Split Openvswitch into own role

Creates Openvswitch role and splits openvswitch from Neutron role to enable third party networking solutions that use Openvswitch or customize Openvswitch. For example Openvswitch with dpdk or OpenDaylight. Change-Id: I5a41c42c5ec0a5e6999b2570ddac0f5efc3102ee Co-Authored-By: Mauricio Lima <mauriciolimab@gmail.com> Partially-Implements: blueprint opendaylight-support
2017-03-31 10:42:02 -07:00 · 2017-03-31 10:42:02 -07:00 · 9badc4de21
commit 9badc4de21
parent bed0357931
21 changed files with 236 additions and 111 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -247,6 +247,8 @@ fluentd_syslog_port: "5140"

 zun_api_port: "9512"

+ovsdb_port: "6640"
+
 public_protocol: "{{ 'https' if kolla_enable_tls_external | bool else 'http' }}"
 internal_protocol: "http"
 admin_protocol: "http"
@ -353,6 +355,7 @@ enable_neutron_agent_ha: "no"
 enable_neutron_bgp_dragent: "no"
 enable_nova_serialconsole_proxy: "no"
 enable_octavia: "no"
+enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' | bool }}"
 enable_panko: "no"
 enable_rally: "no"
 enable_sahara: "no"
@ -492,7 +495,7 @@ designate_ns_record: "sample.openstack.org"
 # Neutron options
 #######################
 neutron_bgp_router_id: "1.1.1.1"
-
+neutron_bridge_name: "br-ex"

 #######################
 # Nova options
--- a/ansible/inventory/all-in-one
+++ b/ansible/inventory/all-in-one
@ -81,6 +81,11 @@ control
 [neutron:children]
 network

+[openvswitch:children]
+network
+compute
+manila-share
+
 [cinder:children]
 control

--- a/ansible/inventory/multinode
+++ b/ansible/inventory/multinode
@ -102,6 +102,11 @@ control
 [neutron:children]
 network

+[openvswitch:children]
+network
+compute
+manila-share
+
 [cinder:children]
 control

--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@ -2,47 +2,6 @@
 project_name: "neutron"

 neutron_services:
-  openvswitch-db-server:
-    container_name: "openvswitch_db"
-    image: "{{ openvswitch_db_image_full }}"
-    enabled: "{{ neutron_plugin_agent == 'openvswitch' }}"
-    host_in_groups: >-
-      {{
-      True if orchestration_engine == 'KUBERNETES' else
-      inventory_hostname in groups['compute']
-      or (enable_manila | bool and inventory_hostname in groups['manila-share'])
-      or inventory_hostname in groups['neutron-dhcp-agent']
-      or inventory_hostname in groups['neutron-l3-agent']
-      or inventory_hostname in groups['neutron-metadata-agent']
-      or inventory_hostname in groups['neutron-vpnaas-agent']
-      }}
-    volumes:
-      - "{{ node_config_directory }}/openvswitch-db-server/:{{ container_config_directory }}/:ro"
-      - "/etc/localtime:/etc/localtime:ro"
-      - "/run:/run:shared"
-      - "kolla_logs:/var/log/kolla/"
-      - "openvswitch_db:/var/lib/openvswitch/"
-  openvswitch-vswitchd:
-    container_name: "openvswitch_vswitchd"
-    image: "{{ openvswitch_vswitchd_image_full }}"
-    enabled: "{{ neutron_plugin_agent == 'openvswitch' }}"
-    host_in_groups: >-
-      {{
-      True if orchestration_engine == 'KUBERNETES' else
-      inventory_hostname in groups['compute']
-      or (enable_manila | bool and inventory_hostname in groups['manila-share'])
-      or inventory_hostname in groups['neutron-dhcp-agent']
-      or inventory_hostname in groups['neutron-l3-agent']
-      or inventory_hostname in groups['neutron-metadata-agent']
-      or inventory_hostname in groups['neutron-vpnaas-agent']
-      }}
-    privileged: True
-    volumes:
-      - "{{ node_config_directory }}/openvswitch-vswitchd/:{{ container_config_directory }}/:ro"
-      - "/etc/localtime:/etc/localtime:ro"
-      - "/lib/modules:/lib/modules:ro"
-      - "/run:/run:shared"
-      - "kolla_logs:/var/log/kolla/"
  neutron-server:
    container_name: "neutron_server"
    image: "{{ neutron_server_image_full }}"
@ -280,14 +239,6 @@ neutron_bgp_dragent_image: "{{ docker_registry ~ '/' if docker_registry else ''
 neutron_bgp_dragent_tag: "{{ openstack_release }}"
 neutron_bgp_dragent_image_full: "{{ neutron_bgp_dragent_image }}:{{ neutron_bgp_dragent_tag }}"

-openvswitch_db_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-openvswitch-db-server"
-openvswitch_db_tag: "{{ openstack_release }}"
-openvswitch_db_image_full: "{{ openvswitch_db_image }}:{{ openvswitch_db_tag }}"
-
-openvswitch_vswitchd_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-openvswitch-vswitchd"
-openvswitch_vswitchd_tag: "{{ openstack_release }}"
-openvswitch_vswitchd_image_full: "{{ openvswitch_vswitchd_image }}:{{ openvswitch_vswitchd_tag }}"
-

 ####################
 # OpenStack
@ -302,8 +253,6 @@ neutron_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ n

 neutron_logging_debug: "{{ openstack_logging_debug }}"

-neutron_bridge_name: "br-ex"
-
 openstack_neutron_auth: "{{ openstack_auth }}"

 ####################
--- a/ansible/roles/neutron/handlers/main.yml
+++ b/ansible/roles/neutron/handlers/main.yml
@ -1,63 +1,4 @@
 ---
- name: Restart openvswitch-db-server container
-  vars:
-    service_name: "openvswitch-db-server"
-    service: "{{ neutron_services[service_name] }}"
-    config_json: "{{ neutron_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
-    openvswitch_db_container: "{{ check_neutron_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
-  kolla_docker:
-    action: "recreate_or_restart_container"
-    common_options: "{{ docker_common_options }}"
-    name: "{{ service.container_name }}"
-    image: "{{ service.image }}"
-    volumes: "{{ service.volumes }}"
-  when:
-    - action != "config"
-    - service.enabled | bool
-    - service.host_in_groups | bool
-    - config_json | changed
-      or openvswitch_db_container | changed
-  notify:
-    - Waiting the openvswitch_db service to be ready
-    - Ensuring OVS bridge is properly setup
-
- name: Waiting the openvswitch_db service to be ready
-  command: docker exec openvswitch_db ovs-vsctl --no-wait show
-  register: check_result
-  until: check_result | success
-  changed_when: False
-  retries: 30
-  delay: 2
-  notify:
-
- name: Ensuring OVS bridge is properly setup
-  command: docker exec openvswitch_db /usr/local/bin/kolla_ensure_openvswitch_configured {{ item.0 }} {{ item.1 }}
-  register: status
-  changed_when: status.stdout.find('changed') != -1
-  with_together:
-    - "{{ neutron_bridge_name.split(',') }}"
-    - "{{ neutron_external_interface.split(',') }}"
-
- name: Restart openvswitch-vswitchd container
-  vars:
-    service_name: "openvswitch-vswitchd"
-    service: "{{ neutron_services[service_name] }}"
-    config_json: "{{ neutron_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
-    openvswitch_vswitchd_container: "{{ check_neutron_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
-  kolla_docker:
-    action: "recreate_or_restart_container"
-    common_options: "{{ docker_common_options }}"
-    name: "{{ service.container_name }}"
-    image: "{{ service.image }}"
-    volumes: "{{ service.volumes }}"
-    privileged: "{{ service.privileged | default(False) }}"
-  when:
-    - action != "config"
-    - service.enabled | bool
-    - service.host_in_groups | bool
-    - config_json | changed
-      or openvswitch_vswitchd_container | changed
-
 - name: Restart neutron-server container
  vars:
    service_name: "neutron-server"
--- a/ansible/roles/openvswitch/defaults/main.yml
+++ b/ansible/roles/openvswitch/defaults/main.yml
@ -0,0 +1,59 @@
+---
+project_name: "openvswitch"
+
+openvswitch_services:
+  openvswitch-db-server:
+    container_name: "openvswitch_db"
+    image: "{{ openvswitch_db_image_full }}"
+    enabled: "{{ enable_openvswitch }}"
+    group: openvswitch
+    host_in_groups: >-
+      {{
+      True if orchestration_engine == 'KUBERNETES' else
+      inventory_hostname in groups['compute']
+      or (enable_manila | bool and inventory_hostname in groups['manila-share'])
+      or inventory_hostname in groups['neutron-dhcp-agent']
+      or inventory_hostname in groups['neutron-l3-agent']
+      or inventory_hostname in groups['neutron-metadata-agent']
+      or inventory_hostname in groups['neutron-vpnaas-agent']
+      }}
+    volumes:
+      - "{{ node_config_directory }}/openvswitch-db-server/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/run:/run:shared"
+      - "kolla_logs:/var/log/kolla/"
+      - "openvswitch_db:/var/lib/openvswitch/"
+  openvswitch-vswitchd:
+    container_name: "openvswitch_vswitchd"
+    image: "{{ openvswitch_vswitchd_image_full }}"
+    enabled: "{{ enable_openvswitch }}"
+    group: openvswitch
+    host_in_groups: >-
+      {{
+      True if orchestration_engine == 'KUBERNETES' else
+      inventory_hostname in groups['compute']
+      or (enable_manila | bool and inventory_hostname in groups['manila-share'])
+      or inventory_hostname in groups['neutron-dhcp-agent']
+      or inventory_hostname in groups['neutron-l3-agent']
+      or inventory_hostname in groups['neutron-metadata-agent']
+      or inventory_hostname in groups['neutron-vpnaas-agent']
+      }}
+    privileged: True
+    volumes:
+      - "{{ node_config_directory }}/openvswitch-vswitchd/:{{ container_config_directory }}/:ro"
+      - "/etc/localtime:/etc/localtime:ro"
+      - "/lib/modules:/lib/modules:ro"
+      - "/run:/run:shared"
+      - "kolla_logs:/var/log/kolla/"
+
+####################
+# Docker
+####################
+
+openvswitch_db_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-openvswitch-db-server"
+openvswitch_db_tag: "{{ openstack_release }}"
+openvswitch_db_image_full: "{{ openvswitch_db_image }}:{{ openvswitch_db_tag }}"
+
+openvswitch_vswitchd_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ kolla_install_type }}-openvswitch-vswitchd"
+openvswitch_vswitchd_tag: "{{ openstack_release }}"
+openvswitch_vswitchd_image_full: "{{ openvswitch_vswitchd_image }}:{{ openvswitch_vswitchd_tag }}"
--- a/ansible/roles/openvswitch/handlers/main.yml
+++ b/ansible/roles/openvswitch/handlers/main.yml
@ -0,0 +1,59 @@
+---
+- name: Restart openvswitch-db-server container
+  vars:
+    service_name: "openvswitch-db-server"
+    service: "{{ openvswitch_services[service_name] }}"
+    config_json: "{{ openvswitch_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
+    openvswitch_db_container: "{{ check_openvswitch_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
+  kolla_docker:
+    action: "recreate_or_restart_container"
+    common_options: "{{ docker_common_options }}"
+    name: "{{ service.container_name }}"
+    image: "{{ service.image }}"
+    volumes: "{{ service.volumes }}"
+  when:
+    - action != "config"
+    - service.enabled | bool
+    - service.host_in_groups | bool
+    - config_json | changed
+      or openvswitch_db_container | changed
+  notify:
+    - Waiting for openvswitch_db service to be ready
+    - Ensuring OVS bridge is properly setup
+
+- name: Waiting for openvswitch_db service to be ready
+  command: docker exec openvswitch_db ovs-vsctl --no-wait show
+  register: check_result
+  until: check_result | success
+  changed_when: False
+  retries: 30
+  delay: 2
+  notify:
+
+- name: Ensuring OVS bridge is properly setup
+  command: docker exec openvswitch_db /usr/local/bin/kolla_ensure_openvswitch_configured {{ item.0 }} {{ item.1 }}
+  register: status
+  changed_when: status.stdout.find('changed') != -1
+  with_together:
+    - "{{ neutron_bridge_name.split(',') }}"
+    - "{{ neutron_external_interface.split(',') }}"
+
+- name: Restart openvswitch-vswitchd container
+  vars:
+    service_name: "openvswitch-vswitchd"
+    service: "{{ openvswitch_services[service_name] }}"
+    config_json: "{{ openvswitch_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
+    openvswitch_vswitchd_container: "{{ check_openvswitch_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
+  kolla_docker:
+    action: "recreate_or_restart_container"
+    common_options: "{{ docker_common_options }}"
+    name: "{{ service.container_name }}"
+    image: "{{ service.image }}"
+    volumes: "{{ service.volumes }}"
+    privileged: "{{ service.privileged | default(False) }}"
+  when:
+    - action != "config"
+    - service.enabled | bool
+    - service.host_in_groups | bool
+    - config_json | changed
+      or openvswitch_vswitchd_container | changed
--- a/ansible/roles/openvswitch/meta/main.yml
+++ b/ansible/roles/openvswitch/meta/main.yml
@ -0,0 +1,3 @@
+---
+dependencies:
+  - { role: common }
--- a/ansible/roles/openvswitch/tasks/check.yml
+++ b/ansible/roles/openvswitch/tasks/check.yml
@ -0,0 +1 @@
+---
--- a/ansible/roles/openvswitch/tasks/config.yml
+++ b/ansible/roles/openvswitch/tasks/config.yml
@ -0,0 +1,39 @@
+---
+- name: Ensuring config directories exist
+  file:
+    path: "{{ node_config_directory }}/{{ item.key }}"
+    state: "directory"
+    recurse: yes
+  when:
+    - item.value.enabled | bool
+    - item.value.host_in_groups | bool
+  with_dict: "{{ openvswitch_services }}"
+
+- name: Copying over config.json files for services
+  template:
+    src: "{{ item.key }}.json.j2"
+    dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
+  register: openvswitch_config_jsons
+  when:
+    - item.value.enabled | bool
+    - item.value.host_in_groups | bool
+  with_dict: "{{ openvswitch_services }}"
+  notify:
+    - "Restart {{ item.key }} container"
+
+- name: Check openvswitch containers
+  kolla_docker:
+    action: "compare_container"
+    common_options: "{{ docker_common_options }}"
+    name: "{{ item.value.container_name }}"
+    image: "{{ item.value.image }}"
+    privileged: "{{ item.value.privileged | default(False) }}"
+    volumes: "{{ item.value.volumes }}"
+  register: check_openvswitch_containers
+  when:
+    - action != "config"
+    - item.value.enabled | bool
+    - item.value.host_in_groups | bool
+  with_dict: "{{ openvswitch_services }}"
+  notify:
+    - "Restart {{ item.key }} container"
--- a/ansible/roles/openvswitch/tasks/deploy.yml
+++ b/ansible/roles/openvswitch/tasks/deploy.yml
@ -0,0 +1,8 @@
+---
+# enforce ironic usage only with openvswitch
+- include: ironic-check.yml
+
+- include: config.yml
+
+- name: Flush Handlers
+  meta: flush_handlers
--- a/ansible/roles/openvswitch/tasks/ironic-check.yml
+++ b/ansible/roles/openvswitch/tasks/ironic-check.yml
@ -0,0 +1,6 @@
+---
+# TODO(SamYaple): run verification checks at start of playbook
+- fail: msg="neutron_plugin_agent must use openvswitch with Ironic"
+  when:
+    - enable_ironic | bool
+    - neutron_plugin_agent != "openvswitch"
--- a/ansible/roles/openvswitch/tasks/main.yml
+++ b/ansible/roles/openvswitch/tasks/main.yml
@ -0,0 +1,2 @@
+---
+- include: "{{ action }}.yml"
--- a/ansible/roles/openvswitch/tasks/precheck.yml
+++ b/ansible/roles/openvswitch/tasks/precheck.yml
@ -0,0 +1,19 @@
+---
+- name: Get container facts
+  kolla_container_facts:
+    name:
+      - openvswitch_db
+  register: container_facts
+
+- name: Checking free port for OVSDB
+  vars:
+    openvswitch_db: "{{ openvswitch_services['openvswitch-db-server'] }}"
+  wait_for:
+    host: "{{ hostvars[inventory_hostname]['ansible_' + api_interface]['ipv4']['address'] }}"
+    port: "{{ ovsdb_port }}"
+    connect_timeout: 1
+    state: stopped
+  when:
+    - container_facts['openvswitch_db'] is not defined
+    - inventory_hostname in groups[openvswitch_db.group]
+    - openvswitch_db.enabled | bool
--- a/ansible/roles/openvswitch/tasks/pull.yml
+++ b/ansible/roles/openvswitch/tasks/pull.yml
@ -0,0 +1,10 @@
+---
+- name: Pulling Openvswitch images
+  kolla_docker:
+    action: "pull_image"
+    common_options: "{{ docker_common_options }}"
+    image: "{{ item.value.image }}"
+  when:
+    - item.value.enabled | bool
+    - item.value.host_in_groups | bool
+  with_dict: "{{ openvswitch_services }}"
--- a/ansible/roles/openvswitch/tasks/reconfigure.yml
+++ b/ansible/roles/openvswitch/tasks/reconfigure.yml
@ -0,0 +1,2 @@
+---
+- include: deploy.yml
--- a/ansible/roles/openvswitch/tasks/upgrade.yml
+++ b/ansible/roles/openvswitch/tasks/upgrade.yml
@ -0,0 +1,5 @@
+---
+- include: config.yml
+
+- name: Flush Handlers
+  meta: flush_handlers
--- a/ansible/roles/openvswitch/templates/openvswitch-db-server.json.j2
+++ b/ansible/roles/openvswitch/templates/openvswitch-db-server.json.j2
--- a/ansible/roles/openvswitch/templates/openvswitch-vswitchd.json.j2
+++ b/ansible/roles/openvswitch/templates/openvswitch-vswitchd.json.j2
--- a/ansible/site.yml
+++ b/ansible/site.yml
@ -274,6 +274,14 @@
        tags: nova,
        when: enable_nova | bool }

+- name: Apply role openvswitch
+  hosts:
+    - openvswitch
+  roles:
+    - { role: openvswitch,
+        tags: openvswitch,
+        when: enable_openvswitch | bool }
+
 # (gmmaha): Please do not change the order listed here. The current order is a
 # workaround to fix the bug https://bugs.launchpad.net/kolla/+bug/1546789
 - name: Apply role neutron
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@ -179,6 +179,7 @@ kolla_internal_vip_address: "10.10.10.254"
 #enable_neutron_vpnaas: "no"
 #enable_nova_serialconsole_proxy: "no"
 #enable_octavia: "no"
+#enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' | bool }}"
 #enable_panko: "no"
 #enable_rally: "no"
 #enable_sahara: "no"