Neutron: add linuxbridge daemonset and config script

Adding daemonset for Linux bridge. Using node selector
"linuxbridge enabled".

network.backend added in neutron/values.yaml to support scenario for
different SDNs using the same networking software, like OVS is used
for reference Neutron L2 agent, ODL, OVN and SONA. The other option for
network.backend can be linuxbridge and calico.
network.backend impacts configuration of DHCP, L3 and metadata agents.
Those agents are dependent on ovsdb_connection flag (officially it is
placed in openvswitch_agent.ini file).

Added daemonset_lb_agent flag in manifests section. Currently
OVS and LinuxBridge L2 agents can be turned on/off to be deployed.
OVS L2 agent and OVS as a network virtualization SW can be deployed
independently.

Removed conf.neutron.default.neutron.interface_driver, since it was not
used anywhere.

Marked places in neutron/values.yaml where changes are needed in order
to use linuxbridge for:
- neutron.conf interface_driver
- ML2 mechanism driver
- dhcp and l3 agents interface_driver

Added example of neutron values overrides in:
tools/overrides/mvp/neutron-linuxbridge.yaml

Change-Id: I7cdcfaa9a73af392a0d45f7df29b7b3ae3cc4c76
Implements: blueprint support-linux-bridge-on-neutron
This commit is contained in:
Artur Korzeniewski 2017-08-29 11:51:40 +02:00
parent 10591db58c
commit aaedb4a150
13 changed files with 509 additions and 10 deletions

View File

@ -20,5 +20,7 @@ set -x
exec neutron-dhcp-agent \ exec neutron-dhcp-agent \
--config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/dhcp_agent.ini \ --config-file /etc/neutron/dhcp_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if eq .Values.network.backend "ovs" }} \
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
{{- end }}

View File

@ -20,5 +20,7 @@ set -x
exec neutron-l3-agent \ exec neutron-l3-agent \
--config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/l3_agent.ini \ --config-file /etc/neutron/l3_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if eq .Values.network.backend "ovs" }} \
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
{{- end }}

View File

@ -0,0 +1,65 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
modprobe ebtables
# configure external bridge
external_bridge="{{- .Values.network.external_bridge -}}"
external_interface="{{- .Values.network.interface.external -}}"
if [ -n "${external_bridge}" ] ; then
# adding existing bridge would break out the script when -e is set
set +e
ip link add name $external_bridge type bridge
set -e
ip link set dev $external_bridge up
if [ -n "$external_interface" ] ; then
ip link set dev $external_interface master $external_bridge
fi
fi
# configure all bridge mappings defined in config
{{- range $br, $phys := .Values.network.auto_bridge_add }}
if [ -n "{{- $br -}}" ] ; then
# adding existing bridge would break out the script when -e is set
set +e
ip link add name {{ $br }} type bridge
set -e
ip link set dev {{ $br }} up
if [ -n "{{- $phys -}}" ] ; then
ip link set dev {{ $phys }} master {{ $br }}
fi
fi
{{- end }}
tunnel_interface="{{- .Values.network.interface.tunnel -}}"
if [ -z "${tunnel_interface}" ] ; then
# search for interface with default routing
# If there is not default gateway, exit
tunnel_interface=$(ip r | grep default | grep -oP '(?<=dev ).*') || exit 1
fi
# determine local-ip dynamically based on interface provided but only if tunnel_types is not null
IP=$(ip a s $tunnel_interface | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}')
cat <<EOF>/tmp/pod-shared/ml2-local-ip.ini
[vxlan]
local_ip = $IP
EOF

View File

@ -0,0 +1,25 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec neutron-linuxbridge-agent \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
--config-file /tmp/pod-shared/ml2-local-ip.ini \
--config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini

View File

@ -20,5 +20,7 @@ set -x
exec neutron-metadata-agent \ exec neutron-metadata-agent \
--config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/metadata_agent.ini \ --config-file /etc/neutron/metadata_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
{{- if eq .Values.network.backend "ovs" }} \
--config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
{{- end }}

View File

@ -43,6 +43,10 @@ data:
{{ tuple "bin/_neutron-dhcp-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{ tuple "bin/_neutron-dhcp-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-l3-agent.sh: |+ neutron-l3-agent.sh: |+
{{ tuple "bin/_neutron-l3-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{ tuple "bin/_neutron-l3-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-linuxbridge-agent.sh: |+
{{ tuple "bin/_neutron-linuxbridge-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-linuxbridge-agent-init.sh: |+
{{ tuple "bin/_neutron-linuxbridge-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-metadata-agent.sh: |+ neutron-metadata-agent.sh: |+
{{ tuple "bin/_neutron-metadata-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{ tuple "bin/_neutron-metadata-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-openvswitch-agent.sh: |+ neutron-openvswitch-agent.sh: |+

View File

@ -63,10 +63,14 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini subPath: ml2_conf.ini
readOnly: true readOnly: true
{{- if eq .Values.network.backend "ovs" }}
- name: neutron-etc - name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
subPath: openvswitch_agent.ini subPath: openvswitch_agent.ini
readOnly: true readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
{{- end }}
- name: neutron-etc - name: neutron-etc
mountPath: /etc/neutron/dhcp_agent.ini mountPath: /etc/neutron/dhcp_agent.ini
subPath: dhcp_agent.ini subPath: dhcp_agent.ini
@ -126,8 +130,6 @@ spec:
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters subPath: openvswitch-plugin.filters
readOnly: true readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
- name: socket - name: socket
mountPath: /var/lib/neutron/openstack-helm mountPath: /var/lib/neutron/openstack-helm
{{ if $mounts_neutron_dhcp_agent.volumeMounts }}{{ toYaml $mounts_neutron_dhcp_agent.volumeMounts | indent 12 }}{{ end }} {{ if $mounts_neutron_dhcp_agent.volumeMounts }}{{ toYaml $mounts_neutron_dhcp_agent.volumeMounts | indent 12 }}{{ end }}
@ -140,9 +142,11 @@ spec:
configMap: configMap:
name: neutron-etc name: neutron-etc
defaultMode: 0444 defaultMode: 0444
{{- if eq .Values.network.backend "ovs" }}
- name: runopenvswitch - name: runopenvswitch
hostPath: hostPath:
path: /run/openvswitch path: /run/openvswitch
{{- end }}
- name: socket - name: socket
hostPath: hostPath:
path: /var/lib/neutron/openstack-helm path: /var/lib/neutron/openstack-helm

View File

@ -63,10 +63,14 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini subPath: ml2_conf.ini
readOnly: true readOnly: true
{{- if eq .Values.network.backend "ovs" }}
- name: neutron-etc - name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
subPath: openvswitch_agent.ini subPath: openvswitch_agent.ini
readOnly: true readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
{{- end }}
- name: neutron-etc - name: neutron-etc
mountPath: /etc/neutron/l3_agent.ini mountPath: /etc/neutron/l3_agent.ini
subPath: l3_agent.ini subPath: l3_agent.ini
@ -122,8 +126,6 @@ spec:
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters subPath: openvswitch-plugin.filters
readOnly: true readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
- name: libmodules - name: libmodules
mountPath: /lib/modules mountPath: /lib/modules
readOnly: true readOnly: true
@ -139,9 +141,11 @@ spec:
configMap: configMap:
name: neutron-etc name: neutron-etc
defaultMode: 0444 defaultMode: 0444
{{- if eq .Values.network.backend "ovs" }}
- name: runopenvswitch - name: runopenvswitch
hostPath: hostPath:
path: /run/openvswitch path: /run/openvswitch
{{- end }}
- name: libmodules - name: libmodules
hostPath: hostPath:
path: /lib/modules path: /lib/modules

View File

@ -0,0 +1,238 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.daemonset_lb_agent }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.lb_agent }}
{{- $mounts_neutron_lb_agent := .Values.pod.mounts.neutron_lb_agent.neutron_lb_agent }}
{{- $mounts_neutron_lb_agent_init := .Values.pod.mounts.neutron_lb_agent.init_container }}
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: lb-agent
spec:
{{ tuple $envAll "lb_agent" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "neutron" "lb-agent" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
nodeSelector:
{{ .Values.labels.lb.node_selector_key }}: {{ .Values.labels.lb.node_selector_value }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
initContainers:
{{ tuple $envAll $dependencies $mounts_neutron_lb_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: lb-agent-init
image: {{ .Values.images.neutron_linuxbridge_agent }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.agent.lb | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
privileged: true
runAsUser: 0
command:
- /tmp/neutron-linuxbridge-agent-init.sh
volumeMounts:
- name: neutron-bin
mountPath: /tmp/neutron-linuxbridge-agent-init.sh
subPath: neutron-linuxbridge-agent-init.sh
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
- name: neutron-etc
mountPath: /etc/neutron/neutron.conf
subPath: neutron.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/linuxbridge_agent.ini
subPath: linuxbridge_agent.ini
readOnly: true
- name: neutron-etc
# NOTE (Portdirect): We mount here to overide Kollas custom
# sudoers file when using Kolla images, this location will
# also work fine for other images.
mountPath: /etc/sudoers.d/kolla_neutron_sudoers
subPath: neutron_sudoers
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.conf
subPath: rootwrap.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/debug.filters
subPath: debug.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dibbler.filters
subPath: dibbler.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ipset-firewall.filters
subPath: ipset-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/l3.filters
subPath: l3.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/netns-cleanup.filters
subPath: netns-cleanup.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dhcp.filters
subPath: dhcp.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ebtables.filters
subPath: ebtables.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/iptables-firewall.filters
subPath: iptables-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/linuxbridge-plugin.filters
subPath: linuxbridge-plugin.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters
readOnly: true
- name: libmodules
mountPath: /lib/modules
readOnly: true
- name: run
mountPath: /run
{{ if $mounts_neutron_lb_agent.volumeMounts }}{{ toYaml $mounts_neutron_lb_agent.volumeMounts | indent 12 }}{{ end }}
containers:
- name: lb-agent
image: {{ .Values.images.neutron_linuxbridge_agent }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.agent.lb | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
runAsUser: {{ .Values.pod.user.neutron.uid }}
privileged: true
command:
- /tmp/neutron-linuxbridge-agent.sh
readinessProbe:
exec:
command:
- bash
- -c
- 'brctl show'
volumeMounts:
- name: neutron-bin
mountPath: /tmp/neutron-linuxbridge-agent.sh
subPath: neutron-linuxbridge-agent.sh
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
- name: neutron-etc
mountPath: /etc/neutron/neutron.conf
subPath: neutron.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/linuxbridge_agent.ini
subPath: linuxbridge_agent.ini
readOnly: true
- name: neutron-etc
# NOTE (Portdirect): We mount here to overide Kollas custom
# sudoers file when using Kolla images, this location will
# also work fine for other images.
mountPath: /etc/sudoers.d/kolla_neutron_sudoers
subPath: neutron_sudoers
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.conf
subPath: rootwrap.conf
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/debug.filters
subPath: debug.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dibbler.filters
subPath: dibbler.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ipset-firewall.filters
subPath: ipset-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/l3.filters
subPath: l3.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/netns-cleanup.filters
subPath: netns-cleanup.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/dhcp.filters
subPath: dhcp.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/ebtables.filters
subPath: ebtables.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/iptables-firewall.filters
subPath: iptables-firewall.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/linuxbridge-plugin.filters
subPath: linuxbridge-plugin.filters
readOnly: true
- name: neutron-etc
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters
readOnly: true
- name: libmodules
mountPath: /lib/modules
readOnly: true
- name: run
mountPath: /run
{{ if $mounts_neutron_lb_agent.volumeMounts }}{{ toYaml $mounts_neutron_lb_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-shared
emptyDir: {}
- name: neutron-bin
configMap:
name: neutron-bin
defaultMode: 0555
- name: neutron-etc
configMap:
name: neutron-etc
defaultMode: 0444
- name: libmodules
hostPath:
path: /lib/modules
- name: run
hostPath:
path: /run
{{ if $mounts_neutron_lb_agent.volumes }}{{ toYaml $mounts_neutron_lb_agent.volumes | indent 8 }}{{ end }}
{{- end }}

View File

@ -65,10 +65,14 @@ spec:
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
subPath: ml2_conf.ini subPath: ml2_conf.ini
readOnly: true readOnly: true
{{- if eq .Values.network.backend "ovs" }}
- name: neutron-etc - name: neutron-etc
mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
subPath: openvswitch_agent.ini subPath: openvswitch_agent.ini
readOnly: true readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
{{- end }}
- name: neutron-etc - name: neutron-etc
mountPath: /etc/neutron/metadata_agent.ini mountPath: /etc/neutron/metadata_agent.ini
subPath: metadata_agent.ini subPath: metadata_agent.ini
@ -124,8 +128,6 @@ spec:
mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
subPath: openvswitch-plugin.filters subPath: openvswitch-plugin.filters
readOnly: true readOnly: true
- name: runopenvswitch
mountPath: /run/openvswitch
- name: socket - name: socket
mountPath: /var/lib/neutron/stackanetes mountPath: /var/lib/neutron/stackanetes
{{ if $mounts_neutron_metadata_agent.volumeMounts }}{{ toYaml $mounts_neutron_metadata_agent.volumeMounts | indent 12 }}{{ end }} {{ if $mounts_neutron_metadata_agent.volumeMounts }}{{ toYaml $mounts_neutron_metadata_agent.volumeMounts | indent 12 }}{{ end }}
@ -138,9 +140,11 @@ spec:
configMap: configMap:
name: neutron-etc name: neutron-etc
defaultMode: 0444 defaultMode: 0444
{{- if eq .Values.network.backend "ovs" }}
- name: runopenvswitch - name: runopenvswitch
hostPath: hostPath:
path: /run/openvswitch path: /run/openvswitch
{{- end }}
- name: socket - name: socket
hostPath: hostPath:
path: /var/lib/neutron/openstack-helm path: /var/lib/neutron/openstack-helm

View File

@ -32,6 +32,7 @@ images:
metadata: docker.io/kolla/ubuntu-source-neutron-metadata-agent:3.0.3 metadata: docker.io/kolla/ubuntu-source-neutron-metadata-agent:3.0.3
l3: docker.io/kolla/ubuntu-source-neutron-l3-agent:3.0.3 l3: docker.io/kolla/ubuntu-source-neutron-l3-agent:3.0.3
neutron_openvswitch_agent: docker.io/kolla/ubuntu-source-neutron-openvswitch-agent:3.0.3 neutron_openvswitch_agent: docker.io/kolla/ubuntu-source-neutron-openvswitch-agent:3.0.3
neutron_linuxbridge_agent: docker.io/kolla/ubuntu-source-neutron-linuxbridge-agent:3.0.3
openvswitch_db_server: docker.io/kolla/ubuntu-source-openvswitch-db-server:3.0.3 openvswitch_db_server: docker.io/kolla/ubuntu-source-openvswitch-db-server:3.0.3
openvswitch_vswitchd: docker.io/kolla/ubuntu-source-openvswitch-vswitchd:3.0.3 openvswitch_vswitchd: docker.io/kolla/ubuntu-source-openvswitch-vswitchd:3.0.3
dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0 dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0
@ -45,6 +46,9 @@ labels:
ovs: ovs:
node_selector_key: openvswitch node_selector_key: openvswitch
node_selector_value: enabled node_selector_value: enabled
lb:
node_selector_key: linuxbridge
node_selector_value: enabled
agent: agent:
dhcp: dhcp:
node_selector_key: openstack-control-plane node_selector_key: openstack-control-plane
@ -60,6 +64,9 @@ labels:
node_selector_value: enabled node_selector_value: enabled
network: network:
# provide what type of network wiring will be used
# possible options: ovs, linuxbridge
backend: ovs
external_bridge: br-ex external_bridge: br-ex
ip_address: 0.0.0.0 ip_address: 0.0.0.0
interface: interface:
@ -138,6 +145,7 @@ dependencies:
- service: compute - service: compute
endpoint: internal endpoint: internal
daemonset: daemonset:
# this should be set to corresponding neutron L2 agent
- ovs-agent - ovs-agent
metadata: metadata:
services: services:
@ -148,6 +156,7 @@ dependencies:
- service: compute - service: compute
endpoint: internal endpoint: internal
daemonset: daemonset:
# this should be set to corresponding neutron L2 agent
- ovs-agent - ovs-agent
ovs_agent: ovs_agent:
services: services:
@ -155,6 +164,12 @@ dependencies:
endpoint: internal endpoint: internal
- service: network - service: network
endpoint: internal endpoint: internal
lb_agent:
services:
- service: oslo_messaging
endpoint: internal
- service: network
endpoint: internal
l3: l3:
services: services:
- service: oslo_messaging - service: oslo_messaging
@ -164,6 +179,7 @@ dependencies:
- service: compute - service: compute
endpoint: internal endpoint: internal
daemonset: daemonset:
# this should be set to corresponding neutron L2 agent
- ovs-agent - ovs-agent
tests: tests:
services: services:
@ -198,6 +214,9 @@ pod:
neutron_l3_agent: neutron_l3_agent:
init_container: null init_container: null
neutron_l3_agent: neutron_l3_agent:
neutron_lb_agent:
init_container: null
neutron_lb_agent:
neutron_metadata_agent: neutron_metadata_agent:
init_container: null init_container: null
neutron_metadata_agent: neutron_metadata_agent:
@ -230,6 +249,10 @@ pod:
enabled: false enabled: false
min_ready_seconds: 0 min_ready_seconds: 0
max_unavailable: 1 max_unavailable: 1
lb_agent:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
metadata_agent: metadata_agent:
enabled: true enabled: true
min_ready_seconds: 0 min_ready_seconds: 0
@ -269,6 +292,13 @@ pod:
limits: limits:
memory: "1024Mi" memory: "1024Mi"
cpu: "2000m" cpu: "2000m"
lb:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
metadata: metadata:
requests: requests:
memory: "128Mi" memory: "128Mi"
@ -599,9 +629,11 @@ conf:
default_availability_zones: nova default_availability_zones: nova
api_workers: 4 api_workers: 4
allow_overlapping_ips: True allow_overlapping_ips: True
# core_plugin can be: ml2, calico
core_plugin: ml2 core_plugin: ml2
# service_plugin can be: router, odl-router, empty for calico,
# networking_ovn.l3.l3_ovn.OVNL3RouterPlugin for OVN
service_plugins: router service_plugins: router
interface_driver: openvswitch
metadata_proxy_socket: /var/lib/neutron/openstack-helm/metadata_proxy metadata_proxy_socket: /var/lib/neutron/openstack-helm/metadata_proxy
db: db:
allow_automatic_l3agent_failover: True allow_automatic_l3agent_failover: True
@ -613,6 +645,7 @@ conf:
network_auto_schedule: True network_auto_schedule: True
router_auto_schedule: True router_auto_schedule: True
agent: agent:
# we can define here, which driver we are using: openvswitch or linuxbridge
interface_driver: openvswitch interface_driver: openvswitch
oslo_concurrency: oslo_concurrency:
oslo: oslo:
@ -654,6 +687,8 @@ conf:
neutron: neutron:
ml2: ml2:
extension_drivers: port_security extension_drivers: port_security
# mechnism_drivers can be: openvswitch, linuxbridge,
# opendaylight, ovn
mechanism_drivers: openvswitch,l2population mechanism_drivers: openvswitch,l2population
type_drivers: flat,vlan,vxlan type_drivers: flat,vlan,vxlan
tenant_network_types: vxlan tenant_network_types: vxlan
@ -683,6 +718,8 @@ conf:
neutron: neutron:
base: base:
agent: agent:
# we can define here, which driver we are using:
# openvswitch or linuxbridge
interface_driver: openvswitch interface_driver: openvswitch
dhcp: dhcp:
agent: agent:
@ -696,6 +733,8 @@ conf:
neutron: neutron:
base: base:
agent: agent:
# we can define here, which driver we are using:
# openvswitch or linuxbridge
interface_driver: openvswitch interface_driver: openvswitch
l3: l3:
agent: agent:
@ -754,6 +793,30 @@ conf:
linuxbridge_agent: linuxbridge_agent:
override: override:
append: append:
linux_bridge:
neutron:
ml2:
linuxbridge:
agent:
# To define Flat and VLAN connections, in LB we can assign
# specific interface to the flat/vlan network name using:
# physical_interface_mappings: "external:eth3"
# Or we can set the mapping between the network and bridge:
bridge_mappings: "external:br-ex"
# The two above options are exclusive, do not use both of them at once
securitygroup:
neutron:
ml2:
linuxbridge:
agent:
firewall_driver: neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
vxlan:
neutron:
ml2:
linuxbridge:
agent:
l2_population: True
arp_responder: True
# Names of secrets used by bootstrap and environmental checks # Names of secrets used by bootstrap and environmental checks
secrets: secrets:
@ -870,6 +933,7 @@ manifests:
configmap_etc: true configmap_etc: true
daemonset_dhcp_agent: true daemonset_dhcp_agent: true
daemonset_l3_agent: true daemonset_l3_agent: true
daemonset_lb_agent: false
daemonset_metadata_agent: true daemonset_metadata_agent: true
daemonset_ovs_agent: true daemonset_ovs_agent: true
daemonset_ovs_db: true daemonset_ovs_db: true

View File

@ -196,6 +196,7 @@ dependencies:
- service: network - service: network
endpoint: internal endpoint: internal
daemonset: daemonset:
# this should be set to corresponding neutron L2 agent
- ovs-agent - ovs-agent
libvirt: libvirt:
jobs: jobs:

View File

@ -0,0 +1,84 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# MVP values for neutron using Linux Bridge.
# This file contains overrides to launch a MVP deployment of neutron using
# Linux Bridge for the OpenStack-Helm gates, and local development use.
# It should be kept to the bare minimum required for this purpose.
network:
backend: linuxbridge
interface:
tunnel: docker0
manifests:
daemonset_lb_agent: true
daemonset_ovs_agent: false
daemonset_ovs_db: false
daemonset_ovs_vswitchd: false
dependencies:
dhcp:
daemonset:
- lb-agent
l3:
daemonset:
- lb-agent
metadata:
daemonset:
- lb-agent
conf:
neutron:
default:
oslo:
log:
debug: false
neutron:
agent:
interface_driver: linuxbridge
db:
l3_ha: False
min_l3_agents_per_router: 1
max_l3_agents_per_router: 1
l3_ha_network_type: vxlan
dhcp_agents_per_network: 1
ml2_conf:
ml2:
neutron:
ml2:
mechanism_drivers: linuxbridge, l2population
ml2_type_flat:
neutron:
ml2:
flat_networks: public
dhcp_agent:
default:
neutron:
base:
agent:
interface_driver: linuxbridge
l3_agent:
default:
neutron:
base:
agent:
interface_driver: linuxbridge
linuxbridge_agent:
linux_bridge:
neutron:
ml2:
linuxbridge:
agent:
bridge_mappings: "public:br-ex"