diff --git a/manifests/network.pp b/manifests/network.pp index be4dcf95..223d41ae 100644 --- a/manifests/network.pp +++ b/manifests/network.pp @@ -47,6 +47,25 @@ # (optionnal) Bridge mapping for provider networks # Defaults to ['physnet1:br-eth1'] # +# [*flat_networks*] +# (optionnal) List of physical_network names with which flat networks +# can be created. Use * to allow flat networks with arbitrary +# physical_network names. +# Should be an array. +# Default to ['public']. +# +# [*external_int*] +# (optionnal) Network interface to bind the external provider network +# Defaults to 'eth1'. +# +# [*external_bridge*] +# (optionnal) OVS bridge used to bind external provider network +# Defaults to 'br-pub'. +# +# [*manage_ext_network*] +# (optionnal) Manage or not external network with provider network API +# Defaults to false. +# # [*use_syslog*] # (optional) Use syslog for logging # Defaults to true @@ -68,10 +87,14 @@ class cloud::network( $tunnel_eth = '127.0.0.1', $api_eth = '127.0.0.1', $provider_vlan_ranges = ['physnet1:1000:2999'], - $provider_bridge_mappings = ['physnet1:br-eth1'], + $provider_bridge_mappings = ['public:br-pub'], $use_syslog = true, $log_facility = 'LOG_LOCAL0', - $dhcp_lease_duration = '120' + $dhcp_lease_duration = '120', + $flat_networks = ['public'], + $external_int = 'eth1', + $external_bridge = 'br-pub', + $manage_ext_network = false ) { # Disable twice logging if syslog is enabled @@ -112,10 +135,11 @@ class cloud::network( } class { 'neutron::plugins::ml2': - type_drivers => ['gre','vlan'], + type_drivers => ['gre','vlan','flat'], tenant_network_types => ['gre'], network_vlan_ranges => $provider_vlan_ranges, tunnel_id_ranges => ['1:10000'], + flat_networks => $flat_networks, mechanism_drivers => ['openvswitch','l2population'], enable_security_group => true, firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' @@ -144,4 +168,17 @@ class cloud::network( mode => '0755' } + if $manage_ext_network { + vs_port {$external_int: + ensure => present, + bridge => $external_bridge + } -> + neutron_network {'public': + provider_network_type => 'flat', + provider_physical_network => 'public', + shared => true, + router_external => true + } + } + } diff --git a/manifests/network/l3.pp b/manifests/network/l3.pp index 92a58506..ec63856f 100644 --- a/manifests/network/l3.pp +++ b/manifests/network/l3.pp @@ -17,21 +17,29 @@ # class cloud::network::l3( - $external_int = 'eth0', - $debug = true, + $external_int = 'eth1', + $ext_provider_net = false, + $debug = true, ) { include 'cloud::network' + if ! $ext_provider_net { + vs_bridge{'br-ex': + external_ids => 'bridge-id=br-ex', + } -> + vs_port{$external_int: + ensure => present, + bridge => 'br-ex' + } + $external_network_bridge_real = 'br-ex' + } else { + $external_network_bridge_real = '' + } + class { 'neutron::agents::l3': - debug => $debug, - } -> - vs_bridge{'br-ex': - external_ids => 'bridge-id=br-ex', - } -> - vs_port{$external_int: - ensure => present, - bridge => 'br-ex' + debug => $debug, + external_network_bridge => $external_network_bridge_real } class { 'neutron::agents::metering': diff --git a/spec/classes/cloud_compute_hypervisor_spec.rb b/spec/classes/cloud_compute_hypervisor_spec.rb index 5a6681c4..2afc9f28 100644 --- a/spec/classes/cloud_compute_hypervisor_spec.rb +++ b/spec/classes/cloud_compute_hypervisor_spec.rb @@ -59,10 +59,15 @@ describe 'cloud::compute::hypervisor' do tunnel_eth => '10.0.1.1', api_eth => '10.0.0.1', provider_vlan_ranges => ['physnet1:1000:2999'], - provider_bridge_mappings => ['physnet1:br-eth1'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => false, verbose => true, debug => true, use_syslog => true, + dhcp_lease_duration => '10', log_facility => 'LOG_LOCAL0' }" end @@ -147,17 +152,20 @@ describe 'cloud::compute::hypervisor' do should contain_class('neutron::agents::ovs').with( :enable_tunneling => true, :tunnel_types => ['gre'], - :bridge_mappings => ['physnet1:br-eth1'], + :bridge_mappings => ['public:br-pub'], :local_ip => '10.0.1.1' ) should contain_class('neutron::plugins::ml2').with( - :type_drivers => ['gre','vlan'], + :type_drivers => ['gre','vlan','flat'], :tenant_network_types => ['gre'], :mechanism_drivers => ['openvswitch','l2population'], :tunnel_id_ranges => ['1:10000'], :network_vlan_ranges => ['physnet1:1000:2999'], - :enable_security_group => true + :flat_networks => ['public'], + :enable_security_group => true, + :firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' ) + should_not contain__neutron_network('public') end it 'configure neutron on compute node' do @@ -381,6 +389,45 @@ describe 'cloud::compute::hypervisor' do end it_raises 'a Puppet::Error', /Red Hat does not support RBD backend for VMs./ end + + context 'when using provider external network' do + let :pre_condition do + "class { 'cloud::network': + rabbit_hosts => ['10.0.0.1'], + rabbit_password => 'secrete', + tunnel_eth => '10.0.1.1', + api_eth => '10.0.0.1', + provider_vlan_ranges => ['physnet1:1000:2999'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => true, + verbose => true, + debug => true, + use_syslog => true, + dhcp_lease_duration => '10', + log_facility => 'LOG_LOCAL0' }" + end + + it 'configure br-pub bridge' do + should contain_vs_bridge('br-pub') + end + it 'configure eth1 in br-pub' do + should contain_vs_port('eth1').with( + :ensure => 'present', + :bridge => 'br-pub' + ) + end + it 'configure provider external network' do + should contain_neutron_network('public').with( + :provider_network_type => 'flat', + :provider_physical_network => 'public', + :shared => true, + :router_external => true + ) + end + end end context 'on Debian platforms' do diff --git a/spec/classes/cloud_network_controller_spec.rb b/spec/classes/cloud_network_controller_spec.rb index 91d366af..b51f41db 100644 --- a/spec/classes/cloud_network_controller_spec.rb +++ b/spec/classes/cloud_network_controller_spec.rb @@ -28,7 +28,11 @@ describe 'cloud::network::controller' do tunnel_eth => '10.0.1.1', api_eth => '10.0.0.1', provider_vlan_ranges => ['physnet1:1000:2999'], - provider_bridge_mappings => ['physnet1:br-eth1'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => false, verbose => true, debug => true, use_syslog => true, @@ -74,18 +78,20 @@ describe 'cloud::network::controller' do should contain_class('neutron::agents::ovs').with( :enable_tunneling => true, :tunnel_types => ['gre'], - :bridge_mappings => ['physnet1:br-eth1'], + :bridge_mappings => ['public:br-pub'], :local_ip => '10.0.1.1' ) should contain_class('neutron::plugins::ml2').with( - :type_drivers => ['gre','vlan'], + :type_drivers => ['gre','vlan','flat'], :tenant_network_types => ['gre'], :mechanism_drivers => ['openvswitch','l2population'], :tunnel_id_ranges => ['1:10000'], :network_vlan_ranges => ['physnet1:1000:2999'], + :flat_networks => ['public'], :enable_security_group => true, :firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' ) + should_not contain__neutron_network('public') end it 'configure neutron server' do @@ -120,6 +126,44 @@ describe 'cloud::network::controller' do ) end + context 'when using provider external network' do + let :pre_condition do + "class { 'cloud::network': + rabbit_hosts => ['10.0.0.1'], + rabbit_password => 'secrete', + tunnel_eth => '10.0.1.1', + api_eth => '10.0.0.1', + provider_vlan_ranges => ['physnet1:1000:2999'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => true, + verbose => true, + debug => true, + use_syslog => true, + dhcp_lease_duration => '10', + log_facility => 'LOG_LOCAL0' }" + end + + it 'configure br-pub bridge' do + should contain_vs_bridge('br-pub') + end + it 'configure eth1 in br-pub' do + should contain_vs_port('eth1').with( + :ensure => 'present', + :bridge => 'br-pub' + ) + end + it 'configure provider external network' do + should contain_neutron_network('public').with( + :provider_network_type => 'flat', + :provider_physical_network => 'public', + :shared => true, + :router_external => true + ) + end + end end context 'on Debian platforms' do diff --git a/spec/classes/cloud_network_dhcp_spec.rb b/spec/classes/cloud_network_dhcp_spec.rb index 73b338cd..a2dccc6d 100644 --- a/spec/classes/cloud_network_dhcp_spec.rb +++ b/spec/classes/cloud_network_dhcp_spec.rb @@ -28,7 +28,11 @@ describe 'cloud::network::dhcp' do tunnel_eth => '10.0.1.1', api_eth => '10.0.0.1', provider_vlan_ranges => ['physnet1:1000:2999'], - provider_bridge_mappings => ['physnet1:br-eth1'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => false, verbose => true, debug => true, use_syslog => true, @@ -63,18 +67,20 @@ describe 'cloud::network::dhcp' do should contain_class('neutron::agents::ovs').with( :enable_tunneling => true, :tunnel_types => ['gre'], - :bridge_mappings => ['physnet1:br-eth1'], + :bridge_mappings => ['public:br-pub'], :local_ip => '10.0.1.1' ) should contain_class('neutron::plugins::ml2').with( - :type_drivers => ['gre','vlan'], + :type_drivers => ['gre','vlan','flat'], :tenant_network_types => ['gre'], :mechanism_drivers => ['openvswitch','l2population'], :tunnel_id_ranges => ['1:10000'], :network_vlan_ranges => ['physnet1:1000:2999'], + :flat_networks => ['public'], :enable_security_group => true, :firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' ) + should_not contain__neutron_network('public') end it 'configure neutron dhcp' do @@ -93,6 +99,45 @@ describe 'cloud::network::dhcp' do ) should contain_file('/etc/neutron/dnsmasq-neutron.conf').with_content(/^dhcp-option-force=26,1400$/) end + + context 'when using provider external network' do + let :pre_condition do + "class { 'cloud::network': + rabbit_hosts => ['10.0.0.1'], + rabbit_password => 'secrete', + tunnel_eth => '10.0.1.1', + api_eth => '10.0.0.1', + provider_vlan_ranges => ['physnet1:1000:2999'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => true, + verbose => true, + debug => true, + use_syslog => true, + dhcp_lease_duration => '10', + log_facility => 'LOG_LOCAL0' }" + end + + it 'configure br-pub bridge' do + should contain_vs_bridge('br-pub') + end + it 'configure eth1 in br-pub' do + should contain_vs_port('eth1').with( + :ensure => 'present', + :bridge => 'br-pub' + ) + end + it 'configure provider external network' do + should contain_neutron_network('public').with( + :provider_network_type => 'flat', + :provider_physical_network => 'public', + :shared => true, + :router_external => true + ) + end + end end shared_examples_for 'openstack network dhcp with custom nameserver' do diff --git a/spec/classes/cloud_network_l3_spec.rb b/spec/classes/cloud_network_l3_spec.rb index 880c704a..0cc074ee 100644 --- a/spec/classes/cloud_network_l3_spec.rb +++ b/spec/classes/cloud_network_l3_spec.rb @@ -28,7 +28,11 @@ describe 'cloud::network::l3' do tunnel_eth => '10.0.1.1', api_eth => '10.0.0.1', provider_vlan_ranges => ['physnet1:1000:2999'], - provider_bridge_mappings => ['physnet1:br-eth1'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => false, verbose => true, debug => true, use_syslog => true, @@ -63,31 +67,93 @@ describe 'cloud::network::l3' do should contain_class('neutron::agents::ovs').with( :enable_tunneling => true, :tunnel_types => ['gre'], - :bridge_mappings => ['physnet1:br-eth1'], + :bridge_mappings => ['public:br-pub'], :local_ip => '10.0.1.1' ) should contain_class('neutron::plugins::ml2').with( - :type_drivers => ['gre','vlan'], + :type_drivers => ['gre','vlan','flat'], :tenant_network_types => ['gre'], :mechanism_drivers => ['openvswitch','l2population'], :tunnel_id_ranges => ['1:10000'], :network_vlan_ranges => ['physnet1:1000:2999'], + :flat_networks => ['public'], :enable_security_group => true, :firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' ) + should_not contain__neutron_network('public') end it 'configure neutron l3' do should contain_class('neutron::agents::l3').with( - :debug => true + :debug => true, + :external_network_bridge => 'br-ex' ) end + it 'configure br-ex bridge' do + should_not contain__vs_bridge('br-ex') + end it 'configure neutron metering agent' do should contain_class('neutron::agents::metering').with( :debug => true ) end + + context 'when using provider external network' do + let :pre_condition do + "class { 'cloud::network': + rabbit_hosts => ['10.0.0.1'], + rabbit_password => 'secrete', + tunnel_eth => '10.0.1.1', + api_eth => '10.0.0.1', + provider_vlan_ranges => ['physnet1:1000:2999'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => true, + verbose => true, + debug => true, + use_syslog => true, + dhcp_lease_duration => '10', + log_facility => 'LOG_LOCAL0' }" + end + + before do + params.merge!( + :ext_provider_net => true, + ) + end + + it 'configure neutron l3 without br-ex' do + should contain_class('neutron::agents::l3').with( + :debug => true, + :external_network_bridge => '' + ) + end + + it 'do not configure br-ex bridge' do + should_not contain_vs_bridge('br-ex') + end + + it 'configure br-pub bridge' do + should contain_vs_bridge('br-pub') + end + it 'configure eth1 in br-pub' do + should contain_vs_port('eth1').with( + :ensure => 'present', + :bridge => 'br-pub' + ) + end + it 'configure provider external network' do + should contain_neutron_network('public').with( + :provider_network_type => 'flat', + :provider_physical_network => 'public', + :shared => true, + :router_external => true + ) + end + end end context 'on Debian platforms' do diff --git a/spec/classes/cloud_network_lbaas_spec.rb b/spec/classes/cloud_network_lbaas_spec.rb index ef3779a5..402ffc9a 100644 --- a/spec/classes/cloud_network_lbaas_spec.rb +++ b/spec/classes/cloud_network_lbaas_spec.rb @@ -28,7 +28,11 @@ describe 'cloud::network::lbaas' do tunnel_eth => '10.0.1.1', api_eth => '10.0.0.1', provider_vlan_ranges => ['physnet1:1000:2999'], - provider_bridge_mappings => ['physnet1:br-eth1'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => false, verbose => true, debug => true, use_syslog => true, @@ -63,18 +67,20 @@ describe 'cloud::network::lbaas' do should contain_class('neutron::agents::ovs').with( :enable_tunneling => true, :tunnel_types => ['gre'], - :bridge_mappings => ['physnet1:br-eth1'], + :bridge_mappings => ['public:br-pub'], :local_ip => '10.0.1.1' ) should contain_class('neutron::plugins::ml2').with( - :type_drivers => ['gre','vlan'], + :type_drivers => ['gre','vlan','flat'], :tenant_network_types => ['gre'], :mechanism_drivers => ['openvswitch','l2population'], :tunnel_id_ranges => ['1:10000'], :network_vlan_ranges => ['physnet1:1000:2999'], + :flat_networks => ['public'], :enable_security_group => true, :firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' ) + should_not contain__neutron_network('public') end it 'configure neutron lbaas' do @@ -109,6 +115,44 @@ describe 'cloud::network::lbaas' do end end + context 'when using provider external network' do + let :pre_condition do + "class { 'cloud::network': + rabbit_hosts => ['10.0.0.1'], + rabbit_password => 'secrete', + tunnel_eth => '10.0.1.1', + api_eth => '10.0.0.1', + provider_vlan_ranges => ['physnet1:1000:2999'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => true, + verbose => true, + debug => true, + use_syslog => true, + dhcp_lease_duration => '10', + log_facility => 'LOG_LOCAL0' }" + end + + it 'configure br-pub bridge' do + should contain_vs_bridge('br-pub') + end + it 'configure eth1 in br-pub' do + should contain_vs_port('eth1').with( + :ensure => 'present', + :bridge => 'br-pub' + ) + end + it 'configure provider external network' do + should contain_neutron_network('public').with( + :provider_network_type => 'flat', + :provider_physical_network => 'public', + :shared => true, + :router_external => true + ) + end + end end context 'on Debian platforms' do diff --git a/spec/classes/cloud_network_metadata_spec.rb b/spec/classes/cloud_network_metadata_spec.rb index adcde3f3..12cc48bb 100644 --- a/spec/classes/cloud_network_metadata_spec.rb +++ b/spec/classes/cloud_network_metadata_spec.rb @@ -28,7 +28,11 @@ describe 'cloud::network::metadata' do tunnel_eth => '10.0.1.1', api_eth => '10.0.0.1', provider_vlan_ranges => ['physnet1:1000:2999'], - provider_bridge_mappings => ['physnet1:br-eth1'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => false, verbose => true, debug => true, use_syslog => true, @@ -70,18 +74,20 @@ describe 'cloud::network::metadata' do should contain_class('neutron::agents::ovs').with( :enable_tunneling => true, :tunnel_types => ['gre'], - :bridge_mappings => ['physnet1:br-eth1'], + :bridge_mappings => ['public:br-pub'], :local_ip => '10.0.1.1' ) should contain_class('neutron::plugins::ml2').with( - :type_drivers => ['gre','vlan'], + :type_drivers => ['gre','vlan','flat'], :tenant_network_types => ['gre'], :mechanism_drivers => ['openvswitch','l2population'], :tunnel_id_ranges => ['1:10000'], :network_vlan_ranges => ['physnet1:1000:2999'], + :flat_networks => ['public'], :enable_security_group => true, :firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' ) + should_not contain__neutron_network('public') end it 'configure neutron metadata' do @@ -97,6 +103,45 @@ describe 'cloud::network::metadata' do ) should contain_neutron_metadata_agent_config('DEFAULT/metadata_backlog').with(:value => '4096') end + + context 'when using provider external network' do + let :pre_condition do + "class { 'cloud::network': + rabbit_hosts => ['10.0.0.1'], + rabbit_password => 'secrete', + tunnel_eth => '10.0.1.1', + api_eth => '10.0.0.1', + provider_vlan_ranges => ['physnet1:1000:2999'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => true, + verbose => true, + debug => true, + use_syslog => true, + dhcp_lease_duration => '10', + log_facility => 'LOG_LOCAL0' }" + end + + it 'configure br-pub bridge' do + should contain_vs_bridge('br-pub') + end + it 'configure eth1 in br-pub' do + should contain_vs_port('eth1').with( + :ensure => 'present', + :bridge => 'br-pub' + ) + end + it 'configure provider external network' do + should contain_neutron_network('public').with( + :provider_network_type => 'flat', + :provider_physical_network => 'public', + :shared => true, + :router_external => true + ) + end + end end context 'on Debian platforms' do diff --git a/spec/classes/cloud_network_vpn_spec.rb b/spec/classes/cloud_network_vpn_spec.rb index 43e5b702..f2b10a40 100644 --- a/spec/classes/cloud_network_vpn_spec.rb +++ b/spec/classes/cloud_network_vpn_spec.rb @@ -28,7 +28,11 @@ describe 'cloud::network::vpn' do tunnel_eth => '10.0.1.1', api_eth => '10.0.0.1', provider_vlan_ranges => ['physnet1:1000:2999'], - provider_bridge_mappings => ['physnet1:br-eth1'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => false, verbose => true, debug => true, use_syslog => true, @@ -58,23 +62,64 @@ describe 'cloud::network::vpn' do should contain_class('neutron::agents::ovs').with( :enable_tunneling => true, :tunnel_types => ['gre'], - :bridge_mappings => ['physnet1:br-eth1'], + :bridge_mappings => ['public:br-pub'], :local_ip => '10.0.1.1' ) should contain_class('neutron::plugins::ml2').with( - :type_drivers => ['gre','vlan'], + :type_drivers => ['gre','vlan','flat'], :tenant_network_types => ['gre'], :mechanism_drivers => ['openvswitch','l2population'], :tunnel_id_ranges => ['1:10000'], :network_vlan_ranges => ['physnet1:1000:2999'], + :flat_networks => ['public'], :enable_security_group => true, :firewall_driver => 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' ) + should_not contain__neutron_network('public') end it 'configure neutron vpnaas' do should contain_class('neutron::agents::vpnaas') end + + context 'when using provider external network' do + let :pre_condition do + "class { 'cloud::network': + rabbit_hosts => ['10.0.0.1'], + rabbit_password => 'secrete', + tunnel_eth => '10.0.1.1', + api_eth => '10.0.0.1', + provider_vlan_ranges => ['physnet1:1000:2999'], + provider_bridge_mappings => ['public:br-pub'], + flat_networks => ['public'], + external_int => 'eth1', + external_bridge => 'br-pub', + manage_ext_network => true, + verbose => true, + debug => true, + use_syslog => true, + dhcp_lease_duration => '10', + log_facility => 'LOG_LOCAL0' }" + end + + it 'configure br-pub bridge' do + should contain_vs_bridge('br-pub') + end + it 'configure eth1 in br-pub' do + should contain_vs_port('eth1').with( + :ensure => 'present', + :bridge => 'br-pub' + ) + end + it 'configure provider external network' do + should contain_neutron_network('public').with( + :provider_network_type => 'flat', + :provider_physical_network => 'public', + :shared => true, + :router_external => true + ) + end + end end context 'on Debian platforms' do