diff --git a/defaults/main.yml b/defaults/main.yml index d9d5c2ab..de807937 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -56,6 +56,8 @@ networking_odl_git_repo: https://git.openstack.org/openstack/networking-odl networking_odl_git_install_branch: master networking_sfc_git_repo: https://git.openstack.org/openstack/networking-sfc networking_sfc_git_install_branch: master +networking_bgpvpn_git_repo: https://git.openstack.org/openstack/networking-bgpvpn +networking_bgpvpn_git_install_branch: master # Developer mode neutron_developer_mode: false diff --git a/doc/source/app-opendaylight.rst b/doc/source/app-opendaylight.rst index f8866227..9e5d77c4 100644 --- a/doc/source/app-opendaylight.rst +++ b/doc/source/app-opendaylight.rst @@ -122,6 +122,26 @@ When using this configuration, networking-sfc will be deployed and SFC features will be activated in ODL. A SFC topology could be then set up through the networking-sfc API or through an orchestrator like tacker (if deployed). + +BGPVPN configuration +~~~~~~~~~~~~~~~~~~~~ + +ODL provides support for extending L3 services over DC-GW by BGPVPN. This way +Openstack configures ODL as BGP speaker to exchange the routes with DC-GW to +establish the communication between Tenant VMs and external world in the +data path. + +To activate BGPVPN service, you should add the following variables in addition +to the OpenStack-Ansible user variables mentioned above. + +.. code-block:: yaml + + # Activate the BGPVPN capabilities of ODL + neutron_plugin_base: + - odl-router_v2 + - bgpvpn + + Security information ~~~~~~~~~~~~~~~~~~~~ diff --git a/releasenotes/notes/neutron-opendaylight-bgpvpn-support-3e44e278a53deeac.yaml b/releasenotes/notes/neutron-opendaylight-bgpvpn-support-3e44e278a53deeac.yaml new file mode 100644 index 00000000..a9b697a3 --- /dev/null +++ b/releasenotes/notes/neutron-opendaylight-bgpvpn-support-3e44e278a53deeac.yaml @@ -0,0 +1,8 @@ +--- +features: + - Enable networking-bgpvpn ml2 neutron driver to make + ``OpenDaylight SDN Controller`` to support BGPVPN + for external network connectivity. You can set the + ``neutron_plugin_type`` to ``ml2.opendaylight`` and + ``neutron_plugin_base`` to ``odl-router_v2`` and + ``bgpvpn`` to enable BGPVPN on the OpenDaylight. diff --git a/tasks/neutron_post_install.yml b/tasks/neutron_post_install.yml index bb9aa110..34bbea1f 100644 --- a/tasks/neutron_post_install.yml +++ b/tasks/neutron_post_install.yml @@ -85,6 +85,18 @@ - "'service_conf_path' in item" - "'service_conf' in item" +- name: Generate neutron bgpvpn networking configuration + template: + src: "networking_bgpvpn.conf.j2" + dest: "{{ neutron_conf_dir }}/networking_bgpvpn.conf" + owner: "root" + group: "{{ neutron_system_group_name }}" + mode: "0640" + notify: + - Restart neutron services + when: + - "'bgpvpn' in neutron_plugin_base" + - name: Copy neutron rootwrap filters copy: src: "{{ item }}" diff --git a/tasks/providers/setup_ovs_opendaylight.yml b/tasks/providers/setup_ovs_opendaylight.yml index 770b489f..32d66b47 100644 --- a/tasks/providers/setup_ovs_opendaylight.yml +++ b/tasks/providers/setup_ovs_opendaylight.yml @@ -26,7 +26,7 @@ when: ovs_manager.stdout == "" - name: Configure hosts for networking-odl, force kernel datapath - command: "{{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk {% if 'odl-router_v2' in neutron_plugin_base or 'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %}" + command: "{{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk {% if neutron_provider_networks.network_mappings is defined and 'odl-router_v2' in neutron_plugin_base or 'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %}" when: ovs_manager.stdout == "" - name: Retrieve current OvS local ip diff --git a/templates/networking_bgpvpn.conf.j2 b/templates/networking_bgpvpn.conf.j2 new file mode 100644 index 00000000..c5eb60d8 --- /dev/null +++ b/templates/networking_bgpvpn.conf.j2 @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +[service_providers] +service_provider=BGPVPN:OpenDaylight:networking_odl.bgpvpn.odl_v2.OpenDaylightBgpvpnDriver:default diff --git a/templates/plugins/ml2/ml2_conf.ini.j2 b/templates/plugins/ml2/ml2_conf.ini.j2 index 3105e7a6..f5b1c713 100644 --- a/templates/plugins/ml2/ml2_conf.ini.j2 +++ b/templates/plugins/ml2/ml2_conf.ini.j2 @@ -7,7 +7,7 @@ tenant_network_types = {{ neutron_provider_networks.network_types if neutron_pro mechanism_drivers = {{ neutron_ml2_mechanism_drivers }} extension_drivers = port_security{% if 'qos' in neutron_plugin_base %},qos{% endif %}{% if 'dns' in neutron_plugin_base %},dns{% endif %} -{% if neutron_plugin_type == 'ml2.opendaylight' and ('odl-router_v2' in neutron_plugin_base or 'odl-router' in neutron_plugin_base) %} +{% if neutron_provider_networks.network_mappings is defined and (neutron_plugin_type == 'ml2.opendaylight' and ('odl-router_v2' in neutron_plugin_base or 'odl-router' in neutron_plugin_base)) %} bridge_mappings = {{ neutron_provider_networks.network_mappings }} {% endif %} diff --git a/tests/neutron-overrides-opendaylight-bgpvpn.yml b/tests/neutron-overrides-opendaylight-bgpvpn.yml new file mode 100644 index 00000000..ebcfcde1 --- /dev/null +++ b/tests/neutron-overrides-opendaylight-bgpvpn.yml @@ -0,0 +1,59 @@ +--- +# Copyright 2017, Ericsson AB +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +### Ensure the openvswitch kernel module is loaded +openstack_host_specific_kernel_modules: + - name: "openvswitch" + pattern: "CONFIG_OPENVSWITCH" + group: "network_hosts" + +### Use OpenDaylight SDN Controller +neutron_plugin_type: "ml2.opendaylight" +odl_ip: "{{ hostvars[groups['opendaylight'][0]]['ansible_default_ipv4']['address'] }}" +neutron_opendaylight_conf_ini_overrides: + ml2_odl: + url: "http://{{ odl_ip }}:8180/controller/nb/v2/neutron" + username: admin + password: admin + +neutron_plugin_base: + - odl-router_v2 + - bgpvpn + +neutron_ml2_drivers_type: "flat,vlan,vxlan" + +neutron_provider_networks: + network_flat_networks: "*" + network_types: "vlan" + network_vlan_ranges: "physnet1:102:199" + network_mappings: "physnet1:br-provider" + +tempest_run: yes + +tempest_plugins: + - name: neutron + repo: https://git.openstack.org/openstack/neutron + branch: master + - name: neutron-plugins + repo: https://git.openstack.org/openstack/neutron-tempest-plugin + branch: master + - name: https://git.openstack.org/openstack/networking-bgpvpn + branch: master + +tempest_test_whitelist: + - "neutron_tempest_plugin.api.test_networks*" + - "networking_bgpvpn_tempest.tests.api.test_bgpvpn" + - "networking_bgpvpn_tempest.tests.scenario.test_bgpvpn_basic" diff --git a/tox.ini b/tox.ini index 7d8da2c5..ecc063aa 100644 --- a/tox.ini +++ b/tox.ini @@ -159,6 +159,17 @@ commands = bash -c "{toxinidir}/tests/tests-repo-clone.sh" bash -c "{toxinidir}/tests/common/test-ansible-functional.sh" +[testenv:opendaylight-bgpvpn] +deps = + {[testenv:ansible]deps} +setenv = + {[testenv]setenv} + ANSIBLE_INVENTORY={toxinidir}/tests/opendaylight_inventory + ANSIBLE_OVERRIDES={toxinidir}/tests/neutron-overrides-opendaylight-bgpvpn.yml +commands = + bash -c "{toxinidir}/tests/tests-repo-clone.sh" + bash -c "{toxinidir}/tests/common/test-ansible-functional.sh" + [testenv:ovs-nsh] deps = {[testenv:ansible]deps} diff --git a/vars/main.yml b/vars/main.yml index aa204f1c..d2c69526 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -103,6 +103,7 @@ neutron_optional_dragonflow_pip_packages: neutron_optional_opendaylight_pip_packages: - networking-odl + - networking-bgpvpn neutron_optional_opendaylight_sfc_pip_packages: - networking-sfc @@ -122,6 +123,7 @@ neutron_developer_constraints: - "git+{{ dragonflow_git_repo }}@{{ dragonflow_git_install_branch }}#egg=dragonflow" - "git+{{ networking_odl_git_repo }}@{{ networking_odl_git_install_branch }}#egg=networking-odl" - "git+{{ networking_sfc_git_repo }}@{{ networking_sfc_git_install_branch }}#egg=networking-sfc" + - "git+{{ networking_bgpvpn_git_repo }}@{{ networking_bgpvpn_git_install_branch }}#egg=networking-bgpvpn" neutron_bin: "/openstack/venvs/neutron-{{ neutron_venv_tag }}/bin" diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index 86046320..ccfdad8f 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -55,10 +55,16 @@ vars: tox_env: ssl - - job: name: openstack-ansible-odl-sfc-ubuntu-xenial parent: openstack-ansible-functional-ubuntu-xenial voting: false vars: tox_env: odl-sfc + +- job: + name: openstack-ansible-opendaylight-bgpvpn-ubuntu-xenial + parent: openstack-ansible-functional-ubuntu-xenial + voting: false + vars: + tox_env: opendaylight-bgpvpn diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index f2120adc..876dd766 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -27,6 +27,7 @@ - openstack-ansible-ovs-nsh-ubuntu-xenial - openstack-ansible-neutron-ssl-nv - openstack-ansible-odl-sfc-ubuntu-xenial + - openstack-ansible-opendaylight-bgpvpn-ubuntu-xenial experimental: jobs: - openstack-ansible-integrated-deploy-aio