From 2ac93ec53af4deb8b88f4085cfe2999659c36a3f Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Tue, 18 Aug 2020 17:28:44 -0400 Subject: [PATCH] Move Neutron database to Kubernetes Change-Id: I0a37ddea9554871e91a33d71fb981eeef2d7c934 --- devstack/lib/neutron-legacy | 76 +++++++++++++++++++++++++++++++++- openstack_operator/database.py | 5 ++- openstack_operator/neutron.py | 3 ++ 3 files changed, 82 insertions(+), 2 deletions(-) diff --git a/devstack/lib/neutron-legacy b/devstack/lib/neutron-legacy index 52028f9f..1892e86a 100644 --- a/devstack/lib/neutron-legacy +++ b/devstack/lib/neutron-legacy @@ -15,7 +15,7 @@ # under the License. function init_mutnauq { - recreate_database $Q_DB_NAME + echo noop } export -f init_mutnauq @@ -39,3 +39,77 @@ function start_neutron_service_and_check { fi } export -f start_neutron_service_and_check + +function _configure_neutron_common { + _create_neutron_conf_dir + + # Uses oslo config generator to generate core sample configuration files + (cd $NEUTRON_DIR && exec ./tools/generate_config_file_samples.sh) + + cp $NEUTRON_DIR/etc/neutron.conf.sample $NEUTRON_CONF + + Q_POLICY_FILE=$NEUTRON_CONF_DIR/policy.json + + # allow neutron user to administer neutron to match neutron account + # NOTE(amotoki): This is required for nova works correctly with neutron. + if [ -f $NEUTRON_DIR/etc/policy.json ]; then + cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE + sed -i 's/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $Q_POLICY_FILE + else + echo '{"context_is_admin": "role:admin or user_name:neutron"}' > $Q_POLICY_FILE + fi + + # Set plugin-specific variables ``Q_DB_NAME``, ``Q_PLUGIN_CLASS``. + # For main plugin config file, set ``Q_PLUGIN_CONF_PATH``, ``Q_PLUGIN_CONF_FILENAME``. + neutron_plugin_configure_common + + if [[ "$Q_PLUGIN_CONF_PATH" == '' || "$Q_PLUGIN_CONF_FILENAME" == '' || "$Q_PLUGIN_CLASS" == '' ]]; then + die $LINENO "Neutron plugin not set.. exiting" + fi + + # If needed, move config file from ``$NEUTRON_DIR/etc/neutron`` to ``NEUTRON_CONF_DIR`` + mkdir -p /$Q_PLUGIN_CONF_PATH + Q_PLUGIN_CONF_FILE=$Q_PLUGIN_CONF_PATH/$Q_PLUGIN_CONF_FILENAME + # NOTE(hichihara): Some neutron vendor plugins were already decomposed and + # there is no config file in Neutron tree. They should prepare the file in each plugin. + if [ -f "$NEUTRON_DIR/$Q_PLUGIN_CONF_FILE.sample" ]; then + cp "$NEUTRON_DIR/$Q_PLUGIN_CONF_FILE.sample" /$Q_PLUGIN_CONF_FILE + elif [ -f $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE ]; then + cp $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE /$Q_PLUGIN_CONF_FILE + fi + + kubernetes_ensure_resource secret/neutron-mysql + NEUTRON_DATABASE_USER=$(get_data_from_secret neutron-mysql openstack USER) + NEUTRON_DATABASE_PASSWORD=$(get_data_from_secret neutron-mysql openstack PASSWORD) + NEUTRON_DATABASE_NAME=$(get_data_from_secret neutron-mysql openstack DATABASE) + iniset $NEUTRON_CONF database connection "mysql+pymysql://$NEUTRON_DATABASE_USER:$NEUTRON_DATABASE_PASSWORD@neutron-mysql-master/$NEUTRON_DATABASE_NAME?charset=utf8" + + iniset $NEUTRON_CONF DEFAULT state_path $DATA_DIR/neutron + iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG + iniset $NEUTRON_CONF DEFAULT bind_host $Q_LISTEN_ADDRESS + iniset $NEUTRON_CONF oslo_concurrency lock_path $DATA_DIR/neutron/lock + + # NOTE(freerunner): Need to adjust Region Name for nova in multiregion installation + iniset $NEUTRON_CONF nova region_name $REGION_NAME + + if [ "$VIRT_DRIVER" = 'fake' ]; then + # Disable arbitrary limits + iniset $NEUTRON_CONF quotas quota_network -1 + iniset $NEUTRON_CONF quotas quota_subnet -1 + iniset $NEUTRON_CONF quotas quota_port -1 + iniset $NEUTRON_CONF quotas quota_security_group -1 + iniset $NEUTRON_CONF quotas quota_security_group_rule -1 + fi + + # Format logging + setup_logging $NEUTRON_CONF + + if is_service_enabled tls-proxy && [ "$NEUTRON_DEPLOY_MOD_WSGI" == "False" ]; then + # Set the service port for a proxy to take the original + iniset $NEUTRON_CONF DEFAULT bind_port "$Q_PORT_INT" + iniset $NEUTRON_CONF oslo_middleware enable_proxy_headers_parsing True + fi + + _neutron_setup_rootwrap +} +export -f _configure_neutron_common diff --git a/openstack_operator/database.py b/openstack_operator/database.py index 8b9bb6da..d7f214f6 100644 --- a/openstack_operator/database.py +++ b/openstack_operator/database.py @@ -20,9 +20,12 @@ This module contains a few common functions for database management from openstack_operator import utils -def ensure_mysql_cluster(name, spec): +def ensure_mysql_cluster(name, spec=None): """Create or update mysql cluster""" + if spec is None: + spec = {} + config = utils.get_secret("openstack", name + "-mysql") if config is None: root_password = utils.generate_password() diff --git a/openstack_operator/neutron.py b/openstack_operator/neutron.py index 8d45f10b..691efcce 100644 --- a/openstack_operator/neutron.py +++ b/openstack_operator/neutron.py @@ -19,6 +19,7 @@ This code takes care of doing the operations of the OpenStack Neutron API service. """ +from openstack_operator import database from openstack_operator import utils MEMCACHED = True @@ -31,5 +32,7 @@ def create_or_resume(spec, **_): start the service up for the first time. """ + database.ensure_mysql_cluster("neutron") + utils.create_or_update('neutron/daemonset.yml.j2', spec=spec) utils.create_or_update('neutron/service.yml.j2')