etc/calico/felix.cfg
156
+sed -i "/^\[global\]/a\
157
+MetadataPort = 8775
158
+" /etc/calico/felix.cfg
159
+
160
+# Restart the Felix service:
161
+service calico-felix restart
162
+
163
+exit 0

+ 183
- 0
deployment_scripts/calico_controller.sh View File

@@ -0,0 +1,183 @@
1
+#!/bin/bash
2
+
3
+exec > /tmp/calico_controller.log 2>&1
4
+
5
+set -x
6
+
7
+echo "Hi, I'm a controller node!"
8
+
9
+this_node_address=$(python get_node_ip.py `hostname`)
10
+
11
+# Get APT key for binaries.projectcalico.org.
12
+
13
+curl -L http://binaries.projectcalico.org/repo/key | apt-key add -
14
+
15
+# Add source for binaries.projectcalico.org, removing the priority files that
16
+# were automatically created by the fuel plugin installer (the version number
17
+# in the file names causes problems as it contains full stops, and the file
18
+# contents aren't what we want).
19
+
20
+rm -f /etc/apt/preferences.d/calico-fuel-plugin-1.0.0 /etc/apt/sources.list.d/calico-fuel-plugin-1.0.0.list
21
+
22
+cat > /etc/apt/sources.list.d/calico.list <<EOF
23
+deb http://binaries.projectcalico.org/fuel6.1 ./
24
+EOF
25
+
26
+cat << PREFS >> /etc/apt/preferences.d/calico-fuel
27
+Package: *
28
+Pin: origin binaries.projectcalico.org
29
+Pin-Priority: 1100
30
+PREFS
31
+
32
+# Add PPA for the etcd packages, and ensure that it has lower priority than
33
+# binaries.projectcalico.org so that we get the fuel versions of the calico
34
+# packages.
35
+
36
+apt-add-repository -y ppa:project-calico/juno
37
+
38
+cat > /etc/apt/preferences.d/calico-etcd <<EOF
39
+Package: *
40
+Pin: origin ppa:project-calico/juno
41
+Pin-Priority: 1075
42
+EOF
43
+
44
+# Pick up package details from new sources.
45
+apt-get update
46
+
47
+# Install etcd and configure it for a controller node.
48
+
49
+apt-get -y install etcd
50
+
51
+service etcd stop
52
+rm -rf /var/lib/etcd/*
53
+awk '/exec \/usr\/bin\/etcd/{while(getline && $0 != ""){}}1' /etc/init/etcd.conf > tmp
54
+mv tmp /etc/init/etcd.conf
55
+cat << EXEC_CMD >> /etc/init/etcd.conf
56
+exec /usr/bin/etcd -name controller                                                                           \\
57
+                   -advertise-client-urls "http://${this_node_address}:2379,http://${this_node_address}:4001" \\
58
+                   -listen-client-urls "http://0.0.0.0:2379,http://0.0.0.0:4001"                              \\
59
+                   -listen-peer-urls "http://0.0.0.0:2380"                                                    \\
60
+                   -initial-advertise-peer-urls "http://${this_node_address}:2380"                            \\
61
+                   -initial-cluster-token fuel-cluster-1                                                      \\
62
+                   -initial-cluster controller=http://${this_node_address}:2380                               \\
63
+                   -initial-cluster-state new
64
+EXEC_CMD
65
+
66
+service etcd start
67
+
68
+# Ensure that the firewall isn't dropping traffic to the ports used by etcd.
69
+iptables -I INPUT 1 -p tcp --dport 2379 -j ACCEPT
70
+iptables -I INPUT 2 -p tcp --dport 2380 -j ACCEPT
71
+iptables -I INPUT 3 -p tcp --dport 4001 -j ACCEPT
72
+iptables-save > /etc/iptables.local
73
+/sbin/iptables-restore < /etc/iptables.local
74
+
75
+# Run apt-get upgrade and apt-get dist-upgrade. These commands will
76
+# bring in Calico-specific updates to the OpenStack packages and to
77
+# dnsmasq.
78
+
79
+apt-get -y upgrade
80
+apt-get -y dist-upgrade
81
+
82
+# Install the calico-control package:
83
+
84
+apt-get -y install calico-control
85
+
86
+# Edit the /etc/neutron/plugins/ml2/ml2_conf.ini file:
87
+#
88
+#     Find the line beginning with type_drivers, and change it to
89
+#     read type_drivers = local, flat.
90
+
91
+cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.pre-calico
92
+
93
+sed -i "/^type_drivers/d" /etc/neutron/plugins/ml2/ml2_conf.ini
94
+
95
+sed -i "/^\[ml2\]/a\
96
+type_drivers = local, flat
97
+" /etc/neutron/plugins/ml2/ml2_conf.ini
98
+
99
+#     Find the line beginning with mechanism_drivers, and change it
100
+#     to read mechanism_drivers = calico.
101
+
102
+sed -i "/^mechanism_drivers/d" /etc/neutron/plugins/ml2/ml2_conf.ini
103
+
104
+sed -i "/^\[ml2\]/a\
105
+mechanism_drivers = calico
106
+" /etc/neutron/plugins/ml2/ml2_conf.ini
107
+
108
+#     Find the line beginning with tenant_network_types, and change it
109
+#     to read tenant_network_types = local.
110
+
111
+sed -i "/^tenant_network_types/d" /etc/neutron/plugins/ml2/ml2_conf.ini
112
+
113
+sed -i "/^\[ml2\]/a\
114
+tenant_network_types = local
115
+" /etc/neutron/plugins/ml2/ml2_conf.ini
116
+
117
+# Edit the /etc/neutron/neutron.conf file:
118
+#
119
+#     Find the line for the dhcp_agents_per_network setting,
120
+#     uncomment it, and set its value to the number of compute nodes
121
+#     that you will have (or any number larger than that). This
122
+#     allows a DHCP agent to run on every compute node, which Calico
123
+#     requires because the networks on different compute nodes are
124
+#     not bridged together.
125
+
126
+cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.pre-calico
127
+
128
+sed -i "/^dhcp_agents_per_network/d" /etc/neutron/neutron.conf
129
+
130
+sed -i "/^\[DEFAULT\]/a\
131
+dhcp_agents_per_network = 1000
132
+" /etc/neutron/neutron.conf
133
+
134
+# Remove api_workers and rpc_workers config, so that these default to
135
+# 0. The Calico/OpenStack plugin doesn't currently work if the
136
+# Neutron server is split across multiple OS processes.
137
+
138
+sed -i "/^api_workers/d" /etc/neutron/neutron.conf
139
+sed -i "/^rpc_workers/d" /etc/neutron/neutron.conf
140
+
141
+# Set agent_down_time to 60, instead of Fuel's default setting of 15.
142
+# The Calico/OpenStack plugin reports Felix agent status every 30
143
+# seconds, based on the HEARTBEAT exchange between the plugin and each
144
+# Felix; and it is recommended that agent_down_time should be double
145
+# the expected reporting interval.
146
+
147
+sed -i "/^agent_down_time/d" /etc/neutron/neutron.conf
148
+
149
+sed -i "/^\[DEFAULT\]/a\
150
+agent_down_time = 60
151
+" /etc/neutron/neutron.conf
152
+
153
+# If dnspython is installed, eventlet replaces socket.getaddrinfo() with its
154
+# own version that cannot handle IPv6 addresses. As a workaround, we comment
155
+# out the '::1 localhost' line from /etc/hosts.
156
+
157
+sed -i "s/^::1\(.*\)/#::1\1 #commented out due to dnspython IPv6 issue/" /etc/hosts
158
+
159
+# Restart the neutron server process:
160
+
161
+service neutron-server restart
162
+
163
+# BIRD installation
164
+
165
+gpg --keyserver keyserver.ubuntu.com --recv-keys F9C59A45
166
+gpg -a --export F9C59A45 | apt-key add -
167
+
168
+cat > /etc/apt/sources.list.d/bird.list <<EOF
169
+deb http://ppa.launchpad.net/cz.nic-labs/bird/ubuntu trusty main
170
+EOF
171
+
172
+apt-get update
173
+
174
+apt-get -y install bird
175
+
176
+# Allow BGP through the Fuel firewall
177
+iptables -I INPUT 1 -p tcp --dport 179 -j ACCEPT
178
+
179
+# Save the current iptables so that they will be restored if the
180
+# controller is rebooted.
181
+iptables-save > /etc/iptables/rules.v4
182
+
183
+exit 0

+ 63
- 0
deployment_scripts/calico_route_reflector.sh View File

@@ -0,0 +1,63 @@
1
+#!/bin/bash
2
+
3
+exec > /tmp/calico_route_reflector.log 2>&1
4
+
5
+set -x
6
+
7
+echo "Hi, I'm a route_reflector node!"
8
+
9
+this_node_address=$(grep `hostname` /etc/hosts | awk '{print $1;}')
10
+
11
+all_nodes=$(grep node- /etc/hosts | awk '{print $1;}')
12
+
13
+# Generate basic config for a BIRD BGP route reflector.
14
+cat > /etc/bird/bird.conf <<EOF
15
+# Configure logging
16
+log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug };
17
+log stderr all;
18
+#log "tmp" all;
19
+
20
+# Override router ID
21
+router id $this_node_address;
22
+
23
+
24
+filter import_kernel {
25
+if ( net != 0.0.0.0/0 ) then {
26
+   accept;
27
+   }
28
+reject;
29
+}
30
+
31
+# Turn on global debugging of all protocols
32
+debug protocols all;
33
+
34
+# This pseudo-protocol watches all interface up/down events.
35
+protocol device {
36
+  scan time 2;    # Scan interfaces every 10 seconds
37
+}
38
+EOF
39
+
40
+# Add a BGP protocol stanza for each compute node.
41
+for node in $all_nodes; do
42
+    if [ $node != $this_node_address ]; then
43
+        cat >> /etc/bird/bird.conf <<EOF
44
+
45
+protocol bgp {
46
+  description "$node";
47
+  local as 64511;
48
+  neighbor $node as 64511;
49
+  multihop;
50
+  rr client;
51
+  import all;
52
+  export all;
53
+  source address ${this_node_address};
54
+}
55
+
56
+EOF
57
+    fi
58
+done
59
+
60
+# Restart BIRD with the new config.
61
+service bird restart
62
+
63
+exit 0

+ 15
- 0
deployment_scripts/get_controller_ip.py View File

@@ -0,0 +1,15 @@
1
+#!/usr/bin/env python
2
+
3
+import yaml
4
+
5
+with open("/etc/compute.yaml", "r") as f:
6
+    config = yaml.safe_load(f)
7
+
8
+for node in config["nodes"]:
9
+    if node["role"] == "primary-controller":
10
+        controller_ip = node["internal_address"]
11
+        break
12
+else:
13
+    controller_ip = None
14
+
15
+print controller_ip

+ 50
- 0
deployment_scripts/get_node_ip.py View File

@@ -0,0 +1,50 @@
1
+#!/usr/bin/env python
2
+
3
+import os
4
+import sys
5
+import yaml
6
+
7
+usage = "./get_node_ip.py <hostname>"
8
+
9
+PRIMARY_CONTROLLER_CFG = "/etc/primary-controller.yaml"
10
+CONTROLLER_CFG = "/etc/controller.yaml"
11
+COMPUTE_CFG = "/etc/compute.yaml"
12
+
13
+def get_config_file_for_node_type():
14
+    if os.path.isfile(PRIMARY_CONTROLLER_CFG):
15
+        config_file = PRIMARY_CONTROLLER_CFG
16
+
17
+    elif os.path.isfile(CONTROLLER_CFG):
18
+        config_file = CONTROLLER_CFG
19
+
20
+    elif os.path.isfile(COMPUTE_CFG):
21
+        config_file = COMPUTE_CFG
22
+
23
+    else:
24
+        raise Exception("Unrecognised node type - can't obtain config")
25
+
26
+    return config_file
27
+
28
+def main(hostname):
29
+    config_file = get_config_file_for_node_type()
30
+
31
+    with open(config_file, "r") as f:
32
+        config = yaml.safe_load(f)
33
+
34
+    for node in config["nodes"]:
35
+        if node["fqdn"] == hostname:
36
+            # Get the IP address that other OpenStack nodes can use to address
37
+            # services on this node, rather than the node's public IP address.
38
+            this_node_ip = node["internal_address"]
39
+            break
40
+    else:
41
+        this_node_ip = None
42
+
43
+    print this_node_ip
44
+
45
+if __name__ == "__main__":
46
+    if len(sys.argv) != 2:
47
+        print usage
48
+        sys.exit(1)
49
+
50
+    main(sys.argv[1])

+ 1
- 0
environment_config.yaml View File

@@ -0,0 +1 @@
1
+attributes: {}

+ 29
- 0
metadata.yaml View File

@@ -0,0 +1,29 @@
1
+# Plugin name
2
+name: calico-fuel-plugin
3
+# Human-readable name for your plugin
4
+title: Use Calico Virtual Networking
5
+# Plugin version
6
+version: 1.0.0
7
+# Description
8
+description: Layer 3 Virtual Networking for Highly Scalable Data Centers
9
+# Required fuel version
10
+fuel_version: ['6.1']
11
+# Plugin authors
12
+authors: ['Emma Gordon']
13
+# Plugin license
14
+licenses: [Apache License Version 2.0]
15
+# Plugin project homepage
16
+homepage: https://github.com/stackforge/fuel-plugin-calico
17
+# Plugin group
18
+groups: ['network']
19
+
20
+# The plugin is compatible with releases in the list
21
+releases:
22
+  - os: ubuntu
23
+    version: 2014.2-6.1
24
+    mode: ['ha', 'multinode']
25
+    deployment_scripts_path: deployment_scripts/
26
+    repository_path: repositories/ubuntu
27
+
28
+# Version of plugin package
29
+package_version: '2.0.0'

+ 18
- 0
pre_build_hook View File

@@ -0,0 +1,18 @@
1
+#!/bin/bash
2
+
3
+# Add here any the actions which are required before plugin build
4
+# like packages building, packages downloading from mirrors and so on.
5
+# The script should return 0 if there were no errors.
6
+
7
+#!/bin/bash
8
+set -eux
9
+ROOT="$(dirname `readlink -f $0`)"
10
+MODULES="${ROOT}"/deployment_scripts/puppet/modules
11
+mkdir -p "${MODULES}"
12
+REPO_PATH='https://github.com/stackforge/fuel-library/tarball/f43d885914d74fbd062096763222f350f47480e1'
13
+RPM_REPO="${ROOT}"/repositories/centos/
14
+DEB_REPO="${ROOT}"/repositories/ubuntu/
15
+
16
+wget -qO- "${REPO_PATH}" | \
17
+    tar -C "${MODULES}" --strip-components=3 -zxvf - \
18
+    stackforge-fuel-library-f43d885/deployment/puppet/{inifile,stdlib}

+ 0
- 0
repositories/centos/.gitkeep View File


+ 0
- 0
repositories/ubuntu/.gitkeep View File


+ 144
- 0
specs/calico-fuel-plugin.rst View File

@@ -0,0 +1,144 @@
1
+Fuel Plugin for Project Calico
2
+==============================
3
+
4
+The Calico plugin provides the ability to use Calico as a networking backend
5
+for Mirantis OpenStack.
6
+
7
+Compatible with Fuel version 6.1.
8
+
9
+Problem description
10
+===================
11
+
12
+Calico is a new approach to virtual networking, based on the same scalable IP
13
+networking principles as the Internet. It targets data centers where most of
14
+the workloads (VMs, containers or bare metal servers) only require IP
15
+connectivity, and provides that using standard IP routing. Isolation between
16
+workloads - whether according to tenant ownership, or any finer grained
17
+policy - is achieved by iptables programming at the servers hosting the source
18
+and destination workloads.
19
+
20
+Proposed change
21
+===============
22
+
23
+Implement a Fuel plugin that will install and configure Calico networking in a
24
+Mirantis OpenStack deployment.
25
+
26
+Alternatives
27
+------------
28
+
29
+N/A - the aim is to implement a Fuel plugin.
30
+
31
+Data model impact
32
+-----------------
33
+
34
+None.
35
+
36
+REST API impact
37
+---------------
38
+
39
+None.
40
+
41
+Upgrade impact
42
+--------------
43
+
44
+When upgrading the Fuel Master node to Fuel Version higher than 6.1, plugin 
45
+compatibility should be checked, and a new plugin installed if necessary.
46
+
47
+Security impact
48
+---------------
49
+
50
+None.
51
+
52
+Notifications impact
53
+--------------------
54
+
55
+None.
56
+
57
+Other end user impact
58
+---------------------
59
+
60
+Once the plugin is installed, the user can enable Calico networking on the
61
+Settings tab of the Fuel Web UI, and customize the network settings.
62
+
63
+Performance Impact
64
+------------------
65
+
66
+None.
67
+
68
+Plugin impact
69
+-------------
70
+
71
+None.
72
+
73
+Other deployer impact
74
+---------------------
75
+
76
+None.
77
+
78
+Developer impact
79
+----------------
80
+
81
+None.
82
+
83
+Infrastructure impact
84
+---------------------
85
+
86
+None.
87
+
88
+Implementation
89
+==============
90
+
91
+Assignee(s)
92
+-----------
93
+
94
+Primary assignee:
95
+  Emma Gordon <emma@projectcalico.org> (developer)
96
+
97
+Other contributors:
98
+  Neil Jerram <neil@projectcalico.org> (developer, reviewer)
99
+
100
+Work Items
101
+----------
102
+
103
+* Integrate Calico with Fuel 6.1.
104
+
105
+* Implement the Calico plugin.
106
+
107
+* Test Calico plugin.
108
+
109
+* Create the documentation.
110
+
111
+Dependencies
112
+============
113
+
114
+* Fuel 6.1.
115
+
116
+Testing
117
+=======
118
+
119
+* Prepare a test plan.
120
+
121
+* Test the plugin according to the test plan.
122
+
123
+Documentation Impact
124
+====================
125
+
126
+* User Guide.
127
+
128
+* Test Plan.
129
+
130
+* Test Report.
131
+
132
+References
133
+==========
134
+
135
+* Project Calico wesbite - http://www.projectcalico.org/
136
+
137
+* Calico code on GitHub - https://github.com/Metaswitch/calico
138
+
139
+* Calico Documentation - http://docs.projectcalico.org/en/latest/index.html
140
+
141
+* Subscribe to the Calico Technical Mailing List - 
142
+  http://lists.projectcalico.org/listinfo/calico-tech
143
+
144
+* Calico IRC - freenode IRC: #calico

+ 23
- 0
tasks.yaml View File

@@ -0,0 +1,23 @@
1
+# Install/configure calico on the controller after cluster deployment
2
+# but before starting the BGP Route Reflector.
3
+- role: ['controller', 'primary-controller']
4
+  stage: post_deployment/50
5
+  type: shell
6
+  parameters:
7
+    cmd: ./calico_controller.sh
8
+    timeout: 600
9
+
10
+- role: ['controller', 'primary-controller']
11
+  stage: post_deployment/100
12
+  type: shell
13
+  parameters:
14
+    cmd: ./calico_route_reflector.sh
15
+    timeout: 60
16
+
17
+# Install/configure calico on the compute nodes after cluster deployment.
18
+- role: ['compute']
19
+  stage: post_deployment
20
+  type: shell
21
+  parameters:
22
+    cmd: ./calico_compute.sh
23
+    timeout: 600

Loading…
Cancel
Save