Add networking-generic-switch support for Ironic integration

This patch implements support for the networking-generic-switch (NGS)
Neutron mechanism driver to facilitate VLAN-based network segmentation
in multi-tenant Ironic deployments.

Change-Id: I502196175f9d7d75ea37d3fbaa5e4a88a8e59859
Implements: networking-generic-switch mechanism driver

defaults/main.yml

@@ -71,6 +71,8 @@ openstack_ceilometer_git_repo: https://opendev.org/openstack/ceilometer
 openstack_ceilometer_git_install_branch: master
 networking_ovn_git_repo: https://opendev.org/openstack/networking-ovn
 networking_ovn_git_install_branch: master
+networking_generic_switch_git_repo: https://opendev.org/openstack/networking-generic-switch
+networking_generic_switch_git_install_branch: master
 
 neutron_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}"
 neutron_git_constraints:
@@ -84,6 +86,7 @@ neutron_git_constraints:
   - "git+{{ networking_bgpvpn_git_repo }}@{{ networking_bgpvpn_git_install_branch }}#egg=networking-bgpvpn"
   - "git+{{ openstack_ceilometer_git_repo }}@{{ openstack_ceilometer_git_install_branch }}#egg=ceilometer"
   - "git+{{ networking_ovn_git_repo }}@{{ networking_ovn_git_install_branch }}#egg=networking-ovn"
+  - "git+{{ networking_generic_switch_git_repo }}@{{ networking_generic_switch_git_install_branch }}#egg=networking-generic-switch"
   - "--constraint {{ neutron_upper_constraints_url }}"
 
 neutron_pip_install_args: "{{ pip_install_options | default('') }}"
@@ -162,6 +165,7 @@ neutron_metadata_agent_init_overrides: {}
 neutron_metering_agent_ini_overrides: {}
 neutron_metering_agent_init_overrides: {}
 neutron_ml2_conf_ini_overrides: {}
+neutron_ml2_conf_genericswitch_ini_overrides: {}
 neutron_neutron_conf_overrides: {}
 neutron_nuage_conf_ini_overrides: {}
 neutron_opendaylight_conf_ini_overrides: {}

doc/source/app-genericswitch.rst

@@ -0,0 +1,87 @@
+========================================
+Scenario - Networking Generic Switch
+========================================
+
+Overview
+~~~~~~~~
+
+Operators can choose to utilize the Networking Generic Switch (NGS) mechanism
+driver to manage physical switches when Ironic is integrated with Neutron.
+The Networking Generic Switch mechanism driver can be deployed alongside other
+drivers, such as Open vSwitch or LinuxBridge. This document outlines how to
+set it up in your environment.
+
+Recommended reading
+~~~~~~~~~~~~~~~~~~~
+
+It is recommended to familiarize yourself with project-specific documentation
+to better understand deployment and configuration options:
+
+* `Networking Generic Switch <https://docs.openstack.org/networking-generic-switch/latest/>`_
+
+Prerequisites
+~~~~~~~~~~~~~
+
+* `Ironic Bare-Metal Provisioning Service <https://github.com/openstack/openstack-ansible-os_ironic>`_
+
+* `Supported Network Hardware <https://docs.openstack.org/networking-generic-switch/latest/supported-devices.html>`_
+
+* Network connectivity from the node(s) running the `neutron-server` service
+  to the management interface of the physical switch(es) connected to
+  Ironic bare-metal nodes. This is outside the scope of OpenStack-Ansible.
+
+OpenStack-Ansible user variables
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Add ``ml2.genericswitch`` to the ``neutron_plugin_types`` list in
+``/etc/openstack_deploy/user_variables.yml``:
+
+.. code-block:: yaml
+
+  neutron_plugin_types:
+  - ml2.genericswitch
+
+To interface with a supported network switch, configure ini overrides for each
+connected switch in your environment:
+
+.. code-block:: yaml
+
+  neutron_ml2_conf_genericswitch_ini_overrides:
+    genericswitch:arista01:
+      device_type: netmiko_arista_eos
+      ngs_mac_address: "00:1c:73:29:ea:ca"
+      ip: "192.168.90.2"
+      username: "openstack"
+      password: "0p3nst@ck"
+      ngs_port_default_vlan: 3
+    genericswitch:arista02:
+      device_type: netmiko_arista_eos
+      ngs_mac_address: "00:1c:73:29:ea:cb"
+      ip: "192.168.90.3"
+      username: "openstack"
+      password: "0p3nst@ck"
+      ngs_port_default_vlan: 3
+
+Lastly, configure an override to Ironic to enable the ``neutron`` interface:
+
+.. code-block:: console
+
+  ironic_enabled_network_interfaces_list: neutron
+  ironic_default_network_interface: neutron
+
+Notes
+~~~~~
+
+Ironic bare-metal ports that are associated with bare-metal nodes can be
+configured with the respective connection details using the
+``openstack baremetal port set`` command:
+
+.. code-block:: console
+
+  openstack baremetal port set 3a948c3b-6c41-4f68-8389-c4f5ca667c63 \
+  --local-link-connection switch_info=arista01 \
+  --local-link-connection switch_id="00:1c:73:29:ea:ca" \
+  --local-link-connection port_id="et11"
+
+When a server is deployed using a bare-metal node, Neutron will connect to
+the respective switch(es) and configure the switchport interface(s) according.

doc/source/index.rst

@@ -15,6 +15,7 @@ Neutron role for OpenStack-Ansible
    app-nuage.rst
    app-calico.rst
    app-opendaylight.rst
+   app-genericswitch.rst
 
 :tags: openstack, neutron, cloud, ansible
 :category: \*nix

releasenotes/notes/networking-generic-switch-support-6ae4be93aa50a7c3.yaml

@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    Support for the networking-generic-switch mechanism driver has been implemented.
+    This allows Ironic to interface with Neutron when the ``neutron`` network interface
+    has been configured. This feature may be enabled by adding ``ml2.genericswitch``
+    to the ``neutron_plugin_types`` list in ``/etc/openstack_deploy/user_variables.yml``.

tasks/neutron_post_install.yml

@@ -134,7 +134,7 @@
 
 - name: Copy neutron ml2 plugin config
   config_template:
-    src: "{{ neutron_plugins[item].plugin_ini }}.j2"
+    src: "{{ ('plugin_conf_bare' not in neutron_plugins[item]) | ternary(neutron_plugins[item].plugin_ini ~ '.j2', omit) }}"
     dest: "{{ neutron_conf_dir }}/{{ neutron_plugins[item].plugin_ini }}"
     owner: "root"
     group: "{{ neutron_system_group_name }}"

vars/main.yml

@@ -72,6 +72,9 @@ neutron_proprietary_nuage_pip_packages:
 neutron_optional_ovn_pip_packages:
   - networking-ovn
 
+neutron_optional_ngs_pip_packages:
+  - networking-generic-switch
+
 neutron_venv_packages: >-
   {%- set pkg_list = neutron_pip_packages | union(neutron_user_pip_packages) %}
   {%- if neutron_bgp | bool %}
@@ -111,6 +114,10 @@ neutron_venv_packages: >-
           (neutron_services['neutron-ovn-controller']['group'] in group_names)) %}
   {%-     set _ = pkg_list.extend(neutron_optional_ovn_pip_packages) %}
   {%- endif %}
+  {%- if ('ml2.genericswitch' in neutron_plugin_types) and
+         (neutron_services['neutron-server']['group'] in group_names) %}
+  {%-     set _ = pkg_list.extend(neutron_optional_ngs_pip_packages) %}
+  {%- endif %}
   {{- pkg_list | unique }}
 
 
@@ -208,6 +215,13 @@ neutron_plugins:
     plugin_conf_ini_overrides: "{{ neutron_ml2_conf_ini_overrides }}"
     plugin_core: ml2
     plugin_ini: plugins/ml2/ml2_conf.ini
+  ml2.genericswitch:
+    drivers_type: "vlan"
+    mechanisms: "genericswitch"
+    plugin_conf_bare: True
+    plugin_conf_ini_overrides: "{{ neutron_ml2_conf_genericswitch_ini_overrides }}"
+    plugin_core: ml2
+    plugin_ini: plugins/ml2/ml2_conf_genericswitch.ini
 
 ###
 ### ML2 Plugin Configuration
@@ -446,7 +460,7 @@ neutron_services:
     group: neutron_server
     service_name: neutron-server
     service_en: True
-    execstarts: "{{ neutron_bin }}/neutron-server --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}"
+    execstarts: "{{ neutron_bin }}/neutron-server --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}"
     init_config_overrides: "{{ neutron_server_init_overrides }}"
     start_order: 1
   calico-felix: