From 6f958f1b6f2bf9ef6d48d57970584f18e8e1a041 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Fri, 12 Dec 2014 09:34:20 +0000 Subject: Strip openvswitch services and configuration from neutron Openvswitch should have its own setup and daemon services independent of neutron. NOTE: This fixes the errors when neutron uses openvswitch commands as root because openvswitch services are run as root. --- ...-neutron-network-configuration-one-node.service | 11 +++++ .../system/openstack-neutron-ovs-cleanup.service | 3 +- ...nstack-neutron-plugin-openvswitch-agent.service | 3 +- .../system/openstack-neutron-server.service | 3 +- .../systemd/system/openstack-neutron-setup.service | 4 +- .../systemd/system/openvswitch-db-server.service | 12 +++++ .../system/openvswitch-initialize-db.service | 9 ++++ .../etc/systemd/system/openvswitch-setup.service | 11 +++++ openstack/etc/systemd/system/openvswitch.service | 11 +++++ openstack/manifest | 7 +++ ...tack-neutron-network-configuration-for-one-node | 40 +++++++++++++++++ .../usr/share/openstack/openstack-neutron-setup | 52 +--------------------- openstack/usr/share/openstack/openvswitch-setup | 36 +++++++++++++++ 13 files changed, 147 insertions(+), 55 deletions(-) create mode 100644 openstack/etc/systemd/system/openstack-neutron-network-configuration-one-node.service create mode 100644 openstack/etc/systemd/system/openvswitch-db-server.service create mode 100644 openstack/etc/systemd/system/openvswitch-initialize-db.service create mode 100644 openstack/etc/systemd/system/openvswitch-setup.service create mode 100644 openstack/etc/systemd/system/openvswitch.service create mode 100644 openstack/usr/share/openstack/openstack-neutron-network-configuration-for-one-node create mode 100644 openstack/usr/share/openstack/openvswitch-setup (limited to 'openstack') diff --git a/openstack/etc/systemd/system/openstack-neutron-network-configuration-one-node.service b/openstack/etc/systemd/system/openstack-neutron-network-configuration-one-node.service new file mode 100644 index 00000000..9dbbf49b --- /dev/null +++ b/openstack/etc/systemd/system/openstack-neutron-network-configuration-one-node.service @@ -0,0 +1,11 @@ +[Unit] +Description=Configuration script to set Openstack in one node networking +Requires=openvswitch-setup.service openvswitch-db-server.service openvswitch.service +After=network.target openvswitch-setup.service openvswitch-db-server.service openvswitch.service + +[Service] +Type=simple +ExecStart=/usr/share/openstack/openstack-neutron-network-configuration-for-one-node + +[Install] +WantedBy=multi-user.target diff --git a/openstack/etc/systemd/system/openstack-neutron-ovs-cleanup.service b/openstack/etc/systemd/system/openstack-neutron-ovs-cleanup.service index c52d587a..4079a41a 100644 --- a/openstack/etc/systemd/system/openstack-neutron-ovs-cleanup.service +++ b/openstack/etc/systemd/system/openstack-neutron-ovs-cleanup.service @@ -1,6 +1,7 @@ [Unit] Description=Neutron OVS cleanup -After=syslog.target network.target +Requires=openvswitch.service +After=syslog.target network.target openvswitch.service [Service] Type=simple diff --git a/openstack/etc/systemd/system/openstack-neutron-plugin-openvswitch-agent.service b/openstack/etc/systemd/system/openstack-neutron-plugin-openvswitch-agent.service index 11fc96a4..38989751 100644 --- a/openstack/etc/systemd/system/openstack-neutron-plugin-openvswitch-agent.service +++ b/openstack/etc/systemd/system/openstack-neutron-plugin-openvswitch-agent.service @@ -1,6 +1,7 @@ [Unit] Description=Neutron OpenvSwitch Plugin Agent -After=syslog.target network.target openstack-keystone-setup.service +Requires=openvswitch.service +After=syslog.target network.target openvswitch.service [Service] Type=simple diff --git a/openstack/etc/systemd/system/openstack-neutron-server.service b/openstack/etc/systemd/system/openstack-neutron-server.service index b95dab82..10f9712e 100644 --- a/openstack/etc/systemd/system/openstack-neutron-server.service +++ b/openstack/etc/systemd/system/openstack-neutron-server.service @@ -1,6 +1,7 @@ [Unit] Description=Neutron Api Server -After=syslog.target network.target openstack-keystone-setup.service +Requires=openvswitch.service +After=syslog.target network.target openvswitch.service [Service] Type=simple diff --git a/openstack/etc/systemd/system/openstack-neutron-setup.service b/openstack/etc/systemd/system/openstack-neutron-setup.service index 2deb335f..c90e7122 100644 --- a/openstack/etc/systemd/system/openstack-neutron-setup.service +++ b/openstack/etc/systemd/system/openstack-neutron-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run openstack-neutron-setup (once) -Requires=local-fs.target -After=local-fs.target openstack-keystone-setup.service +Requires=openstack-keystone-setup.service openstack-neutron-network-configuration-one-node.service +After=openstack-keystone-setup.service openstack-neutron-network-configuration-one-node.service [Service] Type=oneshot diff --git a/openstack/etc/systemd/system/openvswitch-db-server.service b/openstack/etc/systemd/system/openvswitch-db-server.service new file mode 100644 index 00000000..8fc5ecb1 --- /dev/null +++ b/openstack/etc/systemd/system/openvswitch-db-server.service @@ -0,0 +1,12 @@ +[Unit] +Description=Open vSwitch Database server Daemon +Requires=openvswitch-setup.service +After=openvswitch-setup.service + +[Service] +Type=forking +ExecStart=/usr/sbin/ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --pidfile --detach + +[Install] +WantedBy=multi-user.target + diff --git a/openstack/etc/systemd/system/openvswitch-initialize-db.service b/openstack/etc/systemd/system/openvswitch-initialize-db.service new file mode 100644 index 00000000..9f3c2e80 --- /dev/null +++ b/openstack/etc/systemd/system/openvswitch-initialize-db.service @@ -0,0 +1,9 @@ +[Unit] +Description=Run openvswitch-initialize-db (once) +Requires=openvswitch-db-server.service +After=openvswitch-db-server.service + +[Service] +Type=oneshot +ExecStart=/usr/bin/ovs-vsctl --no-wait init +Restart=no diff --git a/openstack/etc/systemd/system/openvswitch-setup.service b/openstack/etc/systemd/system/openvswitch-setup.service new file mode 100644 index 00000000..ff55909d --- /dev/null +++ b/openstack/etc/systemd/system/openvswitch-setup.service @@ -0,0 +1,11 @@ +[Unit] +Description=Run openvswitch-setup (once) +Requires=local-fs.target network.target + +[Service] +Type=oneshot +ExecStart=/usr/share/openstack/openvswitch-setup +Restart=no + +[Install] +WantedBy=multi-user.target diff --git a/openstack/etc/systemd/system/openvswitch.service b/openstack/etc/systemd/system/openvswitch.service new file mode 100644 index 00000000..25320190 --- /dev/null +++ b/openstack/etc/systemd/system/openvswitch.service @@ -0,0 +1,11 @@ +[Unit] +Description=Open vSwitch Daemon +Requires=network.target openvswitch-db-server.service openvswitch-initialize-db.service +After=network.target openvswitch-db-server.service openvswitch-initialize-db.service + +[Service] +Type=forking +ExecStart=/usr/sbin/ovs-vswitchd --pidfile --detach + +[Install] +WantedBy=multi-user.target diff --git a/openstack/manifest b/openstack/manifest index 56d5a769..404acc23 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -162,3 +162,10 @@ 0100644 0 0 /etc/systemd/system/openstack-neutron-ovs-cleanup.service 0100644 0 0 /etc/systemd/system/openstack-neutron-dhcp-agent.service 0100644 0 0 /etc/systemd/system/openstack-neutron-l3-agent.service +0100755 0 0 /usr/share/openstack/openvswitch-setup +0100644 0 0 /etc/systemd/system/openvswitch-setup.service +0100644 0 0 /etc/systemd/system/openvswitch-db-server.service +0100644 0 0 /etc/systemd/system/openvswitch.service +0100755 0 0 /usr/share/openstack/openstack-neutron-network-configuration-for-one-node +0100644 0 0 /etc/systemd/system/openstack-neutron-network-configuration-one-node.service +0100644 0 0 /etc/systemd/system/openvswitch-initialize-db.service diff --git a/openstack/usr/share/openstack/openstack-neutron-network-configuration-for-one-node b/openstack/usr/share/openstack/openstack-neutron-network-configuration-for-one-node new file mode 100644 index 00000000..765e4d3f --- /dev/null +++ b/openstack/usr/share/openstack/openstack-neutron-network-configuration-for-one-node @@ -0,0 +1,40 @@ +#!/bin/sh +# +# Copyright (C) 2014 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +set -xe + +# Create the bridges to use the External network mapped +# This configuration is for 1 node and it was taken from: +# https://fosskb.wordpress.com/2014/10/18/openstack-juno-on-ubuntu-14-10/ +# and https://fosskb.wordpress.com/2014/06/10/managing-openstack-internaldataexternal-network-in-one-interface/ +ovs-vsctl add-br br-eth0 +ovs-vsctl add-port br-eth0 ens3 +ifconfig br-eth0 $(hostname -i | awk '{ print $1 }') up +ip link set br-eth0 promisc on +ip link add proxy-br-eth1 type veth peer name eth1-br-proxy +ip link add proxy-br-ex type veth peer name ex-br-proxy +ovs-vsctl add-br br-eth1 +ovs-vsctl add-br br-ex +ovs-vsctl add-port br-eth1 eth1-br-proxy +ovs-vsctl add-port br-ex ex-br-proxy +ovs-vsctl add-port br-eth0 proxy-br-eth1 +ovs-vsctl add-port br-eth0 proxy-br-ex +ip link set eth1-br-proxy up promisc on +ip link set ex-br-proxy up promisc on +ip link set proxy-br-eth1 up promisc on +ip link set proxy-br-ex up promisc on + diff --git a/openstack/usr/share/openstack/openstack-neutron-setup b/openstack/usr/share/openstack/openstack-neutron-setup index bcaa038f..9955e9c6 100644 --- a/openstack/usr/share/openstack/openstack-neutron-setup +++ b/openstack/usr/share/openstack/openstack-neutron-setup @@ -15,7 +15,7 @@ # with this program; if not, write to the Free Software Foundation, Inc., # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -set -e +set -xe # Create required system users and groups @@ -64,64 +64,16 @@ if [ ! -e /var/lib/neutron/neutron.sqlite ]; then stamp --sql juno fi -# Create the openvswitch required folders -if [ ! -d /usr/local/var/run/openvswitch ]; then - mkdir -p /usr/local/etc/openvswitch - mkdir -p /usr/local/var/run/openvswitch -fi - -# Define openvswitch files -openvswitch_database=/usr/local/etc/openvswitch/conf.db -openvswitch_pidfile=/usr/local/var/run/openvswitch/ovsdb-server.pid -openvswitch_logfile=/usr/local/var/run/openvswitch/ovsdb-server.log - -# Create openvswitch database -ovsdb-tool create $openvswitch_database /usr/share/openvswitch/vswitch.ovsschema - -# Start openvswitch database server -ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \ - --remote=db:Open_vSwitch,Open_vSwitch,manager_options \ - --private-key=db:Open_vSwitch,SSL,private_key \ - --certificate=db:Open_vSwitch,SSL,certificate \ - --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert \ - --pidfile --detach - -ovs-vsctl --no-wait init - -ovs-vswitchd --pidfile --detach -ovs-vsctl show - -# Create the bridges to use the External network mapped -# This configuration is for 1 node and it was taken from: -# https://fosskb.wordpress.com/2014/10/18/openstack-juno-on-ubuntu-14-10/ -# and https://fosskb.wordpress.com/2014/06/10/managing-openstack-internaldataexternal-network-in-one-interface/ -ovs-vsctl add-br br-eth0 -ovs-vsctl add-port br-eth0 ens3 -ifconfig br-eth0 $(hostname -i | awk '{ print $1 }') up -ip link set br-eth0 promisc on -ip link add proxy-br-eth1 type veth peer name eth1-br-proxy -ip link add proxy-br-ex type veth peer name ex-br-proxy -ovs-vsctl add-br br-eth1 -ovs-vsctl add-br br-ex -ovs-vsctl add-port br-eth1 eth1-br-proxy -ovs-vsctl add-port br-ex ex-br-proxy -ovs-vsctl add-port br-eth0 proxy-br-eth1 -ovs-vsctl add-port br-eth0 proxy-br-ex -ip link set eth1-br-proxy up promisc on -ip link set ex-br-proxy up promisc on -ip link set proxy-br-eth1 up promisc on -ip link set proxy-br-ex up promisc on - # Remove the one-shot setup service rm /etc/systemd/system/multi-user.target.wants/openstack-neutron-setup.service # Start neutron services -systemctl start openstack-neutron-server systemctl start openstack-neutron-metadata-agent systemctl start openstack-neutron-plugin-openvswitch-agent systemctl start openstack-neutron-ovs-cleanup systemctl start openstack-neutron-dhcp-agent systemctl start openstack-neutron-l3-agent +systemctl start openstack-neutron-server # Create the links to run neutron services when system start next times. ln -s "/etc/systemd/system/openstack-neutron-server.service" \ diff --git a/openstack/usr/share/openstack/openvswitch-setup b/openstack/usr/share/openstack/openvswitch-setup new file mode 100644 index 00000000..a34c1a82 --- /dev/null +++ b/openstack/usr/share/openstack/openvswitch-setup @@ -0,0 +1,36 @@ +#!/bin/sh +# +# Copyright (C) 2014 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +set -xe + +# Create the openvswitch required folders +mkdir -p /usr/local/etc/openvswitch +mkdir -p /usr/local/var/run/openvswitch + +# Define openvswitch files +# Example (default values) +#openvswitch_database=/usr/local/etc/openvswitch/conf.db +#openvswitch_pidfile=/usr/local/var/run/openvswitch/ovsdb-server.pid +#openvswitch_logfile=/usr/local/var/run/openvswitch/ovsdb-server.log +openvswitch_database=/usr/local/etc/openvswitch/conf.db +openvswitch_pidfile=/usr/local/var/run/openvswitch/ovsdb-server.pid +openvswitch_logfile=/usr/local/var/run/openvswitch/ovsdb-server.log + +# Create openvswitch database +ovsdb-tool create $openvswitch_database /usr/share/openvswitch/vswitch.ovsschema + +exit 0 -- cgit v1.2.1