From de313681f94a75b3dbcb078fa023495e2c04617f Mon Sep 17 00:00:00 2001
From: Daneyon Hansen <danehans@cisco.com>
Date: Mon, 13 Oct 2014 16:36:17 +0000
Subject: [PATCH] Adds Neutron Server Support
Previously Kolla did not support Neutron. This patch provides
initial Neutron support by implementing neutron-server
functionality. It also creates a neutron-base image that
provides common config and packages for all Neutron-based
services.
Partially Implements: Blueprint Kubernetes Neutron Container
Change-Id: I2399a1331992fae0f387f01e5b5c1c1d34f0637d
---
docker/neutron/neutron-base/Dockerfile | 8 ++
docker/neutron/neutron-base/build | 1 +
docker/neutron/neutron-base/config-neutron.sh | 87 +++++++++++++++
docker/neutron/neutron-server/Dockerfile | 17 +++
docker/neutron/neutron-server/build | 1 +
docker/neutron/neutron-server/check.sh | 17 +++
docker/neutron/neutron-server/start.sh | 104 ++++++++++++++++++
k8s/pod/neutron-controller-pod.yaml | 30 +++++
k8s/service/neutron-server-service.yaml | 7 ++
tools/start-all-pods | 1 +
tools/start-all-services | 1 +
11 files changed, 274 insertions(+)
create mode 100644 docker/neutron/neutron-base/Dockerfile
create mode 120000 docker/neutron/neutron-base/build
create mode 100644 docker/neutron/neutron-base/config-neutron.sh
create mode 100644 docker/neutron/neutron-server/Dockerfile
create mode 120000 docker/neutron/neutron-server/build
create mode 100755 docker/neutron/neutron-server/check.sh
create mode 100755 docker/neutron/neutron-server/start.sh
create mode 100644 k8s/pod/neutron-controller-pod.yaml
create mode 100644 k8s/service/neutron-server-service.yaml
diff --git a/docker/neutron/neutron-base/Dockerfile b/docker/neutron/neutron-base/Dockerfile
new file mode 100644
index 0000000000..ab8890326b
--- /dev/null
+++ b/docker/neutron/neutron-base/Dockerfile
@@ -0,0 +1,8 @@
+FROM kollaglue/fedora-rdo-base
+MAINTAINER Daneyon Hansen <danehans@cisco.com>
+
+RUN yum -y install openstack-neutron-ml2 ; yum clean all
+
+RUN mkdir -p /opt/kolla
+COPY config-neutron.sh /opt/kolla/config-neutron.sh
+
diff --git a/docker/neutron/neutron-base/build b/docker/neutron/neutron-base/build
new file mode 120000
index 0000000000..43944faa00
--- /dev/null
+++ b/docker/neutron/neutron-base/build
@@ -0,0 +1 @@
+../../../tools/build-docker-image
\ No newline at end of file
diff --git a/docker/neutron/neutron-base/config-neutron.sh b/docker/neutron/neutron-base/config-neutron.sh
new file mode 100644
index 0000000000..1b60709af5
--- /dev/null
+++ b/docker/neutron/neutron-base/config-neutron.sh
@@ -0,0 +1,87 @@
+#!/bin/sh
+
+set -e
+
+. /opt/kolla/kolla-common.sh
+
+: ${ADMIN_TENANT_NAME:=admin}
+: ${NEUTRON_DB_NAME:=neutron}
+: ${NEUTRON_DB_USER:=neutron}
+: ${NEUTRON_KEYSTONE_USER:=neutron}
+: ${KEYSTONE_AUTH_PROTOCOL:=http}
+: ${RABBIT_HOST:=$RABBITMQ_SERVICE_HOST}
+: ${RABBIT_USER:=guest}
+: ${RABBIT_PASSWORD:=guest}
+
+check_required_vars NEUTRON_KEYSTONE_PASSWORD
+dump_vars
+
+cat > /openrc <<EOF
+export OS_AUTH_URL="http://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/v2.0"
+export OS_USERNAME="${NEUTRON_KEYSTONE_USER}"
+export OS_PASSWORD="${NEUTRON_KEYSTONE_PASSWORD}"
+export OS_TENANT_NAME="${ADMIN_TENANT_NAME}"
+EOF
+
+# Rabbit
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ rabbit_host \
+ "${RABBIT_HOST}"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ rabbit_userid \
+ "${RABBIT_USER}"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ rabbit_password \
+ "${RABBIT_PASSWORD}"
+
+# Keystone
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ auth_strategy \
+ "keystone"
+crudini --set /etc/neutron/neutron.conf \
+ keystone_authtoken \
+ auth_protocol \
+ "${KEYSTONE_AUTH_PROTOCOL}"
+crudini --set /etc/neutron/neutron.conf \
+ keystone_authtoken \
+ auth_host \
+ "${KEYSTONE_ADMIN_SERVICE_HOST}"
+crudini --set /etc/neutron/neutron.conf \
+ keystone_authtoken \
+ auth_port \
+ "${KEYSTONE_ADMIN_SERVICE_PORT}"
+crudini --set /etc/neutron/neutron.conf \
+ keystone_authtoken \
+ auth_uri \
+ "${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/"
+crudini --set /etc/neutron/neutron.conf \
+ keystone_authtoken \
+ admin_tenant_name \
+ "${ADMIN_TENANT_NAME}"
+crudini --set /etc/neutron/neutron.conf \
+ keystone_authtoken \
+ admin_user \
+ "${NEUTRON_KEYSTONE_USER}"
+crudini --set /etc/neutron/neutron.conf \
+ keystone_authtoken \
+ admin_password \
+ "${NEUTRON_KEYSTONE_PASSWORD}"
+
+# ML2
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ core_plugin \
+ "ml2"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ service_plugins \
+ "router"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ allow_overlapping_ips \
+ "True"
+
diff --git a/docker/neutron/neutron-server/Dockerfile b/docker/neutron/neutron-server/Dockerfile
new file mode 100644
index 0000000000..5004c23477
--- /dev/null
+++ b/docker/neutron/neutron-server/Dockerfile
@@ -0,0 +1,17 @@
+FROM kollaglue/fedora-rdo-neutron-base
+MAINTAINER Daneyon Hansen <danehans@cisco.com>
+
+#Install required packages
+RUN yum install -y openstack-neutron \
+ python-neutronclient \
+ mariadb \
+ ; yum clean all
+
+VOLUME /var/lib/neutron
+
+EXPOSE 9696
+
+ADD ./start.sh /start.sh
+ADD ./check.sh /check.sh
+
+CMD ["/start.sh"]
diff --git a/docker/neutron/neutron-server/build b/docker/neutron/neutron-server/build
new file mode 120000
index 0000000000..43944faa00
--- /dev/null
+++ b/docker/neutron/neutron-server/build
@@ -0,0 +1 @@
+../../../tools/build-docker-image
\ No newline at end of file
diff --git a/docker/neutron/neutron-server/check.sh b/docker/neutron/neutron-server/check.sh
new file mode 100755
index 0000000000..2a44cda912
--- /dev/null
+++ b/docker/neutron/neutron-server/check.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+RES=0
+
+. /openrc
+if ! keystone token-get > /dev/null; then
+ echo "ERROR: keystone token-get failed" >&2
+ RES=1
+else
+ if ! neutron ext-list > /dev/null; then
+ echo "ERROR: neutron ext-list failed" >&2
+ RES=1
+ fi
+fi
+
+exit $RES
+
diff --git a/docker/neutron/neutron-server/start.sh b/docker/neutron/neutron-server/start.sh
new file mode 100755
index 0000000000..92ab935c53
--- /dev/null
+++ b/docker/neutron/neutron-server/start.sh
@@ -0,0 +1,104 @@
+#!/bin/bash
+
+set -e
+
+. /opt/kolla/kolla-common.sh
+. /opt/kolla/config-neutron.sh
+
+check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
+ NEUTRON_KEYSTONE_USER NEUTRON_KEYSTONE_PASSWORD \
+ ADMIN_TENANT_NAME NEUTRON_SERVER_SERVICE_HOST \
+ PUBLIC_IP
+check_for_keystone
+check_for_db
+
+mysql -h ${MARIADB_SERVICE_HOST} -u root -p${DB_ROOT_PASSWORD} mysql <<EOF
+CREATE DATABASE IF NOT EXISTS ${NEUTRON_DB_NAME} DEFAULT CHARACTER SET utf8;
+GRANT ALL PRIVILEGES ON ${NEUTRON_DB_NAME}.* TO
+ '${NEUTRON_DB_USER}'@'%' IDENTIFIED BY '${NEUTRON_DB_PASSWORD}'
+
+EOF
+
+export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
+export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:35357/v2.0"
+
+# Configure Keystone Service Catalog
+crux user-create -n "${NEUTRON_KEYSTONE_USER}" \
+ -p "${NEUTRON_KEYSTONE_PASSWORD}" \
+ -t "${ADMIN_TENANT_NAME}" \
+ -r admin
+
+crux endpoint-create -n neutron -t network \
+ -I "${KEYSTONE_AUTH_PROTOCOL}://${NEUTRON_SERVER_SERVICE_HOST}:9696" \
+ -P "${KEYSTONE_AUTH_PROTOCOL}://${PUBLIC_IP}:9696" \
+ -A "${KEYSTONE_AUTH_PROTOCOL}://${NEUTRON_SERVER_SERVICE_HOST}:9696"
+
+# Database
+crudini --set /etc/neutron/neutron.conf \
+ database \
+ connection \
+ "mysql://${NEUTRON_DB_USER}:${NEUTRON_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${NEUTRON_DB_NAME}"
+
+# Nova
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ notify_nova_on_port_status_changes \
+ "True"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ notify_nova_on_port_data_changes \
+ "True"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ nova_url \
+ "http://${NOVA_API_SERVICE_HOST}:8774/v2"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ nova_admin_auth_url \
+ "http://${KEYSTONE_ADMIN_SERVICE_HOST}:35357/v2.0"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ nova_region_name \
+ "RegionOne"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ nova_admin_username \
+ "nova"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ nova_admin_tenant_id \
+ "$(keystone tenant-list | grep $ADMIN_TENANT_NAME | awk '{print $2;}')"
+crudini --set /etc/neutron/neutron.conf \
+ DEFAULT \
+ nova_admin_password \
+ "${NOVA_ADMIN_PASSWORD}"
+
+# Configure ml2_conf.ini
+crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
+ ml2 \
+ type_drivers \
+ "gre"
+crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
+ ml2 \
+ tenant_network_types \
+ "gre"
+crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
+ ml2 \
+ mechanism_drivers \
+ "openvswitch"
+crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
+ ml2_type_gre \
+ tunnel_id_ranges \
+ "1:1000"
+crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
+ securitygroup \
+ firewall_driver \
+ "neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver"
+crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini \
+ securitygroup \
+ enable_security_group \
+ "True"
+
+/usr/bin/ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
+
+exec /usr/bin/neutron-server
diff --git a/k8s/pod/neutron-controller-pod.yaml b/k8s/pod/neutron-controller-pod.yaml
new file mode 100644
index 0000000000..a3262a3659
--- /dev/null
+++ b/k8s/pod/neutron-controller-pod.yaml
@@ -0,0 +1,30 @@
+desiredState:
+ manifest:
+ volumes:
+ - name: neutron-data
+ source:
+ emptyDir: {}
+ containers:
+ env:
+ - name: DB_ROOT_PASSWORD
+ value: password
+ - name: NEUTRON_DB_PASSWORD
+ value: password
+ - name: NEUTRON_KEYSTONE_PASSWORD
+ value: password
+ - name: KEYSTONE_ADMIN_TOKEN
+ value: ADMINTOKEN
+ - name: NOVA_ADMIN_PASSWORD
+ value: kolla
+ image: danehans/fedora-rdo-neutron-server
+ name: neutron-server
+ ports:
+ - containerPort: 9696
+ volumeMounts:
+ - name: neutron-data
+ mountPath: /var/lib/neutron
+ id: neutron-controller-1
+ version: v1beta1
+id: neutron-controller
+labels:
+ name: neutron
diff --git a/k8s/service/neutron-server-service.yaml b/k8s/service/neutron-server-service.yaml
new file mode 100644
index 0000000000..148ea4da26
--- /dev/null
+++ b/k8s/service/neutron-server-service.yaml
@@ -0,0 +1,7 @@
+id: neutron-server
+kind: Service
+apiVersion: v1beta1
+port: 9696
+containerPort: 9696
+selector:
+ name: neutron-server
diff --git a/tools/start-all-pods b/tools/start-all-pods
index df7d5ec6aa..c73ab979d0 100755
--- a/tools/start-all-pods
+++ b/tools/start-all-pods
@@ -8,6 +8,7 @@ mariadb
keystone
glance
nova-controller
+neutron-controller
'
for pod in $pods; do
diff --git a/tools/start-all-services b/tools/start-all-services
index 519741559d..dbfe5d8e85 100755
--- a/tools/start-all-services
+++ b/tools/start-all-services
@@ -13,6 +13,7 @@ nova-ec2-api
nova-libvirt
nova-metadata-api
rabbitmq
+neutron-server
'
for svc in $services; do