From 79a8c8e4215b5e666b618a1f61f79dc0a0131209 Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 14 Apr 2015 13:10:36 +0000 Subject: Openstack: Add support to configure the network of the node Change-Id: I8f8bfb231ab5ff4c2a825451a57a5b38a641c300 Signed-off-by: Pedro Alvarez Signed-off-by: Richard Maw --- openstack-network.configure | 37 ++++++++++++ openstack/manifest | 9 +++ .../systemd/system/openstack-network-setup.service | 11 ++++ .../systemd/system/openvswitch-db-server.service | 11 ++++ .../lib/systemd/system/openvswitch-setup.service | 10 ++++ .../usr/lib/systemd/system/openvswitch.service | 12 ++++ .../openstack/extras/00-disable-device.network | 2 + .../share/openstack/extras/60-device-dhcp.network | 5 ++ openstack/usr/share/openstack/network.yml | 67 ++++++++++++++++++++++ openstack/usr/share/openstack/openvswitch.yml | 38 ++++++++++++ systems/openstack-system-x86_64.morph | 1 + 11 files changed, 203 insertions(+) create mode 100644 openstack-network.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-network-setup.service create mode 100644 openstack/usr/lib/systemd/system/openvswitch-db-server.service create mode 100644 openstack/usr/lib/systemd/system/openvswitch-setup.service create mode 100644 openstack/usr/lib/systemd/system/openvswitch.service create mode 100644 openstack/usr/share/openstack/extras/00-disable-device.network create mode 100644 openstack/usr/share/openstack/extras/60-device-dhcp.network create mode 100644 openstack/usr/share/openstack/network.yml create mode 100644 openstack/usr/share/openstack/openvswitch.yml diff --git a/openstack-network.configure b/openstack-network.configure new file mode 100644 index 00000000..a4d43a6a --- /dev/null +++ b/openstack-network.configure @@ -0,0 +1,37 @@ +#!/bin/sh + +# Copyright (C) 2014-2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +ROOT="$1" + +ln -sf "/usr/lib/systemd/system/openvswitch-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openvswitch-setup.service" + +ln -sf "/usr/lib/systemd/system/openstack-network-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-network-setup.service" + +python <<'EOF' >"$ROOT/etc/openstack/network.conf" +import os, sys, yaml + +network_configuration = {} + +optional_keys = ('EXTERNAL_INTERFACE',) + +network_configuration.update((k, os.environ[k]) for k in optional_keys if k in os.environ) + +yaml.dump(network_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest index 6876f1ba..052d3707 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -5,6 +5,9 @@ 0100644 0 0 /usr/share/openstack/cinder/cinder.conf 0100644 0 0 /usr/share/openstack/cinder/api-paste.ini 0100644 0 0 /usr/share/openstack/cinder/policy.json +0040755 0 0 /usr/share/openstack/extras +0100644 0 0 /usr/share/openstack/extras/00-disable-device.network +0100644 0 0 /usr/share/openstack/extras/60-device-dhcp.network 0100644 0 0 /usr/share/openstack/glance.yml 0040755 0 0 /usr/share/openstack/glance 0100644 0 0 /usr/share/openstack/glance/logging.conf @@ -22,6 +25,7 @@ 0100644 0 0 /usr/share/openstack/keystone/keystone.conf 0100644 0 0 /usr/share/openstack/keystone/policy.json 0100644 0 0 /usr/share/openstack/keystone/keystone-paste.ini +0100644 0 0 /usr/share/openstack/network.yml 0040755 0 0 /usr/share/openstack/nova 0100644 0 0 /usr/share/openstack/nova.yml 0100644 0 0 /usr/share/openstack/nova/logging.conf @@ -30,6 +34,7 @@ 0100644 0 0 /usr/share/openstack/nova/policy.json 0100644 0 0 /usr/share/openstack/nova/cells.json 0100644 0 0 /usr/share/openstack/nova/api-paste.ini +0100644 0 0 /usr/share/openstack/openvswitch.yml 0040755 0 0 /usr/share/openstack/postgres 0100644 0 0 /usr/share/openstack/postgres/pg_hba.conf 0100644 0 0 /usr/share/openstack/postgres/postgresql.conf @@ -41,6 +46,7 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-glance-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service +0100644 0 0 /usr/lib/systemd/system/openstack-network-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-compute.service 0100644 0 0 /usr/lib/systemd/system/openstack-nova-conductor.service @@ -56,4 +62,7 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-scheduler.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-volume.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-backup.service +0100644 0 0 /usr/lib/systemd/system/openvswitch-setup.service +0100644 0 0 /usr/lib/systemd/system/openvswitch-db-server.service +0100644 0 0 /usr/lib/systemd/system/openvswitch.service 0100644 0 0 /usr/lib/systemd/system/postgres-server.service diff --git a/openstack/usr/lib/systemd/system/openstack-network-setup.service b/openstack/usr/lib/systemd/system/openstack-network-setup.service new file mode 100644 index 00000000..90c9ecf7 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-network-setup.service @@ -0,0 +1,11 @@ +[Unit] +Description=Run Ansible scripts to configure internal network for OpenStack +After=openvswitch.service openvswitch-setup.service +Before=systemd-networkd.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/network.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openvswitch-db-server.service b/openstack/usr/lib/systemd/system/openvswitch-db-server.service new file mode 100644 index 00000000..7ea7942a --- /dev/null +++ b/openstack/usr/lib/systemd/system/openvswitch-db-server.service @@ -0,0 +1,11 @@ +[Unit] +Description=Open vSwitch Database Server Daemon +After=local-fs.target + +[Service] +Type=forking +ExecStart=/usr/sbin/ovsdb-server --remote=punix:/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --pidfile --detach + +[Install] +WantedBy=multi-user.target + diff --git a/openstack/usr/lib/systemd/system/openvswitch-setup.service b/openstack/usr/lib/systemd/system/openvswitch-setup.service new file mode 100644 index 00000000..6fdd7db6 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openvswitch-setup.service @@ -0,0 +1,10 @@ +[Unit] +Description=Run openvswitch-setup Ansible scripts +After=local-fs.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/ansible-playbook -v -i /usr/share/openstack/hosts /usr/share/openstack/openvswitch.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openvswitch.service b/openstack/usr/lib/systemd/system/openvswitch.service new file mode 100644 index 00000000..6f1a93a8 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openvswitch.service @@ -0,0 +1,12 @@ +[Unit] +Description=Open vSwitch Daemon +Wants=network-pre.target +After=openvswitch-initialize-db.service +Before=network-pre.target + +[Service] +Type=forking +ExecStart=/usr/sbin/ovs-vswitchd --pidfile --detach + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/extras/00-disable-device.network b/openstack/usr/share/openstack/extras/00-disable-device.network new file mode 100644 index 00000000..8e2532d0 --- /dev/null +++ b/openstack/usr/share/openstack/extras/00-disable-device.network @@ -0,0 +1,2 @@ +[Match] +Name={{ item }} diff --git a/openstack/usr/share/openstack/extras/60-device-dhcp.network b/openstack/usr/share/openstack/extras/60-device-dhcp.network new file mode 100644 index 00000000..6fdbfd8d --- /dev/null +++ b/openstack/usr/share/openstack/extras/60-device-dhcp.network @@ -0,0 +1,5 @@ +[Match] +Name={{ item }} + +[Network] +DHCP=yes diff --git a/openstack/usr/share/openstack/network.yml b/openstack/usr/share/openstack/network.yml new file mode 100644 index 00000000..f99f7f1a --- /dev/null +++ b/openstack/usr/share/openstack/network.yml @@ -0,0 +1,67 @@ +--- +- hosts: localhost + vars_files: + - /etc/openstack/network.conf + tasks: +# Create the bridges to use the External network mapped + +# Count number of network interfaces (interfaces starting with 'e') + - shell: ls /sys/class/net | grep ^e.* | wc -l + register: number_interfaces + +# Abort if there number of interfaces != 1 + - fail: + msg: More than one, or none network interfaces found. + when: EXTERNAL_INTERFACE is not defined and number_interfaces.stdout != "1" + + - shell: ls /sys/class/net | grep ^e.* + register: interface_name + when: EXTERNAL_INTERFACE is not defined + + - set_fact: + ETH_INTERFACE: "{{ interface_name.stdout }}" + when: EXTERNAL_INTERFACE is not defined + + - set_fact: + ETH_INTERFACE: "{{ EXTERNAL_INTERFACE }}" + when: EXTERNAL_INTERFACE is defined + + - set_fact: + ETH_MAC_ADDRESS: "{{ hostvars['localhost']['ansible_' + ETH_INTERFACE]['macaddress'] }}" + + - name: Create the /run/systemd/network + file: + path: /run/systemd/network + state: directory + + - name: Disable dhcp on the bound physical interface + template: + src: /usr/share/openstack/extras/00-disable-device.network + dest: /run/systemd/network/00-disable-{{ item }}-config.network + with_items: + - "{{ ETH_INTERFACE }}" + + - name: Disable dhcp on all the internal interfaces + template: + src: /usr/share/openstack/extras/00-disable-device.network + dest: /run/systemd/network/00-disable-{{ item }}-config.network + with_items: + - ovs-system + + - openvswitch_bridge: + bridge: br-ex + state: present + + - openvswitch_port: + bridge: br-ex + port: "{{ ETH_INTERFACE }}" + state: present + + - shell: ovs-vsctl set bridge br-ex other-config:hwaddr={{ ETH_MAC_ADDRESS }} + + - name: Enable dhcp on the Open vSwitch device that replaces our external interface + template: + src: /usr/share/openstack/extras/60-device-dhcp.network + dest: /run/systemd/network/60-{{ item }}-dhcp.network + with_items: + - br-ex diff --git a/openstack/usr/share/openstack/openvswitch.yml b/openstack/usr/share/openstack/openvswitch.yml new file mode 100644 index 00000000..4393e3db --- /dev/null +++ b/openstack/usr/share/openstack/openvswitch.yml @@ -0,0 +1,38 @@ +--- +- hosts: localhost + tasks: + + - name: Create openvswitch directories + file: path={{ item }} state=directory + with_items: + - /etc/openvswitch + - /var/run/openvswitch + + - shell: > + ovsdb-tool create /etc/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema + creates=/etc/openvswitch/conf.db + + # We enable the openvswitch-db-server in a different task to identify + # the first time we run this script by identifying when we enable the + # unit. + # + # We need to identify this to initialise the database. + - name: Enable openvswitch database service + service: name={{ item }} enabled=yes + with_items: + - openvswitch-db-server.service + register: openvswitch_db_enable + + - name: Start openvswitch database service + service: name={{ item }} state=started + with_items: + - openvswitch-db-server.service + + - name: initialise openvswitch-db + shell: ovs-vsctl --no-wait init + when: openvswitch_db_enable|changed + + - name: Enable and start openstack-keystone service + service: name={{ item }} enabled=yes state=started + with_items: + - openvswitch.service diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 17c1bbff..64b5646b 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -67,3 +67,4 @@ configuration-extensions: - openstack-glance - openstack-cinder - openstack-nova +- openstack-network -- cgit v1.2.1