From ec53529b33c22eb54f6d9af5aa14e4ef74340963 Mon Sep 17 00:00:00 2001 From: Dan Radez Date: Tue, 12 Apr 2016 14:39:32 -0400 Subject: Adding VLAN support JIRA: APEX-136 JIRA: APEX-30 Change-Id: I7cbbe11f4c1f1455dba253733c78fe8dc215de97 Signed-off-by: Dan Radez --- build/network-environment.yaml | 7 + build/nics-compute.yaml.jinja2 | 181 ---------------------- build/nics-compute.yaml.template | 203 ------------------------ build/nics-controller.yaml.jinja2 | 154 ------------------- build/nics-controller.yaml.template | 160 ------------------- build/nics-template.yaml.jinja2 | 237 +++++++++++++++++++++++++++++ ci/deploy.sh | 29 +++- config/network/network_settings.yaml | 4 +- config/network/network_settings_vlans.yaml | 102 +++++++++++++ lib/python/apex-python-utils.py | 56 +++++-- lib/python/apex/network_environment.py | 15 +- lib/python/apex/network_settings.py | 5 + 12 files changed, 437 insertions(+), 716 deletions(-) delete mode 100644 build/nics-compute.yaml.jinja2 delete mode 100644 build/nics-compute.yaml.template delete mode 100644 build/nics-controller.yaml.jinja2 delete mode 100644 build/nics-controller.yaml.template create mode 100644 build/nics-template.yaml.jinja2 create mode 100644 config/network/network_settings_vlans.yaml diff --git a/build/network-environment.yaml b/build/network-environment.yaml index 874e0112..baf8b187 100644 --- a/build/network-environment.yaml +++ b/build/network-environment.yaml @@ -54,6 +54,13 @@ parameter_defaults: StorageNetCidr: 172.18.0.0/24 StorageAllocationPools: [{'start': '172.18.0.10', 'end': '172.18.0.200'}] + # Customize the VLAN IDs to match the local environment + InternalApiNetworkVlanID: 10 # usually collapsed onto Admin/Provisioning + StorageNetworkVlanID: 20 + # StorageMgmtNetworkVlanID: 30 # NOT IMPLEMENTED + TenantNetworkVlanID: 40 + ExternalNetworkVlanID: 50 + parameters: ServiceNetMap: NeutronTenantNetwork: tenant diff --git a/build/nics-compute.yaml.jinja2 b/build/nics-compute.yaml.jinja2 deleted file mode 100644 index 1bc2b50a..00000000 --- a/build/nics-compute.yaml.jinja2 +++ /dev/null @@ -1,181 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - Software Config to drive os-net-config to configure multiple interfaces - for the compute role. - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - os_net_config: - network_config: - - - type: interface - name: nic1 - use_dhcp: false - dns_servers: {get_param: DnsServers} - addresses: - - - ip_netmask: - list_join: - - '/' - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - {%- set nic_index = 2 %} - {%- if 'private_network' in enabled_networks %} - {%- if ovs_dpdk_bridge == 'br-phy' %} - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - use_dhcp: false - - - - type: ovs_bridge - name: {{ ovs_dpdk_bridge }} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: TenantIpSubnet} - - - type: ovs_bridge - name: br-tun - use_dhcp: false - {%- else %} - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: TenantIpSubnet} - {%- endif %} - {%- endif %} - {%- if external_net_type == "interface" %} - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ExternalInterfaceDefaultRoute} - {%- else %} - - - type: ovs_bridge - name: {get_input: bridge_name} - use_dhcp: false - members: - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - # force the MAC address of the bridge to this interface - primary: true - {%- endif %} - {%- if 'storage_network' in enabled_networks %} - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: StorageIpSubnet} - {%- endif %} - {%- if 'api_network' in enabled_networks %} - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} - {%- endif %} - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/build/nics-compute.yaml.template b/build/nics-compute.yaml.template deleted file mode 100644 index 86f3972a..00000000 --- a/build/nics-compute.yaml.template +++ /dev/null @@ -1,203 +0,0 @@ -#!/bin/bash -if [[ $nics_cfg == *_private* ]]; then - private_net=$( cat << END - - - - # Create a bridge which can also be used for VLAN-mode bridge mapping - type: ovs_bridge - name: br-tenant - use_dhcp: false - addresses: - - - ip_netmask: {get_param: TenantIpSubnet} - members: - - - type: interface - name: nic2 - use_dhcp: false - # force the MAC address of the bridge to this interface - primary: true -END -) -fi - -if [[ $nics_cfg == *_storage* ]]; then - storage_net=$( cat << END - - - type: interface - name: nic4 - use_dhcp: false - addresses: - - - ip_netmask: {get_param: StorageIpSubnet} -END -) -fi - -if [[ $nics_cfg == *_br-ex* ]]; then - br_ex=$( cat << END - - members: - - - type: interface - name: nic3 - # force the MAC address of the bridge to this interface - primary: true - -END -) - nic3=$( cat << END - - - - type: ovs_bridge - name: {get_input: bridge_name} -END -) -else - nic3=$( cat << END - - - - type: interface - name: nic3 - -END -) -fi - -if [[ $nics_cfg == *_no-public-ip* ]]; then - if [[ $nics_cfg == *_br-ex* ]]; then - nic3+=$( cat << END - - use_dhcp: false -END -) - else - nic3="" - fi -else - nic3+=$( cat << END - - use_dhcp: false - addresses: - - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - - ip_netmask: 0.0.0.0/0 - next_hop: {get_param: ExternalInterfaceDefaultRoute} -END -) -fi - -cat < - Software Config to drive os-net-config to configure multiple interfaces - for the compute role. - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ManagementNetworkVlanID: - default: 60 - description: Vlan ID for the management network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The default route of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - os_net_config: - network_config: - - - type: interface - name: nic1 - use_dhcp: false - dns_servers: {get_param: DnsServers} - addresses: - - - ip_netmask: - list_join: - - '/' - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute}$private_net$nic3$br_ex -$storage_net -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} -END diff --git a/build/nics-controller.yaml.jinja2 b/build/nics-controller.yaml.jinja2 deleted file mode 100644 index d97ee394..00000000 --- a/build/nics-controller.yaml.jinja2 +++ /dev/null @@ -1,154 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - Software Config to drive os-net-config to configure multiple interfaces - for the controller role. - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The subnet CIDR of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - os_net_config: - network_config: - - - type: interface - name: nic1 - use_dhcp: false - dns_servers: {get_param: DnsServers} - addresses: - - - ip_netmask: - list_join: - - '/' - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - {%- if external_net_af == 6 %} - - - default: true - next_hop: {get_param: ControlPlaneDefaultRoute} - {%- endif %} - {%- set nic_index = 2 %} - {%- if 'private_network' in enabled_networks %} - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: TenantIpSubnet} - {%- endif %} - - - type: ovs_bridge - name: {get_input: bridge_name} - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - - default: true - next_hop: {get_param: ExternalInterfaceDefaultRoute} - members: - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - # force the MAC address of the bridge to this interface - primary: true - {%- if 'storage_network' in enabled_networks %} - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: StorageIpSubnet} - {%- endif %} - {%- if 'api_network' in enabled_networks %} - - - type: interface - name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: InternalApiIpSubnet} - {%- endif %} - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} diff --git a/build/nics-controller.yaml.template b/build/nics-controller.yaml.template deleted file mode 100644 index d5a0bcdd..00000000 --- a/build/nics-controller.yaml.template +++ /dev/null @@ -1,160 +0,0 @@ -#!/bin/bash -if [[ $nics_cfg == *_private* ]]; then - private_net=$( cat << END - - # Create a bridge which can also be used for VLAN-mode bridge mapping - type: ovs_bridge - name: br-tenant - use_dhcp: false - addresses: - - - ip_netmask: {get_param: TenantIpSubnet} - members: - - - type: interface - name: nic2 - use_dhcp: false - # force the MAC address of the bridge to this interface - primary: true - - -END -) -fi - -if [[ $nics_cfg == *_storage* ]]; then - storage_net=$( cat << END - - - - type: interface - name: nic4 - use_dhcp: false - addresses: - - - ip_netmask: {get_param: StorageIpSubnet} -END -) -fi - -cat < - Software Config to drive os-net-config to configure multiple interfaces - for the controller role. - -parameters: - ControlPlaneIp: - default: '' - description: IP address/subnet on the ctlplane network - type: string - ExternalIpSubnet: - default: '' - description: IP address/subnet on the external network - type: string - InternalApiIpSubnet: - default: '' - description: IP address/subnet on the internal API network - type: string - StorageIpSubnet: - default: '' - description: IP address/subnet on the storage network - type: string - StorageMgmtIpSubnet: - default: '' - description: IP address/subnet on the storage mgmt network - type: string - TenantIpSubnet: - default: '' - description: IP address/subnet on the tenant network - type: string - ManagementIpSubnet: # Only populated when including environments/network-management.yaml - default: '' - description: IP address/subnet on the management network - type: string - ExternalNetworkVlanID: - default: 10 - description: Vlan ID for the external network traffic. - type: number - InternalApiNetworkVlanID: - default: 20 - description: Vlan ID for the internal_api network traffic. - type: number - StorageNetworkVlanID: - default: 30 - description: Vlan ID for the storage network traffic. - type: number - StorageMgmtNetworkVlanID: - default: 40 - description: Vlan ID for the storage mgmt network traffic. - type: number - TenantNetworkVlanID: - default: 50 - description: Vlan ID for the tenant network traffic. - type: number - ExternalInterfaceDefaultRoute: - default: '10.0.0.1' - description: default route for the external network - type: string - ControlPlaneSubnetCidr: # Override this via parameter_defaults - default: '24' - description: The subnet CIDR of the control plane network. - type: string - ControlPlaneDefaultRoute: # Override this via parameter_defaults - description: The subnet CIDR of the control plane network. - type: string - DnsServers: # Override this via parameter_defaults - default: [] - description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. - type: comma_delimited_list - EC2MetadataIp: # Override this via parameter_defaults - description: The IP address of the EC2 metadata server. - type: string - -resources: - OsNetConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - os_net_config: - network_config: - - - type: interface - name: nic1 - use_dhcp: false - dns_servers: {get_param: DnsServers} - addresses: - - - ip_netmask: - list_join: - - '/' - - - {get_param: ControlPlaneIp} - - {get_param: ControlPlaneSubnetCidr} - routes: - - - ip_netmask: 169.254.169.254/32 - next_hop: {get_param: EC2MetadataIp} - -$private_net - type: ovs_bridge - name: {get_input: bridge_name} - dns_servers: {get_param: DnsServers} - use_dhcp: false - addresses: - - - ip_netmask: {get_param: ExternalIpSubnet} - routes: - - - default: true - next_hop: {get_param: ExternalInterfaceDefaultRoute} - members: - - - type: interface - name: nic3 - # force the MAC address of the bridge to this interface - primary: true$storage_net - -outputs: - OS::stack_id: - description: The OsNetConfigImpl resource. - value: {get_resource: OsNetConfigImpl} -END diff --git a/build/nics-template.yaml.jinja2 b/build/nics-template.yaml.jinja2 new file mode 100644 index 00000000..bdf26cb0 --- /dev/null +++ b/build/nics-template.yaml.jinja2 @@ -0,0 +1,237 @@ +heat_template_version: 2015-04-30 + +description: > + Software Config to drive os-net-config to configure multiple interfaces + for the {{ role }} role. + +parameters: + ControlPlaneIp: + default: '' + description: IP address/subnet on the ctlplane network + type: string + ExternalIpSubnet: + default: '' + description: IP address/subnet on the external network + type: string + InternalApiIpSubnet: + default: '' + description: IP address/subnet on the internal API network + type: string + StorageIpSubnet: + default: '' + description: IP address/subnet on the storage network + type: string + StorageMgmtIpSubnet: + default: '' + description: IP address/subnet on the storage mgmt network + type: string + TenantIpSubnet: + default: '' + description: IP address/subnet on the tenant network + type: string + ManagementIpSubnet: # Only populated when including environments/network-management.yaml + default: '' + description: IP address/subnet on the management network + type: string + ExternalNetworkVlanID: + default: 10 + description: Vlan ID for the external network traffic. + type: number + InternalApiNetworkVlanID: + default: 20 + description: Vlan ID for the internal_api network traffic. + type: number + StorageNetworkVlanID: + default: 30 + description: Vlan ID for the storage network traffic. + type: number + StorageMgmtNetworkVlanID: + default: 40 + description: Vlan ID for the storage mgmt network traffic. + type: number + TenantNetworkVlanID: + default: 50 + description: Vlan ID for the tenant network traffic. + type: number + ManagementNetworkVlanID: + default: 60 + description: Vlan ID for the management network traffic. + type: number + ExternalInterfaceDefaultRoute: + default: '10.0.0.1' + description: default route for the external network + type: string + ControlPlaneSubnetCidr: # Override this via parameter_defaults + default: '24' + description: The subnet CIDR of the control plane network. + type: string + ControlPlaneDefaultRoute: # Override this via parameter_defaults + description: The default route of the control plane network. + type: string + DnsServers: # Override this via parameter_defaults + default: [] + description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf. + type: comma_delimited_list + EC2MetadataIp: # Override this via parameter_defaults + description: The IP address of the EC2 metadata server. + type: string + +resources: + OsNetConfigImpl: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + os_net_config: + network_config: + - + {%- if vlans['private_network'] != 'native' or vlans['storage_network'] != 'native' or vlans['api_network'] != 'native' %} + type: ovs_bridge + name: {get_input: bridge_name} + members: + - + type: interface + name: nic1 + # force the MAC address of the bridge to this interface + primary: true + {%- if 'public_network' in enabled_networks and vlans['private_network'] != 'native' %} + - + type: vlan + vlan_id: {get_param: ExternalNetworkVlanID} + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + default: true + next_hop: {get_param: ExternalInterfaceDefaultRoute} + {%- endif %} + {%- if 'private_network' in enabled_networks and vlans['private_network'] != 'native' %} + - + type: vlan + vlan_id: {get_param: TenantNetworkVlanID} + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + {%- endif %} + {%- if 'storage_network' in enabled_networks and vlans['storage_network'] != 'native' %} + - + type: vlan + vlan_id: {get_param: StorageNetworkVlanID} + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + {%- endif %} + {%- if 'api_network' in enabled_networks and vlans['api_network'] != 'native' %} + - + type: vlan + vlan_id: {get_param: InternalApiNetworkVlanID} + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + {%- endif %} + {%- else %} + type: interface + name: nic1 + {%- endif %} + use_dhcp: false + dns_servers: {get_param: DnsServers} + addresses: + - + ip_netmask: + list_join: + - '/' + - - {get_param: ControlPlaneIp} + - {get_param: ControlPlaneSubnetCidr} + routes: + - + ip_netmask: 169.254.169.254/32 + next_hop: {get_param: EC2MetadataIp} + {%- if external_net_af == 6 or role == 'compute' %} + - + default: true + next_hop: {get_param: ControlPlaneDefaultRoute} + {%- endif %} + + {%- set nic_index = 2 %} + {%- if 'private_network' in enabled_networks and vlans['private_network'] == 'native' %} + {%- if ovs_dpdk_bridge == 'br-phy' %} + - + type: interface + name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} + use_dhcp: false + + - + type: ovs_bridge + name: {{ ovs_dpdk_bridge }} + use_dhcp: false + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + - + type: ovs_bridge + name: br-tun + use_dhcp: false + {%- else %} + - + type: interface + name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} + use_dhcp: false + addresses: + - + ip_netmask: {get_param: TenantIpSubnet} + {%- endif %} + {%- endif %} + {%- if 'public_network' in enabled_networks and external_net_type == 'interface' and vlans['public_network'] == 'native' %} + - + type: interface + name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} + {%- if role == 'controller' %} + dns_servers: {get_param: DnsServers} + {%- endif %} + use_dhcp: false + addresses: + - + ip_netmask: {get_param: ExternalIpSubnet} + routes: + - + {%- if role == 'controller' %} + default: true + {%- endif %} + ip_netmask: 0.0.0.0/0 + next_hop: {get_param: ExternalInterfaceDefaultRoute} + {%- elif 'public_network' in enabled_networks and external_net_type == 'br-ex' and vlans['public_network'] == 'native' %} + - + type: ovs_bridge + name: {get_input: bridge_name} + use_dhcp: false + members: + - + type: interface + name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} + # force the MAC address of the bridge to this interface + primary: true + {%- endif %} + {%- if 'storage_network' in enabled_networks and vlans['storage_network'] == 'native' %} + - + type: interface + name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} + use_dhcp: false + addresses: + - + ip_netmask: {get_param: StorageIpSubnet} + {%- endif %} + {%- if 'api_network' in enabled_networks and vlans['api_network'] == 'native' %} + - + type: interface + name: nic{{ nic_index }}{% set nic_index = nic_index + 1 %} + use_dhcp: false + addresses: + - + ip_netmask: {get_param: InternalApiIpSubnet} + {%- endif %} + +outputs: + OS::stack_id: + description: The OsNetConfigImpl resource. + value: {get_resource: OsNetConfigImpl} diff --git a/ci/deploy.sh b/ci/deploy.sh index 50090490..30f8e0f9 100755 --- a/ci/deploy.sh +++ b/ci/deploy.sh @@ -495,7 +495,6 @@ function setup_undercloud_vm { # extra space to overwrite the previous connectivity output echo -e "${blue}\r ${reset}" sleep 1 - ssh -T ${SSH_OPTIONS[@]} "root@$UNDERCLOUD" "if ! ip a s eth2 | grep ${public_network_provisioner_ip} > /dev/null; then ip a a ${public_network_provisioner_ip}/${public_network_cidr##*/} dev eth2; ip link set up dev eth2; fi" # ssh key fix for stack user ssh -T ${SSH_OPTIONS[@]} "root@$UNDERCLOUD" "restorecon -r /home/stack" @@ -665,12 +664,12 @@ function configure_undercloud { ovs_dpdk_bridge='' fi - if ! controller_nic_template=$(python3.4 -B $LIB/python/apex-python-utils.py nic-template -t $CONFIG/nics-controller.yaml.jinja2 -n "$enabled_network_list" -e $ext_net_type -af $ip_addr_family); then + if ! controller_nic_template=$(python3.4 -B $LIB/python/apex-python-utils.py nic-template -r controller -s $NETSETS -i $net_isolation_enabled -t $CONFIG/nics-template.yaml.jinja2 -n "$enabled_network_list" -e $ext_net_type -af $ip_addr_family); then echo -e "${red}ERROR: Failed to generate controller NIC heat template ${reset}" exit 1 fi - if ! compute_nic_template=$(python3.4 -B $LIB/python/apex-python-utils.py nic-template -t $CONFIG/nics-compute.yaml.jinja2 -n "$enabled_network_list" -e $ext_net_type -af $ip_addr_family -d "$ovs_dpdk_bridge"); then + if ! compute_nic_template=$(python3.4 -B $LIB/python/apex-python-utils.py nic-template -r compute -s $NETSETS -i $net_isolation_enabled -t $CONFIG/nics-template.yaml.jinja2 -n "$enabled_network_list" -e $ext_net_type -af $ip_addr_family -d "$ovs_dpdk_bridge"); then echo -e "${red}ERROR: Failed to generate compute NIC heat template ${reset}" exit 1 fi @@ -773,6 +772,30 @@ sudo sed -i '/#workers\s=/c\workers = 2' /etc/heat/heat.conf sudo systemctl restart openstack-heat-engine sudo systemctl restart openstack-heat-api EOI + +# configure external network + ssh -T ${SSH_OPTIONS[@]} "root@$UNDERCLOUD" << EOI +if [[ "$public_network_vlan" != "native" ]]; then + cat < /etc/sysconfig/network-scripts/ifcfg-vlan${public_network_vlan} +DEVICE=vlan${public_network_vlan} +ONBOOT=yes +DEVICETYPE=ovs +TYPE=OVSIntPort +BOOTPROTO=static +IPADDR=${public_network_provisioner_ip} +PREFIX=${public_network_cidr##*/} +OVS_BRIDGE=br-ctlplane +OVS_OPTIONS="tag=${public_network_vlan}" +EOF + ifup vlan${public_network_vlan} +else + if ! ip a s eth2 | grep ${public_network_provisioner_ip} > /dev/null; then + ip a a ${public_network_provisioner_ip}/${public_network_cidr##*/} dev eth2 + ip link set up dev eth2 + fi +fi +EOI + # WORKAROUND: must restart the above services to fix sync problem with nova compute manager # TODO: revisit and file a bug if necessary. This should eventually be removed # as well as glance api problem diff --git a/config/network/network_settings.yaml b/config/network/network_settings.yaml index 5614c64d..793c10db 100644 --- a/config/network/network_settings.yaml +++ b/config/network/network_settings.yaml @@ -34,7 +34,6 @@ admin_network: network_type: bridged bridged_interface: '' bond_interfaces: '' - vlan: native usable_ip_range: 192.0.2.11,192.0.2.99 gateway: 192.0.2.1 provisioner_ip: 192.0.2.1 @@ -49,6 +48,7 @@ admin_network: # private_network: enabled: true + vlan: native cidr: 11.0.0.0/24 # "public" network is used for external connectivity. @@ -62,6 +62,7 @@ public_network: enabled: true network_type: '' bridged_interface: '' + vlan: native cidr: 192.168.37.0/24 gateway: 192.168.37.1 floating_ip_range: 192.168.37.200,192.168.37.220 @@ -74,6 +75,7 @@ public_network: # storage_network: enabled: true + vlan: native cidr: 12.0.0.0/24 #admin_network: diff --git a/config/network/network_settings_vlans.yaml b/config/network/network_settings_vlans.yaml new file mode 100644 index 00000000..40d6183e --- /dev/null +++ b/config/network/network_settings_vlans.yaml @@ -0,0 +1,102 @@ +# This configuration file defines Network Environment for a +# Baremetal Deployment of OPNFV. It contains default values +# for 4 following networks: +# +# - admin +# - private* +# - public +# - storage* +# +# *) optional networks +# +# Any values missing from this configuration file will be +# auto-detected by deployment script from the existing network +# configuration of the jumphost. +# +# Optional networks will be consolidated with the admin network +# if not explicitely configured. +# +# See short description of the networks in the comments below. +# + +# "admin" is the short name for Control Plane Network. +# During OPNFV deployment it is used for node provisioning so +# PXE boot should be enabled for the related interfaces on all +# the nodes in the OPNFV cluster. After the deployment this +# network is used as the OpenStack management network which +# carries e.g. communication between its internal components. +# +admin_network: + enabled: true + network_type: bridged + bridged_interface: '' + bond_interfaces: '' + usable_ip_range: 192.0.2.11,192.0.2.99 + gateway: 192.0.2.1 + provisioner_ip: 192.0.2.1 + cidr: 192.0.2.0/24 + dhcp_range: 192.0.2.2,192.0.2.10 + introspection_range: 192.0.2.100,192.0.2.120 + +# "private" is an optional network used as underlying physical +# network for virtual provider and tenant networks created by +# users. Traffic between virtual machines is carried by this +# network. +# +private_network: + enabled: true + vlan: 400 + cidr: 11.0.0.0/24 + +# "public" network is used for external connectivity. +# The external network provides Internet access for virtual +# machines. If floating IP range is defined for this network, +# floating IP addresses can be used for accessing virtual +# machines from outside of OPNFV cluster. Also external REST +# API calls use this network. +# +public_network: + enabled: true + network_type: '' + bridged_interface: '' + vlan: 500 + cidr: 192.168.37.0/24 + gateway: 192.168.37.1 + floating_ip_range: 192.168.37.200,192.168.37.220 + usable_ip_range: 192.168.37.10,192.168.37.199 + provisioner_ip: 192.168.37.1 + +# "storage" is an optional network used by storage backends. +# You can configure this network in order to reduce load on +# Control Plane Network. +# +storage_network: + enabled: true + vlan: 200 + cidr: 12.0.0.0/24 + +#admin_network: +# enabled: true +# network_type: bridged #Indicates if this network will be bridged to an interface, or to a bond +# bridged_interface: '' #Interface to bridge to for installer VM +# bond_interfaces: '' #Interfaces to create bond with for installer VM +# vlan: native #VLAN tag to use, native means none +# usable_ip_range: 192.0.2.11,192.0.2.99 #Usable ip range, if empty entire range is usable, ex. 192.168.1.10,192.168.1.20 +# gateway: 192.0.2.1 #Gateway (only needed when public_network is disabled), if empty it is auto-detected +# provisioner_ip: 192.0.2.1 #installer VM IP, if empty it is the next available IP in the admin subnet +# cidr: 192.0.2.0/24 #subnet in CIDR format 192.168.1.0/24, if empty it will be auto-detected +# dhcp_range: 192.0.2.2,192.0.2.10 #dhcp range for the admin network, if empty it will be automatically provisioned +# introspection_range: 192.0.2.100,192.0.2.120 #Range used for introspection phase (examining nodes) +#private_network: +# enabled: false #If disabled, internal api traffic will collapse to admin_network +#public_network: +# enabled: true #If disabled, public_network traffic will collapse to admin network +# network_type: '' +# bridged_interface: '' +# cidr: 192.168.37.0/24 +# gateway: 192.168.37.1 +# floating_ip_range: 192.168.37.200,192.168.37.220 #Range to allocate to floating IPs for the public network with Neutron +# usable_ip_range: 192.168.37.10,192.168.37.199 #Usable IP range on the public network, usually this is a shared subnet +# provisioner_ip: 192.168.37.1 +#storage_network: +# enabled: false #If disabled, storage_network traffic will collapse to admin network diff --git a/lib/python/apex-python-utils.py b/lib/python/apex-python-utils.py index c9dcaa55..01e6b03b 100755 --- a/lib/python/apex-python-utils.py +++ b/lib/python/apex-python-utils.py @@ -9,11 +9,21 @@ import argparse import sys -import apex import logging import os import yaml -from jinja2 import Environment, FileSystemLoader + +from copy import copy + +from jinja2 import Environment +from jinja2 import FileSystemLoader + +from apex import NetworkSettings +from apex import NetworkEnvironment +from apex import DeploySettings +from apex import ip_utils +from apex.common.constants import OPNFV_NETWORK_TYPES +from apex.common.constants import ADMIN_NETWORK def parse_net_settings(args): @@ -27,9 +37,9 @@ def parse_net_settings(args): - network_isolation: bool enable or disable network_isolation """ - settings = apex.NetworkSettings(args.net_settings_file, - args.network_isolation) - net_env = apex.NetworkEnvironment(settings, args.net_env_file) + settings = NetworkSettings(args.net_settings_file, + args.network_isolation) + net_env = NetworkEnvironment(settings, args.net_env_file) dump_yaml(net_env.get_netenv_settings(), '/tmp/network-environment.yaml') settings.dump_bash() @@ -46,7 +56,7 @@ def dump_yaml(data, file): def parse_deploy_settings(args): - settings = apex.DeploySettings(args.file) + settings = DeploySettings(args.file) settings.dump_bash() @@ -60,8 +70,8 @@ def find_ip(args): - address_family: int 4 or 6, respective to ipv4 or ipv6 """ - interface = apex.ip_utils.get_interface(args.interface, - args.address_family) + interface = ip_utils.get_interface(args.interface, + args.address_family) if interface: print(interface.ip) @@ -84,12 +94,24 @@ def build_nic_template(args): """ template_dir, template = args.template.rsplit('/', 1) + settings = NetworkSettings(args.net_settings_file, + args.network_isolation).settings_obj env = Environment(loader=FileSystemLoader(template_dir)) template = env.get_template(template) - print(template.render(enabled_networks=args.enabled_networks, - external_net_type=args.ext_net_type, - external_net_af=args.address_family, - ovs_dpdk_bridge=args.ovs_dpdk_bridge)) + + # gather vlan values into a dict + net_list = copy(args.enabled_networks).split(' ') + net_list.remove(ADMIN_NETWORK) + vlans_vals = map(lambda x: settings[x]['vlan'], net_list) + vlans = dict(zip(net_list, vlans_vals)) + + print(template.render( + enabled_networks=args.enabled_networks, + role=args.role, + vlans=vlans, + external_net_type=args.ext_net_type, + external_net_af=args.address_family, + ovs_dpdk_bridge=args.ovs_dpdk_bridge)) def parse_args(): @@ -126,9 +148,19 @@ def parse_args(): nic_template = subparsers.add_parser('nic-template', help='Build NIC templates') + nic_template.add_argument('-r', '--role', required=True, + choices=['controller', 'compute'], + help='Role template generated for') nic_template.add_argument('-t', '--template', required=True, dest='template', help='Template file to process') + nic_template.add_argument('-s', '--net-settings-file', + default='network-settings.yaml', + dest='net_settings_file', + help='path to network settings file') + nic_template.add_argument('-i', '--network-isolation', type=bool, + default=True, dest='network_isolation', + help='network isolation') nic_template.add_argument('-n', '--enabled-networks', required=True, dest='enabled_networks', help='enabled network list') diff --git a/lib/python/apex/network_environment.py b/lib/python/apex/network_environment.py index c6483d12..fd6f5286 100644 --- a/lib/python/apex/network_environment.py +++ b/lib/python/apex/network_environment.py @@ -69,6 +69,7 @@ class NetworkEnvironment: break if not tht_dir: raise NetworkEnvException('Unable to parse THT Directory') + admin_cidr = net_settings[constants.ADMIN_NETWORK]['cidr'] admin_prefix = str(admin_cidr.prefixlen) self.netenv_obj[param_def]['ControlPlaneSubnetCidr'] = admin_prefix @@ -76,6 +77,9 @@ class NetworkEnvironment: net_settings[constants.ADMIN_NETWORK]['provisioner_ip'] public_cidr = net_settings[constants.PUBLIC_NETWORK]['cidr'] self.netenv_obj[param_def]['ExternalNetCidr'] = str(public_cidr) + if net_settings[constants.PUBLIC_NETWORK]['vlan'] != 'native': + self.netenv_obj[param_def]['ExternalNetworkVlanID'] = \ + net_settings[constants.PUBLIC_NETWORK]['vlan'] public_range = net_settings[constants.PUBLIC_NETWORK][ 'usable_ip_range'].split(',') self.netenv_obj[param_def]['ExternalAllocationPools'] = \ @@ -114,6 +118,9 @@ class NetworkEnvironment: postfix = '/tenant_v6.yaml' else: postfix = '/tenant.yaml' + if net_settings[constants.PRIVATE_NETWORK]['vlan'] != 'native': + self.netenv_obj[param_def]['TenantNetworkVlanID'] = \ + net_settings[constants.PRIVATE_NETWORK]['vlan'] else: postfix = '/noop.yaml' @@ -137,6 +144,9 @@ class NetworkEnvironment: postfix = '/storage_v6.yaml' else: postfix = '/storage.yaml' + if net_settings[constants.STORAGE_NETWORK]['vlan'] != 'native': + self.netenv_obj[param_def]['StorageNetworkVlanID'] = \ + net_settings[constants.STORAGE_NETWORK]['vlan'] else: postfix = '/noop.yaml' @@ -160,8 +170,9 @@ class NetworkEnvironment: postfix = '/internal_api_v6.yaml' else: postfix = '/internal_api.yaml' - - + if net_settings[constants.API_NETWORK]['vlan'] != 'native': + self.netenv_obj[param_def]['InternalApiNetworkVlanID'] = \ + net_settings[constants.API_NETWORK]['vlan'] else: postfix = '/noop.yaml' diff --git a/lib/python/apex/network_settings.py b/lib/python/apex/network_settings.py index 9df8a1de..475082df 100644 --- a/lib/python/apex/network_settings.py +++ b/lib/python/apex/network_settings.py @@ -84,6 +84,11 @@ class NetworkSettings: given NIC in the system. The resulting config in settings object will be an ipaddress.network object, replacing the NIC name. """ + # if vlan not defined then default it to native + if network is not constants.ADMIN_NETWORK: + if 'vlan' not in self.settings_obj[network]: + self.settings_obj[network]['vlan'] = 'native' + cidr = self.settings_obj[network].get('cidr') nic_name = self.settings_obj[network].get('bridged_interface') -- cgit 1.2.3-korg