blob: 22ab4e1886fc2bf263c63c3ec7974bb021a00f34 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
|
---
- hosts: localhost
vars_files:
- "/etc/openstack/neutron.conf"
tasks:
- name: Create the neutron user.
user:
name: neutron
comment: Openstack Neutron Daemons
shell: /sbin/nologin
home: /var/lib/neutron
- name: Create the /var folders for neutron
file:
path: "{{ item }}"
state: directory
owner: neutron
group: neutron
with_items:
- /var/run/neutron
- /var/lock/neutron
- /var/log/neutron
- name: Get service tenant id needed in neutron.conf
shell: |
keystone \
--os-endpoint http://{{ CONTROLLER_HOST_ADDRESS|quote }}:35357/v2.0 \
--os-token {{ KEYSTONE_TEMPORARY_ADMIN_TOKEN|quote }} \
tenant-get service | grep id | tr -d " " | cut -d"|" -f3
register: tenant_service_id
- set_fact:
SERVICE_TENANT_ID: "{{ tenant_service_id.stdout }}"
- name: Create the directories needed for Neutron configuration files.
file:
path: /etc/{{ item }}
state: directory
with_lines:
- cd /usr/share/openstack && find neutron -type d
- name: Add configuration needed for neutron using templates
template:
src: /usr/share/openstack/{{ item }}
dest: /etc/{{ item }}
with_lines:
- cd /usr/share/openstack && find neutron -type f
- name: Create neutron service user in service tenatnt
keystone_user:
user: "{{ NEUTRON_SERVICE_USER }}"
password: "{{ NEUTRON_SERVICE_PASSWORD }}"
tenant: service
token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
- name: Add admin role to neutron service user in service tenant
keystone_user:
role: admin
user: "{{ NEUTRON_SERVICE_USER }}"
tenant: service
token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
- keystone_service:
name: neutron
type: network
description: Openstack Compute Networking
publicurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696
internalurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696
adminurl: http://{{ CONTROLLER_HOST_ADDRESS }}:9696
region: regionOne
token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}"
- name: Create postgresql user for neutron
postgresql_user:
name: "{{ NEUTRON_DB_USER }}"
password: "{{ NEUTRON_DB_PASSWORD }}"
sudo: yes
sudo_user: neutron
- name: Create database for neutron services
postgresql_db:
name: neutron
owner: "{{ NEUTRON_DB_USER }}"
sudo: yes
sudo_user: neutron
- name: Initiate neutron database
shell: |
neutron-db-manage \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
upgrade juno
sudo: yes
sudo_user: neutron
# Create the bridges to use the External network mapped
# This configuration is for 1 node and it was taken from:
# https://fosskb.wordpress.com/2014/10/18/openstack-juno-on-ubuntu-14-10/
# and https://fosskb.wordpress.com/2014/06/10/managing-openstack-internaldataexternal-network-in-one-interface/
- set_fact:
ETH_INTERFACE: "{{ ansible_default_ipv4.interface }}"
when: ansible_default_ipv4.interface
- set_fact:
ETH_INTERFACE: br-eth0
when: not ansible_default_ipv4.interface
- set_fact:
ETH_MAC_ADDRESS: "{{ ansible_default_ipv4.macaddress }}"
ETH_IP_ADDRESS: "{{ ansible_default_ipv4.address }}"
when: ETH_INTERFACE != "br-eth0"
# if is not br-eth0
- name: Disable dhcp on the bound physical interface
template:
src: /usr/share/openstack/extras/00-disable-device.network
dest: /etc/systemd/network/00-disable-{{ item }}-config.network
with_items:
- "{{ ETH_INTERFACE }}"
when: ETH_INTERFACE != "br-eth0"
# if is not br-eth0
- name: >
Deallocate ip address for external interface so we don't try to route
connections out of an interface that not longer works. Run only when
we are not connecting through the br-eth0 bridge
shell: ip addr del {{ ETH_IP_ADDRESS }} dev {{ ETH_INTERFACE }}
when: ETH_INTERFACE != "br-eth0"
# If is not br-eth0
- name: Disable dhcp on all the internal interfaces
template:
src: /usr/share/openstack/extras/00-disable-device.network
dest: /etc/systemd/network/00-disable-{{ item }}-config.network
with_items:
- br-eth1
- br-ex
- eth1-br-proxy
- proxy-br-eth1
- proxy-br-ex
- ovs-system
register: internal_dhcp_disabled
- name: Restart networkd so it understands to not bring up the interfaces disabled
service:
name: systemd-networkd.service
state: restarted
when: internal_dhcp_disabled|changed
#ovs-vsctl \
# -- add-br br-eth0 \
# -- add-port br-eth0 $eth_dev \
# -- set bridge br-eth0 other-config:hwaddr=$eth_mac
#
- openvswitch_bridge:
bridge: br-eth0
state: present
# if is not br-eth0
- openvswitch_port:
bridge: br-eth0
port: "{{ ETH_INTERFACE }}"
state: present
when: ETH_INTERFACE != "br-eth0"
# if is not br-eth0
- shell: ovs-vsctl set bridge br-eth0 other-config:hwaddr={{ ETH_MAC_ADDRESS }}
when: ETH_INTERFACE != "br-eth0"
- name: Enable dhcp on the Open vSwitch device that replaces our external interface
template:
src: /usr/share/openstack/extras/10-device-dhcp.network
dest: /etc/systemd/network/10-{{ item }}-dhcp.network
with_items:
- br-eth0
- name: Restart networkd again so it will DHCP in the Open vSwitch interface
service:
name: systemd-networkd.service
state: restarted
#ovs-vsctl \
# -- add-br br-eth1 \
# -- add-port br-eth1 eth1-br-proxy \
# -- set interface eth1-br-proxy type=patch options:peer=proxy-br-eth1 \
# -- add-port br-eth0 proxy-br-eth1 \
# -- set interface proxy-br-eth1 type=patch options:peer=eth1-br-proxy \
# -- add-br br-ex \
# -- add-port br-ex ex-br-proxy \
# -- set interface ex-br-proxy type=patch options:peer=proxy-br-ex \
# -- add-port br-eth0 proxy-br-ex \
# -- set interface proxy-br-ex type=patch options:peer=ex-br-proxy
- openvswitch_bridge:
bridge: br-eth1
state: present
- openvswitch_port:
bridge: br-eth1
port: eth1-br-proxy
state: present
- shell: ovs-vsctl set interface eth1-br-proxy type=patch options:peer=proxy-br-eth1
- openvswitch_port:
bridge: br-eth0
port: proxy-br-eth1
state: present
- shell: ovs-vsctl set interface proxy-br-eth1 type=patch options:peer=eth1-br-proxy
- openvswitch_bridge:
bridge: br-ex
state: present
- openvswitch_port:
bridge: br-ex
port: ex-br-proxy
state: present
- shell: ovs-vsctl set interface ex-br-proxy type=patch options:peer=proxy-br-ex
- openvswitch_port:
bridge: br-eth0
port: proxy-br-ex
state: present
- shell: ovs-vsctl set interface proxy-br-ex type=patch options:peer=ex-br-proxy
## SERVICES
- name: Enable and start openstack-neutron services
service:
name: "{{ item }}"
enabled: yes
state: started
with_items:
- openstack-neutron-ovs-cleanup.service
- openstack-neutron-server.service
- openstack-neutron-dhcp-agent.service
- openstack-neutron-l3-agent.service
- openstack-neutron-metadata-agent.service
- openstack-neutron-plugin-openvswitch-agent.service
|
