From 0bdaa8c6db9a84cb547465524ee0370debbb6d73 Mon Sep 17 00:00:00 2001
From: Travis Truman <travis_truman@cable.comcast.com>
Date: Wed, 6 Jul 2016 16:25:15 -0400
Subject: [PATCH] Support for Open vSwitch Distributed Virtual Routing

Deployers may now enable DVR by setting the value of
the neutron_plugin_type variable to "ml2.ovs.dvr"

When set, the role will deploy and configure the OVS agent,
l3 agent and metadata agent as recommended by the neutron
Networking Guide's High Availability using Distributed Virtual
Routing scenario:

http://docs.openstack.org/mitaka/networking-guide/scenario-dvr-ovs.html

Change-Id: I27fd65c807cfde83f6250f613d9994cf83e1c0e0
Partially-Implements: blueprint neutron-dvr
---
 defaults/main.yml                             | 21 +++++++++++++++----
 .../neutron_ovs_dvr-7fca77cac0545441.yaml     | 11 ++++++++++
 templates/l3_agent.ini.j2                     |  3 +--
 templates/neutron.conf.j2                     |  4 ++--
 .../plugins/ml2/openvswitch_agent.ini.j2      |  1 +
 5 files changed, 32 insertions(+), 8 deletions(-)
 create mode 100644 releasenotes/notes/neutron_ovs_dvr-7fca77cac0545441.yaml

diff --git a/defaults/main.yml b/defaults/main.yml
index 9f9792c5..b35c0a98 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -99,6 +99,7 @@ neutron_plugins:
     drivers_type: "{{ neutron_ml2_drivers_type }}"
     l2_population: "{{ neutron_l2_population }}"
     mechanisms: "linuxbridge{% if neutron_l2_population | bool %},l2population{% endif %}"
+    l3_agent_mode: "legacy"
     plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}"
     plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin
     plugin_ini: plugins/ml2/ml2_conf.ini
@@ -108,6 +109,18 @@ neutron_plugins:
     drivers_type: "{{ neutron_ml2_drivers_type }}"
     l2_population: "{{ neutron_l2_population }}"
     mechanisms: "openvswitch{% if neutron_l2_population | bool %},l2population{% endif %}"
+    l3_agent_mode: "legacy"
+    plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}"
+    plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin
+    plugin_ini: plugins/ml2/ml2_conf.ini
+  ml2.ovs.dvr:
+    driver_firewall: neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+    driver_interface: neutron.agent.linux.interface.OVSInterfaceDriver
+    drivers_type: "{{ neutron_ml2_drivers_type }}"
+    l2_population: "{{ neutron_l2_population }}"
+    mechanisms: "openvswitch{% if neutron_l2_population | bool %},l2population{% endif %}"
+    l3_agent_mode: "{% if 'nova_compute' in group_names %}dvr{% else %}dvr_snat{% endif %}"
+    router_distributed: True
     plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}"
     plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin
     plugin_ini: plugins/ml2/ml2_conf.ini
@@ -133,7 +146,7 @@ neutron_services:
  neutron-openvswitch-agent:
    group: neutron_openvswitch_agent
    service_name: neutron-openvswitch-agent
-   service_en: "{{ neutron_plugin_type == 'ml2.ovs' }}"
+   service_en: "{{ 'ml2.ovs' in neutron_plugin_type }}"
    service_conf: plugins/ml2/openvswitch_agent.ini
    service_rootwrap: rootwrap.d/openvswitch-plugin.filters
    config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --log-file=/var/log/neutron/neutron-openvswitch-agent.log
@@ -210,7 +223,7 @@ neutron_services:
 neutron_dhcp: "{% if neutron_plugin_type.split('.')[0] == 'ml2' %}True{% else %}False{% endif %}"
 
 ## Neutron Metadata Agent
-neutron_metadata: "{% if neutron_plugin_type.split('.')[0] == 'ml2' %}True{% else %}False{% endif %}"
+neutron_metadata: "{% if neutron_plugin_type.split('.')[0] == 'ml2' and (neutron_plugin_type == 'ml2.ovs.dvr' or 'nova_compute' not in group_names) %}True{% else %}False{% endif %}"
 
 ## Neutron LBaaS
 # See documentation section titled "Configuring the Network Load Balacing
@@ -225,7 +238,8 @@ neutron_lbaasv2: "{% if 'lbaasv2' in neutron_plugin_base or 'neutron_lbaas.servi
 ## Neutron L3
 ## Please add 'router' to the neutron_plugin_base list
 #TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle
-neutron_l3: "{% if 'router' in neutron_plugin_base or 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base %}True{% else %}False{% endif %}"
+# Should the neutron-l3-agent service should be enabled on the host
+neutron_l3: "{% if ('router' in neutron_plugin_base or 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base) and (neutron_plugin_type == 'ml2.ovs.dvr' or 'nova_compute' not in group_names) %}True{% else %}False{% endif %}"
 
 # Set this option to "true" to enable legacy neutron L3HA tool support
 # TODO(cloudnull): Remove this in the Ocata cycle
@@ -309,7 +323,6 @@ neutron_keystone_auth_plugin: password
 neutron_external_network_bridge: ""
 neutron_gateway_external_network_id: ""
 
-neutron_agent_mode: legacy
 neutron_agent_down_time: 120
 neutron_agent_polling_interval: 5
 neutron_report_interval: "{{ neutron_agent_down_time | int / 2 | int }}"
diff --git a/releasenotes/notes/neutron_ovs_dvr-7fca77cac0545441.yaml b/releasenotes/notes/neutron_ovs_dvr-7fca77cac0545441.yaml
new file mode 100644
index 00000000..6627221c
--- /dev/null
+++ b/releasenotes/notes/neutron_ovs_dvr-7fca77cac0545441.yaml
@@ -0,0 +1,11 @@
+---
+features:
+  - |
+    Support for Neutron distributed virtual routing has been added to the
+    ``os_neutron`` role. This includes the implementation of Networking
+    Guide's suggested agent configuration. This feature may be activated
+    by setting ``neutron_plugin_type: ml2.ovs.dvr`` in ``/etc/openstack_deploy/user_variables.yml``.
+upgrade:
+  - The variable ``neutron_agent_mode`` has been removed from the
+    ``os_neutron`` role. The appropriate value for ``l3_agent.ini`` is now
+    determined based on the ``neutron_plugin_type`` and host group membership.
diff --git a/templates/l3_agent.ini.j2 b/templates/l3_agent.ini.j2
index 1368d523..1da68707 100644
--- a/templates/l3_agent.ini.j2
+++ b/templates/l3_agent.ini.j2
@@ -13,8 +13,7 @@ gateway_external_network_id = {{ neutron_gateway_external_network_id }}
 # Drivers
 interface_driver = {{ neutron_plugins[neutron_plugin_type].driver_interface }}
 
-# Agent mode (legacy only)
-agent_mode = {{ neutron_agent_mode }}
+agent_mode = {{ neutron_plugins[neutron_plugin_type].l3_agent_mode }}
 
 # Conventional failover
 allow_automatic_l3agent_failover = True
diff --git a/templates/neutron.conf.j2 b/templates/neutron.conf.j2
index ff4cad00..a5f886b6 100644
--- a/templates/neutron.conf.j2
+++ b/templates/neutron.conf.j2
@@ -40,8 +40,8 @@ notification_driver = messagingv2
 network_auto_schedule = True
 router_auto_schedule = True
 
-# Distributed virtual routing (disable by default)
-router_distributed = False
+# Distributed virtual routing
+router_distributed = {{ neutron_plugins[neutron_plugin_type].router_distributed | default('False') }}
 
 # Agents
 agent_down_time = {{ neutron_agent_down_time }}
diff --git a/templates/plugins/ml2/openvswitch_agent.ini.j2 b/templates/plugins/ml2/openvswitch_agent.ini.j2
index 6d1cff19..3f1a1ecb 100644
--- a/templates/plugins/ml2/openvswitch_agent.ini.j2
+++ b/templates/plugins/ml2/openvswitch_agent.ini.j2
@@ -12,6 +12,7 @@ bridge_mappings = {{ neutron_provider_networks.network_mappings }}
 [agent]
 l2_population = {{ neutron_plugins[neutron_plugin_type].l2_population }}
 tunnel_types = {{ neutron_tunnel_types }}
+enable_distributed_routing = {{ neutron_plugins[neutron_plugin_type].router_distributed | default('False') }}
 
 # Security groups
 [securitygroup]