9fe70f45f3
As neutron-vpnaas-agent has been loaded just inside of the existing l3 agent rather than requiring operators to run a completely different binary with a subclass of the existing L3 agent[1]. We need restructure this role to fit with this new feature. [1] https://review.openstack.org/488247 Depends-On: I47cd8ba5a14da3c76d5b1eb0b4c0cf0c729eb2ff Change-Id: Id690a652bc9facf1c3e39358f548ab7ddd967d80 Implements: blueprint restructure-neutron-vpnaas Closes-Bug: #1731498
367 lines
16 KiB
YAML
367 lines
16 KiB
YAML
---
|
|
project_name: "neutron"
|
|
|
|
neutron_services:
|
|
neutron-server:
|
|
container_name: "neutron_server"
|
|
image: "{{ neutron_server_image_full }}"
|
|
enabled: true
|
|
group: "neutron-server"
|
|
host_in_groups: "{{ inventory_hostname in groups['neutron-server'] }}"
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-server/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-openvswitch-agent:
|
|
container_name: "neutron_openvswitch_agent"
|
|
image: "{{ neutron_openvswitch_agent_image_full }}"
|
|
enabled: "{{ neutron_plugin_agent == 'openvswitch' }}"
|
|
privileged: True
|
|
host_in_groups: >-
|
|
{{
|
|
( (inventory_hostname in groups['compute'] and nova_compute_virt_type != 'xenapi')
|
|
or (enable_manila | bool and inventory_hostname in groups['manila-share'])
|
|
or inventory_hostname in groups['neutron-dhcp-agent']
|
|
or inventory_hostname in groups['neutron-l3-agent']
|
|
or inventory_hostname in groups['neutron-metadata-agent']
|
|
and not enable_nova_fake | bool
|
|
) or
|
|
( inventory_hostname in groups['neutron-dhcp-agent']
|
|
or inventory_hostname in groups['neutron-l3-agent']
|
|
or inventory_hostname in groups['neutron-metadata-agent']
|
|
and enable_nova_fake | bool
|
|
)
|
|
}}
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-openvswitch-agent/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/lib/modules:/lib/modules:ro"
|
|
- "/run:/run:shared"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-openvswitch-agent-xenapi:
|
|
container_name: "neutron_openvswitch_agent_xenapi"
|
|
image: "{{ neutron_openvswitch_agent_image_full }}"
|
|
enabled: "{{ neutron_plugin_agent == 'openvswitch' and nova_compute_virt_type == 'xenapi' }}"
|
|
privileged: True
|
|
host_in_groups: >-
|
|
{{
|
|
inventory_hostname in groups['compute']
|
|
}}
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-openvswitch-agent-xenapi/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/lib/modules:/lib/modules:ro"
|
|
- "/run:/run:shared"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-linuxbridge-agent:
|
|
container_name: "neutron_linuxbridge_agent"
|
|
image: "{{ neutron_linuxbridge_agent_image_full }}"
|
|
privileged: True
|
|
enabled: "{{ neutron_plugin_agent == 'linuxbridge' }}"
|
|
environment:
|
|
KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
|
|
NEUTRON_BRIDGE: "br-ex"
|
|
NEUTRON_INTERFACE: "{{ neutron_external_interface }}"
|
|
host_in_groups: >-
|
|
{{
|
|
inventory_hostname in groups['compute']
|
|
or (enable_manila | bool and inventory_hostname in groups['manila-share'])
|
|
or inventory_hostname in groups['neutron-dhcp-agent']
|
|
or inventory_hostname in groups['neutron-l3-agent']
|
|
or inventory_hostname in groups['neutron-metadata-agent']
|
|
}}
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-linuxbridge-agent/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/lib/modules:/lib/modules:ro"
|
|
- "/run:/run:shared"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-dhcp-agent:
|
|
container_name: "neutron_dhcp_agent"
|
|
image: "{{ neutron_dhcp_agent_image_full }}"
|
|
privileged: True
|
|
enabled: "{{ neutron_plugin_agent != 'vmware_nsxv' }}"
|
|
group: "neutron-dhcp-agent"
|
|
host_in_groups: "{{ inventory_hostname in groups['neutron-dhcp-agent'] }}"
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-dhcp-agent/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/run/:/run/:shared"
|
|
- "neutron_metadata_socket:/var/lib/neutron/kolla/"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-l3-agent:
|
|
container_name: "neutron_l3_agent"
|
|
image: "{{ neutron_l3_agent_image_full }}"
|
|
privileged: True
|
|
enabled: "{{ neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] and not enable_opendaylight_l3 | bool }}"
|
|
host_in_groups: >-
|
|
{{
|
|
inventory_hostname in groups['neutron-l3-agent']
|
|
or (inventory_hostname in groups['compute'] and enable_neutron_dvr | bool)
|
|
}}
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-l3-agent/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/lib/modules:/lib/modules:ro"
|
|
- "/run:/run:shared"
|
|
- "neutron_metadata_socket:/var/lib/neutron/kolla/"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-lbaas-agent:
|
|
container_name: "neutron_lbaas_agent"
|
|
image: "{{ neutron_lbaas_agent_image_full }}"
|
|
privileged: True
|
|
enabled: "{{ enable_neutron_lbaas | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] }}"
|
|
group: "neutron-lbaas-agent"
|
|
host_in_groups: "{{ inventory_hostname in groups['neutron-lbaas-agent'] }}"
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-lbaas-agent/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/run:/run:shared"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-sriov-agent:
|
|
container_name: "neutron_sriov_agent"
|
|
image: "{{ neutron_sriov_agent_image_full }}"
|
|
privileged: True
|
|
enabled: "{{ enable_neutron_sriov | bool and neutron_plugin_agent != 'vmware_nsxv' }}"
|
|
host_in_groups: "{{ inventory_hostname in groups['compute'] }}"
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-sriov-agent/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/run:/run:shared"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-metadata-agent:
|
|
container_name: "neutron_metadata_agent"
|
|
image: "{{ neutron_metadata_agent_image_full }}"
|
|
privileged: True
|
|
enabled: "{{ neutron_plugin_agent != 'vmware_nsxv' }}"
|
|
host_in_groups: >-
|
|
{{
|
|
inventory_hostname in groups['neutron-metadata-agent']
|
|
or (inventory_hostname in groups['compute'] and enable_neutron_dvr | bool)
|
|
}}
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-metadata-agent/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/run/:/run/:shared"
|
|
- "neutron_metadata_socket:/var/lib/neutron/kolla/"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-bgp-dragent:
|
|
container_name: "neutron_bgp_dragent"
|
|
image: "{{ neutron_bgp_dragent_image_full }}"
|
|
privileged: True
|
|
enabled: "{{ enable_neutron_bgp_dragent | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] }}"
|
|
group: "neutron-bgp-dragent"
|
|
host_in_groups: "{{ inventory_hostname in groups['neutron-bgp-dragent'] }}"
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-bgp-dragent/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/run:/run:shared"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
neutron-infoblox-ipam-agent:
|
|
container_name: "neutron_infoblox_ipam_agent"
|
|
image: "{{ neutron_infoblox_ipam_agent_image_full }}"
|
|
privileged: True
|
|
enabled: "{{ enable_neutron_infoblox_ipam_agent | bool }}"
|
|
group: "neutron-infoblox-ipam-agent"
|
|
host_in_groups: "{{ inventory_hostname in groups['neutron-infoblox-ipam-agent'] }}"
|
|
volumes:
|
|
- "{{ node_config_directory }}/neutron-infoblox-ipam-agent/:{{ container_config_directory }}/:ro"
|
|
- "/etc/localtime:/etc/localtime:ro"
|
|
- "/run:/run:shared"
|
|
- "kolla_logs:/var/log/kolla/"
|
|
|
|
|
|
####################
|
|
# Database
|
|
####################
|
|
neutron_database_name: "neutron"
|
|
neutron_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}neutron{% endif %}"
|
|
neutron_database_address: "{{ database_address }}:{{ database_port }}"
|
|
|
|
|
|
####################
|
|
# Docker
|
|
####################
|
|
neutron_install_type: "{{ kolla_install_type }}"
|
|
neutron_tag: "{{ openstack_release }}"
|
|
|
|
neutron_dhcp_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-dhcp-agent"
|
|
neutron_dhcp_agent_tag: "{{ neutron_tag }}"
|
|
neutron_dhcp_agent_image_full: "{{ neutron_dhcp_agent_image }}:{{ neutron_dhcp_agent_tag }}"
|
|
|
|
neutron_l3_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-l3-agent"
|
|
neutron_l3_agent_tag: "{{ neutron_tag }}"
|
|
neutron_l3_agent_image_full: "{{ neutron_l3_agent_image }}:{{ neutron_l3_agent_tag }}"
|
|
|
|
neutron_lbaas_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-lbaas-agent"
|
|
neutron_lbaas_agent_tag: "{{ neutron_tag }}"
|
|
neutron_lbaas_agent_image_full: "{{ neutron_lbaas_agent_image }}:{{ neutron_lbaas_agent_tag }}"
|
|
|
|
neutron_sriov_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-sriov-agent"
|
|
neutron_sriov_agent_tag: "{{ neutron_tag }}"
|
|
neutron_sriov_agent_image_full: "{{ neutron_sriov_agent_image }}:{{ neutron_sriov_agent_tag }}"
|
|
|
|
neutron_linuxbridge_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-linuxbridge-agent"
|
|
neutron_linuxbridge_agent_tag: "{{ neutron_tag }}"
|
|
neutron_linuxbridge_agent_image_full: "{{ neutron_linuxbridge_agent_image }}:{{ neutron_linuxbridge_agent_tag }}"
|
|
|
|
neutron_metadata_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-metadata-agent"
|
|
neutron_metadata_agent_tag: "{{ neutron_tag }}"
|
|
neutron_metadata_agent_image_full: "{{ neutron_metadata_agent_image }}:{{ neutron_metadata_agent_tag }}"
|
|
|
|
neutron_openvswitch_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-openvswitch-agent"
|
|
neutron_openvswitch_agent_tag: "{{ neutron_tag }}"
|
|
neutron_openvswitch_agent_image_full: "{{ neutron_openvswitch_agent_image }}:{{ neutron_openvswitch_agent_tag }}"
|
|
|
|
neutron_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-server{{ '-opendaylight' if enable_opendaylight | bool else '' }}"
|
|
neutron_server_tag: "{{ neutron_tag }}"
|
|
neutron_server_image_full: "{{ neutron_server_image }}:{{ neutron_server_tag }}"
|
|
|
|
neutron_bgp_dragent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-bgp-dragent"
|
|
neutron_bgp_dragent_tag: "{{ neutron_tag }}"
|
|
neutron_bgp_dragent_image_full: "{{ neutron_bgp_dragent_image }}:{{ neutron_bgp_dragent_tag }}"
|
|
|
|
neutron_infoblox_ipam_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-infoblox-ipam-agent"
|
|
neutron_infoblox_ipam_agent_tag: "{{ neutron_tag }}"
|
|
neutron_infoblox_ipam_agent_image_full: "{{ neutron_infoblox_ipam_agent_image }}:{{ neutron_infoblox_ipam_agent_tag }}"
|
|
|
|
####################
|
|
# OpenStack
|
|
####################
|
|
dhcp_agents_per_network: 2
|
|
max_l3_agents_per_router: 3
|
|
|
|
# valid value is: ["v1", "v2"]
|
|
neutron_fwaas_version: "v1"
|
|
|
|
neutron_admin_endpoint: "{{ admin_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
|
|
neutron_internal_endpoint: "{{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}"
|
|
neutron_public_endpoint: "{{ public_protocol }}://{{ kolla_external_fqdn }}:{{ neutron_server_port }}"
|
|
|
|
neutron_logging_debug: "{{ openstack_logging_debug }}"
|
|
|
|
openstack_neutron_auth: "{{ openstack_auth }}"
|
|
|
|
####################
|
|
# Extension drivers
|
|
####################
|
|
extension_drivers:
|
|
- name: "qos"
|
|
enabled: "{{ enable_neutron_qos | bool or enable_opendaylight_qos | bool }}"
|
|
- name: "port_security"
|
|
enabled: true
|
|
- name: "dns"
|
|
enabled: "{{ enable_designate | bool }}"
|
|
- name: "sfc"
|
|
enabled: "{{ enable_neutron_sfc | bool }}"
|
|
|
|
neutron_extension_drivers: "{{ extension_drivers|selectattr('enabled', 'equalto', true)|list }}"
|
|
|
|
####################
|
|
# Service Plugins
|
|
####################
|
|
service_plugins:
|
|
- name: "firewall"
|
|
enabled: "{{ enable_neutron_fwaas | bool and neutron_fwaas_version == 'v1' }}"
|
|
- name: "firewall_v2"
|
|
enabled: "{{ enable_neutron_fwaas | bool and neutron_fwaas_version == 'v2' }}"
|
|
- name: "flow_classifier"
|
|
enabled: "{{ enable_neutron_sfc | bool }}"
|
|
- name: "lbaasv2"
|
|
enabled: "{{ enable_neutron_lbaas | bool }}"
|
|
- name: "neutron_dynamic_routing.services.bgp.bgp_plugin.BgpPlugin"
|
|
enabled: "{{ enable_neutron_bgp_dragent | bool }}"
|
|
- name: "qos"
|
|
enabled: "{{ enable_neutron_qos | bool or enable_opendaylight_qos | bool}}"
|
|
- name: "router"
|
|
enabled: "{{ not enable_opendaylight_l3 | bool }}"
|
|
- name: "segments"
|
|
enabled: "{{ enable_neutron_segments | bool }}"
|
|
- name: "sfc"
|
|
enabled: "{{ enable_neutron_sfc | bool }}"
|
|
- name: "vpnaas"
|
|
enabled: "{{ enable_neutron_vpnaas | bool }}"
|
|
- name: "{{ opendaylight_l3_service_plugin }}"
|
|
enabled: "{{ enable_opendaylight_l3 | bool and enable_opendaylight | bool }}"
|
|
|
|
neutron_service_plugins: "{{ service_plugins|selectattr('enabled', 'equalto', true)|list }}"
|
|
|
|
####################
|
|
# Notification
|
|
####################
|
|
neutron_notification_topics:
|
|
- name: notifications
|
|
enabled: "{{ enable_ceilometer | bool or enable_searchlight | bool or enable_neutron_infoblox_ipam_agent | bool }}"
|
|
- name: notifications_designate
|
|
enabled: "{{ enable_designate | bool }}"
|
|
|
|
neutron_enabled_notification_topics: "{{ neutron_notification_topics | selectattr('enabled', 'equalto', true) | list }}"
|
|
|
|
####################
|
|
# Agent Extensions
|
|
####################
|
|
agent_extensions:
|
|
- name: "qos"
|
|
enabled: "{{ enable_neutron_qos | bool }}"
|
|
- name: "sfc"
|
|
enabled: "{{ enable_neutron_sfc | bool }}"
|
|
|
|
neutron_agent_extensions: "{{ agent_extensions | selectattr('enabled', 'equalto', true) | list }}"
|
|
|
|
l3_agent_extensions:
|
|
- name: "fwaas"
|
|
enabled: "{{ enable_neutron_fwaas | bool and neutron_fwaas_version == 'v1' }}"
|
|
- name: "fwaas_v2"
|
|
enabled: "{{ enable_neutron_fwaas | bool and neutron_fwaas_version == 'v2' }}"
|
|
- name: "vpnaas"
|
|
enabled: "{{ enable_neutron_vpnaas | bool }}"
|
|
|
|
neutron_l3_agent_extensions: "{{ l3_agent_extensions | selectattr('enabled', 'equalto', true) | list }}"
|
|
|
|
####################
|
|
# VMware NSXV
|
|
####################
|
|
vmware_nsxv_user: "nsx_manager_user"
|
|
vmware_nsxv_manager_uri: "https://127.0.0.1"
|
|
vmware_nsxv_insecure: "True"
|
|
vmware_nsxv_cluster_moid: "TestCluster"
|
|
vmware_nsxv_datacenter_moid: "TestDataCeter"
|
|
vmware_nsxv_resource_pool_id: "TestRSGroup"
|
|
vmware_nsxv_datastore_id: "TestDataStore"
|
|
vmware_nsxv_external_network: "TestDVSPort-Ext"
|
|
vmware_nsxv_vdn_scope_id: "TestVDNScope"
|
|
vmware_nsxv_dvs_id: "TestDVS"
|
|
vmware_nsxv_backup_edge_pool: "service:compact:1:2"
|
|
vmware_nsxv_spoofguard_enabled: "false"
|
|
vmware_nsxv_metadata_initializer: "false"
|
|
vmware_nsxv_edge_ha: "false"
|
|
|
|
####################
|
|
# VMware DVS
|
|
####################
|
|
vmware_dvs_host_ip: "192.168.1.1"
|
|
vmware_dvs_host_port: "443"
|
|
vmware_dvs_host_username: "admin"
|
|
vmware_dvs_insecure: "True"
|
|
vmware_dvs_dvs_name: "VDS-1"
|
|
vmware_dvs_dhcp_override_mac: ""
|
|
|
|
####################
|
|
# Infoblox IPAM
|
|
####################
|
|
infoblox_cloud_data_center_id: "1"
|
|
infoblox_grid_master_host: "192.168.1.1"
|
|
infoblox_grid_master_name: "infoblox.localdomain"
|
|
infoblox_admin_user_name: "admin"
|
|
infoblox_wapi_version: "2.3"
|
|
infoblox_wapi_max_results: "-50000"
|
|
|
|
######################
|
|
# Notification Drivers
|
|
######################
|
|
notification_drivers:
|
|
- name: "odl-qos-v2"
|
|
enabled: "{{ enable_opendaylight_qos | bool }}"
|
|
|
|
neutron_notification_drivers: "{{ notification_drivers|selectattr('enabled', 'equalto', true)|list }}"
|