Merge "Adds networking-ovn support"

This commit is contained in:
Zuul 2018-08-17 08:05:34 +00:00 committed by Gerrit Code Review
commit 51b654cf57
19 changed files with 713 additions and 3 deletions

View File

@ -73,6 +73,8 @@ networking_bgpvpn_git_repo: https://git.openstack.org/openstack/networking-bgpvp
networking_bgpvpn_git_install_branch: master
openstack_ceilometer_git_repo: https://git.openstack.org/openstack/ceilometer
openstack_ceilometer_git_install_branch: master
networking_ovn_git_repo: https://git.openstack.org/openstack/networking-ovn
networking_ovn_git_install_branch: master
# Developer mode
neutron_developer_mode: false
@ -184,6 +186,8 @@ neutron_sriov_nic_agent_ini_overrides: {}
neutron_sriov_nic_agent_init_overrides: {}
neutron_vpn_agent_init_overrides: {}
neutron_vpnaas_agent_ini_overrides: {}
neutron_ovn_metadata_agent_ini_overrides: {}
neutron_ovn_metadata_agent_init_overrides: {}
###
### Quotas
@ -357,6 +361,7 @@ neutron_local_ip: 127.0.0.1
# network_types: "vxlan,flat,vlan"
# network_vlan_ranges: "vlan:1:1,vlan:1024:1025"
# network_vxlan_ranges: "1:1000"
# network_geneve_ranges: "1:1000"
# network_sriov_mappings: "vlan:p4p1"
###
@ -454,6 +459,12 @@ dragonflow_int_peer_patch_port: patch-ex
dragonflow_external_network_bridge: br-ex
dragonflow_publisher_bind_address: "*"
# OVN Defaults
neutron_ovn_northd_service_name: ovn-northd
neutron_ovn_controller_service_name: ovn-controller
neutron_ovn_l3_scheduler: leastloaded
neutron_ovn_ip: "{{ internal_lb_vip_address }}"
# Install Openvswitch without NSH support
ovs_nsh_support: False

230
doc/source/app-ovn.rst Normal file
View File

@ -0,0 +1,230 @@
========================================
Scenario - Open Virtual Network (OVN)
========================================
Overview
~~~~~~~~
Operators can choose to utilize the Open Virtual Network (OVN) mechanism
driver instead of Linux bridges or plain Open vSwitch for the Neutron ML2
plugin. This offers the possibility to deploy virtual networks and routers
using OVN with Open vSwitch, which replaces the agent-based model used by
the aforementioned architectures. This document outlines how to set it up in
your environment.
The current implementation of OVN in OpenStack-Ansible should not be considered
production-ready and makes the following architectural assumptions:
* Each compute node will act as an OVN controller
* Each compute node is eligible to serve as an OVN gateway node
NOTE: Physical VTEP integration is not yet supported.
Recommended reading
~~~~~~~~~~~~~~~~~~~
Since this is an extension of the basic Open vSwitch scenario, it is worth
reading that scenario to get some background. It is also recommended to be
familiar with OVN and networking-ovn projects and their configuration.
* `Scenario: Open vSwitch <app-openvswitch.html>`_
* `OVN Architecture <http://www.openvswitch.org//support/dist-docs/ovn-architecture.7.html>`_
* `Networking-ovn <https://github.com/openstack/networking-ovn>`_
Prerequisites
~~~~~~~~~~~~~
* Open vSwitch >= 2.9.0
* Networking-ovn at time of writing requires neutron-lib>=1.17.0. The overrides
described here will ensure that version is installed.
* A successful deployment of OVN requires a dedicated network interface be
attached to the OVS provider bridge. This is not handled automatially and
may require changes to the network interface configuration file.
OpenStack-Ansible user variables
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Set the following user variables in your
``/etc/openstack_deploy/user_variables.yml``:
.. code-block:: yaml
# Ensure the openvswitch kernel module is loaded
openstack_host_specific_kernel_modules:
- name: "openvswitch"
pattern: "CONFIG_OPENVSWITCH"
group: "network_hosts"
neutron_plugin_type: ml2.ovn
neutron_plugin_base:
- networking_ovn.l3.l3_ovn.OVNL3RouterPlugin
neutron_ml2_drivers_type: "vlan,local,geneve"
# Typically this would be defined by the os-neutron-install
# playbook. The provider_networks library would parse the
# provider_networks list in openstack_user_config.yml and
# generate the values of network_types, network_vlan_ranges
# and network_mappings. network_mappings would have a
# different value for each host in the inventory based on
# whether or not the host was metal (typically a compute host)
# or a container (typically a neutron agent container)
#
# When using OVN w/ Open vSwitch, we override it to take into account
# the Open vSwitch bridge we are going to define outside of
# OpenStack-Ansible plays. All segmentation id ranges can be tweaked
# to suit the environment. VXLAN networks are not directly supported.
# When configuring Neutron to support only geneve tenant networks and
# vlan provider networks the configuration may resemble the following:
neutron_provider_networks:
network_types: "geneve"
network_geneve_ranges: "1:1000"
network_vlan_ranges: "vlan"
network_mappings: "vlan:br-provider"
# When configuring Neutron to support only vlan tenant networks and
# vlan provider networks the configuration may resemble the following:
neutron_provider_networks:
network_types: "vlan"
network_vlan_ranges: "vlan:102:199"
network_mappings: "vlan:br-provider"
repo_build_upper_constraints_overrides: [neutron-lib>=1.17.0]
The overrides are instructing Ansible to deploy the OVN mechanism driver and
associated OVN components. This is done by setting ``neutron_plugin_type``
to ``ml2.ovn``.
The ``neutron_plugin_base`` override instructions Neutron to use OVN for
routing functions rather than the standard L3 agent model.
The ``neutron_ml2_drivers_type`` override provides support for all type
drivers supported by OVN.
Open Virtual Network (OVN) commands
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following commands can be used to provide useful information about...
The ``ovs-vsctl list open_vswitch`` command provides information about the
``open_vswitch`` table in the local Open vSwitch database:
.. code-block::
root@aio1:~# ovs-vsctl list open_vswitch
_uuid : 855c820b-c082-4d8f-9828-8cab01c6c9a0
bridges : [37d3bd82-d436-474e-89b7-705aea634d7d, a393b2f6-5c3d-4ccd-a2f9-e9817391612a]
cur_cfg : 14
datapath_types : [netdev, system]
db_version : "7.15.1"
external_ids : {hostname="aio1", ovn-bridge-mappings="vlan:br-provider", ovn-encap-ip="172.29.240.100", ovn-encap-type="geneve,vxlan", ovn-remote="tcp:172.29.236.100:6642", rundir="/var/run/openvswitch", system-id="11af26c6-9ec1-4cf7-bf41-2af45bd59b03"}
iface_types : [geneve, gre, internal, lisp, patch, stt, system, tap, vxlan]
manager_options : []
next_cfg : 14
other_config : {}
ovs_version : "2.9.0"
ssl : []
statistics : {}
system_type : ubuntu
system_version : "16.04"
The ``ovn-sbctl show`` command provides information related to southbound
connections. If used outside the ovn_northd container, specify the
connection details:
.. code-block::
root@aio1-neutron-ovn-northd-container-57a6f1a9:~# ovn-sbctl show
Chassis "11af26c6-9ec1-4cf7-bf41-2af45bd59b03"
hostname: "aio1"
Encap vxlan
ip: "172.29.240.100"
options: {csum="true"}
Encap geneve
ip: "172.29.240.100"
options: {csum="true"}
root@aio1:~# ovn-sbctl --db=tcp:172.29.236.100:6642 show
Chassis "11af26c6-9ec1-4cf7-bf41-2af45bd59b03"
hostname: "aio1"
Encap vxlan
ip: "172.29.240.100"
options: {csum="true"}
Encap geneve
ip: "172.29.240.100"
options: {csum="true"}
The ``ovn-nbctl show`` command provides information about networks known
to OVN and demonstrates connectivity between the northbound database
and neutron-server.
.. code-block::
root@aio1-neutron-ovn-northd-container-57a6f1a9:~# ovn-nbctl show
switch 5e77f29e-5dd3-4875-984f-94bd30a12dc3 (neutron-87ec5a05-9abe-4c93-89bd-c6d40320db87) (aka testnet)
port 65785045-69ec-49e7-82e3-b9989f718a9c
type: localport
addresses: ["fa:16:3e:68:a3:c8"]
The ``ovn-nbctl list Address_Set`` command provides information related to
security groups. If used outside the ovn_northd container, specify the
connection details:
.. code-block::
root@aio1-neutron-ovn-northd-container-57a6f1a9:~# ovn-nbctl list Address_Set
_uuid : 575b3015-f83f-4bd6-a698-3fe67e43bec6
addresses : []
external_ids : {"neutron:security_group_id"="199997c1-6f06-4765-89af-6fd064365c6a"}
name : "as_ip4_199997c1_6f06_4765_89af_6fd064365c6a"
_uuid : b6e211af-e52e-4c59-93ce-adf75ec14f46
addresses : []
external_ids : {"neutron:security_group_id"="199997c1-6f06-4765-89af-6fd064365c6a"}
name : "as_ip6_199997c1_6f06_4765_89af_6fd064365c6a"
root@aio1:~# ovn-nbctl --db=tcp:172.29.236.100:6641 list Address_Set
_uuid : 575b3015-f83f-4bd6-a698-3fe67e43bec6
addresses : []
external_ids : {"neutron:security_group_id"="199997c1-6f06-4765-89af-6fd064365c6a"}
name : "as_ip4_199997c1_6f06_4765_89af_6fd064365c6a"
_uuid : b6e211af-e52e-4c59-93ce-adf75ec14f46
addresses : []
external_ids : {"neutron:security_group_id"="199997c1-6f06-4765-89af-6fd064365c6a"}
name : "as_ip6_199997c1_6f06_4765_89af_6fd064365c6a"
Additional commands can be found in upstream OVN documentation.
Notes
~~~~~
The ``ovn-controller`` service on compute nodes will check in as an agent
and can be observed using the ``openstack network agent list`` command:
.. code-block::
root@aio1-utility-container-35bebd2a:~# openstack network agent list
+--------------------------------------+------------------------------+------+-------------------+-------+-------+----------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+------------------------------+------+-------------------+-------+-------+----------------+
| 4db288a6-8f8a-4153-b4b7-7eaf44f9e881 | OVN Controller Gateway agent | aio1 | n/a | :-) | UP | ovn-controller |
+--------------------------------------+------------------------------+------+-------------------+-------+-------+----------------+
The HAproxy client and server timeout values have been increased from
50 seconds to 90 minutes for all load-balanced OVN-related services.
The HAproxy implementation in use may not properly handle active/backup
failover for ovsdb-server with OVN. Work may be done to implement
pacemaker/corosync or wait for active/active support.
Warranty
~~~~~~~~
This implementation of OVN is not supported and should be considered
only for development purposes. The architecture within OSA is subject
to change. Reviews and suggestions are welcome.

View File

@ -0,0 +1,20 @@
# neutron-rootwrap command filters for nodes on which neutron is
# expected to control network
#
# This file should be owned by (and only-writeable by) the root user
# format seems to be
# cmd-name: filter-name, raw-command, user, args
[Filters]
# ovn
ovn-ctl: CommandFilter, ovn-ctl, root
# ip_lib
ip: IpFilter, ip, root
find: RegExpFilter, find, root, find, /sys/class/net, -maxdepth, 1, -type, l, -printf, %.*
ip_exec: IpNetnsExecFilter, ip, root
# haproxy
haproxy: CommandFilter, haproxy, root

View File

@ -104,8 +104,8 @@
name: systemd_service
private: true
vars:
systemd_user_name: "{{ neutron_system_user_name }}"
systemd_group_name: "{{ neutron_system_group_name }}"
systemd_user_name: "{{ service_var.systemd_user_name | default(neutron_system_user_name) }}"
systemd_group_name: "{{ service_var.systemd_group_name | default(neutron_system_group_name) }}"
systemd_tempd_prefix: openstack
systemd_slice_name: neutron
systemd_lock_path: /var/lock/neutron
@ -113,10 +113,12 @@
systemd_BlockIOAccounting: true
systemd_MemoryAccounting: true
systemd_TasksAccounting: true
systemd_PrivateTmp: "{{ service_var.systemd_PrivateTmp | default(True) }}"
systemd_services:
- service_name: "{{ service_var.service_name }}"
enabled: yes
state: started
service_type: "{{ service_var.service_type | default(systemd_default_service_type) }}"
execstarts: "{{ service_var.execstarts }}"
execreloads: "{{ service_var.execreloads | default([]) }}"
config_overrides: "{{ service_var.init_config_overrides }}"

View File

@ -0,0 +1,97 @@
# (c) 2018, James Denton <james.denton@rackspace.com>
#
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Install OVN pip packages
pip:
name: "{{ neutron_optional_ovn_pip_packages }}"
state: "{{ neutron_pip_package_state }}"
virtualenv: "{{ neutron_bin | dirname }}"
virtualenv_site_packages: "no"
extra_args: >-
{{ neutron_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }}
{{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''),'') }}
{{ pip_install_options | default('') }}
register: install_packages
until: install_packages|success
retries: 5
delay: 2
when:
- neutron_services['neutron-server']['group'] in group_names
or neutron_services['neutron-ovn-northd']['group'] in group_names
or neutron_services['neutron-ovn-controller']['group'] in group_names
notify: Restart neutron services
tags:
- ovn-install
- ovn-pip-packages
- name: Install ovn-northd packages
package:
name: "{{ neutron_ovn_northd_distro_packages }}"
state: "{{ neutron_package_state }}"
update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}"
cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}"
register: install_packages
until: install_packages is success
retries: 5
delay: 2
when:
- neutron_services['neutron-ovn-northd']['group'] in group_names
- name: Install ovn-controller packages
package:
name: "{{ neutron_ovn_controller_distro_packages }}"
state: "{{ neutron_package_state }}"
update_cache: "{{ (ansible_pkg_mgr in ['apt', 'zypper']) | ternary('yes', omit) }}"
cache_valid_time: "{{ (ansible_pkg_mgr == 'apt') | ternary(cache_timeout, omit) }}"
register: install_packages
until: install_packages is success
retries: 5
delay: 2
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Ensure Open vSwitch service is started and enabled
systemd:
name: "{{ neutron_ovs_service_name }}"
state: started
enabled: yes
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-northd']['group'] in group_names
or neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Ensure ovn-northd service is started and enabled
systemd:
name: "{{ neutron_ovn_northd_service_name }}"
state: started
enabled: yes
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-northd']['group'] in group_names
- name: Ensure ovn-controller service is started and enabled
systemd:
name: "{{ neutron_ovn_controller_service_name }}"
state: started
enabled: yes
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- include: setup_ovs_ovn.yml

View File

@ -0,0 +1,87 @@
# (c) 2018, James Denton <james.denton@rackspace.com>
#
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Set openvswitch hostname
command: "ovs-vsctl set open_vswitch . external-ids:hostname='{{ inventory_hostname }}'"
tags:
- ovn-config
- name: Create ovsdb-server Listener
command: "ovs-vsctl set-manager ptcp:6640"
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-northd']['group'] in group_names
- name: Configure OVN Northbound Listener
command: "ovn-nbctl set-connection ptcp:6641:0.0.0.0 -- set connection . inactivity_probe=60000"
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-northd']['group'] in group_names
- name: Configure OVN Southbound Listener
command: "ovn-sbctl set-connection ptcp:6642:0.0.0.0 -- set connection . inactivity_probe=60000"
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-northd']['group'] in group_names
# (NOTE) This makes all computes eligible to be gateway nodes
- name: Set CMS Options for Gateway Scheduling
command: "ovs-vsctl set open . external-ids:ovn-cms-options=enable-chassis-as-gw"
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Configure OVN Southbound Connection
command: "ovs-vsctl set open . external-ids:ovn-remote=tcp:{{ neutron_ovn_ip }}:6642"
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
# (todo) Dynamic encap type
- name: Configure Supported OVN Overlay Protocols
command: "ovs-vsctl set open . external-ids:ovn-encap-type=geneve,vxlan"
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Configure Encapsulation Address for Overlay Traffic
command: "ovs-vsctl set open . external-ids:ovn-encap-ip={{ neutron_local_ip }}"
tags:
- ovn-config
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Setup Network Provider Bridge
openvswitch_bridge:
bridge: "{{ neutron_provider_networks.network_mappings.split(':')[1] }}"
state: present
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- neutron_provider_networks.network_mappings is defined
- name: Set the Bridge Mappings
command: "ovs-vsctl set open . external-ids:ovn-bridge-mappings={{ neutron_provider_networks.network_mappings }}"
tags:
- ovn-config
when:
- neutron_provider_networks.network_mappings is defined
- neutron_services['neutron-ovn-controller']['group'] in group_names

View File

@ -0,0 +1,14 @@
# {{ ansible_managed }}
[DEFAULT]
debug = {{ debug }}
# Nova metadata service IP and port
nova_metadata_host = {{ internal_lb_vip_address }}
# Metadata proxy shared secret
metadata_proxy_shared_secret = {{ nova_metadata_proxy_secret }}
[ovs]
ovsdb_connection = unix:{{ neutron_ovs_socket_path }}/db.sock
ovsdb_connection_timeout = 180

View File

@ -36,6 +36,25 @@ vni_ranges = {{ neutron_provider_networks.network_vxlan_ranges }}
{% endif %}
{% if neutron_provider_networks.network_geneve_ranges is defined %}
[ml2_type_geneve]
vni_ranges = {{ neutron_provider_networks.network_geneve_ranges }}
max_header_size = 38
{% endif %}
{% if neutron_plugin_type == 'ml2.ovn' and (neutron_services['neutron-server']['group'] or neutron_services['neutron-ovn-controller']['group'] in group_names) %}
[ovn]
ovn_native_dhcp = True
ovn_nb_connection = tcp:{{ neutron_ovn_ip }}:6641
ovn_sb_connection = tcp:{{ neutron_ovn_ip }}:6642
ovn_l3_scheduler = {{ neutron_ovn_l3_scheduler }}
ovn_metadata_enabled = True
{% endif %}
# Security groups
[securitygroup]
{% if neutron_plugin_type == 'ml2.ovs' %}

View File

@ -0,0 +1,35 @@
---
openstack_host_specific_kernel_modules:
- name: "openvswitch"
pattern: "CONFIG_OPENVSWITCH"
tempest_run: yes
tempest_plugins:
- name: neutron
repo: https://git.openstack.org/openstack/neutron
branch: master
- name: neutron-plugins
repo: https://git.openstack.org/openstack/neutron-tempest-plugin
branch: master
tempest_test_whitelist:
- "neutron_tempest_plugin.api.test_networks*"
tempest_private_net_provider_type: geneve
neutron_plugin_type: ml2.ovn
neutron_local_ip: "{{ ansible_host }}"
neutron_plugin_base:
- networking_ovn.l3.l3_ovn.OVNL3RouterPlugin
neutron_ml2_drivers_type: "geneve,vlan,flat,local"
neutron_provider_networks:
network_types: "geneve"
network_geneve_ranges: "1:1000"
network_vlan_ranges: "vlan"
network_mappings: "vlan:br-provider"
repo_build_upper_constraints_overrides: [neutron-lib>=1.17.0]

74
tests/ovn_inventory Normal file
View File

@ -0,0 +1,74 @@
[all]
localhost
infra1
server1
server2
[physical_host]
localhost
[all_containers]
infra1
server1
server2
[oslomsg_rpc_all]
infra1
[oslomsg_notify_all]
infra1
[rabbitmq_all]
infra1
[galera_all]
infra1
[memcached_all]
infra1
[service_all:children]
rabbitmq_all
galera_all
memcached_all
[keystone_all]
infra1
[neutron_agent]
[neutron_dhcp_agent]
[neutron_linuxbridge_agent]
[neutron_openvswitch_agent]
[neutron_metering_agent]
[neutron_l3_agent]
[neutron_lbaas_agent]
[neutron_metadata_agent]
[neutron_server]
server1
server2
[neutron_calico_dhcp_agent]
[neutron_ovn_controller]
localhost
[neutron_ovn_northd]
server1
server2
[neutron_all:children]
neutron_agent
neutron_dhcp_agent
neutron_linuxbridge_agent
neutron_openvswitch_agent
neutron_metering_agent
neutron_l3_agent
neutron_lbaas_agent
neutron_metadata_agent
neutron_ovn_controller
neutron_ovn_northd
neutron_server
[utility_all]
infra1

View File

@ -152,6 +152,13 @@ setenv =
commands =
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
[testenv:func_ovn]
setenv =
{[testenv]setenv}
ANSIBLE_INVENTORY={toxinidir}/tests/ovn_inventory
ANSIBLE_OVERRIDES={toxinidir}/tests/neutron-overrides-ovn.yml
commands =
bash -c "{toxinidir}/tests/common/test-ansible-functional.sh"
[testenv:odl-sfc]
setenv =

View File

@ -44,6 +44,16 @@ neutron_package_list: |-
{% if neutron_services['neutron-metadata-agent']['group'] in group_names %}
{% set _ = packages.extend(neutron_metadata_agent_distro_packages) %}
{% endif %}
{% if (neutron_services['neutron-ovn-northd']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool)
or (neutron_services['neutron-ovn-controller']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool) %}
{% set _ = packages.extend(neutron_ovn_distro_packages) %}
{% endif %}
{% if (neutron_services['neutron-ovn-northd']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool) %}
{% set _ = packages.extend(neutron_ovn_northd_distro_packages) %}
{% endif %}
{% if (neutron_services['neutron-ovn-controller']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool) %}
{% set _ = packages.extend(neutron_ovn_controller_distro_packages) %}
{% endif %}
{% if neutron_developer_mode | bool %}
{% set _ = packages.extend(neutron_developer_mode_distro_packages) %}
{% endif %}

View File

@ -20,6 +20,8 @@ neutron_needs_openvswitch: >-
{{ (neutron_services['neutron-openvswitch-agent']['group'] in group_names and neutron_services['neutron-openvswitch-agent'].service_en | bool)
or (neutron_services['dragonflow-controller-agent']['group'] in group_names and neutron_services['dragonflow-controller-agent'].service_en | bool)
or (neutron_services['dragonflow-l3-agent']['group'] in group_names and neutron_services['dragonflow-l3-agent'].service_en | bool)
or (neutron_services['neutron-ovn-northd']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool)
or (neutron_services['neutron-ovn-controller']['group'] in group_names and (neutron_plugin_type == 'ml2.ovn') | bool)
or ((neutron_services['neutron-server']['group'] not in group_names) and neutron_plugin_type == 'ml2.opendaylight') }}
# Set the Calico Felix agent executable destination path
@ -121,6 +123,12 @@ neutron_plugins:
plugin_ini: plugins/ml2/ml2_conf.ini
driver_interface: "openvswitch"
l3_agent_mode: "legacy"
ml2.ovn:
drivers_type: "{{ neutron_ml2_drivers_type }}"
mechanisms: "ovn"
plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}"
plugin_core: ml2
plugin_ini: plugins/ml2/ml2_conf.ini
###
### ML2 Plugin Configuration
@ -457,6 +465,27 @@ neutron_services:
config_type: "ini"
init_config_overrides: "{{ neutron_dragonflow_pubsub_agent_init_overrides }}"
start_order: 3
neutron-ovn-northd:
group: neutron_ovn_northd
service_en: False
neutron-ovn-controller:
group: neutron_ovn_controller
service_en: False
networking-ovn-metadata-agent:
group: neutron_ovn_controller
systemd_user_name: root
systemd_group_name: root
systemd_PrivateTmp: False
service_name: networking-ovn-metadata-agent
service_en: "{{ neutron_plugin_type == 'ml2.ovn' }}"
service_conf_path: "{{ neutron_conf_dir }}"
service_conf: networking_ovn_metadata_agent.ini
service_rootwrap: rootwrap.d/ovn-plugin.filters
execstarts: "{{ neutron_bin }}/networking-ovn-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/networking_ovn_metadata_agent.ini --log-file=/var/log/neutron/networking-ovn-metadata-agent.log"
config_overrides: "{{ neutron_ovn_metadata_agent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_ovn_metadata_agent_init_overrides }}"
start_order: 3
###
### Internals: Drivers mappings

View File

@ -25,6 +25,12 @@ neutron_ovs_distro_packages:
neutron_ovs_service_name: openvswitch
neutron_ovn_northd_service_name: ovn-northd
neutron_ovn_controller_service_name: ovn-controller
neutron_ovs_socket_path: "/usr/local/var/run/openvswitch"
neutron_distro_packages:
- conntrack-tools
- dnsmasq
@ -39,6 +45,15 @@ neutron_distro_packages:
- radvd
- which
neutron_ovn_distro_packages:
- openvswitch-ovn-common
neutron_ovn_controller_distro_packages:
- openvswitch-ovn-host
neutron_ovn_northd_distro_packages:
- openvswitch-ovn-central
neutron_devel_distro_packages:
- python-httplib2

View File

@ -43,6 +43,16 @@ neutron_package_list: |-
{% if neutron_services['neutron-metadata-agent']['group'] in group_names %}
{% set _ = packages.extend(neutron_metadata_agent_distro_packages) %}
{% endif %}
{% if (neutron_services['neutron-ovn-northd']['group'] in group_names and neutron_plugin_type == 'ml2.ovn')
or (neutron_services['neutron-ovn-controller']['group'] in group_names and neutron_plugin_type == 'ml2.ovn') %}
{% set _ = packages.extend(neutron_ovn_distro_packages) %}
{% endif %}
{% if (neutron_services['neutron-ovn-northd']['group'] in group_names and neutron_plugin_type == 'ml2.ovn') %}
{% set _ = packages.extend(neutron_ovn_northd_distro_packages) %}
{% endif %}
{% if (neutron_services['neutron-ovn-controller']['group'] in group_names and neutron_plugin_type == 'ml2.ovn') %}
{% set _ = packages.extend(neutron_ovn_controller_distro_packages) %}
{% endif %}
{% if neutron_developer_mode | bool %}
{% set _ = packages.extend(neutron_developer_mode_distro_packages) %}
{% endif %}
@ -96,6 +106,9 @@ neutron_proprietary_nuage_pip_packages:
- nuage-openstack-neutronclient
- nuagenetlib
neutron_optional_ovn_pip_packages:
- networking-ovn
neutron_developer_constraints:
- "git+{{ neutron_git_repo }}@{{ neutron_git_install_branch }}#egg=neutron"
- "git+{{ neutron_fwaas_git_repo }}@{{ neutron_fwaas_git_install_branch }}#egg=neutron-fwaas"
@ -108,6 +121,7 @@ neutron_developer_constraints:
- "git+{{ networking_sfc_git_repo }}@{{ networking_sfc_git_install_branch }}#egg=networking-sfc"
- "git+{{ networking_bgpvpn_git_repo }}@{{ networking_bgpvpn_git_install_branch }}#egg=networking-bgpvpn"
- "git+{{ openstack_ceilometer_git_repo }}@{{ openstack_ceilometer_git_install_branch }}#egg=ceilometer"
- "git+{{ networking_ovn_git_repo }}@{{ networking_ovn_git_install_branch }}#egg=networking-ovn"
neutron_bin: "/openstack/venvs/neutron-{{ neutron_venv_tag }}/bin"

View File

@ -26,6 +26,12 @@ neutron_ovs_distro_packages:
neutron_ovs_service_name: openvswitch
neutron_ovn_northd_service_name: ovn-northd
neutron_ovn_controller_service_name: ovn-controller
neutron_ovs_socket_path: "/usr/local/var/run/openvswitch"
neutron_ovs_nsh_required_packages:
- openvswitch-switch
@ -50,6 +56,15 @@ neutron_distro_packages:
- radvd
- which
neutron_ovn_distro_packages:
- openvswitch-ovn-common
neutron_ovn_controller_distro_packages:
- openvswitch-ovn-host
neutron_ovn_northd_distro_packages:
- openvswitch-ovn-central
neutron_devel_distro_packages:
- python-httplib2

View File

@ -26,6 +26,12 @@ neutron_ovs_distro_packages:
neutron_ovs_service_name: openvswitch-switch
neutron_ovn_northd_service_name: ovn-central
neutron_ovn_controller_service_name: ovn-host
neutron_ovs_socket_path: "/var/run/openvswitch"
neutron_ovs_nsh_required_packages:
- openvswitch-common
- openvswitch-switch
@ -47,6 +53,15 @@ neutron_distro_packages:
- python-keystoneclient
- radvd
neutron_ovn_distro_packages:
- ovn-common
neutron_ovn_controller_distro_packages:
- ovn-host
neutron_ovn_northd_distro_packages:
- ovn-central
neutron_devel_distro_packages:
- python-httplib2

View File

@ -20,6 +20,20 @@
vars:
tox_env: func_ovs
- job:
name: openstack-ansible-ovn-ubuntu-xenial-nv
parent: openstack-ansible-functional-ubuntu-xenial
voting: false
vars:
tox_env: func_ovn
- job:
name: openstack-ansible-ovn-centos-7-nv
parent: openstack-ansible-functional-centos-7
voting: false
vars:
tox_env: func_ovn
- job:
name: openstack-ansible-calico-ubuntu-xenial-nv
parent: openstack-ansible-functional-ubuntu-xenial

View File

@ -20,6 +20,8 @@
jobs:
- openstack-ansible-upgrade-ubuntu-xenial
- openstack-ansible-ovs-ubuntu-xenial-nv
- openstack-ansible-ovn-ubuntu-xenial-nv
- openstack-ansible-ovn-centos-7-nv
- openstack-ansible-calico-ubuntu-xenial-nv
- openstack-ansible-dragonflow-ubuntu-xenial-nv
- openstack-ansible-opendaylight-ubuntu-xenial-nv