fixing the network issues of nova testing
Currently we use the network attached to lxcbr0 for mgmt network However we define lxcbr0 - eth1 as mgmt later, which makes two NICs in the containers (eth0 and eth1) having the same network. This causes network issues if not properly configured. To make things simple, this commit creates a br-mgmt network and leaves the lxcbr0 alone. On top of this, iptables were not properly applied. Change-Id: I4e83c2cb90455d5bc82b24dd9f2f0c7e89d7f842
This commit is contained in:
parent
b6371a2009
commit
451fb1c45f
@ -18,7 +18,7 @@ container_name: "{{ inventory_hostname }}"
|
||||
container_networks:
|
||||
management_address:
|
||||
address: "{{ ansible_host }}"
|
||||
bridge: "lxcbr0"
|
||||
bridge: "br-mgmt"
|
||||
interface: "eth1"
|
||||
netmask: "255.255.255.0"
|
||||
type: "veth"
|
||||
|
@ -1,7 +1,7 @@
|
||||
[all]
|
||||
localhost ansible_connection=local ansible_become=True neutron_local_ip=10.100.101.1
|
||||
infra1 ansible_host=10.100.100.101 ansible_become=True ansible_user=root tunnel_address=10.100.101.101
|
||||
openstack1 ansible_host=10.100.100.102 ansible_become=True ansible_user=root tunnel_address=10.100.101.102 neutron_local_ip=10.100.101.102
|
||||
infra1 ansible_host=10.100.102.101 ansible_become=True ansible_user=root tunnel_address=10.100.101.101
|
||||
openstack1 ansible_host=10.100.102.102 ansible_become=True ansible_user=root tunnel_address=10.100.101.102 neutron_local_ip=10.100.101.102
|
||||
|
||||
[all_containers]
|
||||
infra1
|
||||
|
@ -22,7 +22,7 @@
|
||||
rabbitmq_vhost:
|
||||
name: "{{ glance_rabbitmq_vhost }}"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['glance_all'][0]
|
||||
- name: Ensure rabbitmq user
|
||||
rabbitmq_user:
|
||||
@ -33,7 +33,7 @@
|
||||
read_priv: ".*"
|
||||
write_priv: ".*"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['glance_all'][0]
|
||||
- name: Create DB for service
|
||||
mysql_db:
|
||||
@ -42,7 +42,7 @@
|
||||
login_host: "localhost"
|
||||
name: "{{ glance_galera_database }}"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['glance_all'][0]
|
||||
- name: Grant access to the DB for the service
|
||||
mysql_user:
|
||||
@ -57,7 +57,7 @@
|
||||
with_items:
|
||||
- "localhost"
|
||||
- "%"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['glance_all'][0]
|
||||
roles:
|
||||
- role: "os_glance"
|
||||
|
@ -22,7 +22,7 @@
|
||||
rabbitmq_vhost:
|
||||
name: "{{ keystone_rabbitmq_vhost }}"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['keystone_all'][0]
|
||||
tags:
|
||||
- aodh-rabbitmq
|
||||
@ -36,7 +36,7 @@
|
||||
read_priv: ".*"
|
||||
write_priv: ".*"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['keystone_all'][0]
|
||||
tags:
|
||||
- aodh-rabbitmq
|
||||
@ -48,7 +48,7 @@
|
||||
login_host: "localhost"
|
||||
name: "{{ keystone_galera_database }}"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['keystone_all'][0]
|
||||
tags:
|
||||
- mysql-db-setup
|
||||
@ -65,7 +65,7 @@
|
||||
with_items:
|
||||
- "localhost"
|
||||
- "%"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['keystone_all'][0]
|
||||
tags:
|
||||
- mysql-db-setup
|
||||
|
@ -60,7 +60,7 @@
|
||||
rabbitmq_vhost:
|
||||
name: "{{ neutron_rabbitmq_vhost }}"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['neutron_all'][0]
|
||||
tags:
|
||||
- neutron-rabbitmq
|
||||
@ -74,7 +74,7 @@
|
||||
read_priv: ".*"
|
||||
write_priv: ".*"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['neutron_all'][0]
|
||||
tags:
|
||||
- neutron-rabbitmq
|
||||
@ -86,7 +86,7 @@
|
||||
login_host: "localhost"
|
||||
name: "{{ neutron_galera_database }}"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['neutron_all'][0]
|
||||
tags:
|
||||
- mysql-db-setup
|
||||
@ -103,7 +103,7 @@
|
||||
with_items:
|
||||
- "localhost"
|
||||
- "%"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['neutron_all'][0]
|
||||
tags:
|
||||
- mysql-db-setup
|
||||
|
@ -34,7 +34,7 @@
|
||||
rabbitmq_vhost:
|
||||
name: "{{ nova_rabbitmq_vhost }}"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['nova_all'][0]
|
||||
tags:
|
||||
- aodh-rabbitmq
|
||||
@ -48,7 +48,7 @@
|
||||
read_priv: ".*"
|
||||
write_priv: ".*"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['nova_all'][0]
|
||||
tags:
|
||||
- aodh-rabbitmq
|
||||
@ -60,7 +60,7 @@
|
||||
login_host: "localhost"
|
||||
name: "{{ nova_galera_database }}"
|
||||
state: "present"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['nova_all'][0]
|
||||
tags:
|
||||
- mysql-db-setup
|
||||
@ -77,7 +77,7 @@
|
||||
with_items:
|
||||
- "localhost"
|
||||
- "%"
|
||||
delegate_to: "10.100.100.101"
|
||||
delegate_to: "10.100.102.101"
|
||||
when: inventory_hostname == groups['nova_all'][0]
|
||||
tags:
|
||||
- mysql-db-setup
|
||||
|
@ -49,6 +49,11 @@
|
||||
lxc_container_template_main_apt_repo: "{{ ubuntu_repo.stdout }}"
|
||||
lxc_container_template_security_apt_rep: "{{ ubuntu_repo.stdout }}"
|
||||
post_tasks:
|
||||
# The elegant solution: change the bridge everywhere to replicate the standard behaviour
|
||||
- name: Create br-mgmt bridge
|
||||
command: /sbin/brctl addbr br-mgmt
|
||||
- name: IP br-mgmt
|
||||
command: /sbin/ifconfig br-mgmt 10.100.102.1 netmask 255.255.255.0
|
||||
- name: Create br-vxlan bridge
|
||||
command: /sbin/brctl addbr br-vxlan
|
||||
- name: IP br-vxlan
|
||||
@ -59,6 +64,8 @@
|
||||
command: /sbin/ifconfig br-vlan 10.1.13.1 netmask 255.255.255.0
|
||||
- name: Add iptables rule to ensure ssh checksum is correct
|
||||
command: /sbin/iptables -A POSTROUTING -t mangle -p tcp --dport 22 -j CHECKSUM --checksum-fill
|
||||
- name: Add iptables rules for lxc natting
|
||||
command: /usr/local/bin/lxc-system-manage iptables-create
|
||||
roles:
|
||||
- role: "lxc_hosts"
|
||||
lxc_net_address: 10.100.100.1
|
||||
|
@ -16,12 +16,12 @@
|
||||
cinder_backends_rbd_inuse: false
|
||||
cinder_ceph_client: cinder
|
||||
debug: true
|
||||
external_lb_vip_address: 10.100.100.102
|
||||
external_lb_vip_address: 10.100.102.102
|
||||
galera_client_drop_config_file: false
|
||||
galera_root_password: secrete
|
||||
glance_container_mysql_password: "SuperSecrete"
|
||||
glance_developer_mode: true
|
||||
glance_galera_address: 10.100.100.101
|
||||
glance_galera_address: 10.100.102.101
|
||||
glance_galera_database: glance
|
||||
glance_git_install_branch: master
|
||||
glance_host: "{{ internal_lb_vip_address }}"
|
||||
@ -33,18 +33,18 @@ glance_requirements_git_install_branch: master
|
||||
glance_service_password: "secrete"
|
||||
glance_service_port: 9292
|
||||
glance_venv_tag: "testing"
|
||||
internal_lb_vip_address: 10.100.100.102
|
||||
internal_lb_vip_address: 10.100.102.102
|
||||
keystone_admin_tenant_name: admin
|
||||
keystone_admin_user_name: admin
|
||||
keystone_auth_admin_password: SuperSecretePassword
|
||||
keystone_container_mysql_password: "SuperSecrete"
|
||||
keystone_developer_mode: true
|
||||
keystone_galera_address: 10.100.100.101
|
||||
keystone_galera_address: 10.100.102.101
|
||||
keystone_galera_database: keystone
|
||||
keystone_git_install_branch: master
|
||||
keystone_rabbitmq_password: "secrete"
|
||||
keystone_rabbitmq_port: 5671
|
||||
keystone_rabbitmq_servers: 10.100.100.101
|
||||
keystone_rabbitmq_servers: 10.100.102.101
|
||||
keystone_rabbitmq_use_ssl: false
|
||||
keystone_rabbitmq_userid: keystone
|
||||
keystone_rabbitmq_vhost: /keystone
|
||||
@ -62,7 +62,7 @@ memcached_encryption_key: "secrete"
|
||||
memcached_servers: 127.0.0.1
|
||||
neutron_container_mysql_password: SuperSecrete
|
||||
neutron_developer_mode: true
|
||||
neutron_galera_address: 10.100.100.101
|
||||
neutron_galera_address: 10.100.102.101
|
||||
neutron_galera_database: neutron
|
||||
neutron_git_install_branch: master
|
||||
neutron_ha_vrrp_auth_password: secrete
|
||||
@ -78,14 +78,14 @@ neutron_service_region: RegionOne
|
||||
neutron_service_user_name: neutron
|
||||
neutron_venv_tag: testing
|
||||
nova_api_container_mysql_password: "SuperSecrete"
|
||||
nova_api_galera_address: 10.100.100.101
|
||||
nova_api_galera_address: 10.100.102.101
|
||||
nova_container_mysql_password: "SuperSecrete"
|
||||
nova_developer_mode: true
|
||||
nova_galera_address: 10.100.100.101
|
||||
nova_galera_address: 10.100.102.101
|
||||
nova_galera_database: nova
|
||||
nova_git_install_branch: master
|
||||
nova_keystone_auth_plugin: password
|
||||
nova_management_address: "10.100.100.1"
|
||||
nova_management_address: "10.100.102.1"
|
||||
nova_metadata_port: 8775
|
||||
nova_metadata_proxy_secret: "secrete"
|
||||
nova_novncproxy_vncserver_listen: localhost
|
||||
@ -108,7 +108,7 @@ openrc_os_auth_url: "http://127.0.0.1:5000/v3"
|
||||
openrc_os_domain_name: "Default"
|
||||
openrc_os_password: "{{ keystone_auth_admin_password }}"
|
||||
rabbitmq_port: 5671
|
||||
rabbitmq_servers: 10.100.100.101
|
||||
rabbitmq_servers: 10.100.102.101
|
||||
rabbitmq_use_ssl: true
|
||||
tempest_developer_mode: True
|
||||
tempest_git_install_branch: master
|
||||
|
Loading…
x
Reference in New Issue
Block a user