openstack/usr/share/openstack/network.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148

---
- hosts: localhost
  tasks:
# Create the bridges to use the External network mapped
# This configuration is for 1 node and it was taken from:
# https://fosskb.wordpress.com/2014/10/18/openstack-juno-on-ubuntu-14-10/
# and https://fosskb.wordpress.com/2014/06/10/managing-openstack-internaldataexternal-network-in-one-interface/

  - shell: ls /sys/class/net | grep ^e.* | wc -l
    register: number_interfaces

  - set_fact:
        ETH_INTERFACE: "{{ ansible_default_ipv4.interface }}"
    when: ansible_default_ipv4.interface
  - set_fact:
        ETH_INTERFACE: br-eth0
    when: not ansible_default_ipv4.interface

  - set_fact:
        ETH_MAC_ADDRESS: "{{ ansible_default_ipv4.macaddress }}"
        ETH_IP_ADDRESS: "{{ ansible_default_ipv4.address }}"
    when: ETH_INTERFACE != "br-eth0"

# if is not br-eth0
  - name: Disable dhcp on the bound physical interface
    template:
        src: /usr/share/openstack/extras/00-disable-device.network
        dest: /etc/systemd/network/00-disable-{{ item }}-config.network
    with_items:
    - "{{ ETH_INTERFACE }}"
    when: ETH_INTERFACE != "br-eth0"


# if is not br-eth0
  - name: >
        Deallocate ip address for external interface so we don't try to route
        connections out of an interface that not longer works. Run only when
        we are not connecting through the br-eth0 bridge
    shell: ip addr del {{ ETH_IP_ADDRESS }} dev {{ ETH_INTERFACE }}
    when: ETH_INTERFACE != "br-eth0"

# If is not br-eth0
  - name: Disable dhcp on all the internal interfaces
    template:
        src: /usr/share/openstack/extras/00-disable-device.network
        dest: /etc/systemd/network/00-disable-{{ item }}-config.network
    with_items:
    - br-eth1
    - br-ex
    - eth1-br-proxy
    - proxy-br-eth1
    - proxy-br-ex
    - ovs-system
    register: internal_dhcp_disabled

  - name: Restart networkd so it understands to not bring up the interfaces disabled
    service:
        name: systemd-networkd.service
        state: restarted
    when: internal_dhcp_disabled|changed

#ovs-vsctl \
#    -- add-br br-eth0 \
#    -- add-port br-eth0 $eth_dev \
#    -- set bridge br-eth0 other-config:hwaddr=$eth_mac
#


  - openvswitch_bridge:
        bridge: br-eth0
        state: present
# if is not br-eth0
  - openvswitch_port:
        bridge: br-eth0
        port: "{{ ETH_INTERFACE }}"
        state: present
    when: ETH_INTERFACE != "br-eth0"
# if is not br-eth0
  - shell: ovs-vsctl set bridge br-eth0 other-config:hwaddr={{ ETH_MAC_ADDRESS }}
    when: ETH_INTERFACE != "br-eth0"

  - name: Enable dhcp on the Open vSwitch device that replaces our external interface
    template:
        src: /usr/share/openstack/extras/10-device-dhcp.network
        dest: /etc/systemd/network/10-{{ item }}-dhcp.network
    with_items:
    - br-eth0

  - name: Restart networkd again so it will DHCP in the Open vSwitch interface
    service:
        name: systemd-networkd.service
        state: restarted

#ovs-vsctl \
#    -- add-br br-eth1 \
#    -- add-port br-eth1 eth1-br-proxy \
#    -- set interface eth1-br-proxy type=patch options:peer=proxy-br-eth1 \
#    -- add-port br-eth0 proxy-br-eth1 \
#    -- set interface proxy-br-eth1 type=patch options:peer=eth1-br-proxy \
#    -- add-br br-ex \
#    -- add-port br-ex ex-br-proxy \
#    -- set interface ex-br-proxy type=patch options:peer=proxy-br-ex \
#    -- add-port br-eth0 proxy-br-ex \
#    -- set interface proxy-br-ex type=patch options:peer=ex-br-proxy


  - openvswitch_bridge:
        bridge: br-eth1
        state: present
  - openvswitch_port:
        bridge: br-eth1
        port: eth1-br-proxy
        state: present
  - shell: ovs-vsctl set interface eth1-br-proxy type=patch options:peer=proxy-br-eth1
  - openvswitch_port:
        bridge: br-eth0
        port: proxy-br-eth1
        state: present
  - shell: ovs-vsctl set interface proxy-br-eth1 type=patch options:peer=eth1-br-proxy
  - openvswitch_bridge:
        bridge: br-ex
        state: present
  - openvswitch_port:
        bridge: br-ex
        port: ex-br-proxy
        state: present
  - shell: ovs-vsctl set interface ex-br-proxy type=patch options:peer=proxy-br-ex
  - openvswitch_port:
        bridge: br-eth0
        port: proxy-br-ex
        state: present
  - shell: ovs-vsctl set interface proxy-br-ex type=patch options:peer=ex-br-proxy


## SERVICES
  - name: Enable and start openstack-neutron services
    service:
        name: "{{ item }}"
        enabled: yes
        state: started
    with_items:
    - openstack-neutron-ovs-cleanup.service
    - openstack-neutron-server.service
    - openstack-neutron-dhcp-agent.service
    - openstack-neutron-l3-agent.service
    - openstack-neutron-metadata-agent.service
    - openstack-neutron-plugin-openvswitch-agent.service