Add flag to allow provider networks

In case of provider networks we need to configure external bridge
on compute nodes, like it is done in DVR. The only way to tell
if provider networks are to be used is a new flag.

Change-Id: I1aef197ee2b84e28f2131f058e6995551f873fe1
Closes-Bug: #1694726
This commit is contained in:
Vladislav Belogrudov 2017-05-31 17:51:09 +03:00
parent 841bc75ae2
commit f6eefdf388
5 changed files with 34 additions and 2 deletions

View File

@ -353,6 +353,7 @@ enable_neutron_fwaas: "no"
enable_neutron_qos: "no" enable_neutron_qos: "no"
enable_neutron_agent_ha: "no" enable_neutron_agent_ha: "no"
enable_neutron_bgp_dragent: "no" enable_neutron_bgp_dragent: "no"
enable_neutron_provider_networks: "no"
enable_nova_serialconsole_proxy: "no" enable_nova_serialconsole_proxy: "no"
enable_octavia: "no" enable_octavia: "no"
enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' | bool }}" enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' | bool }}"
@ -498,6 +499,8 @@ designate_ns_record: "sample.openstack.org"
neutron_bgp_router_id: "1.1.1.1" neutron_bgp_router_id: "1.1.1.1"
neutron_bridge_name: "br-ex" neutron_bridge_name: "br-ex"
computes_need_external_bridge: "{{ enable_neutron_dvr | bool or enable_neutron_provider_networks | bool }}"
####################### #######################
# Nova options # Nova options
####################### #######################

View File

@ -59,7 +59,7 @@ extensions = qos
{% endif %} {% endif %}
[ovs] [ovs]
{% if inventory_hostname in groups["network"] or (inventory_hostname in groups["compute"] and enable_neutron_dvr | bool) %} {% if inventory_hostname in groups["network"] or (inventory_hostname in groups["compute"] and computes_need_external_bridge ) %}
bridge_mappings = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ bridge }}{% if not loop.last %},{% endif %}{% endfor %} bridge_mappings = {% for bridge in neutron_bridge_name.split(',') %}physnet{{ loop.index0 + 1 }}:{{ bridge }}{% if not loop.last %},{% endif %}{% endfor %}
{% endif %} {% endif %}

View File

@ -36,7 +36,7 @@
changed_when: status.stdout.find('changed') != -1 changed_when: status.stdout.find('changed') != -1
when: when:
- inventory_hostname in groups["network"] - inventory_hostname in groups["network"]
or (inventory_hostname in groups["compute"] and enable_neutron_dvr | bool) or (inventory_hostname in groups["compute"] and computes_need_external_bridge)
with_together: with_together:
- "{{ neutron_bridge_name.split(',') }}" - "{{ neutron_bridge_name.split(',') }}"
- "{{ neutron_external_interface.split(',') }}" - "{{ neutron_external_interface.split(',') }}"

View File

@ -1,5 +1,21 @@
.. _networking-guide: .. _networking-guide:
============================
Enabling Provider Networks
============================
Provider networks allow to connect compute instances directly to physical networks avoiding tunnels.
This is necessary for example for some performance critical applications. Only administrators of
OpenStack can create such networks. For provider networks compute hosts must have external bridge
created and configured by Ansible tasks like it is already done for tenant DVR mode networking.
Normal tenant non-DVR networking does not need external bridge on compute hosts and therefore
operators don't need additional dedicated network interface.
To enable provider networks modify the configuration file ``/etc/kolla/globals.yml``:
::
enable_neutron_provider_networks: "yes"
============================ ============================
Enabling Neutron Extensions Enabling Neutron Extensions
============================ ============================

View File

@ -0,0 +1,13 @@
---
features:
- |
Add a new flag to explicitly enable provider networks, i.e. networks where
instances directly connect to the physical networks (flat,VLAN). In such
cases external bridges must be configured on compute nodes, like it is done
for self-service (tenant manageable) networks in DVR mode. Otherwise this flag
allows to avoid unnecessary interface and bridge setup on compute nodes
in case of tenant networks in non-DVR mode.
upgrade:
- |
By default this flag is disabled. If provider networks were used in previous
releases please set 'enable_neutron_provider_networks' property to 'yes'.