vexxhost/openstack-operator
Code Issues Proposed changes
openstack-operator/devstack/lib/neutron-legacy
Mohammed Naser 40ca6cd8e0 Migrated Neutron RabbitMQ to Kubernetes 
Change-Id: I10c6e8b39e754a86ab7c3b1312c108a5d1383be2
2020-08-18 23:54:17 -04:00

194 lines
7.6 KiB
Bash
Raw Blame History

#!/bin/bash
#
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
function configure_mutnauq {
_configure_neutron_common
kubernetes_ensure_resource secret/neutron-rabbitmq
NEUTRON_RABBITMQ_USERNAME=$(get_data_from_secret neutron-rabbitmq openstack username)
NEUTRON_RABBITMQ_PASSWORD=$(get_data_from_secret neutron-rabbitmq openstack password)
iniset $NEUTRON_CONF DEFAULT transport_url "rabbit://$NEUTRON_RABBITMQ_USERNAME:$NEUTRON_RABBITMQ_PASSWORD@rabbitmq-neutron.openstack.svc.cluster.local:5672/"
if is_service_enabled q-metering; then
_configure_neutron_metering
fi
if is_service_enabled q-agt q-svc; then
_configure_neutron_service
fi
if is_service_enabled q-agt; then
_configure_neutron_plugin_agent
fi
if is_service_enabled q-dhcp; then
_configure_neutron_dhcp_agent
fi
if is_service_enabled q-l3; then
_configure_neutron_l3_agent
fi
if is_service_enabled q-meta; then
_configure_neutron_metadata_agent
fi
if [[ "$Q_DVR_MODE" != "legacy" ]]; then
_configure_dvr
fi
if is_service_enabled ceilometer; then
_configure_neutron_ceilometer_notifications
fi
iniset $NEUTRON_CONF DEFAULT api_workers "$API_WORKERS"
# devstack is not a tool for running uber scale OpenStack
# clouds, therefore running without a dedicated RPC worker
# for state reports is more than adequate.
iniset $NEUTRON_CONF DEFAULT rpc_state_report_workers 0
}
export -f configure_mutnauq
function init_mutnauq {
echo noop
}
export -f init_mutnauq
function start_neutron_service_and_check {
neutron_plugin_configure_common
kubectl -n openstack create secret generic neutron-config \
--from-file=/etc/neutron/neutron.conf \
--from-file=/etc/neutron/api-paste.ini \
--from-file=/etc/neutron/policy.json
kubectl -n openstack create secret generic neutron-ml2-config \
--from-file=/etc/neutron/plugins/ml2/ml2_conf.ini
kubernetes_rollout_restart daemonset/neutron
kubernetes_rollout_status daemonset/neutron
proxy_pass_to_kubernetes /networking neutron neutron-api
neutron_url=$Q_PROTOCOL://${Q_HOST}/networking/
if ! wait_for_service $SERVICE_TIMEOUT $neutron_url; then
die $LINENO "neutron-api did not start"
fi
}
export -f start_neutron_service_and_check
function _configure_neutron_common {
_create_neutron_conf_dir
# Uses oslo config generator to generate core sample configuration files
(cd $NEUTRON_DIR && exec ./tools/generate_config_file_samples.sh)
cp $NEUTRON_DIR/etc/neutron.conf.sample $NEUTRON_CONF
Q_POLICY_FILE=$NEUTRON_CONF_DIR/policy.json
# allow neutron user to administer neutron to match neutron account
# NOTE(amotoki): This is required for nova works correctly with neutron.
if [ -f $NEUTRON_DIR/etc/policy.json ]; then
cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE
sed -i 's/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $Q_POLICY_FILE
else
echo '{"context_is_admin": "role:admin or user_name:neutron"}' > $Q_POLICY_FILE
fi
# Set plugin-specific variables ``Q_DB_NAME``, ``Q_PLUGIN_CLASS``.
# For main plugin config file, set ``Q_PLUGIN_CONF_PATH``, ``Q_PLUGIN_CONF_FILENAME``.
neutron_plugin_configure_common
if [[ "$Q_PLUGIN_CONF_PATH" == '' || "$Q_PLUGIN_CONF_FILENAME" == '' || "$Q_PLUGIN_CLASS" == '' ]]; then
die $LINENO "Neutron plugin not set.. exiting"
fi
# If needed, move config file from ``$NEUTRON_DIR/etc/neutron`` to ``NEUTRON_CONF_DIR``
mkdir -p /$Q_PLUGIN_CONF_PATH
Q_PLUGIN_CONF_FILE=$Q_PLUGIN_CONF_PATH/$Q_PLUGIN_CONF_FILENAME
# NOTE(hichihara): Some neutron vendor plugins were already decomposed and
# there is no config file in Neutron tree. They should prepare the file in each plugin.
if [ -f "$NEUTRON_DIR/$Q_PLUGIN_CONF_FILE.sample" ]; then
cp "$NEUTRON_DIR/$Q_PLUGIN_CONF_FILE.sample" /$Q_PLUGIN_CONF_FILE
elif [ -f $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE ]; then
cp $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE /$Q_PLUGIN_CONF_FILE
fi
kubernetes_ensure_resource secret/neutron-mysql
NEUTRON_DATABASE_USER=$(get_data_from_secret neutron-mysql openstack USER)
NEUTRON_DATABASE_PASSWORD=$(get_data_from_secret neutron-mysql openstack PASSWORD)
NEUTRON_DATABASE_NAME=$(get_data_from_secret neutron-mysql openstack DATABASE)
iniset $NEUTRON_CONF database connection "mysql+pymysql://$NEUTRON_DATABASE_USER:$NEUTRON_DATABASE_PASSWORD@neutron-mysql-master/$NEUTRON_DATABASE_NAME?charset=utf8"
iniset $NEUTRON_CONF DEFAULT state_path $DATA_DIR/neutron
iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG
iniset $NEUTRON_CONF DEFAULT bind_host $Q_LISTEN_ADDRESS
iniset $NEUTRON_CONF oslo_concurrency lock_path $DATA_DIR/neutron/lock
# NOTE(freerunner): Need to adjust Region Name for nova in multiregion installation
iniset $NEUTRON_CONF nova region_name $REGION_NAME
if [ "$VIRT_DRIVER" = 'fake' ]; then
# Disable arbitrary limits
iniset $NEUTRON_CONF quotas quota_network -1
iniset $NEUTRON_CONF quotas quota_subnet -1
iniset $NEUTRON_CONF quotas quota_port -1
iniset $NEUTRON_CONF quotas quota_security_group -1
iniset $NEUTRON_CONF quotas quota_security_group_rule -1
fi
# Format logging
setup_logging $NEUTRON_CONF
if is_service_enabled tls-proxy && [ "$NEUTRON_DEPLOY_MOD_WSGI" == "False" ]; then
# Set the service port for a proxy to take the original
iniset $NEUTRON_CONF DEFAULT bind_port "$Q_PORT_INT"
iniset $NEUTRON_CONF oslo_middleware enable_proxy_headers_parsing True
fi
_neutron_setup_rootwrap
}
export -f _configure_neutron_common
function _configure_neutron_service {
Q_API_PASTE_FILE=$NEUTRON_CONF_DIR/api-paste.ini
cp $NEUTRON_DIR/etc/api-paste.ini $Q_API_PASTE_FILE
# Update either configuration file with plugin
iniset $NEUTRON_CONF DEFAULT core_plugin $Q_PLUGIN_CLASS
iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
iniset $NEUTRON_CONF oslo_policy policy_file $Q_POLICY_FILE
iniset $NEUTRON_CONF DEFAULT allow_overlapping_ips $Q_ALLOW_OVERLAPPING_IP
iniset $NEUTRON_CONF DEFAULT auth_strategy $Q_AUTH_STRATEGY
kubernetes_ensure_resource secret/neutron-application-credential
NEUTRON_APPLICATION_CREDENTIAL_SECRET=$(get_data_from_secret neutron-application-credential openstack secret)
NEUTRON_APPLICATION_CREDENTIAL_ID=$(get_data_from_secret neutron-application-credential openstack id)
iniset $NEUTRON_CONF keystone_authtoken auth_url $KEYSTONE_AUTH_URI_V3
iniset $NEUTRON_CONF keystone_authtoken auth_type v3applicationcredential
iniset $NEUTRON_CONF keystone_authtoken application_credential_id $NEUTRON_APPLICATION_CREDENTIAL_ID
iniset $NEUTRON_CONF keystone_authtoken application_credential_secret $NEUTRON_APPLICATION_CREDENTIAL_SECRET
# Configuration for neutron notifications to nova.
iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_status_changes $Q_NOTIFY_NOVA_PORT_STATUS_CHANGES
iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_data_changes $Q_NOTIFY_NOVA_PORT_DATA_CHANGES
iniset $NEUTRON_CONF nova auth_url $KEYSTONE_AUTH_URI_V3
iniset $NEUTRON_CONF nova auth_type v3applicationcredential
iniset $NEUTRON_CONF nova application_credential_id $NEUTRON_APPLICATION_CREDENTIAL_ID
iniset $NEUTRON_CONF nova application_credential_secret $NEUTRON_APPLICATION_CREDENTIAL_SECRET
# Configure plugin
neutron_plugin_configure_service
}
export -f _configure_neutron_service
View Git Blame Copy Permalink