68375810ee
Installing OVS on CentOS requires one RDO repository and the centos-release-openstack packages sets up two additional repos which aren't required. In addition, we removed the centos-release-openstack package but this did not remove the two extra repositories, causing them to "leak" into the jobs. This sets up the one repository we need and ensures it is removed after OVS is installed. Change-Id: Ida2299a4356282d23b79fac6753b6171211a7651
113 lines
3.6 KiB
YAML
113 lines
3.6 KiB
YAML
- name: Include OS-specific variables
|
|
include_vars: "{{ item }}"
|
|
with_first_found:
|
|
- "{{ ansible_distribution }}.yaml"
|
|
- "{{ ansible_os_family }}.yaml"
|
|
- "default.yaml"
|
|
|
|
# openvswitch for CentOS is available from the RDO repositories.
|
|
# We're setting it up manually to prevent centos-release-openstack or rdo-release
|
|
# from installing repositories we don't need.
|
|
- when:
|
|
- ansible_os_family == "RedHat"
|
|
- ansible_distribution != "Fedora"
|
|
become: yes
|
|
block:
|
|
- name: Set up RDO GPG key
|
|
copy:
|
|
src: RPM-GPG-KEY-CentOS-SIG-Cloud
|
|
dest: /tmp/RPM-GPG-KEY-CentOS-SIG-Cloud
|
|
|
|
- name: Set up RDO repository
|
|
template:
|
|
src: zuul-multi-node-bridge-ovs.repo.j2
|
|
dest: /etc/yum.repos.d/zuul-multi-node-bridge-ovs.repo
|
|
|
|
- name: Set package.use values for OVS on Gentoo
|
|
become: yes
|
|
lineinfile:
|
|
path: /etc/portage/package.use/ovs
|
|
line: "{{ item.line }}"
|
|
create: yes
|
|
with_items:
|
|
- { line: 'dev-python/twisted conch # for openvswitch' }
|
|
- { line: 'net-misc/openvswitch -modules # ovs/gre are staticly built' }
|
|
when:
|
|
- ansible_distribution == 'Gentoo'
|
|
|
|
- name: Install openvswitch
|
|
become: yes
|
|
package:
|
|
name: "{{ ovs_package }}"
|
|
state: installed
|
|
|
|
- name: Ensure openvswitch is started
|
|
become: yes
|
|
service:
|
|
name: "{{ ovs_service }}"
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Remove RDO repository files
|
|
become: yes
|
|
file:
|
|
path: "{{ item }}"
|
|
state: absent
|
|
with_items:
|
|
- /tmp/RPM-GPG-KEY-CentOS-SIG-Cloud
|
|
- /etc/yum.repos.d/zuul-multi-node-bridge-ovs.repo
|
|
when:
|
|
- ansible_os_family == "RedHat"
|
|
- ansible_distribution != "Fedora"
|
|
|
|
- name: Authorize the multi-node-bridge network
|
|
become: yes
|
|
iptables:
|
|
state: present
|
|
action: insert
|
|
chain: INPUT
|
|
ip_version: ipv4
|
|
source: "{{ bridge_address_prefix }}.0/{{ bridge_address_subnet }}"
|
|
destination: "{{ bridge_address_prefix }}.0/{{ bridge_address_subnet }}"
|
|
jump: ACCEPT
|
|
when:
|
|
- bridge_configure_address | bool
|
|
- bridge_authorize_internal_traffic | bool
|
|
|
|
- when: bridge_mtu is not defined
|
|
block:
|
|
- name: Determine bridge mtu
|
|
shell: |
|
|
# Find all interfaces with a permanent mac address type.
|
|
# Permanent mac addrs imply "real" hardware and not interfaces we have
|
|
# created through this system. This makes our MTU determination mostly
|
|
# idempotent allowing us to create multiple overlays without
|
|
# perpetually smaller MTUs.
|
|
# find is used instead of ls as we can select the 'link' type with find
|
|
# only the link type is needed because files do not have interface
|
|
# properties and directories are not used for this area of /sys
|
|
SMALLEST_MTU=""
|
|
for X in $(find /sys/class/net/ -maxdepth 1 -type l -exec basename {} ';') ; do
|
|
MAC_TYPE=$(cat "/sys/class/net/${X}/addr_assign_type")
|
|
if [ "$MAC_TYPE" -ne "0" ] ; then
|
|
# Type 0 is a permanent address implying a "real"
|
|
# interface. We ignore other interfaces as that is what we
|
|
# create here
|
|
continue
|
|
fi
|
|
MTU=$(cat "/sys/class/net/${X}/mtu")
|
|
if [ -z "$SMALLEST_MTU" ] || [ "$SMALLEST_MTU" -gt "$MTU" ] ; then
|
|
SMALLEST_MTU=$MTU
|
|
fi
|
|
done
|
|
# 50 byte overhead for vxlan
|
|
echo $(( SMALLEST_MTU - 50 ))
|
|
args:
|
|
executable: /bin/bash
|
|
environment:
|
|
PATH: '{{ ansible_env.PATH }}:/bin:/sbin:/usr/sbin'
|
|
register: mtu_output
|
|
- name: Set bridge_mtu
|
|
set_fact:
|
|
bridge_mtu: "{{ mtu_output.stdout }}"
|