Define networking for Multi-node environments
This commit makes makes possible to have multi-node environments, by having a different way to configure networking. By default, if multi-node is enabled, vxlan encapsulation of the usual traffic will be enabled. If encapsulation is disabled, but multi-node is enabled, the encapsulation sections will be skipped. The deployer should therefore define the variables to plug the bridges into the appropriate interfaces with the variables ``bootstrap_host_bridge_(mgmt|vxlan|storage)_ports`` Change-Id: I6a88b2afa76130575e67601628808b7a573aa834 Signed-off-by: Jean-Philippe Evrard <jean-philippe.evrard@rackspace.co.uk>
This commit is contained in:
parent
5e65a9e2f1
commit
51f4dec329
@ -14,6 +14,7 @@
|
||||
# limitations under the License.
|
||||
|
||||
# Boolean option to implement OpenStack-Ansible configuration for an AIO
|
||||
# Switch to no for a multi-node configuration
|
||||
bootstrap_host_aio_config: yes
|
||||
|
||||
## Swap memory
|
||||
@ -43,7 +44,7 @@ bootstrap_host_loopback_nova: yes
|
||||
# Size of the Nova loopback disk in gigabytes (GB).
|
||||
bootstrap_host_loopback_nova_size: 1024
|
||||
|
||||
## Bridge configuration
|
||||
## Network configuration
|
||||
# The AIO bootstrap configures bridges for use with the AIO deployment.
|
||||
# By default, these bridges are configured to be independent of any physical
|
||||
# interfaces, and they have their 'bridge_ports' set to 'none'. However,
|
||||
@ -60,6 +61,75 @@ bootstrap_host_loopback_nova_size: 1024
|
||||
bootstrap_host_bridge_mgmt_ports: none
|
||||
bootstrap_host_bridge_vxlan_ports: none
|
||||
bootstrap_host_bridge_storage_ports: none
|
||||
bootstrap_host_bridge_vlan_ports: "br-vlan-veth"
|
||||
# This enables the VXLAN encapsulation the traditional bridges
|
||||
# (br-mgmt, br-vxlan, br-storage)
|
||||
bootstrap_host_encapsulation_enabled: "{{ not bootstrap_host_aio_config | bool }}"
|
||||
#
|
||||
# Default network IP ranges
|
||||
mgmt_range: "172.29.236"
|
||||
vxlan_range: "172.29.240"
|
||||
storage_range: "172.29.244"
|
||||
vlan_range: "172.29.248"
|
||||
netmask: "255.255.252.0"
|
||||
#
|
||||
# NICs
|
||||
public_interface: eth0
|
||||
encapsulation_interface: eth1
|
||||
#
|
||||
#Encapsulations
|
||||
bootstrap_host_encapsulation_interfaces:
|
||||
encap-mgmt:
|
||||
id: 236
|
||||
underlay_device: "{{ encapsulation_interface }}"
|
||||
friendly_name: "Encapsulation of br-mgmt with VXLAN"
|
||||
encap-vxlan:
|
||||
id: 240
|
||||
underlay_device: "{{ encapsulation_interface }}"
|
||||
friendly_name: "Encapsulation of br-vxlan with VXLAN"
|
||||
encap-storage:
|
||||
id: 244
|
||||
underlay_device: "{{ encapsulation_interface }}"
|
||||
friendly_name: "Encapsulation of br-storage with VXLAN"
|
||||
encap-vlan:
|
||||
id: 248
|
||||
underlay_device: "{{ encapsulation_interface }}"
|
||||
friendly_name: "Encapsulation of br-vlan with VXLAN"
|
||||
#
|
||||
# Bridges
|
||||
bootstrap_host_bridges_interfaces:
|
||||
br-mgmt:
|
||||
ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-mgmt', bootstrap_host_bridge_mgmt_ports) }}"
|
||||
ip_address_range: "{{ mgmt_range }}"
|
||||
ip_netmask: "{{ netmask }}"
|
||||
br-storage:
|
||||
ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-storage', bootstrap_host_bridge_storage_ports) }}"
|
||||
ip_address_range: "{{ storage_range }}"
|
||||
ip_netmask: "{{ netmask }}"
|
||||
br-vxlan:
|
||||
ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-vxlan', bootstrap_host_bridge_vxlan_ports) }}"
|
||||
ip_address_range: "{{ vxlan_range }}"
|
||||
ip_netmask: "{{ netmask }}"
|
||||
br-vlan:
|
||||
mode: "{{ bridge_vlan_inet_mode | default('static') }}"
|
||||
ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-vxlan', bootstrap_host_bridge_vlan_ports) }}"
|
||||
ip_address_range: "{{ vlan_range }}"
|
||||
ip_netmask: "{{ netmask }}"
|
||||
state_change_scripts: "{{ bridge_vlan_state_change_scripts }}"
|
||||
#
|
||||
# Convenience scripts
|
||||
bridge_vlan_state_change_scripts: |
|
||||
pre-up ip link add br-vlan-veth type veth peer name eth12 || true
|
||||
pre-up ip link set br-vlan-veth up
|
||||
pre-up ip link set eth12 up
|
||||
post-down ip link del br-vlan-veth || true
|
||||
bridge_iptables_rules: |
|
||||
# To ensure ssh checksum is correct
|
||||
up /sbin/iptables -A POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill
|
||||
down /sbin/iptables -D POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill
|
||||
# To provide internet connectivity to instances
|
||||
up /sbin/iptables -t nat -A POSTROUTING -o {{ public_interface }} -j MASQUERADE
|
||||
down /sbin/iptables -t nat -D POSTROUTING -o {{ public_interface }} -j MASQUERADE
|
||||
|
||||
## Extra storage
|
||||
# An AIO may optionally be built using a second storage device. If a
|
||||
|
@ -20,11 +20,21 @@
|
||||
tags:
|
||||
- networking-dir-create
|
||||
|
||||
- name: Copy network configuration
|
||||
- name: Copy AIO network configuration
|
||||
template:
|
||||
src: osa_interfaces.cfg.j2
|
||||
dest: /etc/network/interfaces.d/osa_interfaces.cfg
|
||||
register: osa_interfaces
|
||||
when: bootstrap_host_aio_config | bool
|
||||
tags:
|
||||
- networking-interfaces-file
|
||||
|
||||
- name: Copy multinode network configuration
|
||||
template:
|
||||
src: osa_interfaces_multinode.cfg.j2
|
||||
dest: /etc/network/interfaces.d/osa_interfaces.cfg
|
||||
register: osa_multinode_interfaces
|
||||
when: not bootstrap_host_aio_config | bool
|
||||
tags:
|
||||
- networking-interfaces-file
|
||||
|
||||
@ -37,7 +47,7 @@
|
||||
|
||||
- name: Shut down the network interfaces
|
||||
command: "ifdown {{ item }}"
|
||||
when: osa_interfaces | changed
|
||||
when: osa_interfaces | changed or osa_multinode_interfaces | changed
|
||||
with_items:
|
||||
- br-mgmt
|
||||
- br-storage
|
||||
@ -46,6 +56,24 @@
|
||||
tags:
|
||||
- networking-interfaces-stop
|
||||
|
||||
- name: Shut down the encapsulation network interfaces
|
||||
command: "ifdown {{ item.key }}"
|
||||
when:
|
||||
- osa_multinode_interfaces | changed
|
||||
- bootstrap_host_encapsulation_enabled | bool
|
||||
with_dict: "{{ bootstrap_host_encapsulation_interfaces }}"
|
||||
tags:
|
||||
- networking-interfaces-stop
|
||||
|
||||
- name: Start the encapsulation network interfaces
|
||||
command: "ifup {{ item.key }}"
|
||||
when:
|
||||
- osa_multinode_interfaces | changed
|
||||
- bootstrap_host_encapsulation_enabled | bool
|
||||
with_dict: "{{ bootstrap_host_encapsulation_interfaces }}"
|
||||
tags:
|
||||
- networking-interfaces-start
|
||||
|
||||
- name: Start the network interfaces
|
||||
command: "ifup {{ item }}"
|
||||
when: osa_interfaces | changed
|
||||
@ -56,3 +84,9 @@
|
||||
- br-vxlan
|
||||
tags:
|
||||
- networking-interfaces-start
|
||||
|
||||
- name: Updating the facts due to net changes
|
||||
setup:
|
||||
filter: "ansible_br*"
|
||||
tags:
|
||||
- networking
|
@ -0,0 +1,28 @@
|
||||
{% if bootstrap_host_encapsulation_enabled | bool %}
|
||||
{% for nic_name, nic_details in bootstrap_host_encapsulation_interfaces.iteritems() %}
|
||||
# {{ nic_details.friendly_name }}
|
||||
auto {{ nic_name }}
|
||||
iface {{ nic_name }} inet manual
|
||||
pre-up ip link add {{ nic_name }} type vxlan id {{ nic_details.id }} group 239.0.0.{{ nic_details.id }} dev {{ nic_details.underlay_device }} || true
|
||||
up ip link set $IFACE up
|
||||
down ip link set $IFACE down
|
||||
post-down ip link del {{ nic_name }} || true
|
||||
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{%- for nic_name, nic_details in bootstrap_host_bridges_interfaces.iteritems() -%}
|
||||
auto {{ nic_name }}
|
||||
iface {{ nic_name }} inet {{ nic_details.mode | default('static') }}
|
||||
bridge_stp off
|
||||
bridge_waitport 0
|
||||
bridge_fd 0
|
||||
bridge_ports {{ nic_details.ports }}
|
||||
offload-sg {{ nic_details.offload_sg | default('off') }}
|
||||
{% if nic_details.mode | default('static') == 'static' -%}
|
||||
address {{ nic_details.ip_address_range }}.{{ node_id }}
|
||||
netmask {{ nic_details.ip_netmask }}
|
||||
{% endif %}
|
||||
{%- if nic_details.state_change_scripts is defined %}{{ nic_details.state_change_scripts }}
|
||||
{% endif %}
|
||||
|
||||
{% endfor %}
|
Loading…
x
Reference in New Issue
Block a user