From 95c916aa5ef3d6a7a5c24bc5745cb7dd2aff6ef3 Mon Sep 17 00:00:00 2001 From: Paul Bourke Date: Wed, 17 Aug 2016 15:12:48 +0000 Subject: [PATCH] Allow Neutron to be run in DVR mode Introduces a new property "enable_neutron_dvr", along with the appropriate service and template changes to allow DVR. Closes-Bug: #1623463 DocImpact: dvr changes network data paths and adds requirements for NICs Co-Authored-By: Vladislav Belogrudov Change-Id: I87a26e9258228ae2ccb76be1e5f0bb44fac128df --- ansible/group_vars/all.yml | 1 + ansible/roles/neutron/tasks/do_reconfigure.yml | 14 ++++++++++++-- ansible/roles/neutron/tasks/start.yml | 6 ++++-- ansible/roles/neutron/templates/l3_agent.ini.j2 | 8 ++++++++ ansible/roles/neutron/templates/ml2_conf.ini.j2 | 4 ++++ ansible/roles/neutron/templates/neutron.conf.j2 | 6 ++++-- etc/kolla/globals.yml | 1 + .../notes/add-neutron-dvr-f1b3541e22c0fbc3.yaml | 4 ++++ 8 files changed, 38 insertions(+), 6 deletions(-) create mode 100644 releasenotes/notes/add-neutron-dvr-f1b3541e22c0fbc3.yaml diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 83d504a974..1b69bf6792 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -254,6 +254,7 @@ enable_mistral: "no" enable_mongodb: "no" enable_multipathd: "no" enable_murano: "no" +enable_neutron_dvr: "no" enable_neutron_lbaas: "no" enable_neutron_qos: "no" enable_neutron_agent_ha: "no" diff --git a/ansible/roles/neutron/tasks/do_reconfigure.yml b/ansible/roles/neutron/tasks/do_reconfigure.yml index adebc233a2..d80e827d64 100644 --- a/ansible/roles/neutron/tasks/do_reconfigure.yml +++ b/ansible/roles/neutron/tasks/do_reconfigure.yml @@ -12,8 +12,10 @@ - { name: neutron_server, group: neutron-server } - { name: neutron_dhcp_agent, group: neutron-dhcp-agent } - { name: neutron_l3_agent, group: neutron-l3-agent } + - { name: neutron_l3_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" } - { name: neutron_lbaas_agent, group: neutron-lbaas-agent, enabled: "{{ enable_neutron_lbaas | bool }}" } - { name: neutron_metadata_agent, group: neutron-metadata-agent } + - { name: neutron_metadata_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" } - name: Ensuring the neutron_openvswitch_agent container is up kolla_docker: @@ -69,8 +71,10 @@ - { name: neutron_server, group: neutron-server } - { name: neutron_dhcp_agent, group: neutron-dhcp-agent } - { name: neutron_l3_agent, group: neutron-l3-agent } + - { name: neutron_l3_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" } - { name: neutron_lbaas_agent, group: neutron-lbaas-agent, enabled: "{{ enable_neutron_lbaas | bool }}" } - { name: neutron_metadata_agent, group: neutron-metadata-agent } + - { name: neutron_metadata_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" } - name: Check the configs in the neutron_openvswitch_agent container command: docker exec neutron_openvswitch_agent /usr/local/bin/kolla_set_configs --check @@ -125,8 +129,10 @@ - { name: neutron_server, group: neutron-server } - { name: neutron_dhcp_agent, group: neutron-dhcp-agent } - { name: neutron_l3_agent, group: neutron-l3-agent } + - { name: neutron_l3_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" } - { name: neutron_lbaas_agent, group: neutron-lbaas-agent, enabled: "{{ enable_neutron_lbaas | bool }}" } - { name: neutron_metadata_agent, group: neutron-metadata-agent } + - { name: neutron_metadata_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" } - name: Container config strategy for the neutron_openvswitch_agent container kolla_docker: @@ -180,8 +186,10 @@ - [{ name: neutron_server, group: neutron-server }, { name: neutron_dhcp_agent, group: neutron-dhcp-agent }, { name: neutron_l3_agent, group: neutron-l3-agent }, + { name: neutron_l3_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" }, { name: neutron_lbaas_agent, group: neutron-lbaas-agent, enabled: "{{ enable_neutron_lbaas | bool }}" }, - { name: neutron_metadata_agent, group: neutron-metadata-agent }] + { name: neutron_metadata_agent, group: neutron-metadata-agent }, + { name: neutron_metadata_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" }] - "{{ neutron_container_envs.results }}" - "{{ neutron_check_results.results }}" @@ -246,8 +254,10 @@ - [{ name: neutron_server, group: neutron-server }, { name: neutron_dhcp_agent, group: neutron-dhcp-agent }, { name: neutron_l3_agent, group: neutron-l3-agent }, + { name: neutron_l3_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" }, { name: neutron_lbaas_agent, group: neutron-lbaas-agent, enabled: "{{ enable_neutron_lbaas | bool }}" }, - { name: neutron_metadata_agent, group: neutron-metadata-agent }] + { name: neutron_metadata_agent, group: neutron-metadata-agent }, + { name: neutron_metadata_agent, group: compute, enabled: "{{ enable_neutron_dvr | bool }}" }] - "{{ neutron_container_envs.results }}" - "{{ neutron_check_results.results }}" diff --git a/ansible/roles/neutron/tasks/start.yml b/ansible/roles/neutron/tasks/start.yml index 0d29efe256..df5765b161 100644 --- a/ansible/roles/neutron/tasks/start.yml +++ b/ansible/roles/neutron/tasks/start.yml @@ -185,7 +185,8 @@ - "neutron_metadata_socket:/var/lib/neutron/kolla/" - "kolla_logs:/var/log/kolla/" when: - - inventory_hostname in groups['neutron-l3-agent'] + - (inventory_hostname in groups['neutron-l3-agent'] + or (inventory_hostname in groups['compute'] and enable_neutron_dvr | bool)) - name: Starting neutron-lbaas-agent container kolla_docker: @@ -219,4 +220,5 @@ - "neutron_metadata_socket:/var/lib/neutron/kolla/" - "kolla_logs:/var/log/kolla/" when: - - inventory_hostname in groups['neutron-metadata-agent'] + - (inventory_hostname in groups['neutron-metadata-agent'] + or (inventory_hostname in groups['compute'] and enable_neutron_dvr | bool)) diff --git a/ansible/roles/neutron/templates/l3_agent.ini.j2 b/ansible/roles/neutron/templates/l3_agent.ini.j2 index 1bb7234ee2..b8a165bfac 100644 --- a/ansible/roles/neutron/templates/l3_agent.ini.j2 +++ b/ansible/roles/neutron/templates/l3_agent.ini.j2 @@ -1,4 +1,12 @@ # l3_agent.ini [DEFAULT] +{% if enable_neutron_dvr | bool %} + {% if inventory_hostname in groups['network'] %} +agent_mode = dvr_snat + {% elif inventory_hostname in groups['compute'] %} +agent_mode = dvr + {% endif %} +{% else %} agent_mode = legacy +{% endif %} external_network_bridge = diff --git a/ansible/roles/neutron/templates/ml2_conf.ini.j2 b/ansible/roles/neutron/templates/ml2_conf.ini.j2 index a8f6560235..27e98137f8 100644 --- a/ansible/roles/neutron/templates/ml2_conf.ini.j2 +++ b/ansible/roles/neutron/templates/ml2_conf.ini.j2 @@ -50,6 +50,10 @@ tunnel_types = vxlan l2_population = true arp_responder = true +{% if enable_neutron_dvr | bool %} +enable_distributed_routing = True +{% endif %} + [ovs] bridge_mappings = physnet1:{{ neutron_bridge_name }} ovsdb_connection = tcp:{{ api_interface_address }}:6640 diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2 index 87dfb4729f..be930858bb 100644 --- a/ansible/roles/neutron/templates/neutron.conf.j2 +++ b/ansible/roles/neutron/templates/neutron.conf.j2 @@ -46,13 +46,15 @@ min_l3_agents_per_router = {{ min_l3_agents_per_router }} transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} +{% if enable_neutron_dvr | bool %} +router_distributed = True +{% endif %} + {% if enable_neutron_lbaas | bool %} [service_providers] service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default {% endif %} -transport_url = rabbit://{% for host in groups['rabbitmq'] %}{{ rabbitmq_user }}:{{ rabbitmq_password }}@{% if orchestration_engine == 'KUBERNETES' %}rabbitmq{% else %}{{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}{% endif %}:{{ rabbitmq_port }}{% if not loop.last %},{% endif %}{% endfor %} - [nova] auth_url = {{ keystone_admin_url }} auth_type = password diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml index 5415874954..0e4de80091 100644 --- a/etc/kolla/globals.yml +++ b/etc/kolla/globals.yml @@ -131,6 +131,7 @@ kolla_internal_vip_address: "10.10.10.254" #enable_mongodb: "no" #enable_murano: "no" #enable_multipathd: "no" +#enable_neutron_dvr: "no" #enable_neutron_lbaas: "no" #enable_neutron_qos: "no" #enable_neutron_agent_ha: "no" diff --git a/releasenotes/notes/add-neutron-dvr-f1b3541e22c0fbc3.yaml b/releasenotes/notes/add-neutron-dvr-f1b3541e22c0fbc3.yaml new file mode 100644 index 0000000000..f6ebf41ea3 --- /dev/null +++ b/releasenotes/notes/add-neutron-dvr-f1b3541e22c0fbc3.yaml @@ -0,0 +1,4 @@ +--- +features: + - Introduce a new property "enable_neutron_dvr". + Set to "yes" to deploy Neutron with DVR.