From 3bc3a8828c3ceefedd08e1767ae6e3bf2df9ac22 Mon Sep 17 00:00:00 2001 From: Harry Huang Date: Wed, 23 Aug 2017 15:05:02 +0800 Subject: Support multiple physnet mapping JIRA: COMPASS-559 1. support multiple mapping in provider_net_mappings of network.yml and create corresponding ovs bridges 2. support seperate config in sys_intf_mappings of network.yml 3. remove linux bridges in compute nodes for ovs port binding convenience 4. support openstack vlan tenant network 5. modify odl and odl_sfc roles to use configurable provider mapping 6. remove some hard coding Change-Id: Ib57484ce60d029f89c647fd5baf2c7af37c85d0b Signed-off-by: Harry Huang --- .../ansible/openstack/HA-ansible-multinodes.yml | 42 ++++++++++++- .../roles/config-compute/templates/compute.j2 | 24 ++++---- .../config-controller/templates/controller.j2 | 24 ++++---- .../ansible/roles/config-osa/files/fetch-files.yml | 28 --------- .../config-osa/files/os-flavor/tasks/main.yml | 17 ----- .../roles/config-osa/files/os-flavor/vars/main.yml | 45 -------------- .../ansible/roles/config-osa/files/setup-ovs.yml | 64 ------------------- .../ansible/roles/config-osa/tasks/main.yml | 25 -------- .../config-osa/templates/create-flavor.yml.j2 | 15 ----- .../config-osa/templates/create-network.yml.j2 | 41 ------------ .../templates/openstack_user_config.yml.j2 | 58 +++++++++-------- .../config-osa/templates/user_variables.yml.j2 | 18 ++++-- .../ansible/roles/post-openstack/tasks/main.yml | 72 ++++++++++++++-------- .../ansible/roles/post-osa/handlers/main.yml | 11 ++++ .../adapters/ansible/roles/post-osa/tasks/main.yml | 12 ++++ .../ansible/roles/post-osa/templates/compute.j2 | 62 +++++++++++++++++++ .../ansible/roles/process-openrc/tasks/main.yml | 26 ++++++++ .../roles/setup-openvswitch/handlers/main.yml | 12 ++++ .../roles/setup-openvswitch/tasks/compute.yml | 65 +++++++++++++++++++ .../roles/setup-openvswitch/tasks/controller.yml | 49 +++++++++++++++ .../ansible/roles/setup-openvswitch/tasks/main.yml | 22 ++++--- .../ansible/roles/setup-openvswitch/vars/main.yml | 12 ++++ 22 files changed, 417 insertions(+), 327 deletions(-) delete mode 100644 deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml delete mode 100644 deploy/adapters/ansible/roles/config-osa/files/os-flavor/tasks/main.yml delete mode 100644 deploy/adapters/ansible/roles/config-osa/files/os-flavor/vars/main.yml delete mode 100644 deploy/adapters/ansible/roles/config-osa/files/setup-ovs.yml delete mode 100644 deploy/adapters/ansible/roles/config-osa/templates/create-flavor.yml.j2 delete mode 100644 deploy/adapters/ansible/roles/config-osa/templates/create-network.yml.j2 create mode 100755 deploy/adapters/ansible/roles/post-osa/handlers/main.yml create mode 100644 deploy/adapters/ansible/roles/post-osa/tasks/main.yml create mode 100755 deploy/adapters/ansible/roles/post-osa/templates/compute.j2 create mode 100644 deploy/adapters/ansible/roles/process-openrc/tasks/main.yml create mode 100644 deploy/adapters/ansible/roles/setup-openvswitch/handlers/main.yml create mode 100644 deploy/adapters/ansible/roles/setup-openvswitch/tasks/compute.yml create mode 100644 deploy/adapters/ansible/roles/setup-openvswitch/tasks/controller.yml create mode 100644 deploy/adapters/ansible/roles/setup-openvswitch/vars/main.yml (limited to 'deploy/adapters') diff --git a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml index f253afcc..741c5bf1 100644 --- a/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml +++ b/deploy/adapters/ansible/openstack/HA-ansible-multinodes.yml @@ -1,11 +1,11 @@ -# ############################################################################# +############################################################################## # Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. # # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 -# ############################################################################# +############################################################################## --- - hosts: all remote_user: root @@ -38,11 +38,47 @@ - setup-infrastructure - setup-openstack - sync-inventory + +- hosts: compute + remote_user: root + roles: + - post-osa + +- hosts: neutron_openvswitch_agent + remote_user: root + roles: - setup-openvswitch + +- hosts: localhost + remote_user: root + roles: - setup-sfc - - setup-opendaylight + tags: + - sfc + +- hosts: + - localhost + - neutron_all + - galera_container + - network_hosts + - repo_container + - utility + remote_user: root + roles: + - setup-odl + tags: + - odl + +- hosts: utility_all[0] + remote_user: root + roles: - post-openstack +- hosts: localhost + remote_user: root + roles: + - process-openrc + - hosts: moon remote_user: root roles: diff --git a/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 b/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 index c53708ec..b23550f9 100644 --- a/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 +++ b/deploy/adapters/ansible/roles/config-compute/templates/compute.j2 @@ -10,35 +10,35 @@ auto eth0 iface eth0 inet manual # external interface -{% set intf_external = sys_intf_mappings["external"]["interface"] %} -{% if sys_intf_mappings["external"]["vlan_tag"] != "None" %} -{% set intf_external = intf_external + '.' + sys_intf_mappings["external"]["vlan_tag"]|string %} +{% set intf_external = compu_sys_mappings["external"]["interface"] %} +{% if compu_sys_mappings["external"]["vlan_tag"] | int %} +{% set intf_external = intf_external + '.' + compu_sys_mappings["external"]["vlan_tag"]|string %} {% endif %} auto {{ intf_external }} iface {{ intf_external }} inet manual -{% if sys_intf_mappings["external"]["vlan_tag"] != "None" %} +{% if compu_sys_mappings["external"]["vlan_tag"] | int %} vlan-raw-device {{ intf_external }} {% endif %} # tenant interface -{% set intf_tenant = sys_intf_mappings["tenant"]["interface"] %} -{% if sys_intf_mappings["tenant"]["interface"] != "None" %} -{% set intf_tenant = intf_tenant + '.' + sys_intf_mappings["tenant"]["vlan_tag"]|string %} +{% set intf_tenant = compu_sys_mappings["tenant"]["interface"] %} +{% if compu_sys_mappings["tenant"]["vlan_tag"] | int %} +{% set intf_tenant = intf_tenant + '.' + compu_sys_mappings["tenant"]["vlan_tag"]|string %} {% endif %} auto {{ intf_tenant }} iface {{ intf_tenant }} inet manual -{% if sys_intf_mappings["tenant"]["interface"] != "None" %} +{% if compu_sys_mappings["tenant"]["vlan_tag"] | int %} vlan-raw-device {{ intf_tenant }} {% endif %} # storage interface -{% set intf_storage = sys_intf_mappings["storage"]["interface"] %} -{% if sys_intf_mappings["storage"]["interface"] != "None" %} -{% set intf_storage = intf_storage + '.' + sys_intf_mappings["storage"]["vlan_tag"]|string %} +{% set intf_storage = compu_sys_mappings["storage"]["interface"] %} +{% if compu_sys_mappings["storage"]["vlan_tag"] | int %} +{% set intf_storage = intf_storage + '.' + compu_sys_mappings["storage"]["vlan_tag"]|string %} {% endif %} auto {{ intf_storage }} iface {{ intf_storage }} inet manual -{% if sys_intf_mappings["storage"]["interface"] != "None" %} +{% if compu_sys_mappings["storage"]["vlan_tag"] | int %} vlan-raw-device {{ intf_storage }} {% endif %} diff --git a/deploy/adapters/ansible/roles/config-controller/templates/controller.j2 b/deploy/adapters/ansible/roles/config-controller/templates/controller.j2 index 2aeb9a04..4e444eca 100755 --- a/deploy/adapters/ansible/roles/config-controller/templates/controller.j2 +++ b/deploy/adapters/ansible/roles/config-controller/templates/controller.j2 @@ -10,35 +10,35 @@ auto eth0 iface eth0 inet manual # external interface -{% set intf_external = sys_intf_mappings["external"]["interface"] %} -{% if sys_intf_mappings["external"]["vlan_tag"] != "None" %} -{% set intf_external = intf_external + '.' + sys_intf_mappings["external"]["vlan_tag"]|string %} +{% set intf_external = contr_sys_mappings["external"]["interface"] %} +{% if contr_sys_mappings["external"]["vlan_tag"] | int %} +{% set intf_external = intf_external + '.' + contr_sys_mappings["external"]["vlan_tag"]|string %} {% endif %} auto {{ intf_external }} iface {{ intf_external }} inet manual -{% if sys_intf_mappings["external"]["vlan_tag"] != "None" %} +{% if contr_sys_mappings["external"]["vlan_tag"] | int %} vlan-raw-device {{ intf_external }} {% endif %} # tenant interface -{% set intf_tenant = sys_intf_mappings["tenant"]["interface"] %} -{% if sys_intf_mappings["tenant"]["interface"] != "None" %} -{% set intf_tenant = intf_tenant + '.' + sys_intf_mappings["tenant"]["vlan_tag"]|string %} +{% set intf_tenant = contr_sys_mappings["tenant"]["interface"] %} +{% if contr_sys_mappings["tenant"]["vlan_tag"] | int %} +{% set intf_tenant = intf_tenant + '.' + contr_sys_mappings["tenant"]["vlan_tag"]|string %} {% endif %} auto {{ intf_tenant }} iface {{ intf_tenant }} inet manual -{% if sys_intf_mappings["tenant"]["interface"] != "None" %} +{% if contr_sys_mappings["tenant"]["vlan_tag"] | int %} vlan-raw-device {{ intf_tenant }} {% endif %} # storage interface -{% set intf_storage = sys_intf_mappings["storage"]["interface"] %} -{% if sys_intf_mappings["storage"]["interface"] != "None" %} -{% set intf_storage = intf_storage + '.' + sys_intf_mappings["storage"]["vlan_tag"]|string %} +{% set intf_storage = contr_sys_mappings["storage"]["interface"] %} +{% if contr_sys_mappings["storage"]["vlan_tag"] | int %} +{% set intf_storage = intf_storage + '.' + contr_sys_mappings["storage"]["vlan_tag"]|string %} {% endif %} auto {{ intf_storage }} iface {{ intf_storage }} inet manual -{% if sys_intf_mappings["storage"]["interface"] != "None" %} +{% if contr_sys_mappings["storage"]["vlan_tag"] | int %} vlan-raw-device {{ intf_storage }} {% endif %} diff --git a/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml b/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml deleted file mode 100644 index 346ef2fd..00000000 --- a/deploy/adapters/ansible/roles/config-osa/files/fetch-files.yml +++ /dev/null @@ -1,28 +0,0 @@ -# ############################################################################# -# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -# ############################################################################# ---- -- name: Fetch openrc - hosts: utility_all[0] - max_fail_percentage: 20 - user: root - tasks: - - fetch: - src: /root/openrc - dest: /opt/openrc - flat: "yes" - -- name: Fetch haproxy.cert - hosts: haproxy_hosts[0] - max_fail_percentage: 20 - user: root - tasks: - - fetch: - src: /etc/ssl/certs/haproxy.cert - dest: /opt/os_cacert - flat: "yes" diff --git a/deploy/adapters/ansible/roles/config-osa/files/os-flavor/tasks/main.yml b/deploy/adapters/ansible/roles/config-osa/files/os-flavor/tasks/main.yml deleted file mode 100644 index 03b57120..00000000 --- a/deploy/adapters/ansible/roles/config-osa/files/os-flavor/tasks/main.yml +++ /dev/null @@ -1,17 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- - -- name: create openstack flavors - shell: | - . /root/openrc; - openstack flavor create {{ item.name }} \ - --id {{ item.id }} --ram {{ item.ram }} \ - --disk {{ item.disk }} --vcpus {{ item.vcpus }} || true - with_items: "{{ flavors }}" diff --git a/deploy/adapters/ansible/roles/config-osa/files/os-flavor/vars/main.yml b/deploy/adapters/ansible/roles/config-osa/files/os-flavor/vars/main.yml deleted file mode 100644 index d9c36d42..00000000 --- a/deploy/adapters/ansible/roles/config-osa/files/os-flavor/vars/main.yml +++ /dev/null @@ -1,45 +0,0 @@ -############################################################################## -# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -flavors: - - id: 0 - name: m1.nano - vcpus: 1 - ram: 64 - disk: 1 - - - id: 1 - name: m1.tiny - vcpus: 1 - ram: 512 - disk: 1 - - - id: 2 - name: m1.small - vcpus: 1 - ram: 2048 - disk: 20 - - - id: 3 - name: m1.medium - vcpus: 2 - ram: 4096 - disk: 40 - - - id: 4 - name: m1.large - vcpus: 4 - ram: 8192 - disk: 80 - - - id: 5 - name: m1.xlarge - vcpus: 8 - ram: 16384 - disk: 160 diff --git a/deploy/adapters/ansible/roles/config-osa/files/setup-ovs.yml b/deploy/adapters/ansible/roles/config-osa/files/setup-ovs.yml deleted file mode 100644 index ed631036..00000000 --- a/deploy/adapters/ansible/roles/config-osa/files/setup-ovs.yml +++ /dev/null @@ -1,64 +0,0 @@ -# ############################################################################# -# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -# ############################################################################# ---- -- name: Installation and setup of Neutron - hosts: neutron_openvswitch_agent - gather_facts: "{{ gather_facts | default(True) }}" - max_fail_percentage: 20 - user: root - tasks: - - name: stop neutron-openvswitch-agent - service: - name: neutron-openvswitch-agent - state: stopped - - # yamllint disable rule:line-length - - name: change the openvswitch_agent.ini - lineinfile: - dest: /etc/neutron/plugins/ml2/openvswitch_agent.ini - insertafter: '^bridge_mappings' - line: "local_ip = {{ hostvars[inventory_hostname]['container_networks']['tunnel_address']['address'] }}" - when: - - inventory_hostname not in groups['nova_compute'] - - - name: change the openvswitch_agent.ini - lineinfile: - dest: /etc/neutron/plugins/ml2/openvswitch_agent.ini - state: absent - regexp: '^bridge_mappings' - notify: - - Restart neutron-openvswitch-agent - when: - - inventory_hostname in groups['nova_compute'] - # yamllint enable rule:line-length - - - name: Setup br-provider - openvswitch_bridge: - bridge: br-provider - state: present - notify: - - Restart neutron-openvswitch-agent - when: - - inventory_hostname not in groups['nova_compute'] - - - name: Add port to br-provider - openvswitch_port: - bridge: br-provider - port: "eth12" - state: present - notify: - - Restart neutron-openvswitch-agent - when: - - inventory_hostname not in groups['nova_compute'] - - handlers: - - name: Restart neutron-openvswitch-agent - service: - name: neutron-openvswitch-agent - state: restarted diff --git a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml index 2cb79a94..139b426f 100755 --- a/deploy/adapters/ansible/roles/config-osa/tasks/main.yml +++ b/deploy/adapters/ansible/roles/config-osa/tasks/main.yml @@ -224,31 +224,6 @@ src: ansible.cfg dest: /opt/openstack-ansible/playbooks/ -- name: copy setup-ovs.yml - copy: - src: setup-ovs.yml - dest: /opt/openstack-ansible/playbooks - -- name: copy flavor roles - copy: - src: os-flavor - dest: /etc/ansible/roles/ - -- name: generate create-network.yml - template: - src: create-network.yml.j2 - dest: /opt/openstack-ansible/playbooks/create-network.yml - -- name: generate create-flavor.yml - template: - src: create-flavor.yml.j2 - dest: /opt/openstack-ansible/playbooks/create-flavor.yml - -- name: copy fetch-files.yml - copy: - src: fetch-files.yml - dest: /opt/openstack-ansible/playbooks/fetch-files.yml - - name: copy user_ceph.yml copy: src: user_ceph.yml diff --git a/deploy/adapters/ansible/roles/config-osa/templates/create-flavor.yml.j2 b/deploy/adapters/ansible/roles/config-osa/templates/create-flavor.yml.j2 deleted file mode 100644 index b33cd414..00000000 --- a/deploy/adapters/ansible/roles/config-osa/templates/create-flavor.yml.j2 +++ /dev/null @@ -1,15 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: Create flavor - hosts: utility_container[0] - max_fail_percentage: 20 - user: root - roles: - - os-flavor diff --git a/deploy/adapters/ansible/roles/config-osa/templates/create-network.yml.j2 b/deploy/adapters/ansible/roles/config-osa/templates/create-network.yml.j2 deleted file mode 100644 index 301bf9da..00000000 --- a/deploy/adapters/ansible/roles/config-osa/templates/create-network.yml.j2 +++ /dev/null @@ -1,41 +0,0 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. -# -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## ---- -- name: Create external network - hosts: utility_container[0] - max_fail_percentage: 20 - user: root - tasks: - - name: create external net - shell: | - . /root/openrc; - openstack network create --external \ - --provider-physical-network {{ public_net_info.provider_network }} \ - --provider-network-type {{ public_net_info.type }} {{ public_net_info.network }}; - when: {{ public_net_info.enable }} == True - and "{{ public_net_info.type }}" == "flat" - - - name: create external net - shell: | - . /root/openrc; - openstack network create --external \ - --network-segment {{ public_net_info.segment_id }} \ - --provider-network-type {{ public_net_info.type }} {{ public_net_info.network }}; - when: {{public_net_info.enable}} == True - and "{{ public_net_info.type }}" != "flat" - - - name: create external subnet - shell: | - . /root/openrc; - openstack subnet create --network "{{ public_net_info.network }}" \ - --allocation-pool \ - start={{ public_net_info.floating_ip_start }},end={{ public_net_info.floating_ip_end }} \ - --gateway "{{ public_net_info.external_gw }}" \ - --subnet-range "{{ public_net_info.floating_ip_cidr }}" \ - "{{ public_net_info.subnet }}" diff --git a/deploy/adapters/ansible/roles/config-osa/templates/openstack_user_config.yml.j2 b/deploy/adapters/ansible/roles/config-osa/templates/openstack_user_config.yml.j2 index d69674f2..cadf5308 100644 --- a/deploy/adapters/ansible/roles/config-osa/templates/openstack_user_config.yml.j2 +++ b/deploy/adapters/ansible/roles/config-osa/templates/openstack_user_config.yml.j2 @@ -15,7 +15,23 @@ used_ips: {% endif %} {% endfor %} - "{{ internal_vip.ip }}" + - "{{ public_vip.ip }}" +{% if "linuxbridge" == NEUTRON_MECHANISM_DRIVERS[0] %} +{% set neutron_agent = "neutron_linuxbridge_agent" %} +{% else %} +{% set neutron_agent = "neutron_openvswitch_agent" %} +{% endif %} +{% set provider_net_mappings = network_cfg["provider_net_mappings"] %} +{% set public_net_info = network_cfg["public_net_info"] %} +{% set ext_physnet = public_net_info["provider_network"] %} +{% set ext_type = public_net_info["type"] %} +{% set ext_intf = [] %} +{% for item in provider_net_mappings %} +{% if item["network"] == ext_physnet %} +{% set _ = ext_intf.append(item["interface"]) %} +{% endif %} +{% endfor %} global_overrides: internal_lb_vip_address: {{ internal_vip.ip }} external_lb_vip_address: {{ public_vip.ip }} @@ -33,46 +49,40 @@ global_overrides: - hosts is_container_address: true is_ssh_address: true +{% if tenant_net_info["type"] == "vxlan" %} - network: container_bridge: "br-tenant" container_type: "veth" - container_interface: "eth10" + container_interface: "eth2" ip_from_q: "tunnel" type: "vxlan" - range: "1:1000" + range: "{{ tenant_net_info["range"] }}" net_name: "vxlan" group_binds: -{% if "linuxbridge" == NEUTRON_MECHANISM_DRIVERS[0] %} - - neutron_linuxbridge_agent -{% else %} - - neutron_openvswitch_agent + - {{ neutron_agent }} {% endif %} - network: container_bridge: "br-external" container_type: "veth" - container_interface: "eth12" - host_bind_override: "eth12" - type: "flat" - net_name: "{{ public_net_info.provider_network }}" + container_interface: "{{ ext_intf[0] }}" + host_bind_override: "{{ ext_intf[0] }}" + type: "{{ ext_type }}" + net_name: "{{ ext_physnet }}" group_binds: -{% if "linuxbridge" == NEUTRON_MECHANISM_DRIVERS[0] %} - - neutron_linuxbridge_agent -{% else %} - - neutron_openvswitch_agent -{% endif %} + - {{ neutron_agent }} +{% for item in provider_net_mappings %} +{% if item["network"] != ext_physnet and "controller" in item["role"] %} - network: - container_bridge: "br-external" + container_bridge: "br-tenant" container_type: "veth" - container_interface: "eth11" - type: "vlan" - range: "1:1" - net_name: "vlan" + container_interface: "{{ item["interface"] }}" + host_bind_override: "{{ item["interface"] }}" + type: "flat" + net_name: "{{ item["network"] }}" group_binds: -{% if "linuxbridge" == NEUTRON_MECHANISM_DRIVERS[0] %} - - neutron_linuxbridge_agent -{% else %} - - neutron_openvswitch_agent + - {{ neutron_agent }} {% endif %} +{% endfor %} - network: container_bridge: "br-storage" container_type: "veth" diff --git a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 index a6cefd71..e43aa22c 100644 --- a/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 +++ b/deploy/adapters/ansible/roles/config-osa/templates/user_variables.yml.j2 @@ -41,11 +41,21 @@ openstack_host_specific_kernel_modules: neutron_plugin_type: ml2.ovs -neutron_ml2_drivers_type: "local,flat,vlan,vxlan" +neutron_ml2_drivers_type: "local,flat,{{ tenant_net_info['type'] }}" neutron_provider_networks: network_flat_networks: "*" - network_types: "vxlan" - network_vxlan_ranges: "1:1000" - network_mappings: "physnet:br-provider" + network_types: "{{ tenant_net_info['type'] }}" +{% if tenant_net_info["type"] == "vxlan" %} + network_vxlan_ranges: "{{ tenant_net_info['range'] }}" +{% endif %} +{% if tenant_net_info["type"] == "vlan" %} + network_vlan_ranges: "{{tenant_net_info['provider_network']}}:{{tenant_net_info['range']}}" +{% endif %} +{% set controller_mappings = [] %} +{% for key, value in contr_prv_mappings.iteritems() %} +{% set mapping = key + ":" + value["bridge"] %} +{% set _ = controller_mappings.append(mapping) %} +{% endfor %} + network_mappings: "{{ ','.join(controller_mappings) }}" {% endif %} diff --git a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml index 6a8299d6..4e2da1e0 100644 --- a/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml +++ b/deploy/adapters/ansible/roles/post-openstack/tasks/main.yml @@ -1,4 +1,4 @@ -############################################################################## +############################################################################# # Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. # # All rights reserved. This program and the accompanying materials @@ -7,35 +7,53 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## --- -- name: create network - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \ - cd /opt/openstack-ansible/playbooks; \ - openstack-ansible create-network.yml > /dev/null" +- name: create external net + shell: | + . /root/openrc; + openstack network create --external \ + --provider-physical-network {{ public_net_info.provider_network }} \ + --provider-network-type {{ public_net_info.type }} {{ public_net_info.network }}; + when: + - public_net_info.enable == "True" + - public_net_info.type == "flat" -- name: create flavor - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \ - cd /opt/openstack-ansible/playbooks; \ - openstack-ansible create-flavor.yml > /dev/null" +- name: create external net + shell: | + . /root/openrc; + openstack network create --external \ + --network-segment {{ public_net_info.segment_id }} \ + --provider-physical-network {{ public_net_info.provider_network }} \ + --provider-network-type {{ public_net_info.type }} {{ public_net_info.network }}; + when: + - public_net_info.enable == "True" + - public_net_info.type == "vlan" -- name: run ansible yml to fetch openrc - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \ - cd /opt/openstack-ansible/playbooks; \ - openstack-ansible fetch-files.yml > /dev/null" +- name: create external subnet + shell: | + . /root/openrc; + openstack subnet create --network "{{ public_net_info.network }}" \ + --allocation-pool \ + start={{ public_net_info.floating_ip_start }},end={{ public_net_info.floating_ip_end }} \ + --gateway "{{ public_net_info.external_gw }}" \ + --subnet-range "{{ public_net_info.floating_ip_cidr }}" \ + "{{ public_net_info.subnet }}" -- name: replace http with https in openrc - replace: - dest: /opt/openrc - regexp: "http://" - replace: "https://" +- name: create openstack flavors + shell: | + . /root/openrc; + openstack flavor create {{ item.name }} \ + --id {{ item.id }} --ram {{ item.ram }} \ + --disk {{ item.disk }} --vcpus {{ item.vcpus }} || true + with_items: "{{ flavors }}" -- name: replace internalURL with publicURL in openrc - replace: +- name: fetch openrc + fetch: + src: /root/openrc dest: /opt/openrc - regexp: "{{ internal_vip['ip'] }}" - replace: "{{ public_vip['ip'] }}" + flat: "yes" -- name: change the endpoint type - replace: - dest: /opt/openrc - regexp: "internalURL" - replace: "publicURL" +- name: fetch haproxy.cert + fetch: + src: /etc/ssl/certs/haproxy.cert + dest: /opt/os_cacert + flat: "yes" diff --git a/deploy/adapters/ansible/roles/post-osa/handlers/main.yml b/deploy/adapters/ansible/roles/post-osa/handlers/main.yml new file mode 100755 index 00000000..3d979e6a --- /dev/null +++ b/deploy/adapters/ansible/roles/post-osa/handlers/main.yml @@ -0,0 +1,11 @@ +############################################################################## +## Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +## All rights reserved. This program and the accompanying materials +## are made available under the terms of the Apache License, Version 2.0 +## which accompanies this distribution, and is available at +## http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: restart network service + shell: "/sbin/ifconfig eth0 0 &&/sbin/ifdown -a && \ + /sbin/ifup --ignore-errors -a" diff --git a/deploy/adapters/ansible/roles/post-osa/tasks/main.yml b/deploy/adapters/ansible/roles/post-osa/tasks/main.yml new file mode 100644 index 00000000..cf157d74 --- /dev/null +++ b/deploy/adapters/ansible/roles/post-osa/tasks/main.yml @@ -0,0 +1,12 @@ +--- +- name: remove bridge ubuntu + template: + src: compute.j2 + dest: /etc/network/interfaces + notify: + - restart network service + when: ansible_distribution == 'Ubuntu' + +# TODO +# - name: remove bridge centos +# when: ansible_distribution == 'CentOS' diff --git a/deploy/adapters/ansible/roles/post-osa/templates/compute.j2 b/deploy/adapters/ansible/roles/post-osa/templates/compute.j2 new file mode 100755 index 00000000..9e45fa90 --- /dev/null +++ b/deploy/adapters/ansible/roles/post-osa/templates/compute.j2 @@ -0,0 +1,62 @@ +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +# The loopback network interface +auto lo +iface lo inet loopback + +# Physical interface +auto eth0 +iface eth0 inet static + address {{ ip_settings[inventory_hostname]["mgmt"]["ip"] }} + netmask 255.255.255.0 + pre-up ifconfig br-mgmt down || true + pre-up brctl delbr br-mgmt || true + +# external interface +{% set intf_external = compu_sys_mappings["external"]["interface"] %} +{% if compu_sys_mappings["external"]["vlan_tag"] | int %} +{% set intf_external = intf_external + '.' + compu_sys_mappings["external"]["vlan_tag"]|string %} +{% endif %} +auto {{ intf_external }} +iface {{ intf_external }} inet static +{% if compu_sys_mappings["external"]["vlan_tag"] | int %} + vlan-raw-device {{ intf_external }} +{% endif %} + address {{ ip_settings[inventory_hostname]["external"]["ip"] }} + netmask 255.255.255.0 + gateway {{ ip_settings[inventory_hostname]["external"]["gw"] }} + pre-up ip link del br-vlan-veth || true + pre-up ifconfig br-external down || true + pre-up brctl delbr br-external || true + +# tenant interface +{% set intf_tenant = compu_sys_mappings["tenant"]["interface"] %} +{% if compu_sys_mappings["tenant"]["vlan_tag"] | int %} +{% set intf_tenant = intf_tenant + '.' + compu_sys_mappings["tenant"]["vlan_tag"]|string %} +{% endif %} +auto {{ intf_tenant }} +iface {{ intf_tenant }} inet static +{% if compu_sys_mappings["tenant"]["vlan_tag"] | int %} + vlan-raw-device {{ intf_tenant }} +{% endif %} + address {{ ip_settings[inventory_hostname]["tenant"]["ip"] }} + netmask 255.255.255.0 + pre-up ifconfig br-tenant down || true + pre-up brctl delbr br-tenant || true + +# storage interface +{% set intf_storage = compu_sys_mappings["storage"]["interface"] %} +{% if compu_sys_mappings["storage"]["vlan_tag"] | int %} +{% set intf_storage = intf_storage + '.' + compu_sys_mappings["storage"]["vlan_tag"]|string %} +{% endif %} +auto {{ intf_storage }} +iface {{ intf_storage }} inet static +{% if compu_sys_mappings["storage"]["vlan_tag"] | int %} + vlan-raw-device {{ intf_storage }} +{% endif %} + address {{ ip_settings[inventory_hostname]["storage"]["ip"] }} + netmask 255.255.255.0 + pre-up ifconfig br-storage down || true + pre-up brctl delbr br-storage || true + diff --git a/deploy/adapters/ansible/roles/process-openrc/tasks/main.yml b/deploy/adapters/ansible/roles/process-openrc/tasks/main.yml new file mode 100644 index 00000000..aed68b88 --- /dev/null +++ b/deploy/adapters/ansible/roles/process-openrc/tasks/main.yml @@ -0,0 +1,26 @@ +############################################################################## +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +- name: replace http with https in openrc + replace: + dest: /opt/openrc + regexp: "http://" + replace: "https://" + +- name: replace internalURL with publicURL in openrc + replace: + dest: /opt/openrc + regexp: "{{ internal_vip['ip'] }}" + replace: "{{ public_vip['ip'] }}" + +- name: change the endpoint type + replace: + dest: /opt/openrc + regexp: "internalURL" + replace: "publicURL" diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/handlers/main.yml b/deploy/adapters/ansible/roles/setup-openvswitch/handlers/main.yml new file mode 100644 index 00000000..fb7814b7 --- /dev/null +++ b/deploy/adapters/ansible/roles/setup-openvswitch/handlers/main.yml @@ -0,0 +1,12 @@ +############################################################################ +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################ +--- +- name: restart neutron-openvswitch-agent + service: + name: neutron-openvswitch-agent + state: restarted diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/compute.yml b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/compute.yml new file mode 100644 index 00000000..62edd34b --- /dev/null +++ b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/compute.yml @@ -0,0 +1,65 @@ +############################################################################# +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################# +--- +- name: stop neutron-openvswitch-agent + service: + name: neutron-openvswitch-agent + state: stopped + +- name: remove tunnel_types when vlan + lineinfile: + dest: /etc/neutron/plugins/ml2/openvswitch_agent.ini + state: absent + regexp: '^tunnel_types' + when: + - tenant_net_info["type"] == "vlan" + notify: + - restart neutron-openvswitch-agent + +- name: fix mapping in compute + shell: | + {% set compute_mappings = [] %} + {% for key, value in compu_prv_mappings.iteritems() %} + {% set mapping = key + ":" + value["bridge"] %} + {% set _ = compute_mappings.append(mapping) %} + {% endfor %} + {% if compute_mappings | length != 0 %} + sed -i "s/^\(bridge_mappings\).*/\1 = {{ ','.join(compute_mappings) }}/g" \ + /etc/neutron/plugins/ml2/openvswitch_agent.ini + {% else %} + sed -i "/bridge_mappings/d" /etc/neutron/plugins/ml2/openvswitch_agent.ini + {% endif %} + notify: + - restart neutron-openvswitch-agent + +- name: create compute bridges + openvswitch_bridge: + bridge: "{{ item['name'] }}" + state: present + with_items: + - "{{ provider_net_mappings }}" + when: + - compute in item["role"] + notify: + - restart neutron-openvswitch-agent + +- name: create compute bridge ports + openvswitch_port: + bridge: "{{ item['name'] }}" + port: "{{ item['interface'] }}" + state: present + with_items: + - "{{ provider_net_mappings }}" + when: + - compute in item["role"] + +- name: stop neutron-openvswitch-agent + service: + name: neutron-openvswitch-agent + state: started diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/controller.yml b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/controller.yml new file mode 100644 index 00000000..258a39e2 --- /dev/null +++ b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/controller.yml @@ -0,0 +1,49 @@ +############################################################################# +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################# +--- +- name: stop neutron-openvswitch-agent + service: + name: neutron-openvswitch-agent + state: stopped + +- name: remove tunnel_types when vlan + lineinfile: + dest: /etc/neutron/plugins/ml2/openvswitch_agent.ini + state: absent + regexp: '^tunnel_types' + when: + - tenant_net_info["type"] == "vlan" + notify: + - restart neutron-openvswitch-agent + +- name: create controller bridges + openvswitch_bridge: + bridge: "{{ item['name'] }}" + state: present + with_items: + - "{{ provider_net_mappings }}" + when: + - controller in item["role"] + notify: + - restart neutron-openvswitch-agent + +- name: create controller bridge ports + openvswitch_port: + bridge: "{{ item['name'] }}" + port: "{{ item['interface'] }}" + state: present + with_items: + - "{{ provider_net_mappings }}" + when: + - controller in item["role"] + +- name: stop neutron-openvswitch-agent + service: + name: neutron-openvswitch-agent + state: started diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/main.yml b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/main.yml index a424f974..87e508ca 100644 --- a/deploy/adapters/ansible/roles/setup-openvswitch/tasks/main.yml +++ b/deploy/adapters/ansible/roles/setup-openvswitch/tasks/main.yml @@ -1,16 +1,18 @@ -############################################################################## -# Copyright (c) 2016 HUAWEI TECHNOLOGIES CO.,LTD and others. +############################################################################# +# Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. # # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## +############################################################################# --- -- name: setup openvswitch - shell: "export ANSIBLE_LOG_PATH=/var/ansible/run/openstack_ocata-opnfv2/ansible.log; \ - cd /opt/openstack-ansible/playbooks; \ - openstack-ansible setup-ovs.yml \ - | tee -a /var/log/osa/ovs.log > /dev/null" - when: NEUTRON_MECHANISM_DRIVERS[0] == "openvswitch" or - NEUTRON_MECHANISM_DRIVERS[0] == "opendaylight" +- include: controller.yml + when: + - inventory_hostname not in groups['nova_compute'] + - NEUTRON_MECHANISM_DRIVERS[0] == "openvswitch" or "opendaylight" + +- include: compute.yml + when: + - inventory_hostname in groups['nova_compute'] + - NEUTRON_MECHANISM_DRIVERS[0] == "openvswitch" or "opendaylight" diff --git a/deploy/adapters/ansible/roles/setup-openvswitch/vars/main.yml b/deploy/adapters/ansible/roles/setup-openvswitch/vars/main.yml new file mode 100644 index 00000000..69ce5ee9 --- /dev/null +++ b/deploy/adapters/ansible/roles/setup-openvswitch/vars/main.yml @@ -0,0 +1,12 @@ +############################################################################## +## Copyright (c) 2017 HUAWEI TECHNOLOGIES CO.,LTD and others. +## +## All rights reserved. This program and the accompanying materials +## are made available under the terms of the Apache License, Version 2.0 +## which accompanies this distribution, and is available at +## http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +--- +controller: "controller" + +compute: "compute" -- cgit 1.2.3-korg