Neutron: add linuxbridge daemonset and config script

Adding daemonset for Linux bridge. Using node selector
"linuxbridge enabled".

network.backend added in neutron/values.yaml to support scenario for
different SDNs using the same networking software, like OVS is used
for reference Neutron L2 agent, ODL, OVN and SONA. The other option for
network.backend can be linuxbridge and calico.
network.backend impacts configuration of DHCP, L3 and metadata agents.
Those agents are dependent on ovsdb_connection flag (officially it is
placed in openvswitch_agent.ini file).

Added daemonset_lb_agent flag in manifests section. Currently
OVS and LinuxBridge L2 agents can be turned on/off to be deployed.
OVS L2 agent and OVS as a network virtualization SW can be deployed
independently.

Removed conf.neutron.default.neutron.interface_driver, since it was not
used anywhere.

Marked places in neutron/values.yaml where changes are needed in order
to use linuxbridge for:
- neutron.conf interface_driver
- ML2 mechanism driver
- dhcp and l3 agents interface_driver

Added example of neutron values overrides in:
tools/overrides/mvp/neutron-linuxbridge.yaml

Change-Id: I7cdcfaa9a73af392a0d45f7df29b7b3ae3cc4c76
Implements: blueprint support-linux-bridge-on-neutron
This commit is contained in:
Artur Korzeniewski 2017-08-29 11:51:40 +02:00
parent 10591db58c
commit aaedb4a150
13 changed files with 509 additions and 10 deletions

View File

@ -20,5 +20,7 @@ set -x
exec neutron-dhcp-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/dhcp_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if eq .Values.network.backend "ovs" }} \
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
{{- end }}

View File

@ -20,5 +20,7 @@ set -x
exec neutron-l3-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/l3_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if eq .Values.network.backend "ovs" }} \
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
{{- end }}

View File

@ -0,0 +1,65 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
modprobe ebtables
# configure external bridge
external_bridge="{{- .Values.network.external_bridge -}}"
external_interface="{{- .Values.network.interface.external -}}"
if [ -n "${external_bridge}" ] ; then
# adding existing bridge would break out the script when -e is set
set +e
ip link add name $external_bridge type bridge
set -e
ip link set dev $external_bridge up
if [ -n "$external_interface" ] ; then
ip link set dev $external_interface master $external_bridge
fi
fi
# configure all bridge mappings defined in config
{{- range $br, $phys := .Values.network.auto_bridge_add }}
if [ -n "{{- $br -}}" ] ; then
# adding existing bridge would break out the script when -e is set
set +e
ip link add name {{ $br }} type bridge
set -e
ip link set dev {{ $br }} up
if [ -n "{{- $phys -}}" ] ; then
ip link set dev {{ $phys }} master {{ $br }}
fi
fi
{{- end }}
tunnel_interface="{{- .Values.network.interface.tunnel -}}"
if [ -z "${tunnel_interface}" ] ; then
# search for interface with default routing
# If there is not default gateway, exit
tunnel_interface=$(ip r | grep default | grep -oP '(?<=dev ).*') || exit 1
fi
# determine local-ip dynamically based on interface provided but only if tunnel_types is not null
IP=$(ip a s $tunnel_interface | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}')
cat <<EOF>/tmp/pod-shared/ml2-local-ip.ini
[vxlan]
local_ip = $IP
EOF

View File

@ -0,0 +1,25 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec neutron-linuxbridge-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
--config-file /tmp/pod-shared/ml2-local-ip.ini \
--config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini

View File

@ -20,5 +20,7 @@ set -x
exec neutron-metadata-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/metadata_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if eq .Values.network.backend "ovs" }} \
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
{{- end }}

View File

@ -43,6 +43,10 @@ data:
{{ tuple "bin/_neutron-dhcp-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-l3-agent.sh: |+
{{ tuple "bin/_neutron-l3-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-linuxbridge-agent.sh: |+
{{ tuple "bin/_neutron-linuxbridge-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-linuxbridge-agent-init.sh: |+
{{ tuple "bin/_neutron-linuxbridge-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-metadata-agent.sh: |+
{{ tuple "bin/_neutron-metadata-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-openvswitch-agent.sh: |+

View File

@ -63,10 +63,14 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
{{- if eq .Values.network.backend "ovs" }}
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
subPath: openvswitch_agent.ini
readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
{{- end }}
- name: neutron-etc
mountPath: /etc/neutron/dhcp_agent.ini
subPath: dhcp_agent.ini
@ -126,8 +130,6 @@ spec:
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters
readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
- name: socket
mountPath: /var/lib/neutron/openstack-helm
{{ if $mounts_neutron_dhcp_agent.volumeMounts }}{{ toYaml $mounts_neutron_dhcp_agent.volumeMounts | indent 12 }}{{ end }}
@ -140,9 +142,11 @@ spec:
configMap:
name: neutron-etc
defaultMode: 0444
{{- if eq .Values.network.backend "ovs" }}
- name: runopenvswitch
hostPath:
path: /run/openvswitch
{{- end }}
- name: socket
hostPath:
path: /var/lib/neutron/openstack-helm

View File

@ -63,10 +63,14 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
{{- if eq .Values.network.backend "ovs" }}
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
subPath: openvswitch_agent.ini
readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
{{- end }}
- name: neutron-etc
mountPath: /etc/neutron/l3_agent.ini
subPath: l3_agent.ini
@ -122,8 +126,6 @@ spec:
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters
readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
- name: libmodules
mountPath: /lib/modules
readOnly: true
@ -139,9 +141,11 @@ spec:
configMap:
name: neutron-etc
defaultMode: 0444
{{- if eq .Values.network.backend "ovs" }}
- name: runopenvswitch
hostPath:
path: /run/openvswitch
{{- end }}
- name: libmodules
hostPath:
path: /lib/modules

View File

@ -0,0 +1,238 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.daemonset_lb_agent }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.lb_agent }}
{{- $mounts_neutron_lb_agent := .Values.pod.mounts.neutron_lb_agent.neutron_lb_agent }}
{{- $mounts_neutron_lb_agent_init := .Values.pod.mounts.neutron_lb_agent.init_container }}
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: lb-agent
spec:
{{ tuple $envAll "lb_agent" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "neutron" "lb-agent" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
nodeSelector:
{{ .Values.labels.lb.node_selector_key }}: {{ .Values.labels.lb.node_selector_value }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
initContainers:
{{ tuple $envAll $dependencies $mounts_neutron_lb_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: lb-agent-init
image: {{ .Values.images.neutron_linuxbridge_agent }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.agent.lb | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
privileged: true
runAsUser: 0
command:
- /tmp/neutron-linuxbridge-agent-init.sh
volumeMounts:
- name: neutron-bin
mountPath: /tmp/neutron-linuxbridge-agent-init.sh
subPath: neutron-linuxbridge-agent-init.sh
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
- name: neutron-etc
mountPath: /etc/neutron/neutron.conf
subPath: neutron.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/linuxbridge_agent.ini
subPath: linuxbridge_agent.ini
readOnly: true
- name: neutron-etc
# NOTE (Portdirect): We mount here to overide Kollas custom
# sudoers file when using Kolla images, this location will
# also work fine for other images.
mountPath: /etc/sudoers.d/kolla_neutron_sudoers
subPath: neutron_sudoers
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.conf
subPath: rootwrap.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/debug.filters
subPath: debug.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dibbler.filters
subPath: dibbler.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ipset-firewall.filters
subPath: ipset-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/l3.filters
subPath: l3.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/netns-cleanup.filters
subPath: netns-cleanup.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dhcp.filters
subPath: dhcp.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ebtables.filters
subPath: ebtables.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/iptables-firewall.filters
subPath: iptables-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/linuxbridge-plugin.filters
subPath: linuxbridge-plugin.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters
readOnly: true
- name: libmodules
mountPath: /lib/modules
readOnly: true
- name: run
mountPath: /run
{{ if $mounts_neutron_lb_agent.volumeMounts }}{{ toYaml $mounts_neutron_lb_agent.volumeMounts | indent 12 }}{{ end }}
containers:
- name: lb-agent
image: {{ .Values.images.neutron_linuxbridge_agent }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.agent.lb | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
runAsUser: {{ .Values.pod.user.neutron.uid }}
privileged: true
command:
- /tmp/neutron-linuxbridge-agent.sh
readinessProbe:
exec:
command:
- bash
- -c
- 'brctl show'
volumeMounts:
- name: neutron-bin
mountPath: /tmp/neutron-linuxbridge-agent.sh
subPath: neutron-linuxbridge-agent.sh
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
- name: neutron-etc
mountPath: /etc/neutron/neutron.conf
subPath: neutron.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/linuxbridge_agent.ini
subPath: linuxbridge_agent.ini
readOnly: true
- name: neutron-etc
# NOTE (Portdirect): We mount here to overide Kollas custom
# sudoers file when using Kolla images, this location will
# also work fine for other images.
mountPath: /etc/sudoers.d/kolla_neutron_sudoers
subPath: neutron_sudoers
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.conf
subPath: rootwrap.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/debug.filters
subPath: debug.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dibbler.filters
subPath: dibbler.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ipset-firewall.filters
subPath: ipset-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/l3.filters
subPath: l3.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/netns-cleanup.filters
subPath: netns-cleanup.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dhcp.filters
subPath: dhcp.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ebtables.filters
subPath: ebtables.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/iptables-firewall.filters
subPath: iptables-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/linuxbridge-plugin.filters
subPath: linuxbridge-plugin.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters
readOnly: true
- name: libmodules
mountPath: /lib/modules
readOnly: true
- name: run
mountPath: /run
{{ if $mounts_neutron_lb_agent.volumeMounts }}{{ toYaml $mounts_neutron_lb_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-shared
emptyDir: {}
- name: neutron-bin
configMap:
name: neutron-bin
defaultMode: 0555
- name: neutron-etc
configMap:
name: neutron-etc
defaultMode: 0444
- name: libmodules
hostPath:
path: /lib/modules
- name: run
hostPath:
path: /run
{{ if $mounts_neutron_lb_agent.volumes }}{{ toYaml $mounts_neutron_lb_agent.volumes | indent 8 }}{{ end }}
{{- end }}

View File

@ -65,10 +65,14 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
{{- if eq .Values.network.backend "ovs" }}
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
subPath: openvswitch_agent.ini
readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
{{- end }}
- name: neutron-etc
mountPath: /etc/neutron/metadata_agent.ini
subPath: metadata_agent.ini
@ -124,8 +128,6 @@ spec:
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters
readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
- name: socket
mountPath: /var/lib/neutron/stackanetes
{{ if $mounts_neutron_metadata_agent.volumeMounts }}{{ toYaml $mounts_neutron_metadata_agent.volumeMounts | indent 12 }}{{ end }}
@ -138,9 +140,11 @@ spec:
configMap:
name: neutron-etc
defaultMode: 0444
{{- if eq .Values.network.backend "ovs" }}
- name: runopenvswitch
hostPath:
path: /run/openvswitch
{{- end }}
- name: socket
hostPath:
path: /var/lib/neutron/openstack-helm

View File

@ -32,6 +32,7 @@ images:
metadata: docker.io/kolla/ubuntu-source-neutron-metadata-agent:3.0.3
l3: docker.io/kolla/ubuntu-source-neutron-l3-agent:3.0.3
neutron_openvswitch_agent: docker.io/kolla/ubuntu-source-neutron-openvswitch-agent:3.0.3
neutron_linuxbridge_agent: docker.io/kolla/ubuntu-source-neutron-linuxbridge-agent:3.0.3
openvswitch_db_server: docker.io/kolla/ubuntu-source-openvswitch-db-server:3.0.3
openvswitch_vswitchd: docker.io/kolla/ubuntu-source-openvswitch-vswitchd:3.0.3
dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0
@ -45,6 +46,9 @@ labels:
ovs:
node_selector_key: openvswitch
node_selector_value: enabled
lb:
node_selector_key: linuxbridge
node_selector_value: enabled
agent:
dhcp:
node_selector_key: openstack-control-plane
@ -60,6 +64,9 @@ labels:
node_selector_value: enabled
network:
# provide what type of network wiring will be used
# possible options: ovs, linuxbridge
backend: ovs
external_bridge: br-ex
ip_address: 0.0.0.0
interface:
@ -138,6 +145,7 @@ dependencies:
- service: compute
endpoint: internal
daemonset:
# this should be set to corresponding neutron L2 agent
- ovs-agent
metadata:
services:
@ -148,6 +156,7 @@ dependencies:
- service: compute
endpoint: internal
daemonset:
# this should be set to corresponding neutron L2 agent
- ovs-agent
ovs_agent:
services:
@ -155,6 +164,12 @@ dependencies:
endpoint: internal
- service: network
endpoint: internal
lb_agent:
services:
- service: oslo_messaging
endpoint: internal
- service: network
endpoint: internal
l3:
services:
- service: oslo_messaging
@ -164,6 +179,7 @@ dependencies:
- service: compute
endpoint: internal
daemonset:
# this should be set to corresponding neutron L2 agent
- ovs-agent
tests:
services:
@ -198,6 +214,9 @@ pod:
neutron_l3_agent:
init_container: null
neutron_l3_agent:
neutron_lb_agent:
init_container: null
neutron_lb_agent:
neutron_metadata_agent:
init_container: null
neutron_metadata_agent:
@ -230,6 +249,10 @@ pod:
enabled: false
min_ready_seconds: 0
max_unavailable: 1
lb_agent:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
metadata_agent:
enabled: true
min_ready_seconds: 0
@ -269,6 +292,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
lb:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
metadata:
requests:
memory: "128Mi"
@ -599,9 +629,11 @@ conf:
default_availability_zones: nova
api_workers: 4
allow_overlapping_ips: True
# core_plugin can be: ml2, calico
core_plugin: ml2
# service_plugin can be: router, odl-router, empty for calico,
# networking_ovn.l3.l3_ovn.OVNL3RouterPlugin for OVN
service_plugins: router
interface_driver: openvswitch
metadata_proxy_socket: /var/lib/neutron/openstack-helm/metadata_proxy
db:
allow_automatic_l3agent_failover: True
@ -613,6 +645,7 @@ conf:
network_auto_schedule: True
router_auto_schedule: True
agent:
# we can define here, which driver we are using: openvswitch or linuxbridge
interface_driver: openvswitch
oslo_concurrency:
oslo:
@ -654,6 +687,8 @@ conf:
neutron:
ml2:
extension_drivers: port_security
# mechnism_drivers can be: openvswitch, linuxbridge,
# opendaylight, ovn
mechanism_drivers: openvswitch,l2population
type_drivers: flat,vlan,vxlan
tenant_network_types: vxlan
@ -683,6 +718,8 @@ conf:
neutron:
base:
agent:
# we can define here, which driver we are using:
# openvswitch or linuxbridge
interface_driver: openvswitch
dhcp:
agent:
@ -696,6 +733,8 @@ conf:
neutron:
base:
agent:
# we can define here, which driver we are using:
# openvswitch or linuxbridge
interface_driver: openvswitch
l3:
agent:
@ -754,6 +793,30 @@ conf:
linuxbridge_agent:
override:
append:
linux_bridge:
neutron:
ml2:
linuxbridge:
agent:
# To define Flat and VLAN connections, in LB we can assign
# specific interface to the flat/vlan network name using:
# physical_interface_mappings: "external:eth3"
# Or we can set the mapping between the network and bridge:
bridge_mappings: "external:br-ex"
# The two above options are exclusive, do not use both of them at once
securitygroup:
neutron:
ml2:
linuxbridge:
agent:
firewall_driver: neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
vxlan:
neutron:
ml2:
linuxbridge:
agent:
l2_population: True
arp_responder: True
# Names of secrets used by bootstrap and environmental checks
secrets:
@ -870,6 +933,7 @@ manifests:
configmap_etc: true
daemonset_dhcp_agent: true
daemonset_l3_agent: true
daemonset_lb_agent: false
daemonset_metadata_agent: true
daemonset_ovs_agent: true
daemonset_ovs_db: true

View File

@ -196,6 +196,7 @@ dependencies:
- service: network
endpoint: internal
daemonset:
# this should be set to corresponding neutron L2 agent
- ovs-agent
libvirt:
jobs:

View File

@ -0,0 +1,84 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# MVP values for neutron using Linux Bridge.
# This file contains overrides to launch a MVP deployment of neutron using
# Linux Bridge for the OpenStack-Helm gates, and local development use.
# It should be kept to the bare minimum required for this purpose.
network:
backend: linuxbridge
interface:
tunnel: docker0
manifests:
daemonset_lb_agent: true
daemonset_ovs_agent: false
daemonset_ovs_db: false
daemonset_ovs_vswitchd: false
dependencies:
dhcp:
daemonset:
- lb-agent
l3:
daemonset:
- lb-agent
metadata:
daemonset:
- lb-agent
conf:
neutron:
default:
oslo:
log:
debug: false
neutron:
agent:
interface_driver: linuxbridge
db:
l3_ha: False
min_l3_agents_per_router: 1
max_l3_agents_per_router: 1
l3_ha_network_type: vxlan
dhcp_agents_per_network: 1
ml2_conf:
ml2:
neutron:
ml2:
mechanism_drivers: linuxbridge, l2population
ml2_type_flat:
neutron:
ml2:
flat_networks: public
dhcp_agent:
default:
neutron:
base:
agent:
interface_driver: linuxbridge
l3_agent:
default:
neutron:
base:
agent:
interface_driver: linuxbridge
linuxbridge_agent:
linux_bridge:
neutron:
ml2:
linuxbridge:
agent:
bridge_mappings: "public:br-ex"