From d4e7dfb3768c3438ea848d4e95a5b1b078d462f6 Mon Sep 17 00:00:00 2001 From: Eduardo Gonzalez Date: Tue, 2 May 2017 11:03:52 +0200 Subject: [PATCH] Finish/fix neutron sfc service Neutron-sfc-agent start its functions with openvswitch. This change moves sfc configuration into neutron-openvswitch-agent. Rework config files to use openvswitch when sfc or openvswitch are used as network plugin. Also adds sfc extension_driver to ml2 Change-Id: If1ebf9554f6d686cc6d064e698a48f8a6b6172b3 Closes-Bug: #1664493 Depends-On: I60ba1333231a4ae38a041d41e551f7d74fe15e3b --- ansible/group_vars/all.yml | 3 +- ansible/roles/neutron/defaults/main.yml | 47 ++++++------------ ansible/roles/neutron/handlers/main.yml | 48 ------------------- .../roles/neutron/tasks/bootstrap_service.yml | 23 +++++++++ .../neutron/tasks/config-neutron-fake.yml | 20 -------- .../roles/neutron/templates/ml2_conf.ini.j2 | 4 +- .../roles/neutron/templates/neutron.conf.j2 | 4 +- doc/networking-guide.rst | 2 +- etc/kolla/globals.yml | 1 + 9 files changed, 47 insertions(+), 105 deletions(-) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 16443a2872..aae2c1b4dc 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -122,7 +122,7 @@ bifrost_network_interface: "{{ network_interface }}" dns_interface: "{{ network_interface }}" tunnel_interface_address: "{{ hostvars[inventory_hostname]['ansible_' + tunnel_interface]['ipv4']['address'] }}" -# Valid options are [ openvswitch, linuxbridge, sfc ] +# Valid options are [ openvswitch, linuxbridge ] neutron_plugin_agent: "openvswitch" # The default ports used by each service. @@ -369,6 +369,7 @@ enable_neutron_qos: "no" enable_neutron_agent_ha: "no" enable_neutron_bgp_dragent: "no" enable_neutron_provider_networks: "no" +enable_neutron_sfc: "no" enable_nova_serialconsole_proxy: "no" enable_octavia: "no" enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' | bool }}" diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml index d4aff655e0..db2b834adf 100644 --- a/ansible/roles/neutron/defaults/main.yml +++ b/ansible/roles/neutron/defaults/main.yml @@ -40,31 +40,6 @@ neutron_services: - "/lib/modules:/lib/modules:ro" - "/run:/run:shared" - "kolla_logs:/var/log/kolla/" - neutron-sfc-agent: - container_name: "neutron_sfc_agent" - image: "{{ neutron_sfc_agent_image_full }}" - enabled: "{{ neutron_plugin_agent == 'sfc' }}" - privileged: True - host_in_groups: >- - {{ - ( inventory_hostname in groups['compute'] - or (enable_manila | bool and inventory_hostname in groups['manila-share']) - or inventory_hostname in groups['neutron-dhcp-agent'] - or inventory_hostname in groups['neutron-l3-agent'] - or inventory_hostname in groups['neutron-metadata-agent'] - and not enable_nova_fake | bool - ) or - ( inventory_hostname in groups['neutron-dhcp-agent'] - or inventory_hostname in groups['neutron-l3-agent'] - or inventory_hostname in groups['neutron-metadata-agent'] - and enable_nova_fake | bool - ) - }} - volumes: - - "{{ node_config_directory }}/neutron-sfc-agent/:{{ container_config_directory }}/:ro" - - "/etc/localtime:/etc/localtime:ro" - - "/run:/run:shared" - - "kolla_logs:/var/log/kolla/" neutron-linuxbridge-agent: container_name: "neutron_linuxbridge_agent" image: "{{ neutron_linuxbridge_agent_image_full }}" @@ -211,10 +186,6 @@ neutron_openvswitch_agent_image: "{{ docker_registry ~ '/' if docker_registry el neutron_openvswitch_agent_tag: "{{ neutron_tag }}" neutron_openvswitch_agent_image_full: "{{ neutron_openvswitch_agent_image }}:{{ neutron_openvswitch_agent_tag }}" -neutron_sfc_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-sfc-agent" -neutron_sfc_agent_tag: "{{ neutron_tag }}" -neutron_sfc_agent_image_full: "{{ neutron_sfc_agent_image }}:{{ neutron_sfc_agent_tag }}" - neutron_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-server" neutron_server_tag: "{{ neutron_tag }}" neutron_server_image_full: "{{ neutron_server_image }}:{{ neutron_server_tag }}" @@ -252,6 +223,8 @@ extension_drivers: enabled: true - name: "dns" enabled: "{{ enable_designate | bool }}" + - name: "sfc" + enabled: "{{ enable_neutron_sfc | bool }}" neutron_extension_drivers: "{{ extension_drivers|selectattr('enabled', 'equalto', true)|list }}" @@ -260,7 +233,7 @@ neutron_extension_drivers: "{{ extension_drivers|selectattr('enabled', 'equalto' #################### service_plugins: - name: "flow_classifier" - enabled: "{{ neutron_plugin_agent == 'sfc' }}" + enabled: "{{ enable_neutron_sfc | bool }}" - name: "lbaasv2" enabled: "{{ enable_neutron_lbaas | bool }}" - name: "firewall" @@ -272,7 +245,7 @@ service_plugins: - name: "router" enabled: true - name: "sfc" - enabled: "{{ neutron_plugin_agent == 'sfc' }}" + enabled: "{{ enable_neutron_sfc | bool }}" - name: "neutron_dynamic_routing.services.bgp.bgp_plugin.BgpPlugin" enabled: "{{ enable_neutron_bgp_dragent | bool }}" @@ -289,6 +262,17 @@ neutron_notification_topics: neutron_enabled_notification_topics: "{{ neutron_notification_topics | selectattr('enabled', 'equalto', true) | list }}" +#################### +# Agent Extensions +#################### +agent_extensions: + - name: "qos" + enabled: "{{ enable_neutron_qos | bool }}" + - name: "sfc" + enabled: "{{ enable_neutron_sfc | bool }}" + +neutron_agent_extensions: "{{ agent_extensions | selectattr('enabled', 'equalto', true) | list }}" + #################### # VMware NSXV #################### @@ -307,4 +291,3 @@ vmware_nsxv_backup_edge_pool: "service:compact:1:2" vmware_nsxv_spoofguard_enabled: "false" vmware_nsxv_metadata_initializer: "false" vmware_nsxv_edge_ha: "false" - diff --git a/ansible/roles/neutron/handlers/main.yml b/ansible/roles/neutron/handlers/main.yml index 5f4b2fd6ff..97a1aedc5c 100644 --- a/ansible/roles/neutron/handlers/main.yml +++ b/ansible/roles/neutron/handlers/main.yml @@ -82,54 +82,6 @@ or fake_neutron_ml2_conf_ini | changed or check_fake_neutron_openvswitch_agent | changed -- name: Restart fake neutron-sfc-agent container - vars: - service_name: "neutron-sfc-agent" - service: "{{ neutron_services[service_name] }}" - config_json: "{{ neutron_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" - neutron_conf: "{{ neutron_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" - neutron_ml2_conf: "{{ neutron_ml2_confs.results|selectattr('item.key', 'equalto', service_name)|first }}" - policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" - neutron_sfc_agent_container: "{{ check_neutron_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" - kolla_docker: - action: "recreate_or_restart_container" - common_options: "{{ docker_common_options }}" - name: "{{ service.container_name }}" - image: "{{ service.image }}" - volumes: "{{ service.volumes }}" - privileged: "{{ service.privileged | default(False) }}" - with_sequence: "start=1 end={{ num_nova_fake_per_node }}" - when: - - action != "config" - - enable_nova_fake | bool - - neutron_plugin_agent == "sfc" - - inventory_hostname in groups["compute"] - - fake_config_json | changed - or fake_neutron_conf | changed - or fake_neutron_ml2_conf_ini | changed - or check_fake_neutron_sfc_agent | changed - -# TODO(Jeffrey4l): sfc do not have config.json file at all. it is not finished -- name: Restart neutron-sfc-agent container - vars: - service_name: "neutron-sfc-agent" - service: "{{ neutron_services[service_name] }}" - config_json: "{{ neutron_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}" - neutron_sfc_agent_container: "{{ check_neutron_containers.results|selectattr('item.key', 'equalto', service_name)|first }}" - kolla_docker: - action: "recreate_or_restart_container" - common_options: "{{ docker_common_options }}" - name: "{{ service.container_name }}" - image: "{{ service.image }}" - volumes: "{{ service.volumes }}" - privileged: "{{ service.privileged | default(False) }}" - when: - - action != "config" - - service.enabled | bool - - service.host_in_groups | bool - - config_json | changed - or neutron_sfc_agent_container | changed - - name: Restart neutron-linuxbridge-agent container vars: service_name: "neutron-linuxbridge-agent" diff --git a/ansible/roles/neutron/tasks/bootstrap_service.yml b/ansible/roles/neutron/tasks/bootstrap_service.yml index 6773a917ab..ce205c6553 100644 --- a/ansible/roles/neutron/tasks/bootstrap_service.yml +++ b/ansible/roles/neutron/tasks/bootstrap_service.yml @@ -61,3 +61,26 @@ - neutron_vpnaas_agent.host_in_groups | bool run_once: True delegate_to: "{{ groups[neutron_vpnaas_agent.group][0] }}" + +- name: Running Neutron sfc bootstrap container + vars: + neutron_server: "{{ neutron_services['neutron-server'] }}" + kolla_docker: + action: "start_container" + common_options: "{{ docker_common_options }}" + detach: False + environment: + NEUTRON_SFC_BOOTSTRAP: + KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}" + image: "{{ neutron_server.image }}" + labels: + BOOTSTRAP: + name: "bootstrap_neutron_sfc" + restart_policy: "never" + volumes: "{{ neutron_server.volumes }}" + when: + - enable_neutron_sfc | bool + - neutron_server.enabled | bool + - neutron_server.host_in_groups | bool + run_once: True + delegate_to: "{{ groups[neutron_server.group][0] }}" diff --git a/ansible/roles/neutron/tasks/config-neutron-fake.yml b/ansible/roles/neutron/tasks/config-neutron-fake.yml index e890de4a94..745566f698 100644 --- a/ansible/roles/neutron/tasks/config-neutron-fake.yml +++ b/ansible/roles/neutron/tasks/config-neutron-fake.yml @@ -70,23 +70,3 @@ with_sequence: "start=1 end={{ num_nova_fake_per_node }}" notify: - Restart fake neutron-openvswitch-agent container - -- name: Checking neutron-sfc-agent container for nova fake node - vars: - neutron_sfc_agent: "{{ neutron_services['neutron-sfc-agent'] }}" - kolla_docker: - action: "compare_container" - common_options: "{{ docker_common_options }}" - name: "{{ neutron_sfc_agent.container_name }}" - image: "{{ neutron_sfc_agent.image }}" - privileged: "{{ neutron_sfc_agent.privileged | default(False) }}" - volumes: "{{ neutron_sfc_agent.volumes }}" - register: check_fake_neutron_sfc_agent - when: - - action != "config" - - enable_nova_fake | bool - - neutron_plugin_agent == "sfc" - - inventory_hostname in groups["compute"] - with_sequence: "start=1 end={{ num_nova_fake_per_node }}" - notify: - - Restart fake neutron-sfc-agent container diff --git a/ansible/roles/neutron/templates/ml2_conf.ini.j2 b/ansible/roles/neutron/templates/ml2_conf.ini.j2 index a20b1e32bd..054b8faa43 100644 --- a/ansible/roles/neutron/templates/ml2_conf.ini.j2 +++ b/ansible/roles/neutron/templates/ml2_conf.ini.j2 @@ -59,8 +59,8 @@ arp_responder = true enable_distributed_routing = True {% endif %} -{% if enable_neutron_qos | bool %} -extensions = qos +{% if neutron_agent_extensions %} +extensions = {{ neutron_agent_extensions|map(attribute='name')|join(',') }} {% endif %} [ovs] diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index cb474dfc69..a196d49809 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -105,10 +105,12 @@ topics = {{ neutron_enabled_notification_topics | map(attribute='name') | join(' driver = noop {% endif %} -{% if neutron_plugin_agent == "sfc" %} +{% if enable_neutron_sfc | bool %} [sfc] drivers = ovs + [flowclassifier] +drivers = ovs {% endif %} {% if enable_octavia | bool %} diff --git a/doc/networking-guide.rst b/doc/networking-guide.rst index 3add2e3562..f9cba5875c 100644 --- a/doc/networking-guide.rst +++ b/doc/networking-guide.rst @@ -40,7 +40,7 @@ the following: :: - neutron_plugin_agent: "sfc" + enable_neutron_sfc: "yes" Networking-SFC is an additional Neutron plugin. For SFC to work, this plugin has to be installed in ``neutron-server`` container as well. Modify the diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index bff5bb94fa..69d7c0be19 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -180,6 +180,7 @@ kolla_internal_vip_address: "10.10.10.254" #enable_neutron_qos: "no" #enable_neutron_agent_ha: "no" #enable_neutron_vpnaas: "no" +#enable_neutron_sfc: "no" #enable_nova_serialconsole_proxy: "no" #enable_octavia: "no" #enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' }}"