From 9aaa529f65011e4bfa649043c35ee808970dc426 Mon Sep 17 00:00:00 2001 From: Brian Haley Date: Wed, 20 Sep 2017 14:23:05 -0400 Subject: [PATCH] Add DVR support to lib/neutron Added NEUTRON_DISTRIBUTED_ROUTING to more easily control DVR configuration. If set to True, DVR will be enabled and the default agent mode will be set to 'dvr_snat' since that works with all types of routers by default. Advanced users can override that by setting NEUTRON_DVR_MODE, for example in multi-node configurations where different agent modes are desired. This should bring lib/neutron inline with lib/neutron-legacy in supporting all the different DVR modes. Change-Id: I9f25921eefc5b935aad3bb1edc5e41ee0ce43a84 --- lib/neutron | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/lib/neutron b/lib/neutron index c5839f5c3e..d33b49e890 100644 --- a/lib/neutron +++ b/lib/neutron @@ -32,6 +32,17 @@ NEUTRON_AGENT=${NEUTRON_AGENT:-openvswitch} NEUTRON_DIR=$DEST/neutron NEUTRON_AUTH_CACHE_DIR=${NEUTRON_AUTH_CACHE_DIR:-/var/cache/neutron} +NEUTRON_DISTRIBUTED_ROUTING=$(trueorfalse False NEUTRON_DISTRIBUTED_ROUTING) +# Distributed Virtual Router (DVR) configuration +# Can be: +# - ``legacy`` - No DVR functionality +# - ``dvr_snat`` - Controller or single node DVR +# - ``dvr`` - Compute node in multi-node DVR +# - ``dvr_no_external`` - Compute node in multi-node DVR, no external network +# +# Default is 'dvr_snat' since it can handle both DVR and legacy routers +NEUTRON_DVR_MODE=${NEUTRON_DVR_MODE:-dvr_snat} + NEUTRON_BIN_DIR=$(get_python_exec_prefix) NEUTRON_DHCP_BINARY="neutron-dhcp-agent" @@ -173,6 +184,7 @@ function configure_neutron_new { iniset $NEUTRON_CONF DEFAULT policy_file $policy_file iniset $NEUTRON_CONF DEFAULT allow_overlapping_ips True + iniset $NEUTRON_CONF DEFAULT router_distributed $NEUTRON_DISTRIBUTED_ROUTING iniset $NEUTRON_CONF DEFAULT auth_strategy $NEUTRON_AUTH_STRATEGY configure_auth_token_middleware $NEUTRON_CONF neutron $NEUTRON_AUTH_CACHE_DIR keystone_authtoken @@ -181,7 +193,15 @@ function configure_neutron_new { # Configure VXLAN # TODO(sc68cal) not hardcode? iniset $NEUTRON_CORE_PLUGIN_CONF ml2 tenant_network_types vxlan - iniset $NEUTRON_CORE_PLUGIN_CONF ml2 mechanism_drivers openvswitch,linuxbridge + + local mech_drivers="openvswitch" + if [[ "$NEUTRON_DISTRIBUTED_ROUTING" = "True" ]]; then + mech_drivers+=",l2population" + else + mech_drivers+=",linuxbridge" + fi + iniset $NEUTRON_CORE_PLUGIN_CONF ml2 mechanism_drivers $mech_drivers + iniset $NEUTRON_CORE_PLUGIN_CONF ml2_type_vxlan vni_ranges 1001:2000 iniset $NEUTRON_CORE_PLUGIN_CONF ml2_type_flat flat_networks public if [[ "$NEUTRON_PORT_SECURITY" = "True" ]]; then @@ -202,6 +222,11 @@ function configure_neutron_new { else iniset $NEUTRON_CORE_PLUGIN_CONF securitygroup firewall_driver iptables_hybrid iniset $NEUTRON_CORE_PLUGIN_CONF ovs local_ip $HOST_IP + + if [[ "$NEUTRON_DISTRIBUTED_ROUTING" = "True" ]]; then + iniset $NEUTRON_CORE_PLUGIN_CONF agent l2_population True + iniset $NEUTRON_CORE_PLUGIN_CONF agent enable_distributed_routing True + fi fi if ! running_in_container; then @@ -236,6 +261,10 @@ function configure_neutron_new { else iniset $NEUTRON_CORE_PLUGIN_CONF ovs bridge_mappings "$PUBLIC_NETWORK_NAME:$PUBLIC_BRIDGE" fi + + if [[ "$NEUTRON_DISTRIBUTED_ROUTING" = "True" ]]; then + iniset $NEUTRON_L3_CONF DEFAULT agent_mode $NEUTRON_DVR_MODE + fi fi # Metadata