Fix demo bridge setup

For cases where no network host is the same host as controller host
bridge<->subnet binding fails because there is no br-ex on controller.

Change-Id: Ie0761af0d9e91c5e17b3c8ecd09d1d7a0c2a0ed0

docs/packstack.rst

@@ -958,7 +958,7 @@ Provisioning tempest config
 Provisioning all-in-one ovs bridge config
 -----------------------------------------
 
-**CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE**
+**CONFIG_PROVISION_OVS_BRIDGE**
     Specify 'y' to configure the Open vSwitch external bridge for an all-in-one deployment (the L3 external bridge acts as the gateway for virtual machines). ['y', 'n']
 
 Ceilometer Config parameters

packstack/installer/run_setup.py

@@ -753,12 +753,6 @@ def single_step_aio_install(options, logFile):
     if not options.novanetwork_privif:
         options.novanetwork_privif = ''
 
-    # If we are doing an all-in-one install, do demo provisioning
-    # unless specifically told not to
-    if (options.os_neutron_install != "n" and
-            not options.provision_all_in_one_ovs_bridge):
-        options.provision_all_in_one_ovs_bridge = "y"
-
     single_step_install(options, logFile)
 
 

packstack/plugins/postscript_948.py

@@ -54,9 +54,3 @@ def create_manifest(config, messages):
         manifestfile = "%s_postscript.pp" % hostname
         manifestdata = getManifestTemplate("postscript")
         appendManifestFile(manifestfile, manifestdata, 'postscript')
-        # TO-DO: remove this temporary fix for nova-network/neutron
-        #        nondeterministic behavior
-        provision = (
-            config.get("CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE") not in
-            set(['false', 'n', None])
-        )

packstack/plugins/provision_700.py

@@ -204,18 +204,19 @@ def initConfig(controller):
              "CONDITION": False},
         ],
 
-        "PROVISION_ALL_IN_ONE_OVS_BRIDGE": [
+        "PROVISION_OVS_BRIDGE": [
-            {"CMD_OPTION": "provision-all-in-one-ovs-bridge",
+            {"CMD_OPTION": "provision-ovs-bridge",
              "PROMPT": "Would you like to configure the external ovs bridge",
              "OPTION_LIST": ["y", "n"],
              "VALIDATORS": [validators.validate_options],
-             "DEFAULT_VALUE": "n",
+             "DEFAULT_VALUE": "y",
              "MASK_INPUT": False,
              "LOOSE_VALIDATION": True,
-             "CONF_NAME": "CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE",
+             "CONF_NAME": "CONFIG_PROVISION_OVS_BRIDGE",
              "USE_DEFAULT": False,
              "NEED_CONFIRM": False,
-             "CONDITION": False},
+             "CONDITION": False,
+             "DEPRECATES": ['CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE']},
         ],
     }
     update_params_usage(basedefs.PACKSTACK_DOC, conf_params)
@@ -251,7 +252,7 @@ def initConfig(controller):
          "POST_CONDITION": False,
          "POST_CONDITION_MATCH": True},
 
-        {"GROUP_NAME": "PROVISION_ALL_IN_ONE_OVS_BRIDGE",
+        {"GROUP_NAME": "PROVISION_OVS_BRIDGE",
          "DESCRIPTION": "Provisioning all-in-one ovs bridge config",
          "PRE_CONDITION": allow_all_in_one_ovs_bridge,
          "PRE_CONDITION_MATCH": True,
@@ -269,7 +270,7 @@ def initConfig(controller):
         controller.getParamByName(x)
         for x in ['CONFIG_PROVISION_TEMPEST_REPO_URI',
                   'CONFIG_PROVISION_TEMPEST_REPO_REVISION',
-                  'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE']
+                  'CONFIG_PROVISION_OVS_BRIDGE']
     ]
     for param in params:
         value = controller.CONF.get(param.CONF_NAME, param.DEFAULT_VALUE)
@@ -296,13 +297,20 @@ def initSequences(controller):
             {'title': 'Adding Provisioning Tempest manifest entries',
              'functions': [create_tempest_manifest]}
         )
+
+    if (config['CONFIG_PROVISION_TEMPEST'] == "y" or
+            config['CONFIG_PROVISION_DEMO'] == "y"):
+        provision_steps.append(
+            {'title': 'Adding Provisioning Demo bridge manifest entries',
+             'functions': [create_bridge_manifest]}
+        )
     provision_steps.append(
         {'title': 'Adding Provisioning Glance manifest entries',
-         'functions': [create_storage_manifest]}
+         'functions': [create_storage_manifest]},
     )
 
     marshall_conf_bool(config, 'CONFIG_PROVISION_TEMPEST')
-    marshall_conf_bool(config, 'CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE')
+    marshall_conf_bool(config, 'CONFIG_PROVISION_OVS_BRIDGE')
 
     controller.addSequence("Provisioning for Demo and Testing Usage",
                            [], [], provision_steps)
@@ -353,6 +361,14 @@ def create_storage_manifest(config, messages):
         appendManifestFile(manifest_file, manifest_data)
 
 
+def create_bridge_manifest(config, messages):
+    using_neutron(config)
+    for host in utils.split_hosts(config['CONFIG_NETWORK_HOSTS']):
+        manifest_file = '{}_provision_demo_bridge.pp'.format(host)
+        manifest_data = getManifestTemplate("provision_demo_bridge")
+        appendManifestFile(manifest_file, manifest_data, 'demo_bridge')
+
+
 def create_tempest_manifest(config, messages):
     using_neutron(config)
     manifest_file = ('%s_provision_tempest.pp' %

packstack/puppet/templates/provision_demo.pp

@@ -16,8 +16,6 @@
   $private_subnet_name       = 'private_subnet'
   $fixed_range               = '10.0.0.0/24'
   $router_name               = 'router1'
-  $setup_ovs_bridge          = hiera('CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE')
-  $public_bridge_name        = hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE')
   $provision_neutron_avail   = hiera('PROVISION_NEUTRON_AVAILABLE')
 
   ## Users
@@ -79,36 +77,4 @@
     neutron_router_interface { "${router_name}:${private_subnet_name}":
       ensure => present,
     }
-
-    if $setup_ovs_bridge {
-      neutron_l3_ovs_bridge { $public_bridge_name:
-        ensure      => present,
-        subnet_name => $public_subnet_name,
-      }
-    }
   }
-
-if $setup_ovs_bridge {
-  firewall { '000 nat':
-    chain    => 'POSTROUTING',
-    jump     => 'MASQUERADE',
-    source   => hiera('CONFIG_PROVISION_DEMO_FLOATRANGE'),
-    outiface => $::gateway_device,
-    table    => 'nat',
-    proto    => 'all',
-  }
-
-  firewall { '000 forward out':
-    chain    => 'FORWARD',
-    action   => 'accept',
-    outiface => $public_bridge_name,
-    proto    => 'all',
-  }
-
-  firewall { '000 forward in':
-    chain   => 'FORWARD',
-    action  => 'accept',
-    iniface => $public_bridge_name,
-    proto   => 'all',
-  }
-}

packstack/puppet/templates/provision_demo_bridge.pp

@@ -0,0 +1,44 @@
+
+$setup_ovs_bridge        = hiera('CONFIG_PROVISION_OVS_BRIDGE')
+$provision_neutron_avail = hiera('PROVISION_NEUTRON_AVAILABLE')
+$public_bridge_name      = hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE')
+
+neutron_config {
+  'keystone_authtoken/identity_uri':      value => hiera('CONFIG_KEYSTONE_ADMIN_URL');
+  'keystone_authtoken/auth_uri':          value => hiera('CONFIG_KEYSTONE_PUBLIC_URL');
+  'keystone_authtoken/admin_tenant_name': value => 'services';
+  'keystone_authtoken/admin_user':        value => 'neutron';
+  'keystone_authtoken/admin_password':    value => hiera('CONFIG_NEUTRON_KS_PW');
+}
+
+if $provision_neutron_avail and $setup_ovs_bridge {
+  Neutron_config<||> -> Neutron_l3_ovs_bridge['demo_bridge']
+  neutron_l3_ovs_bridge { 'demo_bridge':
+    name        => $public_bridge_name,
+    ensure      => present,
+    subnet_name => 'public_subnet',
+  }
+
+  firewall { '000 nat':
+    chain    => 'POSTROUTING',
+    jump     => 'MASQUERADE',
+    source   => hiera('CONFIG_PROVISION_DEMO_FLOATRANGE'),
+    outiface => $::gateway_device,
+    table    => 'nat',
+    proto    => 'all',
+  }
+
+  firewall { '000 forward out':
+    chain    => 'FORWARD',
+    action   => 'accept',
+    outiface => $public_bridge_name,
+    proto    => 'all',
+  }
+
+  firewall { '000 forward in':
+    chain   => 'FORWARD',
+    action  => 'accept',
+    iniface => $public_bridge_name,
+    proto   => 'all',
+  }
+}

packstack/puppet/templates/provision_tempest.pp

@@ -33,8 +33,6 @@ if $provision_tempest_user != '' {
   $private_subnet_name       = 'private_subnet'
   $fixed_range               = '10.0.0.0/24'
   $router_name               = 'router1'
-  $setup_ovs_bridge          = hiera('CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE')
-  $public_bridge_name        = hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE')
 
   ## Tempest
   $configure_tempest         = hiera('CONFIG_PROVISION_TEMPEST')
@@ -149,13 +147,6 @@ if $provision_tempest_user != '' {
     neutron_router_interface { "${router_name}:${private_subnet_name}":
       ensure => present,
     }
-
-    if $setup_ovs_bridge {
-      neutron_l3_ovs_bridge { $public_bridge_name:
-        ensure      => present,
-        subnet_name => $public_subnet_name,
-      }
-    }
   }
 
   ## Tempest
@@ -193,31 +184,6 @@ if $provision_tempest_user != '' {
       require                   => $tempest_requires,
     }
   }
-
-  if hiera('CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE') {
-    firewall { '000 nat':
-      chain    => 'POSTROUTING',
-      jump     => 'MASQUERADE',
-      source   => hiera('CONFIG_PROVISION_TEMPEST_FLOATRANGE'),
-      outiface => $::gateway_device,
-      table    => 'nat',
-      proto    => 'all',
-    }
-
-    firewall { '000 forward out':
-      chain    => 'FORWARD',
-      action   => 'accept',
-      outiface => hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE'),
-      proto    => 'all',
-    }
-
-    firewall { '000 forward in':
-      chain   => 'FORWARD',
-      action  => 'accept',
-      iniface => hiera('CONFIG_NEUTRON_L3_EXT_BRIDGE'),
-      proto   => 'all',
-    }
-  }
 } else {
   ## Standalone Tempest installation
   class { '::tempest':