openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/neutron/tasks/config.yml
Jianghua Wang 0df6e2046e XenAPI: Support neutron configuration 
When using XenAPI as the compute virt driver, we need an OVS agent
to manage the OVS running in XenServer dom0. This OVS agent uses
the HIMN(Host Internal Management Network) to communicate with
dom0's OVS. This commit includes the following changes:

* Add a new ovs agent service - neutron-openvswitch-agent-xenapi
  This new agent service will run in the compute hosts and controls
  the OVS running in XenServer dom0; the existing agent service -
  neutron-openvswitch-agent will run in the network hosts and controls
  the OVS running in network hosts.

* It retrieves XenAPI variables from the json file generated at XenAPI
  bootstrap.

* Basing on the XenAPI variables, it will customize relative ml2_conf.ini's
  configure options in a new template which will override the default options.
  e.g.
  * of_listen_address:
  XenAPI use the local himn interface's IP as of_listen_address, so
  that the ovs running dom0 can receive OpenFlow rules from the service
  of neutron-openvswitch-agent-xenapi.
  * ovsdb_connection:
  XenAPI use XenServer dom0's HIMN IP as the OVS DB connection IP, so
  that neutron-openvswitch-agent-xenapi can connect to dom0's OVS DB.
  * host:
  Use the dom0's hostname.

* At the moment, l2_population doesn't for for XenAPI. So disable it.

References:

* XenServer (and other XAPI based Xen variants):
  https://docs.openstack.org/nova/pike/admin/configuration/hypervisor-xen-api.html

* XenCenter HIMN plugin (adding HIMN network which is used by XenAPI driver to
  communicate with XenServer):
  https://github.com/citrix-openstack/xencenter-himn-plugin

* Neutron OVS agent configuration options:
  https://docs.openstack.org/neutron/latest/configuration/openvswitch-agent.html

Change-Id: Iaee0a6c84069b3e6015b00de7aea880cdd33ab09
blueprint: xenserver-support
2018-01-19 10:59:49 +00:00

421 lines
14 KiB
YAML
Raw Blame History

---
- name: Setting sysctl values
become: true
vars:
neutron_l3_agent: "{{ neutron_services['neutron-l3-agent'] }}"
neutron_vpnaas_agent: "{{ neutron_services['neutron-vpnaas-agent'] }}"
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
with_items:
- { name: "net.ipv4.ip_forward", value: 1}
- { name: "net.ipv4.conf.all.rp_filter", value: 0}
- { name: "net.ipv4.conf.default.rp_filter", value: 0}
when:
- set_sysctl | bool
- (neutron_l3_agent.enabled | bool and neutron_l3_agent.host_in_groups | bool)
or (neutron_vpnaas_agent.enabled | bool and neutron_vpnaas_agent.host_in_groups | bool)
- name: Ensuring config directories exist
become: true
file:
path: "{{ node_config_directory }}/{{ item.key }}"
state: "directory"
owner: "{{ config_owner_user }}"
group: "{{ config_owner_group }}"
mode: "0770"
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
- name: Copying over config.json files for services
become: true
template:
src: "{{ item.key }}.json.j2"
dest: "{{ node_config_directory }}/{{ item.key }}/config.json"
mode: "0770"
register: neutron_config_jsons
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over neutron.conf
become: true
vars:
service_name: "{{ item.key }}"
services_need_neutron_conf:
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-metadata-agent"
- "neutron-openvswitch-agent"
- "neutron-openvswitch-agent-xenapi"
- "neutron-server"
- "neutron-lbaas-agent"
- "neutron-vpnaas-agent"
- "neutron-bgp-dragent"
merge_configs:
sources:
- "{{ role_path }}/templates/neutron.conf.j2"
- "{{ node_custom_config }}/global.conf"
- "{{ node_custom_config }}/neutron.conf"
- "{{ node_custom_config }}/neutron/{{ item.key }}.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/neutron.conf"
mode: "0660"
register: neutron_confs
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
- item.key in services_need_neutron_conf
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over neutron_lbaas.conf
become: true
vars:
service_name: "{{ item.key }}"
services_need_neutron_lbaas_conf:
- "neutron-server"
- "neutron-lbaas-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/neutron_lbaas.conf.j2"
- "{{ node_custom_config }}/neutron/neutron_lbaas.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_lbaas.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_lbaas.conf"
register: neutron_lbaas_confs
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
- item.key in services_need_neutron_lbaas_conf
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over neutron_vpnaas.conf
become: true
vars:
service_name: "{{ item.key }}"
services_need_neutron_vpnaas_conf:
- "neutron-server"
- "neutron-vpnaas-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/neutron_vpnaas.conf.j2"
- "{{ node_custom_config }}/neutron/neutron_vpnaas.conf"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_vpnaas.conf"
dest: "{{ node_config_directory }}/{{ item.key }}/neutron_vpnaas.conf"
register: neutron_vpnaas_confs
when:
- item.value.enabled | bool
- item.value.host_in_groups | bool
- item.key in services_need_neutron_vpnaas_conf
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over ml2_conf.ini
become: true
vars:
service_name: "{{ item.key }}"
services_need_ml2_conf_ini:
- "neutron-linuxbridge-agent"
- "neutron-openvswitch-agent"
- "neutron-server"
merge_configs:
sources:
- "{{ role_path }}/templates/ml2_conf.ini.j2"
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/ml2_conf.ini"
mode: "0660"
register: neutron_ml2_confs
when:
- item.key in services_need_ml2_conf_ini
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over ml2_conf.ini for XenAPI
become: true
vars:
service_name: "{{ item.key }}"
services_need_ml2_conf_ini:
- "neutron-openvswitch-agent-xenapi"
os_xenapi_variables: "{{ lookup('file', xenapi_facts_file) | from_json }}"
merge_configs:
sources:
- "{{ role_path }}/templates/ml2_conf.ini.j2"
- "{{ role_path }}/templates/ml2_conf_xenapi.ini.j2"
- "{{ node_custom_config }}/neutron/ml2_conf.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/ml2_conf.ini"
- "{{ node_custom_config }}/neutron/{{ service_name }}/ml2_conf.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/ml2_conf.ini"
mode: "0660"
register: neutron_ml2_confs
when:
- item.key in services_need_ml2_conf_ini
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over dhcp_agent.ini
become: true
vars:
service_name: "neutron-dhcp-agent"
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/dhcp_agent.ini.j2"
- "{{ node_custom_config }}/neutron/dhcp_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/dhcp_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/dhcp_agent.ini"
mode: "0660"
register: dhcp_agent_ini
when:
- neutron_dhcp_agent.enabled | bool
- neutron_dhcp_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over dnsmasq.conf
become: true
vars:
service_name: "neutron-dhcp-agent"
neutron_dhcp_agent: "{{ neutron_services[service_name] }}"
template:
src: "dnsmasq.conf.j2"
dest: "{{ node_config_directory }}/{{ service_name }}/dnsmasq.conf"
mode: "0660"
register: dnsmasq_conf
when:
- neutron_dhcp_agent.enabled | bool
- neutron_dhcp_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over l3_agent.ini
become: true
vars:
service_name: "{{ item.key }}"
services_need_l3_agent_ini:
- "neutron-l3-agent"
- "neutron-vpnaas-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/l3_agent.ini.j2"
- "{{ node_custom_config }}/neutron/l3_agent.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/l3_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/l3_agent.ini"
mode: "0660"
register: neutron_l3_agent_inis
when:
- item.key in services_need_l3_agent_ini
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over fwaas_driver.ini
become: true
vars:
service_name: "{{ item.key }}"
services_need_fwaas_driver_ini:
- "neutron-server"
- "neutron-l3-agent"
- "neutron-vpnaas-agent"
merge_configs:
sources:
- "{{ role_path }}/templates/fwaas_driver.ini.j2"
- "{{ node_custom_config }}/neutron/fwaas_driver.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/fwaas_driver.ini"
mode: "0660"
register: neutron_fwaas_driver_inis
when:
- item.key in services_need_fwaas_driver_ini
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copying over metadata_agent.ini
become: true
vars:
service_name: "neutron-metadata-agent"
neutron_metadata_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/metadata_agent.ini.j2"
- "{{ node_custom_config }}/neutron/metadata_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/metadata_agent.ini"
mode: "0660"
register: neutron_metadata_agent_ini
when:
- neutron_metadata_agent.enabled | bool
- neutron_metadata_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over lbaas_agent.ini
become: true
vars:
service_name: "neutron-lbaas-agent"
neutron_lbaas_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/lbaas_agent.ini.j2"
- "{{ node_custom_config }}/neutron/lbaas_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/lbaas_agent.ini"
mode: "0660"
register: neutron_lbaas_agent_ini
when:
- neutron_lbaas_agent.enabled | bool
- neutron_lbaas_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over vpnaas_agent.ini
become: true
vars:
service_name: "neutron-vpnaas-agent"
neutron_vpnaas_agent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/vpnaas_agent.ini.j2"
- "{{ node_custom_config }}/neutron/vpnaas_agent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/vpnaas_agent.ini"
mode: "0660"
register: neutron_vpnaas_agent_ini
when:
- neutron_vpnaas_agent.enabled | bool
- neutron_vpnaas_agent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copying over bgp_dragent.ini
become: true
vars:
service_name: "neutron-bgp-dragent"
neutron_bgp_dragent: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/bgp_dragent.ini.j2"
- "{{ node_custom_config }}/neutron/bgp_dragent.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/bgp_dragent.ini"
register: neutron_bgp_dragent_ini
when:
- neutron_bgp_dragent.enabled | bool
- neutron_bgp_dragent.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Check if policies shall be overwritten
local_action: stat path="{{ node_custom_config }}/neutron/policy.json"
run_once: True
register: neutron_policy
- name: Copying over nsx.ini
vars:
service_name: "neutron-server"
neutron_server: "{{ neutron_services[service_name] }}"
merge_configs:
sources:
- "{{ role_path }}/templates/nsx.ini.j2"
- "{{ node_custom_config }}/neutron/nsx.ini"
- "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/nsx.ini"
dest: "{{ node_config_directory }}/{{ service_name }}/nsx.ini"
register: nsx_ini
when:
- neutron_server.enabled | bool
- neutron_server.host_in_groups | bool
- neutron_plugin_agent in ['vmware_nsxv', 'vmware_dvs']
notify:
- "Restart {{ service_name }} container"
- name: Copying over existing policy.json
become: true
vars:
service_name: "{{ item.key }}"
services_need_policy_json:
- "neutron-dhcp-agent"
- "neutron-l3-agent"
- "neutron-linuxbridge-agent"
- "neutron-metadata-agent"
- "neutron-openvswitch-agent"
- "neutron-openvswitch-agent-xenapi"
- "neutron-server"
- "neutron-lbaas-agent"
- "neutron-vpnaas-agent"
- "neutron-bgp-dragent"
template:
src: "{{ node_custom_config }}/neutron/policy.json"
dest: "{{ node_config_directory }}/{{ service_name }}/policy.json"
mode: "0660"
register: policy_jsons
when:
- neutron_policy.stat.exists
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
- name: Copy neutron-l3-agent-wrapper script
become: true
vars:
service_name: "neutron-l3-agent"
service: "{{ neutron_services[service_name] }}"
template:
src: neutron-l3-agent-wrapper.sh.j2
dest: "{{ node_config_directory }}/{{ service_name }}/neutron-l3-agent-wrapper.sh"
register: neutron_l3_agent_wrapper
when:
- service.enabled | bool
- service.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
- name: Copy neutron-vpnaas-agent-wrapper script
become: true
vars:
service_name: "neutron-vpnaas-agent"
service: "{{ neutron_services[service_name] }}"
template:
src: neutron-vpnaas-agent-wrapper.sh.j2
dest: "{{ node_config_directory }}/{{ service_name }}/neutron-vpnaas-agent-wrapper.sh"
register: neutron_vpnaas_agent_wrapper
when:
- service.enabled | bool
- service.host_in_groups | bool
notify:
- "Restart {{ service_name }} container"
# TODO check the environment change
- name: Check neutron containers
kolla_docker:
action: "compare_container"
common_options: "{{ docker_common_options }}"
name: "{{ item.value.container_name }}"
image: "{{ item.value.image }}"
privileged: "{{ item.value.privileged | default(False) }}"
volumes: "{{ item.value.volumes }}"
register: check_neutron_containers
when:
- action != "config"
- item.value.enabled | bool
- item.value.host_in_groups | bool
with_dict: "{{ neutron_services }}"
notify:
- "Restart {{ item.key }} container"
View Git Blame Copy Permalink