As neutron-vpnaas-agent has been loaded just inside of the existing l3 agent
rather than requiring operators to run a completely different binary with a
subclass of the existing L3 agent[1]. We need restructure this role to fit
with this new feature.
[1] https://review.openstack.org/488247
Depends-On: I47cd8ba5a14da3c76d5b1eb0b4c0cf0c729eb2ff
Change-Id: Id690a652bc9facf1c3e39358f548ab7ddd967d80
Implements: blueprint restructure-neutron-vpnaas
Closes-Bug: #1731498
Change the default hardcoded values of the dnsmasq dns resolvers
on dhcp_agent.ini.j2 to a configuration option part
of group_vars/all.yml.
Also adding 1.1.1.1 as part of the default set.
Change-Id: I629c69e556d4ddba19f68f06627038e1886ae5f9
Signed-off-by: Jorge Niedbalski <jorge.niedbalski@linaro.org>
If SSL is enabled, api of multiple services returns
wrong external URL without https prefix.
Removal of condition for deletion of http header.
Change-Id: I4264e04d0d6b9a3e11ef7dd7add6c5e166cf9fb4
Closes-Bug: #1749155
Closes-Bug: #1717491
This patch allows configuration of the Infoblox
pluggable IPAM driver in neutron [0].
When 'infoblox' is chosen as the driver, an Infoblox
IPAM agent can be started as well. The agent
allows for enhanced DNS capabilities by listening
for neutron and nova notifications.
[0] https://github.com/openstack/networking-infoblox/blob/master/README.rst
Change-Id: I4f863750a7806a7b6eaf13900d44e5f063afe3de
Depends-On: Ia44f0e0d7a0d60cebf0857ad51700e02eba5099b
Partially-Implements: blueprint neutron-ipam-driver-infoblox
This feature replaces splitting of compute hosts into inner
and external with a new variable 'neutron_compute_dvr_mode'
that controls whether computes will have full-blown DVR or
internal only (tenant) networking.
Change-Id: I6720ccfcfcec89f9996d4cb5ae60f31eb3113667
Implements: blueprint dvr-mode-property
This commit contains two fixes:
1. ``of_listen_address``: We use the xenapi's facts directly, so
that we can avoid depending on facts gathered by setup for hosts;
This is useful when deploy on the role of neutron only (--tag neutron);
2. ``local_ip``: Get the proper IP for tunnel. It should be chosen
from dom0's IP which is in the same network where tunnel interface
is connected.
blueprint: xenserver-support
Change-Id: I61bbd6499323e3fddd6293a0df6baec34dbddf23
When enabled provider networks; the neutron-openvswith-agent-xenapi
should use proper bridge_mappings which should have dom0's bridges
where the VMs' vifs actually connected to for the interfaces defined
in the configure option of *neutron_external_interface*.
Depends-On: I9a6bebe19ed488bb2173d5dc2daa14e236411243
Change-Id: I44f59c69d25b8400e1b936fcdf8f21b5c4168f1f
When using XenAPI as the compute virt driver, we need an OVS agent
to manage the OVS running in XenServer dom0. This OVS agent uses
the HIMN(Host Internal Management Network) to communicate with
dom0's OVS. This commit includes the following changes:
* Add a new ovs agent service - neutron-openvswitch-agent-xenapi
This new agent service will run in the compute hosts and controls
the OVS running in XenServer dom0; the existing agent service -
neutron-openvswitch-agent will run in the network hosts and controls
the OVS running in network hosts.
* It retrieves XenAPI variables from the json file generated at XenAPI
bootstrap.
* Basing on the XenAPI variables, it will customize relative ml2_conf.ini's
configure options in a new template which will override the default options.
e.g.
* of_listen_address:
XenAPI use the local himn interface's IP as of_listen_address, so
that the ovs running dom0 can receive OpenFlow rules from the service
of neutron-openvswitch-agent-xenapi.
* ovsdb_connection:
XenAPI use XenServer dom0's HIMN IP as the OVS DB connection IP, so
that neutron-openvswitch-agent-xenapi can connect to dom0's OVS DB.
* host:
Use the dom0's hostname.
* At the moment, l2_population doesn't for for XenAPI. So disable it.
References:
* XenServer (and other XAPI based Xen variants):
https://docs.openstack.org/nova/pike/admin/configuration/hypervisor-xen-api.html
* XenCenter HIMN plugin (adding HIMN network which is used by XenAPI driver to
communicate with XenServer):
https://github.com/citrix-openstack/xencenter-himn-plugin
* Neutron OVS agent configuration options:
https://docs.openstack.org/neutron/latest/configuration/openvswitch-agent.html
Change-Id: Iaee0a6c84069b3e6015b00de7aea880cdd33ab09
blueprint: xenserver-support
interface_driver parameter is missing when using vmware DVS on the
dhcp_agent configuration. As a result we get the following error:
Error loading interface driver 'None'
Change-Id: I302a1392615792bd65cab9c0933cb7f7e5e1880d
Closes-Bug: #1736410
This commit separates the messaging rpc and notify transports in order
to support separate and different oslo.messaging backends
This patch:
* add rpc and notify variables
* update service role conf templates
* add example to globals.yaml
* add release note
Implements: blueprint hybrid-messaging
Change-Id: I34691c2895c8563f1f322f0850ecff98d11b5185
This patch introduces inner-compute and external-compute nodes
group to distinguish compute nodes which do not have external
reachability from compute nodes which can reach outside.
Co-Authored-By: jinke <jin.ke@99cloud.net>
Co-Authored-By: yong sheng gong <gong.yongsheng@99cloud.net>
Change-Id: I45b945f7885e8243b017cf8607cbd7f9827cb6e9
Closes-bug: #1722026
- This change automates generation of
the datapath_type paramater in the ml2_conf.ini
- If enable_ovs_dpdk is no the datapath type
will be system else it will be netdev which maintains
the current default behaviour when dpdk is not enabled.
Change-Id: Iedbf39c621f3c0237f9b9934492b12c600f2c4d3
partial-implementes: bp/ovs-dpdk
HyperV support disables tunneling for entire environment. This
should not be the case since tunneling can be used for KVM in mix
env. In this case, HyperV VMs can only use flat/vlan networks.
Change-Id: I6237c42918442625acd946b7455d236612ba19cc
Closes-Bug: #1725417
Fix a missing comma in config.json when neutron_plugin_agent is set
to 'vmware_nsxv' or 'vmware_dvs'.
Closes-Bug: #1720380
Change-Id: I088f09a426a5435202176c45a77b1fbc19468f97
Openvswitch_db is not necessary to listener api_address.
Just let openvswitch_db listener localhost to avoid security issues.
Change-Id: If4912d90abae933a1ed9e2d14336b89b7c7179dd
Closes-Bug: #1712767
Service_providers config group is already configured in the neutron_vpnaas.conf.
So, we only need to load the neutron_vpnaas.conf configuration file
when the neutron_vpnaas_agent container starts, without having
to duplicate the configuration.
Change-Id: I7b78831325db4bbb263b2cc174e848ea7037ad0a
Add vpnaas support to vsphere by vmware-nsx plugin in neutron.
Depends-On: I7b78831325db4bbb263b2cc174e848ea7037ad0a
Change-Id: I83040c97e5ee4b2ccc0a874623870334c313b4b2
Partially-implements: blueprint kolla-ansible-support-vsphere
Openstack is able to simply manage VLAN network on VMware
Distributed Switch.
DHCP agent can provide dhcp offer with vlan tag provided
by OVS.
Both neutron external nic and physical nic of vCenter/
vSphere should be on a vlan trunk port and can communicate
with each other.
Depends-On: I4655086a3f058ec769d3d37ec6a19565b5ea0841
Change-Id: I6d1629e93f0efeddd2a9000f66cc6f714bebb07c
Partially-implements: blueprint kolla-ansible-support-vsphere
Neutron-sfc-agent start its functions with openvswitch.
This change moves sfc configuration into neutron-openvswitch-agent.
Rework config files to use openvswitch when sfc or openvswitch
are used as network plugin.
Also adds sfc extension_driver to ml2
Change-Id: If1ebf9554f6d686cc6d064e698a48f8a6b6172b3
Closes-Bug: #1664493
Depends-On: I60ba1333231a4ae38a041d41e551f7d74fe15e3b
kolla-kubernetes is using its own configuration generation[0], so it is
time for kolla-ansible to remove the related code to simplify the
logical.
[0] https://github.com/openstack/kolla-kubernetes/tree/master/ansible
Change-Id: I7bb0b7fe3b8eea906613e936d5e9d19f4f2e80bb
Implements: blueprint clean-k8s-config
Add fwaas support to vsphere by vmware-nsx plugin in neutron.
Change-Id: Ie80830f97701d322a3610815f6abd63c523a96d4
Partially-implements: blueprint kolla-ansible-support-vsphere
Remove all l3 related namespaces in case of multiple active routers in
l3 high available mode. The root cause is that keepalived does not
remove the vip address from nic during starting.
neutron-vpnaas-agent is subclass of l3 agent, so should remove all l3
related namespace before starting vpnaas agent.
Closes-Bug: #1703078
Depends-On: Ic9417d2eb03e0dd93f7c668b189b4ad9c72eae0f
Change-Id: I05c1faf2551bb5e70c299e884adf58cd2af52739
fwaas is in pending create state when I attach it to a router.
This patch fix this.
Change-Id: I18b56ed3698e22a02a8718b39360fde76c12428b
Closes-Bug: #1689703