3452f8eb86
Adds Q_USE_SECGROUP flag for quantum security group - Added has_quantum_plugin_security_group method for each plugin. - Set NOVA_VIF_DRIVER to the hybrid VIF driver for plugins with iptables based security group support. - Specifying device_owner type on debug port in lib/quantum and quantum-adv-test.sh. This change makes apply quantum security group fro debug port Change-Id: Ifd155798912247d85a9765ef73a2186b929237b4
71 lines
2.5 KiB
Plaintext
71 lines
2.5 KiB
Plaintext
# common functions for ovs based plugin
|
|
# -------------------------------------
|
|
|
|
# Save trace setting
|
|
MY_XTRACE=$(set +o | grep xtrace)
|
|
set +o xtrace
|
|
|
|
function is_quantum_ovs_base_plugin() {
|
|
# Yes, we use OVS.
|
|
return 0
|
|
}
|
|
|
|
function _quantum_ovs_base_setup_bridge() {
|
|
local bridge=$1
|
|
quantum-ovs-cleanup
|
|
sudo ovs-vsctl --no-wait -- --may-exist add-br $bridge
|
|
sudo ovs-vsctl --no-wait br-set-external-id $bridge bridge-id $bridge
|
|
}
|
|
|
|
function _quantum_ovs_base_install_agent_packages() {
|
|
local kernel_version
|
|
# Install deps
|
|
# FIXME add to ``files/apts/quantum``, but don't install if not needed!
|
|
if is_ubuntu; then
|
|
kernel_version=`cat /proc/version | cut -d " " -f3`
|
|
install_package make fakeroot dkms openvswitch-switch openvswitch-datapath-dkms linux-headers-$kernel_version
|
|
elif is_fedora; then
|
|
install_package openvswitch
|
|
# Ensure that the service is started
|
|
restart_service openvswitch
|
|
elif is_suse; then
|
|
### FIXME: Find out if package can be pushed to Factory
|
|
echo "OpenVSwitch packages can be installed from Cloud:OpenStack:Master in OBS"
|
|
restart_service openvswitch
|
|
fi
|
|
}
|
|
|
|
function _quantum_ovs_base_configure_debug_command() {
|
|
iniset $QUANTUM_TEST_CONFIG_FILE DEFAULT external_network_bridge $PUBLIC_BRIDGE
|
|
}
|
|
|
|
function _quantum_ovs_base_configure_firewall_driver() {
|
|
if [[ "$Q_USE_SECGROUP" == "True" ]]; then
|
|
iniset /$Q_PLUGIN_CONF_FILE SECURITYGROUP firewall_driver quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
|
else
|
|
iniset /$Q_PLUGIN_CONF_FILE SECURITYGROUP firewall_driver quantum.agent.firewall.NoopFirewallDriver
|
|
fi
|
|
}
|
|
|
|
function _quantum_ovs_base_configure_l3_agent() {
|
|
iniset $Q_L3_CONF_FILE DEFAULT external_network_bridge $PUBLIC_BRIDGE
|
|
|
|
quantum-ovs-cleanup
|
|
sudo ovs-vsctl --no-wait -- --may-exist add-br $PUBLIC_BRIDGE
|
|
# ensure no IP is configured on the public bridge
|
|
sudo ip addr flush dev $PUBLIC_BRIDGE
|
|
}
|
|
|
|
function _quantum_ovs_base_configure_nova_vif_driver() {
|
|
# The hybrid VIF driver needs to be specified when Quantum Security Group
|
|
# is enabled (until vif_security attributes are supported in VIF extension)
|
|
if [[ "$Q_USE_SECGROUP" == "True" ]]; then
|
|
NOVA_VIF_DRIVER=${NOVA_VIF_DRIVER:-"nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver"}
|
|
else
|
|
NOVA_VIF_DRIVER=${NOVA_VIF_DRIVER:-"nova.virt.libvirt.vif.LibvirtGenericVIFDriver"}
|
|
fi
|
|
}
|
|
|
|
# Restore xtrace
|
|
$MY_XTRACE
|