stackforge/puppet-openstack-cloud
Code Issues Proposed changes

Neutron L3: enable external provider network capability

Browse Source 
- as an option, disable br-ex in Neutron L3 agent configuration
- as an option, manage the provider network using a puppet provider
- manage br-pub bridge and public interface for public bridge
- backward compatibility since we keep br-ex as an option

Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>
This commit is contained in:
Emilien Macchi 2014-06-10 20:52:26 +02:00
parent a1d6853552
commit 12af1d4b02
9 changed files with 417 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
manifests/network.pp
View File

@ -47,6 +47,25 @@
# (optionnal) Bridge mapping for provider networks
# Defaults to ['physnet1:br-eth1']
#
# [*flat_networks*]
# (optionnal) List of physical_network names with which flat networks
# can be created. Use * to allow flat networks with arbitrary
# physical_network names.
# Should be an array.
# Default to ['public'].
#
# [*external_int*]
# (optionnal) Network interface to bind the external provider network
# Defaults to 'eth1'.
#
# [*external_bridge*]
# (optionnal) OVS bridge used to bind external provider network
# Defaults to 'br-pub'.
#
# [*manage_ext_network*]
# (optionnal) Manage or not external network with provider network API
# Defaults to false.
#
# [*use_syslog*]
# (optional) Use syslog for logging
# Defaults to true
@ -68,10 +87,14 @@ class cloud::network(
$tunnel_eth = '127.0.0.1',
$api_eth = '127.0.0.1',
$provider_vlan_ranges = ['physnet1:1000:2999'],
$provider_bridge_mappings = ['physnet1:br-eth1'],
$provider_bridge_mappings = ['public:br-pub'],
$use_syslog = true,
$log_facility = 'LOG_LOCAL0',
$dhcp_lease_duration = '120'
$dhcp_lease_duration = '120',
$flat_networks = ['public'],
$external_int = 'eth1',
$external_bridge = 'br-pub',
$manage_ext_network = false
) {
# Disable twice logging if syslog is enabled
@ -112,10 +135,11 @@ class cloud::network(
}
class { 'neutron::plugins::ml2':
type_drivers => ['gre','vlan'],
type_drivers => ['gre','vlan','flat'],
tenant_network_types => ['gre'],
network_vlan_ranges => $provider_vlan_ranges,
tunnel_id_ranges => ['1:10000'],
flat_networks => $flat_networks,
mechanism_drivers => ['openvswitch','l2population'],
enable_security_group => true,
firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
@ -144,4 +168,17 @@ class cloud::network(
mode => '0755'
}
if $manage_ext_network {
vs_port {$external_int:
ensure => present,
bridge => $external_bridge
} ->
neutron_network {'public':
provider_network_type => 'flat',
provider_physical_network => 'public',
shared => true,
router_external => true
}
}
}

28
manifests/network/l3.pp
View File

@ -17,21 +17,29 @@
#
class cloud::network::l3(
$external_int = 'eth0',
$debug = true,
$external_int = 'eth1',
$ext_provider_net = false,
$debug = true,
) {
include 'cloud::network'
if ! $ext_provider_net {
vs_bridge{'br-ex':
external_ids => 'bridge-id=br-ex',
} ->
vs_port{$external_int:
ensure => present,
bridge => 'br-ex'
}
$external_network_bridge_real = 'br-ex'
} else {
$external_network_bridge_real = ''
}
class { 'neutron::agents::l3':
debug => $debug,
} ->
vs_bridge{'br-ex':
external_ids => 'bridge-id=br-ex',
} ->
vs_port{$external_int:
ensure => present,
bridge => 'br-ex'
debug => $debug,
external_network_bridge => $external_network_bridge_real
}
class { 'neutron::agents::metering':

55
spec/classes/cloud_compute_hypervisor_spec.rb
View File

@ -59,10 +59,15 @@ describe 'cloud::compute::hypervisor' do
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['physnet1:br-eth1'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => false,
verbose => true,
debug => true,
use_syslog => true,
dhcp_lease_duration => '10',
log_facility => 'LOG_LOCAL0' }"
end
@ -147,17 +152,20 @@ describe 'cloud::compute::hypervisor' do
should contain_class('neutron::agents::ovs').with(
:enable_tunneling => true,
:tunnel_types => ['gre'],
:bridge_mappings => ['physnet1:br-eth1'],
:bridge_mappings => ['public:br-pub'],
:local_ip => '10.0.1.1'
)
should contain_class('neutron::plugins::ml2').with(
:type_drivers => ['gre','vlan'],
:type_drivers => ['gre','vlan','flat'],
:tenant_network_types => ['gre'],
:mechanism_drivers => ['openvswitch','l2population'],
:tunnel_id_ranges => ['1:10000'],
:network_vlan_ranges => ['physnet1:1000:2999'],
:enable_security_group => true
:flat_networks => ['public'],
:enable_security_group => true,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
)
should_not contain__neutron_network('public')
end
it 'configure neutron on compute node' do
@ -381,6 +389,45 @@ describe 'cloud::compute::hypervisor' do
end
it_raises 'a Puppet::Error', /Red Hat does not support RBD backend for VMs./
end
context 'when using provider external network' do
let :pre_condition do
"class { 'cloud::network':
rabbit_hosts => ['10.0.0.1'],
rabbit_password => 'secrete',
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => true,
verbose => true,
debug => true,
use_syslog => true,
dhcp_lease_duration => '10',
log_facility => 'LOG_LOCAL0' }"
end
it 'configure br-pub bridge' do
should contain_vs_bridge('br-pub')
end
it 'configure eth1 in br-pub' do
should contain_vs_port('eth1').with(
:ensure => 'present',
:bridge => 'br-pub'
)
end
it 'configure provider external network' do
should contain_neutron_network('public').with(
:provider_network_type => 'flat',
:provider_physical_network => 'public',
:shared => true,
:router_external => true
)
end
end
end
context 'on Debian platforms' do

50
spec/classes/cloud_network_controller_spec.rb
View File

@ -28,7 +28,11 @@ describe 'cloud::network::controller' do
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['physnet1:br-eth1'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => false,
verbose => true,
debug => true,
use_syslog => true,
@ -74,18 +78,20 @@ describe 'cloud::network::controller' do
should contain_class('neutron::agents::ovs').with(
:enable_tunneling => true,
:tunnel_types => ['gre'],
:bridge_mappings => ['physnet1:br-eth1'],
:bridge_mappings => ['public:br-pub'],
:local_ip => '10.0.1.1'
)
should contain_class('neutron::plugins::ml2').with(
:type_drivers => ['gre','vlan'],
:type_drivers => ['gre','vlan','flat'],
:tenant_network_types => ['gre'],
:mechanism_drivers => ['openvswitch','l2population'],
:tunnel_id_ranges => ['1:10000'],
:network_vlan_ranges => ['physnet1:1000:2999'],
:flat_networks => ['public'],
:enable_security_group => true,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
)
should_not contain__neutron_network('public')
end
it 'configure neutron server' do
@ -120,6 +126,44 @@ describe 'cloud::network::controller' do
)
end
context 'when using provider external network' do
let :pre_condition do
"class { 'cloud::network':
rabbit_hosts => ['10.0.0.1'],
rabbit_password => 'secrete',
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => true,
verbose => true,
debug => true,
use_syslog => true,
dhcp_lease_duration => '10',
log_facility => 'LOG_LOCAL0' }"
end
it 'configure br-pub bridge' do
should contain_vs_bridge('br-pub')
end
it 'configure eth1 in br-pub' do
should contain_vs_port('eth1').with(
:ensure => 'present',
:bridge => 'br-pub'
)
end
it 'configure provider external network' do
should contain_neutron_network('public').with(
:provider_network_type => 'flat',
:provider_physical_network => 'public',
:shared => true,
:router_external => true
)
end
end
end
context 'on Debian platforms' do

51
spec/classes/cloud_network_dhcp_spec.rb
View File

@ -28,7 +28,11 @@ describe 'cloud::network::dhcp' do
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['physnet1:br-eth1'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => false,
verbose => true,
debug => true,
use_syslog => true,
@ -63,18 +67,20 @@ describe 'cloud::network::dhcp' do
should contain_class('neutron::agents::ovs').with(
:enable_tunneling => true,
:tunnel_types => ['gre'],
:bridge_mappings => ['physnet1:br-eth1'],
:bridge_mappings => ['public:br-pub'],
:local_ip => '10.0.1.1'
)
should contain_class('neutron::plugins::ml2').with(
:type_drivers => ['gre','vlan'],
:type_drivers => ['gre','vlan','flat'],
:tenant_network_types => ['gre'],
:mechanism_drivers => ['openvswitch','l2population'],
:tunnel_id_ranges => ['1:10000'],
:network_vlan_ranges => ['physnet1:1000:2999'],
:flat_networks => ['public'],
:enable_security_group => true,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
)
should_not contain__neutron_network('public')
end
it 'configure neutron dhcp' do
@ -93,6 +99,45 @@ describe 'cloud::network::dhcp' do
)
should contain_file('/etc/neutron/dnsmasq-neutron.conf').with_content(/^dhcp-option-force=26,1400$/)
end
context 'when using provider external network' do
let :pre_condition do
"class { 'cloud::network':
rabbit_hosts => ['10.0.0.1'],
rabbit_password => 'secrete',
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => true,
verbose => true,
debug => true,
use_syslog => true,
dhcp_lease_duration => '10',
log_facility => 'LOG_LOCAL0' }"
end
it 'configure br-pub bridge' do
should contain_vs_bridge('br-pub')
end
it 'configure eth1 in br-pub' do
should contain_vs_port('eth1').with(
:ensure => 'present',
:bridge => 'br-pub'
)
end
it 'configure provider external network' do
should contain_neutron_network('public').with(
:provider_network_type => 'flat',
:provider_physical_network => 'public',
:shared => true,
:router_external => true
)
end
end
end
shared_examples_for 'openstack network dhcp with custom nameserver' do

74
spec/classes/cloud_network_l3_spec.rb
View File

@ -28,7 +28,11 @@ describe 'cloud::network::l3' do
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['physnet1:br-eth1'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => false,
verbose => true,
debug => true,
use_syslog => true,
@ -63,31 +67,93 @@ describe 'cloud::network::l3' do
should contain_class('neutron::agents::ovs').with(
:enable_tunneling => true,
:tunnel_types => ['gre'],
:bridge_mappings => ['physnet1:br-eth1'],
:bridge_mappings => ['public:br-pub'],
:local_ip => '10.0.1.1'
)
should contain_class('neutron::plugins::ml2').with(
:type_drivers => ['gre','vlan'],
:type_drivers => ['gre','vlan','flat'],
:tenant_network_types => ['gre'],
:mechanism_drivers => ['openvswitch','l2population'],
:tunnel_id_ranges => ['1:10000'],
:network_vlan_ranges => ['physnet1:1000:2999'],
:flat_networks => ['public'],
:enable_security_group => true,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
)
should_not contain__neutron_network('public')
end
it 'configure neutron l3' do
should contain_class('neutron::agents::l3').with(
:debug => true
:debug => true,
:external_network_bridge => 'br-ex'
)
end
it 'configure br-ex bridge' do
should_not contain__vs_bridge('br-ex')
end
it 'configure neutron metering agent' do
should contain_class('neutron::agents::metering').with(
:debug => true
)
end
context 'when using provider external network' do
let :pre_condition do
"class { 'cloud::network':
rabbit_hosts => ['10.0.0.1'],
rabbit_password => 'secrete',
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => true,
verbose => true,
debug => true,
use_syslog => true,
dhcp_lease_duration => '10',
log_facility => 'LOG_LOCAL0' }"
end
before do
params.merge!(
:ext_provider_net => true,
)
end
it 'configure neutron l3 without br-ex' do
should contain_class('neutron::agents::l3').with(
:debug => true,
:external_network_bridge => ''
)
end
it 'do not configure br-ex bridge' do
should_not contain_vs_bridge('br-ex')
end
it 'configure br-pub bridge' do
should contain_vs_bridge('br-pub')
end
it 'configure eth1 in br-pub' do
should contain_vs_port('eth1').with(
:ensure => 'present',
:bridge => 'br-pub'
)
end
it 'configure provider external network' do
should contain_neutron_network('public').with(
:provider_network_type => 'flat',
:provider_physical_network => 'public',
:shared => true,
:router_external => true
)
end
end
end
context 'on Debian platforms' do

50
spec/classes/cloud_network_lbaas_spec.rb
View File

@ -28,7 +28,11 @@ describe 'cloud::network::lbaas' do
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['physnet1:br-eth1'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => false,
verbose => true,
debug => true,
use_syslog => true,
@ -63,18 +67,20 @@ describe 'cloud::network::lbaas' do
should contain_class('neutron::agents::ovs').with(
:enable_tunneling => true,
:tunnel_types => ['gre'],
:bridge_mappings => ['physnet1:br-eth1'],
:bridge_mappings => ['public:br-pub'],
:local_ip => '10.0.1.1'
)
should contain_class('neutron::plugins::ml2').with(
:type_drivers => ['gre','vlan'],
:type_drivers => ['gre','vlan','flat'],
:tenant_network_types => ['gre'],
:mechanism_drivers => ['openvswitch','l2population'],
:tunnel_id_ranges => ['1:10000'],
:network_vlan_ranges => ['physnet1:1000:2999'],
:flat_networks => ['public'],
:enable_security_group => true,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
)
should_not contain__neutron_network('public')
end
it 'configure neutron lbaas' do
@ -109,6 +115,44 @@ describe 'cloud::network::lbaas' do
end
end
context 'when using provider external network' do
let :pre_condition do
"class { 'cloud::network':
rabbit_hosts => ['10.0.0.1'],
rabbit_password => 'secrete',
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => true,
verbose => true,
debug => true,
use_syslog => true,
dhcp_lease_duration => '10',
log_facility => 'LOG_LOCAL0' }"
end
it 'configure br-pub bridge' do
should contain_vs_bridge('br-pub')
end
it 'configure eth1 in br-pub' do
should contain_vs_port('eth1').with(
:ensure => 'present',
:bridge => 'br-pub'
)
end
it 'configure provider external network' do
should contain_neutron_network('public').with(
:provider_network_type => 'flat',
:provider_physical_network => 'public',
:shared => true,
:router_external => true
)
end
end
end
context 'on Debian platforms' do

51
spec/classes/cloud_network_metadata_spec.rb
View File

@ -28,7 +28,11 @@ describe 'cloud::network::metadata' do
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['physnet1:br-eth1'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => false,
verbose => true,
debug => true,
use_syslog => true,
@ -70,18 +74,20 @@ describe 'cloud::network::metadata' do
should contain_class('neutron::agents::ovs').with(
:enable_tunneling => true,
:tunnel_types => ['gre'],
:bridge_mappings => ['physnet1:br-eth1'],
:bridge_mappings => ['public:br-pub'],
:local_ip => '10.0.1.1'
)
should contain_class('neutron::plugins::ml2').with(
:type_drivers => ['gre','vlan'],
:type_drivers => ['gre','vlan','flat'],
:tenant_network_types => ['gre'],
:mechanism_drivers => ['openvswitch','l2population'],
:tunnel_id_ranges => ['1:10000'],
:network_vlan_ranges => ['physnet1:1000:2999'],
:flat_networks => ['public'],
:enable_security_group => true,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
)
should_not contain__neutron_network('public')
end
it 'configure neutron metadata' do
@ -97,6 +103,45 @@ describe 'cloud::network::metadata' do
)
should contain_neutron_metadata_agent_config('DEFAULT/metadata_backlog').with(:value => '4096')
end
context 'when using provider external network' do
let :pre_condition do
"class { 'cloud::network':
rabbit_hosts => ['10.0.0.1'],
rabbit_password => 'secrete',
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => true,
verbose => true,
debug => true,
use_syslog => true,
dhcp_lease_duration => '10',
log_facility => 'LOG_LOCAL0' }"
end
it 'configure br-pub bridge' do
should contain_vs_bridge('br-pub')
end
it 'configure eth1 in br-pub' do
should contain_vs_port('eth1').with(
:ensure => 'present',
:bridge => 'br-pub'
)
end
it 'configure provider external network' do
should contain_neutron_network('public').with(
:provider_network_type => 'flat',
:provider_physical_network => 'public',
:shared => true,
:router_external => true
)
end
end
end
context 'on Debian platforms' do

51
spec/classes/cloud_network_vpn_spec.rb
View File

@ -28,7 +28,11 @@ describe 'cloud::network::vpn' do
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['physnet1:br-eth1'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => false,
verbose => true,
debug => true,
use_syslog => true,
@ -58,23 +62,64 @@ describe 'cloud::network::vpn' do
should contain_class('neutron::agents::ovs').with(
:enable_tunneling => true,
:tunnel_types => ['gre'],
:bridge_mappings => ['physnet1:br-eth1'],
:bridge_mappings => ['public:br-pub'],
:local_ip => '10.0.1.1'
)
should contain_class('neutron::plugins::ml2').with(
:type_drivers => ['gre','vlan'],
:type_drivers => ['gre','vlan','flat'],
:tenant_network_types => ['gre'],
:mechanism_drivers => ['openvswitch','l2population'],
:tunnel_id_ranges => ['1:10000'],
:network_vlan_ranges => ['physnet1:1000:2999'],
:flat_networks => ['public'],
:enable_security_group => true,
:firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver'
)
should_not contain__neutron_network('public')
end
it 'configure neutron vpnaas' do
should contain_class('neutron::agents::vpnaas')
end
context 'when using provider external network' do
let :pre_condition do
"class { 'cloud::network':
rabbit_hosts => ['10.0.0.1'],
rabbit_password => 'secrete',
tunnel_eth => '10.0.1.1',
api_eth => '10.0.0.1',
provider_vlan_ranges => ['physnet1:1000:2999'],
provider_bridge_mappings => ['public:br-pub'],
flat_networks => ['public'],
external_int => 'eth1',
external_bridge => 'br-pub',
manage_ext_network => true,
verbose => true,
debug => true,
use_syslog => true,
dhcp_lease_duration => '10',
log_facility => 'LOG_LOCAL0' }"
end
it 'configure br-pub bridge' do
should contain_vs_bridge('br-pub')
end
it 'configure eth1 in br-pub' do
should contain_vs_port('eth1').with(
:ensure => 'present',
:bridge => 'br-pub'
)
end
it 'configure provider external network' do
should contain_neutron_network('public').with(
:provider_network_type => 'flat',
:provider_physical_network => 'public',
:shared => true,
:router_external => true
)
end
end
end
context 'on Debian platforms' do