Merge "Test deployment with VPNaaS + ml2 ovn driver"
This commit is contained in:
Zuul
Gerrit Code Review
commit
2f556a71b5
@ -73,7 +73,7 @@ scenario](#all-in-one).
|
||||
| ceph rgw | | | | X | | |
|
||||
| vitrage | X | | | | | |
|
||||
| watcher | | | | X | | |
|
||||
| vpnaas | | | | X | | |
|
||||
| vpnaas | | | | X | X | |
|
||||
| taas | | | | X | | |
|
||||
| bgpvpn-api | | | | X | | |
|
||||
| bgp-dr | | | | X | | |
|
||||
|
||||
@ -25,11 +25,14 @@ case $facts['os']['family'] {
|
||||
$ipv6 = false
|
||||
$ovn_metadata_agent_enabled = true
|
||||
$jobboard_backend = 'redis'
|
||||
# TODO(tkajinam): Enable these along with the other plugins
|
||||
$vpnaas_enabled = false
|
||||
}
|
||||
'RedHat': {
|
||||
$ipv6 = true
|
||||
$ovn_metadata_agent_enabled = false
|
||||
$jobboard_backend = 'redis_sentinel'
|
||||
$vpnaas_enabled = true
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily (${facts['os']['family']})")
|
||||
@ -59,6 +62,7 @@ class { 'openstack_integration::glance':
|
||||
class { 'openstack_integration::neutron':
|
||||
driver => 'ovn',
|
||||
ovn_metadata_agent_enabled => $ovn_metadata_agent_enabled,
|
||||
vpnaas_enabled => $vpnaas_enabled
|
||||
}
|
||||
include openstack_integration::placement
|
||||
class { 'openstack_integration::nova':
|
||||
@ -88,4 +92,5 @@ class { 'openstack_integration::tempest':
|
||||
octavia => true,
|
||||
neutron_driver => 'ovn',
|
||||
image_format => 'raw',
|
||||
vpnaas => $vpnaas_enabled,
|
||||
}
|
||||
|
||||
@ -61,9 +61,6 @@ class openstack_integration::neutron (
|
||||
if $metering_enabled {
|
||||
fail('Metering agent is not supported when ovn mechanism driver is used.')
|
||||
}
|
||||
if $vpnaas_enabled {
|
||||
fail('VPNaaS is not supported when ovn mechanism driver is used.')
|
||||
}
|
||||
if $bgpvpn_enabled {
|
||||
fail('BGP VPN is not supported when ovn mechanism driver is used.')
|
||||
}
|
||||
@ -158,7 +155,13 @@ class openstack_integration::neutron (
|
||||
|
||||
if $driver == 'ovn' {
|
||||
$dhcp_agent_notification = false
|
||||
$plugins_list = ['qos', 'ovn-router', 'trunk']
|
||||
$vpaaas_plugin = $vpnaas_enabled ? {
|
||||
true => 'ovn-vpnaas',
|
||||
default => undef,
|
||||
}
|
||||
$plugins_list = delete_undef_values([
|
||||
'qos', 'ovn-router', 'trunk', $vpaaas_plugin,
|
||||
])
|
||||
} else {
|
||||
$dhcp_agent_notification = true
|
||||
$metering_plugin = $metering_enabled ? {
|
||||
@ -281,7 +284,10 @@ class openstack_integration::neutron (
|
||||
}
|
||||
|
||||
$rpc_workers = $driver ? {
|
||||
'ovn' => 0,
|
||||
'ovn' => $vpnaas_enabled ? {
|
||||
true => 2,
|
||||
default => 0,
|
||||
},
|
||||
default => 2,
|
||||
}
|
||||
$rpc_state_report_workers = $driver ? {
|
||||
@ -404,6 +410,23 @@ class openstack_integration::neutron (
|
||||
ovn_sb_ca_cert => '/etc/neutron/switchcacert.pem',
|
||||
}
|
||||
}
|
||||
|
||||
$vpn_device_driver = $facts['os']['family'] ? {
|
||||
'Debian' => 'neutron_vpnaas.services.vpn.device_drivers.ovn_ipsec.OvnStrongSwanDriver',
|
||||
default => 'neutron_vpnaas.services.vpn.device_drivers.ovn_ipsec.OvnLibreSwanDriver',
|
||||
}
|
||||
$vpnaas_driver = 'neutron_vpnaas.services.vpn.service_drivers.ovn_ipsec.IPsecOvnVPNDriver'
|
||||
if $vpnaas_enabled {
|
||||
class { 'neutron::agents::vpnaas::ovn':
|
||||
debug => true,
|
||||
vpn_device_driver => $vpn_device_driver,
|
||||
interface_driver => 'openvswitch',
|
||||
ovn_sb_connection => $::openstack_integration::config::ovn_sb_connection,
|
||||
ovn_sb_private_key => '/etc/neutron/ovnsb-privkey.pem',
|
||||
ovn_sb_certificate => '/etc/neutron/ovnsb-cert.pem',
|
||||
ovn_sb_ca_cert => '/etc/neutron/switchcacert.pem',
|
||||
}
|
||||
}
|
||||
} else {
|
||||
class { 'neutron::agents::metadata':
|
||||
debug => true,
|
||||
@ -434,29 +457,19 @@ class openstack_integration::neutron (
|
||||
debug => true,
|
||||
}
|
||||
}
|
||||
if $vpnaas_enabled {
|
||||
$vpn_device_driver = $facts['os']['family'] ? {
|
||||
'Debian' => 'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver',
|
||||
default => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver'
|
||||
}
|
||||
$service_provider_name = $facts['os']['family'] ? {
|
||||
'Debian' => 'strongswan',
|
||||
default => 'openswan'
|
||||
}
|
||||
|
||||
class { 'neutron::services::vpnaas':
|
||||
service_providers => join([
|
||||
'VPN',
|
||||
$service_provider_name,
|
||||
'neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver',
|
||||
'default'
|
||||
], ':')
|
||||
}
|
||||
$vpn_device_driver = $facts['os']['family'] ? {
|
||||
'Debian' => 'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver',
|
||||
default => 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver'
|
||||
}
|
||||
$vpnaas_driver = 'neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver'
|
||||
if $vpnaas_enabled {
|
||||
class { 'neutron::agents::vpnaas':
|
||||
vpn_device_driver => $vpn_device_driver,
|
||||
interface_driver => $driver,
|
||||
}
|
||||
}
|
||||
|
||||
if $taas_enabled {
|
||||
class { 'neutron::agents::taas': }
|
||||
class { 'neutron::services::taas': }
|
||||
@ -483,6 +496,22 @@ class openstack_integration::neutron (
|
||||
}
|
||||
}
|
||||
|
||||
if $vpnaas_enabled {
|
||||
$vpnaas_service_provider = $facts['os']['family'] ? {
|
||||
'Debian' => 'strongswan',
|
||||
default => 'openswan'
|
||||
}
|
||||
|
||||
class { 'neutron::services::vpnaas':
|
||||
service_providers => join([
|
||||
'VPN',
|
||||
$vpnaas_service_provider,
|
||||
$vpnaas_driver,
|
||||
'default'
|
||||
], ':')
|
||||
}
|
||||
}
|
||||
|
||||
if $baremetal_enabled {
|
||||
class { 'neutron::plugins::ml2::networking_baremetal': }
|
||||
class { 'neutron::agents::ml2::networking_baremetal':
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user