From 664b968bbe89db02311dba229de0a4f22146534b Mon Sep 17 00:00:00 2001
From: Juan Pablo Suazo <jsuazo@whitestack.com>
Date: Tue, 6 Jun 2023 18:07:30 -0400
Subject: [PATCH] Configures the tap-as-a-service neutron plugin

Adds the needed changes and configurations in
order to use the neutron plugin, tap-as-a-service,
to create port mirrors using `openstack tap` commands.

Implements: configure-taas-plugin
Depends-On: https://review.opendev.org/c/openstack/kolla/+/885151
Change-Id: Ia09e1f8b423d43c0466fe2d6605ce383fd813544
Signed-off-by: Juan Pablo Suazo <jsuazo@whitestack.com>
---
 ansible/group_vars/all.yml                    |  1 +
 ansible/roles/neutron/defaults/main.yml       |  6 +++++
 ansible/roles/neutron/tasks/config.yml        | 23 +++++++++++++++++++
 .../neutron-openvswitch-agent.json.j2         |  8 +++++++
 .../neutron/templates/neutron-server.json.j2  |  8 +++++++
 .../neutron/templates/neutron_taas.conf.j2    |  6 +++++
 ...onfigure-taas-plugin-3753573f8fd2305e.yaml |  9 ++++++++
 7 files changed, 61 insertions(+)
 create mode 100644 ansible/roles/neutron/templates/neutron_taas.conf.j2
 create mode 100644 releasenotes/notes/feature_configure-taas-plugin-3753573f8fd2305e.yaml

diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 6dd64234b6..db36bb01d8 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -727,6 +727,7 @@ enable_neutron_provider_networks: "no"
 enable_neutron_segments: "no"
 enable_neutron_packet_logging: "no"
 enable_neutron_sfc: "no"
+enable_neutron_taas: "no"
 enable_neutron_trunk: "no"
 enable_neutron_metering: "no"
 enable_neutron_infoblox_ipam_agent: "no"
diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml
index 3b0ea2d389..57927cd35d 100644
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@@ -662,6 +662,8 @@ neutron_subprojects:
     enabled: "{{ enable_neutron_vpnaas | bool }}"
   - name: "vmware-nsx"
     enabled: "{{ neutron_plugin_agent in ['vmware_dvs', 'vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] }}"
+  - name: "tap-as-a-service"
+    enabled: "{{ enable_neutron_taas | bool }}"
 
 ####################
 # Mechanism drivers
@@ -738,6 +740,8 @@ service_plugins:
     enabled: "{{ neutron_plugin_agent == 'ovn' }}"
   - name: "log"
     enabled: "{{ enable_neutron_packet_logging | bool }}"
+  - name: "taas"
+    enabled: "{{ enable_neutron_taas | bool }}"
 
 neutron_service_plugins: "{{ service_plugins | selectattr('enabled', 'equalto', true) | list }}"
 
@@ -766,6 +770,8 @@ agent_extensions:
     enabled: "{{ enable_neutron_sriov | bool }}"
   - name: "log"
     enabled: "{{ enable_neutron_packet_logging | bool }}"
+  - name: "taas"
+    enabled: "{{ enable_neutron_taas | bool }}"
 
 neutron_agent_extensions: "{{ agent_extensions | selectattr('enabled', 'equalto', true) | list }}"
 
diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml
index dfbf70384c..707f30072d 100644
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@@ -499,3 +499,26 @@
     - neutron_tls_proxy.host_in_groups | bool
   notify:
     - Restart neutron-tls-proxy container
+
+- name: Copying over neutron_taas.conf
+  become: true
+  vars:
+    service_name: "{{ item.key }}"
+    services_need_neutron_taas_conf:
+      - "neutron-server"
+      - "neutron-openvswitch-agent"
+  merge_configs:
+    sources:
+      - "{{ role_path }}/templates/neutron_taas.conf.j2"
+      - "{{ node_custom_config }}/neutron/neutron_taas.conf"
+      - "{{ node_custom_config }}/neutron/{{ inventory_hostname }}/neutron_taas.conf"
+    dest: "{{ node_config_directory }}/{{ item.key }}/neutron_taas.conf"
+    mode: "0660"
+  when:
+    - enable_neutron_taas | bool
+    - item.value.enabled | bool
+    - item.value.host_in_groups | bool
+    - item.key in services_need_neutron_taas_conf
+  with_dict: "{{ neutron_services }}"
+  notify:
+    - "Restart {{ item.key }} container"
diff --git a/ansible/roles/neutron/templates/neutron-openvswitch-agent.json.j2 b/ansible/roles/neutron/templates/neutron-openvswitch-agent.json.j2
index 2cca76036c..99f9064ef6 100644
--- a/ansible/roles/neutron/templates/neutron-openvswitch-agent.json.j2
+++ b/ansible/roles/neutron/templates/neutron-openvswitch-agent.json.j2
@@ -7,6 +7,14 @@
             "owner": "neutron",
             "perm": "0600"
         },
+{% if enable_neutron_taas | bool %}
+        {
+            "source": "{{ container_config_directory }}/neutron_taas.conf",
+            "dest": "/etc/neutron/neutron_taas.conf",
+            "owner": "neutron",
+            "perm": "0600"
+        },
+{% endif %}
 {% if check_extra_ml2_plugins is defined and check_extra_ml2_plugins.matched > 0 %}{% for plugin in check_extra_ml2_plugins.files %}
         {
             "source": "{{ container_config_directory }}/{{ plugin.path | basename }}",
diff --git a/ansible/roles/neutron/templates/neutron-server.json.j2 b/ansible/roles/neutron/templates/neutron-server.json.j2
index f1e93a72c3..8d6904eac1 100644
--- a/ansible/roles/neutron/templates/neutron-server.json.j2
+++ b/ansible/roles/neutron/templates/neutron-server.json.j2
@@ -13,6 +13,14 @@
             "owner": "neutron",
             "perm": "0600"
         },
+{% if enable_neutron_taas | bool %}
+        {
+            "source": "{{ container_config_directory }}/neutron_taas.conf",
+            "dest": "/etc/neutron/neutron_taas.conf",
+            "owner": "neutron",
+            "perm": "0600"
+        },
+{% endif %}
         {% if neutron_policy_file is defined %}{
             "source": "{{ container_config_directory }}/{{ neutron_policy_file }}",
             "dest": "/etc/neutron/{{ neutron_policy_file }}",
diff --git a/ansible/roles/neutron/templates/neutron_taas.conf.j2 b/ansible/roles/neutron/templates/neutron_taas.conf.j2
new file mode 100644
index 0000000000..5031871834
--- /dev/null
+++ b/ansible/roles/neutron/templates/neutron_taas.conf.j2
@@ -0,0 +1,6 @@
+[service_providers]
+service_provider = TAAS:TAAS:neutron_taas.services.taas.service_drivers.taas_rpc.TaasRpcDriver:default
+
+[taas]
+driver = neutron_taas.services.taas.drivers.linux.ovs_taas.OvsTaasDriver
+enabled = True
diff --git a/releasenotes/notes/feature_configure-taas-plugin-3753573f8fd2305e.yaml b/releasenotes/notes/feature_configure-taas-plugin-3753573f8fd2305e.yaml
new file mode 100644
index 0000000000..22106e784f
--- /dev/null
+++ b/releasenotes/notes/feature_configure-taas-plugin-3753573f8fd2305e.yaml
@@ -0,0 +1,9 @@
+---
+features:
+  - |
+    Implements [Configure tap-as-a-service plugin on neutron containers].
+    Adds the needed changes and configurations in order to use the
+    neutron plugin, tap-as-a-service, to create por mirrors using
+    `openstack tap` commands.
+    `Blueprint configure-taas-plugin
+    <https://blueprints.launchpad.net/kolla-ansible/+spec/configure-taas-plugin>`__