diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index e8a84fa9ba..7209ba2df7 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -631,7 +631,9 @@ neutron_type_drivers: "flat,vlan,vxlan" # NOTE: for ironic this list should also contain 'flat' neutron_tenant_network_types: "vxlan" -computes_need_external_bridge: "{{ enable_neutron_dvr | bool or enable_neutron_provider_networks | bool or enable_opendaylight | bool and neutron_plugin_agent != 'vmware_dvs' }}" +# valid values: ["dvr", "dvr_no_external"] +neutron_compute_dvr_mode: "dvr" +computes_need_external_bridge: "{{ enable_neutron_dvr | bool and (neutron_compute_dvr_mode == 'dvr' or inventory_hostname in groups['external-compute']) or enable_neutron_provider_networks | bool or enable_opendaylight | bool and neutron_plugin_agent != 'vmware_dvs' }}" ####################### # Nova options diff --git a/ansible/inventory/all-in-one b/ansible/inventory/all-in-one index fd50b41025..2cfb598a81 100644 --- a/ansible/inventory/all-in-one +++ b/ansible/inventory/all-in-one @@ -7,11 +7,15 @@ localhost ansible_connection=local localhost ansible_connection=local # inner-compute is the groups of compute nodes which do not have -# external reachability +# external reachability. +# DEPRECATED, the group will be removed in S release of OpenStack, +# use variable neutron_compute_dvr_mode instead. [inner-compute] # external-compute is the groups of compute nodes which can reach -# outside +# outside. +# DEPRECATED, the group will be removed in S release of OpenStack, +# use variable neutron_compute_dvr_mode instead. [external-compute] localhost ansible_connection=local diff --git a/ansible/inventory/multinode b/ansible/inventory/multinode index d2ba5b8b4c..71c7760374 100644 --- a/ansible/inventory/multinode +++ b/ansible/inventory/multinode @@ -16,11 +16,15 @@ network01 network02 # inner-compute is the groups of compute nodes which do not have -# external reachability +# external reachability. +# DEPRECATED, the group will be removed in S release of OpenStack, +# use variable neutron_compute_dvr_mode instead. [inner-compute] # external-compute is the groups of compute nodes which can reach -# outside +# outside. +# DEPRECATED, the group will be removed in S release of OpenStack, +# use variable neutron_compute_dvr_mode instead. [external-compute] compute01 diff --git a/ansible/roles/neutron/tasks/precheck.yml b/ansible/roles/neutron/tasks/precheck.yml index e357ab4383..b234949476 100644 --- a/ansible/roles/neutron/tasks/precheck.yml +++ b/ansible/roles/neutron/tasks/precheck.yml @@ -47,3 +47,13 @@ when: item not in type_drivers run_once: true with_items: "{{ tenant_network_types }}" + +- name: Checking for deprecated inner- and external-compute groups + local_action: + module: debug + msg: "WARNING: inner- and external-compute groups are DEPRECATED" + changed_when: false + run_once: True + when: + - (groups['inner-compute'] | default([]) | length > 0 + or groups['external-compute'] | default([]) | length > 0) diff --git a/ansible/roles/neutron/templates/l3_agent.ini.j2 b/ansible/roles/neutron/templates/l3_agent.ini.j2 index b271fda358..968a2a729a 100644 --- a/ansible/roles/neutron/templates/l3_agent.ini.j2 +++ b/ansible/roles/neutron/templates/l3_agent.ini.j2 @@ -7,6 +7,8 @@ agent_mode = dvr_snat agent_mode = dvr {% elif inventory_hostname in groups['inner-compute'] %} agent_mode = dvr_no_external +{% elif inventory_hostname in groups['compute'] %} +agent_mode = {{ neutron_compute_dvr_mode }} {% endif %} {% else %} agent_mode = legacy diff --git a/releasenotes/notes/dvr-mode-property-13b3699f9a9c4359.yaml b/releasenotes/notes/dvr-mode-property-13b3699f9a9c4359.yaml new file mode 100644 index 0000000000..415d0270d1 --- /dev/null +++ b/releasenotes/notes/dvr-mode-property-13b3699f9a9c4359.yaml @@ -0,0 +1,23 @@ +--- +features: + - | + [`blueprint Replace inner-/external computes with a dvr mode variable `_] + A new variable "neutron_compute_dvr_mode" is introduced. This variable + controls whether a compute host has external connection and is + allowed to do full-blown DVR or distributed routing is only used for + tenant networking. Corresponding values are "dvr" and "dvr_no_external" + The variable has to be set either globally or per group (per host) + to get desired behavior. +upgrade: + - | + All hosts from "[inner-compute]" and "[external-compute]" can be moved to + "[compute]" to avoid problems in OpenStack S release, though the groups + still will function well in this release. +deprecations: + - | + Splitting of compute group into inner and external compute hosts is + deprecated and will be removed in OpenStack S release. +fixes: + - | + External bridge setup on compute hosts that depends on whether DVR mode + is enabled is also accompanied by a check for the new variable. diff --git a/tests/templates/inventory.j2 b/tests/templates/inventory.j2 index 2a3efbaad8..ea9150a203 100644 --- a/tests/templates/inventory.j2 +++ b/tests/templates/inventory.j2 @@ -10,21 +10,11 @@ {{ host }} ansible_host={{ hostvars[host]['ansible_host'] }} ansible_become=true ansible_user={{ hostvars[host]['ansible_user'] }} {% endfor %} -# inner-compute is the groups of compute nodes which do not have -# external reachability -[inner-compute] - -# external-compute is the groups of compute nodes which can reach -# outside -[external-compute] +[compute] {% for host in hostvars %} {{ host }} ansible_host={{ hostvars[host]['ansible_host'] }} ansible_become=true ansible_user={{ hostvars[host]['ansible_user'] }} {% endfor %} -[compute:children] -inner-compute -external-compute - [storage] {% for host in hostvars %} {{ host }} ansible_host={{ hostvars[host]['ansible_host'] }} ansible_become=true ansible_user={{ hostvars[host]['ansible_user'] }}