summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-03-17 18:42:37 (GMT)
committerPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-03-20 11:22:17 (GMT)
commit7cb7f91cfdb3b7cb1a9f78aef9443941cb6e3bf8 (patch)
tree53fb8b471d72e1610bd1984c60efc34c38748021
parent55c1cf3a787e1442c393903fc48a513fbc122711 (diff)
downloaddefinitions-baserock/pedroalvarez/openstack-ansible-v5.tar.gz
neutron: configure network with ovs in Ansiblebaserock/pedroalvarez/openstack-ansible-v5
-rw-r--r--openstack/manifest3
-rw-r--r--openstack/usr/share/openstack/extras/10-device-dhcp.network6
-rw-r--r--openstack/usr/share/openstack/neutron.yml99
-rw-r--r--openstack/usr/share/openstack/openvswitch.yml2
4 files changed, 109 insertions, 1 deletions
diff --git a/openstack/manifest b/openstack/manifest
index 79dca54..62b14fc 100644
--- a/openstack/manifest
+++ b/openstack/manifest
@@ -150,6 +150,9 @@
0040755 0 0 /usr/share/openstack/neutron/plugins/vmware
0100644 0 0 /usr/share/openstack/neutron/plugins/vmware/nsx.ini
0100755 0 0 /usr/share/openstack/openstack-neutron-setup
+0040755 0 0 /usr/share/openstack/extras
+0100644 0 0 /usr/share/openstack/extras/00-disable-device.network
+0100644 0 0 /usr/share/openstack/extras/10-device-dhcp.network
0100644 0 0 /usr/lib/systemd/system/openstack-neutron-setup.service
0100644 0 0 /usr/lib/systemd/system/openstack-neutron-server.service
0100644 0 0 /usr/lib/systemd/system/openstack-neutron-metadata-agent.service
diff --git a/openstack/usr/share/openstack/extras/10-device-dhcp.network b/openstack/usr/share/openstack/extras/10-device-dhcp.network
new file mode 100644
index 0000000..43c9ad0
--- /dev/null
+++ b/openstack/usr/share/openstack/extras/10-device-dhcp.network
@@ -0,0 +1,6 @@
+[Match]
+Name={{ item }}
+
+[Network]
+DHCP=yes
+EOF
diff --git a/openstack/usr/share/openstack/neutron.yml b/openstack/usr/share/openstack/neutron.yml
index c0ccd53..a452166 100644
--- a/openstack/usr/share/openstack/neutron.yml
+++ b/openstack/usr/share/openstack/neutron.yml
@@ -71,6 +71,105 @@
sudo: yes
sudo_user: neutron
+# Create the bridges to use the External network mapped
+# This configuration is for 1 node and it was taken from:
+# https://fosskb.wordpress.com/2014/10/18/openstack-juno-on-ubuntu-14-10/
+# and https://fosskb.wordpress.com/2014/06/10/managing-openstack-internaldataexternal-network-in-one-interface/
+
+ - name: Get the name of the network device
+ shell: |
+ ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^e" | head -1 | awk '{ print $1 } '
+ register: eth_dev
+
+ - name: Disable dhcp on the bound physical interface
+ template: >
+ src=/usr/share/openstack/extras/00-disable-device.network
+ dest=/etc/systemd/network/00-disable-{{ eth_dev.stdout }}-config.network
+ register:
+ - eth_dev_disabled
+
+ - name: Get ip of the network device only if dhcp wasn't disabled
+ shell: |
+ ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^e" | head -1 | awk '{ print $2 } '
+ register: eth_ip
+ when: eth_dev_disabled|changed
+
+ - name: >
+ Deallocate ip address for external interface so we don't try to route
+ connections out of an interface that not longer works. Run only when
+ dhcp wasn't disabled for that interface
+ - shell: ip addr del {{ eth_ip.stdout }} dev {{ eth_dev.stdout }}
+ when: eth_dev_disabled|changed
+
+ - name: Disable dhcp on all the internal interfaces
+ template: >
+ src=/usr/share/openstack/extras/00-disable-device.network
+ dest=/etc/systemd/network/00-disable-{{ item }}-config.network
+ with_items:
+ - eth_dev.stdout
+ - br-eth1
+ - br-ex
+ - eth1-br-proxy
+ - proxy-br-eth1
+ - proxy-br-ex
+ - ovs-system
+
+ - name: Restart networkd so it understands to not bring up the interfaces disabled
+ service: name=systemd-networkd.service state=restarted
+
+#ovs-vsctl \
+# -- add-br br-eth0 \
+# -- add-port br-eth0 $eth_dev \
+# -- set bridge br-eth0 other-config:hwaddr=$eth_mac
+#
+
+ - name: Get mac of the network device only if dhcp wasn't disabled
+ shell: ip link show {{ eth_dev.stdout }} | sed -r 's/\s+/\n/g' | sed -n '/link\/ether/{n;p}'
+ register: eth_mac
+ when: eth_dev_disabled|changed
+
+ - openvswitch_bridge: bridge=br-eth0 state=present
+ - openvswitch_port: bridge=br-eth0 port={{ eht_dev.stdout }} state=present
+ - shell: ovs_vsctl set bridge br-eth0 other-config:hwaddr={{ eth_mac.stdout }}
+ when: eth_dev_disabled|changed
+
+ - name: Enable dhcp on the Open vSwitch device that replaces our external interface
+ template: >
+ src=/usr/share/openstack/extras/10-device-dhcp.network
+ dest=/etc/systemd/network/10-{{ item }}-dhcp.network
+ with_items:
+ - br-eth0
+
+ - name: Restart networkd again so it will DHCP in the Open vSwitch interface
+ service: name=systemd-networkd.service state=restarted
+
+#ovs-vsctl \
+# -- add-br br-eth1 \
+# -- add-port br-eth1 eth1-br-proxy \
+# -- set interface eth1-br-proxy type=patch options:peer=proxy-br-eth1 \
+# -- add-port br-eth0 proxy-br-eth1 \
+# -- set interface proxy-br-eth1 type=patch options:peer=eth1-br-proxy \
+# -- add-br br-ex \
+# -- add-port br-ex ex-br-proxy \
+# -- set interface ex-br-proxy type=patch options:peer=proxy-br-ex \
+# -- add-port br-eth0 proxy-br-ex \
+# -- set interface proxy-br-ex type=patch options:peer=ex-br-proxy
+
+
+- openvswitch_bridge: bridge=br-eth1 state=present
+- openvswitch_port: bridge=br-eth1 port=eth1-br-proxy state=present
+- shell: ovs-vsctl set interface eth1-br-proxy type=patch options:peer=proxy-br-eth1
+- openvswitch_port: bridge=br-eth0 port=proxy-br-eth1 state=present
+- shell: ovs-vsctl set interface proxy-br-eth1 type=patch options:peer=eth1-br-proxy \
+- openvswitch_bridge: bridge=br-ex state=present
+- openvswitch_port: bridge=br-ex port=ex-br-proxy state=present
+- shell: ovs-vsctl set interface ex-br-proxy type=patch options:peer=proxy-br-ex
+- openvswitch_port: bridge=br-eth0 port=proxy-br-ex state=present
+- shell: ovs-vsctl set interface proxy-br-ex type=patch options:peer=ex-br-proxy \
+
+
+
+
## SERVICES
- name: Enable and start openstack-keystone service
diff --git a/openstack/usr/share/openstack/openvswitch.yml b/openstack/usr/share/openstack/openvswitch.yml
index 4407005..df5c293 100644
--- a/openstack/usr/share/openstack/openvswitch.yml
+++ b/openstack/usr/share/openstack/openvswitch.yml
@@ -31,7 +31,7 @@
- name: initialise openvswitch-db
shell: ovs-vsctl --no-wait init
- when: openvswitch-db-enable.changed
+ when: openvswitch-db-enable|changed
- name: Enable and start openstack-keystone service
service: name={{ item }} enabled=yes state=started