openstack/openstack-helm
Code Issues Proposed changes

Neutron: SR-IOV support

Browse Source 
This PS adds SR-IOV Support to OSH.

Change-Id: Ia744c6d7c4a45be7728bba3213b50f1246b897db
This commit is contained in:
Pete Birley 2018-02-26 04:39:10 +00:00
parent a310524c9d
commit 86be88e1d9
26 changed files with 677 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
helm-toolkit/templates/utils/_dependency_resolver.tpl
View File

@ -20,7 +20,15 @@ limitations under the License.
{{- $dependencyKey := index . "dependencyKey" -}}
{{- if $dependencyMixinParam -}}
{{- $_ := set $envAll.Values "pod_dependency" dict -}}
{{- if kindIs "string" $dependencyMixinParam }}
{{- $_ := include "helm-toolkit.utils.merge" (tuple $envAll.Values.pod_dependency ( index $envAll.Values.dependencies.static $dependencyKey ) ( index $envAll.Values.dependencies.dynamic.targeted $dependencyMixinParam $dependencyKey ) ) -}}
{{- else if kindIs "slice" $dependencyMixinParam }}
{{- range $k, $v := $dependencyMixinParam -}}
{{- if not $envAll.Values.__deps }}{{- $_ := set $envAll.Values "__deps" ( index $envAll.Values.dependencies.static $dependencyKey ) }}{{- end }}
{{- $_ := include "helm-toolkit.utils.merge" (tuple $envAll.Values.pod_dependency $envAll.Values.__deps ( index $envAll.Values.dependencies.dynamic.targeted $v $dependencyKey ) ) -}}
{{- $_ := set $envAll.Values "__deps" $envAll.Values.pod_dependency -}}
{{- end }}
{{- end }}
{{- else -}}
{{- $_ := set $envAll.Values "pod_dependency" ( index $envAll.Values.dependencies.static $dependencyKey ) -}}
{{- end -}}

2
neutron/templates/bin/_neutron-dhcp-agent.sh.tpl
View File

@ -22,6 +22,6 @@ exec neutron-dhcp-agent \
--config-file /etc/neutron/dhcp_agent.ini \
--config-file /etc/neutron/metadata_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if eq .Values.network.backend "ovs" }} \
{{- if ( has "openvswitch" .Values.network.backend ) }} \
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
{{- end }}

2
neutron/templates/bin/_neutron-l3-agent.sh.tpl
View File

@ -22,6 +22,6 @@ exec neutron-l3-agent \
--config-file /etc/neutron/l3_agent.ini \
--config-file /etc/neutron/metadata_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if eq .Values.network.backend "ovs" }} \
{{- if ( has "openvswitch" .Values.network.backend ) }} \
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
{{- end }}

1
neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
View File

@ -32,7 +32,6 @@ if [ -n "${external_bridge}" ] ; then
fi
fi
# configure all bridge mappings defined in config
{{- range $br, $phys := .Values.network.auto_bridge_add }}
if [ -n "{{- $br -}}" ] ; then

2
neutron/templates/bin/_neutron-metadata-agent.sh.tpl
View File

@ -21,6 +21,6 @@ exec neutron-metadata-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/metadata_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if eq .Values.network.backend "ovs" }} \
{{- if ( has "openvswitch" .Values.network.backend ) }} \
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
{{- end }}

7
neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
View File

@ -29,6 +29,13 @@ chown neutron: /run/openvswitch/db.sock
# see https://github.com/att-comdev/openstack-helm/issues/88
timeout 3m neutron-sanity-check --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --ovsdb_native --nokeepalived_ipv6_support
# handle any bridge mappings
{{- range $bridge, $port := .Values.network.auto_bridge_add }}
ovs-vsctl --no-wait --may-exist add-br {{ $bridge }}
ovs-vsctl --no-wait --may-exist add-port {{ $bridge }} {{ $port }}
ip link set dev {{ $port }} up
{{- end }}
tunnel_interface="{{- .Values.network.interface.tunnel -}}"
if [ -z "${tunnel_interface}" ] ; then
# search for interface with default routing

3
neutron/templates/bin/_neutron-server.sh.tpl
View File

@ -23,6 +23,9 @@ function start () {
exec neutron-server \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if ( has "sriov" .Values.network.backend ) }} \
--config-file /etc/neutron/plugins/ml2/sriov_agent.ini
{{- end }}
}
function stop () {

39
neutron/templates/bin/_neutron-sriov-agent-init.sh.tpl Normal file
View File

@ -0,0 +1,39 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
{{- range $k, $sriov := .Values.network.interface.sriov }}
if [ "x{{ $sriov.num_vfs }}" != "x" ]; then
echo "{{ $sriov.num_vfs }}" > /sys/class/net/{{ $sriov.device }}/device/sriov_numvfs
else
NUM_VFS=$(cat /sys/class/net/{{ $sriov.device }}/device/sriov_totalvfs)
echo "${NUM_VFS}" > /sys/class/net/{{ $sriov.device }}/device/sriov_numvfs
fi
ip link set {{ $sriov.device }} up
ip link show {{ $sriov.device }}
{{- if $sriov.promisc }}
ip link set {{ $sriov.device }} promisc on
#NOTE(portdirect): get the bus that the port is on
NIC_BUS=$(lshw -c network -businfo | awk '/{{ $sriov.device }}/ {print $1}')
#NOTE(portdirect): get first port on the nic
NIC_FIRST_PORT=$(lshw -c network -businfo | awk "/${NIC_BUS%%.*}/ { print \$2; exit }"
#NOTE(portdirect): Enable promisc mode on the nic, by setting it for the 1st port
ethtool --set-priv-flags ${NIC_FIRST_PORT} vf-true-promisc-support on
{{- end }}
{{- end }}

24
neutron/templates/bin/_neutron-sriov-agent.sh.tpl Normal file
View File

@ -0,0 +1,24 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec neutron-sriov-nic-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
--config-file /etc/neutron/plugins/ml2/sriov_agent.ini

4
neutron/templates/configmap-bin.yaml
View File

@ -61,6 +61,10 @@ data:
{{ tuple "bin/_neutron-openvswitch-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-openvswitch-agent-init-modules.sh: |
{{ tuple "bin/_neutron-openvswitch-agent-init-modules.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-sriov-agent.sh: |
{{ tuple "bin/_neutron-sriov-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-sriov-agent-init.sh: |
{{ tuple "bin/_neutron-sriov-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-server.sh: |
{{ tuple "bin/_neutron-server.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |

186
neutron/templates/configmap-etc.yaml
View File

@ -17,113 +17,129 @@ limitations under the License.
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
{{- if empty .Values.conf.neutron.keystone_authtoken.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.neutron.keystone_authtoken "auth_uri" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.keystone_authtoken.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set $envAll.Values.conf.neutron.keystone_authtoken "auth_uri" | quote | trunc 0 -}}
{{- end }}
{{- if empty .Values.conf.neutron.keystone_authtoken.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.neutron.keystone_authtoken "auth_url" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.keystone_authtoken.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set $envAll.Values.conf.neutron.keystone_authtoken "auth_url" | quote | trunc 0 -}}
{{- end }}
{{- if empty .Values.conf.neutron.keystone_authtoken.project_name -}}
{{- set .Values.conf.neutron.keystone_authtoken "project_name" .Values.endpoints.identity.auth.neutron.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.neutron.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.neutron.project_domain_name | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.keystone_authtoken.project_domain_name -}}
{{- set $envAll.Values.conf.neutron.keystone_authtoken "project_domain_name" $envAll.Values.endpoints.identity.auth.neutron.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.neutron.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.neutron.user_domain_name | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.keystone_authtoken.user_domain_name -}}
{{- set $envAll.Values.conf.neutron.keystone_authtoken "user_domain_name" $envAll.Values.endpoints.identity.auth.neutron.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.username -}}
{{- set .Values.conf.neutron.keystone_authtoken "username" .Values.endpoints.identity.auth.neutron.username | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.keystone_authtoken.username -}}
{{- set $envAll.Values.conf.neutron.keystone_authtoken "username" $envAll.Values.endpoints.identity.auth.neutron.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.password -}}
{{- set .Values.conf.neutron.keystone_authtoken "password" .Values.endpoints.identity.auth.neutron.password | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.keystone_authtoken.password -}}
{{- set $envAll.Values.conf.neutron.keystone_authtoken "password" $envAll.Values.endpoints.identity.auth.neutron.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.region_name -}}
{{- set .Values.conf.neutron.keystone_authtoken "region_name" .Values.endpoints.identity.auth.neutron.region_name | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.keystone_authtoken.region_name -}}
{{- set $envAll.Values.conf.neutron.keystone_authtoken "region_name" $envAll.Values.endpoints.identity.auth.neutron.region_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.keystone_authtoken.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.neutron.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.keystone_authtoken.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set $envAll.Values.conf.neutron.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
{{- end }}
{{- if empty .Values.conf.neutron.keystone_authtoken.memcache_secret_key -}}
{{- set .Values.conf.neutron.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.database.connection -}}
{{- tuple "oslo_db" "internal" "neutron" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.neutron.database "connection" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.database.connection -}}
{{- tuple "oslo_db" "internal" "neutron" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set $envAll.Values.conf.neutron.database "connection" | quote | trunc 0 -}}
{{- end }}
{{- if empty .Values.conf.neutron.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "neutron" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.neutron.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "neutron" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set $envAll.Values.conf.neutron.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end }}
{{- if empty .Values.conf.neutron.nova.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.neutron.nova "auth_url" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.nova.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set $envAll.Values.conf.neutron.nova "auth_url" | quote | trunc 0 -}}
{{- end }}
{{- if empty .Values.conf.neutron.nova.region_name -}}
{{- set .Values.conf.neutron.nova "region_name" .Values.endpoints.identity.auth.nova.region_name | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.nova.region_name -}}
{{- set $envAll.Values.conf.neutron.nova "region_name" $envAll.Values.endpoints.identity.auth.nova.region_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.nova.project_name -}}
{{- set .Values.conf.neutron.nova "project_name" .Values.endpoints.identity.auth.nova.project_name | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.nova.project_name -}}
{{- set $envAll.Values.conf.neutron.nova "project_name" $envAll.Values.endpoints.identity.auth.nova.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.nova.project_domain_name -}}
{{- set .Values.conf.neutron.nova "project_domain_name" .Values.endpoints.identity.auth.nova.project_domain_name | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.nova.project_domain_name -}}
{{- set $envAll.Values.conf.neutron.nova "project_domain_name" $envAll.Values.endpoints.identity.auth.nova.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.nova.user_domain_name -}}
{{- set .Values.conf.neutron.nova "user_domain_name" .Values.endpoints.identity.auth.nova.user_domain_name | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.nova.user_domain_name -}}
{{- set $envAll.Values.conf.neutron.nova "user_domain_name" $envAll.Values.endpoints.identity.auth.nova.user_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.nova.username -}}
{{- set .Values.conf.neutron.nova "username" .Values.endpoints.identity.auth.nova.username | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.nova.username -}}
{{- set $envAll.Values.conf.neutron.nova "username" $envAll.Values.endpoints.identity.auth.nova.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.nova.password -}}
{{- set .Values.conf.neutron.nova "password" .Values.endpoints.identity.auth.nova.password | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.nova.password -}}
{{- set $envAll.Values.conf.neutron.nova "password" $envAll.Values.endpoints.identity.auth.nova.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.metadata_agent.DEFAULT.nova_metadata_ip -}}
{{- tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" | set .Values.conf.metadata_agent.DEFAULT "nova_metadata_ip" | quote | trunc 0 -}}
{{- set .Values.conf.metadata_agent.DEFAULT "nova_metadata_port" 80 | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.metadata_agent.DEFAULT.nova_metadata_ip -}}
{{- tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" | set $envAll.Values.conf.metadata_agent.DEFAULT "nova_metadata_ip" | quote | trunc 0 -}}
{{- set $envAll.Values.conf.metadata_agent.DEFAULT "nova_metadata_port" 80 | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.metadata_agent.cache.memcache_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.metadata_agent.cache "memcache_servers" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.metadata_agent.cache.memcache_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set $envAll.Values.conf.metadata_agent.cache "memcache_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.DEFAULT.interface_driver -}}
{{- if eq .Values.network.backend "ovs" -}}
{{- set .Values.conf.neutron.DEFAULT "interface_driver" "openvswitch" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.neutron.DEFAULT.interface_driver -}}
{{- $_ := set $envAll.Values "__interface_driver" ( list ) }}
{{- if ( has "openvswitch" $envAll.Values.network.backend ) -}}
{{ $__interface_driver := append $envAll.Values.__interface_driver "openvswitch" }}
{{- $_ := set $envAll.Values "__interface_driver" $__interface_driver }}
{{- end -}}
{{- if eq .Values.network.backend "linuxbridge" -}}
{{- set .Values.conf.neutron.DEFAULT "interface_driver" "linuxbridge" | quote | trunc 0 -}}
{{- if ( has "linuxbridge" $envAll.Values.network.backend ) -}}
{{ $__interface_driver := append $envAll.Values.__interface_driver "linuxbridge" }}
{{- $_ := set $envAll.Values "__interface_driver" $__interface_driver }}
{{- end -}}
{{- set $envAll.Values.conf.neutron.DEFAULT "interface_driver" $envAll.Values.__interface_driver | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.dhcp_agent.DEFAULT.interface_driver -}}
{{- if eq .Values.network.backend "ovs" -}}
{{- set .Values.conf.dhcp_agent.DEFAULT "interface_driver" "openvswitch" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.dhcp_agent.DEFAULT.interface_driver -}}
{{- $_ := set $envAll.Values "__interface_driver" ( list ) }}
{{- if ( has "openvswitch" $envAll.Values.network.backend ) -}}
{{ $__interface_driver := append $envAll.Values.__interface_driver "openvswitch" }}
{{- $_ := set $envAll.Values "__interface_driver" $__interface_driver }}
{{- end -}}
{{- if eq .Values.network.backend "linuxbridge" -}}
{{- set .Values.conf.dhcp_agent.DEFAULT "interface_driver" "linuxbridge" | quote | trunc 0 -}}
{{- if ( has "linuxbridge" $envAll.Values.network.backend ) -}}
{{ $__interface_driver := append $envAll.Values.__interface_driver "linuxbridge" }}
{{- $_ := set $envAll.Values "__interface_driver" $__interface_driver }}
{{- end -}}
{{- set $envAll.Values.conf.dhcp_agent.DEFAULT "interface_driver" $envAll.Values.__interface_driver | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.l3_agent.DEFAULT.interface_driver -}}
{{- if eq .Values.network.backend "ovs" -}}
{{- set .Values.conf.l3_agent.DEFAULT "interface_driver" "openvswitch" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.l3_agent.DEFAULT.interface_driver -}}
{{- $_ := set $envAll.Values "__interface_driver" ( list ) }}
{{- if ( has "openvswitch" $envAll.Values.network.backend ) -}}
{{ $__interface_driver := append $envAll.Values.__interface_driver "openvswitch" }}
{{- $_ := set $envAll.Values "__interface_driver" $__interface_driver }}
{{- end -}}
{{- if eq .Values.network.backend "linuxbridge" -}}
{{- set .Values.conf.l3_agent.DEFAULT "interface_driver" "linuxbridge" | quote | trunc 0 -}}
{{- if ( has "linuxbridge" $envAll.Values.network.backend ) -}}
{{ $__interface_driver := append $envAll.Values.__interface_driver "linuxbridge" }}
{{- $_ := set $envAll.Values "__interface_driver" $__interface_driver }}
{{- end -}}
{{- set $envAll.Values.conf.l3_agent.DEFAULT "interface_driver" $envAll.Values.__interface_driver | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.plugins.ml2_conf.ml2.mechanism_drivers -}}
{{- if eq .Values.network.backend "ovs" -}}
{{- set .Values.conf.plugins.ml2_conf.ml2 "mechanism_drivers" "openvswitch,l2population" | quote | trunc 0 -}}
{{- if empty $envAll.Values.conf.plugins.ml2_conf.ml2.mechanism_drivers -}}
{{- $_ := set $envAll.Values "__mechanism_drivers" ( list "l2population" ) }}
{{- if ( has "openvswitch" $envAll.Values.network.backend ) -}}
{{ $__mechanism_drivers := append $envAll.Values.__mechanism_drivers "openvswitch" }}
{{- $_ := set $envAll.Values "__mechanism_drivers" $__mechanism_drivers }}
{{- end -}}
{{- if eq .Values.network.backend "linuxbridge" -}}
{{- set .Values.conf.plugins.ml2_conf.ml2 "mechanism_drivers" "linuxbridge,l2population" | quote | trunc 0 -}}
{{- if ( has "linuxbridge" $envAll.Values.network.backend ) -}}
{{ $__mechanism_drivers := append $envAll.Values.__mechanism_drivers "linuxbridge" }}
{{- $_ := set $envAll.Values "__mechanism_drivers" $__mechanism_drivers }}
{{- end -}}
{{- set $envAll.Values.conf.plugins.ml2_conf.ml2 "mechanism_drivers" $envAll.Values.__mechanism_drivers | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.neutron.DEFAULT.bind_port -}}
@ -137,56 +153,56 @@ metadata:
name: neutron-etc
data:
rally_tests.yaml: |
{{ toYaml .Values.conf.rally_tests.tests | indent 4 }}
{{ toYaml $envAll.Values.conf.rally_tests.tests | indent 4 }}
api-paste.ini: |
{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }}
{{ include "helm-toolkit.utils.to_ini" $envAll.Values.conf.paste | indent 4 }}
policy.json: |
{{ toJson .Values.conf.policy | indent 4 }}
{{ toJson $envAll.Values.conf.policy | indent 4 }}
neutron.conf: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.neutron | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.neutron | indent 4 }}
dhcp_agent.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.dhcp_agent | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.dhcp_agent | indent 4 }}
l3_agent.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.l3_agent | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.l3_agent | indent 4 }}
metadata_agent.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.metadata_agent | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.metadata_agent | indent 4 }}
metering_agent.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.metering_agent | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.metering_agent | indent 4 }}
ml2_conf.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.plugins.ml2_conf | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.ml2_conf | indent 4 }}
ml2_conf_sriov.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.plugins.ml2_conf_sriov | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.ml2_conf_sriov | indent 4 }}
macvtap_agent.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.plugins.macvtap_agent | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.macvtap_agent | indent 4 }}
linuxbridge_agent.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.plugins.linuxbridge_agent | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.linuxbridge_agent | indent 4 }}
openvswitch_agent.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.plugins.openvswitch_agent | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.openvswitch_agent | indent 4 }}
sriov_agent.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.plugins.sriov_agent | indent 4 }}
{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.sriov_agent | indent 4 }}
dnsmasq.conf: ""
neutron_sudoers: |
{{- tuple .Values.conf.neutron_sudoers "etc/_neutron_sudoers.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.neutron_sudoers "etc/_neutron_sudoers.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
rootwrap.conf: |
{{- tuple .Values.conf.rootwrap "etc/_rootwrap.conf.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap "etc/_rootwrap.conf.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
debug.filters: |
{{- tuple .Values.conf.rootwrap_filters.debug "etc/rootwrap.d/_debug.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.debug "etc/rootwrap.d/_debug.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
dibbler.filters: |
{{- tuple .Values.conf.rootwrap_filters.dibbler "etc/rootwrap.d/_dibbler.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.dibbler "etc/rootwrap.d/_dibbler.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
ipset-firewall.filters: |
{{- tuple .Values.conf.rootwrap_filters.ipset_firewall "etc/rootwrap.d/_ipset-firewall.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.ipset_firewall "etc/rootwrap.d/_ipset-firewall.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
l3.filters: |
{{- tuple .Values.conf.rootwrap_filters.l3 "etc/rootwrap.d/_l3.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.l3 "etc/rootwrap.d/_l3.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
netns-cleanup.filters: |
{{- tuple .Values.conf.rootwrap_filters.netns_cleanup "etc/rootwrap.d/_netns-cleanup.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.netns_cleanup "etc/rootwrap.d/_netns-cleanup.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
dhcp.filters: |
{{- tuple .Values.conf.rootwrap_filters.dhcp "etc/rootwrap.d/_dhcp.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.dhcp "etc/rootwrap.d/_dhcp.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
ebtables.filters: |
{{- tuple .Values.conf.rootwrap_filters.ebtables "etc/rootwrap.d/_ebtables.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.ebtables "etc/rootwrap.d/_ebtables.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
iptables-firewall.filters: |
{{- tuple .Values.conf.rootwrap_filters.iptables_firewall "etc/rootwrap.d/_iptables-firewall.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.iptables_firewall "etc/rootwrap.d/_iptables-firewall.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
linuxbridge-plugin.filters: |
{{- tuple .Values.conf.rootwrap_filters.linuxbridge_plugin "etc/rootwrap.d/_linuxbridge-plugin.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.linuxbridge_plugin "etc/rootwrap.d/_linuxbridge-plugin.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
openvswitch-plugin.filters: |
{{- tuple .Values.conf.rootwrap_filters.openvswitch_plugin "etc/rootwrap.d/_openvswitch-plugin.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- tuple $envAll.Values.conf.rootwrap_filters.openvswitch_plugin "etc/rootwrap.d/_openvswitch-plugin.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
{{- end }}

4
neutron/templates/daemonset-dhcp-agent.yaml
View File

@ -70,7 +70,7 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
{{- if eq .Values.network.backend "ovs" }}
{{- if ( has "openvswitch" .Values.network.backend ) }}
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
subPath: openvswitch_agent.ini
@ -153,7 +153,7 @@ spec:
configMap:
name: neutron-etc
defaultMode: 0444
{{- if eq .Values.network.backend "ovs" }}
{{- if ( has "openvswitch" .Values.network.backend ) }}
- name: runopenvswitch
hostPath:
path: /run/openvswitch

4
neutron/templates/daemonset-l3-agent.yaml
View File

@ -70,7 +70,7 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
{{- if eq .Values.network.backend "ovs" }}
{{- if ( has "openvswitch" .Values.network.backend ) }}
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
subPath: openvswitch_agent.ini
@ -152,7 +152,7 @@ spec:
configMap:
name: neutron-etc
defaultMode: 0444
{{- if eq .Values.network.backend "ovs" }}
{{- if ( has "openvswitch" .Values.network.backend ) }}
- name: runopenvswitch
hostPath:
path: /run/openvswitch

2
neutron/templates/daemonset-lb-agent.yaml
View File

@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.daemonset_lb_agent ( eq .Values.network.backend "linuxbridge" ) }}
{{- if and .Values.manifests.daemonset_lb_agent ( has "linuxbridge" .Values.network.backend ) }}
{{- $envAll := . }}
{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "lb_agent" -}}

4
neutron/templates/daemonset-metadata-agent.yaml
View File

@ -92,7 +92,7 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
{{- if eq .Values.network.backend "ovs" }}
{{- if ( has "openvswitch" .Values.network.backend ) }}
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
subPath: openvswitch_agent.ini
@ -167,7 +167,7 @@ spec:
configMap:
name: neutron-etc
defaultMode: 0444
{{- if eq .Values.network.backend "ovs" }}
{{- if ( has "openvswitch" .Values.network.backend ) }}
- name: runopenvswitch
hostPath:
path: /run/openvswitch

2
neutron/templates/daemonset-ovs-agent.yaml
View File

@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.daemonset_ovs_agent ( eq .Values.network.backend "ovs" ) }}
{{- if and .Values.manifests.daemonset_ovs_agent ( has "openvswitch" .Values.network.backend ) }}
{{- $envAll := . }}
{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "ovs_agent" -}}

233
neutron/templates/daemonset-sriov-agent.yaml Normal file
View File

@ -0,0 +1,233 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.daemonset_sriov_agent ( has "sriov" .Values.network.backend ) }}
{{- $envAll := . }}
{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "sriov_agent" -}}
{{- $dependencies := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }}
{{- $mounts_neutron_sriov_agent := .Values.pod.mounts.neutron_sriov_agent.neutron_sriov_agent }}
{{- $mounts_neutron_sriov_agent_init := .Values.pod.mounts.neutron_sriov_agent.init_container }}
{{- $serviceAccountName := "neutron-sriov-agent" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: neutron-sriov-agent
spec:
{{ tuple $envAll "sriov_agent" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "neutron" "neutron-sriov-agent" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
serviceAccountName: {{ $serviceAccountName }}
nodeSelector:
{{ .Values.labels.sriov.node_selector_key }}: {{ .Values.labels.sriov.node_selector_value }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
initContainers:
{{ tuple $envAll $dependencies $mounts_neutron_sriov_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: neutron-sriov-agent-init
image: {{ .Values.images.tags.neutron_sriov_agent_init }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.agent.sriov | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
privileged: true
runAsUser: 0
command:
- /tmp/neutron-sriov-agent-init.sh
volumeMounts:
- name: neutron-bin
mountPath: /tmp/neutron-sriov-agent-init.sh
subPath: neutron-sriov-agent-init.sh
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
- name: neutron-etc
mountPath: /etc/neutron/neutron.conf
subPath: neutron.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/sriov_agent.ini
subPath: sriov_agent.ini
readOnly: true
- name: neutron-etc
# NOTE (Portdirect): We mount here to override Kollas
# custom sudoers file when using Kolla images, this
# location will also work fine for other images.
mountPath: /etc/sudoers.d/kolla_neutron_sudoers
subPath: neutron_sudoers
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.conf
subPath: rootwrap.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/debug.filters
subPath: debug.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dibbler.filters
subPath: dibbler.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ipset-firewall.filters
subPath: ipset-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/l3.filters
subPath: l3.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/netns-cleanup.filters
subPath: netns-cleanup.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dhcp.filters
subPath: dhcp.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ebtables.filters
subPath: ebtables.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/iptables-firewall.filters
subPath: iptables-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/linuxbridge-plugin.filters
subPath: linuxbridge-plugin.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters
readOnly: true
- name: run
mountPath: /run
{{ if $mounts_neutron_sriov_agent.volumeMounts }}{{ toYaml $mounts_neutron_sriov_agent.volumeMounts | indent 12 }}{{ end }}
containers:
- name: neutron-sriov-agent
image: {{ .Values.images.tags.neutron_sriov_agent }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.agent.sriov | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
runAsUser: {{ .Values.pod.user.neutron.uid }}
privileged: true
command:
- /tmp/neutron-sriov-agent.sh
volumeMounts:
- name: neutron-bin
mountPath: /tmp/neutron-sriov-agent.sh
subPath: neutron-sriov-agent.sh
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
- name: neutron-etc
mountPath: /etc/neutron/neutron.conf
subPath: neutron.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/sriov_agent.ini
subPath: sriov_agent.ini
readOnly: true
- name: neutron-etc
# NOTE (Portdirect): We mount here to override Kollas
# custom sudoers file when using Kolla images, this
# location will also work fine for other images.
mountPath: /etc/sudoers.d/kolla_neutron_sudoers
subPath: neutron_sudoers
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.conf
subPath: rootwrap.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/debug.filters
subPath: debug.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dibbler.filters
subPath: dibbler.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ipset-firewall.filters
subPath: ipset-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/l3.filters
subPath: l3.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/netns-cleanup.filters
subPath: netns-cleanup.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dhcp.filters
subPath: dhcp.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ebtables.filters
subPath: ebtables.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/iptables-firewall.filters
subPath: iptables-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/linuxbridge-plugin.filters
subPath: linuxbridge-plugin.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters
readOnly: true
- name: run
mountPath: /run
{{ if $mounts_neutron_sriov_agent.volumeMounts }}{{ toYaml $mounts_neutron_sriov_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-shared
emptyDir: {}
- name: neutron-bin
configMap:
name: neutron-bin
defaultMode: 0555
- name: neutron-etc
configMap:
name: neutron-etc
defaultMode: 0444
- name: run
hostPath:
path: /run
- name: host-rootfs
hostPath:
path: /
{{ if $mounts_neutron_sriov_agent.volumes }}{{ toYaml $mounts_neutron_sriov_agent.volumes | indent 8 }}{{ end }}
{{- end }}

6
neutron/templates/deployment-server.yaml
View File

@ -84,6 +84,12 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
{{ if ( has "sriov" .Values.network.backend ) }}
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/sriov_agent.ini
subPath: sriov_agent.ini
readOnly: true
{{ end }}
- name: neutron-etc
mountPath: /etc/neutron/api-paste.ini
subPath: api-paste.ini

55
neutron/values.yaml
View File

@ -36,6 +36,8 @@ images:
neutron_l3: docker.io/openstackhelm/neutron:newton
neutron_openvswitch_agent: docker.io/openstackhelm/neutron:newton
neutron_linuxbridge_agent: docker.io/openstackhelm/neutron:newton
neutron_sriov_agent: docker.io/openstackhelm/neutron:newton-sriov-1804
neutron_sriov_agent_init: docker.io/openstackhelm/neutron:newton-sriov-1804
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
pull_policy: "IfNotPresent"
@ -56,13 +58,16 @@ labels:
lb:
node_selector_key: linuxbridge
node_selector_value: enabled
# ovs is a special case, requiring a special
# openvswitch is a special case, requiring a special
# label that can apply to both control hosts
# and compute hosts, until we get more sophisticated
# with our daemonset scheduling
ovs:
node_selector_key: openvswitch
node_selector_value: enabled
sriov:
node_selector_key: sriov
node_selector_value: enabled
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
@ -72,8 +77,9 @@ labels:
network:
# provide what type of network wiring will be used
# possible options: ovs, linuxbridge
backend: ovs
# possible options: openvswitch, linuxbridge, sriov
backend:
- openvswitch
external_bridge: br-ex
ip_address: 0.0.0.0
interface:
@ -94,6 +100,12 @@ network:
# br-physnet1: eth3
# br0: if0
# br1: iface_two
sriov:
# To perform setup of network interfaces using the SR-IOV init
# container you can use a section similar to:
# sriov:
# - device: ${DEV}
# num_vfs: 8
server:
ingress:
public: true
@ -114,7 +126,7 @@ bootstrap:
dependencies:
dynamic:
targeted:
ovs:
openvswitch:
dhcp:
daemonset:
- neutron-ovs-agent
@ -134,6 +146,18 @@ dependencies:
metadata:
daemonset:
- neutron-lb-agent
lb_agent:
daemonset: null
sriov:
dhcp:
daemonset:
- neutron-sriov-agent
l3:
daemonset:
- neutron-sriov-agent
metadata:
daemonset:
- neutron-sriov-agent
static:
bootstrap:
services:
@ -196,6 +220,7 @@ dependencies:
- endpoint: internal
service: compute
lb_agent:
daemonset: null
jobs:
- neutron-rabbit-init
services:
@ -278,6 +303,9 @@ pod:
neutron_ovs_agent:
init_container: null
neutron_ovs_agent:
neutron_sriov_agent:
init_container: null
neutron_sriov_agent:
neutron_tests:
init_container: null
neutron_tests:
@ -316,6 +344,10 @@ pod:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
sriov_agent:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
disruption_budget:
server:
min_available: 0
@ -360,6 +392,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
sriov:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
server:
requests:
memory: "128Mi"
@ -1032,7 +1071,12 @@ conf:
l2_population: True
arp_responder: True
macvtap_agent: null
sriov_agent: null
sriov_agent:
securitygroup:
firewall_driver: neutron.agent.firewall.NoopFirewallDriver
sriov_nic:
physical_device_mappings: physnet2:enp3s0f1
exclude_devices: null
dhcp_agent:
DEFAULT:
#(NOTE)portdirect: if unset this is populated dyanmicly from the value in
@ -1229,6 +1273,7 @@ manifests:
daemonset_lb_agent: true
daemonset_metadata_agent: true
daemonset_ovs_agent: true
daemonset_sriov_agent: true
deployment_server: true
ingress_server: true
job_bootstrap: true

4
nova/templates/daemonset-compute.yaml
View File

@ -302,9 +302,11 @@ spec:
{{- $daemonset := "compute" }}
{{- $configMapName := "nova-etc" }}
{{- $serviceAccountName := "nova-compute" }}
{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "compute" -}}
{{- $dependencies := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }}
{{ tuple . $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName $dependencies . | include "nova.compute.daemonset" | toString | fromYaml }}
{{- $configmap_yaml := "nova.configmap.etc" }}
{{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }}

11
nova/values.yaml
View File

@ -125,7 +125,10 @@ bootstrap:
vcpus: 8
network:
backend: ovs
# provide what type of network wiring will be used
# possible options: openvswitch, linuxbridge, sriov
backend:
- openvswitch
osapi:
port: 8774
ingress:
@ -180,7 +183,7 @@ ceph:
dependencies:
dynamic:
targeted:
ovs:
openvswitch:
compute:
daemonset:
- neutron-ovs-agent
@ -188,6 +191,10 @@ dependencies:
compute:
daemonset:
- neutron-lb-agent
sriov:
compute:
daemonset:
- neutron-sriov-agent
static:
api:
jobs:

12
tools/images/openstack/newton/loci.sh
View File

@ -82,6 +82,18 @@ sudo docker exec docker-in-docker docker build --force-rm --pull --no-cache \
--tag docker.io/openstackhelm/neutron:${IMAGE_TAG}
sudo docker exec docker-in-docker docker push docker.io/openstackhelm/neutron:${IMAGE_TAG}
sudo docker exec docker-in-docker docker build --force-rm --pull --no-cache \
https://git.openstack.org/openstack/loci.git \
--build-arg PROJECT=neutron \
--build-arg FROM=docker.io/ubuntu:18.04 \
--build-arg PROJECT_REF=${OPENSTACK_VERSION} \
--build-arg PROFILES="neutron linuxbridge openvswitch" \
--build-arg PIP_PACKAGES="pycrypto" \
--build-arg DIST_PACKAGES="ethtool lshw" \
--build-arg WHEELS=openstackhelm/requirements:${IMAGE_TAG} \
--tag docker.io/openstackhelm/neutron:${IMAGE_TAG}-sriov-1804
sudo docker exec docker-in-docker docker push docker.io/openstackhelm/neutron:${IMAGE_TAG}-sriov-1804
sudo docker exec docker-in-docker docker build --force-rm --pull --no-cache \
https://git.openstack.org/openstack/loci.git \
--build-arg PROJECT=nova \

12
tools/images/openstack/ocata/loci.sh
View File

@ -82,6 +82,18 @@ sudo docker exec docker-in-docker docker build --force-rm --pull --no-cache \
--tag docker.io/openstackhelm/neutron:${IMAGE_TAG}
sudo docker exec docker-in-docker docker push docker.io/openstackhelm/neutron:${IMAGE_TAG}
sudo docker exec docker-in-docker docker build --force-rm --pull --no-cache \
https://git.openstack.org/openstack/loci.git \
--build-arg PROJECT=neutron \
--build-arg FROM=docker.io/ubuntu:18.04 \
--build-arg PROJECT_REF=${OPENSTACK_VERSION} \
--build-arg PROFILES="neutron linuxbridge openvswitch" \
--build-arg PIP_PACKAGES="pycrypto" \
--build-arg DIST_PACKAGES="ethtool lshw" \
--build-arg WHEELS=openstackhelm/requirements:${IMAGE_TAG} \
--tag docker.io/openstackhelm/neutron:${IMAGE_TAG}-sriov-1804
sudo docker exec docker-in-docker docker push docker.io/openstackhelm/neutron:${IMAGE_TAG}-sriov-1804
sudo docker exec docker-in-docker docker build --force-rm --pull --no-cache \
https://git.openstack.org/openstack/loci.git \
--build-arg PROJECT=nova \

151
tools/overrides/backends/networking/compute-kit-sr-iov.sh Executable file
View File

@ -0,0 +1,151 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#NOTE(portdirect): This file is included as an example of how to deploy
# nova and neutron with ovs and sr-iov active. It will not work without
# modification for your environment.
set -xe
#NOTE: Pull images and lint chart
make pull-images nova
make pull-images neutron
SRIOV_DEV1=enp3s0f0
SRIOV_DEV2=enp66s0f1
OVSBR=vlan92
#NOTE: Deploy nova
: ${OSH_EXTRA_HELM_ARGS:=""}
tee /tmp/nova.yaml << EOF
network:
backend:
- openvswitch
- sriov
conf:
nova:
DEFAULT:
debug: True
vcpu_pin_set: 4,8,12,16,20,24,28,32,36,40,44,48,52,56,60,5,9,13,17,21,25,29,33,37,41,45,49,53,57,61
vif_plugging_is_fatal: False
vif_plugging_timeout: 30
pci:
alias: '{"name": "numa0", "capability_type": "pci", "product_id": "10fb", "vendor_id": "8086", "device_type": "type-PCI", "numa_policy": "required"}'
passthrough_whitelist: |
[{"address": "0000:03:10.0", "physical_network": "physnet1"}, {"address": "0000:03:10.2", "physical_network": "physnet1"}, {"address": "0000:03:10.4", "physical_network": "physnet1"}, {"address": "0000:03:10.6", "physical_network": "physnet1"}, {"address": "0000:03:11.0", "physical_network": "physnet1"}, {"address": "0000:03:11.2", "physical_network": "physnet1"}, {"address": "0000:03:11.4", "physical_network": "physnet1"}, {"address": "0000:03:11.6", "physical_network": "physnet1"}, {"address": "0000:03:12.0", "physical_network": "physnet1"}, {"address": "0000:03:12.2", "physical_network": "physnet1"}, {"address": "0000:03:12.4", "physical_network": "physnet1"}, {"address": "0000:03:12.6", "physical_network": "physnet1"}, {"address": "0000:03:13.0", "physical_network": "physnet1"}, {"address": "0000:03:13.2", "physical_network": "physnet1"}, {"address": "0000:03:13.4", "physical_network": "physnet1"}, {"address": "0000:03:13.6", "physical_network": "physnet1"}, {"address": "0000:03:14.0", "physical_network": "physnet1"}, {"address": "0000:03:14.2", "physical_network": "physnet1"}, {"address": "0000:03:14.4", "physical_network": "physnet1"}, {"address": "0000:03:14.6", "physical_network": "physnet1"}, {"address": "0000:03:15.0", "physical_network": "physnet1"}, {"address": "0000:03:15.2", "physical_network": "physnet1"}, {"address": "0000:03:15.4", "physical_network": "physnet1"}, {"address": "0000:03:15.6", "physical_network": "physnet1"}, {"address": "0000:03:16.0", "physical_network": "physnet1"}, {"address": "0000:03:16.2", "physical_network": "physnet1"}, {"address": "0000:03:16.4", "physical_network": "physnet1"}, {"address": "0000:03:16.6", "physical_network": "physnet1"}, {"address": "0000:03:17.0", "physical_network": "physnet1"}, {"address": "0000:03:17.2", "physical_network": "physnet1"}, {"address": "0000:03:17.4", "physical_network": "physnet1"}, {"address": "0000:03:17.6", "physical_network": "physnet1"}, {"address": "0000:42:10.1", "physical_network": "physnet2"}, {"address": "0000:42:10.3", "physical_network": "physnet2"}, {"address": "0000:42:10.5", "physical_network": "physnet2"}, {"address": "0000:42:10.7", "physical_network": "physnet2"}, {"address": "0000:42:11.1", "physical_network": "physnet2"}, {"address": "0000:42:11.3", "physical_network": "physnet2"}, {"address": "0000:42:11.5", "physical_network": "physnet2"}, {"address": "0000:42:11.7", "physical_network": "physnet2"}, {"address": "0000:42:12.1", "physical_network": "physnet2"}, {"address": "0000:42:12.3", "physical_network": "physnet2"}, {"address": "0000:42:12.5", "physical_network": "physnet2"}, {"address": "0000:42:12.7", "physical_network": "physnet2"}, {"address": "0000:42:13.1", "physical_network": "physnet2"}, {"address": "0000:42:13.3", "physical_network": "physnet2"}, {"address": "0000:42:13.5", "physical_network": "physnet2"}, {"address": "0000:42:13.7", "physical_network": "physnet2"}, {"address": "0000:42:14.1", "physical_network": "physnet2"}, {"address": "0000:42:14.3", "physical_network": "physnet2"}, {"address": "0000:42:14.5", "physical_network": "physnet2"}, {"address": "0000:42:14.7", "physical_network": "physnet2"}, {"address": "0000:42:15.1", "physical_network": "physnet2"}, {"address": "0000:42:15.3", "physical_network": "physnet2"}, {"address": "0000:42:15.5", "physical_network": "physnet2"}, {"address": "0000:42:15.7", "physical_network": "physnet2"}, {"address": "0000:42:16.1", "physical_network": "physnet2"}, {"address": "0000:42:16.3", "physical_network": "physnet2"}, {"address": "0000:42:16.5", "physical_network": "physnet2"}, {"address": "0000:42:16.7", "physical_network": "physnet2"}, {"address": "0000:42:17.1", "physical_network": "physnet2"}, {"address": "0000:42:17.3", "physical_network": "physnet2"}, {"address": "0000:42:17.5", "physical_network": "physnet2"}, {"address": "0000:42:17.7", "physical_network": "physnet2"}]
filter_scheduler:
enabled_filters: "RetryFilter, AvailabilityZoneFilter, RamFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter, PciPassthroughFilter, NUMATopologyFilter, DifferentHostFilter, SameHostFilter"
EOF
if [ "x$(systemd-detect-virt)" == "xnone" ]; then
echo 'OSH is not being deployed in virtualized environment'
helm upgrade --install nova ./nova \
--namespace=openstack \
--values /tmp/nova.yaml \
${OSH_EXTRA_HELM_ARGS}
else
echo 'OSH is being deployed in virtualized environment, using qemu for nova'
helm upgrade --install nova ./nova \
--namespace=openstack \
--set conf.nova.libvirt.virt_type=qemu \
--values /tmp/nova.yaml \
${OSH_EXTRA_HELM_ARGS}
fi
#NOTE: Deploy neutron
tee /tmp/neutron.yaml << EOF
network:
backend:
- openvswitch
- sriov
interface:
tunnel: docker0
sriov:
- device: ${SRIOV_DEV1}
num_vfs: 32
promisc: false
- device: ${SRIOV_DEV2}
num_vfs: 32
promisc: false
auto_bridge_add:
br-physnet3: ${OVSBR}
conf:
neutron:
DEFAULT:
debug: True
l3_ha: False
min_l3_agents_per_router: 1
max_l3_agents_per_router: 1
l3_ha_network_type: vxlan
dhcp_agents_per_network: 1
plugins:
ml2_conf:
ml2:
mechanism_drivers: openvswitch,sriovnicswitch,l2population
ml2_type_flat:
flat_networks: public
type_drivers: vlan,flat,vxlan
mechanism_drivers: openvswitch,sriovnicswitch,l2population
tenant_network_types: vxlan
ml2_type_vlan:
network_vlan_ranges: physnet1:20:30,physnet2:20:30
#NOTE(portdirect): for clarity we include options for all the neutron
# backends here.
openvswitch_agent:
agent:
tunnel_types: vxlan
ovs:
bridge_mappings: "public:br-ex,physnet3:br-physnet3"
linuxbridge_agent:
linux_bridge:
bridge_mappings: "public:br-ex,physnet1:br-physnet1"
sriov_agent:
sriov_nic:
physical_device_mappings: physnet1:${SRIOV_DEV1},physnet2:${SRIOV_DEV2}
exclude_devices: null
EOF
kubectl label node cab24-r820-14 --overwrite=true sriov=enabled
kubectl label node cab24-r820-15 --overwrite=true sriov=enabled
helm upgrade --install neutron ./neutron \
--namespace=openstack \
--values=/tmp/neutron.yaml \
${OSH_EXTRA_HELM_ARGS}
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack
#NOTE: Validate Deployment info
export OS_CLOUD=openstack_helm
openstack service list
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
openstack hypervisor list
openstack network agent list
#NOTE: Exercise the deployment
openstack network create test
NET_ID=$(openstack network show test -f value -c id)
openstack subnet create --subnet-range "172.24.4.0/24" --network ${NET_ID} test
openstack port create --network ${NET_ID} --fixed-ip subnet=test,ip-address="172.24.4.10" --binding-profile vnic_type=direct sriov_port
PORT_ID=$(openstack port show sriov_port -f value -c id)
# NOTE(portdirect): We do this fancy, and seemingly pointless, footwork to get
# the full image name for the cirros Image without having to be explicit.
export IMAGE_NAME=$(openstack image show -f value -c name \
$(openstack image list -f csv | awk -F ',' '{ print $2 "," $1 }' | \
grep "^\"Cirros" | head -1 | awk -F ',' '{ print $2 }' | tr -d '"'))
openstack server create --flavor m1.tiny --image "${IMAGE_NAME}" --nic port-id=${PORT_ID} test-sriov

3
tools/overrides/backends/networking/linuxbridge.yaml
View File

@ -18,4 +18,5 @@
# It should be kept to the bare minimum required for this purpose.
network:
backend: linuxbridge
backend:
- linuxbridge

2
tools/overrides/releases/ocata/loci.yaml
View File

@ -54,6 +54,8 @@ images:
neutron_metadata: 'docker.io/openstackhelm/neutron:ocata'
neutron_openvswitch_agent: 'docker.io/openstackhelm/neutron:ocata'
neutron_server: 'docker.io/openstackhelm/neutron:ocata'
neutron_sriov_agent: 'docker.io/openstackhelm/neutron:ocata-sriov-1804'
neutron_sriov_agent_init: 'docker.io/openstackhelm/neutron:ocata-sriov-1804'
nova_api: 'docker.io/openstackhelm/nova:ocata'
nova_cell_setup: 'docker.io/openstackhelm/nova:ocata'
nova_compute: 'docker.io/openstackhelm/nova:ocata'