Making the gateway work

With this change we can make it work the gateway role.

Change-Id: I6c283f3a0342dbd1f399cb52d5592d1d4182ee1c

README.md

@@ -1,4 +0,0 @@
-MidoNet
-=======
-
-Plugin description

README.rst

@@ -0,0 +1,4 @@
+MidoNet
+=======
+
+Please refer to `Plugin User Guide <./doc/user-guide.rst>`_ for documentation

deployment_scripts/install_dependencies.sh

@@ -63,15 +63,17 @@ gpgkey=http://repo.midonet.org/packages.midokura.key
 timeout=60
 EOF
 
-    gem install json
-    gem install faraday
     # Need to set these steps for a default zookeeper installation
     yum install -y java-1.7.0-openjdk
     mkdir -p /usr/java
     ln -s /etc/alternatives/jre_1.7.0 /usr/java/default
-
+else
+    apt-get install -y ruby-dev
 fi
 
+gem install json --no-ri --no-rdoc --debug
+gem install faraday --no-ri --no-rdoc --debug
+
 puppet module install ripienaar-module_data --force
 puppet module install puppetlabs-java --ignore-dependencies --force
 puppet module install puppetlabs-apt --ignore-dependencies --force
@@ -81,8 +83,7 @@ puppet module install deric-zookeeper --ignore-dependencies --force
 puppet module install puppetlabs-concat --ignore-dependencies --force
 puppet module install nanliu-staging --ignore-dependencies --force
 puppet module install puppetlabs-tomcat --ignore-dependencies --force
-rm -rf /etc/puppet/modules/midonet
-git clone git://github.com/midonet/puppet-midonet /etc/puppet/modules/midonet
+puppet module install midonet-midonet --ignore-dependencies --force
 
 if [[ ! -a /etc/puppet/modules/neutron/manifests/plugins/midonet.pp ]]; then
   # Apply the released patch of Neutron Puppet to allow midonet manifests

deployment_scripts/puppet/files/startup.conf

@@ -0,0 +1,7 @@
+start on runlevel [123456]
+stop on shutdown
+
+script
+    puppet apply --modulepath=/etc/fuel/plugins/midonet-fuel-plugin-2.0/puppet/modules:/etc/puppet/modules /etc/fuel/plugins/midonet-fuel-plugin-2.0/puppet/manifests/midonet-gateway-bgp.pp
+end script
+

deployment_scripts/puppet/manifests/midonet-delete-datapaths.pp

@@ -1,5 +1,10 @@
+$service_path = $operatingsystem ? {
+  'CentOS' => '/sbin',
+  'Ubuntu' => '/usr/bin:/usr/sbin:/sbin'
+}
+
 exec {'service midolman stop':
-  path   => '/sbin'
+  path   => $service_path
 } ->
 
 exec {'/usr/bin/mm-dpctl --delete-dp ovs-system':
@@ -13,5 +18,5 @@ exec {'/usr/bin/mm-dpctl --delete-dp midonet':
 } ->
 
 exec {'service midolman start':
-  path   => '/sbin'
+  path   => $service_path
 }

deployment_scripts/puppet/manifests/midonet-gateway-bgp.pp

@@ -1,14 +1,76 @@
-exec { "/sbin/ip tuntap add mode tap testgateway": } ->
-exec { "/usr/bin/midonet-cli -e 'create router name \\"MidoNet Provider Router\\"'": } ->
-midonet_gateway { $::hostname:
-  ensure          => present,
-  midonet_api_url => 'http://127.0.0.1:8080/midonet-api',
-  username        => 'admin',
-  password        => 'admin',
-  interface       => 'testgateway',
-  local_as        => '64512',
-  bgp_port        => { 'port_address' => '198.51.100.2', 'net_prefix' => '198.51.100.0', 'net_length' => '30'},
-  remote_peers    => [{ 'as' => '64513', 'ip' => '198.51.100.1'},
-                      { 'as' => '64513', 'ip' => '203.0.113.1'}],
-  advertise_net   => [{ 'net_prefix' => '192.0.2.0', 'net_length' => '24' }]
+$fuel_settings = parseyaml($astute_settings_yaml)
+$management_address = hiera('management_vip')
+$username = $fuel_settings['access']['user']
+$password = $fuel_settings['access']['password']
+$midonet_settings = $fuel_settings['midonet-fuel-plugin']
+$gateway_nodes = filter_nodes($fuel_settings['nodes'], 'role', 'midonet-gw')
+$gateways_hash_ips = nodes_to_hash($gateway_nodes, 'name', 'public_address')
+$gw_ip = $gateways_hash_ips[$::hostname]
+$gateways_hash_mask = nodes_to_hash($gateway_nodes, 'name', 'public_netmask')
+$gw_mask = $gateways_hash_mask[$::hostname]
+$net_hash = public_network_hash($gw_ip, $gw_mask)
+$f_net_cidr = split($midonet_settings['floating_cidr'], '/')
+$remote_peers = generate_remote_peers($midonet_settings)
+
+notify {"peers":
+   message => "floating neeet si $remote_peers"
+}
+
+exec {"set down external bridge":
+ path    => "/usr/bin:/usr/sbin:/sbin",
+  command => "ip link set dev br-ex down"
+} ->
+
+exec {"remove bridge ip address":
+  path    => "/usr/bin:/usr/sbin:/sbin",
+  command => "ip a del $::ipaddress_br_ex dev br-ex",
+  onlyif  => "ip -4 a | /bin/grep br-ex"
+} ->
+
+exec {"add veth interface":
+  path    => "/usr/bin:/usr/sbin:/sbin",
+  command => "ip link add gw-veth-br type veth peer name gw-veth-mn",
+  unless  => "ip l | /bin/grep gw-veth-br"
+} ->
+
+exec {"set gw-veth-br interface up":
+  path    => "/usr/bin:/usr/sbin:/sbin",
+  command => "ip l set dev gw-veth-br up"
+} ->
+
+exec {"set gw-veth-mn interface up":
+  path    => "/usr/bin:/usr/sbin:/sbin",
+  command => "ip l set dev gw-veth-mn up"
+} ->
+
+exec {"add veth to bridge":
+  path    => "/usr/bin:/usr/sbin:/sbin",
+  command => "brctl addif br-ex gw-veth-br",
+  unless  => "brctl show br-ex | /bin/grep gw-veth-br"
+} ->
+
+file {"/etc/sysconfig/network-scripts/ifcfg-p_br-floating-0":
+  ensure  => absent,
+} ->
+
+exec {"set up external bridge":
+  path    => "/usr/bin:/usr/sbin:/sbin",
+  command => "ip link set dev br-ex up"
+} ->
+
+file {"/etc/init/midonet-network.conf":
+  ensure => present,
+  source => "/etc/fuel/plugins/midonet-fuel-plugin-2.0/puppet/files/startup.conf"
+} ->
+
+midonet_gateway { $::fqdn:
+  ensure          => present,
+  midonet_api_url => "http://${management_address}:8081/midonet-api",
+  username        => $username,
+  password        => $password,
+  interface       => 'gw-veth-mn',
+  local_as        => $midonet_settings['local_as'],
+  bgp_port        => { 'port_address' => $gw_ip, 'net_prefix' => $net_hash['network_address'], 'net_length' => $net_hash['mask']},
+  remote_peers    => $remote_peers,
+  advertise_net   => [{ 'net_prefix' => $f_net_cidr[0], 'net_length' => $f_net_cidr[1]}]
 }

deployment_scripts/puppet/manifests/midonet-host-registry.pp

@@ -1,11 +1,21 @@
 $fuel_settings = parseyaml($astute_settings_yaml)
 $api_ip = $::fuel_settings['management_vip']
 
-$tz_type = $::fuel_settings['midonet']['tunnel_type']
+$tz_type = $::fuel_settings['midonet-fuel-plugin']['tunnel_type']
 $username = $fuel_settings['access']['user']
 $password = $fuel_settings['access']['password']
 $tenant_name = $fuel_settings['access']['tenant']
 
+$service_path = $operatingsystem ? {
+  'CentOS' => '/sbin',
+  'Ubuntu' => '/usr/bin:/usr/sbin:/sbin'
+}
+
+# Somehow, there are times where the hosts don't register
+# to NSDB. Restarting midolman forces the registration
+exec {'service midolman restart':
+  path   => $service_path
+} ->
 
 midonet_host_registry {$::fqdn:
   midonet_api_url     => "http://${api_ip}:8081",

deployment_scripts/puppet/manifests/midonet-install-agent.pp

@@ -5,14 +5,14 @@ $zoo_ips = generate_api_zookeeper_ips($nsdb_nodes)
 $cass_hash = nodes_to_hash($nsdb_nodes, 'name', 'internal_address')
 $api_ip = $::fuel_settings['management_vip']
 
-$m_version = $::fuel_settings['midonet']['version']
+$m_version = 'v2015.06'
 $username = $fuel_settings['access']['user']
 $password = $fuel_settings['access']['password']
 $tenant_name = $fuel_settings['access']['tenant']
 
 $ovsdb_service_name = $operatingsystem ? {
   'CentOS' => 'openvswitch',
-  'CentOS' => 'openvswitch-switch'
+  'Ubuntu' => 'openvswitch-switch'
 }
 
 $openvswitch_package_neutron = $operatingsystem ? {
@@ -30,7 +30,6 @@ $mido_repo = $operatingsystem ? {
   'Ubuntu' => "http://repo.midonet.org/midonet/${m_version}"
 }
 
-# MidoNet api manifest
 class {'::midonet::repository':
   midonet_repo => $mido_repo
 } ->

deployment_scripts/puppet/manifests/midonet-install-api.pp

@@ -2,13 +2,19 @@ $fuel_settings = parseyaml($astute_settings_yaml)
 $all_nodes = $fuel_settings['nodes']
 $nsdb_nodes = filter_nodes($all_nodes, 'role', 'nsdb')
 $zoo_ips = generate_api_zookeeper_ips($nsdb_nodes)
-$m_version = $fuel_settings['midonet']['version']
+$m_version = 'v2015.06'
 $primary_controller_nodes = filter_nodes($all_nodes, 'role', 'primary-controller')
 $controllers = concat($primary_controller_nodes, filter_nodes($all_nodes, 'role', 'controller'))
 
 # MidoNet api manifest
+
+$mido_repo = $operatingsystem ? {
+  'CentOS' => "http://repo.midonet.org/midonet/${m_version}/RHEL",
+  'Ubuntu' => "http://repo.midonet.org/midonet/${m_version}"
+}
+
 class {'::midonet::repository':
-  midonet_repo => "http://repo.midonet.org/midonet/${m_version}/RHEL"
+  midonet_repo => $mido_repo
 } ->
 
 class {'::midonet::midonet_api':

deployment_scripts/puppet/manifests/midonet-reconfigure-neutron.pp

@@ -1,6 +1,5 @@
 $fuel_settings = parseyaml($astute_settings_yaml)
 $address = hiera('management_vip')
-$m_version = $fuel_settings['midonet']['version']
 # amqp settings
 $controllers                    = hiera('controllers')
 $controller_internal_addresses  = nodes_to_hash($controllers,'name','internal_address')
@@ -100,7 +99,7 @@ class { '::neutron::server':
 
   api_workers => min($::processorcount + 0, 50 + 0),
   rpc_workers => 0,
-} ->
+}
 
 class { '::neutron::agents::dhcp':
   debug                    => false,

deployment_scripts/puppet/manifests/midonet-restart-neutron.pp

@@ -10,7 +10,8 @@ $roles = node_roles($nodes_hash, hiera('uid'))
 $segment_id = $nets['net04']['L2']['segment_id']
 $vm_net_l3 = $nets['net04']['L3']
 
-$tz_type = $::fuel_settings['midonet']['tunnel_type']
+$midonet_settings = $::fuel_settings['midonet-fuel-plugin']
+$tz_type = $midonet_settings['tunnel_type']
 $vm_net = { shared => false,
             "L2" => { network_type => $tz_type,
                       router_ext => false,
@@ -21,12 +22,9 @@ $vm_net = { shared => false,
             tenant => 'admin'
           }
 
-$alloc = split($nets['net04_ext']['L3']['floating'], ':')
-$allocation_pools = "start=${alloc[0]},end=${alloc[1]}"
-
-$metadata_agent_name = $operatingsystem ? {
-  'CentOS' => 'neutron-metadata-agent'
-}
+$range_start = $midonet_settings['floating_ip_range_start']
+$range_end = $midonet_settings['floating_ip_range_end']
+$allocation_pools = "start=$range_start,end=$range_end"
 
 service { 'neutron-server':
   ensure => running,
@@ -71,13 +69,14 @@ if member($roles, 'primary-controller') {
   } ->
 
   neutron_subnet { "net04_ext__subnet":
-    ensure          => present,
-    cidr            => $nets['net04_ext']['L3']['subnet'],
-    network_name    => 'net04_ext',
-    tenant_name     => $nets['net04_ext']['tenant'],
-    gateway_ip      => $nets['net04_ext']['L3']['gateway'],
-    enable_dhcp     => $nets['net04_ext']['L3']['enable_dhcp'],
-    dns_nameservers => $nets['net04_ext']['L3']['nameservers']
+    ensure           => present,
+    cidr             => $midonet_settings['floating_cidr'],
+    network_name     => 'net04_ext',
+    tenant_name      => $nets['net04_ext']['tenant'],
+    gateway_ip       => $midonet_settings['gateway'],
+    enable_dhcp      => $nets['net04_ext']['L3']['enable_dhcp'],
+    dns_nameservers  => $nets['net04_ext']['L3']['nameservers'],
+    allocation_pools => $allocation_pools
   } ->
 
   neutron_router { 'router04':

deployment_scripts/puppet/manifests/midonet-trick-l23network.pp

@@ -0,0 +1,14 @@
+# Create a file to trick the l23network and let install
+# openvswitch module to configure the public interface
+file {"/etc/hiera/override":
+  ensure => directory
+} ->
+
+file {"/etc/hiera/override/node":
+  ensure => directory
+} ->
+
+file {"/etc/hiera/override/node/${::fqdn}.yaml":
+  ensure  => present,
+  content => "use_neutron: true\n"
+}

deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_api_zookeeper_ips.rb

@@ -20,7 +20,7 @@ module Puppet::Parser::Functions
     result = []
     nodes_hash = argv[0]
     nodes_hash.each do |zk_ip|
-      result.push({'ip' => zk_ip['internal_address']})  
+      result.push({'ip' => zk_ip['internal_address']})
     end
     return result
   end

deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/generate_remote_peers.rb

@@ -0,0 +1,29 @@
+#    Copyright 2015 Midokura SARL, Inc.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+module Puppet::Parser::Functions
+  newfunction(:generate_remote_peers, :type => :rvalue, :doc => <<-EOS
+    Generate remote peers according to the input values in the plugin settings
+    EOS
+  ) do |argv|
+      mn_settings = argv[0]
+      result = []
+      if not mn_settings['remote_ip1'].empty? and not mn_settings['remote_as1'].empty?
+          result.push({"as" => mn_settings['remote_as1'], "ip" => mn_settings['remote_ip1']})
+      end
+      if not mn_settings['remote_ip2'].empty? and not mn_settings['remote_as2'].empty?
+          result.push({"as" => mn_settings['remote_as2'], "ip" => mn_settings['remote_ip2']})
+      end
+      return result
+  end
+end

deployment_scripts/puppet/modules/plugin_midonet/lib/puppet/parser/functions/public_network_hash.rb

@@ -0,0 +1,29 @@
+# Copyright 2015 Midokura SARL, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+require 'ipaddr'
+
+module Puppet::Parser::Functions
+  newfunction(:public_network_hash, :type => :rvalue, :doc => <<-EOS
+    This function returns a network address and an integer mask based
+    on and IP address of the network and its IP mask
+    EOS
+  ) do |argv|
+      ip = argv[0]
+      netmask = argv[1]
+      result = {}
+      result['network_address'] = IPAddr.new(ip).mask(netmask).to_s
+      result['mask'] = IPAddr.new(netmask).to_i.to_s(2).count("1").to_s
+      return result
+  end
+end

environment_config.yaml

@@ -1,4 +1,9 @@
 attributes:
+  metadata:
+    restrictions:
+      - condition: cluster:net_provider != 'neutron' or networking_parameters:segmentation_type != 'gre'
+        action: hide
+
   tunnel_type:
     type: "select"
     weight: 10
@@ -10,14 +15,98 @@ attributes:
         label: "GRE tunnels"
       - data: "vxlan"
         label: "VXLAN tunnels"
-  version:
-    type: "select"
-    weight: 20
-    value: "v2015.01"
-    label: "MidoNet version"
-    description: "Choose which version of MidoNet you want to deploy"
-    values:
-      - data: "v2015.01"
-        label: "v2015.01"
-      - data: "v2015.03"
-        label: "v2015.03"
+    restrictions:
+      - condition: settings:public_network_assignment.assign_to_all_nodes == false
+        action: "hide"
+
+  # Floating IP range #
+  floating_cidr:
+    value: ''
+    label: 'Public Network CIDR'
+    description: 'CIDR of the Public Network. Will override the default settings'
+    weight: 30
+    type: "text"
+    regex:
+      source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])/(3[012]|[12]?[0-9])$'
+      error: 'Public Network must be a CIDR'
+
+  gateway:
+    value: ''
+    label: 'Public Gateway IP'
+    description: 'Gateway of the Public Network. Will override the default settings'
+    weight: 35
+    type: "text"
+    regex:
+      source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
+      error: 'Public Network gateway must be an IP address'
+
+  floating_ip_range_start:
+    value: ''
+    label: 'Floating Range start'
+    description: 'First IP address of the Floating Range. Will override the default settings'
+    weight: 36
+    type: "text"
+    regex:
+      source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
+      error: 'Floating range start value must be an IP address'
+
+  floating_ip_range_end:
+    value: ''
+    label: 'Floating Range end'
+    description: 'Last IP address of the Floating Range. Will override the default settings'
+    weight: 37
+    type: "text"
+    regex:
+      source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
+      error: 'Floating range last value must be an IP address'
+
+  ## BGP Options ###
+  local_as:
+    value: ''
+    label: 'Local AS'
+    description: 'Autonomous System number'
+    weight: 55
+    type: "text"
+    regex:
+      source: '^([0-9]){5}$'
+      error: "Local AS must be an integer of 5 digits"
+
+  remote_as1:
+    value: ''
+    label: 'BGP peer 1 AS'
+    description: 'Autonomous System number of the first BGP peer'
+    weight: 65
+    type: "text"
+    regex:
+      source: '^([0-9]){5}$'
+      error: "Remote AS must be an integer of 5 digits"
+
+  remote_ip1:
+    value: ''
+    label: 'BGP peer 1 IP address'
+    description: 'IP address of the first BGP peer'
+    weight: 75
+    type: "text"
+    regex:
+      source: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$'
+      error: 'Remote BGP peer must be an IP address'
+
+  remote_as2:
+    value: ''
+    label: 'BGP peer 2 AS'
+    description: 'Autonomous System number of the second BGP peer'
+    weight: 85
+    type: "text"
+    regex:
+      source: '^$|(^([0-9]){5}$)'
+      error: "Remote AS must be an integer of 5 digits or empty"
+
+  remote_ip2:
+    value: ''
+    label: 'BGP peer 2 IP address'
+    description: 'IP address of the second BGP peer'
+    weight: 95
+    type: "text"
+    regex:
+      source: '^$|(^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$)'
+      error: 'Remote BGP peer must be an IP address or empty'

metadata.yaml

@@ -1,31 +1,23 @@
-# Plugin name
-name: midonet
-# Human-readable name for your plugin
+name: midonet-fuel-plugin
 title: Neutron Midonet plugin
-# Plugin version
-version: 1.0.72
-# Description
+version: 2.0.0
 description: Enable to use plugin Midonet for Neutron
-# Required fuel version
 fuel_version: ['6.1']
-
-# The plugin is compatible with releases in the list
 releases:
-  - os: ubuntu
-    version: 2014.2.2-6.1
-    mode: ['ha', 'multinode']
-    deployment_scripts_path: deployment_scripts/
-    repository_path: repositories/ubuntu
+  # - os: ubuntu
+  #   version: 2014.2.2-6.1
+  #   mode: ['ha', 'multinode']
+  #   deployment_scripts_path: deployment_scripts/
+  #   repository_path: repositories/ubuntu
   - os: centos
     version: 2014.2.2-6.1
     mode: ['ha', 'multinode']
     deployment_scripts_path: deployment_scripts/
     repository_path: repositories/centos
-
-# Version of plugin package
 package_version: '2.0.0'
 licenses: ['Apache 2.0']
 authors: ['Lucas Eznarriaga <lucas@midokura.com>, Midokura',
-          'Jaume Devesa <jaume@midokura.com>, Midokura']
+          'Jaume Devesa <jaume@midokura.com>, Midokura',
+          'Carmela Rubinos <carmela@midokura.com>, Midokura']
 homepage: https://github.com/stackforge/fuel-plugin-midonet
 groups: ['network']

tasks.yaml

@@ -1,25 +1,50 @@
 #
 # Pre-deployment tasks
 #
+
+# When the node is not the controller and we need to configure the public
+# address of the node, somehow it fails saying that openvswitch is not
+# installed. By creating the file '/etc/hiera/override/node/${::fqdn}.yaml and
+# setting use_neutron:true on it we force that openvswitch will be installed by
+# the l23network module. that does not mean that we will install neutron there.
+- id: midonet_trick_l23network
+  role: [nsdb, compute, midonet-gw]
+  stage: pre_deployment/6001
+  required_for: [pre_deployment_end]
+  type: puppet
+  parameters:
+    puppet_manifest: puppet/manifests/midonet-trick-l23network.pp
+    puppet_modules: "puppet/modules/:/etc/puppet/modules/"
+    timeout: 720
+
+#
+# Post-deployment tasks
+#
+
+# Configure the repositories and the puppet modules we need to deploy
+# midonet on the nodes.
 - id: midonet_install_dependencies
   role: [primary-controller, controller, compute, nsdb, midonet-gw]
-  stage: pre_deployment/6001
+  stage: post_deployment/1003
   required_for: [pre_deployment_end]
   type: shell
   parameters:
     cmd: ./install_dependencies.sh
-    timeout: 360
+    timeout: 720
 
-# Post-deployment tasks
+# Enable IP forward in all the nodes that will install midolman agent
 - id: midonet_enable_ip_forward
-  role: [nsdb, compute]
+  role: [nsdb, compute, controller, primary-controller]
   stage: post_deployment/4400
   required_for: [post_deployment_end]
   type: puppet
   parameters:
     puppet_manifest: puppet/manifests/midonet-enable-ip-forward.pp
     puppet_modules: "puppet/modules/:/etc/puppet/modules/"
-    timeout: 360
+    timeout: 720
+
+# This task will install and configure the `nsdb` role (with zookeeper
+# and cassandra)
 - id: midonet_cassandra_and_zookeeper
   role: [nsdb]
   stage: post_deployment/6001
@@ -28,23 +53,33 @@
   parameters:
     puppet_manifest: puppet/manifests/midonet-nsdb.pp
     puppet_modules: "puppet/modules/:/etc/puppet/modules/"
-    timeout: 360
+    timeout: 720
+
+# Only running on primary controller: since we can only set tasks on
+# post-deployments, reaching this point means Neutron is deployed with
+# ML2 plugin (the default one). This script cleans the networks created
+# by the regular deployment.
 - id: midonet_clean_neutron_db
   role: [primary-controller]
   stage: post_deployment/6400
   type: shell
   parameters:
     cmd: ./clean_neutron.sh
-    timeout: 360
+    timeout: 720
   fail_on_error: false
+
+# Disable all the Neutron services: neutorn-server, l3-agent, dhcp-agent
+# metadata-agent
 - id: midonet_disable_services
-  role: [primary-controller, controller, compute]
+  role: [primary-controller, controller]
   stage: post_deployment/6405
   type: puppet
   parameters:
     puppet_manifest: puppet/manifests/midonet-disable-services.pp
     puppet_modules: puppet/modules:/etc/puppet/modules
-    timeout: 60
+    timeout: 720
+
+# Deploy the midonet api in the controllers
 - id: midonet_deploy_api
   role: [primary-controller, controller]
   stage: post_deployment/6410
@@ -52,31 +87,41 @@
   parameters:
     puppet_manifest: puppet/manifests/midonet-install-api.pp
     puppet_modules: puppet/modules:/etc/puppet/modules/
-    timeout: 360
+    timeout: 720
+
+# Install, configure and run MidoNet agent and remove any other
+# openvswitch package which is not the Kernel module
 - id: midonet_agent
-  role: [primary-controller, controller, compute]
+  role: [primary-controller, controller, compute, midonet-gw]
   stage: post_deployment/6415
   type: puppet
   parameters:
     puppet_manifest: puppet/manifests/midonet-install-agent.pp
     puppet_modules: "puppet/modules/:/etc/puppet/modules/"
-    timeout: 360
+    timeout: 720
+
+# During deployment, openvswitch has created a datapath called `ovs-services`.
+# Stop MidoNet agent, and clean the datapath, and run MidoNet agent again
 - id: midonet_delete_datapaths
-  role: [primary-controller, controller, compute]
+  role: [primary-controller, controller, compute, midonet-gw]
   stage: post_deployment/6420
   type: puppet
   parameters:
     puppet_manifest: puppet/manifests/midonet-delete-datapaths.pp
     puppet_modules: puppet/modules:/etc/puppet/modules
-    timeout: 60
+    timeout: 720
+
+# Register any host that runs MidoNet agent to the default tunnelzone
 - id: midonet_host_registry
-  role: [primary-controller, controller, compute]
+  role: [primary-controller, controller, compute, midonet-gw]
   stage: post_deployment/6425
   type: puppet
   parameters:
     puppet_manifest: puppet/manifests/midonet-host-registry.pp
     puppet_modules: "puppet/modules/:/etc/puppet/modules/"
-    timeout: 360
+    timeout: 720
+
+# Reconfigure neturon files to run with MidoNet plugin
 - id: midonet_reconfigure_neutron
   role: [primary-controller, controller]
   stage: post_deployment/6430
@@ -84,7 +129,10 @@
   parameters:
     puppet_manifest: puppet/manifests/midonet-reconfigure-neutron.pp
     puppet_modules: puppet/modules:/etc/puppet/modules
-    timeout: 220
+    timeout: 720
+
+# Clean and run Neutron database. That may help if someday we need a MidoNet
+# specific database table (like in v2.0 we will need, the `tasks` one)
 - id: midonet_recreate_neutron_db
   role: [primary-controller]
   stage: post_deployment/6435
@@ -92,12 +140,25 @@
   parameters:
     puppet_manifest: puppet/manifests/midonet-recreate-neutron-db.pp
     puppet_modules: puppet/modules:/etc/puppet/modules
-    timeout: 360
+    timeout: 720
+
+# Recreate the default networks on Neutron database and restart Neutron
+# services
 - id: midonet_restart_neutron
-  role: ['primary-controller', 'controller']
+  role: [primary-controller, controller]
   stage: post_deployment/6440
   type: puppet
   parameters:
     puppet_manifest: puppet/manifests/midonet-restart-neutron.pp
     puppet_modules: puppet/modules:/etc/puppet/modules
-    timeout: 210
+    timeout: 720
+
+# In Gateway node: register the node as the gateway of the deployment
+- id: midonet_configure_gateway
+  role: [midonet-gw]
+  stage: post_deployment/6500
+  type: puppet
+  parameters:
+    puppet_manifest: puppet/manifests/midonet-gateway-bgp.pp
+    puppet_modules: puppet/modules:/etc/puppet/modules
+    timeout: 720