diff --git a/gbpservice/contrib/nfp/tools/setup_nfp.py b/gbpservice/contrib/nfp/tools/setup_nfp.py index 9bc3ccd71..6a9525dde 100755 --- a/gbpservice/contrib/nfp/tools/setup_nfp.py +++ b/gbpservice/contrib/nfp/tools/setup_nfp.py @@ -127,12 +127,13 @@ def configure_nfp(): curr_service_plugins_list.remove(word) curr_service_plugins_list.append("vpnaas") + # enable lbaasv2 by default if not len(lbaas_enabled): - curr_service_plugins_list.append("lbaas") + curr_service_plugins_list.append("lbaasv2") else: for word in lbaas_enabled: curr_service_plugins_list.remove(word) - curr_service_plugins_list.append("lbaas") + curr_service_plugins_list.append("lbaasv2") if not len(fwaas_enabled): curr_service_plugins_list.append("nfp_fwaas") @@ -186,8 +187,8 @@ def configure_nfp(): # Update neutron server to use GBP policy subprocess.call("crudini --set /etc/neutron/neutron.conf DEFAULT policy_file /etc/group-based-policy/policy.d/policy.json".split(' ')) - # Update neutron LBaaS with NFP LBaaS service provider - subprocess.call("crudini --set /etc/neutron/neutron_lbaas.conf service_providers service_provider LOADBALANCER:loadbalancer:gbpservice.contrib.nfp.service_plugins.loadbalancer.drivers.nfp_lbaas_plugin_driver.HaproxyOnVMPluginDriver:default".split(' ')) + # Update neutron LBaaS with NFP LBaaS v2 service provider + subprocess.call("crudini --set /etc/neutron/neutron_lbaas.conf service_providers service_provider LOADBALANCERV2:loadbalancerv2:gbpservice.contrib.nfp.service_plugins.loadbalancer.drivers.nfp_lbaasv2_plugin_driver.HaproxyOnVMPluginDriver:default".split(' ')) # Update neutron VPNaaS with NFP VPNaaS service provider subprocess.call(["grep -q '^service_provider.*NFPIPsecVPNDriver:default' /etc/neutron/neutron_vpnaas.conf; if [[ $? = 1 ]]; then sed -i '/^service_provider.*IPsecVPNDriver/ s/:default/\\nservice_provider\ =\ VPN:vpn:gbpservice.contrib.nfp.service_plugins.vpn.drivers.nfp_vpnaas_driver.NFPIPsecVPNDriver:default/' /etc/neutron/neutron_vpnaas.conf; fi"], shell=True) diff --git a/gbpservice/contrib/nfp/tools/templates/gbp_resources.yaml b/gbpservice/contrib/nfp/tools/templates/gbp_resources.yaml index 0d26295f6..c0e94b9fe 100644 --- a/gbpservice/contrib/nfp/tools/templates/gbp_resources.yaml +++ b/gbpservice/contrib/nfp/tools/templates/gbp_resources.yaml @@ -413,7 +413,7 @@ resources: properties: name: LB service_profile_id: { get_resource: PROFILE-LB } - config: { get_file: lb.template } + config: { get_file: haproxy_lbaasv2_multiple_listeners.template } shared: true NODE-VPN: @@ -450,7 +450,7 @@ resources: properties: name: LB vendor: NFP - service_type: LOADBALANCER + service_type: LOADBALANCERV2 insertion_mode: l3 service_flavor: service_vendor=haproxy,device_type=nova shared: true diff --git a/gbpservice/contrib/nfp/tools/templates/haproxy_lbaasv2.template b/gbpservice/contrib/nfp/tools/templates/haproxy_lbaasv2.template new file mode 100644 index 000000000..355ece394 --- /dev/null +++ b/gbpservice/contrib/nfp/tools/templates/haproxy_lbaasv2.template @@ -0,0 +1,79 @@ +{ + "heat_template_version": "2015-10-15", + "description": "Configuration for Haproxy Neutron Loadbalacer V2 service", + "parameters": { + "lb_port": { + "type": "number", + "default": 80, + "description": "Port used by the load balancer" + }, + "app_port": { + "type": "number", + "default": 80, + "description": "Port used by the servers" + }, + "Subnet": { + "type": "string", + "description": "Subnet on which the load balancer will be located" + }, + "vip_ip": { + "type": "string", + "description": "VIP IP Address" + }, + "service_chain_metadata": { + "type": "string", + "description": "sc metadata" + } + }, + "resources": { + "monitor": { + "type": "OS::Neutron::LBaaS::HealthMonitor", + "properties": { + "delay": 3, + "type": "HTTP", + "timeout": 3, + "max_retries": 3, + "pool": { + "get_resource": "pool" + } + } + }, + "pool": { + "type": "OS::Neutron::LBaaS::Pool", + "properties": { + "lb_algorithm": "ROUND_ROBIN", + "protocol": "HTTP", + "listener": { + "get_resource": "listener" + } + } + }, + "listener": { + "type": "OS::Neutron::LBaaS::Listener", + "properties": { + "loadbalancer": { + "get_resource": "loadbalancer" + }, + "protocol": "HTTP", + "protocol_port": { + "get_param": "lb_port" + } + } + }, + "loadbalancer": { + "type": "OS::Neutron::LBaaS::LoadBalancer", + "properties": { + "vip_subnet": { + "get_param": "Subnet" + }, + "provider": "loadbalancerv2", + "vip_address": { + "get_param": "vip_ip" + }, + "description": { + "get_param": "service_chain_metadata" + } + } + } + } +} \ No newline at end of file diff --git a/gbpservice/contrib/nfp/tools/templates/haproxy_lbaasv2_ssl.template b/gbpservice/contrib/nfp/tools/templates/haproxy_lbaasv2_ssl.template new file mode 100644 index 000000000..066741aa2 --- /dev/null +++ b/gbpservice/contrib/nfp/tools/templates/haproxy_lbaasv2_ssl.template @@ -0,0 +1,81 @@ +{ + "heat_template_version": "2015-10-15", + "description": "Configuration for Haproxy Neutron Loadbalacer V2 service", + "parameters": { + "lb_port": { + "type": "number", + "default": 443, + "description": "Port used by the load balancer" + }, + "app_port": { + "type": "number", + "default": 80, + "description": "Port used by the servers" + }, + "Subnet": { + "type": "string", + "description": "Subnet on which the load balancer will be located" + }, + "vip_ip": { + "type": "string", + "description": "VIP IP Address" + }, + "service_chain_metadata": { + "type": "string", + "description": "sc metadata" + } + }, + "resources": { + "monitor": { + "type": "OS::Neutron::LBaaS::HealthMonitor", + "properties": { + "delay": 3, + "type": "HTTP", + "timeout": 3, + "max_retries": 3, + "pool": { + "get_resource": "pool" + } + } + }, + "pool": { + "type": "OS::Neutron::LBaaS::Pool", + "properties": { + "lb_algorithm": "ROUND_ROBIN", + "protocol": "HTTP", + "listener": { + "get_resource": "listener" + } + } + }, + "listener": { + "type": "OS::Neutron::LBaaS::Listener", + "properties": { + "loadbalancer": { + "get_resource": "loadbalancer" + }, + "protocol": "TERMINATED_HTTPS", + "default_tls_container_ref": "http://192.168.200.43:9311/v1/containers/83d46573-dc1f-42ea-807b-181b7aaac3f2", + "sni_container_refs": ["http://192.168.200.43:9311/v1/containers/e8cb15a9-00dc-4027-b826-7e56ba870f68"], + "protocol_port": { + "get_param": "lb_port" + } + } + }, + "loadbalancer": { + "type": "OS::Neutron::LBaaS::LoadBalancer", + "properties": { + "vip_subnet": { + "get_param": "Subnet" + }, + "provider": "loadbalancerv2", + "vip_address": { + "get_param": "vip_ip" + }, + "description": { + "get_param": "service_chain_metadata" + } + } + } + } +}