Adds neutron scripts for training lab network node

Adds neutron scripts for training labs which will install and configure neutron on the network node. Partial-Bug: #1312764 Implements: blueprint openstack-training-labs Change-Id: I18205382408e71c567ec9c541c5b93fde4370e53
2014-08-18 20:31:23 +05:30 · 2014-08-18 20:31:23 +05:30 · be3f838947
commit be3f838947
parent a9d74f1348
5 changed files with 127 additions and 3 deletions
--- a/labs/config/credentials
+++ b/labs/config/credentials
@ -42,4 +42,7 @@
 # Domain to use for email addresses (e.g. admin@example.com)
 : ${MAIL_DOMAIN:=example.com}

+# Metadata secret used by neutron and nova.
+: ${METADATA_SECRET:=osbash_training}
+
 # vim: set ai ts=4 sw=4 et ft=sh:
--- a/labs/config/scripts.network
+++ b/labs/config/scripts.network
@ -1,4 +1,5 @@
 # Scripts for network node
+scripts setup_neutron_network.sh
 scripts shutdown.sh
 boot
 wait_for_shutdown
--- a/labs/scripts/apt_pre-download.sh
+++ b/labs/scripts/apt_pre-download.sh
@ -19,6 +19,5 @@ sudo apt-get install -y --download-only cinder-api cinder-scheduler lvm2 \
    cinder-volume glance openstack-dashboard memcached keystone \
    neutron-server neutron-plugin-ml2 nova-api nova-cert nova-conductor \
    nova-consoleauth nova-novncproxy nova-scheduler python-novaclient \
-    nova-compute-kvm python-guestfs neutron-common neutron-plugin-ml2 \
-    neutron-plugin-openvswitch-agent
-
+    nova-compute-kvm python-guestfs neutron-common \
+    neutron-plugin-openvswitch-agent neutron-l3-agent neutron-dhcp-agent
--- a/labs/scripts/setup_neutron_controller.sh
+++ b/labs/scripts/setup_neutron_controller.sh
@ -120,6 +120,8 @@ iniset_sudo $conf DEFAULT neutron_admin_auth_url http://controller-mgmt:35357/v2
 iniset_sudo $conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
 iniset_sudo $conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
 iniset_sudo $conf DEFAULT security_group_api neutron
+iniset_sudo $conf DEFAULT service_neutron_metadata_proxy true
+iniset_sudo $conf DEFAULT neutron_metadata_proxy_shared_secret "$METADATA_SECRET"

 echo "Restart nova services"
 sudo service nova-api restart
--- a/labs/scripts/setup_neutron_network.sh
+++ b/labs/scripts/setup_neutron_network.sh
@ -0,0 +1,119 @@
+#!/usr/bin/env bash
+TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
+source "$TOP_DIR/config/paths"
+source "$CONFIG_DIR/credentials"
+source "$LIB_DIR/functions.guest"
+source "$CONFIG_DIR/labs-openstackrc.sh"
+exec_logfile
+
+indicate_current_auto
+
+#------------------------------------------------------------------------------
+# Set up OpenStack Networking (neutron) for network node.
+#------------------------------------------------------------------------------
+
+echo "Disabling Reverse Path Forwarding filter (RFC 3704)."
+sudo sysctl -w "net.ipv4.conf.all.rp_filter=0"
+sudo sysctl -w "net.ipv4.conf.default.rp_filter=0"
+sudo sysctl -w "net.ipv4.ip_forward=1"
+
+echo "Installing neutron for network node."
+sudo apt-get install -y neutron-common neutron-plugin-ml2 \
+    neutron-plugin-openvswitch-agent neutron-l3-agent \
+    neutron-dhcp-agent
+
+echo "Configuring neutron for network node."
+
+neutron_admin_user=$(service_to_user_name neutron)
+neutron_admin_password=$(service_to_user_password neutron)
+
+echo "Configuring neutron to use keystone for authentication."
+conf=/etc/neutron/neutron.conf
+echo "Configuring $conf."
+
+# Configuring [DEFAULT] section
+iniset_sudo $conf DEFAULT auth_strategy keystone
+iniset_sudo $conf DEFAULT verbose True
+
+# Configure AMQP parameters
+iniset_sudo $conf DEFAULT rpc_backend neutron.openstack.common.rpc.impl_kombu
+iniset_sudo $conf DEFAULT rabbit_host controller-mgmt
+iniset_sudo $conf DEFAULT rabbit_password $RABBIT_PASSWORD
+
+# Configure network plugin parameters
+iniset_sudo $conf DEFAULT core_plugin ml2
+iniset_sudo $conf DEFAULT service_plugins router
+iniset_sudo $conf DEFAULT allow_overlapping_ips True
+
+# Configuring [keystone_authtoken] section
+iniset_sudo $conf keystone_authtoken auth_uri "http://controller-mgmt:5000"
+iniset_sudo $conf keystone_authtoken auth_host controller-mgmt
+iniset_sudo $conf keystone_authtoken auth_port 35357
+iniset_sudo $conf keystone_authtoken auth_protocol http
+iniset_sudo $conf keystone_authtoken admin_tenant_name "$SERVICE_TENANT_NAME"
+iniset_sudo $conf keystone_authtoken admin_user "$neutron_admin_user"
+iniset_sudo $conf keystone_authtoken admin_password "$neutron_admin_password"
+
+echo "Configuring the OVS plug-in to use GRE tunneling."
+conf=/etc/neutron/plugins/ml2/ml2_conf.ini
+
+# Under the ml2 section
+iniset_sudo $conf ml2 type_drivers gre
+iniset_sudo $conf ml2 tenant_network_types gre
+iniset_sudo $conf ml2 mechanism_drivers openvswitch
+
+# Under the ml2_type_gre section
+iniset_sudo $conf ml2_type_gre tunnel_id_ranges 1:1000
+
+# Under the securitygroup section
+iniset_sudo $conf securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+iniset_sudo $conf securitygroup enable_security_group True
+
+# Under the ovs section
+iniset_sudo $conf ovs local_ip "$(hostname_to_ip network-data)"
+iniset_sudo $conf ovs tunnel_type gre
+iniset_sudo $conf ovs enable_tunneling True
+
+echo "Restarting the Open vSwitch (OVS) service."
+sudo service openvswitch-switch restart
+
+echo "Adding the integration bridge."
+sudo ovs-vsctl add-br br-int
+
+echo "Adding the external bridge"
+sudo ovs-vsctl add-br br-ex
+
+echo "Adding port to external bridge."
+sudo ovs-vsctl add-port br-ex eth2
+
+echo "Configuring Layer-3 agent."
+conf=/etc/neutron/l3_agent.ini
+iniset_sudo $conf DEFAULT interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
+iniset_sudo $conf DEFAULT use_namespaces True
+iniset_sudo $conf DEFAULT verbose True
+
+echo "Configuring the metadata agent"
+conf=/etc/neutron/metadata_agent.ini
+iniset_sudo $conf DEFAULT auth_uri http://controller-mgmt:5000/v2.0
+iniset_sudo $conf DEFAULT auth_region regionOne
+iniset_sudo $conf DEFAULT admin_tenant_name "$SERVICE_TENANT_NAME"
+iniset_sudo $conf DEFAULT admin_user "$neutron_admin_user"
+iniset_sudo $conf DEFAULT admin_password "$neutron_admin_password"
+iniset_sudo $conf DEFAULT nova_metadata_ip controller-mgmt
+iniset_sudo $conf DEFAULT metadata_proxy_shared_secret "$METADATA_SECRET"
+
+echo "Configuring the DHCP agent"
+conf=/etc/neutron/dhcp_agent.ini
+iniset_sudo $conf DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
+iniset_sudo $conf DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
+iniset_sudo $conf DEFAULT use_namespaces True
+iniset_sudo $conf DEFAULT verbose True
+
+echo "Restarting the network service."
+sudo service neutron-plugin-openvswitch-agent restart
+sudo service neutron-l3-agent restart
+sudo service neutron-dhcp-agent restart
+sudo service neutron-metadata-agent restart
+
+echo "Restarting the OVS agent."
+sudo service neutron-plugin-openvswitch-agent restart