Fix a missing comma in config.json when neutron_plugin_agent is set
to 'vmware_nsxv' or 'vmware_dvs'.
Closes-Bug: #1720380
Change-Id: I088f09a426a5435202176c45a77b1fbc19468f97
Actually Openstack services configuration can be overriden using many
files:
- /etc/kolla/config/<< service name >>/<< config file >>
- /etc/kolla/config/<< service name >>/<<host>>/<< config file >>
- /etc/kolla/config/global.conf
- /etc/kolla/config/database.conf
- /etc/kolla/config/messaging.conf
Only per-service configuration is actually documented here:
https://github.com/openstack/kolla-ansible/blob/master/doc/advanced-configuration.rst#L164
Allowing to globally modify service configuration can be perform too,
but it can be done in 3 different manners, all not documented:
- /etc/kolla/config/global.conf
- /etc/kolla/config/database.conf
- /etc/kolla/config/messaging.conf
database.conf and messaging.conf seems redundant with global.conf.
In order to simplify codebase it seems logical to remove them.
Documentation has been added for overriding configuration globally and
release note has been added too.
Closes-Bug: #1682479
Change-Id: I5d922dfc0d938173bad34ac64e490b78db1b7e31
Openvswitch_db is not necessary to listener api_address.
Just let openvswitch_db listener localhost to avoid security issues.
Change-Id: If4912d90abae933a1ed9e2d14336b89b7c7179dd
Closes-Bug: #1712767
Service_providers config group is already configured in the neutron_vpnaas.conf.
So, we only need to load the neutron_vpnaas.conf configuration file
when the neutron_vpnaas_agent container starts, without having
to duplicate the configuration.
Change-Id: I7b78831325db4bbb263b2cc174e848ea7037ad0a
Add vpnaas support to vsphere by vmware-nsx plugin in neutron.
Depends-On: I7b78831325db4bbb263b2cc174e848ea7037ad0a
Change-Id: I83040c97e5ee4b2ccc0a874623870334c313b4b2
Partially-implements: blueprint kolla-ansible-support-vsphere
Openstack is able to simply manage VLAN network on VMware
Distributed Switch.
DHCP agent can provide dhcp offer with vlan tag provided
by OVS.
Both neutron external nic and physical nic of vCenter/
vSphere should be on a vlan trunk port and can communicate
with each other.
Depends-On: I4655086a3f058ec769d3d37ec6a19565b5ea0841
Change-Id: I6d1629e93f0efeddd2a9000f66cc6f714bebb07c
Partially-implements: blueprint kolla-ansible-support-vsphere
Neutron-sfc-agent start its functions with openvswitch.
This change moves sfc configuration into neutron-openvswitch-agent.
Rework config files to use openvswitch when sfc or openvswitch
are used as network plugin.
Also adds sfc extension_driver to ml2
Change-Id: If1ebf9554f6d686cc6d064e698a48f8a6b6172b3
Closes-Bug: #1664493
Depends-On: I60ba1333231a4ae38a041d41e551f7d74fe15e3b
kolla-kubernetes is using its own configuration generation[0], so it is
time for kolla-ansible to remove the related code to simplify the
logical.
[0] https://github.com/openstack/kolla-kubernetes/tree/master/ansible
Change-Id: I7bb0b7fe3b8eea906613e936d5e9d19f4f2e80bb
Implements: blueprint clean-k8s-config
Neutron-lbaas-agent container is not restart when neutron_lbaas.conf changed.
Closes-Bug: #1704900
Change-Id: Ie9babdf5ad0875b604cb1728a116b450e0f89858
Add fwaas support to vsphere by vmware-nsx plugin in neutron.
Change-Id: Ie80830f97701d322a3610815f6abd63c523a96d4
Partially-implements: blueprint kolla-ansible-support-vsphere
Remove all l3 related namespaces in case of multiple active routers in
l3 high available mode. The root cause is that keepalived does not
remove the vip address from nic during starting.
neutron-vpnaas-agent is subclass of l3 agent, so should remove all l3
related namespace before starting vpnaas agent.
Closes-Bug: #1703078
Depends-On: Ic9417d2eb03e0dd93f7c668b189b4ad9c72eae0f
Change-Id: I05c1faf2551bb5e70c299e884adf58cd2af52739
If use /run/netns, it may cause namepace stale and unable to remove. The
root cause may be that docker engine still unrelease the namespace
folder.
Change-Id: If120d54c266878990c952b60043b596b0a0788ab
Closes-Bug: #1703077
fwaas is in pending create state when I attach it to a router.
This patch fix this.
Change-Id: I18b56ed3698e22a02a8718b39360fde76c12428b
Closes-Bug: #1689703
In order to speed up deployment time some "local" actions should be run
only once using 'run_once: True'.
This will decrease deployment time in case of multihost configuration.
Change-Id: I6015d772d35c15e96c52f577013b6e41197cb41a
rpc_workers and rpc_state_report_workers are set to 1 by default in
Neutron:
https://github.com/openstack/neutron/blob/master/neutron/conf/service.py#L30
By design neutron-server is a central RPC service for all agents (L2
agents, L3 agents, Metadata agents, LB agents, VPN agents, ...).
For a production ready cloud, these variables must be set to a greater
value than 1.
Change-Id: Ib39be32748c3ee8077941fd1659db12c9d80055c
Closes-Bug: #1671734
Some roles have a symlink to deploy.yml file
for reconfigure. This is causing some issues.
"included task files must contain a list of tasks"
Change-Id: Ie7ade52900a61bc1c5b867fa7a8f75fc541a6426
Closes-Bug: #1694251
In case of provider networks we need to configure external bridge
on compute nodes, like it is done in DVR. The only way to tell
if provider networks are to be used is a new flag.
Change-Id: I1aef197ee2b84e28f2131f058e6995551f873fe1
Closes-Bug: #1694726
This patch add configuration options for tenant network types and type
drivers. Both lists are checked so that tenant types are listed in
drivers. For ironic 'flat' driver is mandatory and is added explicitly
into ironic prechecks.
Change-Id: Ie5775001165412910a258cbed2d2ebbb8ebbd879
Closes-Bug: #1694725
Neutron recommend as good practice to enable port_security
extension by default. Current networks will remain using
security groups, but will allow users to disable port_security
in their port or networks.
An example use case is nfv.
Change-Id: I69f2e3567fd00695cf1c4bcc9177c2b88e33c3ab
Neutron-server does not use br-tun at all,
this is only needed at compute and network nodes.
Change-Id: I0e11baa3fc8ee15c951cf4fc9aaa3a1d47819e81
Closes-Bug: #1642521
