Add new attributes in linuxbridge plugin templates

Add new attributes in linuxbridge plugin templates to support vxlan.

Implements: blueprint neutron-ml2
Change-Id: I8b65488d04acd7e3ec865f89b3c1363387cae8ed

CHANGELOG.md

@@ -2,6 +2,9 @@
 
 This file is used to list changes made in each version of cookbook-openstack-network.
 
+## 8.3.0
+* Add new attributes to support vxlan in linuxbridge plugin template
+
 ## 8.2.0
 * Move the database section into neutron.conf from plugins
 * Make the service_provider attribute configurable

README.md

@@ -90,6 +90,21 @@ TODO: move rabbit parameters under openstack["network"]["mq"]
 * `openstack["network"]["mq"]["qpid"]["protocol"]` - Protocol to use. Default tcp.
 * `openstack["network"]["mq"]["qpid"]["tcp_nodelay"]` - Disable the Nagle algorithm. default disabled.
 
+Linuxbridge plugin attributes
+-----------------------------
+* `openstack['openstack']['network']['linuxbridge']['tenant_network_type']` - Type of network to allocate for tenant networks. (default 'local')
+* `openstack['openstack']['network']['linuxbridge']['network_vlan_ranges']` - Comma-separated list of <physical_network>[:<vlan_min>:<vlan_max>] tuples enumerating ranges of VLAN IDs
+* `openstack['openstack']['network']['linuxbridge']['physical_interface_mappings']` - (ListOpt) Comma-separated list of <physical_network>:<physical_interface> tuples mapping physical network names
+* `openstack['openstack']['network']['linuxbridge']['enable_vxlan']` - (BoolOpt) enable VXLAN on the agent. (default false)
+* `openstack['openstack']['network']['linuxbridge']['ttl']` - (IntOpt) use specific TTL for vxlan interface protocol packets
+* `openstack['openstack']['network']['linuxbridge']['tos']` - (IntOpt) use specific TOS for vxlan interface protocol packets
+* `openstack['openstack']['network']['linuxbridge']['vxlan_group']` - (StrOpt) multicast group to use for broadcast emulation. (default '224.0.0.1')
+* `openstack['openstack']['network']['linuxbridge']['local_ip']` - (StrOpt) Local IP address to use for VXLAN endpoints (required). (default '127.0.0.1')
+* `openstack['openstack']['network']['linuxbridge']['local_ip_interface']` - (StrOpt) Local IP address of the specified interface. (default nil)
+* `openstack['openstack']['network']['linuxbridge']['l2_population']` - (BoolOpt) Flag to enable l2population extension. (default false)
+* `openstack['openstack']['network']['linuxbridge']['polling_interval']` - Agent polling interval in seconds. (default 2)
+* `openstack['openstack']['network']['linuxbridge']['rpc_support_old_agents']` - (BoolOpt) Enable server RPC compatibility with old (pre-havana). (default false)
+* `openstack['openstack']['network']['linuxbridge']['firewall_driver']` - Firewall driver for realizing neutron security group function
 
 Templates
 =========

attributes/default.rb

@@ -449,6 +449,53 @@ default['openstack']['network']['linuxbridge']['network_vlan_ranges'] = ''
 # Example: physical_interface_mappings = physnet1:eth1
 default['openstack']['network']['linuxbridge']['physical_interface_mappings'] = ''
 
+# (BoolOpt) enable VXLAN on the agent
+# VXLAN support can be enabled when agent is managed by ml2 plugin using
+# linuxbridge mechanism driver. Useless if set while using linuxbridge plugin.
+default['openstack']['network']['linuxbridge']['enable_vxlan'] = false
+
+# (IntOpt) use specific TTL for vxlan interface protocol packets
+default['openstack']['network']['linuxbridge']['ttl'] = ''
+
+# (IntOpt) use specific TOS for vxlan interface protocol packets
+default['openstack']['network']['linuxbridge']['tos'] = ''
+
+# (StrOpt) multicast group to use for broadcast emulation.
+# This group must be the same on all the agents.
+default['openstack']['network']['linuxbridge']['vxlan_group'] = '224.0.0.1'
+
+# (StrOpt) Local IP address to use for VXLAN endpoints (required)
+default['openstack']['network']['linuxbridge']['local_ip'] = '127.0.0.1'
+# Uncomment this line for the agent if tunnel_id_ranges (above) is not
+# empty for the server. Set local_ip to be the local IP address of
+# this hypervisor or set the local_ip_interface parameter to use the IP
+# address of the specified interface.  If local_ip_interface is set
+# it will take precedence.
+default['openstack']['network']['linuxbridge']['local_ip_interface'] = nil
+
+# (BoolOpt) Flag to enable l2population extension. This option should be used
+# in conjunction with ml2 plugin l2population mechanism driver (in that case,
+# both linuxbridge and l2population mechanism drivers should be loaded).
+# It enables plugin to populate VXLAN forwarding table, in order to limit
+# the use of broadcast emulation (multicast will be turned off if kernel and
+# iproute2 supports unicast flooding - requires 3.11 kernel and iproute2 3.10)
+default['openstack']['network']['linuxbridge']['l2_population'] = false
+
+# Agent's polling interval in seconds
+default['openstack']['network']['linuxbridge']['polling_interval'] = 2
+
+# (BoolOpt) Enable server RPC compatibility with old (pre-havana)
+# agents.
+#
+# rpc_support_old_agents = False
+# Example: rpc_support_old_agents = True
+default['openstack']['network']['linuxbridge']['rpc_support_old_agents'] = false
+
+# Firewall driver for realizing neutron security group function
+# firewall_driver = neutron.agent.firewall.NoopFirewallDriver
+# Example: firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
+default['openstack']['network']['linuxbridge']['firewall_driver'] = 'neutron.agent.firewall.NoopFirewallDriver'
+
 # ============================= BigSwitch Plugin Configuration =============
 
 # Not really sure what this is...

metadata.rb

@@ -5,7 +5,7 @@ maintainer        'Jay Pipes <jaypipes@gmail.com>'
 license           'Apache 2.0'
 description       'Installs and configures the OpenStack Network API Service and various agents and plugins'
 long_description  IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version           '8.2.0'
+version           '8.3.0'
 recipe            'openstack-network::client', 'Install packages required for network client'
 recipe            'openstack-network::server', 'Installs packages required for a OpenStack Network server'
 recipe            'openstack-network::openvswitch', 'Installs packages required for OVS'

recipes/common.rb

@@ -123,13 +123,6 @@ else
   bind_port = node['openstack']['network']['api']['bind_port']
 end
 
-# retrieve the local interface for tunnels
-if node['openstack']['network']['openvswitch']['local_ip_interface'].nil?
-  local_ip = node['openstack']['network']['openvswitch']['local_ip']
-else
-  local_ip = address_for node['openstack']['network']['openvswitch']['local_ip_interface']
-end
-
 platform_options['neutron_client_packages'].each do |pkg|
   package pkg do
     action :upgrade
@@ -259,12 +252,21 @@ when 'hyperv'
 when 'linuxbridge'
 
   template_file = '/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini'
+  # retrieve the local interface for tunnels
+  if node['openstack']['network']['linuxbridge']['local_ip_interface'].nil?
+    local_ip = node['openstack']['network']['linuxbridge']['local_ip']
+  else
+    local_ip = address_for node['openstack']['network']['linuxbridge']['local_ip_interface']
+  end
 
   template template_file do
     source 'plugins/linuxbridge/linuxbridge_conf.ini.erb'
     owner node['openstack']['network']['platform']['user']
     group node['openstack']['network']['platform']['group']
     mode 00644
+    variables(
+      local_ip: local_ip
+    )
 
     notifies :create, "link[#{plugin_file}]", :immediately
     notifies :restart, 'service[neutron-server]', :delayed
@@ -318,6 +320,12 @@ when 'nicira'
 when 'openvswitch'
 
   template_file = '/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini'
+  # retrieve the local interface for tunnels
+  if node['openstack']['network']['openvswitch']['local_ip_interface'].nil?
+    local_ip = node['openstack']['network']['openvswitch']['local_ip']
+  else
+    local_ip = address_for node['openstack']['network']['openvswitch']['local_ip_interface']
+  end
 
   template template_file do
     source 'plugins/openvswitch/ovs_neutron_plugin.ini.erb'

spec/linuxbridge_spec.rb

@@ -44,6 +44,44 @@ describe 'openstack-network::linuxbridge' do
       it 'has proper modes' do
         expect(sprintf('%o', @file.mode)).to eq '644'
       end
+
+      it 'sets local_ip when local_ip_interface is not set' do
+        expect(@chef_run).to render_file(@file.name).with_content(
+          'local_ip = 127.0.0.1')
+      end
+
+      it 'sets xvlan attributes' do
+        expect(@chef_run).to render_file(@file.name).with_content(
+          'enable_vxlan = false')
+        expect(@chef_run).to render_file(@file.name).with_content(
+          'ttl = ')
+        expect(@chef_run).to render_file(@file.name).with_content(
+          'tos = ')
+        expect(@chef_run).to render_file(@file.name).with_content(
+          'vxlan_group = 224.0.0.1')
+        expect(@chef_run).to render_file(@file.name).with_content(
+          'l2_population = false')
+        expect(@chef_run).to render_file(@file.name).with_content(
+          'polling_interval = 2')
+        expect(@chef_run).to render_file(@file.name).with_content(
+          'rpc_support_old_agents = false')
+      end
+
+      it 'sets securitygroup attributes' do
+        expect(@chef_run).to render_file(@file.name).with_content(
+          'firewall_driver = neutron.agent.firewall.NoopFirewallDriver')
+      end
+
+      it 'it uses local_ip from eth0 when local_ip_interface is set' do
+        chef_run = ::ChefSpec::Runner.new(::UBUNTU_OPTS) do |n|
+          n.set['openstack']['network']['interface_driver'] = 'neutron.agent.linux.interface.BridgeInterfaceDriver'
+          n.set['openstack']['compute']['network']['service_type'] = 'neutron'
+          n.set['openstack']['network']['linuxbridge']['local_ip_interface'] = 'eth0'
+        end
+        filename = '/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini'
+        chef_run.converge 'openstack-network::linuxbridge'
+        expect(chef_run).to render_file(filename).with_content('local_ip = 10.0.0.2')
+      end
     end
   end
 end

templates/default/plugins/linuxbridge/linuxbridge_conf.ini.erb

@@ -1,5 +1,5 @@
 <%= node["openstack"]["network"]["custom_template_banner"] %>
-[VLANS]
+[vlans]
 # (StrOpt) Type of network to allocate for tenant networks. The
 # default value 'local' is useful only for single-box testing and
 # provides no connectivity between hosts. You MUST change this to
@@ -23,7 +23,7 @@ tenant_network_type = <%= node["openstack"]["network"]["linuxbridge"]["tenant_ne
 # Example: network_vlan_ranges = physnet1:1000:2999
 network_vlan_ranges = <%= node["openstack"]["network"]["linuxbridge"]["network_vlan_ranges"] %>
 
-[LINUX_BRIDGE]
+[linux_bridge]
 # (ListOpt) Comma-separated list of
 # <physical_network>:<physical_interface> tuples mapping physical
 # network names to the agent's node-specific physical network
@@ -33,12 +33,46 @@ network_vlan_ranges = <%= node["openstack"]["network"]["linuxbridge"]["network_v
 #
 # Default: physical_interface_mappings =
 # Example: physical_interface_mappings = physnet1:eth1
-physical_interface_mappings = <%= node["openstack"]["network"]["linuxbridge"]["physical_interface_mappings"] %>
+physical_interface_mappings = <%= node['openstack']['network']['linuxbridge']['physical_interface_mappings'] %>
 
-[AGENT]
+[vxlan]
+# (BoolOpt) enable VXLAN on the agent
+# VXLAN support can be enabled when agent is managed by ml2 plugin using
+# linuxbridge mechanism driver. Useless if set while using linuxbridge plugin.
+enable_vxlan = <%= node['openstack']['network']['linuxbridge']['enable_vxlan'] %>
+
+# (IntOpt) use specific TTL for vxlan interface protocol packets
+ttl = <%= node['openstack']['network']['linuxbridge']['ttl'] %>
+
+# (IntOpt) use specific TOS for vxlan interface protocol packets
+tos = <%= node['openstack']['network']['linuxbridge']['tos'] %>
+
+# (StrOpt) multicast group to use for broadcast emulation.
+# This group must be the same on all the agents.
+vxlan_group = <%= node['openstack']['network']['linuxbridge']['vxlan_group'] %>
+
+# (StrOpt) Local IP address to use for VXLAN endpoints (required)
+local_ip = <%= @local_ip %>
+
+# (BoolOpt) Flag to enable l2population extension. This option should be used
+# in conjunction with ml2 plugin l2population mechanism driver (in that case,
+# both linuxbridge and l2population mechanism drivers should be loaded).
+# It enables plugin to populate VXLAN forwarding table, in order to limit
+# the use of broadcast emulation (multicast will be turned off if kernel and
+# iproute2 supports unicast flooding - requires 3.11 kernel and iproute2 3.10)
+l2_population = <%= node['openstack']['network']['linuxbridge']['l2_population'] %>
+
+[agent]
 # Agent's polling interval in seconds
-polling_interval = 2
+polling_interval = <%= node['openstack']['network']['linuxbridge']['polling_interval'] %>
 
-[SECURITYGROUP]
+# (BoolOpt) Enable server RPC compatibility with old (pre-havana)
+# agents.
+#
+# rpc_support_old_agents = False
+# Example: rpc_support_old_agents = True
+rpc_support_old_agents = <%= node['openstack']['network']['linuxbridge']['rpc_support_old_agents'] %>
+
+[securitygroup]
 # Firewall driver for realizing neutron security group function
-firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
+firewall_driver = <%= node['openstack']['network']['linuxbridge']['firewall_driver'] %>