openstack/openstack-ansible-os_neutron
Code Issues Proposed changes

Auto-fix usage of modules via FQCN

Browse Source 
Since ansible-core 2.10 it is recommended to use modules via FQCN
In order to align with recommendation, we perform migration
by applying suggestions made by `ansible-lint --fix=fqcn`

Change-Id: I809637f2b012eed4c761d12870190d0a7b786825
This commit is contained in:
Dmitriy Rabotyagov 2025-02-12 13:50:50 +01:00
parent 4b05664e9c
commit 8b2240ccb3
13 changed files with 109 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
handlers/main.yml
View File

@ -14,7 +14,7 @@
# limitations under the License.
- name: Stop services
service:
ansible.builtin.service:
name: "{{ item.service_name }}"
state: "stopped"
daemon_reload: true
@ -36,7 +36,7 @@
# processes will be running code from the previous version. This step ensures these
# orphaned processes are cleaned up correctly.
- name: Run neutron-l3-agent process cleanup
shell: |
ansible.builtin.shell: |
cgroup_path=$(findmnt -t cgroup2 -r -n -f -o target)
for ns_pid in $(cat ${cgroup_path}/neutron.slice/neutron-l3-agent.service/cgroup.procs); do
echo $(readlink -f "/proc/$ns_pid/exe") | egrep -qv "keepalived|haproxy|ipsec"
@ -53,7 +53,7 @@
- "venv changed"
- name: Restart openvswitch
service:
ansible.builtin.service:
name: "{{ neutron_ovs_service_name }}"
state: restarted
listen:
@ -63,7 +63,7 @@
- not _neutron_ovs_disabled
- name: Symlink neutron config directory
file:
ansible.builtin.file:
# NOTE(cloudnull): The "src" path is relative. This ensures all files remain
# within the host/container confines when connecting to
# them using the connection plugin or the root filesystem.
@ -76,7 +76,7 @@
- "venv changed"
- name: Drop sudoers file
template:
ansible.builtin.template:
src: "sudoers.j2"
dest: "/etc/sudoers.d/{{ neutron_system_user_name }}_sudoers"
mode: "0440"
@ -87,7 +87,7 @@
- "venv changed"
- name: Perform a DB contract
command: "{{ neutron_bin }}/neutron-db-manage upgrade --contract"
ansible.builtin.command: "{{ neutron_bin }}/neutron-db-manage upgrade --contract"
become: true
become_user: "{{ neutron_system_user_name }}"
changed_when: false
@ -99,7 +99,7 @@
- "venv changed"
- name: Start services
service:
ansible.builtin.service:
name: "{{ item.service_name }}"
enabled: "{{ item.enabled | default(True) }}"
state: "{{ item.state | default('started') }}"
@ -116,7 +116,7 @@
- "cert installed"
- name: Start ovn service
service:
ansible.builtin.service:
name: "{{ neutron_ovn_northd_service_name }}"
state: started
listen:
@ -124,7 +124,7 @@
# (NOTE) Restarting twice to cleanup some pid.
- name: Restart ovn northd
service:
ansible.builtin.service:
name: "{{ neutron_ovn_northd_service_name }}"
state: restarted
when:
@ -134,7 +134,7 @@
- ovn cert installed
- name: Restart ovn controller
service:
ansible.builtin.service:
name: "{{ neutron_ovn_controller_service_name }}"
state: restarted
when:

42
tasks/main.yml
View File

@ -13,10 +13,10 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Importing neutron_check tasks
import_tasks: neutron_check.yml
ansible.builtin.import_tasks: neutron_check.yml
- name: Gather variables for each operating system
include_vars: "{{ lookup('first_found', params) }}"
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
@ -31,12 +31,12 @@
- always
- name: Gather variables for installation method
include_vars: "{{ neutron_install_method }}_install.yml"
ansible.builtin.include_vars: "{{ neutron_install_method }}_install.yml"
tags:
- always
- name: Including osa.db_setup role
include_role:
ansible.builtin.include_role:
name: openstack.osa.db_setup
apply:
tags:
@ -58,7 +58,7 @@
- always
- name: Including osa.mq_setup role
include_role:
ansible.builtin.include_role:
name: openstack.osa.mq_setup
apply:
tags:
@ -84,7 +84,7 @@
- always
- name: Get CPU info content and store as var
command: cat /proc/cpuinfo
ansible.builtin.command: cat /proc/cpuinfo
register: cpuinfo_contents
changed_when: false
failed_when: false
@ -105,23 +105,23 @@
- always
- name: Set provider network fact(s)
set_fact:
ansible.builtin.set_fact:
neutron_provider_networks: "{{ neutron_provider_networks | default(pndata) }}"
tags:
- always
- name: Importing neutron_pre_install tasks
import_tasks: neutron_pre_install.yml
ansible.builtin.import_tasks: neutron_pre_install.yml
tags:
- neutron-install
- name: Importing neutron_install tasks
import_tasks: neutron_install.yml
ansible.builtin.import_tasks: neutron_install.yml
tags:
- neutron-install
- name: Refresh local facts
setup:
ansible.builtin.setup:
filter: ansible_local
gather_subset: "!all"
tags:
@ -129,7 +129,7 @@
# create the ssl certs before the installation of the services.
- name: Create and install SSL certificates for API
include_role:
ansible.builtin.include_role:
name: pki
tasks_from: main_certs.yml
apply:
@ -150,7 +150,7 @@
- always
- name: Create and install SSL certificates for OVN
include_role:
ansible.builtin.include_role:
name: pki
tasks_from: main_certs.yml
apply:
@ -176,7 +176,7 @@
# Include provider specific config(s)
- name: Including plugin-specific tasks
include_tasks: "{{ item }}"
ansible.builtin.include_tasks: "{{ item }}"
with_first_found:
- files:
- "{{ neutron_plugin_type.split('.')[-1] }}_config.yml"
@ -187,7 +187,7 @@
- neutron-install
- name: Importing neutron_post_install tasks
import_tasks: neutron_post_install.yml
ansible.builtin.import_tasks: neutron_post_install.yml
tags:
- neutron-config
- post-install
@ -199,10 +199,10 @@
- (neutron_services['neutron-metadata-agent']['group'] in group_names) or (neutron_services['neutron-dhcp-agent']['group'] in group_names)
block:
- name: Gather service facts
service_facts:
ansible.builtin.service_facts:
- name: Disable services if they present
systemd:
ansible.builtin.systemd:
name: "{{ item['service_name'] }}"
state: stopped
enabled: false
@ -217,7 +217,7 @@
- "{{ neutron_services['neutron-dhcp-agent'] }}"
- name: Run the systemd service role
import_role:
ansible.builtin.import_role:
name: systemd_service
vars:
systemd_user_name: "{{ neutron_system_user_name }}"
@ -249,7 +249,7 @@
- systemd-service
- name: Including neutron_db_setup role
include_tasks: neutron_db_setup.yml
ansible.builtin.include_tasks: neutron_db_setup.yml
args:
apply:
tags:
@ -260,7 +260,7 @@
- always
- name: Import uwsgi role
import_role:
ansible.builtin.import_role:
name: uwsgi
vars:
uwsgi_services: "{{ uwsgi_neutron_services }}"
@ -270,7 +270,7 @@
- uwsgi
- name: Including osa.service_setup role
include_role:
ansible.builtin.include_role:
name: openstack.osa.service_setup
apply:
tags:
@ -307,4 +307,4 @@
- always
- name: Flush handlers
meta: flush_handlers
ansible.builtin.meta: flush_handlers

6
tasks/neutron_apparmor.yml
View File

@ -14,7 +14,7 @@
# limitations under the License.
- name: Install required apparmor packages on the physical host
package:
ansible.builtin.package:
name: "{{ neutron_apparmor_distro_packages }}"
state: present
register: apparmor_packages
@ -25,7 +25,7 @@
delegate_to: "{{ physical_host | default('localhost') }}"
- name: Ensure apparmor service is running
systemd:
ansible.builtin.systemd:
name: "apparmor"
enabled: true
state: "started"
@ -33,7 +33,7 @@
delegate_to: "{{ physical_host | default('localhost') }}"
- name: "Disable apparmor profile"
shell: |
ansible.builtin.shell: |
# empty line to workaround bug in EnvVarsInCommandRule.py lint test
# https://github.com/willthames/ansible-lint/issues/275
set -o pipefail

2
tasks/neutron_check.yml
View File

@ -14,7 +14,7 @@
# limitations under the License.
- name: Fail if service was deployed using a different installation method
fail:
ansible.builtin.fail:
msg: "Switching installation methods for OpenStack services is not supported"
when:
- ansible_local is defined

10
tasks/neutron_db_setup.yml
View File

@ -14,7 +14,7 @@
# limitations under the License.
- name: Perform a DB expand
command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf upgrade --expand"
ansible.builtin.command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf upgrade --expand"
become: true
become_user: "{{ neutron_system_user_name }}"
changed_when: false
@ -23,7 +23,7 @@
- "_neutron_is_first_play_host"
- name: Disable the db expand fact
ini_file:
community.general.ini_file:
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
section: neutron
option: "need_db_expand"
@ -31,7 +31,7 @@
mode: "0644"
- name: Check for available offline migrations
command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf has_offline_migrations"
ansible.builtin.command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf has_offline_migrations"
environment:
LANGUAGE: en_US.UTF-8
become: true
@ -45,7 +45,7 @@
- "'Need to apply migrations' not in _offline_migrations_check.stdout"
- name: Set the fact for the required offline migrations
ini_file:
community.general.ini_file:
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
section: neutron
option: "need_db_contract"
@ -57,6 +57,6 @@
notify: Restart neutron services
- name: Refresh local facts
setup:
ansible.builtin.setup:
filter: ansible_local
gather_subset: "!all"

22
tasks/neutron_install.yml
View File

@ -14,7 +14,7 @@
# limitations under the License.
- name: Record the installation method
ini_file:
community.general.ini_file:
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
section: "neutron"
option: "install_method"
@ -22,12 +22,12 @@
mode: "0644"
- name: Refresh local facts to ensure the neutron section is present
setup:
ansible.builtin.setup:
filter: ansible_local
gather_subset: "!all"
- name: Install neutron role packages
package:
ansible.builtin.package:
name: "{{ neutron_package_list }}"
state: "{{ neutron_package_state }}"
policy_rc_d: "{{ (neutron_needs_openvswitch | bool and ansible_facts['pkg_mgr'] == 'apt') | ternary(101, omit) }}"
@ -43,7 +43,7 @@
- "restart ovn service"
- name: Remove known problem packages
package:
ansible.builtin.package:
name: "{{ item }}"
state: absent
register: remove_packages
@ -53,7 +53,7 @@
with_items: "{{ neutron_remove_distro_packages }}"
- name: Include FRR role for OVN BGP Agent
include_role:
ansible.builtin.include_role:
name: frrouting
apply:
tags:
@ -77,14 +77,14 @@
# neutron itself also appears in u-c (!) as the split between neutron and
# neutron-lib appears incomplete.
- name: Retrieve the constraints URL
uri:
ansible.builtin.uri:
url: "{{ neutron_upper_constraints_url }}"
return_content: true
register: _u_c_contents
check_mode: false
- name: Install the python venv
import_role:
ansible.builtin.import_role:
name: "python_venv_build"
vars:
venv_python_executable: "{{ neutron_venv_python_executable }}"
@ -108,7 +108,7 @@
- ((filtered_neutron_services|length) + (uwsgi_neutron_services|length)) > 0
- name: Initialise the upgrade facts
ini_file:
community.general.ini_file:
dest: "/etc/ansible/facts.d/openstack_ansible.fact"
section: neutron
option: "{{ item.name }}"
@ -127,7 +127,7 @@
('need_db_contract' not in ansible_local['openstack_ansible']['neutron'])
- name: Ensure Open vSwitch service state is set according to node group
service:
ansible.builtin.service:
name: "{{ neutron_ovs_service_name }}"
state: "{{ _neutron_ovs_disabled | ternary('stopped', 'started') }}"
enabled: "{{ _neutron_ovs_disabled | ternary(false, true) }}"
@ -139,7 +139,7 @@
- name: Record the first container on each physical host
delegate_to: "localhost"
run_once: true
set_fact:
ansible.builtin.set_fact:
neutron_apparmor_hosts: |
{%- set apparmor_hosts = [] -%}
{%- set physical_hosts = [] -%}
@ -158,7 +158,7 @@
when: ansible_facts['pkg_mgr'] == 'apt'
- name: Importing neutron_apparmor tasks
import_tasks: neutron_apparmor.yml
ansible.builtin.import_tasks: neutron_apparmor.yml
when:
- ansible_facts['pkg_mgr'] == 'apt'
- inventory_hostname in neutron_apparmor_hosts

22
tasks/neutron_post_install.yml
View File

@ -18,7 +18,7 @@
- ((filtered_neutron_services|length) + (uwsgi_neutron_services|length)) > 0
block:
- name: Create plugins neutron dir
file:
ansible.builtin.file:
path: "{{ item.path | default(omit) }}"
state: "directory"
owner: "{{ item.owner | default(neutron_system_user_name) }}"
@ -34,7 +34,7 @@
# NOTE(cloudnull): This task is required to copy rootwrap filters that we need
# and neutron does not provide by default.
- name: Copy extra neutron rootwrap filters
copy:
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ neutron_conf_version_dir }}/rootwrap.d/"
owner: "root"
@ -82,7 +82,7 @@
- neutron-policy-override
- name: Remove legacy policy.yaml file
file:
ansible.builtin.file:
path: "{{ neutron_conf_dir }}/policy.yaml"
state: absent
when:
@ -91,7 +91,7 @@
- neutron-policy-override
- name: Create symlink to neutron-keepalived-state-change
file:
ansible.builtin.file:
src: "{{ neutron_bin }}/neutron-keepalived-state-change"
dest: "/usr/local/bin/neutron-keepalived-state-change"
state: link
@ -99,13 +99,13 @@
- neutron_install_method == 'source'
- name: Preserve original configuration file(s)
command: "cp {{ item.target_f }} {{ item.target_f }}.original"
ansible.builtin.command: "cp {{ item.target_f }} {{ item.target_f }}.original"
args:
creates: "{{ item.target_f }}.original"
with_items: "{{ neutron_core_files }}"
- name: Fetch override files
fetch:
ansible.builtin.fetch:
src: "{{ item.target_f }}.original"
dest: "{{ item.tmp_f }}"
flat: true
@ -128,7 +128,7 @@
- Restart uwsgi services
- name: Cleanup fetched temp files
file:
ansible.builtin.file:
path: "{{ item.tmp_f }}"
state: absent
changed_when: false
@ -148,7 +148,7 @@
with_items: "{{ neutron_plugin_types }}"
- name: Generate neutron dnsmasq Config
template:
ansible.builtin.template:
src: "dnsmasq-neutron.conf.j2"
dest: "{{ neutron_conf_version_dir }}/dnsmasq-neutron.conf"
owner: "root"
@ -178,7 +178,7 @@
- "'service_conf' in item"
- name: Generate neutron bgpvpn networking configuration
template:
ansible.builtin.template:
src: "networking_bgpvpn.conf.j2"
dest: "{{ neutron_conf_version_dir }}/networking_bgpvpn.conf"
owner: "root"
@ -191,7 +191,7 @@
- "'bgpvpn' in neutron_plugin_base"
- name: Copy vpnaas custom config files
copy:
ansible.builtin.copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "root"
@ -204,7 +204,7 @@
- item.condition | default(True)
- name: Stop haproxy service on debian derivatives with standalone network nodes
service:
ansible.builtin.service:
name: haproxy
state: stopped
enabled: false

16
tasks/neutron_pre_install.yml
View File

@ -14,13 +14,13 @@
# limitations under the License.
- name: Create the system group
group:
ansible.builtin.group:
name: "{{ neutron_system_group_name }}"
state: "present"
system: "yes"
- name: Create the neutron system user
user:
ansible.builtin.user:
name: "{{ neutron_system_user_name }}"
group: "{{ neutron_system_group_name }}"
comment: "{{ neutron_system_comment }}"
@ -36,12 +36,12 @@
- name: Source config block
block:
- name: Stat config directory
stat:
ansible.builtin.stat:
path: "{{ neutron_conf_dir }}"
register: neutron_conf_dir_stat
- name: Remove the config directory
file:
ansible.builtin.file:
path: "{{ neutron_conf_dir }}"
state: absent
when:
@ -52,7 +52,7 @@
- ((filtered_neutron_services|length) + (uwsgi_neutron_services|length)) > 0
- name: Create neutron dir
file:
ansible.builtin.file:
path: "{{ item.path | default(omit) }}"
state: "{{ item.state | default('directory') }}"
owner: "{{ item.owner | default(neutron_system_user_name) }}"
@ -81,7 +81,7 @@
state: "{{ (neutron_plugin_type == 'ml2.ovn') | ternary('absent', 'directory') }}"
- name: Add dependency repos for Neutron
package:
ansible.builtin.package:
name: "{{ neutron_repos }}"
state: "{{ neutron_package_state }}"
retries: 5
@ -93,14 +93,14 @@
- name: Create ovs tempfiles directory
block:
- name: Create ovs tmpfiles file
lineinfile:
ansible.builtin.lineinfile:
dest: "/etc/tmpfiles.d/openstack-openvswitch.conf"
line: "D /var/run/openvswitch 2755 root root"
create: true
mode: "0644"
- name: Create ovs tmp directory
file:
ansible.builtin.file:
path: "/var/run/openvswitch"
state: directory
mode: "02755"

18
tasks/providers/ovn_cluster_setup.yml
View File

@ -17,7 +17,7 @@
# checking if ovn db are clustered or not, if not then this is fresh node.
- name: Check if ovn db is clustered
command: ovsdb-tool db-is-clustered /var/lib/ovn/ovnnb_db.db
ansible.builtin.command: ovsdb-tool db-is-clustered /var/lib/ovn/ovnnb_db.db
ignore_errors: true
failed_when: false
changed_when: false
@ -29,18 +29,18 @@
- _check_cluster_db.rc != 0
block:
- name: Stop ovn services
service:
ansible.builtin.service:
name: "{{ neutron_ovn_northd_service_name }}"
state: stopped
- name: Clean up ovn db directory
file:
ansible.builtin.file:
path: /var/lib/ovn/
state: absent
# We are finding leader node so new nodes use leader to join cluster.
- name: Find leader node in ovn cluster
shell: ovs-appctl -t /var/run/ovn/ovnnb_db.ctl cluster/status OVN_Northbound | sed 's/ //g' | grep -oP '(?<=Role:).*'
ansible.builtin.shell: ovs-appctl -t /var/run/ovn/ovnnb_db.ctl cluster/status OVN_Northbound | sed 's/ //g' | grep -oP '(?<=Role:).*'
args:
executable: /bin/bash
ignore_errors: true
@ -55,12 +55,12 @@
# set leader_node variable
- name: Set leader_node fact
set_fact:
ansible.builtin.set_fact:
leader_node: "{{ (_find_leader.results | selectattr('stdout', 'search', 'leader')) | map(attribute='container') | list }}"
# This play only run first time to build cluster using primary node.
- name: Setup ovn cluster using primary node.
template:
ansible.builtin.template:
src: ovn-northd-opts.j2
dest: "{{ neutron_ovn_northd_opts_file }}"
mode: "0644"
@ -71,7 +71,7 @@
register: ovn_northd_opts
- name: Start ovn service
service:
ansible.builtin.service:
name: "{{ neutron_ovn_northd_service_name }}"
state: started
when:
@ -81,7 +81,7 @@
- ovn_northd_opts.changed
- name: Configure connection settings for ovn-nb and ovn-sb
command: "{{ cmd }}"
ansible.builtin.command: "{{ cmd }}"
changed_when: false
with_items:
- "ovn-nbctl --inactivity-probe={{ neutron_ovn_nb_inactivity_probe }} set-connection p{{ ovn_proto }}:6641"
@ -102,7 +102,7 @@
# This play will add nodes in existing cluster using leader_node var.
- name: Join new nodes to ovn cluster using leader node
template:
ansible.builtin.template:
src: ovn-northd-opts.j2
dest: "{{ neutron_ovn_northd_opts_file }}"
mode: "0644"

10
tasks/providers/ovn_config.yml
View File

@ -16,7 +16,7 @@
# limitations under the License.
- name: Configure ovn-controller
template:
ansible.builtin.template:
src: ovn-controller-opts.j2
dest: "{{ neutron_ovn_controller_opts_file }}"
mode: "0644"
@ -30,7 +30,7 @@
# so we mask service that executes that part to prevent failures
# https://bugs.launchpad.net/cloud-archive/+bug/2017757
- name: Mask setting OVS hostname service
service:
ansible.builtin.service:
name: ovs-record-hostname
enabled: false
state: stopped
@ -40,7 +40,7 @@
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Ensure ovn-northd service is started and enabled
systemd:
ansible.builtin.systemd:
name: "{{ neutron_ovn_northd_service_name }}"
state: started
enabled: true
@ -48,7 +48,7 @@
- neutron_services['neutron-ovn-northd']['group'] in group_names
- name: Ensure ovn-controller service is started and enabled
systemd:
ansible.builtin.systemd:
name: "{{ neutron_ovn_controller_service_name }}"
state: "{{ (ovn_controller_config.changed) | ternary('restarted', 'started') }}"
enabled: true
@ -59,7 +59,7 @@
ansible.builtin.include_tasks: setup_ovs_ovn.yml
- name: Set CLI options to connect to leader
template:
ansible.builtin.template:
src: ovn-cli-options.j2
dest: "/root/ovnctl.rc"
owner: root

4
tasks/providers/ovs_config.yml
View File

@ -14,7 +14,7 @@
# limitations under the License.
- name: Setup Network Provider Bridges
openvswitch_bridge:
openvswitch.openvswitch.openvswitch_bridge:
bridge: "{{ bridge_mapping.split(':')[1] }}"
fail_mode: secure
state: present
@ -28,7 +28,7 @@
- not ovs_dpdk_support
- name: Add ports to Network Provider Bridges
openvswitch_port:
openvswitch.openvswitch.openvswitch_port:
bridge: "{{ interface_mapping.split(':')[0] }}"
port: "{{ interface_mapping.split(':')[1] }}"
state: present

24
tasks/providers/setup_ovs_dpdk.yml
View File

@ -14,7 +14,7 @@
# limitations under the License.
- name: Set alternative ovs-vswitchd service
alternatives:
community.general.alternatives:
name: ovs-vswitchd
path: /usr/lib/openvswitch-switch-dpdk/ovs-vswitchd-dpdk
when:
@ -23,7 +23,7 @@
- '"nova_compute" in group_names'
- name: Configure DPDK interface to driver bindings
template:
ansible.builtin.template:
src: dpdk_interfaces.j2
dest: "/etc/dpdk/interfaces"
owner: "root"
@ -34,7 +34,7 @@
- '"nova_compute" in group_names'
- name: Configure DPDK hugepage allocation
template:
ansible.builtin.template:
src: dpdk.conf.j2
dest: "/etc/dpdk/dpdk.conf"
owner: "root"
@ -45,7 +45,7 @@
- '"nova_compute" in group_names'
- name: Ensure DPDK service is started and enabled
systemd:
ansible.builtin.systemd:
name: "{{ dpdk_service_name }}"
state: restarted
enabled: true
@ -54,7 +54,7 @@
- '"nova_compute" in group_names'
- name: Ensure Open vSwitch service is started and enabled
systemd:
ansible.builtin.systemd:
name: "{{ neutron_ovs_service_name }}"
state: restarted
enabled: true
@ -62,28 +62,28 @@
- neutron_services['neutron-openvswitch-agent']['group'] in group_names
- name: Set DPDK lcore mask
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-lcore-mask={{ ovs_dpdk_lcore_mask }}"
ansible.builtin.command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-lcore-mask={{ ovs_dpdk_lcore_mask }}"
changed_when: false
when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names'
- name: Set DPDK PMD cpu mask
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:pmd-cpu-mask={{ ovs_dpdk_pmd_cpu_mask }}"
ansible.builtin.command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:pmd-cpu-mask={{ ovs_dpdk_pmd_cpu_mask }}"
changed_when: false
when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names'
- name: Set DPDK socket memory
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-socket-mem={{ ovs_dpdk_socket_mem }}"
ansible.builtin.command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-socket-mem={{ ovs_dpdk_socket_mem }}"
changed_when: false
when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names'
- name: Enable DPDK support for openvswitch
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-init=true"
ansible.builtin.command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-init=true"
changed_when: false
when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names
@ -91,7 +91,7 @@
# (jamesdenton) Should replace hard dir with var, and only do this on computes
- name: Create vhost_socket directory
file:
ansible.builtin.file:
path: /var/lib/vhost_socket
state: directory
owner: "{{ vhost_socket_directory_owner }}"
@ -104,7 +104,7 @@
# NOTE: This needs to be netdev for compute and system for network node
# Should I set an override for network nodes (non-dpdk)to default 'system' rather than 'netdev'?
- name: Setup Network Provider Bridges
openvswitch_bridge:
openvswitch.openvswitch.openvswitch_bridge:
bridge: "{{ bridge_mapping.split(':')[1] }}"
set: "bridge {{ bridge_mapping.split(':')[1] }} datapath_type={{ ovs_datapath }}"
fail_mode: secure
@ -119,7 +119,7 @@
# Adds a single host interface to an OVS bridge
- name: Add ports to Network Provider Bridges
openvswitch_port:
openvswitch.openvswitch.openvswitch_port:
bridge: "{{ interface_mapping.split(':')[0] }}"
port: "{{ interface_mapping.split(':', 1)[1] }}"
set: "Interface {{ interface_mapping.split(':', 1)[1] }} type=dpdk options:dpdk-devargs='{{ interface_mapping.split(':', 1)[1] }}'"

22
tasks/providers/setup_ovs_ovn.yml
View File

@ -17,25 +17,25 @@
- name: Set openvswitch hostname
changed_when: false
command: "ovs-vsctl set open_vswitch . external-ids:hostname='{{ ansible_facts['nodename'] }}'"
ansible.builtin.command: "ovs-vsctl set open_vswitch . external-ids:hostname='{{ ansible_facts['nodename'] }}'"
when:
- (neutron_services['neutron-ovn-controller']['group'] in group_names)
- name: Set CMS Options for Gateway Scheduling
changed_when: false
command: "ovs-vsctl set Open_vSwitch . external-ids:ovn-cms-options=enable-chassis-as-gw,availability-zones={{ neutron_availability_zone }}"
ansible.builtin.command: "ovs-vsctl set Open_vSwitch . external-ids:ovn-cms-options=enable-chassis-as-gw,availability-zones={{ neutron_availability_zone }}"
when:
- '"neutron_ovn_gateway" in group_names'
- name: Configure OVN Southbound Connection
changed_when: false
command: "ovs-vsctl set open . external-ids:ovn-remote={{ neutron_ovn_sb_connection }}"
ansible.builtin.command: "ovs-vsctl set open . external-ids:ovn-remote={{ neutron_ovn_sb_connection }}"
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Configure Supported OVN Overlay Protocols
changed_when: false
command: >-
ansible.builtin.command: >-
ovs-vsctl set open . external-ids:ovn-encap-type={{ neutron_provider_networks.network_types.split(',') | intersect(
['geneve', 'vxlan', 'stt']) | join(',') }}
when:
@ -43,27 +43,27 @@
- name: Configure Encapsulation Address for Overlay Traffic
changed_when: false
command: "ovs-vsctl set open . external-ids:ovn-encap-ip={{ neutron_local_ip }}"
ansible.builtin.command: "ovs-vsctl set open . external-ids:ovn-encap-ip={{ neutron_local_ip }}"
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
# Create an ovsdb manager for Nova (os-vif)
- name: Register existing OVSDB Manager(s)
command: ovs-vsctl get-manager
ansible.builtin.command: ovs-vsctl get-manager
changed_when: false
register: existing_ovsdb_manager
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Create OVSDB Manager
command: ovs-vsctl --id @manager create Manager "target=\"{{ neutron_ovsdb_manager }}\"" -- add Open_vSwitch . manager_options @manager
ansible.builtin.command: ovs-vsctl --id @manager create Manager "target=\"{{ neutron_ovsdb_manager }}\"" -- add Open_vSwitch . manager_options @manager
changed_when: false
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- neutron_ovsdb_manager not in existing_ovsdb_manager.stdout_lines
- name: Setup Network Provider Bridges
openvswitch_bridge:
openvswitch.openvswitch.openvswitch_bridge:
bridge: "{{ bridge_mapping.split(':')[1] }}"
fail_mode: standalone
state: present
@ -80,7 +80,7 @@
vars:
_neutron_attach_ovs_port_for_bgp: >-
{{ (neutron_ovn_bgp_enable and neutron_services['neutron-ovn-bgp-agent']['group'] in group_names) | ternary('absent', 'present') }}
openvswitch_port:
openvswitch.openvswitch.openvswitch_port:
bridge: "{{ interface_mapping.split(':')[0] }}"
port: "{{ interface_mapping.split(':')[1] }}"
state: "{{ _neutron_attach_ovs_port_for_bgp }}"
@ -92,13 +92,13 @@
- neutron_provider_networks.network_interface_mappings is defined and (neutron_provider_networks.network_interface_mappings|length > 0)
- name: Set the OVN Bridge Mappings in OVS
command: "ovs-vsctl set open . external-ids:ovn-bridge-mappings={{ neutron_provider_networks.network_mappings }}"
ansible.builtin.command: "ovs-vsctl set open . external-ids:ovn-bridge-mappings={{ neutron_provider_networks.network_mappings }}"
changed_when: false
when:
- neutron_provider_networks.network_mappings is defined and (neutron_provider_networks.network_mappings|length > 0)
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Including ovn_cluster_setup tasks
include_tasks: ovn_cluster_setup.yml
ansible.builtin.include_tasks: ovn_cluster_setup.yml
when:
- neutron_services['neutron-ovn-northd']['group'] in group_names