openstack/puppet-openstack-integration
Code Issues Proposed changes

Neutron: Enable metadata extension of ovn-agent

Browse Source 
Depends-on: https://review.opendev.org/c/openstack/puppet-neutron/+/913460
Change-Id: I2a89309f694b047b8c222c017d6b61f62b2ed331
This commit is contained in:
Takashi Kajinami 2024-03-16 18:34:07 +09:00
parent c86b3217ca
commit 67183376c6
2 changed files with 42 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
fixtures/scenario005.pp
View File

@ -24,10 +24,12 @@ case $facts['os']['family'] {
'Debian': {
$ipv6 = false
$modular_libvirt = false
$ovn_metadata_agent_enabled = true
}
'RedHat': {
$ipv6 = true
$modular_libvirt = true
$ovn_metadata_agent_enabled = false
}
default: {
fail("Unsupported osfamily (${facts['os']['family']})")
@ -54,7 +56,8 @@ class { 'openstack_integration::glance':
backend => 'cinder',
}
class { 'openstack_integration::neutron':
driver => 'ovn',
driver => 'ovn',
ovn_metadata_agent_enabled => $ovn_metadata_agent_enabled,
}
include openstack_integration::placement
class { 'openstack_integration::nova':

56
manifests/neutron.pp
View File

@ -5,6 +5,10 @@
# Can be: openvswitch, linuxbridge or ovn.
# Defaults to 'openvswitch'.
#
# [*ovn_metadata_agent_enabled*]
# (optional) Enable ovn-metadata-agent
# Defaults to true
#
# [*metering_enabled*]
# (optional) Flag to enable metering agent
# Defaults to false.
@ -38,15 +42,16 @@
# Defaults to $facts['os_service_default'].
#
class openstack_integration::neutron (
$driver = 'openvswitch',
$metering_enabled = false,
$vpnaas_enabled = false,
$taas_enabled = false,
$bgpvpn_enabled = false,
$l2gw_enabled = false,
$bgp_dragent_enabled = false,
$baremetal_enabled = false,
$notification_topics = $facts['os_service_default'],
$driver = 'openvswitch',
$ovn_metadata_agent_enabled = true,
$metering_enabled = false,
$vpnaas_enabled = false,
$taas_enabled = false,
$bgpvpn_enabled = false,
$l2gw_enabled = false,
$bgp_dragent_enabled = false,
$baremetal_enabled = false,
$notification_topics = $facts['os_service_default'],
) {
include openstack_integration::config
@ -358,8 +363,20 @@ class openstack_integration::neutron (
if $driver == 'ovn' {
# NOTE(tkajinam): ovn-agent is currently available only in RDO
if $facts['os']['family'] == 'RedHat' {
$ovn_agent_extensions = $ovn_metadata_agent_enabled ? {
false => ['metadata'],
default => undef
}
if ! $ovn_metadata_agent_enabled {
class { 'neutron::agents::ml2::ovn::metadata':
shared_secret => 'a_big_secret',
metadata_host => $::openstack_integration::config::host,
metadata_protocol => $::openstack_integration::config::proto,
}
}
class { 'neutron::agents::ml2::ovn':
debug => true,
extensions => $ovn_agent_extensions,
ovn_nb_connection => $::openstack_integration::config::ovn_nb_connection,
ovn_nb_private_key => '/etc/neutron/ovnnb-privkey.pem',
ovn_nb_certificate => '/etc/neutron/ovnnb-cert.pem',
@ -370,15 +387,18 @@ class openstack_integration::neutron (
ovn_sb_ca_cert => '/etc/neutron/switchcacert.pem',
}
}
class { 'neutron::agents::ovn_metadata':
debug => true,
shared_secret => 'a_big_secret',
metadata_host => $::openstack_integration::config::host,
metadata_protocol => $::openstack_integration::config::proto,
ovn_sb_connection => $::openstack_integration::config::ovn_sb_connection,
ovn_sb_private_key => '/etc/neutron/ovnsb-privkey.pem',
ovn_sb_certificate => '/etc/neutron/ovnsb-cert.pem',
ovn_sb_ca_cert => '/etc/neutron/switchcacert.pem',
if $ovn_metadata_agent_enabled {
class { 'neutron::agents::ovn_metadata':
debug => true,
shared_secret => 'a_big_secret',
metadata_host => $::openstack_integration::config::host,
metadata_protocol => $::openstack_integration::config::proto,
ovn_sb_connection => $::openstack_integration::config::ovn_sb_connection,
ovn_sb_private_key => '/etc/neutron/ovnsb-privkey.pem',
ovn_sb_certificate => '/etc/neutron/ovnsb-cert.pem',
ovn_sb_ca_cert => '/etc/neutron/switchcacert.pem',
}
}
} else {
class { 'neutron::agents::metadata':