Merge "Neutron: add linuxbridge daemonset and config script"

2017-08-29 13:43:21 +00:00 · 2017-08-29 13:43:21 +00:00 · 38cc836bab
commit 38cc836bab
parent 774c34176d aaedb4a150
13 changed files with 509 additions and 10 deletions
--- a/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-dhcp-agent.sh.tpl
@ -20,5 +20,7 @@ set -x
 exec neutron-dhcp-agent \
      --config-file /etc/neutron/neutron.conf \
      --config-file /etc/neutron/dhcp_agent.ini \
-      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
+      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
 {{- if eq .Values.network.backend "ovs" }} \
      --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
 {{- end }}
--- a/neutron/templates/bin/_neutron-l3-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-l3-agent.sh.tpl
@ -20,5 +20,7 @@ set -x
 exec neutron-l3-agent \
      --config-file /etc/neutron/neutron.conf \
      --config-file /etc/neutron/l3_agent.ini \
-      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
+      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
 {{- if eq .Values.network.backend "ovs" }} \
      --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
 {{- end }}
--- a/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
+++ b/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
@ -0,0 +1,65 @@
 #!/bin/bash
 {{/*
 Copyright 2017 The Openstack-Helm Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
   http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 set -ex
 modprobe ebtables
 # configure external bridge
 external_bridge="{{- .Values.network.external_bridge -}}"
 external_interface="{{- .Values.network.interface.external -}}"
 if [ -n "${external_bridge}" ] ; then
    # adding existing bridge would break out the script when -e is set
    set +e
    ip link add name $external_bridge type bridge
    set -e
    ip link set dev $external_bridge up
    if [ -n "$external_interface" ] ; then
        ip link set dev $external_interface master $external_bridge
    fi
 fi
 # configure all bridge mappings defined in config
 {{- range $br, $phys := .Values.network.auto_bridge_add }}
 if [ -n "{{- $br -}}" ] ; then
    # adding existing bridge would break out the script when -e is set
    set +e
    ip link add name {{ $br }} type bridge
    set -e
    ip link set dev {{ $br }} up
    if [ -n "{{- $phys -}}" ] ; then
        ip link set dev {{ $phys }}  master {{ $br }}
    fi
 fi
 {{- end }}
 tunnel_interface="{{- .Values.network.interface.tunnel -}}"
 if [ -z "${tunnel_interface}" ] ; then
    # search for interface with default routing
    # If there is not default gateway, exit
    tunnel_interface=$(ip r | grep default | grep -oP '(?<=dev ).*') || exit 1
 fi
 # determine local-ip dynamically based on interface provided but only if tunnel_types is not null
 IP=$(ip a s $tunnel_interface | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}')
 cat <<EOF>/tmp/pod-shared/ml2-local-ip.ini
 [vxlan]
 local_ip = $IP
 EOF
--- a/neutron/templates/bin/_neutron-linuxbridge-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-linuxbridge-agent.sh.tpl
@ -0,0 +1,25 @@
 #!/bin/bash
 {{/*
 Copyright 2017 The Openstack-Helm Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
   http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 set -ex
 exec neutron-linuxbridge-agent \
  --config-file /etc/neutron/neutron.conf \
  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
  --config-file /tmp/pod-shared/ml2-local-ip.ini \
  --config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini
--- a/neutron/templates/bin/_neutron-metadata-agent.sh.tpl
+++ b/neutron/templates/bin/_neutron-metadata-agent.sh.tpl
@ -20,5 +20,7 @@ set -x
 exec neutron-metadata-agent \
      --config-file /etc/neutron/neutron.conf \
      --config-file /etc/neutron/metadata_agent.ini \
-      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
+      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
 {{- if eq .Values.network.backend "ovs" }} \
      --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini
 {{- end }}
--- a/neutron/templates/configmap-bin.yaml
+++ b/neutron/templates/configmap-bin.yaml
@ -43,6 +43,10 @@ data:
 {{ tuple "bin/_neutron-dhcp-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  neutron-l3-agent.sh: |+
 {{ tuple "bin/_neutron-l3-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  neutron-linuxbridge-agent.sh: |+
 {{ tuple "bin/_neutron-linuxbridge-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  neutron-linuxbridge-agent-init.sh: |+
 {{ tuple "bin/_neutron-linuxbridge-agent-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  neutron-metadata-agent.sh: |+
 {{ tuple "bin/_neutron-metadata-agent.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  neutron-openvswitch-agent.sh: |+
--- a/neutron/templates/daemonset-dhcp-agent.yaml
+++ b/neutron/templates/daemonset-dhcp-agent.yaml
@ -63,10 +63,14 @@ spec:
              mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
              subPath: ml2_conf.ini
              readOnly: true
            {{- if eq .Values.network.backend "ovs" }}
            - name: neutron-etc
              mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
              subPath: openvswitch_agent.ini
              readOnly: true
            - name: runopenvswitch
              mountPath: /run/openvswitch
            {{- end }}
            - name: neutron-etc
              mountPath: /etc/neutron/dhcp_agent.ini
              subPath: dhcp_agent.ini
@ -126,8 +130,6 @@ spec:
              mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
              subPath: openvswitch-plugin.filters
              readOnly: true
            - name: runopenvswitch
              mountPath: /run/openvswitch
            - name: socket
              mountPath: /var/lib/neutron/openstack-helm
 {{ if $mounts_neutron_dhcp_agent.volumeMounts }}{{ toYaml $mounts_neutron_dhcp_agent.volumeMounts | indent 12 }}{{ end }}
@ -140,9 +142,11 @@ spec:
          configMap:
            name: neutron-etc
            defaultMode: 0444
        {{- if eq .Values.network.backend "ovs" }}
        - name: runopenvswitch
          hostPath:
            path: /run/openvswitch
        {{- end }}
        - name: socket
          hostPath:
            path: /var/lib/neutron/openstack-helm
--- a/neutron/templates/daemonset-l3-agent.yaml
+++ b/neutron/templates/daemonset-l3-agent.yaml
@ -63,10 +63,14 @@ spec:
              mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
              subPath: ml2_conf.ini
              readOnly: true
            {{- if eq .Values.network.backend "ovs" }}
            - name: neutron-etc
              mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
              subPath: openvswitch_agent.ini
              readOnly: true
            - name: runopenvswitch
              mountPath: /run/openvswitch
            {{- end }}
            - name: neutron-etc
              mountPath: /etc/neutron/l3_agent.ini
              subPath: l3_agent.ini
@ -122,8 +126,6 @@ spec:
              mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
              subPath: openvswitch-plugin.filters
              readOnly: true
            - name: runopenvswitch
              mountPath: /run/openvswitch
            - name: libmodules
              mountPath: /lib/modules
              readOnly: true
@ -139,9 +141,11 @@ spec:
          configMap:
            name: neutron-etc
            defaultMode: 0444
        {{- if eq .Values.network.backend "ovs" }}
        - name: runopenvswitch
          hostPath:
            path: /run/openvswitch
        {{- end }}
        - name: libmodules
          hostPath:
            path: /lib/modules
--- a/neutron/templates/daemonset-lb-agent.yaml
+++ b/neutron/templates/daemonset-lb-agent.yaml
@ -0,0 +1,238 @@
 {{/*
 Copyright 2017 The Openstack-Helm Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
   http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 {{- if .Values.manifests.daemonset_lb_agent }}
 {{- $envAll := . }}
 {{- $dependencies := .Values.dependencies.lb_agent }}
 {{- $mounts_neutron_lb_agent := .Values.pod.mounts.neutron_lb_agent.neutron_lb_agent }}
 {{- $mounts_neutron_lb_agent_init := .Values.pod.mounts.neutron_lb_agent.init_container }}
 ---
 apiVersion: extensions/v1beta1
 kind: DaemonSet
 metadata:
  name: lb-agent
 spec:
 {{ tuple $envAll "lb_agent" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
  template:
    metadata:
      labels:
 {{ tuple $envAll "neutron" "lb-agent" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
      annotations:
        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
    spec:
      nodeSelector:
        {{ .Values.labels.lb.node_selector_key }}: {{ .Values.labels.lb.node_selector_value }}
      dnsPolicy: ClusterFirstWithHostNet
      hostNetwork: true
      initContainers:
 {{ tuple $envAll $dependencies $mounts_neutron_lb_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
        - name: lb-agent-init
          image: {{ .Values.images.neutron_linuxbridge_agent }}
          imagePullPolicy: {{ .Values.images.pull_policy }}
 {{ tuple $envAll $envAll.Values.pod.resources.agent.lb | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
          securityContext:
            privileged: true
            runAsUser: 0
          command:
            - /tmp/neutron-linuxbridge-agent-init.sh
          volumeMounts:
            - name: neutron-bin
              mountPath: /tmp/neutron-linuxbridge-agent-init.sh
              subPath: neutron-linuxbridge-agent-init.sh
              readOnly: true
            - name: pod-shared
              mountPath: /tmp/pod-shared
            - name: neutron-etc
              mountPath: /etc/neutron/neutron.conf
              subPath: neutron.conf
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
              subPath: ml2_conf.ini
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/plugins/ml2/linuxbridge_agent.ini
              subPath: linuxbridge_agent.ini
              readOnly: true
            - name: neutron-etc
              # NOTE (Portdirect): We mount here to overide Kollas custom
              # sudoers file when using Kolla images, this location will
              # also work fine for other images.
              mountPath: /etc/sudoers.d/kolla_neutron_sudoers
              subPath: neutron_sudoers
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.conf
              subPath: rootwrap.conf
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/debug.filters
              subPath: debug.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/dibbler.filters
              subPath: dibbler.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/ipset-firewall.filters
              subPath: ipset-firewall.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/l3.filters
              subPath: l3.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/netns-cleanup.filters
              subPath: netns-cleanup.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/dhcp.filters
              subPath: dhcp.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/ebtables.filters
              subPath: ebtables.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/iptables-firewall.filters
              subPath: iptables-firewall.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/linuxbridge-plugin.filters
              subPath: linuxbridge-plugin.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
              subPath: openvswitch-plugin.filters
              readOnly: true
            - name: libmodules
              mountPath: /lib/modules
              readOnly: true
            - name: run
              mountPath: /run
 {{ if $mounts_neutron_lb_agent.volumeMounts }}{{ toYaml $mounts_neutron_lb_agent.volumeMounts | indent 12 }}{{ end }}
      containers:
        - name: lb-agent
          image: {{ .Values.images.neutron_linuxbridge_agent }}
          imagePullPolicy: {{ .Values.images.pull_policy }}
 {{ tuple $envAll $envAll.Values.pod.resources.agent.lb | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
          securityContext:
            runAsUser: {{ .Values.pod.user.neutron.uid }}
            privileged: true
          command:
            - /tmp/neutron-linuxbridge-agent.sh
          readinessProbe:
            exec:
              command:
                - bash
                - -c
                - 'brctl show'
          volumeMounts:
            - name: neutron-bin
              mountPath: /tmp/neutron-linuxbridge-agent.sh
              subPath: neutron-linuxbridge-agent.sh
              readOnly: true
            - name: pod-shared
              mountPath: /tmp/pod-shared
            - name: neutron-etc
              mountPath: /etc/neutron/neutron.conf
              subPath: neutron.conf
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
              subPath: ml2_conf.ini
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/plugins/ml2/linuxbridge_agent.ini
              subPath: linuxbridge_agent.ini
              readOnly: true
            - name: neutron-etc
              # NOTE (Portdirect): We mount here to overide Kollas custom
              # sudoers file when using Kolla images, this location will
              # also work fine for other images.
              mountPath: /etc/sudoers.d/kolla_neutron_sudoers
              subPath: neutron_sudoers
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.conf
              subPath: rootwrap.conf
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/debug.filters
              subPath: debug.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/dibbler.filters
              subPath: dibbler.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/ipset-firewall.filters
              subPath: ipset-firewall.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/l3.filters
              subPath: l3.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/netns-cleanup.filters
              subPath: netns-cleanup.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/dhcp.filters
              subPath: dhcp.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/ebtables.filters
              subPath: ebtables.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/iptables-firewall.filters
              subPath: iptables-firewall.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/linuxbridge-plugin.filters
              subPath: linuxbridge-plugin.filters
              readOnly: true
            - name: neutron-etc
              mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
              subPath: openvswitch-plugin.filters
              readOnly: true
            - name: libmodules
              mountPath: /lib/modules
              readOnly: true
            - name: run
              mountPath: /run
 {{ if $mounts_neutron_lb_agent.volumeMounts }}{{ toYaml $mounts_neutron_lb_agent.volumeMounts | indent 12 }}{{ end }}
      volumes:
        - name: pod-shared
          emptyDir: {}
        - name: neutron-bin
          configMap:
            name: neutron-bin
            defaultMode: 0555
        - name: neutron-etc
          configMap:
            name: neutron-etc
            defaultMode: 0444
        - name: libmodules
          hostPath:
            path: /lib/modules
        - name: run
          hostPath:
            path: /run
 {{ if $mounts_neutron_lb_agent.volumes }}{{ toYaml $mounts_neutron_lb_agent.volumes | indent 8 }}{{ end }}
 {{- end }}
--- a/neutron/templates/daemonset-metadata-agent.yaml
+++ b/neutron/templates/daemonset-metadata-agent.yaml
@ -65,10 +65,14 @@ spec:
              mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
              subPath: ml2_conf.ini
              readOnly: true
            {{- if eq .Values.network.backend "ovs" }}
            - name: neutron-etc
              mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini
              subPath: openvswitch_agent.ini
              readOnly: true
            - name: runopenvswitch
              mountPath: /run/openvswitch
            {{- end }}
            - name: neutron-etc
              mountPath: /etc/neutron/metadata_agent.ini
              subPath: metadata_agent.ini
@ -124,8 +128,6 @@ spec:
              mountPath: /etc/neutron/rootwrap.d/openvswitch-plugin.filters
              subPath: openvswitch-plugin.filters
              readOnly: true
            - name: runopenvswitch
              mountPath: /run/openvswitch
            - name: socket
              mountPath: /var/lib/neutron/stackanetes
 {{ if $mounts_neutron_metadata_agent.volumeMounts }}{{ toYaml $mounts_neutron_metadata_agent.volumeMounts | indent 12 }}{{ end }}
@ -138,9 +140,11 @@ spec:
          configMap:
            name: neutron-etc
            defaultMode: 0444
        {{- if eq .Values.network.backend "ovs" }}
        - name: runopenvswitch
          hostPath:
            path: /run/openvswitch
        {{- end }}
        - name: socket
          hostPath:
            path: /var/lib/neutron/openstack-helm
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@ -32,6 +32,7 @@ images:
  metadata: docker.io/kolla/ubuntu-source-neutron-metadata-agent:3.0.3
  l3: docker.io/kolla/ubuntu-source-neutron-l3-agent:3.0.3
  neutron_openvswitch_agent: docker.io/kolla/ubuntu-source-neutron-openvswitch-agent:3.0.3
  neutron_linuxbridge_agent: docker.io/kolla/ubuntu-source-neutron-linuxbridge-agent:3.0.3
  openvswitch_db_server: docker.io/kolla/ubuntu-source-openvswitch-db-server:3.0.3
  openvswitch_vswitchd: docker.io/kolla/ubuntu-source-openvswitch-vswitchd:3.0.3
  dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0
@ -45,6 +46,9 @@ labels:
  ovs:
      node_selector_key: openvswitch
      node_selector_value: enabled
  lb:
      node_selector_key: linuxbridge
      node_selector_value: enabled
  agent:
    dhcp:
      node_selector_key: openstack-control-plane
@ -60,6 +64,9 @@ labels:
    node_selector_value: enabled
 network:
  # provide what type of network wiring will be used
  # possible options: ovs, linuxbridge
  backend: ovs
  external_bridge: br-ex
  ip_address: 0.0.0.0
  interface:
@ -138,6 +145,7 @@ dependencies:
    - service: compute
      endpoint: internal
    daemonset:
    # this should be set to corresponding neutron L2 agent
    - ovs-agent
  metadata:
    services:
@ -148,6 +156,7 @@ dependencies:
    - service: compute
      endpoint: internal
    daemonset:
    # this should be set to corresponding neutron L2 agent
    - ovs-agent
  ovs_agent:
    services:
@ -155,6 +164,12 @@ dependencies:
      endpoint: internal
    - service: network
      endpoint: internal
  lb_agent:
    services:
    - service: oslo_messaging
      endpoint: internal
    - service: network
      endpoint: internal
  l3:
    services:
    - service: oslo_messaging
@ -164,6 +179,7 @@ dependencies:
    - service: compute
      endpoint: internal
    daemonset:
    # this should be set to corresponding neutron L2 agent
    - ovs-agent
  tests:
    services:
@ -198,6 +214,9 @@ pod:
    neutron_l3_agent:
      init_container: null
      neutron_l3_agent:
    neutron_lb_agent:
      init_container: null
      neutron_lb_agent:
    neutron_metadata_agent:
      init_container: null
      neutron_metadata_agent:
@ -230,6 +249,10 @@ pod:
          enabled: false
          min_ready_seconds: 0
          max_unavailable: 1
        lb_agent:
          enabled: true
          min_ready_seconds: 0
          max_unavailable: 1
        metadata_agent:
          enabled: true
          min_ready_seconds: 0
@ -269,6 +292,13 @@ pod:
        limits:
          memory: "1024Mi"
          cpu: "2000m"
      lb:
        requests:
          memory: "128Mi"
          cpu: "100m"
        limits:
          memory: "1024Mi"
          cpu: "2000m"
      metadata:
        requests:
          memory: "128Mi"
@ -599,9 +629,11 @@ conf:
        default_availability_zones: nova
        api_workers: 4
        allow_overlapping_ips: True
        # core_plugin can be: ml2, calico
        core_plugin: ml2
        # service_plugin can be: router, odl-router, empty for calico,
        # networking_ovn.l3.l3_ovn.OVNL3RouterPlugin for OVN
        service_plugins: router
        interface_driver: openvswitch
        metadata_proxy_socket: /var/lib/neutron/openstack-helm/metadata_proxy
        db:
          allow_automatic_l3agent_failover: True
@ -613,6 +645,7 @@ conf:
          network_auto_schedule: True
          router_auto_schedule: True
        agent:
          # we can define here, which driver we are using: openvswitch or linuxbridge
          interface_driver: openvswitch
    oslo_concurrency:
      oslo:
@ -654,6 +687,8 @@ conf:
      neutron:
        ml2:
          extension_drivers: port_security
          # mechnism_drivers can be: openvswitch, linuxbridge,
          # opendaylight, ovn
          mechanism_drivers: openvswitch,l2population
          type_drivers: flat,vlan,vxlan
          tenant_network_types: vxlan
@ -683,6 +718,8 @@ conf:
      neutron:
        base:
          agent:
            # we can define here, which driver we are using:
            # openvswitch or linuxbridge
            interface_driver: openvswitch
        dhcp:
          agent:
@ -696,6 +733,8 @@ conf:
      neutron:
        base:
          agent:
            # we can define here, which driver we are using:
            # openvswitch or linuxbridge
            interface_driver: openvswitch
        l3:
          agent:
@ -754,6 +793,30 @@ conf:
  linuxbridge_agent:
    override:
    append:
    linux_bridge:
      neutron:
        ml2:
          linuxbridge:
            agent:
              # To define Flat and VLAN connections, in LB we can assign
              # specific interface to the flat/vlan network name using:
              # physical_interface_mappings: "external:eth3"
              # Or we can set the mapping between the network and bridge:
              bridge_mappings: "external:br-ex"
              # The two above options are exclusive, do not use both of them at once
    securitygroup:
      neutron:
        ml2:
          linuxbridge:
            agent:
              firewall_driver: neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
    vxlan:
      neutron:
        ml2:
          linuxbridge:
            agent:
              l2_population: True
              arp_responder: True
 # Names of secrets used by bootstrap and environmental checks
 secrets:
@ -870,6 +933,7 @@ manifests:
  configmap_etc: true
  daemonset_dhcp_agent: true
  daemonset_l3_agent: true
  daemonset_lb_agent: false
  daemonset_metadata_agent: true
  daemonset_ovs_agent: true
  daemonset_ovs_db: true
--- a/nova/values.yaml
+++ b/nova/values.yaml
@ -196,6 +196,7 @@ dependencies:
    - service: network
      endpoint: internal
    daemonset:
    # this should be set to corresponding neutron L2 agent
    - ovs-agent
  libvirt:
    jobs:
--- a/tools/overrides/mvp/neutron-linuxbridge.yaml
+++ b/tools/overrides/mvp/neutron-linuxbridge.yaml
@ -0,0 +1,84 @@
 # Copyright 2017 The Openstack-Helm Authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 # MVP values for neutron using Linux Bridge.
 # This file contains overrides to launch a MVP deployment of neutron using
 # Linux Bridge for the OpenStack-Helm gates, and local development use.
 # It should be kept to the bare minimum required for this purpose.
 network:
  backend: linuxbridge
  interface:
    tunnel: docker0
 manifests:
  daemonset_lb_agent: true
  daemonset_ovs_agent: false
  daemonset_ovs_db: false
  daemonset_ovs_vswitchd: false
 dependencies:
  dhcp:
    daemonset:
      - lb-agent
  l3:
    daemonset:
      - lb-agent
  metadata:
    daemonset:
      - lb-agent
 conf:
  neutron:
    default:
      oslo:
        log:
          debug: false
      neutron:
        agent:
          interface_driver: linuxbridge
        db:
          l3_ha: False
          min_l3_agents_per_router: 1
          max_l3_agents_per_router: 1
          l3_ha_network_type: vxlan
          dhcp_agents_per_network: 1
  ml2_conf:
    ml2:
      neutron:
        ml2:
          mechanism_drivers: linuxbridge, l2population
    ml2_type_flat:
      neutron:
        ml2:
          flat_networks: public
  dhcp_agent:
    default:
      neutron:
        base:
          agent:
            interface_driver: linuxbridge
  l3_agent:
    default:
      neutron:
        base:
          agent:
            interface_driver: linuxbridge
  linuxbridge_agent:
    linux_bridge:
      neutron:
        ml2:
          linuxbridge:
            agent:
              bridge_mappings: "public:br-ex"