diff --git a/defaults/main.yml b/defaults/main.yml index 9f9792c5..b35c0a98 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -99,6 +99,7 @@ neutron_plugins: drivers_type: "{{ neutron_ml2_drivers_type }}" l2_population: "{{ neutron_l2_population }}" mechanisms: "linuxbridge{% if neutron_l2_population | bool %},l2population{% endif %}" + l3_agent_mode: "legacy" plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}" plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin plugin_ini: plugins/ml2/ml2_conf.ini @@ -108,6 +109,18 @@ neutron_plugins: drivers_type: "{{ neutron_ml2_drivers_type }}" l2_population: "{{ neutron_l2_population }}" mechanisms: "openvswitch{% if neutron_l2_population | bool %},l2population{% endif %}" + l3_agent_mode: "legacy" + plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}" + plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin + plugin_ini: plugins/ml2/ml2_conf.ini + ml2.ovs.dvr: + driver_firewall: neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver + driver_interface: neutron.agent.linux.interface.OVSInterfaceDriver + drivers_type: "{{ neutron_ml2_drivers_type }}" + l2_population: "{{ neutron_l2_population }}" + mechanisms: "openvswitch{% if neutron_l2_population | bool %},l2population{% endif %}" + l3_agent_mode: "{% if 'nova_compute' in group_names %}dvr{% else %}dvr_snat{% endif %}" + router_distributed: True plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}" plugin_core: neutron.plugins.ml2.plugin.Ml2Plugin plugin_ini: plugins/ml2/ml2_conf.ini @@ -133,7 +146,7 @@ neutron_services: neutron-openvswitch-agent: group: neutron_openvswitch_agent service_name: neutron-openvswitch-agent - service_en: "{{ neutron_plugin_type == 'ml2.ovs' }}" + service_en: "{{ 'ml2.ovs' in neutron_plugin_type }}" service_conf: plugins/ml2/openvswitch_agent.ini service_rootwrap: rootwrap.d/openvswitch-plugin.filters config_options: --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini --log-file=/var/log/neutron/neutron-openvswitch-agent.log @@ -210,7 +223,7 @@ neutron_services: neutron_dhcp: "{% if neutron_plugin_type.split('.')[0] == 'ml2' %}True{% else %}False{% endif %}" ## Neutron Metadata Agent -neutron_metadata: "{% if neutron_plugin_type.split('.')[0] == 'ml2' %}True{% else %}False{% endif %}" +neutron_metadata: "{% if neutron_plugin_type.split('.')[0] == 'ml2' and (neutron_plugin_type == 'ml2.ovs.dvr' or 'nova_compute' not in group_names) %}True{% else %}False{% endif %}" ## Neutron LBaaS # See documentation section titled "Configuring the Network Load Balacing @@ -225,7 +238,8 @@ neutron_lbaasv2: "{% if 'lbaasv2' in neutron_plugin_base or 'neutron_lbaas.servi ## Neutron L3 ## Please add 'router' to the neutron_plugin_base list #TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle -neutron_l3: "{% if 'router' in neutron_plugin_base or 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base %}True{% else %}False{% endif %}" +# Should the neutron-l3-agent service should be enabled on the host +neutron_l3: "{% if ('router' in neutron_plugin_base or 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base) and (neutron_plugin_type == 'ml2.ovs.dvr' or 'nova_compute' not in group_names) %}True{% else %}False{% endif %}" # Set this option to "true" to enable legacy neutron L3HA tool support # TODO(cloudnull): Remove this in the Ocata cycle @@ -309,7 +323,6 @@ neutron_keystone_auth_plugin: password neutron_external_network_bridge: "" neutron_gateway_external_network_id: "" -neutron_agent_mode: legacy neutron_agent_down_time: 120 neutron_agent_polling_interval: 5 neutron_report_interval: "{{ neutron_agent_down_time | int / 2 | int }}" diff --git a/releasenotes/notes/neutron_ovs_dvr-7fca77cac0545441.yaml b/releasenotes/notes/neutron_ovs_dvr-7fca77cac0545441.yaml new file mode 100644 index 00000000..6627221c --- /dev/null +++ b/releasenotes/notes/neutron_ovs_dvr-7fca77cac0545441.yaml @@ -0,0 +1,11 @@ +--- +features: + - | + Support for Neutron distributed virtual routing has been added to the + ``os_neutron`` role. This includes the implementation of Networking + Guide's suggested agent configuration. This feature may be activated + by setting ``neutron_plugin_type: ml2.ovs.dvr`` in ``/etc/openstack_deploy/user_variables.yml``. +upgrade: + - The variable ``neutron_agent_mode`` has been removed from the + ``os_neutron`` role. The appropriate value for ``l3_agent.ini`` is now + determined based on the ``neutron_plugin_type`` and host group membership. diff --git a/templates/l3_agent.ini.j2 b/templates/l3_agent.ini.j2 index 1368d523..1da68707 100644 --- a/templates/l3_agent.ini.j2 +++ b/templates/l3_agent.ini.j2 @@ -13,8 +13,7 @@ gateway_external_network_id = {{ neutron_gateway_external_network_id }} # Drivers interface_driver = {{ neutron_plugins[neutron_plugin_type].driver_interface }} -# Agent mode (legacy only) -agent_mode = {{ neutron_agent_mode }} +agent_mode = {{ neutron_plugins[neutron_plugin_type].l3_agent_mode }} # Conventional failover allow_automatic_l3agent_failover = True diff --git a/templates/neutron.conf.j2 b/templates/neutron.conf.j2 index ff4cad00..a5f886b6 100644 --- a/templates/neutron.conf.j2 +++ b/templates/neutron.conf.j2 @@ -40,8 +40,8 @@ notification_driver = messagingv2 network_auto_schedule = True router_auto_schedule = True -# Distributed virtual routing (disable by default) -router_distributed = False +# Distributed virtual routing +router_distributed = {{ neutron_plugins[neutron_plugin_type].router_distributed | default('False') }} # Agents agent_down_time = {{ neutron_agent_down_time }} diff --git a/templates/plugins/ml2/openvswitch_agent.ini.j2 b/templates/plugins/ml2/openvswitch_agent.ini.j2 index 6d1cff19..3f1a1ecb 100644 --- a/templates/plugins/ml2/openvswitch_agent.ini.j2 +++ b/templates/plugins/ml2/openvswitch_agent.ini.j2 @@ -12,6 +12,7 @@ bridge_mappings = {{ neutron_provider_networks.network_mappings }} [agent] l2_population = {{ neutron_plugins[neutron_plugin_type].l2_population }} tunnel_types = {{ neutron_tunnel_types }} +enable_distributed_routing = {{ neutron_plugins[neutron_plugin_type].router_distributed | default('False') }} # Security groups [securitygroup]