def setL3Conf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['l3'] backupConfFile(confFile, backupSuffix) # very important - set the two following entries to an empty string # do not leave the default values set_parameter(confFile, 'DEFAULT', 'gateway_external_network_id', '') set_parameter(confFile, 'DEFAULT', 'external_network_bridge', '') # we use the legacy mode - HA and DVR are broken in Juno and should # not used in production environments set_parameter(confFile, 'DEFAULT', 'agent_mode', 'legacy') # nova metadata is deployed only on the network node(s) and listens on 127.0.0.1 node set_parameter(confFile, 'DEFAULT', 'metadata_port', '8775') set_parameter(confFile, 'DEFAULT', 'metadata_ip', '127.0.0.1') set_parameter(confFile, 'DEFAULT', 'enable_metadata_proxy', 'True') set_parameter(confFile, 'DEFAULT', 'handle_internal_only_routers', 'True') set_parameter(confFile, 'DEFAULT', 'router_delete_namespaces', 'True') # veths should be avoided set_parameter(confFile, 'DEFAULT', 'ovs_use_veth', 'False') set_parameter(confFile, 'DEFAULT', 'interface_driver', 'neutron.agent.linux.interface.OVSInterfaceDriver') set_parameter(confFile, 'DEFAULT', 'use_namespaces', 'True') # for testing set_parameter(confFile, 'DEFAULT', 'debug', 'True')
def configure_the_Networking_common_components(): # make a backup backupConfFile(neutron_conf, backupSuffix) # configure RabbitMQ access set_parameter(neutron_conf, 'DEFAULT', 'rpc_backend', 'rabbit') set_parameter(neutron_conf, 'DEFAULT', 'rabbit_host', 'controller') set_parameter(neutron_conf, 'DEFAULT', 'rabbit_password', passwd['RABBIT_PASS']) # configure Identity service access set_parameter(neutron_conf, 'DEFAULT', 'auth_strategy', 'keystone') set_parameter(neutron_conf, 'keystone_authtoken', 'auth_uri', 'http://controller:5000/v2.0') set_parameter(neutron_conf, 'keystone_authtoken', 'identity_uri', 'http://controller:35357') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_tenant_name', 'service') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_user', 'neutron') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_password', passwd['NEUTRON_PASS']) # enable ML2 plugin set_parameter(neutron_conf, 'DEFAULT', 'core_plugin', 'ml2') set_parameter(neutron_conf, 'DEFAULT', 'service_plugins', 'router') set_parameter(neutron_conf, 'DEFAULT', 'allow_overlapping_ips', 'True') set_parameter(neutron_conf, 'DEFAULT', 'verbose', 'True') set_parameter(neutron_conf, 'DEFAULT', 'debug', 'True')
def setML2Conf(): confFile = configs['ml2'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'ml2', 'type_drivers', 'local,flat,gre,vxlan') # physnets = ','.join(['physnet%d' % tag for tag in vlans]) # set_parameter(confFile, 'ml2_type_flat', 'flat_networks', 'external,' + physnets) run("sed -i '/flat_networks = external/d' %s" % confFile) run("sed -i '/\[ml2_type_flat\]/a flat_networks = *' %s" % confFile) # set vlan ranges # network_vlan_ranges will be set to, e.g., # physnet208,physnet209,physnet2131:208:2131 # physnets = ','.join(['physnet%d' % tag for tag in vlans]) # set_parameter(confFile, 'ml2_type_vlan', 'network_vlan_ranges', # '%s:%s:%s' % (physnets, min(vlans), max(vlans))) # set_parameter(confFile, 'ovs', 'tenant_network_type', 'gre') # set bridge mappings mappings = 'external:br-ex,' + ','.join( ['physnet%d:%s' % (tag, bridge[tag]) for tag in vlans]) set_parameter(confFile, 'ovs', 'bridge_mappings', mappings) physnets = ','.join(['physnet' + str(tag) for tag in vlans]) set_parameter(confFile, 'ovs', 'network_vlan_ranges', physnets)
def setMl2Conf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['ml2'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'ml2', 'type_drivers', 'gre,vlan,flat') set_parameter(confFile, 'ml2', 'mechanism_drivers', 'openvswitch') # sort the vlan tags to get the smallest and the largest networkVlanRanges = 'external:%d:%d' % (sorted(vlans)[0], sorted(vlans)[-1]) set_parameter(confFile, 'ml2_type_vlan', 'network_vlan_ranges', networkVlanRanges) # Crudini doesn't work with the * character run("sed -i 's/flat_networks = external/flat_networks = */' %s" % confFile) set_parameter(confFile, 'ovs', 'bridge_mappings', 'external:br-vlan') set_parameter(confFile, 'ovs', 'integration_bridge' , 'br-int') # TODO: determine whether this should be vlan, gre, or both: # tenant_network_type = type of network a tenant can create # set_parameter(confFile, 'ovs', 'tenant_network_type' , 'vlan') # set_parameter(confFile, 'ovs', 'tenant_network_type' , 'gre,vlan') set_parameter(confFile, 'ovs', 'tenant_network_types' , 'gre,vlan') set_parameter(confFile, 'ovs', 'local_ip' , env_config.nicDictionary[env.host]['tnlIPADDR']) set_parameter(confFile, 'agent', 'l2_population' , 'False')
def setMl2Conf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['ml2'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'ml2', 'type_drivers', 'gre,vlan,flat') set_parameter(confFile, 'ml2', 'mechanism_drivers', 'openvswitch') # sort the vlan tags to get the smallest and the largest networkVlanRanges = 'external:%d:%d' % (sorted(vlans)[0], sorted(vlans)[-1]) set_parameter(confFile, 'ml2_type_vlan', 'network_vlan_ranges', networkVlanRanges) # Crudini doesn't work with the * character run("sed -i 's/flat_networks = external/flat_networks = */' %s" % confFile) set_parameter(confFile, 'ovs', 'bridge_mappings', 'external:br-vlan') set_parameter(confFile, 'ovs', 'integration_bridge', 'br-int') # TODO: determine whether this should be vlan, gre, or both: # tenant_network_type = type of network a tenant can create # set_parameter(confFile, 'ovs', 'tenant_network_type' , 'vlan') # set_parameter(confFile, 'ovs', 'tenant_network_type' , 'gre,vlan') set_parameter(confFile, 'ovs', 'tenant_network_types', 'gre,vlan') set_parameter(confFile, 'ovs', 'local_ip', env_config.nicDictionary[env.host]['tnlIPADDR']) set_parameter(confFile, 'agent', 'l2_population', 'False')
def network_deploy(): # edit sysctl.conf # make a backup backupConfFile(sysctl_conf, backupSuffix) set_parameter(sysctl_conf, "''", 'net.ipv4.ip_forward', '1') set_parameter(sysctl_conf, "''", 'net.ipv4.conf.all.rp_filter', '0') set_parameter(sysctl_conf, "''", 'net.ipv4.conf.default.rp_filter', '0') msg = "Implement changes on sysctl" runCheck( msg, "sysctl --system" ) # for more info visit: http://www.commandlinefu.com/commands/view/11891/reload-all-sysctl-variables-without-reboot installPackagesNetwork() # configuration configure_the_Networking_common_components() configure_ML2_plug_in_network() configure_Layer3_agent() configure_DHCP_agent() configure_metadata_agent() configure_Open_vSwitch_service() # finalize installation # The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini # pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. # If this symbolic link does not exist, create it if 'plugin.ini' not in run('ls /etc/neutron'): msg = "Create symbolic link to ml2 conf file" runCheck( msg, 'ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini' ) # Due to a packaging bug, the Open vSwitch agent initialization script explicitly looks for # the Open vSwitch plug-in configuration file rather than a symbolic link /etc/neutron/plugin.ini pointing to the ML2 # plug-in configuration file. Run the following commands to resolve this issue: run("cp /usr/lib/systemd/system/neutron-openvswitch-agent.service " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig") run("sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service") # initialize services msg = "Enable neutron services" run("systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service " + \ "neutron-dhcp-agent.service neutron-metadata-agent.service " + \ "neutron-ovs-cleanup.service") msg = "Start neutron services" run("systemctl start neutron-openvswitch-agent.service neutron-l3-agent.service " + \ "neutron-dhcp-agent.service neutron-metadata-agent.service")
def configure_the_Networking_common_components(): # make a backup backupConfFile(neutron_conf, backupSuffix) # configure RabbitMQ access set_parameter(neutron_conf,'DEFAULT','rpc_backend','rabbit') set_parameter(neutron_conf,'DEFAULT','rabbit_host','controller') set_parameter(neutron_conf,'DEFAULT','rabbit_password',passwd['RABBIT_PASS']) # configure Identity service access set_parameter(neutron_conf,'DEFAULT','auth_strategy','keystone') set_parameter(neutron_conf,'keystone_authtoken','auth_uri','http://controller:5000/v2.0') set_parameter(neutron_conf,'keystone_authtoken','identity_uri','http://controller:35357') set_parameter(neutron_conf,'keystone_authtoken','admin_tenant_name','service') set_parameter(neutron_conf,'keystone_authtoken','admin_user','neutron') set_parameter(neutron_conf,'keystone_authtoken','admin_password',passwd['NEUTRON_PASS']) # enable ML2 plugin set_parameter(neutron_conf,'DEFAULT','core_plugin','ml2') set_parameter(neutron_conf,'DEFAULT','service_plugins','router') set_parameter(neutron_conf,'DEFAULT','allow_overlapping_ips','True') set_parameter(neutron_conf,'DEFAULT','verbose','True') set_parameter(neutron_conf,'DEFAULT','debug','True')
def compute_deploy(): # edit sysctl.conf # make a backup backupConfFile(sysctl_conf, backupSuffix) set_parameter(sysctl_conf, "''", 'net.ipv4.conf.all.rp_filter', '0') set_parameter(sysctl_conf, "''", 'net.ipv4.conf.default.rp_filter', '0') msg = "Implement changes on sysctl on compute node " + env.host runCheck(msg, "sysctl -p") installPackagesCompute() # configuration configure_the_Networking_common_components() # same as networking configure_ML2_plug_in_compute() configure_nova_to_use_neutron() msg = 'Enable Open vSwitch' runCheck(msg, 'systemctl enable openvswitch.service') msg = 'Start Open vSwitch' runCheck(msg, 'systemctl start openvswitch.service') # finalize installation # The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini # pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. # If this symbolic link does not exist, create it if 'plugin.ini' not in run('ls /etc/neutron'): msg = 'Create a symbolic link to Open vSwitch\'s conf file' runCheck( msg, 'ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini' ) # Due to a packaging bug, the Open vSwitch agent initialization script explicitly looks for # the Open vSwitch plug-in configuration file rather than a symbolic link /etc/neutron/plugin.ini pointing to the ML2 # plug-in configuration file. Run the following commands to resolve this issue: msg = 'Chenge Open vSwitch to look for a symbolic link to to the ML2 conf file' run("cp /usr/lib/systemd/system/neutron-openvswitch-agent.service " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig") run("sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service") msg = 'Restart Nova service' runCheck(msg, "systemctl restart openstack-nova-compute.service") msg = 'Enable Open vSwitch' runCheck(msg, 'systemctl enable neutron-openvswitch-agent.service') msg = 'Start Open vSwitch' runCheck(msg, 'systemctl start neutron-openvswitch-agent.service') msg = 'Restart Open vSwitch' runCheck(msg, 'systemctl restart neutron-openvswitch-agent.service')
def compute_deploy(): # edit sysctl.conf # make a backup backupConfFile(sysctl_conf, backupSuffix) set_parameter(sysctl_conf,"''",'net.ipv4.conf.all.rp_filter','0') set_parameter(sysctl_conf,"''",'net.ipv4.conf.default.rp_filter','0') msg = "Implement changes on sysctl on compute node " + env.host runCheck(msg, "sysctl -p") installPackagesCompute() # configuration configure_the_Networking_common_components() # same as networking configure_ML2_plug_in_compute() configure_nova_to_use_neutron() msg = 'Enable Open vSwitch' runCheck(msg, 'systemctl enable openvswitch.service') msg = 'Start Open vSwitch' runCheck(msg, 'systemctl start openvswitch.service') # finalize installation # The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini # pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. # If this symbolic link does not exist, create it if 'plugin.ini' not in run('ls /etc/neutron'): msg = 'Create a symbolic link to Open vSwitch\'s conf file' runCheck(msg, 'ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini') # Due to a packaging bug, the Open vSwitch agent initialization script explicitly looks for # the Open vSwitch plug-in configuration file rather than a symbolic link /etc/neutron/plugin.ini pointing to the ML2 # plug-in configuration file. Run the following commands to resolve this issue: msg = 'Chenge Open vSwitch to look for a symbolic link to to the ML2 conf file' run("cp /usr/lib/systemd/system/neutron-openvswitch-agent.service " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig") run("sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service") msg = 'Restart Nova service' runCheck(msg, "systemctl restart openstack-nova-compute.service") msg = 'Enable Open vSwitch' runCheck(msg, 'systemctl enable neutron-openvswitch-agent.service') msg = 'Start Open vSwitch' runCheck(msg, 'systemctl start neutron-openvswitch-agent.service') msg = 'Restart Open vSwitch' runCheck(msg, 'systemctl restart neutron-openvswitch-agent.service')
def network_deploy(): # edit sysctl.conf # make a backup backupConfFile(sysctl_conf, backupSuffix) set_parameter(sysctl_conf,"''",'net.ipv4.ip_forward','1') set_parameter(sysctl_conf,"''",'net.ipv4.conf.all.rp_filter','0') set_parameter(sysctl_conf,"''",'net.ipv4.conf.default.rp_filter','0') msg = "Implement changes on sysctl" runCheck(msg, "sysctl --system") # for more info visit: http://www.commandlinefu.com/commands/view/11891/reload-all-sysctl-variables-without-reboot installPackagesNetwork() # configuration configure_the_Networking_common_components() configure_ML2_plug_in_network() configure_Layer3_agent() configure_DHCP_agent() configure_metadata_agent() configure_Open_vSwitch_service() # finalize installation # The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini # pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. # If this symbolic link does not exist, create it if 'plugin.ini' not in run('ls /etc/neutron'): msg = "Create symbolic link to ml2 conf file" runCheck(msg, 'ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini') # Due to a packaging bug, the Open vSwitch agent initialization script explicitly looks for # the Open vSwitch plug-in configuration file rather than a symbolic link /etc/neutron/plugin.ini pointing to the ML2 # plug-in configuration file. Run the following commands to resolve this issue: run("cp /usr/lib/systemd/system/neutron-openvswitch-agent.service " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig") run("sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service") # initialize services msg = "Enable neutron services" run("systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service " + \ "neutron-dhcp-agent.service neutron-metadata-agent.service " + \ "neutron-ovs-cleanup.service") msg = "Start neutron services" run("systemctl start neutron-openvswitch-agent.service neutron-l3-agent.service " + \ "neutron-dhcp-agent.service neutron-metadata-agent.service")
def setOVSConf(): confFile = configs['ovs'] backupConfFile(confFile, backupSuffix) # set bridge mappings mappings = 'external:br-ex,' + ','.join( ['physnet%d:%s' % (tag, bridge[tag]) for tag in vlans]) set_parameter(confFile, 'ovs', 'bridge_mappings', mappings) physnets = ','.join(['physnet' + str(tag) for tag in vlans]) set_parameter(confFile, 'ovs', 'network_vlan_ranges', physnets)
def configure_Layer3_agent(): # make a backup backupConfFile(l3_agent_file, backupSuffix) set_parameter(l3_agent_file,"DEFAULT","interface_driver","neutron.agent.linux.interface.OVSInterfaceDriver") set_parameter(l3_agent_file,"DEFAULT","use_namespaces","True") set_parameter(l3_agent_file,"DEFAULT","external_network_bridge","br-ex") set_parameter(l3_agent_file,"DEFAULT","router_delete_namespaces","True") set_parameter(l3_agent_file,"DEFAULT","verbose","True") set_parameter(l3_agent_file,"DEFAULT","debug","True")
def configure_Layer3_agent(): # make a backup backupConfFile(l3_agent_file, backupSuffix) set_parameter(l3_agent_file, "DEFAULT", "interface_driver", "neutron.agent.linux.interface.OVSInterfaceDriver") set_parameter(l3_agent_file, "DEFAULT", "use_namespaces", "True") set_parameter(l3_agent_file, "DEFAULT", "external_network_bridge", "br-ex") set_parameter(l3_agent_file, "DEFAULT", "router_delete_namespaces", "True") set_parameter(l3_agent_file, "DEFAULT", "verbose", "True") set_parameter(l3_agent_file, "DEFAULT", "debug", "True")
def setL3Conf(): confFile = configs['l3'] backupConfFile(confFile, backupSuffix) # When external_network_bridge is set, each L3 agent can be associated # with no more than one external network. This value should be set to the UUID # of that external network. To allow L3 agent support multiple external # networks, both the external_network_bridge and gateway_external_network_id # must be left empty. set_parameter(confFile, 'DEFAULT', 'external_network_bridge', "''") set_parameter(confFile, 'DEFAULT', 'gateway_external_network_id', "''")
def setDHCPConf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['dhcp'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'DEFAULT', 'dhcp_delete_namespaces', 'True') set_parameter(confFile, 'DEFAULT', 'enable_metadata_network', 'False') set_parameter(confFile, 'DEFAULT', 'enable_isolated_metadata', 'True') set_parameter(confFile, 'DEFAULT', 'use_namespaces', 'True') set_parameter(confFile, 'DEFAULT', 'ovs_use_veth', 'False') set_parameter(confFile, 'DEFAULT', 'dhcp_agent_manager', 'neutron.agent.dhcp_agent.DhcpAgentWithStateReport')
def configure_DHCP_agent(): # make a backup backupConfFile(dhcp_agent_file, backupSuffix) set_parameter(dhcp_agent_file,"DEFAULT","interface_driver", "neutron.agent.linux.interface.OVSInterfaceDriver") set_parameter(dhcp_agent_file,"DEFAULT","dhcp_driver", "neutron.agent.linux.dhcp.Dnsmasq") set_parameter(dhcp_agent_file,"DEFAULT","use_namespaces","True") set_parameter(dhcp_agent_file,"DEFAULT","dhcp_delete_namespaces","True") set_parameter(dhcp_agent_file,"DEFAULT","verbose","True") set_parameter(dhcp_agent_file,"DEFAULT","debug","True")
def configure_metadata_proxy_on_controller(): # to configure the metadata agent, some changes need to be made # on the controller node # make a backup backupConfFile(nova_conf, backupSuffix) set_parameter(nova_conf,'neutron','service_metadata_proxy','True') set_parameter(nova_conf,'neutron','metadata_proxy_shared_secret', passwd['METADATA_SECRET']) msg = "Restart Nova service" runCheck(msg, "systemctl restart openstack-nova-api.service")
def configure_metadata_proxy_on_controller(): # to configure the metadata agent, some changes need to be made # on the controller node # make a backup backupConfFile(nova_conf, backupSuffix) set_parameter(nova_conf, 'neutron', 'service_metadata_proxy', 'True') set_parameter(nova_conf, 'neutron', 'metadata_proxy_shared_secret', passwd['METADATA_SECRET']) msg = "Restart Nova service" runCheck(msg, "systemctl restart openstack-nova-api.service")
def setOVSConf(): "Set ovs_neutron_plugin.ini" # This isn't specified in the source (opencloudblog), but the file exists # and it seems like it should also be setup confFile = configs['ovs'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'ovs', 'bridge_mappings', 'external:br-vlan') set_parameter(confFile, 'ovs', 'tenant_network_type', 'vlan') networkVlanRanges = 'external:%d:%d' % (sorted(vlans)[0], sorted(vlans)[-1]) set_parameter(confFile, 'ovs', 'network_vlan_ranges', networkVlanRanges)
def configure_DHCP_agent(): # make a backup backupConfFile(dhcp_agent_file, backupSuffix) set_parameter(dhcp_agent_file, "DEFAULT", "interface_driver", "neutron.agent.linux.interface.OVSInterfaceDriver") set_parameter(dhcp_agent_file, "DEFAULT", "dhcp_driver", "neutron.agent.linux.dhcp.Dnsmasq") set_parameter(dhcp_agent_file, "DEFAULT", "use_namespaces", "True") set_parameter(dhcp_agent_file, "DEFAULT", "dhcp_delete_namespaces", "True") set_parameter(dhcp_agent_file, "DEFAULT", "verbose", "True") set_parameter(dhcp_agent_file, "DEFAULT", "debug", "True")
def configure_networking_server_component(): # configure neutron.conf with crudini # make a backup backupConfFile(neutron_conf, backupSuffix) # configure database access parameter = 'mysql://*****:*****@controller/neutron'.format(passwd['NEUTRON_DBPASS']) set_parameter(neutron_conf,'database','connection',parameter) # configure RabbitMQ access set_parameter(neutron_conf,'DEFAULT','rpc_backend','rabbit') set_parameter(neutron_conf,'DEFAULT','rabbit_host','controller') set_parameter(neutron_conf,'DEFAULT','rabbit_password',passwd['RABBIT_PASS']) # configure Identity service access set_parameter(neutron_conf,'DEFAULT','auth_strategy','keystone') set_parameter(neutron_conf,'keystone_authtoken','auth_uri','http://controller:5000/v2.0') set_parameter(neutron_conf,'keystone_authtoken','identity_uri','http://controller:35357') set_parameter(neutron_conf,'keystone_authtoken','admin_tenant_name','service') set_parameter(neutron_conf,'keystone_authtoken','admin_user','neutron') set_parameter(neutron_conf,'keystone_authtoken','admin_password',passwd['NEUTRON_PASS']) # enable ML2 plugin set_parameter(neutron_conf,'DEFAULT','core_plugin','ml2') set_parameter(neutron_conf,'DEFAULT','service_plugins','router') set_parameter(neutron_conf,'DEFAULT','allow_overlapping_ips','True') # set Neutron to notify Nova of of topology changes # get service tenant id with prefix(env_config.admin_openrc): nova_admin_tenant_id = run('keystone tenant-list | grep service | cut -d\| -f2') if nova_admin_tenant_id: # if tenant service doesn't exist, this variable will be empty set_parameter(neutron_conf,'DEFAULT','nova_admin_tenant_id',nova_admin_tenant_id) set_parameter(neutron_conf,'DEFAULT','notify_nova_on_port_status_changes','True') set_parameter(neutron_conf,'DEFAULT','notify_nova_on_port_data_changes','True') set_parameter(neutron_conf,'DEFAULT','nova_url','http://controller:8774/v2') set_parameter(neutron_conf,'DEFAULT','nova_admin_auth_url','http://controller:35357/v2.0') set_parameter(neutron_conf,'DEFAULT','nova_region_name','regionOne') set_parameter(neutron_conf,'DEFAULT','nova_admin_username','nova') set_parameter(neutron_conf,'DEFAULT','nova_admin_password',passwd['NOVA_PASS']) # turn on verbose logging set_parameter(neutron_conf,'DEFAULT','verbose','True') set_parameter(neutron_conf,'DEFAULT','debug','True')
def setML2Conf(): confFile = configs['ml2'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'ml2_type_vlan', 'network_vlan_ranges', 'physnet1:208:2131') set_parameter(confFile, 'ovs', 'tenant_network_type', 'gre') # set_parameter(confFile, 'ovs', 'tenant_network_type', 'vlan') # set_parameter(confFile, 'ovs', 'bridge_mappings', 'physnet1:br-ex') # TODO: add name of virtual bridge set_parameter(confFile, 'ovs', 'bridge_mappings', 'physnet1:') # from this site: https://developer.rackspace.com/blog/neutron-networking-vlan-provider-networks/ set_parameter(confFile, 'ovs', 'integration_bridge', 'br-int') set_parameter(confFile, 'ovs', 'enable_tunneling', 'True') set_parameter(confFile, 'ovs', 'tunnel_bridge', 'br-tun') set_parameter(confFile, 'ovs', 'tunnel_id_ranges', '1:1000') set_parameter(confFile, 'ovs', 'network_vlan_ranges', 'physnet1:208:2131')
def configure_nova_to_use_neutron(): # make a backup backupConfFile(nova_conf, backupSuffix) set_parameter(nova_conf,'DEFAULT','network_api_class','nova.network.neutronv2.api.API') set_parameter(nova_conf,'DEFAULT','security_group_api','neutron') set_parameter(nova_conf,'DEFAULT','linuxnet_interface_driver','nova.network.linux_net.LinuxOVSInterfaceDriver') set_parameter(nova_conf,'DEFAULT','firewall_driver','nova.virt.firewall.NoopFirewallDriver') set_parameter(nova_conf,'neutron','url','http://controller:9696') set_parameter(nova_conf,'neutron','auth_strategy','keystone') set_parameter(nova_conf,'neutron','admin_auth_url','http://controller:35357/v2.0') set_parameter(nova_conf,'neutron','admin_tenant_name','service') set_parameter(nova_conf,'neutron','admin_username','neutron') set_parameter(nova_conf,'neutron','admin_password',passwd['NEUTRON_PASS'])
def configure_metadata_agent(): # make a backup backupConfFile(metadata_agent_file, backupSuffix) set_parameter(metadata_agent_file,'DEFAULT','auth_url','http://controller:5000/v2.0') set_parameter(metadata_agent_file,'DEFAULT','auth_region','regionOne') set_parameter(metadata_agent_file,'DEFAULT','admin_tenant_name','service') set_parameter(metadata_agent_file,'DEFAULT','admin_user','neutron') set_parameter(metadata_agent_file,'DEFAULT','nova_metadata_ip','controller') set_parameter(metadata_agent_file,'DEFAULT','admin_password',passwd['NEUTRON_PASS']) set_parameter(metadata_agent_file,'DEFAULT','metadata_proxy_shared_secret', passwd['METADATA_SECRET']) set_parameter(metadata_agent_file,'DEFAULT','verbose','True') set_parameter(metadata_agent_file,'DEFAULT','debug','True') execute(configure_metadata_proxy_on_controller)
def setNeutronConf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['neutron'] backupConfFile(confFile, backupSuffix) section = 'DEFAULT' set_parameter(confFile, section, 'max_l3_agents_per_router', '2') set_parameter(confFile, section, 'l3_ha', 'False') set_parameter(confFile, section, 'allow_automatic_l3agent_failover', 'True') set_parameter(confFile, section, 'allow_overlapping_ips', 'True') set_parameter(confFile, section, 'core_plugin', 'ml2') set_parameter(confFile, section, 'service_plugins', 'router') # set_parameter(confFile, section, 'service_plugins', 'router,firewall,lbaas,vpnaas,metering') set_parameter(confFile, section, 'force_gateway_on_subnet', 'True') set_parameter(confFile, section, 'dhcp_options_enabled', 'False') set_parameter(confFile, section, 'dhcp_agents_per_network', '1') set_parameter(confFile, section, 'router_distributed', 'False') set_parameter(confFile, section, 'router_delete_namespaces', 'True') set_parameter(confFile, section, 'check_child_processes', 'True') section = 'securitygroup' set_parameter( confFile, section, 'firewall_driver', 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' ) set_parameter(confFile, section, 'enable_ipset', 'True') set_parameter(confFile, section, 'enable_security_group', 'True') section = 'agent' set_parameter(confFile, section, 'enable_distributed_routing', 'False') set_parameter(confFile, section, 'dont_fragment', 'True') set_parameter(confFile, section, 'arp_responder', 'False') # Crudini doesn't work when a variable name is setup more than once, as is service_provider, # so for this one we use sed newLine = [ 'service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:default' ] run("sed -i \"/\[service_providers\]/a %s\" %s" % (newLine, confFile))
def configure_ML2_plugin_general(): # The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual # networking framework for instances. However, the controller node does not need the OVS # components because it does not handle instance network traffic. # make a backup backupConfFile(ml2_conf_file, backupSuffix) # set_parameter(ml2_conf_file,'ml2','type_drivers','flat,gre') set_parameter(ml2_conf_file,'ml2','type_drivers','flat,gre,vlan') set_parameter(ml2_conf_file,'ml2','tenant_network_types','gre') set_parameter(ml2_conf_file,'ml2','mechanism_drivers','openvswitch') set_parameter(ml2_conf_file,'ml2_type_gre','tunnel_id_ranges','1:1000') set_parameter(ml2_conf_file,'securitygroup','enable_security_group','True') set_parameter(ml2_conf_file,'securitygroup','enable_ipset','True') set_parameter(ml2_conf_file,'securitygroup','firewall_driver',\ 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver')
def configure_ML2_plugin_general(): # The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual # networking framework for instances. However, the controller node does not need the OVS # components because it does not handle instance network traffic. # make a backup backupConfFile(ml2_conf_file, backupSuffix) # set_parameter(ml2_conf_file,'ml2','type_drivers','flat,gre') set_parameter(ml2_conf_file, 'ml2', 'type_drivers', 'flat,gre,vlan') set_parameter(ml2_conf_file, 'ml2', 'tenant_network_types', 'gre') set_parameter(ml2_conf_file, 'ml2', 'mechanism_drivers', 'openvswitch') set_parameter(ml2_conf_file, 'ml2_type_gre', 'tunnel_id_ranges', '1:1000') set_parameter(ml2_conf_file, 'securitygroup', 'enable_security_group', 'True') set_parameter(ml2_conf_file, 'securitygroup', 'enable_ipset', 'True') set_parameter(ml2_conf_file,'securitygroup','firewall_driver',\ 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver')
def configure_nova_to_use_neutron(): # make a backup backupConfFile(nova_conf, backupSuffix) set_parameter(nova_conf, 'DEFAULT', 'network_api_class', 'nova.network.neutronv2.api.API') set_parameter(nova_conf, 'DEFAULT', 'security_group_api', 'neutron') set_parameter(nova_conf, 'DEFAULT', 'linuxnet_interface_driver', 'nova.network.linux_net.LinuxOVSInterfaceDriver') set_parameter(nova_conf, 'DEFAULT', 'firewall_driver', 'nova.virt.firewall.NoopFirewallDriver') set_parameter(nova_conf, 'neutron', 'url', 'http://controller:9696') set_parameter(nova_conf, 'neutron', 'auth_strategy', 'keystone') set_parameter(nova_conf, 'neutron', 'admin_auth_url', 'http://controller:35357/v2.0') set_parameter(nova_conf, 'neutron', 'admin_tenant_name', 'service') set_parameter(nova_conf, 'neutron', 'admin_username', 'neutron') set_parameter(nova_conf, 'neutron', 'admin_password', passwd['NEUTRON_PASS'])
def configure_metadata_agent(): # make a backup backupConfFile(metadata_agent_file, backupSuffix) set_parameter(metadata_agent_file, 'DEFAULT', 'auth_url', 'http://controller:5000/v2.0') set_parameter(metadata_agent_file, 'DEFAULT', 'auth_region', 'regionOne') set_parameter(metadata_agent_file, 'DEFAULT', 'admin_tenant_name', 'service') set_parameter(metadata_agent_file, 'DEFAULT', 'admin_user', 'neutron') set_parameter(metadata_agent_file, 'DEFAULT', 'nova_metadata_ip', 'controller') set_parameter(metadata_agent_file, 'DEFAULT', 'admin_password', passwd['NEUTRON_PASS']) set_parameter(metadata_agent_file, 'DEFAULT', 'metadata_proxy_shared_secret', passwd['METADATA_SECRET']) set_parameter(metadata_agent_file, 'DEFAULT', 'verbose', 'True') set_parameter(metadata_agent_file, 'DEFAULT', 'debug', 'True') execute(configure_metadata_proxy_on_controller)
def setNeutronConf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['neutron'] backupConfFile(confFile, backupSuffix) section = 'DEFAULT' set_parameter(confFile, section, 'max_l3_agents_per_router', '2') set_parameter(confFile, section, 'l3_ha', 'False') set_parameter(confFile, section, 'allow_automatic_l3agent_failover', 'True') set_parameter(confFile, section, 'allow_overlapping_ips', 'True') set_parameter(confFile, section, 'core_plugin', 'ml2') set_parameter(confFile, section, 'service_plugins', 'router') # set_parameter(confFile, section, 'service_plugins', 'router,firewall,lbaas,vpnaas,metering') set_parameter(confFile, section, 'force_gateway_on_subnet', 'True') set_parameter(confFile, section, 'dhcp_options_enabled', 'False') set_parameter(confFile, section, 'dhcp_agents_per_network', '1') set_parameter(confFile, section, 'router_distributed', 'False') set_parameter(confFile, section, 'router_delete_namespaces', 'True') set_parameter(confFile, section, 'check_child_processes', 'True') section = 'securitygroup' set_parameter(confFile, section, 'firewall_driver', 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver') set_parameter(confFile, section, 'enable_ipset', 'True') set_parameter(confFile, section, 'enable_security_group', 'True') section = 'agent' set_parameter(confFile, section, 'enable_distributed_routing', 'False') set_parameter(confFile, section, 'dont_fragment', 'True') set_parameter(confFile, section, 'arp_responder', 'False') # Crudini doesn't work when a variable name is setup more than once, as is service_provider, # so for this one we use sed newLine = ['service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:default'] run("sed -i \"/\[service_providers\]/a %s\" %s" % (newLine, confFile))
def configure_networking_server_component(): # configure neutron.conf with crudini # make a backup backupConfFile(neutron_conf, backupSuffix) # configure database access parameter = 'mysql://*****:*****@controller/neutron'.format( passwd['NEUTRON_DBPASS']) set_parameter(neutron_conf, 'database', 'connection', parameter) # configure RabbitMQ access set_parameter(neutron_conf, 'DEFAULT', 'rpc_backend', 'rabbit') set_parameter(neutron_conf, 'DEFAULT', 'rabbit_host', 'controller') set_parameter(neutron_conf, 'DEFAULT', 'rabbit_password', passwd['RABBIT_PASS']) # configure Identity service access set_parameter(neutron_conf, 'DEFAULT', 'auth_strategy', 'keystone') set_parameter(neutron_conf, 'keystone_authtoken', 'auth_uri', 'http://controller:5000/v2.0') set_parameter(neutron_conf, 'keystone_authtoken', 'identity_uri', 'http://controller:35357') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_tenant_name', 'service') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_user', 'neutron') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_password', passwd['NEUTRON_PASS']) # enable ML2 plugin set_parameter(neutron_conf, 'DEFAULT', 'core_plugin', 'ml2') set_parameter(neutron_conf, 'DEFAULT', 'service_plugins', 'router') set_parameter(neutron_conf, 'DEFAULT', 'allow_overlapping_ips', 'True') # set Neutron to notify Nova of of topology changes # get service tenant id with prefix(env_config.admin_openrc): nova_admin_tenant_id = run( 'keystone tenant-list | grep service | cut -d\| -f2') if nova_admin_tenant_id: # if tenant service doesn't exist, this variable will be empty set_parameter(neutron_conf, 'DEFAULT', 'nova_admin_tenant_id', nova_admin_tenant_id) set_parameter(neutron_conf, 'DEFAULT', 'notify_nova_on_port_status_changes', 'True') set_parameter(neutron_conf, 'DEFAULT', 'notify_nova_on_port_data_changes', 'True') set_parameter(neutron_conf, 'DEFAULT', 'nova_url', 'http://controller:8774/v2') set_parameter(neutron_conf, 'DEFAULT', 'nova_admin_auth_url', 'http://controller:35357/v2.0') set_parameter(neutron_conf, 'DEFAULT', 'nova_region_name', 'regionOne') set_parameter(neutron_conf, 'DEFAULT', 'nova_admin_username', 'nova') set_parameter(neutron_conf, 'DEFAULT', 'nova_admin_password', passwd['NOVA_PASS']) # turn on verbose logging set_parameter(neutron_conf, 'DEFAULT', 'verbose', 'True') set_parameter(neutron_conf, 'DEFAULT', 'debug', 'True')
def setL3Conf(): confFile = configs['l3'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'DEFAULT', 'external_network_bridge', 'br-ex')