initial commit of working cookbook-openstack-network
Change-Id: Ib9fd63532becac6738db19f8de81885a5e04025a
This commit is contained in:
parent
ee4275d2e5
commit
e31a3c4eab
|
@ -0,0 +1,10 @@
|
|||
Berksfile.lock
|
||||
validation.pem
|
||||
metadata.json
|
||||
*~
|
||||
.bundle/
|
||||
cookbooks/
|
||||
.cookbooks
|
||||
.vagrant
|
||||
*.swp
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
site :opscode
|
||||
|
||||
cookbook 'openstack-network', :path => '.'
|
||||
cookbook 'apt', :git => 'https://github.com/opscode-cookbooks/apt.git'
|
||||
cookbook 'openstack-identity', :git => 'https://github.com/stackforge/cookbook-openstack-identity.git'
|
||||
cookbook 'openstack-common', :git => 'https://github.com/att-cloud/cookbook-openstack-common.git'
|
||||
cookbook 'database'
|
||||
cookbook 'mysql'
|
|
@ -0,0 +1,11 @@
|
|||
# A sample Gemfile
|
||||
source "https://rubygems.org"
|
||||
|
||||
gem "chef", "~> 11.4.4"
|
||||
gem "json", "<= 1.7.7" # chef dependency
|
||||
gem "berkshelf", "~> 1.4.5"
|
||||
gem "chefspec", "~> 1.2.0"
|
||||
gem "foodcritic"
|
||||
gem "strainer"
|
||||
gem "webmock", "~> 1.11.0"
|
||||
|
|
@ -0,0 +1,203 @@
|
|||
GEM
|
||||
remote: https://rubygems.org/
|
||||
specs:
|
||||
activesupport (3.2.13)
|
||||
i18n (= 0.6.1)
|
||||
multi_json (~> 1.0)
|
||||
addressable (2.3.4)
|
||||
akami (1.2.0)
|
||||
gyoku (>= 0.4.0)
|
||||
nokogiri (>= 1.4.0)
|
||||
berkshelf (1.4.6)
|
||||
activesupport (>= 3.2.0)
|
||||
addressable
|
||||
celluloid (>= 0.14.0)
|
||||
chozo (>= 0.6.1)
|
||||
faraday (>= 0.8.5)
|
||||
hashie (>= 2.0.2)
|
||||
json (>= 1.5.0)
|
||||
minitar
|
||||
mixlib-config (~> 1.1)
|
||||
mixlib-shellout (~> 1.1)
|
||||
multi_json (~> 1.5)
|
||||
retryable
|
||||
ridley (~> 0.12.4)
|
||||
solve (>= 0.4.2)
|
||||
thor (~> 0.18.0)
|
||||
yajl-ruby
|
||||
builder (3.2.2)
|
||||
celluloid (0.14.1)
|
||||
timers (>= 1.0.0)
|
||||
chef (11.4.4)
|
||||
erubis
|
||||
highline (>= 1.6.9)
|
||||
json (>= 1.4.4, <= 1.7.7)
|
||||
mixlib-authentication (>= 1.3.0)
|
||||
mixlib-cli (~> 1.3.0)
|
||||
mixlib-config (>= 1.1.2)
|
||||
mixlib-log (>= 1.3.0)
|
||||
mixlib-shellout
|
||||
net-ssh (~> 2.6)
|
||||
net-ssh-multi (~> 1.1.0)
|
||||
ohai (>= 0.6.0)
|
||||
rest-client (>= 1.0.4, < 1.7.0)
|
||||
yajl-ruby (~> 1.1)
|
||||
chefspec (1.2.0)
|
||||
chef (>= 10.0)
|
||||
erubis
|
||||
fauxhai (>= 0.1.1, < 2.0)
|
||||
minitest-chef-handler (>= 0.6.0)
|
||||
rspec (~> 2.0)
|
||||
chozo (0.6.1)
|
||||
activesupport (>= 3.2.0)
|
||||
hashie (>= 2.0.2)
|
||||
multi_json (>= 1.3.0)
|
||||
ci_reporter (1.8.4)
|
||||
builder (>= 2.1.2)
|
||||
crack (0.4.0)
|
||||
safe_yaml (~> 0.9.0)
|
||||
diff-lcs (1.2.4)
|
||||
erubis (2.7.0)
|
||||
faraday (0.8.7)
|
||||
multipart-post (~> 1.1)
|
||||
fauxhai (1.1.1)
|
||||
httparty
|
||||
net-ssh
|
||||
ohai
|
||||
ffi (1.9.0)
|
||||
foodcritic (2.1.0)
|
||||
erubis
|
||||
gherkin (~> 2.11.7)
|
||||
nokogiri (~> 1.5.4)
|
||||
rak (~> 1.4)
|
||||
treetop (~> 1.4.10)
|
||||
yajl-ruby (~> 1.1.0)
|
||||
gherkin (2.11.8)
|
||||
multi_json (~> 1.3)
|
||||
gssapi (1.0.3)
|
||||
ffi (>= 1.0.1)
|
||||
gyoku (1.0.0)
|
||||
builder (>= 2.1.2)
|
||||
hashie (2.0.5)
|
||||
highline (1.6.19)
|
||||
httparty (0.11.0)
|
||||
multi_json (~> 1.0)
|
||||
multi_xml (>= 0.5.2)
|
||||
httpclient (2.2.0.2)
|
||||
httpi (0.9.7)
|
||||
rack
|
||||
i18n (0.6.1)
|
||||
ipaddress (0.8.0)
|
||||
json (1.7.7)
|
||||
little-plugger (1.1.3)
|
||||
logging (1.6.2)
|
||||
little-plugger (>= 1.1.3)
|
||||
mime-types (1.23)
|
||||
minitar (0.5.4)
|
||||
minitest (4.7.4)
|
||||
minitest-chef-handler (1.0.1)
|
||||
chef
|
||||
ci_reporter
|
||||
minitest (~> 4.7.3)
|
||||
mixlib-authentication (1.3.0)
|
||||
mixlib-log
|
||||
mixlib-cli (1.3.0)
|
||||
mixlib-config (1.1.2)
|
||||
mixlib-log (1.6.0)
|
||||
mixlib-shellout (1.1.0)
|
||||
multi_json (1.7.7)
|
||||
multi_xml (0.5.4)
|
||||
multipart-post (1.2.0)
|
||||
net-http-persistent (2.8)
|
||||
net-ssh (2.6.7)
|
||||
net-ssh-gateway (1.2.0)
|
||||
net-ssh (>= 2.6.5)
|
||||
net-ssh-multi (1.1)
|
||||
net-ssh (>= 2.1.4)
|
||||
net-ssh-gateway (>= 0.99.0)
|
||||
nokogiri (1.5.10)
|
||||
nori (1.1.5)
|
||||
ohai (6.16.0)
|
||||
ipaddress
|
||||
mixlib-cli
|
||||
mixlib-config
|
||||
mixlib-log
|
||||
mixlib-shellout
|
||||
systemu
|
||||
yajl-ruby
|
||||
polyglot (0.3.3)
|
||||
rack (1.5.2)
|
||||
rak (1.4)
|
||||
rest-client (1.6.7)
|
||||
mime-types (>= 1.16)
|
||||
retryable (1.3.3)
|
||||
ridley (0.12.4)
|
||||
addressable
|
||||
celluloid (~> 0.14.0)
|
||||
chozo (>= 0.6.0)
|
||||
erubis
|
||||
faraday (>= 0.8.4)
|
||||
hashie (>= 2.0.2)
|
||||
mixlib-authentication (>= 1.3.0)
|
||||
mixlib-config (>= 1.1.0)
|
||||
mixlib-log (>= 1.3.0)
|
||||
mixlib-shellout (>= 1.1.0)
|
||||
net-http-persistent (>= 2.8)
|
||||
net-ssh
|
||||
retryable
|
||||
solve (>= 0.4.4)
|
||||
winrm (~> 1.1.0)
|
||||
rspec (2.13.0)
|
||||
rspec-core (~> 2.13.0)
|
||||
rspec-expectations (~> 2.13.0)
|
||||
rspec-mocks (~> 2.13.0)
|
||||
rspec-core (2.13.1)
|
||||
rspec-expectations (2.13.0)
|
||||
diff-lcs (>= 1.1.3, < 2.0)
|
||||
rspec-mocks (2.13.1)
|
||||
rubyntlm (0.1.1)
|
||||
safe_yaml (0.9.3)
|
||||
savon (0.9.5)
|
||||
akami (~> 1.0)
|
||||
builder (>= 2.1.2)
|
||||
gyoku (>= 0.4.0)
|
||||
httpi (~> 0.9)
|
||||
nokogiri (>= 1.4.0)
|
||||
nori (~> 1.0)
|
||||
wasabi (~> 1.0)
|
||||
solve (0.5.0)
|
||||
strainer (2.1.0)
|
||||
berkshelf (~> 1.3)
|
||||
systemu (2.5.2)
|
||||
thor (0.18.1)
|
||||
timers (1.1.0)
|
||||
treetop (1.4.14)
|
||||
polyglot
|
||||
polyglot (>= 0.3.1)
|
||||
uuidtools (2.1.4)
|
||||
wasabi (1.0.0)
|
||||
nokogiri (>= 1.4.0)
|
||||
webmock (1.11.0)
|
||||
addressable (>= 2.2.7)
|
||||
crack (>= 0.3.2)
|
||||
winrm (1.1.2)
|
||||
gssapi (~> 1.0.0)
|
||||
httpclient (~> 2.2.0.2)
|
||||
logging (~> 1.6.1)
|
||||
nokogiri (~> 1.5.0)
|
||||
rubyntlm (~> 0.1.1)
|
||||
savon (= 0.9.5)
|
||||
uuidtools (~> 2.1.2)
|
||||
yajl-ruby (1.1.0)
|
||||
|
||||
PLATFORMS
|
||||
ruby
|
||||
|
||||
DEPENDENCIES
|
||||
berkshelf (~> 1.4.5)
|
||||
chef (~> 11.4.4)
|
||||
chefspec (~> 1.2.0)
|
||||
foodcritic
|
||||
json (<= 1.7.7)
|
||||
strainer
|
||||
webmock (~> 1.11.0)
|
85
README.md
85
README.md
|
@ -1,37 +1,93 @@
|
|||
Description
|
||||
===========
|
||||
|
||||
Installs the OpenStack Network service **Quantum** as part of the OpenStack reference deployment Chef for OpenStack. The http://github.com/mattray/chef-openstack-repo contains documentation for using this cookbook in the context of a full OpenStack deployment. Quantum is currently installed from packages.
|
||||
This cookbook installs the **OpenStack Network** service (formerly project-named Quantum)
|
||||
as part of a Chef reference deployment of OpenStack.
|
||||
|
||||
https://wiki.openstack.org/wiki/Quantum
|
||||
|
||||
Requirements
|
||||
============
|
||||
|
||||
Cookbooks
|
||||
---------
|
||||
More information about the OpenStack Network service is available
|
||||
[here](http://docs.openstack.org/trunk/openstack-network/admin/content/index.html)
|
||||
|
||||
Usage
|
||||
=====
|
||||
|
||||
OpenStack Network's design is modular, with plugins available that handle L2 and
|
||||
L3 networking for various hardware vendors and standards.
|
||||
|
||||
Requirements
|
||||
============
|
||||
|
||||
* Chef 11.4.4 or higher required (for Chef environment use)
|
||||
* [Network Addr](https://gist.github.com/jtimberman/1040543) Ohai plugin.
|
||||
|
||||
Platform
|
||||
--------
|
||||
|
||||
* Ubuntu-12.04+
|
||||
* Fedora-17+
|
||||
|
||||
Cookbooks
|
||||
---------
|
||||
|
||||
The following cookbooks are dependencies:
|
||||
|
||||
* database
|
||||
* identity
|
||||
* mysql
|
||||
* openstack-common `>= 2.0.0`
|
||||
|
||||
Recipes
|
||||
=======
|
||||
|
||||
server
|
||||
------
|
||||
|
||||
- Installs the openstack-network API server
|
||||
|
||||
dhcp\_agent
|
||||
--------
|
||||
|
||||
- Installs the DHCP agent
|
||||
|
||||
l3\_agent
|
||||
--------
|
||||
|
||||
- Installs the L3 agent and metadata agent
|
||||
|
||||
keystone-registration
|
||||
---------------------
|
||||
|
||||
- Registers the OpenStack Network API endpoint and service user with Keystone
|
||||
|
||||
db
|
||||
--
|
||||
|
||||
- Creates the OpenStack Network database
|
||||
|
||||
Attributes
|
||||
==========
|
||||
|
||||
Testing
|
||||
=====
|
||||
TODO
|
||||
|
||||
This cookbook is using [ChefSpec](https://github.com/acrmp/chefspec) for testing. Run the following before commiting. It will run your tests, and check for lint errors.
|
||||
Templates
|
||||
=========
|
||||
|
||||
$ ./run_tests.bash
|
||||
* `api-paste.ini.erb` - Paste config for OpenStack Network server
|
||||
* `quantum.conf.erb` - Config file for OpenStack Network server
|
||||
* `policy.json.erb` - Configuration of ACLs for glance API server
|
||||
|
||||
License and Author
|
||||
==================
|
||||
|
||||
License and Author
|
||||
==================
|
||||
|
||||
| | |
|
||||
|:---------------------|:---------------------------------------------------|
|
||||
| **Author** | Matt Ray (<matt@opscode.com>) |
|
||||
| **Authors** | Alan Meadows (<alan.meadows@gmail.com>) |
|
||||
| | Jay Pipes (<jaypipes@gmail.com>) |
|
||||
| | |
|
||||
| **Copyright** | Copyright (c) 2013, Opscode, Inc. |
|
||||
| **Copyright** | Copyright (c) 2013, AT&T Services, Inc. |
|
||||
| | Copyright (c) 2012, Rackspace US, Inc. |
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
|
@ -44,3 +100,4 @@ distributed under the License is distributed on an "AS IS" BASIS,
|
|||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and⋅
|
||||
limitations under the License.
|
||||
|
||||
|
|
|
@ -0,0 +1,617 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Attributes:: default
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# Set to some text value if you want templated config files
|
||||
# to contain a custom banner at the top of the written file
|
||||
default["openstack"]["network"]["custom_template_banner"] = "
|
||||
# This file autogenerated by Chef
|
||||
# Do not edit, changes will be overwritten
|
||||
"
|
||||
|
||||
default["openstack"]["network"]["verbose"] = "False"
|
||||
default["openstack"]["network"]["debug"] = "False"
|
||||
|
||||
default["openstack"]["network"]["user"] = "quantum"
|
||||
default["openstack"]["network"]["group"] = "quantum"
|
||||
|
||||
# Gets set in the Network Endpoint when registering with Keystone
|
||||
default["openstack"]["network"]["region"] = "RegionOne"
|
||||
|
||||
# The name of the Chef role that knows about the message queue server
|
||||
# that Quantum uses
|
||||
default["openstack"]["network"]["rabbit_server_chef_role"] = "rabbitmq-server"
|
||||
default["openstack"]["network"]["rabbit"]["username"] = "rabbit"
|
||||
default["openstack"]["network"]["rabbit"]["vhost"] = "/nova"
|
||||
|
||||
|
||||
default["openstack"]["network"]["db"]["username"] = "quantum"
|
||||
|
||||
# Used in the Keystone authtoken middleware configuration
|
||||
default["openstack"]["network"]["service_tenant_name"] = "service"
|
||||
default["openstack"]["network"]["service_user"] = "quantum"
|
||||
# Keystone PKI signing directory.
|
||||
default["openstack"]["network"]["api"]["auth"]["cache_dir"] = "/var/cache/quantum/api"
|
||||
|
||||
# If set, Quantum API service will bind to the address on this interface,
|
||||
# otherwise it will bind to the API endpoint's host.
|
||||
default["openstack"]["network"]["api"]["bind_interface"] = nil
|
||||
|
||||
# logging attribute
|
||||
default["openstack"]["network"]["syslog"]["use"] = false
|
||||
default["openstack"]["network"]["syslog"]["facility"] = "LOG_LOCAL2"
|
||||
default["openstack"]["network"]["syslog"]["config_facility"] = "local2"
|
||||
|
||||
# the plugins to install on the server. this will be
|
||||
# quantum-plugin-%plugin% and the first plugin in the
|
||||
# list should match the core plugin below
|
||||
default["openstack"]["network"]["plugins"] = ['openvswitch', 'openvswitch-agent' ]
|
||||
|
||||
# the core plugin to use for quantum
|
||||
default["openstack"]["network"]["core_plugin"] = "quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2"
|
||||
|
||||
# The bridging interface driver.
|
||||
#
|
||||
# Options are:
|
||||
#
|
||||
# - quantum.agent.linux.interface.OVSInterfaceDriver
|
||||
# - quantum.agent.linux.interface.BridgeInterfaceDriver
|
||||
#
|
||||
|
||||
default["openstack"]["network"]["interface_driver"] = 'quantum.agent.linux.interface.OVSInterfaceDriver'
|
||||
|
||||
# The agent can use other DHCP drivers. Dnsmasq is the simplest and requires
|
||||
# no additional setup of the DHCP server.
|
||||
default["openstack"]["network"]["dhcp_driver"] = 'quantum.agent.linux.dhcp.Dnsmasq'
|
||||
|
||||
# Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and
|
||||
# iproute2 package that supports namespaces).
|
||||
default["openstack"]["network"]["use_namespaces"] = "True"
|
||||
|
||||
# ============================= DHCP Agent Configuration ===================
|
||||
|
||||
# Number of seconds between sync of DHCP agent with Quantum API server
|
||||
default["openstack"]["network"]["dhcp"]["resync_interval"] = 5
|
||||
|
||||
# OVS based plugins(Ryu, NEC, NVP, BigSwitch/Floodlight) that use OVS
|
||||
# as OpenFlow switch and check port status
|
||||
default["openstack"]["network"]["dhcp"]["ovs_use_veth"] = "True"
|
||||
|
||||
# The DHCP server can assist with providing metadata support on isolated
|
||||
# networks. Setting this value to True will cause the DHCP server to append
|
||||
# specific host routes to the DHCP request. The metadata service will only
|
||||
# be activated when the subnet gateway_ip is None. The guest instance must
|
||||
# be configured to request host routes via DHCP (Option 121).
|
||||
default["openstack"]["network"]["dhcp"]["enable_isolated_metadata"] = "False"
|
||||
|
||||
# Allows for serving metadata requests coming from a dedicated metadata
|
||||
# access network whose cidr is 169.254.169.254/16 (or larger prefix), and
|
||||
# is connected to a Quantum router from which the VMs send metadata
|
||||
# request. In this case DHCP Option 121 will not be injected in VMs, as
|
||||
# they will be able to reach 169.254.169.254 through a router.
|
||||
# This option requires enable_isolated_metadata = True
|
||||
default["openstack"]["network"]["dhcp"]["enable_metadata_network"] = "False"
|
||||
|
||||
# ============================= L3 Agent Configuration =====================
|
||||
|
||||
# If use_namespaces is set as False then the agent can only configure one router.
|
||||
# This is done by setting the specific router_id.
|
||||
default["openstack"]["network"]["l3"]["router_id"] = ""
|
||||
|
||||
# Each L3 agent can be associated with at most one external network. This
|
||||
# value should be set to the UUID of that external network. If empty,
|
||||
# the agent will enforce that only a single external networks exists and
|
||||
# use that external network id
|
||||
default["openstack"]["network"]["l3"]["gateway_external_network_id"] = ""
|
||||
|
||||
# Indicates that this L3 agent should also handle routers that do not have
|
||||
# an external network gateway configured. This option should be True only
|
||||
# for a single agent in a Quantum deployment, and may be False for all agents
|
||||
# if all routers must have an external network gateway
|
||||
default["openstack"]["network"]["l3"]["handle_internal_only_routers"] = "True"
|
||||
|
||||
# Name of bridge used for external network traffic. This should be set to
|
||||
# empty value for the linux bridge
|
||||
default["openstack"]["network"]["l3"]["external_network_bridge"] = "br-ex"
|
||||
|
||||
# Interface to use for external bridge.
|
||||
default["openstack"]["network"]["l3"]["external_network_bridge_interface"] = "eth1"
|
||||
|
||||
# TCP Port used by Quantum metadata server
|
||||
default["openstack"]["network"]["l3"]["metadata_port"] = 9697
|
||||
|
||||
# Send this many gratuitous ARPs for HA setup. Set it below or equal to 0
|
||||
# to disable this feature.
|
||||
default["openstack"]["network"]["l3"]["send_arp_for_ha"] = 3
|
||||
|
||||
# seconds between re-sync routers' data if needed
|
||||
default["openstack"]["network"]["l3"]["periodic_interval"] = 40
|
||||
|
||||
# seconds to start to sync routers' data after
|
||||
# starting agent
|
||||
default["openstack"]["network"]["l3"]["periodic_fuzzy_delay"] = 5
|
||||
|
||||
# ============================= Metadata Agent Configuration ===============
|
||||
|
||||
# The location of the Nova Metadata API service to proxy to.
|
||||
default["openstack"]["network"]["metadata"]["nova_metadata_ip"] = "127.0.0.1"
|
||||
|
||||
# ============================= LBaaS Agent Configuration ==================
|
||||
|
||||
# Number of seconds between sync of LBaaS agent with Quantum API server
|
||||
default["openstack"]["network"]["lbaas"]["periodic_interval"] = 10
|
||||
|
||||
# ============================= OVS Plugin Configuration ===================
|
||||
|
||||
# Type of network to allocate for tenant networks. The default value 'local' is
|
||||
# useful only for single-box testing and provides no connectivity between hosts.
|
||||
# You MUST either change this to 'vlan' and configure network_vlan_ranges below
|
||||
# or change this to 'gre' and configure tunnel_id_ranges below in order for tenant
|
||||
# networks to provide connectivity between hosts. Set to 'none' to disable creation
|
||||
# of tenant networks.
|
||||
default["openstack"]["network"]["openvswitch"]["tenant_network_type"] = 'local'
|
||||
|
||||
# Comma-separated list of <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating
|
||||
# ranges of VLAN IDs on named physical networks that are available for allocation.
|
||||
# All physical networks listed are available for flat and VLAN provider network
|
||||
# creation. Specified ranges of VLAN IDs are available for tenant network
|
||||
# allocation if tenant_network_type is 'vlan'. If empty, only gre and local
|
||||
# networks may be created.
|
||||
#
|
||||
# Example: network_vlan_ranges = physnet1:1000:2999
|
||||
default["openstack"]["network"]["openvswitch"]["network_vlan_ranges"] = ""
|
||||
|
||||
# Set to True in the server and the agents to enable support
|
||||
# for GRE networks. Requires kernel support for OVS patch ports and
|
||||
# GRE tunneling.
|
||||
default["openstack"]["network"]["openvswitch"]["enable_tunneling"] = "False"
|
||||
|
||||
# Comma-separated list of <tun_min>:<tun_max> tuples
|
||||
# enumerating ranges of GRE tunnel IDs that are available for tenant
|
||||
# network allocation if tenant_network_type is 'gre'.
|
||||
#
|
||||
# Example: tunnel_id_ranges = 1:1000
|
||||
default["openstack"]["network"]["openvswitch"]["tunnel_id_ranges"] = ""
|
||||
|
||||
# Do not change this parameter unless you have a good reason to.
|
||||
# This is the name of the OVS integration bridge. There is one per hypervisor.
|
||||
# The integration bridge acts as a virtual "patch bay". All VM VIFs are
|
||||
# attached to this bridge and then "patched" according to their network
|
||||
# connectivity.
|
||||
default["openstack"]["network"]["openvswitch"]["integration_bridge"] = "br-int"
|
||||
|
||||
# Only used for the agent if tunnel_id_ranges (above) is not empty for
|
||||
# the server. In most cases, the default value should be fine
|
||||
default["openstack"]["network"]["openvswitch"]["tunnel_bridge"] = "br-tun"
|
||||
|
||||
# Peer patch port in integration bridge for tunnel bridge
|
||||
default["openstack"]["network"]["openvswitch"]["int_peer_patch_port"] = "patch-tun"
|
||||
|
||||
# Peer patch port in tunnel bridge for integration bridge
|
||||
default["openstack"]["network"]["openvswitch"]["tun_peer_patch_port"] = "patch-int"
|
||||
|
||||
# Uncomment this line for the agent if tunnel_id_ranges (above) is not
|
||||
# empty for the server. Set local-ip to be the local IP address of
|
||||
# this hypervisor
|
||||
default["openstack"]["network"]["openvswitch"]["local_ip"] = ""
|
||||
|
||||
# Comma-separated list of <physical_network>:<bridge> tuples
|
||||
# mapping physical network names to the agent's node-specific OVS
|
||||
# bridge names to be used for flat and VLAN networks. The length of
|
||||
# bridge names should be no more than 11. Each bridge must
|
||||
# exist, and should have a physical network interface configured as a
|
||||
# port. All physical networks listed in network_vlan_ranges on the
|
||||
# server should have mappings to appropriate bridges on each agent.
|
||||
#
|
||||
# Example: bridge_mappings = physnet1:br-eth1
|
||||
default["openstack"]["network"]["openvswitch"]["bridge_mappings"] = ""
|
||||
|
||||
# ============================= LinuxBridge Plugin Configuration ===========
|
||||
|
||||
# Type of network to allocate for tenant networks. The
|
||||
# default value 'local' is useful only for single-box testing and
|
||||
# provides no connectivity between hosts. You MUST change this to
|
||||
# 'vlan' and configure network_vlan_ranges below in order for tenant
|
||||
# networks to provide connectivity between hosts. Set to 'none' to
|
||||
# disable creation of tenant networks.
|
||||
default["openstack"]["network"]["linuxbridge"]["tenant_network_type"] = 'local'
|
||||
|
||||
# Comma-separated list of <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating
|
||||
# ranges of VLAN IDs on named physical networks that are available for allocation.
|
||||
# All physical networks listed are available for flat and VLAN provider network
|
||||
# creation. Specified ranges of VLAN IDs are available for tenant network
|
||||
# allocation if tenant_network_type is 'vlan'. If empty, only gre and local
|
||||
# networks may be created.
|
||||
#
|
||||
# Example: network_vlan_ranges = physnet1:1000:2999
|
||||
default["openstack"]["network"]["linuxbridge"]["network_vlan_ranges"] = ""
|
||||
|
||||
# (ListOpt) Comma-separated list of
|
||||
# <physical_network>:<physical_interface> tuples mapping physical
|
||||
# network names to the agent's node-specific physical network
|
||||
# interfaces to be used for flat and VLAN networks. All physical
|
||||
# networks listed in network_vlan_ranges on the server should have
|
||||
# mappings to appropriate interfaces on each agent.
|
||||
#
|
||||
# Example: physical_interface_mappings = physnet1:eth1
|
||||
default["openstack"]["network"]["linuxbridge"]["physical_interface_mappings"] = ""
|
||||
|
||||
# ============================= BigSwitch Plugin Configuration =============
|
||||
|
||||
# Not really sure what this is...
|
||||
default["openstack"]["network"]["bigswitch"]["servers"] = "localhost:8080"
|
||||
|
||||
# ============================= Brocade Plugin Configuration ===============
|
||||
|
||||
# username = <mgmt admin username>
|
||||
default["openstack"]["network"]["brocade"]["switch_username"] = "admin"
|
||||
|
||||
# password = <mgmt admin password>
|
||||
default["openstack"]["network"]["brocade"]["switch_password"] = "admin"
|
||||
|
||||
# address = <switch mgmt ip address>
|
||||
default["openstack"]["network"]["brocade"]["switch_address"] = "127.0.0.1"
|
||||
|
||||
# ostype = NOS
|
||||
default["openstack"]["network"]["brocade"]["switch_ostype"] = "NOS"
|
||||
|
||||
# physical_interface = <physical network name>
|
||||
#
|
||||
# Example:
|
||||
# physical_interface = physnet1
|
||||
default["openstack"]["network"]["brocade"]["physical_interface"] = "physnet1"
|
||||
|
||||
# (ListOpt) Comma-separated list of
|
||||
# <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating ranges
|
||||
# of VLAN IDs on named physical networks that are available for
|
||||
# allocation. All physical networks listed are available for flat and
|
||||
# VLAN provider network creation.
|
||||
#
|
||||
# Default: network_vlan_ranges =
|
||||
# Example: network_vlan_ranges = physnet1:1000:2999
|
||||
default["openstack"]["network"]["brocade"]["network_vlan_ranges"] = ""
|
||||
|
||||
# (ListOpt) Comma-separated list of
|
||||
# <physical_network>:<physical_interface> tuples mapping physical
|
||||
# network names to the agent's node-specific physical network
|
||||
# interfaces to be used for flat and VLAN networks. All physical
|
||||
# networks listed in network_vlan_ranges on the server should have
|
||||
# mappings to appropriate interfaces on each agent.
|
||||
#
|
||||
# Example: physical_interface_mappings = physnet1:eth1
|
||||
default["openstack"]["network"]["brocade"]["physical_interface_mappings"] = ""
|
||||
|
||||
# ============================= Cisco Plugin Configuration =================
|
||||
|
||||
# The module and class name path for the nexus plugin
|
||||
default["openstack"]["network"]["cisco"]["nexus_plugin"] = "quantum.plugins.cisco.nexus.cisco_nexus_plugin_v2.NexusPlugin"
|
||||
|
||||
# The module and class name path for the vswitch plugin
|
||||
default["openstack"]["network"]["cisco"]["vswitch_plugin"] = "quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2"
|
||||
|
||||
# Start of the tenant VLAN range
|
||||
default["openstack"]["network"]["cisco"]["vlan_start"] = 100
|
||||
|
||||
# End of the tenant VLAN range
|
||||
default["openstack"]["network"]["cisco"]["vlan_end"] = 3000
|
||||
|
||||
# Prefix for tenant VLANs
|
||||
default["openstack"]["network"]["cisco"]["vlan_name_prefix"] = "q-"
|
||||
|
||||
# Maximum number of ports
|
||||
default["openstack"]["network"]["cisco"]["max_ports"] = 100
|
||||
# Max number of port profiles
|
||||
default["openstack"]["network"]["cisco"]["max_port_profiles"] = 65568
|
||||
|
||||
# Maximum number of networks
|
||||
default["openstack"]["network"]["cisco"]["max_networks"] = 65568
|
||||
|
||||
# Module and class path for switch model
|
||||
default["openstack"]["network"]["cisco"]["model_class"] = "quantum.plugins.cisco.models.virt_phy_sw_v2.VirtualPhysicalSwitchModelV2"
|
||||
|
||||
# Module and class path for VLAN network manager
|
||||
default["openstack"]["network"]["cisco"]["manager_class"] = "quantum.plugins.cisco.segmentation.l2network_vlan_mgr_v2.L2NetworkVLANMgr"
|
||||
|
||||
# Module and class path for the Nexus driver
|
||||
default["openstack"]["network"]["cisco"]["nexus_driver"] = "quantum.plugins.cisco.tests.unit.v2.nexus.fake_nexus_driver.CiscoNEXUSFakeDriver"
|
||||
|
||||
# For each Nexus switch, add a hash to the
|
||||
# node["openstack"]["network"]["cisco"]["nexus_switches"] Hash,
|
||||
# using the switch's IP address as the outer Hash key with each
|
||||
# hash containing this information:
|
||||
#
|
||||
# - ssh_port=<ssh port>
|
||||
# - username=<credential username>
|
||||
# - password=<credential password>
|
||||
# - hosts = [ (<hostname>,<port>), ... ]
|
||||
#
|
||||
# Example:
|
||||
#
|
||||
# node["openstack"]["network"]["cisco"]["nexus_switches"]["1.1.1.1"]["ssh_port"] = 22
|
||||
# node["openstack"]["network"]["cisco"]["nexus_switches"]["1.1.1.1"]["username"] = "admin"
|
||||
# node["openstack"]["network"]["cisco"]["nexus_switches"]["1.1.1.1"]["password"] = "mySecretPassword"
|
||||
# node["openstack"]["network"]["cisco"]["nexus_switches"]["1.1.1.1"]["hosts"] = [ [ "compute1", "1/1" ],
|
||||
# [ "compute2", "1/2" ]]
|
||||
#
|
||||
#
|
||||
# will write the following to the Cisco plugin config INI file:
|
||||
# [NEXUS_SWITCH:1.1.1.1]
|
||||
# compute1=1/1
|
||||
# compute2=1/2
|
||||
# ssh_port=22
|
||||
# username=admin
|
||||
# password=mySecretPassword
|
||||
#
|
||||
default["openstack"]["network"]["cisco"]["nexus_switches"] = {}
|
||||
|
||||
# ============================= Hyper-V Plugin Configuration ===============
|
||||
|
||||
# Type of network to allocate for tenant networks. The
|
||||
# default value 'local' is useful only for single-box testing and
|
||||
# provides no connectivity between hosts. You MUST change this to
|
||||
# 'vlan' and configure network_vlan_ranges below in order for tenant
|
||||
# networks to provide connectivity between hosts. Set to 'none' to
|
||||
# disable creation of tenant networks.
|
||||
default["openstack"]["network"]["hyperv"]["tenant_network_type"] = 'local'
|
||||
|
||||
# Comma-separated list of <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating
|
||||
# ranges of VLAN IDs on named physical networks that are available for allocation.
|
||||
# All physical networks listed are available for flat and VLAN provider network
|
||||
# creation. Specified ranges of VLAN IDs are available for tenant network
|
||||
# allocation if tenant_network_type is 'vlan'. If empty, only gre and local
|
||||
# networks may be created.
|
||||
#
|
||||
# Example: network_vlan_ranges = physnet1:1000:2999
|
||||
default["openstack"]["network"]["hyperv"]["network_vlan_ranges"] = ""
|
||||
|
||||
# Agent's polling interval in seconds
|
||||
default["openstack"]["network"]["hyperv"]["polling_interval"] = 2
|
||||
|
||||
# (ListOpt) Comma separated list of <physical_network>:<vswitch>
|
||||
# where the physical networks can be expressed with wildcards,
|
||||
# e.g.: ."*:external".
|
||||
# The referred external virtual switches need to be already present on
|
||||
# the Hyper-V server.
|
||||
# If a given physical network name will not match any value in the list
|
||||
# the plugin will look for a virtual switch with the same name.
|
||||
#
|
||||
# Default: physical_network_vswitch_mappings = *:external
|
||||
# Example: physical_network_vswitch_mappings = net1:external1,net2:external2
|
||||
default["openstack"]["network"]["hyperv"]["physical_network_vswitch_mappings"] = "*:external"
|
||||
|
||||
# (StrOpt) Private virtual switch name used for local networking.
|
||||
#
|
||||
# Default: local_network_vswitch = private
|
||||
# Example: local_network_vswitch = custom_vswitch
|
||||
default["openstack"]["network"]["hyperv"]["local_network_vswitch"] = "private"
|
||||
|
||||
# ============================= Metaplugin Plugin Configuration ============
|
||||
|
||||
## This is list of flavor:quantum_plugins
|
||||
# extension method is used in the order of this list
|
||||
default["openstack"]["network"]["metaplugin"]["plugin_list"] = "openvswitch:quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2,linuxbridge:quantum.plugins.linuxbridge.lb_quantum_plugin.LinuxBridgePluginV2"
|
||||
default["openstack"]["network"]["metaplugin"]["l3_plugin_list"] = "openvswitch:quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2,linuxbridge:quantum.plugins.linuxbridge.lb_quantum_plugin.LinuxBridgePluginV2"
|
||||
|
||||
# Default "flavor" for L2 and L3
|
||||
default["openstack"]["network"]["metaplugin"]["default_flavor"] = "openvswitch"
|
||||
default["openstack"]["network"]["metaplugin"]["default_l3_flavor"] = "openvswitch"
|
||||
|
||||
# ============================= Midonet Plugin Configuration ===============
|
||||
|
||||
# MidoNet API server URI
|
||||
default["openstack"]["network"]["midonet"]["midonet_uri"] = "http://localhost:8080/midonet-api"
|
||||
|
||||
# MidoNet admin username
|
||||
default["openstack"]["network"]["midonet"]["username"] = "admin"
|
||||
|
||||
# MidoNet admin password
|
||||
default["openstack"]["network"]["midonet"]["password"] = "passw0rd"
|
||||
|
||||
# ID of the project that MidoNet admin user belongs to
|
||||
default["openstack"]["network"]["midonet"]["project_id"] = "77777777-7777-7777-7777-777777777777"
|
||||
|
||||
# Virtual provider router ID
|
||||
default["openstack"]["network"]["midonet"]["provider_router_id"] = "00112233-0011-0011-0011-001122334455"
|
||||
|
||||
# Virtual metadata router ID
|
||||
default["openstack"]["network"]["midonet"]["metadata_router_id"] = "ffeeddcc-ffee-ffee-ffee-ffeeddccbbaa"
|
||||
|
||||
# ============================= NEC Plugin Configuration ===================
|
||||
|
||||
# Do not change this parameter unless you have a good reason to.
|
||||
# This is the name of the OVS integration bridge. There is one per hypervisor.
|
||||
# The integration bridge acts as a virtual "patch port". All VM VIFs are
|
||||
# attached to this bridge and then "patched" according to their network
|
||||
# connectivity.
|
||||
default["openstack"]["network"]["nec"]["integration_bridge"] = "br-int"
|
||||
|
||||
# Agent's polling interval in seconds
|
||||
default["openstack"]["network"]["nec"]["polling_interval"] = 2
|
||||
|
||||
# Firewall driver for realizing quantum security group function
|
||||
default["openstack"]["network"]["nec"]["firewall_driver"] = "quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver"
|
||||
|
||||
# Specify OpenFlow Controller Host, Port and Driver to connect.
|
||||
default["openstack"]["network"]["nec"]["ofc_host"] = "127.0.0.1"
|
||||
default["openstack"]["network"]["nec"]["ofc_port"] = 8888
|
||||
|
||||
# Drivers are in quantum/plugins/nec/drivers/ .
|
||||
default["openstack"]["network"]["nec"]["ofc_driver"] = "trema"
|
||||
|
||||
# PacketFilter is available when it's enabled in this configuration
|
||||
# and supported by the driver.
|
||||
default["openstack"]["network"]["nec"]["ofc_enable_packet_filter"] = "true"
|
||||
|
||||
# ============================= Nicira Plugin Configuration ================
|
||||
|
||||
# User name for NVP controller
|
||||
default["openstack"]["network"]["nicira"]["nvp_user"] = "admin"
|
||||
|
||||
# Password for NVP controller
|
||||
default["openstack"]["network"]["nicira"]["nvp_password"] = "admin"
|
||||
|
||||
# Total time limit for a cluster request
|
||||
# (including retries across different controllers)
|
||||
default["openstack"]["network"]["nicira"]["req_timeout"] = 30
|
||||
|
||||
# Time before aborting a request on an unresponsive controller
|
||||
default["openstack"]["network"]["nicira"]["http_timeout"] = 10
|
||||
|
||||
# Maximum number of times a particular request should be retried
|
||||
default["openstack"]["network"]["nicira"]["retries"] = 2
|
||||
|
||||
# Maximum number of times a redirect response should be followed
|
||||
default["openstack"]["network"]["nicira"]["redirects"] = 2
|
||||
|
||||
# Comma-separated list of NVP controller endpoints (<ip>:<port>). When port
|
||||
# is omitted, 443 is assumed. This option MUST be specified, e.g.:
|
||||
default["openstack"]["network"]["nicira"]["nvp_controllers"] = "xx.yy.zz.ww:443, aa.bb.cc.dd, ee.ff.gg.hh.ee:80"
|
||||
|
||||
# UUID of the pre-existing default NVP Transport zone to be used for creating
|
||||
# tunneled isolated "Quantum" networks. This option MUST be specified, e.g.:
|
||||
default["openstack"]["network"]["nicira"]["default_tz_uuid"] = "1e8e52cf-fa7f-46b0-a14a-f99835a9cb53"
|
||||
|
||||
# (Optional) UUID of the cluster in NVP. It can be retrieved from NVP management
|
||||
# console "admin" section.
|
||||
default["openstack"]["network"]["nicira"]["nvp_cluster_uuid"] = "615be8e4-82e9-4fd2-b4b3-fd141e51a5a7"
|
||||
|
||||
# (Optional) UUID for the default l3 gateway service to use with this cluster.
|
||||
# To be specified if planning to use logical routers with external gateways.
|
||||
default["openstack"]["network"]["nicira"]["default_l3_gw_service_uuid"] = ""
|
||||
|
||||
# (Optional) UUID for the default l2 gateway service to use with this cluster.
|
||||
# To be specified for providing a predefined gateway tenant for connecting their networks.
|
||||
default["openstack"]["network"]["nicira"]["default_l2_gw_service_uuid"] = ""
|
||||
|
||||
# Name of the default interface name to be used on network-gateway. This value
|
||||
# will be used for any device associated with a network gateway for which an
|
||||
# interface name was not specified
|
||||
default["openstack"]["network"]["nicira"]["default_iface_name"] = "breth0"
|
||||
|
||||
# number of network gateways allowed per tenant, -1 means unlimited
|
||||
default["openstack"]["network"]["nicira"]["quota_network_gateway"] = 5
|
||||
|
||||
# Maximum number of ports for each bridged logical switch
|
||||
default["openstack"]["network"]["nicira"]["max_lp_per_bridged_ls"] = 64
|
||||
|
||||
# Maximum number of ports for each overlay (stt, gre) logical switch
|
||||
default["openstack"]["network"]["nicira"]["max_lp_per_overlay_ls"] = 256
|
||||
|
||||
# Number of connects to each controller node.
|
||||
default["openstack"]["network"]["nicira"]["concurrent_connections"] = 3
|
||||
|
||||
# Acceptable values for 'metadata_mode' are:
|
||||
# - 'access_network': this enables a dedicated connection to the metadata
|
||||
# proxy for metadata server access via Quantum router.
|
||||
# - 'dhcp_host_route': this enables host route injection via the dhcp agent.
|
||||
# This option is only useful if running on a host that does not support
|
||||
# namespaces otherwise access_network should be used.
|
||||
default["openstack"]["network"]["nicira"]["metadata_mode"] = "access_network"
|
||||
|
||||
# ============================= PLUMGrid Plugin Configuration ==============
|
||||
|
||||
# This line should be pointing to the NOS server,
|
||||
# for the PLUMgrid platform. In other deployments,
|
||||
# this is known as controller
|
||||
default["openstack"]["network"]["plumgrid"]["nos_server"] = "127.0.0.1"
|
||||
default["openstack"]["network"]["plumgrid"]["nos_server_port"] = "<nos-port>"
|
||||
|
||||
# Authentification parameters for the NOS server.
|
||||
# These are the admin credentials to manage and control
|
||||
# the NOS server.
|
||||
default["openstack"]["network"]["plumgrid"]["username"] = "<nos-admin-username>"
|
||||
default["openstack"]["network"]["plumgrid"]["password"] = "<nos-admin-password>"
|
||||
default["openstack"]["network"]["plumgrid"]["servertimeout"] = 5
|
||||
|
||||
# Name of the network topology to be deployed by NOS
|
||||
default["openstack"]["network"]["plumgrid"]["topologyname"] = "<nos-topology-name>"
|
||||
|
||||
# ============================= Ryu Plugin Configuration ===================
|
||||
|
||||
# Do not change this parameter unless you have a good reason to.
|
||||
# This is the name of the OVS integration bridge. There is one per hypervisor.
|
||||
# The integration bridge acts as a virtual "patch port". All VM VIFs are
|
||||
# attached to this bridge and then "patched" according to their network
|
||||
# connectivity.
|
||||
default["openstack"]["network"]["ryu"]["integration_bridge"] = "br-int"
|
||||
|
||||
# openflow_rest_api = <host IP address of ofp rest api service>:<port: 8080>
|
||||
default["openstack"]["network"]["ryu"]["openflow_rest_api"] = "127.0.0.1:8080"
|
||||
|
||||
# tunnel key range: 0 < tunnel_key_min < tunnel_key_max
|
||||
# VLAN: 12bits, GRE, VXLAN: 24bits
|
||||
default["openstack"]["network"]["ryu"]["tunnel_key_min"] = 1
|
||||
default["openstack"]["network"]["ryu"]["tunnel_key_max"] = "0xffffff"
|
||||
|
||||
# tunnel_ip = <ip address for tunneling>
|
||||
# tunnel_interface = interface for tunneling
|
||||
# when tunnel_ip is NOT specified, ip address is read
|
||||
# from this interface
|
||||
default["openstack"]["network"]["ryu"]["tunnel_ip"] = ""
|
||||
default["openstack"]["network"]["ryu"]["tunnel_interface"] = "eth0"
|
||||
|
||||
# ovsdb_port = port number on which ovsdb is listening
|
||||
# ryu-agent uses this parameter to setup ovsdb.
|
||||
# ovs-vsctl set-manager ptcp:<ovsdb_port>
|
||||
# See set-manager section of man ovs-vsctl for details.
|
||||
# currently ptcp is only supported.
|
||||
# ovsdb_ip = <host IP address on which ovsdb is listening>
|
||||
# ovsdb_interface = interface for ovsdb
|
||||
# when ovsdb_addr NOT specifiied, ip address is gotten
|
||||
# from this interface
|
||||
default["openstack"]["network"]["ryu"]["ovsdb_port"] = 6634
|
||||
default["openstack"]["network"]["ryu"]["ovsdb_ip"] = ""
|
||||
default["openstack"]["network"]["ryu"]["ovsdb_interface"] = "eth0"
|
||||
|
||||
# Firewall driver for realizing quantum security group function
|
||||
default["openstack"]["network"]["ryu"]["firewall_driver"] = "quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver"
|
||||
|
||||
# Agent's polling interval in seconds
|
||||
default["openstack"]["network"]["ryu"]["polling_interval"] = 2
|
||||
|
||||
# platform-specific settings
|
||||
case platform
|
||||
when "fedora", "redhat", "centos" # :pragma-foodcritic: ~FC024 - won't fix this
|
||||
default["openstack"]["network"]["platform"] = {
|
||||
"mysql_python_packages" => [ "MySQL-python" ],
|
||||
"nova_network_packages" => [ "openstack-nova-network" ],
|
||||
"quantum_packages" => [ "openstack-quantum" ],
|
||||
"quantum_dhcp_packages" => [ "openstack-quantum" ],
|
||||
"quantum_l3_packages" => [ "quantum-l3-agent" ],
|
||||
"quantum_plugin_package" => "openstack-quantum-%plugin%",
|
||||
"quantum_server_service" => "quantum-server",
|
||||
"quantum_dhcp_agent_service" => "quantum-dhcp-agent",
|
||||
"quantum_l3_agent_service" => "quantum-l3-agent",
|
||||
"package_overrides" => ""
|
||||
}
|
||||
when "ubuntu"
|
||||
default["openstack"]["network"]["platform"] = {
|
||||
"mysql_python_packages" => [ "python-mysqldb" ],
|
||||
"nova_network_packages" => [ "nova-network" ],
|
||||
"quantum_packages" => [ "quantum-server", "python-quantumclient", "python-pyparsing", "python-cliff" ],
|
||||
"quantum_dhcp_packages" => [ "quantum-dhcp-agent" ],
|
||||
"quantum_l3_packages" => [ "quantum-l3-agent" ],
|
||||
"quantum_plugin_package" => "quantum-plugin-%plugin%",
|
||||
"quantum_openvswitch_packages" => [ "openvswitch-switch", "openvswitch-datapath-dkms", "bridge-utils" ],
|
||||
"quantum_openvswitch_service" => "openvswitch-switch",
|
||||
"quantum_server_service" => "quantum-server",
|
||||
"quantum_dhcp_agent_service" => "quantum-dhcp-agent",
|
||||
"quantum_l3_agent_service" => "quantum-l3-agent",
|
||||
"package_overrides" => "-o Dpkg::Options::='--force-confold' -o Dpkg::Options::='--force-confdef'"
|
||||
}
|
||||
end
|
|
@ -0,0 +1,14 @@
|
|||
# quantum-rootwrap command filters for nodes on which quantum is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# This is needed because we should ping
|
||||
# from inside a namespace which requires root
|
||||
ping: RegExpFilter, /bin/ping, root, ping, -w, \d+, -c, \d+, [0-9\.]+
|
||||
ping6: RegExpFilter, /bin/ping6, root, ping6, -w, \d+, -c, \d+, [0-9A-Fa-f:]+
|
|
@ -0,0 +1,40 @@
|
|||
# quantum-rootwrap command filters for nodes on which quantum is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# dhcp-agent
|
||||
ip_exec_dnsmasq: DnsmasqNetnsFilter, /sbin/ip, root
|
||||
dnsmasq: DnsmasqFilter, /sbin/dnsmasq, root
|
||||
dnsmasq_usr: DnsmasqFilter, /usr/sbin/dnsmasq, root
|
||||
# dhcp-agent uses kill as well, that's handled by the generic KillFilter
|
||||
# it looks like these are the only signals needed, per
|
||||
# quantum/agent/linux/dhcp.py
|
||||
kill_dnsmasq: KillFilter, root, /sbin/dnsmasq, -9, -HUP
|
||||
kill_dnsmasq_usr: KillFilter, root, /usr/sbin/dnsmasq, -9, -HUP
|
||||
|
||||
# dhcp-agent uses cat
|
||||
cat: RegExpFilter, /bin/cat, root, cat, /proc/\d+/cmdline
|
||||
ovs-vsctl: CommandFilter, /bin/ovs-vsctl, root
|
||||
ovs-vsctl_usr: CommandFilter, /usr/bin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin: CommandFilter, /sbin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin_usr: CommandFilter, /usr/sbin/ovs-vsctl, root
|
||||
|
||||
# metadata proxy
|
||||
metadata_proxy: CommandFilter, /usr/bin/quantum-ns-metadata-proxy, root
|
||||
# If installed from source (say, by devstack), the prefix will be
|
||||
# /usr/local instead of /usr/bin.
|
||||
metadata_proxy_local: CommandFilter, /usr/local/bin/quantum-ns-metadata-proxy, root
|
||||
kill_metadata7: KillFilter, root, /usr/bin/python2.7, -9
|
||||
kill_metadata6: KillFilter, root, /usr/bin/python2.6, -9
|
||||
|
||||
# ip_lib
|
||||
ip: IpFilter, /sbin/ip, root
|
||||
ip_usr: IpFilter, /usr/sbin/ip, root
|
||||
ip_exec: IpNetnsExecFilter, /sbin/ip, root
|
||||
ip_exec_usr: IpNetnsExecFilter, /usr/sbin/ip, root
|
|
@ -0,0 +1,21 @@
|
|||
# quantum-rootwrap command filters for nodes on which quantum is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# quantum/agent/linux/iptables_manager.py
|
||||
# "iptables-save", ...
|
||||
iptables-save: CommandFilter, /sbin/iptables-save, root
|
||||
iptables-restore: CommandFilter, /sbin/iptables-restore, root
|
||||
ip6tables-save: CommandFilter, /sbin/ip6tables-save, root
|
||||
ip6tables-restore: CommandFilter, /sbin/ip6tables-restore, root
|
||||
|
||||
# quantum/agent/linux/iptables_manager.py
|
||||
# "iptables", "-A", ...
|
||||
iptables: CommandFilter, /sbin/iptables, root
|
||||
ip6tables: CommandFilter, /sbin/ip6tables, root
|
|
@ -0,0 +1,43 @@
|
|||
# quantum-rootwrap command filters for nodes on which quantum is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# arping
|
||||
arping: CommandFilter, /usr/bin/arping, root
|
||||
arping_sbin: CommandFilter, /sbin/arping, root
|
||||
|
||||
# l3_agent
|
||||
sysctl: CommandFilter, /sbin/sysctl, root
|
||||
route: CommandFilter, /sbin/route, root
|
||||
|
||||
# metadata proxy
|
||||
metadata_proxy: CommandFilter, /usr/bin/quantum-ns-metadata-proxy, root
|
||||
# If installed from source (say, by devstack), the prefix will be
|
||||
# /usr/local instead of /usr/bin.
|
||||
metadata_proxy_local: CommandFilter, /usr/local/bin/quantum-ns-metadata-proxy, root
|
||||
kill_metadata7: KillFilter, root, /usr/bin/python2.7, -9
|
||||
kill_metadata6: KillFilter, root, /usr/bin/python2.6, -9
|
||||
|
||||
# ip_lib
|
||||
ip: IpFilter, /sbin/ip, root
|
||||
ip_usr: IpFilter, /usr/sbin/ip, root
|
||||
ip_exec: IpNetnsExecFilter, /sbin/ip, root
|
||||
ip_exec_usr: IpNetnsExecFilter, /usr/sbin/ip, root
|
||||
|
||||
# ovs_lib (if OVSInterfaceDriver is used)
|
||||
ovs-vsctl: CommandFilter, /bin/ovs-vsctl, root
|
||||
ovs-vsctl_usr: CommandFilter, /usr/bin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin: CommandFilter, /sbin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin_usr: CommandFilter, /usr/sbin/ovs-vsctl, root
|
||||
|
||||
# iptables_manager
|
||||
iptables-save: CommandFilter, /sbin/iptables-save, root
|
||||
iptables-restore: CommandFilter, /sbin/iptables-restore, root
|
||||
ip6tables-save: CommandFilter, /sbin/ip6tables-save, root
|
||||
ip6tables-restore: CommandFilter, /sbin/ip6tables-restore, root
|
|
@ -0,0 +1,29 @@
|
|||
# quantum-rootwrap command filters for nodes on which quantum is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# haproxy
|
||||
haproxy: CommandFilter, /usr/sbin/haproxy, root
|
||||
|
||||
# lbaas-agent uses kill as well, that's handled by the generic KillFilter
|
||||
kill_haproxy_usr: KillFilter, root, /usr/sbin/haproxy, -9, -HUP
|
||||
|
||||
# lbaas-agent uses cat
|
||||
cat: RegExpFilter, /bin/cat, root, cat, /proc/\d+/cmdline
|
||||
|
||||
ovs-vsctl: CommandFilter, /bin/ovs-vsctl, root
|
||||
ovs-vsctl_usr: CommandFilter, /usr/bin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin: CommandFilter, /sbin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin_usr: CommandFilter, /usr/sbin/ovs-vsctl, root
|
||||
|
||||
# ip_lib
|
||||
ip: IpFilter, /sbin/ip, root
|
||||
ip_usr: IpFilter, /usr/sbin/ip, root
|
||||
ip_exec: IpNetnsExecFilter, /sbin/ip, root
|
||||
ip_exec_usr: IpNetnsExecFilter, /usr/sbin/ip, root
|
|
@ -0,0 +1,21 @@
|
|||
# quantum-rootwrap command filters for nodes on which quantum is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# linuxbridge-agent
|
||||
# unclear whether both variants are necessary, but I'm transliterating
|
||||
# from the old mechanism
|
||||
brctl: CommandFilter, /sbin/brctl, root
|
||||
brctl_usr: CommandFilter, /usr/sbin/brctl, root
|
||||
|
||||
# ip_lib
|
||||
ip: IpFilter, /sbin/ip, root
|
||||
ip_usr: IpFilter, /usr/sbin/ip, root
|
||||
ip_exec: IpNetnsExecFilter, /sbin/ip, root
|
||||
ip_exec_usr: IpNetnsExecFilter, /usr/sbin/ip, root
|
|
@ -0,0 +1,15 @@
|
|||
# quantum-rootwrap command filters for nodes on which quantum is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# nec_quantum_agent
|
||||
ovs-vsctl: CommandFilter, /bin/ovs-vsctl, root
|
||||
ovs-vsctl_usr: CommandFilter, /usr/bin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin: CommandFilter, /sbin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin_usr: CommandFilter, /usr/sbin/ovs-vsctl, root
|
|
@ -0,0 +1,29 @@
|
|||
# quantum-rootwrap command filters for nodes on which quantum is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# openvswitch-agent
|
||||
# unclear whether both variants are necessary, but I'm transliterating
|
||||
# from the old mechanism
|
||||
ovs-vsctl: CommandFilter, /bin/ovs-vsctl, root
|
||||
ovs-vsctl_usr: CommandFilter, /usr/bin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin: CommandFilter, /sbin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin_usr: CommandFilter, /usr/sbin/ovs-vsctl, root
|
||||
ovs-ofctl: CommandFilter, /bin/ovs-ofctl, root
|
||||
ovs-ofctl_usr: CommandFilter, /usr/bin/ovs-ofctl, root
|
||||
ovs-ofctl_sbin: CommandFilter, /sbin/ovs-ofctl, root
|
||||
ovs-ofctl_sbin_usr: CommandFilter, /usr/sbin/ovs-ofctl, root
|
||||
xe: CommandFilter, /sbin/xe, root
|
||||
xe_usr: CommandFilter, /usr/sbin/xe, root
|
||||
|
||||
# ip_lib
|
||||
ip: IpFilter, /sbin/ip, root
|
||||
ip_usr: IpFilter, /usr/sbin/ip, root
|
||||
ip_exec: IpNetnsExecFilter, /sbin/ip, root
|
||||
ip_exec_usr: IpNetnsExecFilter, /usr/sbin/ip, root
|
|
@ -0,0 +1,25 @@
|
|||
# quantum-rootwrap command filters for nodes on which quantum is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# ryu-agent
|
||||
# unclear whether both variants are necessary, but I'm transliterating
|
||||
# from the old mechanism
|
||||
|
||||
# quantum/plugins/ryu/agent/ryu_quantum_agent.py:
|
||||
# "ovs-vsctl", "--timeout=2", ...
|
||||
ovs-vsctl: CommandFilter, /bin/ovs-vsctl, root
|
||||
ovs-vsctl_usr: CommandFilter, /usr/bin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin: CommandFilter, /sbin/ovs-vsctl, root
|
||||
ovs-vsctl_sbin_usr: CommandFilter, /usr/sbin/ovs-vsctl, root
|
||||
|
||||
# quantum/plugins/ryu/agent/ryu_quantum_agent.py:
|
||||
# "xe", "vif-param-get", ...
|
||||
xe: CommandFilter, /bin/xe, root
|
||||
xe_usr: CommandFilter, /usr/bin/xe, root
|
|
@ -0,0 +1,18 @@
|
|||
name "openstack-network"
|
||||
maintainer "Jay Pipes <jaypipes@gmail.com>"
|
||||
license "Apache 2.0"
|
||||
description "Installs and configures the OpenStack Network API Service and various agents and plugins"
|
||||
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
||||
version "7.0.0"
|
||||
recipe "openstack-network::server", "Installs packages required for a OpenStack Network server"
|
||||
recipe "openstack-network::db", "Creates the OpenStack Network database"
|
||||
recipe "openstack-network::keystone_registration", "Registers OpenStack Network endpoints and service user with Keystone"
|
||||
|
||||
%w{ ubuntu fedora redhat centos }.each do |os|
|
||||
supports os
|
||||
end
|
||||
|
||||
depends "database"
|
||||
depends "openstack-identity", "~> 7.0"
|
||||
depends "mysql"
|
||||
depends "openstack-common", "~> 0.2.0"
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: bigswitch
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/quantum/plugins/bigswitch/restproxy.ini" do
|
||||
source "plugins/bigswitch/restproxy.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: brocade
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/quantum/plugins/brocade/brocade.ini" do
|
||||
source "plugins/brocade/brocade.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: cisco
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/quantum/plugins/cisco/cisco_plugins.ini" do
|
||||
source "plugins/cisco/cisco_plugins.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,32 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: db
|
||||
#
|
||||
# Copyright 2012, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# This recipe should be placed in the run_list of the node that
|
||||
# runs the database server that houses the Nova main database
|
||||
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
end
|
||||
|
||||
db_pass = db_password "quantum"
|
||||
|
||||
db_create_with_user("network",
|
||||
node["openstack"]["network"]["db"]["username"],
|
||||
db_pass
|
||||
)
|
|
@ -0,0 +1,68 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: dhcp_agent
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# This will copy recursively all the files in
|
||||
# /files/default/etc/quantum/rootwrap.d
|
||||
remote_directory "/etc/quantum/rootwrap.d" do
|
||||
files_owner node["openstack"]["network"]["user"]
|
||||
files_group node["openstack"]["network"]["group"]
|
||||
files_mode 00700
|
||||
end
|
||||
|
||||
directory "/etc/quantum/plugins" do
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00700
|
||||
end
|
||||
|
||||
platform_options["quantum_dhcp_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :install
|
||||
end
|
||||
end
|
||||
|
||||
service "quantum-dhcp-agent" do
|
||||
service_name platform_options["quantum_dhcp_agent_service"]
|
||||
supports :status => true, :restart => true
|
||||
|
||||
action :enable
|
||||
end
|
||||
|
||||
# Some plugins have DHCP functionality, so we install the plugin
|
||||
# Python package and include the plugin-specific recipe here...
|
||||
main_plugin = node["openstack"]["network"]["interface_driver"].split('.').last.downcase
|
||||
|
||||
package platform_options["quantum_plugin_package"].gsub("%plugin%", main_plugin) do
|
||||
action :install
|
||||
end
|
||||
|
||||
include_recipe "openstack-network::#{main_plugin}"
|
||||
|
||||
execute "quantum-dhcp-setup --plugin #{main_plugin}" do
|
||||
only_if { platform?(%w(fedora redhat centos)) } # :pragma-foodcritic: ~FC024 - won't fix this
|
||||
end
|
||||
|
||||
template "/etc/quantum/dhcp_agent.ini" do
|
||||
source "dhcp_agent.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
|
||||
notifies :restart, "service[quantum-dhcp-agent]", :immediately
|
||||
end
|
|
@ -0,0 +1,32 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: hyperv
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
#(alanmeadows) TODO
|
||||
#FC033: Missing template: .cookbooks/openstack-network/recipes/hyperv.rb:20
|
||||
#template "/etc/quantum/plugins/hyperv/hyperv_quantum_plugin.ini" do
|
||||
# source "plugins/hyperv/hyperv_quantum__plugin.ini.erb"
|
||||
# owner node["openstack"]["network"]["user"]
|
||||
# group node["openstack"]["network"]["group"]
|
||||
# mode 00644
|
||||
# variables(
|
||||
# :sql_connection => sql_connection
|
||||
# )
|
||||
#
|
||||
# notifies :restart, "service[quantum-server]", :immediately
|
||||
#end
|
|
@ -0,0 +1,87 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: keystone_registration
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
require "uri"
|
||||
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
end
|
||||
|
||||
identity_admin_endpoint = endpoint "identity-admin"
|
||||
|
||||
bootstrap_token = secret "secrets", "keystone_bootstrap_token"
|
||||
auth_uri = ::URI.decode identity_admin_endpoint.to_s
|
||||
|
||||
api_endpoint = endpoint "network-api"
|
||||
|
||||
service_pass = service_password "quantum"
|
||||
service_tenant_name = node["openstack"]["network"]["service_tenant_name"]
|
||||
service_user = node["openstack"]["network"]["service_user"]
|
||||
service_role = node["openstack"]["network"]["service_role"]
|
||||
|
||||
keystone_register "Register Network API Service" do
|
||||
auth_uri auth_uri
|
||||
bootstrap_token bootstrap_token
|
||||
service_name "quantum"
|
||||
service_type "network"
|
||||
service_description "OpenStack Network Service"
|
||||
|
||||
action :create_service
|
||||
end
|
||||
|
||||
keystone_register "Register Network Endpoint" do
|
||||
auth_uri auth_uri
|
||||
bootstrap_token bootstrap_token
|
||||
service_type "network"
|
||||
endpoint_region node["openstack"]["network"]["region"]
|
||||
endpoint_adminurl api_endpoint.to_s
|
||||
endpoint_internalurl api_endpoint.to_s
|
||||
endpoint_publicurl api_endpoint.to_s
|
||||
|
||||
action :create_endpoint
|
||||
end
|
||||
|
||||
keystone_register "Register Service Tenant" do
|
||||
auth_uri auth_uri
|
||||
bootstrap_token bootstrap_token
|
||||
tenant_name service_tenant_name
|
||||
tenant_description "Service Tenant"
|
||||
|
||||
action :create_tenant
|
||||
end
|
||||
|
||||
keystone_register "Register #{service_user} User" do
|
||||
auth_uri auth_uri
|
||||
bootstrap_token bootstrap_token
|
||||
tenant_name service_tenant_name
|
||||
user_name service_user
|
||||
user_pass service_pass
|
||||
|
||||
action :create_user
|
||||
end
|
||||
|
||||
keystone_register "Grant '#{service_role}' Role to #{service_user} User for #{service_tenant_name} Tenant" do
|
||||
auth_uri auth_uri
|
||||
bootstrap_token bootstrap_token
|
||||
tenant_name service_tenant_name
|
||||
user_name service_user
|
||||
role_name service_role
|
||||
|
||||
action :grant_role
|
||||
end
|
|
@ -0,0 +1,84 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: l3_agent
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# Some plugins have L3 functionality, so we install the plugin
|
||||
# Python package and include the plugin-specific recipe here...
|
||||
main_plugin = node["openstack"]["network"]["interface_driver"].split('.').last.downcase
|
||||
|
||||
# This will copy recursively all the files in
|
||||
# /files/default/etc/quantum/rootwrap.d
|
||||
remote_directory "/etc/quantum/rootwrap.d" do
|
||||
files_owner node["openstack"]["network"]["user"]
|
||||
files_group node["openstack"]["network"]["group"]
|
||||
files_mode 00700
|
||||
end
|
||||
|
||||
directory "/etc/quantum/plugins" do
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00700
|
||||
end
|
||||
|
||||
platform_options["quantum_l3_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :install
|
||||
# The providers below do not use the generic L3 agent...
|
||||
not_if { ["nicira", "plumgrid", "bigswitch"].include?(main_plugin)
|
||||
end
|
||||
end
|
||||
|
||||
service "quantum-l3-agent" do
|
||||
service_name platform_options["quantum_l3_agent_service"]
|
||||
supports :status => true, :restart => true
|
||||
|
||||
action :enable
|
||||
end
|
||||
|
||||
package platform_options["quantum_plugin_package"].gsub("%plugin%", main_plugin) do
|
||||
action :install
|
||||
end
|
||||
|
||||
include_recipe "openstack-network::#{main_plugin}"
|
||||
|
||||
execute "quantum-l3-setup --plugin #{main_plugin}" do
|
||||
only_if {
|
||||
platform?(%w(fedora redhat centos)) and not # :pragma-foodcritic: ~FC024 - won't fix this
|
||||
["nicira", "plumgrid", "bigswitch"].include?(main_plugin)
|
||||
}
|
||||
end
|
||||
|
||||
template "/etc/quantum/l3_agent.ini" do
|
||||
source "l3_agent.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
|
||||
notifies :restart, "service[quantum-l3-agent]", :immediately
|
||||
end
|
||||
|
||||
if not ["nicira", "plumgrid", "bigswitch"].include?(main_plugin) do
|
||||
# See http://docs.openstack.org/trunk/openstack-network/admin/content/install_quantum-l3.html
|
||||
ext_bridge = node["openstack"]["network"]["l3"]["external_network_bridge"]
|
||||
ext_bridge_iface = node["openstack"]["network"]["l3"]["external_network_bridge_interface"]
|
||||
execute "create external network bridge" do
|
||||
command "ovs-vsctl add-br #{ext_bridge} && ovs-vsctl add-port #{ext_bridge} #{ext_bridge_iface}"
|
||||
action :run
|
||||
not_if "ovs-vsctl show | grep 'Bridge #{ext_bridge}'"
|
||||
end
|
||||
end
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: linuxbridge
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/quantum/plugins/linuxbridge/linuxbridge_conf.ini" do
|
||||
source "plugins/linuxbridge/linuxbridge_conf.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,32 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: metaplugin
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# (alanmeadows): TODO
|
||||
# FC033: Missing template: .cookbooks/openstack-network/recipes/metaplugin.rb:20
|
||||
# template "/etc/quantum/plugins/metaplugin/metaplugin_plugins.ini" do
|
||||
# source "plugins/metaplugin/metaplugin_plugins.ini.erb"
|
||||
# owner node["openstack"]["network"]["user"]
|
||||
# group node["openstack"]["network"]["group"]
|
||||
# mode 00644
|
||||
# variables(
|
||||
# :sql_connection => sql_connection
|
||||
# )
|
||||
#
|
||||
# notifies :restart, "service[quantum-server]", :immediately
|
||||
# end
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: midonet
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/quantum/plugins/midonet/midonet.ini" do
|
||||
source "plugins/midonet/midonet.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: nec
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/quantum/plugins/nec/nec.ini" do
|
||||
source "plugins/nec/nec.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: nicira
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/quantum/plugins/nicira/nvp.ini" do
|
||||
source "plugins/nicira/nvp.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,53 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: opensvswitch
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
# discover database attributes
|
||||
db_user = node["openstack"]["network"]["db"]["username"]
|
||||
db_pass = db_password "quantum"
|
||||
sql_connection = db_uri("network", db_user, db_pass)
|
||||
|
||||
platform_options = node["openstack"]["network"]["platform"]
|
||||
|
||||
platform_options["quantum_openvswitch_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :install
|
||||
end
|
||||
end
|
||||
|
||||
service "quantum-openvswitch-switch" do
|
||||
service_name platform_options["quantum_openvswitch_service"]
|
||||
supports :status => true, :restart => true
|
||||
action :enable
|
||||
end
|
||||
|
||||
execute "quantum-node-setup --plugin openvswitch" do
|
||||
only_if { platform?(%w(fedora redhat centos)) } # :pragma-foodcritic: ~FC024 - won't fix this
|
||||
end
|
||||
|
||||
template "/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini" do
|
||||
source "plugins/openvswitch/ovs_quantum_plugin.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: plumgrid
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/quantum/plugins/plumgrid/plumgrid.ini" do
|
||||
source "plugins/plumgrid/plumgrid.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,30 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: ryu
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
template "/etc/quantum/plugins/ryu/ryu.ini" do
|
||||
source "plugins/ryu/ryu.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:sql_connection => sql_connection
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
|
@ -0,0 +1,204 @@
|
|||
#
|
||||
# Cookbook Name:: openstack-network
|
||||
# Recipe:: server
|
||||
#
|
||||
# Copyright 2013, AT&T
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
require "uri"
|
||||
|
||||
class ::Chef::Recipe
|
||||
include ::Openstack
|
||||
end
|
||||
|
||||
main_plugin = node["openstack"]["network"]["plugins"].first.downcase
|
||||
core_plugin = node["openstack"]["network"]["core_plugin"]
|
||||
|
||||
if node["openstack"]["network"]["syslog"]["use"]
|
||||
include_recipe "openstack-common::logging"
|
||||
end
|
||||
|
||||
platform_options = node["openstack"]["network"]["platform"]
|
||||
|
||||
platform_options["nova_network_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :purge
|
||||
end
|
||||
end
|
||||
|
||||
platform_options["mysql_python_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :install
|
||||
end
|
||||
end
|
||||
|
||||
platform_options["quantum_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :install
|
||||
end
|
||||
end
|
||||
|
||||
platform_options["quantum_l3_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :install
|
||||
end
|
||||
end
|
||||
|
||||
platform_options["quantum_dhcp_packages"].each do |pkg|
|
||||
package pkg do
|
||||
action :install
|
||||
end
|
||||
end
|
||||
|
||||
service "quantum-server" do
|
||||
service_name platform_options["quantum_server_service"]
|
||||
supports :status => true, :restart => true
|
||||
|
||||
action :enable
|
||||
end
|
||||
|
||||
service "quantum-l3-agent" do
|
||||
service_name platform_options["quantum_l3_agent_service"]
|
||||
supports :status => true, :restart => true
|
||||
|
||||
# The providers below do not use the generic L3 agent...
|
||||
not_if { ["nicira", "plumgrid", "bigswitch"].include?(main_plugin) }
|
||||
action :enable
|
||||
end
|
||||
|
||||
service "quantum-dhcp-agent" do
|
||||
service_name platform_options["quantum_dhcp_agent_service"]
|
||||
supports :status => true, :restart => true
|
||||
action :enable
|
||||
end
|
||||
|
||||
service "quantum-metadata-agent" do
|
||||
service_name platform_options["quantum_metadata_agent_service"]
|
||||
supports :status => true, :restart => true
|
||||
|
||||
action :enable
|
||||
end
|
||||
|
||||
# This will copy recursively all the files in
|
||||
# /files/default/etc/quantum/rootwrap.d
|
||||
remote_directory "/etc/quantum/rootwrap.d" do
|
||||
files_owner node["openstack"]["network"]["user"]
|
||||
files_group node["openstack"]["network"]["group"]
|
||||
files_mode 00700
|
||||
end
|
||||
|
||||
directory "/etc/quantum/plugins" do
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00700
|
||||
end
|
||||
|
||||
directory ::File.dirname node["openstack"]["network"]["api"]["auth"]["cache_dir"] do
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00700
|
||||
|
||||
only_if { node["openstack"]["auth"]["strategy"] == "pki" }
|
||||
end
|
||||
|
||||
template "/etc/quantum/policy.json" do
|
||||
source "policy.json.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
||||
|
||||
rabbit_server_role = node["openstack"]["network"]["rabbit_server_chef_role"]
|
||||
rabbit_info = config_by_role rabbit_server_role, "queue"
|
||||
rabbit_user = node["openstack"]["network"]["rabbit"]["username"]
|
||||
rabbit_vhost = node["openstack"]["network"]["rabbit"]["vhost"]
|
||||
rabbit_pass = user_password "rabbit"
|
||||
|
||||
identity_endpoint = endpoint "identity-api"
|
||||
auth_uri = ::URI.decode identity_endpoint.to_s
|
||||
|
||||
db_user = node["openstack"]["network"]["db"]["username"]
|
||||
db_pass = db_password "quantum"
|
||||
sql_connection = db_uri("network", db_user, db_pass)
|
||||
|
||||
api_endpoint = endpoint "network-api"
|
||||
service_pass = service_password "quantum"
|
||||
service_tenant_name = node["openstack"]["network"]["service_tenant_name"]
|
||||
service_user = node["openstack"]["network"]["service_user"]
|
||||
|
||||
if node["openstack"]["network"]["api"]["bind_interface"].nil?
|
||||
bind_address = api_endpoint.host
|
||||
else
|
||||
bind_address = node["network"]["ipaddress_#{node["openstack"]["network"]["api"]["bind_interface"]}"]
|
||||
end
|
||||
|
||||
# Here is where we set up the appropriate plugin INI files
|
||||
# for the L2 and L3 drivers...
|
||||
|
||||
# Install the plugin's Python package
|
||||
node["openstack"]["network"]["plugins"].each do |pkg|
|
||||
plugin_fmt = platform_options["quantum_plugin_package"]
|
||||
pkg = plugin_fmt.gsub("%plugin%", pkg)
|
||||
package pkg do
|
||||
action :install
|
||||
end
|
||||
end
|
||||
|
||||
begin
|
||||
include_recipe "openstack-network::#{main_plugin}"
|
||||
rescue Chef::Exceptions::RecipeNotFound
|
||||
Chef::Log.warn "Could not find recipe openstack-network::#{main_plugin} for inclusion"
|
||||
end
|
||||
|
||||
template "/etc/quantum/quantum.conf" do
|
||||
source "quantum.conf.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
:bind_address => bind_address,
|
||||
:bind_port => api_endpoint.port,
|
||||
:rabbit_ipaddress => rabbit_info["host"],
|
||||
:rabbit_user => rabbit_user,
|
||||
:rabbit_password => rabbit_pass,
|
||||
:rabbit_port => rabbit_info["port"],
|
||||
:rabbit_virtual_host => rabbit_vhost,
|
||||
:core_plugin => core_plugin
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
||||
|
||||
template "/etc/quantum/api-paste.ini" do
|
||||
source "api-paste.ini.erb"
|
||||
owner node["openstack"]["network"]["user"]
|
||||
group node["openstack"]["network"]["group"]
|
||||
mode 00644
|
||||
variables(
|
||||
"identity_endpoint" => identity_endpoint,
|
||||
"service_pass" => service_pass
|
||||
)
|
||||
|
||||
notifies :restart, "service[quantum-server]", :immediately
|
||||
end
|
||||
|
||||
directory "/var/cache/quantum" do
|
||||
owner "quantum"
|
||||
group "quantum"
|
||||
mode 00700
|
||||
end
|
||||
|
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# A script to run tests locally before committing.
|
||||
|
||||
set -e
|
||||
|
||||
COOKBOOK=$(awk '/^name/ {print $NF}' metadata.rb |tr -d \"\')
|
||||
if [ -z $COOKBOOK ]; then
|
||||
echo "Cookbook name not defined in metadata.rb"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
BUNDLE_PATH=${BUNDLE_PATH:-.bundle}
|
||||
BERKSHELF_PATH=${BERKSHELF_PATH:-.cookbooks}
|
||||
|
||||
echo "Using bundle path: $BUNDLE_PATH"
|
||||
echo "Using berkshelf path: $BERKSHELF_PATH"
|
||||
|
||||
bundle install --path=${BUNDLE_PATH}
|
||||
bundle exec berks install --path=${BERKSHELF_PATH}
|
||||
bundle exec rspec ${BERKSHELF_PATH}/${COOKBOOK}
|
||||
bundle exec foodcritic -f any -t ~FC003 -t ~FC023 ${BERKSHELF_PATH}/${COOKBOOK}
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
require_relative 'spec_helper'
|
||||
|
||||
describe 'openstack-network::server' do
|
||||
|
||||
#-------------------
|
||||
# UBUNTU
|
||||
#-------------------
|
||||
|
||||
describe "ubuntu" do
|
||||
|
||||
before do
|
||||
quantum_stubs
|
||||
@chef_run = ::ChefSpec::ChefRunner.new ::UBUNTU_OPTS
|
||||
@node = @chef_run.node
|
||||
@node.set['lsb']['code'] = 'precise'
|
||||
@node.set['openstack']['developer_mode'] = true
|
||||
|
||||
# mock out an interface on the storage node
|
||||
@node.set["network"] = MOCK_NODE_NETWORK_DATA['network']
|
||||
|
||||
@chef_run.converge "openstack-network::server"
|
||||
end
|
||||
|
||||
it "installs quamtum packages" do
|
||||
expect(@chef_run).to install_package "quantum-server"
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
end
|
|
@ -0,0 +1,56 @@
|
|||
require "chefspec"
|
||||
|
||||
::LOG_LEVEL = :fatal
|
||||
::REDHAT_OPTS = {
|
||||
:platform => "redhat",
|
||||
:log_level => ::LOG_LEVEL
|
||||
}
|
||||
::UBUNTU_OPTS = {
|
||||
:platform => "ubuntu",
|
||||
:version => "12.04",
|
||||
:log_level => ::LOG_LEVEL
|
||||
}
|
||||
|
||||
MOCK_NODE_NETWORK_DATA =
|
||||
{
|
||||
"ipaddress" => '10.0.0.2',
|
||||
"fqdn" => 'localhost.localdomain',
|
||||
"hostname" => 'localhost',
|
||||
"network" => {
|
||||
"default_interface" => "eth0",
|
||||
"interfaces" => {
|
||||
"eth0" => {
|
||||
"addresses" => {
|
||||
"fe80::a00:27ff:feca:ab08" => {"scope" => "Link", "prefixlen" => "64", "family" => "inet6"},
|
||||
"10.0.0.2" => {"netmask" => "255.255.255.0", "broadcast" => "10.0.0.255", "family" => "inet"},
|
||||
"08:00:27:CA:AB:08" => {"family" => "lladdr"}
|
||||
},
|
||||
},
|
||||
"lo" => {
|
||||
"addresses" => {
|
||||
"::1" => {"scope" => "Node", "prefixlen" => "128", "family" => "inet6"},
|
||||
"127.0.0.1" => {"netmask" => "255.0.0.0", "family" => "inet"}
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
def quantum_stubs
|
||||
|
||||
::Chef::Recipe.any_instance.stub(:config_by_role).
|
||||
with("rabbitmq-server", "queue").and_return(
|
||||
{'host' => 'rabbit-host', 'port' => 'rabbit-port'}
|
||||
)
|
||||
::Chef::Recipe.any_instance.stub(:config_by_role).
|
||||
with("glance-api", "glance").and_return []
|
||||
::Chef::Recipe.any_instance.stub(:secret).
|
||||
with("secrets", "openstack_identity_bootstrap_token").
|
||||
and_return "bootstrap-token"
|
||||
::Chef::Recipe.any_instance.stub(:db_password).and_return String.new
|
||||
::Chef::Recipe.any_instance.stub(:user_password).and_return String.new
|
||||
::Chef::Recipe.any_instance.stub(:service_password).and_return String.new
|
||||
::Chef::Recipe.any_instance.stub(:service_password).with("quantum").
|
||||
and_return "quantum-pass"
|
||||
|
||||
end
|
|
@ -0,0 +1,34 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
|
||||
[composite:quantum]
|
||||
use = egg:Paste#urlmap
|
||||
/: quantumversions
|
||||
/v2.0: quantumapi_v2_0
|
||||
|
||||
[composite:quantumapi_v2_0]
|
||||
use = call:quantum.auth:pipeline_factory
|
||||
noauth = extensions quantumapiapp_v2_0
|
||||
keystone = authtoken keystonecontext extensions quantumapiapp_v2_0
|
||||
|
||||
[filter:keystonecontext]
|
||||
paste.filter_factory = quantum.auth:QuantumKeystoneContext.factory
|
||||
|
||||
[filter:extensions]
|
||||
paste.filter_factory = quantum.api.extensions:plugin_aware_extension_middleware_factory
|
||||
|
||||
[app:quantumversions]
|
||||
paste.app_factory = quantum.api.versions:Versions.factory
|
||||
|
||||
[app:quantumapiapp_v2_0]
|
||||
paste.app_factory = quantum.api.v2.router:APIRouter.factory
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
|
||||
auth_host = <%= @identity_endpoint.host %>
|
||||
auth_port = <%= @identity_endpoint.port %>
|
||||
auth_protocol = <%= @identity_endpoint.scheme %>
|
||||
admin_tenant_name = <%= node["openstack"]["network"]["service_tenant_name"] %>
|
||||
admin_user = <%= node["openstack"]["network"]["service_user"] %>
|
||||
admin_password = <%= @service_pass %>
|
||||
delay_auth_decision = true
|
||||
signing_dir = <%= node["openstack"]["network"]["api"]["auth"]["cache_dir"] %>
|
|
@ -0,0 +1,46 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
|
||||
[DEFAULT]
|
||||
# Show debugging output in log (sets DEBUG log level output)
|
||||
debug = <%= node["openstack"]["network"]["debug"] %>
|
||||
|
||||
# The DHCP agent will resync its state with Quantum to recover from any
|
||||
# transient notification or rpc errors. The interval is number of
|
||||
# seconds between attempts.
|
||||
resync_interval = <%= node["openstack"]["network"]["dhcp"]["resync_interval"] %>
|
||||
|
||||
# The DHCP requires that an inteface driver be set. Choose the one that best
|
||||
# matches your plugin.
|
||||
|
||||
# OVS based plugins (OVS, Ryu, NEC, NVP, BigSwitch/Floodlight)
|
||||
# interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver
|
||||
# LinuxBridge
|
||||
#interface_driver = quantum.agent.linux.interface.BridgeInterfaceDriver
|
||||
interface_driver = <%= node["openstack"]["network"]["interface_driver"] %>
|
||||
|
||||
# OVS based plugins(Ryu, NEC, NVP, BigSwitch/Floodlight) that use OVS
|
||||
# as OpenFlow switch and check port status
|
||||
ovs_use_veth = <%= node["openstack"]["network"]["dhcp"]["ovs_use_veth"] %>
|
||||
|
||||
# The agent can use other DHCP drivers. Dnsmasq is the simplest and requires
|
||||
# no additional setup of the DHCP server.
|
||||
dhcp_driver = <%= node["openstack"]["network"]["dhcp_driver"] %>
|
||||
|
||||
# Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and
|
||||
# iproute2 package that supports namespaces).
|
||||
use_namespaces = <%= node["openstack"]["network"]["use_namespaces"] %>
|
||||
|
||||
# The DHCP server can assist with providing metadata support on isolated
|
||||
# networks. Setting this value to True will cause the DHCP server to append
|
||||
# specific host routes to the DHCP request. The metadata service will only
|
||||
# be activated when the subnet gateway_ip is None. The guest instance must
|
||||
# be configured to request host routes via DHCP (Option 121).
|
||||
enable_isolated_metadata = <%= node["openstack"]["network"]["dhcp"]["enable_isolated_metadata"] %>
|
||||
|
||||
# Allows for serving metadata requests coming from a dedicated metadata
|
||||
# access network whose cidr is 169.254.169.254/16 (or larger prefix), and
|
||||
# is connected to a Quantum router from which the VMs send metadata
|
||||
# request. In this case DHCP Option 121 will not be injected in VMs, as
|
||||
# they will be able to reach 169.254.169.254 through a router.
|
||||
# This option requires enable_isolated_metadata = True
|
||||
enable_metadata_network = <%= node["openstack"]["network"]["dhcp"]["enable_metadata_network"] %>
|
|
@ -0,0 +1,52 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
|
||||
[DEFAULT]
|
||||
# Show debugging output in log (sets DEBUG log level output)
|
||||
debug = <%= node["openstack"]["network"]["debug"] %>
|
||||
|
||||
# L3 requires that an interface driver be set. Choose the one that best
|
||||
# matches your plugin.
|
||||
|
||||
# OVS based plugins (OVS, Ryu, NEC, NVP, BigSwitch/Floodlight)
|
||||
# interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver
|
||||
# LinuxBridge
|
||||
#interface_driver = quantum.agent.linux.interface.BridgeInterfaceDriver
|
||||
interface_driver = <%= node["openstack"]["network"]["interface_driver"] %>
|
||||
|
||||
# Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and
|
||||
# iproute2 package that supports namespaces).
|
||||
use_namespaces = <%= node["openstack"]["network"]["use_namespaces"] %>
|
||||
|
||||
# If use_namespaces is set as False then the agent can only configure one router.
|
||||
# This is done by setting the specific router_id.
|
||||
router_id = <%= node["openstack"]["network"]["l3"]["router_id"] %>
|
||||
|
||||
# Each L3 agent can be associated with at most one external network. This
|
||||
# value should be set to the UUID of that external network. If empty,
|
||||
# the agent will enforce that only a single external networks exists and
|
||||
# use that external network id
|
||||
# gateway_external_network_id = <%= node["openstack"]["network"]["l3"]["gateway_external_network_id"] %>
|
||||
|
||||
# Indicates that this L3 agent should also handle routers that do not have
|
||||
# an external network gateway configured. This option should be True only
|
||||
# for a single agent in a Quantum deployment, and may be False for all agents
|
||||
# if all routers must have an external network gateway
|
||||
handle_internal_only_routers = <%= node["openstack"]["network"]["l3"]["handle_internal_only_routers"] %>
|
||||
|
||||
# Name of bridge used for external network traffic. This should be set to
|
||||
# empty value for the linux bridge
|
||||
external_network_bridge = <%= node["openstack"]["network"]["l3"]["external_network_bridge"] %>
|
||||
|
||||
# TCP Port used by Quantum metadata server
|
||||
metadata_port = <%= node["openstack"]["network"]["l3"]["metadata_port"] %>
|
||||
|
||||
# Send this many gratuitous ARPs for HA setup. Set it below or equal to 0
|
||||
# to disable this feature.
|
||||
send_arp_for_ha = <%= node["openstack"]["network"]["l3"]["send_arp_for_ha"] %>
|
||||
|
||||
# seconds between re-sync routers' data if needed
|
||||
periodic_interval = <%= node["openstack"]["network"]["l3"]["periodic_interval"] %>
|
||||
|
||||
# seconds to start to sync routers' data after
|
||||
# starting agent
|
||||
periodic_fuzzy_delay = <%= node["openstack"]["network"]["l3"]["periodic_fuzz_delay"] %>
|
|
@ -0,0 +1,29 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
|
||||
[DEFAULT]
|
||||
# Show debugging output in log (sets DEBUG log level output)
|
||||
debug = <%= node["openstack"]["network"]["debug"] %>
|
||||
|
||||
# The LBaaS agent will resync its state with Quantum to recover from any
|
||||
# transient notification or rpc errors. The interval is number of
|
||||
# seconds between attempts.
|
||||
periodic_interval = <%= node["openstack"]["network"]["lbaas"]["periodic_interval"] %>
|
||||
|
||||
# OVS based plugins(OVS, Ryu, NEC, NVP, BigSwitch/Floodlight)
|
||||
interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver
|
||||
# OVS based plugins(Ryu, NEC, NVP, BigSwitch/Floodlight) that use OVS
|
||||
# as OpenFlow switch and check port status
|
||||
# ovs_use_veth = True
|
||||
# LinuxBridge
|
||||
# interface_driver = quantum.agent.linux.interface.BridgeInterfaceDriver
|
||||
|
||||
# The agent requires a driver to manage the loadbalancer. HAProxy is the
|
||||
# opensource version.
|
||||
device_driver = quantum.plugins.services.agent_loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver
|
||||
|
||||
# Allow overlapping IP (Must have kernel build with CONFIG_NET_NS=y and
|
||||
# iproute2 package that supports namespaces).
|
||||
# use_namespaces = True
|
||||
|
||||
# The user group
|
||||
# user_group = nogroup
|
|
@ -0,0 +1,25 @@
|
|||
B
|
||||
bsbrbÂode["openstack"]["network"]["custom_template_banner"] %>
|
||||
|
||||
[DEFAULT]
|
||||
# Show debugging output in log (sets DEBUG log level output)
|
||||
debug = <%= node["openstack"]["network"]["debug"] %>
|
||||
|
||||
# The Quantum user information for accessing the Quantum API.
|
||||
auth_url = http://localhost:35357/v2.0
|
||||
auth_region = RegionOne
|
||||
admin_tenant_name = %SERVICE_TENANT_NAME%
|
||||
admin_user = %SERVICE_USER%
|
||||
admin_password = %SERVICE_PASSWORD%
|
||||
|
||||
# IP address used by Nova metadata server
|
||||
nova_metadata_ip = <%= node["openstack"]["network"]["metadata"]["nova_metadata_ip"] %>
|
||||
|
||||
# TCP Port used by Nova metadata server
|
||||
# nova_metadata_port = 8775
|
||||
|
||||
# When proxying metadata requests, Quantum signs the Instance-ID header with a
|
||||
# shared secret to prevent spoofing. You may select any string for a secret,
|
||||
# but it must match here and in the configuration used by the Nova Metadata
|
||||
# Server. NOTE: Nova uses a different key: quantum_metadata_proxy_shared_secret
|
||||
# metadata_proxy_shared_secret =
|
|
@ -0,0 +1,39 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://root:pass@127.0.0.1:3306/restproxy_quantum
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main quantum server. (Leave it as is if the database runs on this host.)
|
||||
sql_connection = <%= @sql_connection %>
|
||||
# Database reconnection retry times - in event connectivity is lost
|
||||
# set to -1 implies an infinite retry count
|
||||
# sql_max_retries = 10
|
||||
# Database reconnection interval in seconds - if the initial connection to the
|
||||
# database fails
|
||||
reconnect_interval = 2
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
[RESTPROXY]
|
||||
# All configuration for this plugin is in section '[restproxy]'
|
||||
#
|
||||
# The following parameters are supported:
|
||||
# servers : <host:port>[,<host:port>]* (Error if not set)
|
||||
# server_auth : <username:password> (default: no auth)
|
||||
# server_ssl : True | False (default: False)
|
||||
# sync_data : True | False (default: False)
|
||||
# server_timeout : 10 (default: 10 seconds)
|
||||
#
|
||||
servers = <%= node["openstack"]["network"]["bigswitch"]["servers"] %>
|
||||
#server_auth=username:password
|
||||
#server_ssl=True
|
||||
#sync_data=True
|
||||
#server_timeout=10
|
|
@ -0,0 +1,57 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[SWITCH]
|
||||
# username = <mgmt admin username>
|
||||
username = <%= node["openstack"]["network"]["brocade"]["switch_username"] %>
|
||||
# password = <mgmt admin password>
|
||||
password = <%= node["openstack"]["network"]["brocade"]["switch_password"] %>
|
||||
# address = <switch mgmt ip address>
|
||||
address = <%= node["openstack"]["network"]["brocade"]["switch_address"] %>
|
||||
# ostype = NOS
|
||||
ostype = <%= node["openstack"]["network"]["brocade"]["switch_ostype"] %>
|
||||
|
||||
# Example:
|
||||
# username = admin
|
||||
# password = password
|
||||
# address = 10.24.84.38
|
||||
# ostype = NOS
|
||||
|
||||
[DATABASE]
|
||||
# sql_connection = sqlite://
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
#
|
||||
# Example:
|
||||
# sql_connection = mysql://root:pass@localhost/brcd_quantum?charset=utf8
|
||||
sql_connection = <%= @sql_connection %>
|
||||
|
||||
[PHYSICAL_INTERFACE]
|
||||
# physical_interface = <physical network name>
|
||||
#
|
||||
# Example:
|
||||
# physical_interface = physnet1
|
||||
physical_interface = <%= node["openstack"]["network"]["brocade"]["physical_interface"] %>
|
||||
|
||||
[VLANS]
|
||||
# network_vlan_ranges = <physical network name>:nnnn:mmmm
|
||||
#
|
||||
# Example:
|
||||
# network_vlan_ranges = physnet1:1000:2999
|
||||
network_vlan_ranges = <%= node["openstack"]["network"]["brocade"]["network_vlan_ranges"] %>
|
||||
|
||||
[AGENT]
|
||||
# Example:
|
||||
# root_helper = sudo /usr/local/bin/quantum-rootwrap /etc/quantum/rootwrap.conf
|
||||
|
||||
[LINUX_BRIDGE]
|
||||
# physical_interface_mappings = <physical network name>:<local interface>
|
||||
#
|
||||
# Example:
|
||||
# physical_interface_mappings = physnet1:em1
|
||||
physical_interface_mappings = <%= node["openstack"]["network"]["brocade"]["physical_interface_mappings"] %>
|
|
@ -0,0 +1,36 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[CISCO_PLUGINS]
|
||||
nexus_plugin = <%= node["openstack"]["network"]["cisco"]["nexus_plugin"] %>
|
||||
vswitch_plugin = <%= node["openstack"]["network"]["cisco"]["vswitch_plugin"] %>
|
||||
|
||||
[CISCO]
|
||||
vlan_start = <%= node["openstack"]["network"]["cisco"]["vlan_start"] %>
|
||||
vlan_end = <%= node["openstack"]["network"]["cisco"]["vlan_end"] %>
|
||||
vlan_name_prefix = <%= node["openstack"]["network"]["cisco"]["vlan_name_prefix"] %>
|
||||
max_ports = <%= node["openstack"]["network"]["cisco"]["max_ports"] %>
|
||||
max_port_profiles = <%= node["openstack"]["network"]["cisco"]["max_port_profiles"] %>
|
||||
max_networks = <%= node["openstack"]["network"]["cisco"]["max_networks"] %>
|
||||
model_class = <%= node["openstack"]["network"]["cisco"]["model_class"] %>
|
||||
manager_class = <%= node["openstack"]["network"]["cisco"]["manager_class"] %>
|
||||
nexus_driver = <%= node["openstack"]["network"]["cisco"]["nexus_driver"] %>
|
||||
|
||||
<%- node["openstack"]["network"]["cisco"]["nexus_switch"].each_pair do | ip, info | -%>
|
||||
[NEXUS_SWITCH:<%= @ip %>]
|
||||
<%- @info["hosts"].each do | host_info | -%>
|
||||
<%= @host_info[0] %> = <%= @host_info[1] %>
|
||||
<%- end -%>
|
||||
ssh_port = <%= @info["ssh_port"] %>
|
||||
username = <%= @info["username"] %>
|
||||
password = <%= @info["password"] %>
|
||||
|
||||
<%- end -%>
|
||||
|
||||
[DATABASE]
|
||||
#
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://quantum:password@127.0.0.1:3306/cisco_quantum
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main quantum server. (Leave it as is if the database runs on this host.)
|
||||
#
|
||||
sql_connection = <%= @sql_connection %>
|
|
@ -0,0 +1,68 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://quantum:password@127.0.0.1:3306/hyperv_quantum
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main quantum server. (Leave it as is if the database runs on this host.)
|
||||
sql_connection = <%= @sql_connection %>
|
||||
# Database reconnection retry times - in event connectivity is lost
|
||||
# set to -1 implies an infinite retry count
|
||||
# sql_max_retries = 10
|
||||
# Database reconnection interval in seconds - if the initial connection to the
|
||||
# database fails
|
||||
reconnect_interval = 2
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
[HYPERV]
|
||||
# (StrOpt) Type of network to allocate for tenant networks. The
|
||||
# default value 'local' is useful only for single-box testing and
|
||||
# provides no connectivity between hosts. You MUST either change this
|
||||
# to 'vlan' and configure network_vlan_ranges below or to 'flat'.
|
||||
# Set to 'none' to disable creation of tenant networks.
|
||||
#
|
||||
# Default: tenant_network_type = local
|
||||
# Example: tenant_network_type = vlan
|
||||
tenant_network_type = <%= node["openstack"]["network"]["hyperv"]["tenant_network_type"] %>
|
||||
|
||||
# (ListOpt) Comma-separated list of
|
||||
# <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating ranges
|
||||
# of VLAN IDs on named physical networks that are available for
|
||||
# allocation. All physical networks listed are available for flat and
|
||||
# VLAN provider network creation. Specified ranges of VLAN IDs are
|
||||
# available for tenant network allocation if tenant_network_type is
|
||||
# 'vlan'. If empty, only gre and local networks may be created.
|
||||
#
|
||||
# Default: network_vlan_ranges =
|
||||
# Example: network_vlan_ranges = physnet1:1000:2999
|
||||
network_vlan_ranges = <%= node["openstack"]["network"]["hyperv"]["network_vlan_ranges"] %>
|
||||
|
||||
[AGENT]
|
||||
# Agent's polling interval in seconds
|
||||
polling_interval = <%= node["openstack"]["network"]["hyperv"]["polling_interval"] %>
|
||||
|
||||
# (ListOpt) Comma separated list of <physical_network>:<vswitch>
|
||||
# where the physical networks can be expressed with wildcards,
|
||||
# e.g.: ."*:external".
|
||||
# The referred external virtual switches need to be already present on
|
||||
# the Hyper-V server.
|
||||
# If a given physical network name will not match any value in the list
|
||||
# the plugin will look for a virtual switch with the same name.
|
||||
#
|
||||
# Default: physical_network_vswitch_mappings = *:external
|
||||
# Example: physical_network_vswitch_mappings = net1:external1,net2:external2
|
||||
physical_network_vswitch_mappings = <%= node["openstack"]["network"]["hyperv"]["physical_network_vswitch_mappings"] %>
|
||||
|
||||
# (StrOpt) Private virtual switch name used for local networking.
|
||||
#
|
||||
# Default: local_network_vswitch = private
|
||||
# Example: local_network_vswitch = custom_vswitch
|
||||
local_network_vswitch = <%= node["openstack"]["network"]["hyperv"]["local_network_vswitch"] %>
|
|
@ -0,0 +1,67 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[VLANS]
|
||||
# (StrOpt) Type of network to allocate for tenant networks. The
|
||||
# default value 'local' is useful only for single-box testing and
|
||||
# provides no connectivity between hosts. You MUST change this to
|
||||
# 'vlan' and configure network_vlan_ranges below in order for tenant
|
||||
# networks to provide connectivity between hosts. Set to 'none' to
|
||||
# disable creation of tenant networks.
|
||||
#
|
||||
# Default: tenant_network_type = local
|
||||
# Example: tenant_network_type = vlan
|
||||
tenant_network_type = <%= node["openstack"]["network"]["linuxbridge"]["tenant_network_type"] %>
|
||||
|
||||
# (ListOpt) Comma-separated list of
|
||||
# <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating ranges
|
||||
# of VLAN IDs on named physical networks that are available for
|
||||
# allocation. All physical networks listed are available for flat and
|
||||
# VLAN provider network creation. Specified ranges of VLAN IDs are
|
||||
# available for tenant network allocation if tenant_network_type is
|
||||
# 'vlan'. If empty, only local networks may be created.
|
||||
#
|
||||
# Default: network_vlan_ranges =
|
||||
# Example: network_vlan_ranges = physnet1:1000:2999
|
||||
network_vlan_ranges = <%= node["openstack"]["network"]["linuxbridge"]["network_vlan_ranges"] %>
|
||||
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://root:nova@127.0.0.1:3306/quantum_linux_bridge
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main quantum server. (Leave it as is if the database runs on this host.)
|
||||
sql_connection = <%= @sql_connection %>
|
||||
# Database reconnection retry times - in event connectivity is lost
|
||||
# set to -1 implies an infinite retry count
|
||||
# sql_max_retries = 10
|
||||
# Database reconnection interval in seconds - if the initial connection to the
|
||||
# database fails
|
||||
reconnect_interval = 2
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
[LINUX_BRIDGE]
|
||||
# (ListOpt) Comma-separated list of
|
||||
# <physical_network>:<physical_interface> tuples mapping physical
|
||||
# network names to the agent's node-specific physical network
|
||||
# interfaces to be used for flat and VLAN networks. All physical
|
||||
# networks listed in network_vlan_ranges on the server should have
|
||||
# mappings to appropriate interfaces on each agent.
|
||||
#
|
||||
# Default: physical_interface_mappings =
|
||||
# Example: physical_interface_mappings = physnet1:eth1
|
||||
physical_interface_mappings = <%= node["openstack"]["network"]["linuxbridge"]["physical_interface_mappings"] %>
|
||||
|
||||
[AGENT]
|
||||
# Agent's polling interval in seconds
|
||||
polling_interval = 2
|
||||
|
||||
[SECURITYGROUP]
|
||||
# Firewall driver for realizing quantum security group function
|
||||
firewall_driver = quantum.agent.linux.iptables_firewall.IptablesFirewallDriver
|
|
@ -0,0 +1,40 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://root:nova@127.0.0.1:3306/ovs_quantum
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main quantum server. (Leave it as is if the database runs on this host.)
|
||||
sql_connection = <%= @sql_connection %>
|
||||
|
||||
# Database reconnection retry times - in event connectivity is lost
|
||||
# set to -1 implgies an infinite retry count
|
||||
# sql_max_retries = 10
|
||||
# Database reconnection interval in seconds - if the initial connection to the
|
||||
# database fails
|
||||
reconnect_interval = 2
|
||||
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
[META]
|
||||
## This is list of flavor:quantum_plugins
|
||||
# extension method is used in the order of this list
|
||||
plugin_list = <%= node["openstack"]["network"]["metaplugin"]["plugin_list"] %>
|
||||
l3_plugin_list = <%= node["openstack"]["network"]["metaplugin"]["l3_plugin_list"] %>
|
||||
|
||||
# Default value of flavor
|
||||
default_flavor = <%= node["openstack"]["network"]["metaplugin"]["default_flavor"] %>
|
||||
default_l3_flavor = <%= node["openstack"]["network"]["metaplugin"]["default_l3_flavor"] %>
|
||||
|
||||
# supported extentions
|
||||
supported_extension_aliases = providernet
|
||||
# specific method map for each flavor to extensions
|
||||
extension_map = get_port_stats:nvp
|
|
@ -0,0 +1,43 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://root:pass@127.0.0.1:3306/midonet_quantum
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main quantum server. (Leave it as is if the database runs on this host.)
|
||||
sql_connection = <%= @sql_connection %>
|
||||
# Database reconnection retry times - in event connectivity is lost
|
||||
# set to -1 implies an infinite retry count
|
||||
# sql_max_retries = 10
|
||||
# Database reconnection interval in seconds - if the initial connection to the
|
||||
# database fails
|
||||
reconnect_interval = 2
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
[MIDONET]
|
||||
# MidoNet API server URI
|
||||
# midonet_uri = http://localhost:8080/midonet-api
|
||||
midonet_uri = <%= node["openstack"]["network"]["midonet"]["midonet_uri"] %>
|
||||
|
||||
# MidoNet admin username
|
||||
username = <%= node["openstack"]["network"]["midonet"]["username"] %>
|
||||
|
||||
# MidoNet admin password
|
||||
password = <%= node["openstack"]["network"]["midonet"]["password"] %>
|
||||
|
||||
# ID of the project that MidoNet admin user belongs to
|
||||
project_id = <%= node["openstack"]["network"]["midonet"]["project_id"] %>
|
||||
|
||||
# Virtual provider router ID
|
||||
provider_router_id = <%= node["openstack"]["network"]["midonet"]["provider_router_id"] %>
|
||||
|
||||
# Virtual metadata router ID
|
||||
metadata_router_id = <%= node["openstack"]["network"]["midonet"]["metadata_router_id"] %>
|
|
@ -0,0 +1,56 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://root:nova@127.0.0.1:3306/ovs_quantum
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main quantum server. (Leave it as is if the database runs on this host.)
|
||||
sql_connection = <%= @sql_connection %>
|
||||
# Database reconnection retry times - in event connectivity is lost
|
||||
# set to -1 implies an infinite retry count
|
||||
# sql_max_retries = 10
|
||||
# Database reconnection interval in seconds - if the initial connection to the
|
||||
# database fails
|
||||
reconnect_interval = 2
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
[OVS]
|
||||
# Do not change this parameter unless you have a good reason to.
|
||||
# This is the name of the OVS integration bridge. There is one per hypervisor.
|
||||
# The integration bridge acts as a virtual "patch port". All VM VIFs are
|
||||
# attached to this bridge and then "patched" according to their network
|
||||
# connectivity.
|
||||
integration_bridge = <%= node["openstack"]["network"]["nec"]["integration_bridge"] %>
|
||||
|
||||
[AGENT]
|
||||
# Agent's polling interval in seconds
|
||||
polling_interval = <%= node["openstack"]["network"]["nec"]["polling_interval"] %>
|
||||
|
||||
# Use "sudo quantum-rootwrap /etc/quantum/rootwrap.conf" to use the real
|
||||
# root filter facility.
|
||||
# Change to "sudo" to skip the filtering and just run the comand directly
|
||||
root_helper = sudo
|
||||
|
||||
[SECURITYGROUP]
|
||||
# Firewall driver for realizing quantum security group function
|
||||
firewall_driver = <%= node["openstack"]["network"]["nec"]["firewall_driver"] %>
|
||||
|
||||
[OFC]
|
||||
# Specify OpenFlow Controller Host, Port and Driver to connect.
|
||||
host = <%= node["openstack"]["network"]["nec"]["ofc_host"] %>
|
||||
port = <%= node["openstack"]["network"]["nec"]["ofc_port"] %>
|
||||
|
||||
# Drivers are in quantum/plugins/nec/drivers/ .
|
||||
driver = <%= node["openstack"]["network"]["nec"]["ofc_driver"] %>
|
||||
|
||||
# PacketFilter is available when it's enabled in this configuration
|
||||
# and supported by the driver.
|
||||
enable_packet_filter = <%= node["openstack"]["network"]["nec"]["ofc_enable_packet_filter"] %>
|
|
@ -0,0 +1,116 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
# #############################################################
|
||||
# WARNINGS: The following deprecations have been made in the
|
||||
# Havana release. Support for the options below will be removed
|
||||
# in Ixxx.
|
||||
#
|
||||
# Section: [DEFAULT], Option: 'metadata_dhcp_host_route'
|
||||
# Remarks: Use 'enable_isolated_metadata' in dhcp_agent.ini.
|
||||
#
|
||||
#
|
||||
# Section: [CLUSTER:name], Option: 'nvp_controller_connection'
|
||||
# Remarks: The configuration will allow the specification of
|
||||
# a single cluster, therefore [CLUSTER:name] is no
|
||||
# longer used. Use 'nvp_*', options, 'req_timeout',
|
||||
# 'retries', etc. as indicated in the DEFAULT section.
|
||||
# Support for multiple clusters will be added through
|
||||
# an API extension.
|
||||
# ##############################################################
|
||||
|
||||
[DEFAULT]
|
||||
# User name for NVP controller
|
||||
nvp_user = admin <%= node["openstack"]["network"]["nicira"]["nvp_user"] %>
|
||||
|
||||
# Password for NVP controller
|
||||
nvp_password = <%= node["openstack"]["network"]["nicira"]["nvp_password"] %>
|
||||
|
||||
# Total time limit for a cluster request
|
||||
# (including retries across different controllers)
|
||||
req_timeout = <%= node["openstack"]["network"]["nicira"]["req_timeout"] %>
|
||||
|
||||
# Time before aborting a request on an unresponsive controller
|
||||
http_timeout = <%= node["openstack"]["network"]["nicira"]["http_timeout"] %>
|
||||
|
||||
# Maximum number of times a particular request should be retried
|
||||
retries = <%= node["openstack"]["network"]["nicira"]["retries"] %>
|
||||
|
||||
# Maximum number of times a redirect response should be followed
|
||||
redirects = <%= node["openstack"]["network"]["nicira"]["redirects"] %>
|
||||
|
||||
# Comma-separated list of NVP controller endpoints (<ip>:<port>). When port
|
||||
# is omitted, 443 is assumed. This option MUST be specified, e.g.:
|
||||
nvp_controllers = <%= node["openstack"]["network"]["nicira"]["nvp_controllers"] %>
|
||||
|
||||
# UUID of the pre-existing default NVP Transport zone to be used for creating
|
||||
# tunneled isolated "Quantum" networks. This option MUST be specified, e.g.:
|
||||
default_tz_uuid = <%= node["openstack"]["network"]["nicira"]["default_tx_uuid"] %>
|
||||
|
||||
# (Optional) UUID of the cluster in NVP. It can be retrieved from NVP management
|
||||
# console "admin" section.
|
||||
nvp_cluster_uuid = <%= node["openstack"]["network"]["nicira"]["nvp_cluster_uuid"] %>
|
||||
|
||||
# (Optional) UUID for the default l3 gateway service to use with this cluster.
|
||||
# To be specified if planning to use logical routers with external gateways.
|
||||
default_l3_gw_service_uuid = <%= node["openstack"]["network"]["nicira"]["default_l3_gateway_service_uuid"] %>
|
||||
|
||||
# (Optional) UUID for the default l2 gateway service to use with this cluster.
|
||||
# To be specified for providing a predefined gateway tenant for connecting their networks.
|
||||
default_l2_gw_service_uuid = <%= node["openstack"]["network"]["nicira"]["default_l2_gateway_service_uuid"] %>
|
||||
|
||||
# Name of the default interface name to be used on network-gateway. This value
|
||||
# will be used for any device associated with a network gateway for which an
|
||||
# interface name was not specified
|
||||
default_iface_name = <%= node["openstack"]["network"]["nicira"]["default_iface_name"] %>
|
||||
|
||||
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://root:quantum@127.0.0.1:3306/nvp_quantum
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main quantum server. (Leave it as is if the database runs on this host.)
|
||||
sql_connection = <%= @sql_connection %>
|
||||
|
||||
# Number of reconnection attempts to the DB; Set to -1 to try indefinitely
|
||||
# sql_max_retries = 10
|
||||
|
||||
# Period between reconnection attempts to the DB
|
||||
# reconnect_interval = 2
|
||||
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
|
||||
# sql_dbpool_enable = False
|
||||
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
|
||||
[QUOTAS]
|
||||
# number of network gateways allowed per tenant, -1 means unlimited
|
||||
quota_network_gateway = <%= node["openstack"]["network"]["nicira"]["quota_network_gateway"] %>
|
||||
|
||||
|
||||
[NVP]
|
||||
# Maximum number of ports for each bridged logical switch
|
||||
max_lp_per_bridged_ls = <%= node["openstack"]["network"]["nicira"]["max_lp_per_bridged_ls"] %>
|
||||
|
||||
# Maximum number of ports for each overlay (stt, gre) logical switch
|
||||
max_lp_per_overlay_ls = <%= node["openstack"]["network"]["nicira"]["max_lp_per_overlay_ls"] %>
|
||||
|
||||
# Number of connects to each controller node.
|
||||
concurrent_connections = <%= node["openstack"]["network"]["nicira"]["concurrent_connections"] %>
|
||||
|
||||
# Acceptable values for 'metadata_mode' are:
|
||||
# - 'access_network': this enables a dedicated connection to the metadata
|
||||
# proxy for metadata server access via Quantum router.
|
||||
# - 'dhcp_host_route': this enables host route injection via the dhcp agent.
|
||||
# This option is only useful if running on a host that does not support
|
||||
# namespaces otherwise access_network should be used.
|
||||
metadata_mode = <%= node["openstack"]["network"]["nicira"]["metadata_mode"] %>
|
|
@ -0,0 +1,138 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://root:nova@127.0.0.1:3306/ovs_quantum
|
||||
# Replace 127.0.0.1 above with the IP address of the database used by the
|
||||
# main quantum server. (Leave it as is if the database runs on this host.)
|
||||
sql_connection = <%= @sql_connection %>
|
||||
# Database reconnection retry times - in event connectivity is lost
|
||||
# set to -1 implies an infinite retry count
|
||||
# sql_max_retries = 10
|
||||
# Database reconnection interval in seconds - if the initial connection to the
|
||||
# database fails
|
||||
reconnect_interval = 2
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
[OVS]
|
||||
# (StrOpt) Type of network to allocate for tenant networks. The
|
||||
# default value 'local' is useful only for single-box testing and
|
||||
# provides no connectivity between hosts. You MUST either change this
|
||||
# to 'vlan' and configure network_vlan_ranges below or change this to
|
||||
# 'gre' and configure tunnel_id_ranges below in order for tenant
|
||||
# networks to provide connectivity between hosts. Set to 'none' to
|
||||
# disable creation of tenant networks.
|
||||
#
|
||||
# Default: tenant_network_type = local
|
||||
# Example: tenant_network_type = gre
|
||||
tenant_network_type = <%= node["openstack"]["network"]["openvswitch"]["tenant_network_type"] %>
|
||||
|
||||
# (ListOpt) Comma-separated list of
|
||||
# <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating ranges
|
||||
# of VLAN IDs on named physical networks that are available for
|
||||
# allocation. All physical networks listed are available for flat and
|
||||
# VLAN provider network creation. Specified ranges of VLAN IDs are
|
||||
# available for tenant network allocation if tenant_network_type is
|
||||
# 'vlan'. If empty, only gre and local networks may be created.
|
||||
#
|
||||
# Default: network_vlan_ranges =
|
||||
# Example: network_vlan_ranges = physnet1:1000:2999
|
||||
network_vlan_ranges = <%= node["openstack"]["network"]["openvswitch"]["network_vlan_ranges"] %>
|
||||
|
||||
# (BoolOpt) Set to True in the server and the agents to enable support
|
||||
# for GRE networks. Requires kernel support for OVS patch ports and
|
||||
# GRE tunneling.
|
||||
#
|
||||
# Default: enable_tunneling = False
|
||||
enable_tunneling = <%= node["openstack"]["network"]["openvswitch"]["enable_tunneling"] %>
|
||||
|
||||
# (ListOpt) Comma-separated list of <tun_min>:<tun_max> tuples
|
||||
# enumerating ranges of GRE tunnel IDs that are available for tenant
|
||||
# network allocation if tenant_network_type is 'gre'.
|
||||
#
|
||||
# Default: tunnel_id_ranges =
|
||||
# Example: tunnel_id_ranges = 1:1000
|
||||
tunnel_id_ranges = <%= node["openstack"]["network"]["openvswitch"]["tunnel_id_ranges"] %>
|
||||
|
||||
# Do not change this parameter unless you have a good reason to.
|
||||
# This is the name of the OVS integration bridge. There is one per hypervisor.
|
||||
# The integration bridge acts as a virtual "patch bay". All VM VIFs are
|
||||
# attached to this bridge and then "patched" according to their network
|
||||
# connectivity.
|
||||
#
|
||||
# Default: integration_bridge = br-int
|
||||
integration_bridge = <%= node["openstack"]["network"]["openvswitch"]["integration_bridge"] %>
|
||||
|
||||
# Only used for the agent if tunnel_id_ranges (above) is not empty for
|
||||
# the server. In most cases, the default value should be fine.
|
||||
#
|
||||
# Default: tunnel_bridge = br-tun
|
||||
tunnel_bridge = <%= node["openstack"]["network"]["openvswitch"]["tunnel_bridge"] %>
|
||||
|
||||
# Peer patch port in integration bridge for tunnel bridge
|
||||
# int_peer_patch_port = patch-tun
|
||||
int_peer_patch_port = <%= node["openstack"]["network"]["openvswitch"]["int_peer_patch_port"] %>
|
||||
|
||||
# Peer patch port in tunnel bridge for integration bridge
|
||||
# tun_peer_patch_port = patch-int
|
||||
tun_peer_patch_port = <%= node["openstack"]["network"]["openvswitch"]["tun_peer_patch_port"] %>
|
||||
|
||||
# Uncomment this line for the agent if tunnel_id_ranges (above) is not
|
||||
# empty for the server. Set local-ip to be the local IP address of
|
||||
# this hypervisor.
|
||||
#
|
||||
# Default: local_ip =
|
||||
local_ip = <%= node["openstack"]["network"]["openvswitch"]["local_ip"] %>
|
||||
|
||||
# (ListOpt) Comma-separated list of <physical_network>:<bridge> tuples
|
||||
# mapping physical network names to the agent's node-specific OVS
|
||||
# bridge names to be used for flat and VLAN networks. The length of
|
||||
# bridge names should be no more than 11. Each bridge must
|
||||
# exist, and should have a physical network interface configured as a
|
||||
# port. All physical networks listed in network_vlan_ranges on the
|
||||
# server should have mappings to appropriate bridges on each agent.
|
||||
#
|
||||
# Default: bridge_mappings =
|
||||
# Example: bridge_mappings = physnet1:br-eth1
|
||||
bridge_mappings = <%= node["openstack"]["network"]["openvswitch"]["bridge_mappings"] %>
|
||||
|
||||
[AGENT]
|
||||
# Agent's polling interval in seconds
|
||||
polling_interval = 2
|
||||
|
||||
[SECURITYGROUP]
|
||||
# Firewall driver for realizing quantum security group function
|
||||
# firewall_driver = quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
||||
|
||||
#-----------------------------------------------------------------------------
|
||||
# Sample Configurations.
|
||||
#-----------------------------------------------------------------------------
|
||||
#
|
||||
# 1. With VLANs on eth1.
|
||||
# [DATABASE]
|
||||
# sql_connection = mysql://root:nova@127.0.0.1:3306/ovs_quantum
|
||||
# [OVS]
|
||||
# network_vlan_ranges = default:2000:3999
|
||||
# tunnel_id_ranges =
|
||||
# integration_bridge = br-int
|
||||
# bridge_mappings = default:br-eth1
|
||||
# [AGENT]
|
||||
# Add the following setting, if you want to log to a file
|
||||
#
|
||||
# 2. With tunneling.
|
||||
# [DATABASE]
|
||||
# sql_connection = mysql://root:nova@127.0.0.1:3306/ovs_quantum
|
||||
# [OVS]
|
||||
# network_vlan_ranges =
|
||||
# tunnel_id_ranges = 1:1000
|
||||
# integration_bridge = br-int
|
||||
# tunnel_bridge = br-tun
|
||||
# local_ip = 10.0.0.3
|
|
@ -0,0 +1,38 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example:
|
||||
# sql_connection = mysql://<user>:<pass>@<host>:3306/plumgrid_quantum
|
||||
# Replace <host> above with the IP address of the database used by the
|
||||
# main quantum server.
|
||||
sql_connection = <%= @sql_connection %>
|
||||
# Database reconnection retry times - in event connectivity is lost
|
||||
# set to -1 implies an infinite retry count
|
||||
# sql_max_retries = 10
|
||||
# Database reconnection interval in seconds - if the initial connection to the
|
||||
# database fails
|
||||
# reconnect_interval = 2
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
[PLUMgridNOS]
|
||||
# This line should be pointing to the NOS server,
|
||||
# for the PLUMgrid platform. In other deployments,
|
||||
# this is known as controller
|
||||
nos_server = <%= node["openstack"]["network"]["plumgrid"]["nos_server"] %>
|
||||
nos_server_port = <%= node["openstack"]["network"]["plumgrid"]["nos_server"] %>
|
||||
# Authentification parameters for the NOS server.
|
||||
# These are the admin credentials to manage and control
|
||||
# the NOS server.
|
||||
username = <%= node["openstack"]["network"]["plumgrid"]["nos_server"] %>
|
||||
password = <%= node["openstack"]["network"]["plumgrid"]["nos_server"] %>
|
||||
servertimeout = <%= node["openstack"]["network"]["plumgrid"]["nos_server"] %>
|
||||
# Name of the network topology to be deployed by NOS
|
||||
topologyname = <%= node["openstack"]["network"]["plumgrid"]["nos_server"] %>
|
|
@ -0,0 +1,58 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[DATABASE]
|
||||
# This line MUST be changed to actually run the plugin.
|
||||
# Example: sql_connection = mysql://root:nova@127.0.0.1:3306/ryu_quantum
|
||||
sql_connection = <%= @sql_connection %>
|
||||
# Enable the use of eventlet's db_pool for MySQL. The flags sql_min_pool_size,
|
||||
# sql_max_pool_size and sql_idle_timeout are relevant only if this is enabled.
|
||||
# sql_dbpool_enable = False
|
||||
# Minimum number of SQL connections to keep open in a pool
|
||||
# sql_min_pool_size = 1
|
||||
# Maximum number of SQL connections to keep open in a pool
|
||||
# sql_max_pool_size = 5
|
||||
# Timeout in seconds before idle sql connections are reaped
|
||||
# sql_idle_timeout = 3600
|
||||
|
||||
[OVS]
|
||||
# Do not change this parameter unless you have a good reason to.
|
||||
# This is the name of the OVS integration bridge. There is one per hypervisor.
|
||||
# The integration bridge acts as a virtual "patch port". All VM VIFs are
|
||||
# attached to this bridge and then "patched" according to their network
|
||||
# connectivity.
|
||||
integration_bridge = <%= node["openstack"]["network"]["ryu"]["integration_bridge"] %>
|
||||
|
||||
# openflow_rest_api = <host IP address of ofp rest api service>:<port: 8080>
|
||||
openflow_rest_api = <%= node["openstack"]["network"]["ryu"]["openflow_rest_api"] %>
|
||||
|
||||
# tunnel key range: 0 < tunnel_key_min < tunnel_key_max
|
||||
# VLAN: 12bits, GRE, VXLAN: 24bits
|
||||
tunnel_key_min = <%= node["openstack"]["network"]["ryu"]["tunnel_key_min"] %>
|
||||
tunnel_key_max = <%= node["openstack"]["network"]["ryu"]["tunnel_key_max"] %>
|
||||
|
||||
# tunnel_ip = <ip address for tunneling>
|
||||
# tunnel_interface = interface for tunneling
|
||||
# when tunnel_ip is NOT specified, ip address is read
|
||||
# from this interface
|
||||
tunnel_ip = <%= node["openstack"]["network"]["ryu"]["tunnel_ip"] %>
|
||||
tunnel_interface = <%= node["openstack"]["network"]["ryu"]["tunnel_interface"] %>
|
||||
|
||||
# ovsdb_port = port number on which ovsdb is listening
|
||||
# ryu-agent uses this parameter to setup ovsdb.
|
||||
# ovs-vsctl set-manager ptcp:<ovsdb_port>
|
||||
# See set-manager section of man ovs-vsctl for details.
|
||||
# currently ptcp is only supported.
|
||||
# ovsdb_ip = <host IP address on which ovsdb is listening>
|
||||
# ovsdb_interface = interface for ovsdb
|
||||
# when ovsdb_addr NOT specifiied, ip address is gotten
|
||||
# from this interface
|
||||
ovsdb_port = <%= node["openstack"]["network"]["ryu"]["ovsdb_port"] %>
|
||||
ovsdb_ip = <%= node["openstack"]["network"]["ryu"]["ovsdb_ip"] %>
|
||||
ovsdb_interface = <%= node["openstack"]["network"]["ryu"]["ovsdb_interface"] %>
|
||||
|
||||
[SECURITYGROUP]
|
||||
# Firewall driver for realizing quantum security group function
|
||||
firewall_driver = <%= node["openstack"]["network"]["ryu"]["firewall_driver"] %>
|
||||
|
||||
[AGENT]
|
||||
# Agent's polling interval in seconds
|
||||
polling_interval = <%= node["openstack"]["network"]["ryu"]["polling_interval"] %>
|
|
@ -0,0 +1,76 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
{
|
||||
"context_is_admin": "role:admin",
|
||||
"admin_or_owner": "rule:context_is_admin or tenant_id:%(tenant_id)s",
|
||||
"admin_or_network_owner": "rule:context_is_admin or tenant_id:%(network_tenant_id)s",
|
||||
"admin_only": "rule:context_is_admin",
|
||||
"regular_user": "",
|
||||
"shared": "field:networks:shared=True",
|
||||
"external": "field:networks:router:external=True",
|
||||
"default": "rule:admin_or_owner",
|
||||
|
||||
"extension:provider_network:view": "rule:admin_only",
|
||||
"extension:provider_network:set": "rule:admin_only",
|
||||
|
||||
"extension:router:view": "rule:regular_user",
|
||||
|
||||
"extension:port_binding:view": "rule:admin_only",
|
||||
"extension:port_binding:set": "rule:admin_only",
|
||||
|
||||
"subnets:private:read": "rule:admin_or_owner",
|
||||
"subnets:private:write": "rule:admin_or_owner",
|
||||
"subnets:shared:read": "rule:regular_user",
|
||||
"subnets:shared:write": "rule:admin_only",
|
||||
|
||||
"create_subnet": "rule:admin_or_network_owner",
|
||||
"get_subnet": "rule:admin_or_owner or rule:shared",
|
||||
"update_subnet": "rule:admin_or_network_owner",
|
||||
"delete_subnet": "rule:admin_or_network_owner",
|
||||
|
||||
"create_network": "",
|
||||
"get_network": "rule:admin_or_owner or rule:shared or rule:external",
|
||||
"create_network:shared": "rule:admin_only",
|
||||
"create_network:router:external": "rule:admin_only",
|
||||
"create_network:provider:network_type": "rule:admin_only",
|
||||
"create_network:provider:physical_network": "rule:admin_only",
|
||||
"create_network:provider:segmentation_id": "rule:admin_only",
|
||||
"update_network": "rule:admin_or_owner",
|
||||
"update_network:provider:network_type": "rule:admin_only",
|
||||
"update_network:provider:physical_network": "rule:admin_only",
|
||||
"update_network:provider:segmentation_id": "rule:admin_only",
|
||||
"delete_network": "rule:admin_or_owner",
|
||||
|
||||
"create_port": "",
|
||||
"create_port:mac_address": "rule:admin_or_network_owner",
|
||||
"create_port:fixed_ips": "rule:admin_or_network_owner",
|
||||
"create_port:port_security_enabled": "rule:admin_or_network_owner",
|
||||
"get_port": "rule:admin_or_owner",
|
||||
"update_port": "rule:admin_or_owner",
|
||||
"update_port:fixed_ips": "rule:admin_or_network_owner",
|
||||
"update_port:port_security_enabled": "rule:admin_or_network_owner",
|
||||
"delete_port": "rule:admin_or_owner",
|
||||
|
||||
"extension:service_type:view_extended": "rule:admin_only",
|
||||
"create_service_type": "rule:admin_only",
|
||||
"update_service_type": "rule:admin_only",
|
||||
"delete_service_type": "rule:admin_only",
|
||||
"get_service_type": "rule:regular_user",
|
||||
|
||||
"create_qos_queue": "rule:admin_only",
|
||||
"get_qos_queue": "rule:admin_only",
|
||||
"get_qos_queues": "rule:admin_only",
|
||||
|
||||
"update_agent": "rule:admin_only",
|
||||
"delete_agent": "rule:admin_only",
|
||||
"get_agent": "rule:admin_only",
|
||||
"get_agents": "rule:admin_only",
|
||||
|
||||
"create_dhcp-network": "rule:admin_only",
|
||||
"delete_dhcp-network": "rule:admin_only",
|
||||
"get_dhcp-networks": "rule:admin_only",
|
||||
"create_l3-router": "rule:admin_only",
|
||||
"delete_l3-router": "rule:admin_only",
|
||||
"get_l3-routers": "rule:admin_only",
|
||||
"get_dhcp-agents": "rule:admin_only",
|
||||
"get_l3-agents": "rule:admin_only"
|
||||
}
|
|
@ -0,0 +1,298 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
[DEFAULT]
|
||||
# Default log level is INFO
|
||||
# verbose and debug has the same result.
|
||||
# One of them will set DEBUG log level output
|
||||
debug = <%= node["openstack"]["network"]["debug"] %>
|
||||
verbose = <%= node["openstack"]["network"]["verbose"] %>
|
||||
|
||||
# Where to store Quantum state files. This directory must be writable by the
|
||||
# user executing the agent.
|
||||
# state_path = /var/lib/quantum
|
||||
|
||||
# Where to store lock files
|
||||
lock_path = $state_path/lock
|
||||
|
||||
# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s
|
||||
# log_date_format = %Y-%m-%d %H:%M:%S
|
||||
|
||||
# use_syslog -> syslog
|
||||
# log_file and log_dir -> log_dir/log_file
|
||||
# (not log_file) and log_dir -> log_dir/{binary_name}.log
|
||||
# use_stderr -> stderr
|
||||
# (not user_stderr) and (not log_file) -> stdout
|
||||
# publish_errors -> notification system
|
||||
|
||||
# use_syslog = False
|
||||
# syslog_log_facility = LOG_USER
|
||||
|
||||
# use_stderr = True
|
||||
# log_file =
|
||||
# log_dir =
|
||||
|
||||
# publish_errors = False
|
||||
|
||||
# Address to bind the API server
|
||||
bind_host = <%= @bind_address %>
|
||||
|
||||
# Port the bind the API server to
|
||||
bind_port = <%= @bind_port %>
|
||||
|
||||
# Path to the extensions. Note that this can be a colon-separated list of
|
||||
# paths. For example:
|
||||
# api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions
|
||||
# The __path__ of quantum.extensions is appended to this, so if your
|
||||
# extensions are in there you don't need to specify them here
|
||||
# api_extensions_path =
|
||||
|
||||
# Quantum plugin provider module
|
||||
# core_plugin =
|
||||
core_plugin = <%= @core_plugin %>
|
||||
|
||||
# Advanced service modules
|
||||
# service_plugins =
|
||||
|
||||
# Paste configuration file
|
||||
api_paste_config = api-paste.ini
|
||||
|
||||
# The strategy to be used for auth.
|
||||
# Supported values are 'keystone'(default), 'noauth'.
|
||||
# auth_strategy = keystone
|
||||
|
||||
# Base MAC address. The first 3 octets will remain unchanged. If the
|
||||
# 4h octet is not 00, it will also used. The others will be
|
||||
# randomly generated.
|
||||
# 3 octet
|
||||
# base_mac = fa:16:3e:00:00:00
|
||||
# 4 octet
|
||||
# base_mac = fa:16:3e:4f:00:00
|
||||
|
||||
# Maximum amount of retries to generate a unique MAC address
|
||||
# mac_generation_retries = 16
|
||||
|
||||
# DHCP Lease duration (in seconds)
|
||||
# dhcp_lease_duration = 120
|
||||
|
||||
# Allow sending resource operation notification to DHCP agent
|
||||
# dhcp_agent_notification = True
|
||||
|
||||
# Enable or disable bulk create/update/delete operations
|
||||
# allow_bulk = True
|
||||
# Enable or disable pagination
|
||||
# allow_pagination = False
|
||||
# Enable or disable sorting
|
||||
# allow_sorting = False
|
||||
# Enable or disable overlapping IPs for subnets
|
||||
# Attention: the following parameter MUST be set to False if Quantum is
|
||||
# being used in conjunction with nova security groups and/or metadata service.
|
||||
# allow_overlapping_ips = False
|
||||
# Ensure that configured gateway is on subnet
|
||||
# force_gateway_on_subnet = False
|
||||
|
||||
|
||||
# RPC configuration options. Defined in rpc __init__
|
||||
# The messaging module to use, defaults to kombu.
|
||||
# rpc_backend = quantum.openstack.common.rpc.impl_kombu
|
||||
# Size of RPC thread pool
|
||||
# rpc_thread_pool_size = 64,
|
||||
# Size of RPC connection pool
|
||||
# rpc_conn_pool_size = 30
|
||||
# Seconds to wait for a response from call or multicall
|
||||
# rpc_response_timeout = 60
|
||||
# Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.
|
||||
# rpc_cast_timeout = 30
|
||||
# Modules of exceptions that are permitted to be recreated
|
||||
# upon receiving exception data from an rpc call.
|
||||
# allowed_rpc_exception_modules = quantum.openstack.common.exception, nova.exception
|
||||
# AMQP exchange to connect to if using RabbitMQ or QPID
|
||||
control_exchange = quantum
|
||||
|
||||
# Configuration options if sending notifications via kombu rpc (these are
|
||||
# the defaults)
|
||||
# SSL version to use (valid only if SSL enabled)
|
||||
# kombu_ssl_version =
|
||||
# SSL key file (valid only if SSL enabled)
|
||||
# kombu_ssl_keyfile =
|
||||
# SSL cert file (valid only if SSL enabled)
|
||||
# kombu_ssl_certfile =
|
||||
# SSL certification authority file (valid only if SSL enabled)'
|
||||
# kombu_ssl_ca_certs =
|
||||
|
||||
##### RABBITMQ #####
|
||||
rabbit_userid=<%= @rabbit_user %>
|
||||
rabbit_password=<%= @rabbit_password %>
|
||||
rabbit_port=<%= @rabbit_port %>
|
||||
rabbit_host=<%= @rabbit_ipaddress %>
|
||||
rabbit_virtual_host=<%= @rabbit_virtual_host %>
|
||||
# Maximum retries with trying to connect to RabbitMQ
|
||||
# (the default of 0 implies an infinite retry count)
|
||||
# rabbit_max_retries = 0
|
||||
# RabbitMQ connection retry interval
|
||||
# rabbit_retry_interval = 1
|
||||
# Use HA queues in RabbitMQ (x-ha-policy: all).You need to
|
||||
# wipe RabbitMQ database when changing this option. (boolean value)
|
||||
# rabbit_ha_queues = false
|
||||
|
||||
# QPID
|
||||
# rpc_backend=quantum.openstack.common.rpc.impl_qpid
|
||||
# Qpid broker hostname
|
||||
# qpid_hostname = localhost
|
||||
# Qpid broker port
|
||||
# qpid_port = 5672
|
||||
# Qpid single or HA cluster (host:port pairs i.e: host1:5672, host2:5672)
|
||||
# qpid_hosts is defaulted to '$qpid_hostname:$qpid_port'
|
||||
# qpid_hosts = localhost:5672
|
||||
# Username for qpid connection
|
||||
# qpid_username = ''
|
||||
# Password for qpid connection
|
||||
# qpid_password = ''
|
||||
# Space separated list of SASL mechanisms to use for auth
|
||||
# qpid_sasl_mechanisms = ''
|
||||
# Seconds between connection keepalive heartbeats
|
||||
# qpid_heartbeat = 60
|
||||
# Transport to use, either 'tcp' or 'ssl'
|
||||
# qpid_protocol = tcp
|
||||
# Disable Nagle algorithm
|
||||
# qpid_tcp_nodelay = True
|
||||
|
||||
# ZMQ
|
||||
# rpc_backend=quantum.openstack.common.rpc.impl_zmq
|
||||
# ZeroMQ bind address. Should be a wildcard (*), an ethernet interface, or IP.
|
||||
# The "host" option should point or resolve to this address.
|
||||
# rpc_zmq_bind_address = *
|
||||
|
||||
# ============ Notification System Options =====================
|
||||
|
||||
# Notifications can be sent when network/subnet/port are create, updated or deleted.
|
||||
# There are three methods of sending notifications: logging (via the
|
||||
# log_file directive), rpc (via a message queue) and
|
||||
# noop (no notifications sent, the default)
|
||||
|
||||
# Notification_driver can be defined multiple times
|
||||
# Do nothing driver
|
||||
# notification_driver = quantum.openstack.common.notifier.no_op_notifier
|
||||
# Logging driver
|
||||
# notification_driver = quantum.openstack.common.notifier.log_notifier
|
||||
# RPC driver. DHCP agents needs it.
|
||||
notification_driver = quantum.openstack.common.notifier.rpc_notifier
|
||||
|
||||
# default_notification_level is used to form actual topic name(s) or to set logging level
|
||||
default_notification_level = INFO
|
||||
|
||||
# default_publisher_id is a part of the notification payload
|
||||
# host = myhost.com
|
||||
# default_publisher_id = $host
|
||||
|
||||
# Defined in rpc_notifier, can be comma separated values.
|
||||
# The actual topic names will be %s.%(default_notification_level)s
|
||||
notification_topics = notifications
|
||||
|
||||
# Default maximum number of items returned in a single response,
|
||||
# value == infinite and value < 0 means no max limit, and value must
|
||||
# greater than 0. If the number of items requested is greater than
|
||||
# pagination_max_limit, server will just return pagination_max_limit
|
||||
# of number of items.
|
||||
# pagination_max_limit = -1
|
||||
|
||||
# Maximum number of DNS nameservers per subnet
|
||||
# max_dns_nameservers = 5
|
||||
|
||||
# Maximum number of host routes per subnet
|
||||
# max_subnet_host_routes = 20
|
||||
|
||||
# Maximum number of fixed ips per port
|
||||
# max_fixed_ips_per_port = 5
|
||||
|
||||
# =========== items for agent management extension =============
|
||||
# Seconds to regard the agent as down.
|
||||
# agent_down_time = 5
|
||||
# =========== end of items for agent management extension =====
|
||||
|
||||
# =========== items for agent scheduler extension =============
|
||||
# Driver to use for scheduling network to DHCP agent
|
||||
# network_scheduler_driver = quantum.scheduler.dhcp_agent_scheduler.ChanceScheduler
|
||||
# Driver to use for scheduling router to a default L3 agent
|
||||
# router_scheduler_driver = quantum.scheduler.l3_agent_scheduler.ChanceScheduler
|
||||
|
||||
# Allow auto scheduling networks to DHCP agent. It will schedule non-hosted
|
||||
# networks to first DHCP agent which sends get_active_networks message to
|
||||
# quantum server
|
||||
# network_auto_schedule = True
|
||||
|
||||
# Allow auto scheduling routers to L3 agent. It will schedule non-hosted
|
||||
# routers to first L3 agent which sends sync_routers message to quantum server
|
||||
# router_auto_schedule = True
|
||||
# =========== end of items for agent scheduler extension =====
|
||||
|
||||
# =========== WSGI parameters related to the API server ==============
|
||||
# Sets the value of TCP_KEEPIDLE in seconds to use for each server socket when
|
||||
# starting API server. Not supported on OS X.
|
||||
#tcp_keepidle = 600
|
||||
|
||||
# Number of seconds to keep retrying to listen
|
||||
#retry_until_window = 30
|
||||
|
||||
# Number of backlog requests to configure the socket with.
|
||||
#backlog = 4096
|
||||
|
||||
# Enable SSL on the API server
|
||||
#use_ssl = False
|
||||
|
||||
# Certificate file to use when starting API server securely
|
||||
#ssl_cert_file = /path/to/certfile
|
||||
|
||||
# Private key file to use when starting API server securely
|
||||
#ssl_key_file = /path/to/keyfile
|
||||
|
||||
# CA certificate file to use when starting API server securely to
|
||||
# verify connecting clients. This is an optional parameter only required if
|
||||
# API clients need to authenticate to the API server using SSL certificates
|
||||
# signed by a trusted CA
|
||||
#ssl_ca_file = /path/to/cafile
|
||||
# ======== end of WSGI parameters related to the API server ==========
|
||||
|
||||
[QUOTAS]
|
||||
# resource name(s) that are supported in quota features
|
||||
# quota_items = network,subnet,port
|
||||
|
||||
# default number of resource allowed per tenant, minus for unlimited
|
||||
# default_quota = -1
|
||||
|
||||
# number of networks allowed per tenant, and minus means unlimited
|
||||
# quota_network = 10
|
||||
|
||||
# number of subnets allowed per tenant, and minus means unlimited
|
||||
# quota_subnet = 10
|
||||
|
||||
# number of ports allowed per tenant, and minus means unlimited
|
||||
# quota_port = 50
|
||||
|
||||
# number of security groups allowed per tenant, and minus means unlimited
|
||||
# quota_security_group = 10
|
||||
|
||||
# number of security group rules allowed per tenant, and minus means unlimited
|
||||
# quota_security_group_rule = 100
|
||||
|
||||
# default driver to use for quota checks
|
||||
# quota_driver = quantum.quota.ConfDriver
|
||||
|
||||
[DEFAULT_SERVICETYPE]
|
||||
# Description of the default service type (optional)
|
||||
# description = "default service type"
|
||||
# Enter a service definition line for each advanced service provided
|
||||
# by the default service type.
|
||||
# Each service definition should be in the following format:
|
||||
# <service>:<plugin>[:driver]
|
||||
|
||||
[AGENT]
|
||||
# Use "sudo quantum-rootwrap /etc/quantum/rootwrap.conf" to use the real
|
||||
# root filter facility.
|
||||
# Change to "sudo" to skip the filtering and just run the comand directly
|
||||
# root_helper = sudo
|
||||
|
||||
# =========== items for agent management extension =============
|
||||
# seconds between nodes reporting state to server, should be less than
|
||||
# agent_down_time
|
||||
# report_interval = 4
|
||||
|
||||
# =========== end of items for agent management extension =====
|
|
@ -0,0 +1,6 @@
|
|||
<%= node["openstack"]["network"]["custom_template_banner"] %>
|
||||
|
||||
[DEFAULT]
|
||||
# List of directories to load filter definitions from (separated by ',').
|
||||
# These directories MUST all be only writeable by root !
|
||||
filters_path=/etc/quantum/rootwrap.d,/usr/share/quantum/rootwrap
|
Loading…
Reference in New Issue