From a378304490122df0cacf6844893daeac57292d9a Mon Sep 17 00:00:00 2001 From: Artur Korzeniewski Date: Tue, 23 May 2017 18:48:40 +0200 Subject: [PATCH] Neutron chart: add tunnel types, bridge mappings and default interfaces Correction of tunnel_types config option in values.yaml, regarding the _openvswitch_agent.ini.tpl layout. Added bridge mappings, since it was lost with auto-generate configs. Removed br-physnet1 and physnet1 in favor of 'external' network config. Removed default network interface, replacing it with search for interface with default gateway for tunneling. The interface for external bridge has to be defined explicitly, otherwise no interface will be added to external bridge automatically. In OVS configuration scripts, added handling null port passed. Change-Id: I90ebe222323b3b1ec8d20a8038c0dfed3de9b58c Closes-Bug: #1686365 Closes-Bug: #1686367 --- .../bin/_neutron-openvswitch-agent.sh.tpl | 7 +++- .../bin/_openvswitch-ensure-configured.sh.tpl | 16 ++++++--- .../bin/_openvswitch-vswitchd.sh.tpl | 2 +- neutron/values.yaml | 36 +++++++++++++------ 4 files changed, 44 insertions(+), 17 deletions(-) diff --git a/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl b/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl index 7b51ce5f44..6f3310577f 100644 --- a/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl +++ b/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl @@ -26,9 +26,14 @@ chown neutron: /run/openvswitch/db.sock # see https://github.com/att-comdev/openstack-helm/issues/88 timeout 3m neutron-sanity-check --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --ovsdb_native --nokeepalived_ipv6_support +tunnel_interface={{ .Values.network.interface.tunnel }} +if [ not $tunnel_interface ] ; then + # search for interface with default routing + tunnel_interface=$(ip r | grep default | grep -oP '(?<=dev ).*') +fi # determine local-ip dynamically based on interface provided but only if tunnel_types is not null -IP=$(ip a s {{ .Values.network.interface.tunnel | default .Values.network.interface.default}} | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}') +IP=$(ip a s $tunnel_interface | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}') cat </tmp/ml2-local-ip.ini [ovs] local_ip = $IP diff --git a/neutron/templates/bin/_openvswitch-ensure-configured.sh.tpl b/neutron/templates/bin/_openvswitch-ensure-configured.sh.tpl index 48671c4ba1..7eb703724c 100644 --- a/neutron/templates/bin/_openvswitch-ensure-configured.sh.tpl +++ b/neutron/templates/bin/_openvswitch-ensure-configured.sh.tpl @@ -14,6 +14,10 @@ # See the License for the specific language governing permissions and # limitations under the License. +{{- if not .Values.ml2 -}}{{- set . "Values.ml2" dict -}}{{- end -}} +{{- if not .Values.ml2.ovs -}}{{- set . "Values.ml2.ovs" dict -}}{{- end -}} +{{- if not .Values.ml2.ovs.auto_bridge_add -}}{{- set . "Values.ml2.ovs.auto_bridge_add" dict -}}{{- end -}} + set -x bridge=$1 @@ -23,12 +27,16 @@ port=$2 # and br-int and br-tun are assumed and handled # by the agent ovs-vsctl --no-wait --may-exist add-br $bridge -ovs-vsctl --no-wait --may-exist add-port $bridge $port -ip link set dev $port up +if [ $port] ; then + ovs-vsctl --no-wait --may-exist add-port $bridge $port + ip link set dev $port up +fi # handle any bridge mappings {{- range $bridge, $port := .Values.ml2.ovs.auto_bridge_add }} ovs-vsctl --no-wait --may-exist add-br {{ $bridge }} -ovs-vsctl --no-wait --may-exist add-port {{ $bridge }} {{ $port }} -ip link set dev {{ $port }} up +if [ {{ $port }} ] ; then + ovs-vsctl --no-wait --may-exist add-port {{ $bridge }} {{ $port }} + ip link set dev {{ $port }} up +fi {{- end}} diff --git a/neutron/templates/bin/_openvswitch-vswitchd.sh.tpl b/neutron/templates/bin/_openvswitch-vswitchd.sh.tpl index c93168ae08..1e0c0d1db0 100644 --- a/neutron/templates/bin/_openvswitch-vswitchd.sh.tpl +++ b/neutron/templates/bin/_openvswitch-vswitchd.sh.tpl @@ -23,5 +23,5 @@ modprobe gre modprobe vxlan ovs-vsctl --no-wait show -bash /tmp/openvswitch-ensure-configured.sh {{ .Values.network.external_bridge }} {{ .Values.network.interface.external | default .Values.network.interface.default }} +bash /tmp/openvswitch-ensure-configured.sh {{ .Values.network.external_bridge }} {{ .Values.network.interface.external }} exec /usr/sbin/ovs-vswitchd unix:/run/openvswitch/db.sock --mlockall -vconsole:emer -vconsole:err -vconsole:info diff --git a/neutron/values.yaml b/neutron/values.yaml index 25b40dae9c..aaf0777326 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -76,8 +76,11 @@ network: external_bridge: br-ex ip_address: 0.0.0.0 interface: - external: enp12s0f0 - default: enp11s0f0 + # External interface will be automatically added to external_bridge. Default is null. + # Tunnel interface will be used for VXLAN tunneling. Default is null, with + # fallback mechanism to search for interface with default routing. + external: null + tunnel: null server: name: "neutron-server" port: 9696 @@ -112,12 +115,14 @@ metadata_agent: metadata: workers: 4 + ml2: ovs: - auto_bridge_add: - br-physnet1: enp11s0f0 - bridge_mappings: - - "physnet1:br-physnet1" + auto_bridge_add: [] +# To automatically add a physical interface to a specific bridge using, +# for example eth3 to bridge br-physnet1 define the following key/value +# in auto_bridge_add: +# - br-physnet1:eth3 dependencies: db_init: @@ -341,10 +346,13 @@ conf: neutron: ml2: flat_networks: "*" - ml2_type_vlan: - neutron: - ml2: - network_vlan_ranges: "physnet1:1100:1110" + # If you want to use the external network as a tagged provider network, + # a range should be specified including the intended VLAN target + # using ml2_type_vlan.neutron.ml2.network_vlan_ranges: + # ml2_type_vlan: + # neutron: + # ml2: + # network_vlan_ranges: "external:1100:1110" ml2_conf_sriov: override: append: @@ -377,12 +385,18 @@ conf: openvswitch_agent: override: append: - ovs: + agent: neutron: ml2: ovs: agent: tunnel_types: vxlan + ovs: + neutron: + ml2: + ovs: + agent: + bridge_mappings: "external:br-ex" ovsdb_connection: unix:/var/run/openvswitch/db.sock securitygroup: neutron: