Configure access to physical network also with ML2/OVN backend
Neutron L3 module in Devstack has way to conigure access to physical network on the node. It can put physical interface to the physical bridge or, in case when such physical device isn't set, it creates NAT rule in iptables. There was missing the same operation for ML2/OVN backend as L3 agent is not used there at all. This patch adds the same to be done in both L3 agent and ovn_agent modules. Closes-Bug: #1939627 Change-Id: I9e558d1d5d3edbce9e7a025ba3c11267f1579820
This commit is contained in:
parent
ab2a529714
commit
b1a89eb80b
@ -663,6 +663,27 @@ function _move_neutron_addresses_route {
|
||||
fi
|
||||
}
|
||||
|
||||
# _configure_public_network_connectivity() - Configures connectivity to the
|
||||
# external network using $PUBLIC_INTERFACE or NAT on the single interface
|
||||
# machines
|
||||
function _configure_public_network_connectivity {
|
||||
# If we've given a PUBLIC_INTERFACE to take over, then we assume
|
||||
# that we can own the whole thing, and privot it into the OVS
|
||||
# bridge. If we are not, we're probably on a single interface
|
||||
# machine, and we just setup NAT so that fixed guests can get out.
|
||||
if [[ -n "$PUBLIC_INTERFACE" ]]; then
|
||||
_move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" True False "inet"
|
||||
|
||||
if [[ $(ip -f inet6 a s dev "$PUBLIC_INTERFACE" | grep -c 'global') != 0 ]]; then
|
||||
_move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" False False "inet6"
|
||||
fi
|
||||
else
|
||||
for d in $default_v4_route_devs; do
|
||||
sudo iptables -t nat -A POSTROUTING -o $d -s $FLOATING_RANGE -j MASQUERADE
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
# cleanup_mutnauq() - Remove residual data files, anything left over from previous
|
||||
# runs that a clean run would need to clean up
|
||||
function cleanup_mutnauq {
|
||||
|
@ -266,6 +266,7 @@ function create_public_bridge {
|
||||
# Create the public bridge that OVN will use
|
||||
sudo ovs-vsctl --may-exist add-br $PUBLIC_BRIDGE -- set bridge $PUBLIC_BRIDGE protocols=OpenFlow13,OpenFlow15
|
||||
sudo ovs-vsctl set open . external-ids:ovn-bridge-mappings=$PHYSICAL_NETWORK:$PUBLIC_BRIDGE
|
||||
_configure_public_network_connectivity
|
||||
}
|
||||
|
||||
function _disable_libvirt_apparmor {
|
||||
|
@ -123,21 +123,7 @@ function _configure_neutron_l3_agent {
|
||||
|
||||
neutron_plugin_configure_l3_agent $Q_L3_CONF_FILE
|
||||
|
||||
# If we've given a PUBLIC_INTERFACE to take over, then we assume
|
||||
# that we can own the whole thing, and privot it into the OVS
|
||||
# bridge. If we are not, we're probably on a single interface
|
||||
# machine, and we just setup NAT so that fixed guests can get out.
|
||||
if [[ -n "$PUBLIC_INTERFACE" ]]; then
|
||||
_move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" True False "inet"
|
||||
|
||||
if [[ $(ip -f inet6 a s dev "$PUBLIC_INTERFACE" | grep -c 'global') != 0 ]]; then
|
||||
_move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" False False "inet6"
|
||||
fi
|
||||
else
|
||||
for d in $default_v4_route_devs; do
|
||||
sudo iptables -t nat -A POSTROUTING -o $d -s $FLOATING_RANGE -j MASQUERADE
|
||||
done
|
||||
fi
|
||||
_configure_public_network_connectivity
|
||||
}
|
||||
|
||||
# Explicitly set router id in l3 agent configuration
|
||||
|
Loading…
x
Reference in New Issue
Block a user