openstack
/
openstack-ansible-os_neutron
Code Issues Proposed changes

Fix linters and metadata 

With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/888223
Change-Id: I3905e334cfbeb7ccb976358016f81c5edd6cd284
This commit is contained in:
Dmitriy Rabotyagov 2023-07-17 18:17:23 +02:00
parent 01da88f560
commit 8ceea78a97
19 changed files with 222 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
defaults/main.yml
View File

@ -28,7 +28,11 @@ debug: False
# for the service setup. The host must already have # for the service setup. The host must already have
# clouds.yaml properly configured. # clouds.yaml properly configured.
neutron_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" neutron_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}"
neutron_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((neutron_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" neutron_service_setup_host_python_interpreter: >-
{{
openstack_service_setup_host_python_interpreter | default(
(neutron_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))
}}
### ###
### Packages Options ### Packages Options
@ -76,7 +80,8 @@ networking_nsx_git_install_branch: master
networking_nsxlib_git_repo: https://opendev.org/x/vmware-nsxlib networking_nsxlib_git_repo: https://opendev.org/x/vmware-nsxlib
networking_nsxlib_git_install_branch: master networking_nsxlib_git_install_branch: master
neutron_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}" neutron_upper_constraints_url: >-
{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}
neutron_git_constraints: neutron_git_constraints:
- "--constraint {{ neutron_upper_constraints_url }}" - "--constraint {{ neutron_upper_constraints_url }}"
@ -98,7 +103,7 @@ neutron_fatal_deprecations: False
## Cap the maximun number of threads / workers when a user value is unspecified. ## Cap the maximun number of threads / workers when a user value is unspecified.
neutron_api_threads_max: 16 neutron_api_threads_max: 16
neutron_api_threads: "{{ [[ansible_facts['processor_vcpus']|default(2) // 2, 1] | max, neutron_api_threads_max] | min }}" neutron_api_threads: "{{ [[ansible_facts['processor_vcpus'] | default(2) // 2, 1] | max, neutron_api_threads_max] | min }}"
neutron_agent_down_time: 120 neutron_agent_down_time: 120
neutron_agent_polling_interval: 5 neutron_agent_polling_interval: 5
@ -115,8 +120,8 @@ neutron_dns_domain: "{{ dhcp_domain | default('openstacklocal.') }}"
### ###
# Dnsmasq doesn't work with config_template override, a deployer # Dnsmasq doesn't work with config_template override, a deployer
# should instead configure its own neutron_dhcp_config key/values like this: # should instead configure its own neutron_dhcp_config key/values like this:
#neutron_dhcp_config: # neutron_dhcp_config:
# dhcp-option-force: "26,1500" # dhcp-option-force: "26,1500"
neutron_dhcp_config: {} neutron_dhcp_config: {}
# Dnsmasq has furthermore some options in its configuration that are not # Dnsmasq has furthermore some options in its configuration that are not
@ -164,9 +169,9 @@ neutron_nsx_conf_ini_overrides: {}
# Provide a list of access controls to update the default policy.json with. # Provide a list of access controls to update the default policy.json with.
# These changes will be merged # These changes will be merged
# with the access controls in the default policy.json. E.g. # with the access controls in the default policy.json. E.g.
#neutron_policy_overrides: # neutron_policy_overrides:
# "create_subnet": "rule:admin_or_network_owner" # "create_subnet": "rule:admin_or_network_owner"
# "get_subnet": "rule:admin_or_owner or rule:shared" # "get_subnet": "rule:admin_or_owner or rule:shared"
neutron_policy_overrides: {} neutron_policy_overrides: {}
_neutron_rootwrap_conf_overrides: _neutron_rootwrap_conf_overrides:
DEFAULT: DEFAULT:
@ -188,7 +193,7 @@ neutron_ovn_metadata_agent_init_overrides: {}
# NOTE(noonedeadpunk): uWSGI is still not fully supported. See: https://bugs.launchpad.net/neutron/+bug/1912359 # NOTE(noonedeadpunk): uWSGI is still not fully supported. See: https://bugs.launchpad.net/neutron/+bug/1912359
neutron_use_uwsgi: "{{ (neutron_plugin_type not in ['ml2.ovn']) }}" neutron_use_uwsgi: "{{ (neutron_plugin_type not in ['ml2.ovn']) }}"
neutron_wsgi_processes_max: 16 neutron_wsgi_processes_max: 16
neutron_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, neutron_wsgi_processes_max] | min }}" neutron_wsgi_processes: "{{ [[ansible_processor_vcpus | default(1), 1] | max * 2, neutron_wsgi_processes_max] | min }}"
neutron_wsgi_threads: 1 neutron_wsgi_threads: 1
neutron_uwsgi_tls: neutron_uwsgi_tls:
crt: "{{ neutron_ssl_cert }}" crt: "{{ neutron_ssl_cert }}"
@ -221,7 +226,11 @@ neutron_quota_firewall_rule: 100
### ###
neutron_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}" neutron_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}"
neutron_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((neutron_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" neutron_db_setup_python_interpreter: >-
{{
openstack_db_setup_python_interpreter | default(
(neutron_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))
}}
neutron_galera_address: "{{ galera_address | default('127.0.0.1') }}" neutron_galera_address: "{{ galera_address | default('127.0.0.1') }}"
neutron_galera_user: neutron neutron_galera_user: neutron
neutron_galera_database: neutron neutron_galera_database: neutron
@ -261,7 +270,8 @@ neutron_oslomsg_rpc_ssl_ca_file: "{{ oslomsg_rpc_ssl_ca_file | default('') }}"
# Notify # Notify
neutron_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}" neutron_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}"
neutron_oslomsg_notify_setup_host: "{{ (neutron_oslomsg_notify_host_group in groups) | ternary(groups[neutron_oslomsg_notify_host_group][0], 'localhost') }}" neutron_oslomsg_notify_setup_host: >-
{{ (neutron_oslomsg_notify_host_group in groups) | ternary(groups[neutron_oslomsg_notify_host_group][0], 'localhost') }}
neutron_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}" neutron_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}"
neutron_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}" neutron_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}"
neutron_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}" neutron_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}"
@ -288,7 +298,8 @@ neutron_rpc_thread_pool_size: 64
neutron_rpc_conn_pool_size: 30 neutron_rpc_conn_pool_size: 30
neutron_rpc_response_timeout: 60 neutron_rpc_response_timeout: 60
neutron_rpc_workers_max: 16 neutron_rpc_workers_max: 16
neutron_rpc_workers: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max * 2, neutron_rpc_workers_max] | min }}" neutron_rpc_workers: >-
{{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, neutron_rpc_workers_max] | min }}
### ###
### Identity (Keystone) integration ### Identity (Keystone) integration
@ -469,7 +480,7 @@ neutron_fwaasv2_service_provider: FIREWALL_V2:fwaas_db:neutron_fwaas.services.fi
neutron_driver_vpnaas: "{{ _neutron_driver_vpnaas }}" neutron_driver_vpnaas: "{{ _neutron_driver_vpnaas }}"
neutron_vpnaas_service_provider: "{{ _neutron_vpnaas_service_provider }}" neutron_vpnaas_service_provider: "{{ _neutron_vpnaas_service_provider }}"
#Set this variable to use custom config file for strongswan/openswan # Set this variable to use custom config file for strongswan/openswan
# neutron_vpnaas_custom_config: # neutron_vpnaas_custom_config:
# - src: "/etc/openstack_deploy/strongswan/strongswan.conf.template" # - src: "/etc/openstack_deploy/strongswan/strongswan.conf.template"
# dest: "{{ neutron_conf_dir }}/strongswan.conf.template" # dest: "{{ neutron_conf_dir }}/strongswan.conf.template"
@ -479,13 +490,15 @@ neutron_vpnaas_custom_config: []
# OVN Defaults # OVN Defaults
neutron_ovn_ssl: True neutron_ovn_ssl: True
ovn_proto: "{{ (neutron_ovn_ssl) | ternary('ssl','tcp') }}" ovn_proto: "{{ (neutron_ovn_ssl) | ternary('ssl', 'tcp') }}"
neutron_ovn_primary_cluster_node: "{{ groups[neutron_services['neutron-ovn-northd']['group']] | first }}" neutron_ovn_primary_cluster_node: "{{ groups[neutron_services['neutron-ovn-northd']['group']] | first }}"
neutron_ovn_northd_service_name: ovn-northd neutron_ovn_northd_service_name: ovn-northd
neutron_ovn_controller_service_name: ovn-controller neutron_ovn_controller_service_name: ovn-controller
neutron_ovn_l3_scheduler: leastloaded neutron_ovn_l3_scheduler: leastloaded
neutron_ovn_nb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6641,'+ ovn_proto + ':') }}:6641" neutron_ovn_nb_connection: >-
neutron_ovn_sb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6642,' + ovn_proto + ':') }}:6642" {{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6641,' + ovn_proto + ':') }}:6641
neutron_ovn_sb_connection: >-
{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6642,' + ovn_proto + ':') }}:6642
neutron_ovsdb_manager: ptcp:6640:127.0.0.1 neutron_ovsdb_manager: ptcp:6640:127.0.0.1
neutron_ovn_sb_inactivity_probe: 60000 neutron_ovn_sb_inactivity_probe: 60000
neutron_ovn_nb_inactivity_probe: 60000 neutron_ovn_nb_inactivity_probe: 60000
@ -500,7 +513,8 @@ neutron_ovn_node_address: "{{ management_address | default('127.0.0.1') }}"
neutron_ovn_pki_keys_path: "{{ neutron_ovn_pki_dir ~ '/certs/private/' }}" neutron_ovn_pki_keys_path: "{{ neutron_ovn_pki_dir ~ '/certs/private/' }}"
neutron_ovn_pki_certs_path: "{{ neutron_ovn_pki_dir ~ '/certs/certs/' }}" neutron_ovn_pki_certs_path: "{{ neutron_ovn_pki_dir ~ '/certs/certs/' }}"
neutron_ovn_pki_intermediate_cert_name: "{{ openstack_pki_service_intermediate_cert_name }}" neutron_ovn_pki_intermediate_cert_name: "{{ openstack_pki_service_intermediate_cert_name }}"
neutron_ovn_pki_intermediate_chain_path: "{{ neutron_ovn_pki_dir ~ '/roots/' ~ neutron_ovn_pki_intermediate_cert_name ~ '/certs/' ~ neutron_ovn_pki_intermediate_cert_name ~ '-chain.crt' }}" neutron_ovn_pki_intermediate_chain_path: >-
{{ neutron_ovn_pki_dir ~ '/roots/' ~ neutron_ovn_pki_intermediate_cert_name ~ '/certs/' ~ neutron_ovn_pki_intermediate_cert_name ~ '-chain.crt' }}
neutron_ovn_pki_regen_cert: "" neutron_ovn_pki_regen_cert: ""
neutron_ovn_pki_certificates: neutron_ovn_pki_certificates:
- name: "neutron_ovn_{{ ansible_facts['hostname'] }}" - name: "neutron_ovn_{{ ansible_facts['hostname'] }}"
@ -530,9 +544,9 @@ neutron_ovn_pki_install_certificates:
mode: "0600" mode: "0600"
condition: "{{ (neutron_ovn_ssl and neutron_needs_openvswitch) }}" condition: "{{ (neutron_ovn_ssl and neutron_needs_openvswitch) }}"
- src: "{{ neutron_ovn_user_ssl_ca_cert | default(neutron_ovn_pki_intermediate_chain_path) }}" - src: "{{ neutron_ovn_user_ssl_ca_cert | default(neutron_ovn_pki_intermediate_chain_path) }}"
dest: "{{ [neutron_ovn_conf_dir, neutron_ovn_ssl_ca_cert] | join('/') }}" dest: "{{ [neutron_ovn_conf_dir, neutron_ovn_ssl_ca_cert] | join('/') }}"
owner: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary( neutron_service_user_name, neutron_ovn_system_user_name) }}" owner: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary(neutron_service_user_name, neutron_ovn_system_user_name) }}"
group: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary( neutron_service_user_name, neutron_ovn_system_user_name) }}" group: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary(neutron_service_user_name, neutron_ovn_system_user_name) }}"
mode: "0644" mode: "0644"
condition: "{{ (neutron_ovn_ssl and neutron_needs_openvswitch and neutron_plugin_type == 'ml2.ovn') }}" condition: "{{ (neutron_ovn_ssl and neutron_needs_openvswitch and neutron_plugin_type == 'ml2.ovn') }}"
- src: "{{ neutron_ovn_user_ssl_cert | default(neutron_ovn_pki_certs_path ~ 'neutron_ovn_' ~ ansible_facts['hostname'] ~ '-chain.crt') }}" - src: "{{ neutron_ovn_user_ssl_cert | default(neutron_ovn_pki_certs_path ~ 'neutron_ovn_' ~ ansible_facts['hostname'] ~ '-chain.crt') }}"
@ -540,26 +554,26 @@ neutron_ovn_pki_install_certificates:
owner: "{{ neutron_service_user_name }}" owner: "{{ neutron_service_user_name }}"
group: "{{ neutron_service_user_name }}" group: "{{ neutron_service_user_name }}"
mode: "0644" mode: "0644"
condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services |length + uwsgi_neutron_services | length ) > 0) }}" condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services | length + uwsgi_neutron_services | length) > 0) }}"
- src: "{{ neutron_ovn_user_ssl_key | default(neutron_ovn_pki_keys_path ~ 'neutron_ovn_' ~ ansible_facts['hostname'] ~ '.key.pem') }}" - src: "{{ neutron_ovn_user_ssl_key | default(neutron_ovn_pki_keys_path ~ 'neutron_ovn_' ~ ansible_facts['hostname'] ~ '.key.pem') }}"
dest: "{{ [neutron_conf_version_dir, neutron_ovn_ssl_key] | join('/') }}" dest: "{{ [neutron_conf_version_dir, neutron_ovn_ssl_key] | join('/') }}"
owner: "{{ neutron_service_user_name }}" owner: "{{ neutron_service_user_name }}"
group: "{{ neutron_service_user_name }}" group: "{{ neutron_service_user_name }}"
mode: "0600" mode: "0600"
condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services |length + uwsgi_neutron_services | length ) > 0) }}" condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services | length + uwsgi_neutron_services | length) > 0) }}"
- src: "{{ neutron_ovn_user_ssl_ca_cert | default(neutron_ovn_pki_intermediate_chain_path) }}" - src: "{{ neutron_ovn_user_ssl_ca_cert | default(neutron_ovn_pki_intermediate_chain_path) }}"
dest: "{{ [neutron_conf_version_dir, neutron_ovn_ssl_ca_cert] | join('/') }}" dest: "{{ [neutron_conf_version_dir, neutron_ovn_ssl_ca_cert] | join('/') }}"
owner: "{{ neutron_service_user_name }}" owner: "{{ neutron_service_user_name }}"
group: "{{ neutron_service_user_name }}" group: "{{ neutron_service_user_name }}"
mode: "0644" mode: "0644"
condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services |length + uwsgi_neutron_services | length ) > 0) }}" condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services | length + uwsgi_neutron_services | length) > 0) }}"
# Define user-provided SSL certificates in: # Define user-provided SSL certificates in:
# /etc/openstack_deploy/user_variables.yml # /etc/openstack_deploy/user_variables.yml
#neutron_ovnnb_user_ssl_cert: <path to cert on ansible deployment host> # neutron_ovnnb_user_ssl_cert: <path to cert on ansible deployment host>
#neutron_ovnnb_user_ssl_key: <path to cert on ansible deployment host> # neutron_ovnnb_user_ssl_key: <path to cert on ansible deployment host>
#neutron_ovnsb_user_ssl_cert: <path to cert on ansible deployment host> # neutron_ovnsb_user_ssl_cert: <path to cert on ansible deployment host>
#neutron_ovnsb_user_ssl_key: <path to cert on ansible deployment host> # neutron_ovnsb_user_ssl_key: <path to cert on ansible deployment host>
### ###
### DPDK Configuration ### DPDK Configuration
@ -620,5 +634,5 @@ neutron_pki_install_certificates:
mode: "0600" mode: "0600"
# Define user-provided SSL certificates # Define user-provided SSL certificates
#neutron_user_ssl_cert: <path to cert on ansible deployment host> # neutron_user_ssl_cert: <path to cert on ansible deployment host>
#neutron_user_ssl_key: <path to cert on ansible deployment host> # neutron_user_ssl_key: <path to cert on ansible deployment host>

7
handlers/main.yml
View File

@ -47,6 +47,7 @@
fi fi
done done
when: "'neutron-metadata-agent' in (filtered_neutron_services | map(attribute='service_key') | list)" when: "'neutron-metadata-agent' in (filtered_neutron_services | map(attribute='service_key') | list)"
changed_when: false
listen: listen:
- "Restart neutron services" - "Restart neutron services"
- "venv changed" - "venv changed"
@ -68,6 +69,7 @@
fi fi
done done
when: "'neutron-l3-agent' in (filtered_neutron_services | map(attribute='service_key') | list)" when: "'neutron-l3-agent' in (filtered_neutron_services | map(attribute='service_key') | list)"
changed_when: false
listen: listen:
- "Restart neutron services" - "Restart neutron services"
- "venv changed" - "venv changed"
@ -111,6 +113,7 @@
become: yes become: yes
become_user: "{{ neutron_system_user_name }}" become_user: "{{ neutron_system_user_name }}"
delegate_to: "{{ groups[neutron_services['neutron-server']['group']][0] }}" delegate_to: "{{ groups[neutron_services['neutron-server']['group']][0] }}"
changed_when: false
when: when:
- "ansible_local['openstack_ansible']['neutron']['need_db_contract'] | bool" - "ansible_local['openstack_ansible']['neutron']['need_db_contract'] | bool"
- "_neutron_is_first_play_host" - "_neutron_is_first_play_host"
@ -135,10 +138,12 @@
- "systemd service changed" - "systemd service changed"
- "cert installed" - "cert installed"
- name: start ovn service - name: Start ovn service
service: service:
name: "{{ neutron_ovn_northd_service_name }}" name: "{{ neutron_ovn_northd_service_name }}"
state: started state: started
listen:
- start ovn service
# (NOTE) Restarting twice to cleanup some pid. # (NOTE) Restarting twice to cleanup some pid.
- name: Restart ovn northd - name: Restart ovn northd

12
meta/main.yml
View File

@ -18,19 +18,21 @@ galaxy_info:
description: Installation and setup of neutron description: Installation and setup of neutron
company: Rackspace company: Rackspace
license: Apache2 license: Apache2
min_ansible_version: 2.2 role_name: os_neutron
namespace: openstack
min_ansible_version: "2.10"
platforms: platforms:
- name: Debian - name: Debian
versions: versions:
- buster - bullseye
- name: Ubuntu - name: Ubuntu
versions: versions:
- bionic
- focal - focal
- jammy
- name: EL - name: EL
versions: versions:
- 8 - "9"
categories: galaxy_tags:
- cloud - cloud
- python - python
- neutron - neutron

4
tasks/dependent_neutron_roles.yml
View File

@ -21,5 +21,5 @@
extra_features: "{{ opendaylight_extra_features }}" extra_features: "{{ opendaylight_extra_features }}"
nb_rest_port: "{{ opendaylight_port | default('8180') }}" nb_rest_port: "{{ opendaylight_port | default('8180') }}"
when: when:
- neutron_plugin_type == "ml2.opendaylight" - neutron_plugin_type == "ml2.opendaylight"
- "'opendaylight' in group_names" - "'opendaylight' in group_names"

46
tasks/main.yml
View File

@ -14,7 +14,8 @@
# limitations under the License. # limitations under the License.
- import_tasks: neutron_check.yml - name: Importing neutron_check tasks
import_tasks: neutron_check.yml
- name: Gather variables for each operating system - name: Gather variables for each operating system
include_vars: "{{ lookup('first_found', params) }}" include_vars: "{{ lookup('first_found', params) }}"
@ -36,7 +37,8 @@
tags: tags:
- always - always
- include_role: - name: Including osa.db_setup role
include_role:
name: openstack.osa.db_setup name: openstack.osa.db_setup
apply: apply:
tags: tags:
@ -57,7 +59,8 @@
tags: tags:
- always - always
- include_role: - name: Including osa.mq_setup role
include_role:
name: openstack.osa.mq_setup name: openstack.osa.mq_setup
apply: apply:
tags: tags:
@ -106,17 +109,20 @@
tags: tags:
- always - always
- import_tasks: dependent_neutron_roles.yml - name: Importing dependent_neutron_roles tasks
import_tasks: dependent_neutron_roles.yml
- import_tasks: neutron_pre_install.yml - name: Importing neutron_pre_install tasks
import_tasks: neutron_pre_install.yml
tags: tags:
- neutron-install - neutron-install
- import_tasks: neutron_install.yml - name: Importing neutron_install tasks
import_tasks: neutron_install.yml
tags: tags:
- neutron-install - neutron-install
- name: refresh local facts - name: Refresh local facts
setup: setup:
filter: ansible_local filter: ansible_local
gather_subset: "!all" gather_subset: "!all"
@ -163,12 +169,15 @@
when: when:
- neutron_plugin_type == 'ml2.ovn' - neutron_plugin_type == 'ml2.ovn'
- neutron_ovn_ssl - neutron_ovn_ssl
- (neutron_services['neutron-ovn-controller']['group'] in group_names) or (neutron_services['neutron-ovn-northd']['group'] in group_names) or (neutron_services['neutron-server']['group'] in group_names) - (neutron_services['neutron-ovn-controller']['group'] in group_names) or
(neutron_services['neutron-ovn-northd']['group'] in group_names) or
(neutron_services['neutron-server']['group'] in group_names)
tags: tags:
- always - always
# Include provider specific config(s) # Include provider specific config(s)
- include_tasks: "{{ item }}" - name: Including plugin-specific tasks
include_tasks: "{{ item }}"
with_first_found: with_first_found:
- files: - files:
- "{{ neutron_plugin_type.split('.')[-1] }}_config.yml" - "{{ neutron_plugin_type.split('.')[-1] }}_config.yml"
@ -178,7 +187,8 @@
tags: tags:
- neutron-install - neutron-install
- import_tasks: neutron_post_install.yml - name: Importing neutron_post_install tasks
import_tasks: neutron_post_install.yml
tags: tags:
- neutron-config - neutron-config
@ -192,7 +202,7 @@
service_facts: service_facts:
- name: Disable services if they present - name: Disable services if they present
service: systemd:
name: "{{ item['service_name'] }}" name: "{{ item['service_name'] }}"
state: stopped state: stopped
enabled: False enabled: False
@ -215,10 +225,10 @@
systemd_tempd_prefix: openstack systemd_tempd_prefix: openstack
systemd_slice_name: "{{ neutron_system_slice_name }}" systemd_slice_name: "{{ neutron_system_slice_name }}"
systemd_lock_dir: "{{ neutron_lock_dir }}" systemd_lock_dir: "{{ neutron_lock_dir }}"
systemd_CPUAccounting: true systemd_service_cpu_accounting: true
systemd_BlockIOAccounting: true systemd_service_block_io_accounting: true
systemd_MemoryAccounting: true systemd_service_memory_accounting: true
systemd_TasksAccounting: true systemd_service_tasks_accounting: true
systemd_services: |- systemd_services: |-
{%- set services = [] -%} {%- set services = [] -%}
{%- for service in filtered_neutron_services -%} {%- for service in filtered_neutron_services -%}
@ -238,7 +248,8 @@
- neutron-config - neutron-config
- systemd-service - systemd-service
- include_tasks: neutron_db_setup.yml - name: Including neutron_db_setup role
include_tasks: neutron_db_setup.yml
args: args:
apply: apply:
tags: tags:
@ -258,7 +269,8 @@
- neutron-config - neutron-config
- uwsgi - uwsgi
- include_role: - name: Including osa.service_setup role
include_role:
name: openstack.osa.service_setup name: openstack.osa.service_setup
apply: apply:
tags: tags:

2
tasks/neutron_apparmor.yml
View File

@ -38,7 +38,7 @@
# https://github.com/willthames/ansible-lint/issues/275 # https://github.com/willthames/ansible-lint/issues/275
set -o pipefail set -o pipefail
exit_code=0 exit_code=0
if aa-status | grep -q {{ item.process }} ; then if aa-status | grep -q {{ item.process }} ; then
aa-disable {{ item.profile }} aa-disable {{ item.profile }}
if [[ $? == 0 ]]; then if [[ $? == 0 ]]; then
exit_code=2 exit_code=2

3
tasks/neutron_db_setup.yml
View File

@ -17,6 +17,7 @@
command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf upgrade --expand" command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf upgrade --expand"
become: yes become: yes
become_user: "{{ neutron_system_user_name }}" become_user: "{{ neutron_system_user_name }}"
changed_when: false
when: when:
- "ansible_local['openstack_ansible']['neutron']['need_db_expand'] | bool" - "ansible_local['openstack_ansible']['neutron']['need_db_expand'] | bool"
- "_neutron_is_first_play_host" - "_neutron_is_first_play_host"
@ -27,6 +28,7 @@
section: neutron section: neutron
option: "need_db_expand" option: "need_db_expand"
value: "False" value: "False"
mode: "0644"
- name: Check for available offline migrations - name: Check for available offline migrations
command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf has_offline_migrations" command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf has_offline_migrations"
@ -48,6 +50,7 @@
section: neutron section: neutron
option: "need_db_contract" option: "need_db_contract"
value: "True" value: "True"
mode: "0644"
when: when:
- "'stdout' in _offline_migrations_check" - "'stdout' in _offline_migrations_check"
- "'Need to apply migrations' in _offline_migrations_check.stdout" - "'Need to apply migrations' in _offline_migrations_check.stdout"

5
tasks/neutron_install.yml
View File

@ -19,6 +19,7 @@
section: "neutron" section: "neutron"
option: "install_method" option: "install_method"
value: "{{ neutron_install_method }}" value: "{{ neutron_install_method }}"
mode: "0644"
- name: Refresh local facts to ensure the neutron section is present - name: Refresh local facts to ensure the neutron section is present
setup: setup:
@ -97,6 +98,7 @@
section: neutron section: neutron
option: "{{ item.name }}" option: "{{ item.name }}"
value: "{{ item.state }}" value: "{{ item.state }}"
mode: "0644"
with_items: with_items:
- name: "need_db_expand" - name: "need_db_expand"
state: "True" state: "True"
@ -140,7 +142,8 @@
{{ apparmor_hosts | unique }} {{ apparmor_hosts | unique }}
when: ansible_facts['pkg_mgr'] == 'apt' when: ansible_facts['pkg_mgr'] == 'apt'
- import_tasks: neutron_apparmor.yml - name: Importing neutron_apparmor tasks
import_tasks: neutron_apparmor.yml
when: when:
- ansible_facts['pkg_mgr'] == 'apt' - ansible_facts['pkg_mgr'] == 'apt'
- inventory_hostname in neutron_apparmor_hosts - inventory_hostname in neutron_apparmor_hosts

17
tasks/neutron_post_install.yml
View File

@ -21,9 +21,9 @@
file: file:
path: "{{ item.path | default(omit) }}" path: "{{ item.path | default(omit) }}"
state: "directory" state: "directory"
owner: "{{ item.owner|default(neutron_system_user_name) }}" owner: "{{ item.owner | default(neutron_system_user_name) }}"
group: "{{ item.group|default(neutron_system_group_name) }}" group: "{{ item.group | default(neutron_system_group_name) }}"
mode: "{{ item.mode | default(omit) }}" mode: "{{ item.mode | default('0755') }}"
with_items: with_items:
- path: "{{ neutron_conf_version_dir }}/plugins" - path: "{{ neutron_conf_version_dir }}/plugins"
mode: "0750" mode: "0750"
@ -41,6 +41,7 @@
dest: "{{ neutron_conf_version_dir }}/rootwrap.d/" dest: "{{ neutron_conf_version_dir }}/rootwrap.d/"
owner: "root" owner: "root"
group: "root" group: "root"
mode: "0644"
with_fileglob: with_fileglob:
- rootwrap.d/* - rootwrap.d/*
notify: notify:
@ -52,7 +53,7 @@
src: "{{ item.src }}" src: "{{ item.src }}"
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
owner: "root" owner: "root"
group: "{{ item.group|default(neutron_system_group_name) }}" group: "{{ item.group | default(neutron_system_group_name) }}"
mode: "0640" mode: "0640"
config_overrides: "{{ item.config_overrides }}" config_overrides: "{{ item.config_overrides }}"
config_type: "{{ item.config_type }}" config_type: "{{ item.config_type }}"
@ -219,7 +220,7 @@
state: stopped state: stopped
enabled: false enabled: false
when: when:
- ansible_facts['pkg_mgr'] == 'apt' - ansible_facts['pkg_mgr'] == 'apt'
- ansible_facts['hostname'] in groups['neutron_metadata_agent'] or ansible_facts['hostname'] in groups['neutron_ovn_controller'] - ansible_facts['hostname'] in groups['neutron_metadata_agent'] or ansible_facts['hostname'] in groups['neutron_ovn_controller']
- groups['haproxy_all'] is defined - groups['haproxy_all'] is defined
- ansible_facts['hostname'] not in groups['haproxy_all'] - ansible_facts['hostname'] not in groups['haproxy_all']

3
tasks/neutron_pre_install.yml
View File

@ -73,7 +73,7 @@
- path: "{{ neutron_system_home_folder }}" - path: "{{ neutron_system_home_folder }}"
mode: "0755" mode: "0755"
- path: "{{ neutron_system_home_folder }}/ha_confs" - path: "{{ neutron_system_home_folder }}/ha_confs"
state: "{{ (neutron_plugin_type == 'ml2.ovn') | ternary('absent','directory') }}" state: "{{ (neutron_plugin_type == 'ml2.ovn') | ternary('absent', 'directory') }}"
- name: Add dependency repos for Neutron - name: Add dependency repos for Neutron
package: package:
@ -92,6 +92,7 @@
dest: "/etc/tmpfiles.d/openstack-openvswitch.conf" dest: "/etc/tmpfiles.d/openstack-openvswitch.conf"
line: "D /var/run/openvswitch 2755 root root" line: "D /var/run/openvswitch 2755 root root"
create: true create: true
mode: "0644"
- name: Create ovs tmp directory - name: Create ovs tmp directory
file: file:

3
tasks/providers/opendaylight_config.yml
View File

@ -13,5 +13,6 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
- import_tasks: setup_ovs_opendaylight.yml - name: Importing setup_ovs_opendaylight tasks
import_tasks: setup_ovs_opendaylight.yml
when: neutron_services['neutron-server']['group'] not in group_names when: neutron_services['neutron-server']['group'] not in group_names

5
tasks/providers/ovn_cluster_setup.yml
View File

@ -58,13 +58,14 @@
# set leader_node variable # set leader_node variable
- name: Set leader_node fact - name: Set leader_node fact
set_fact: set_fact:
leader_node: "{{ (_find_leader.results | selectattr('stdout', 'search', 'leader')) | map(attribute='container') | list }}" leader_node: "{{ (_find_leader.results | selectattr('stdout', 'search', 'leader')) | map(attribute='container') | list }}"
# This play only run first time to build cluster using primary node. # This play only run first time to build cluster using primary node.
- name: Setup ovn cluster using primary node. - name: Setup ovn cluster using primary node.
template: template:
src: ovn-northd-opts.j2 src: ovn-northd-opts.j2
dest: "{{ neutron_ovn_northd_opts_file }}" dest: "{{ neutron_ovn_northd_opts_file }}"
mode: "0644"
when: when:
- "inventory_hostname == neutron_ovn_primary_cluster_node" - "inventory_hostname == neutron_ovn_primary_cluster_node"
- _check_cluster_db.rc != 0 - _check_cluster_db.rc != 0
@ -83,6 +84,7 @@
- name: Configure connection settings for ovn-nb and ovn-sb - name: Configure connection settings for ovn-nb and ovn-sb
command: "{{ cmd }}" command: "{{ cmd }}"
changed_when: false
with_items: with_items:
- "ovn-nbctl --inactivity-probe={{ neutron_ovn_nb_inactivity_probe }} set-connection p{{ ovn_proto }}:6641" - "ovn-nbctl --inactivity-probe={{ neutron_ovn_nb_inactivity_probe }} set-connection p{{ ovn_proto }}:6641"
- "ovn-sbctl --inactivity-probe={{ neutron_ovn_sb_inactivity_probe }} set-connection p{{ ovn_proto }}:6642" - "ovn-sbctl --inactivity-probe={{ neutron_ovn_sb_inactivity_probe }} set-connection p{{ ovn_proto }}:6642"
@ -101,6 +103,7 @@
template: template:
src: ovn-northd-opts.j2 src: ovn-northd-opts.j2
dest: "{{ neutron_ovn_northd_opts_file }}" dest: "{{ neutron_ovn_northd_opts_file }}"
mode: "0644"
when: when:
- _check_cluster_db.rc != 0 - _check_cluster_db.rc != 0
notify: notify:

6
tasks/providers/ovn_config.yml
View File

@ -18,6 +18,7 @@
template: template:
src: ovn-controller-opts.j2 src: ovn-controller-opts.j2
dest: "{{ neutron_ovn_controller_opts_file }}" dest: "{{ neutron_ovn_controller_opts_file }}"
mode: "0644"
register: ovn_controller_config register: ovn_controller_config
when: when:
- neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_services['neutron-ovn-controller']['group'] in group_names
@ -62,9 +63,10 @@
- name: Ensure ovn-controller service is started and enabled - name: Ensure ovn-controller service is started and enabled
systemd: systemd:
name: "{{ neutron_ovn_controller_service_name }}" name: "{{ neutron_ovn_controller_service_name }}"
state: "{{ (ovn_controller_config.changed) | ternary('restarted','started') }}" state: "{{ (ovn_controller_config.changed) | ternary('restarted', 'started') }}"
enabled: yes enabled: yes
when: when:
- neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_services['neutron-ovn-controller']['group'] in group_names
- ansible.builtin.include_tasks: setup_ovs_ovn.yml - name: Including setup_ovs_ovn tasks
ansible.builtin.include_tasks: setup_ovs_ovn.yml

3
tasks/providers/ovs_config.yml
View File

@ -41,6 +41,7 @@
- neutron_provider_networks.network_interface_mappings is defined and (neutron_provider_networks.network_interface_mappings|length > 0) - neutron_provider_networks.network_interface_mappings is defined and (neutron_provider_networks.network_interface_mappings|length > 0)
- not ovs_dpdk_support - not ovs_dpdk_support
- ansible.builtin.include_tasks: setup_ovs_dpdk.yml - name: Including setup_ovs_dpdk tasks
ansible.builtin.include_tasks: setup_ovs_dpdk.yml
when: when:
- ovs_dpdk_support - ovs_dpdk_support

12
tasks/providers/setup_ovs_dpdk.yml
View File

@ -63,24 +63,28 @@
- name: Set DPDK lcore mask - name: Set DPDK lcore mask
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-lcore-mask={{ ovs_dpdk_lcore_mask }}" command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-lcore-mask={{ ovs_dpdk_lcore_mask }}"
changed_when: false
when: when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names - neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names' - '"nova_compute" in group_names'
- name: Set DPDK PMD cpu mask - name: Set DPDK PMD cpu mask
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:pmd-cpu-mask={{ ovs_dpdk_pmd_cpu_mask }}" command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:pmd-cpu-mask={{ ovs_dpdk_pmd_cpu_mask }}"
changed_when: false
when: when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names - neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names' - '"nova_compute" in group_names'
- name: Set DPDK socket memory - name: Set DPDK socket memory
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-socket-mem={{ ovs_dpdk_socket_mem }}" command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-socket-mem={{ ovs_dpdk_socket_mem }}"
changed_when: false
when: when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names - neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names' - '"nova_compute" in group_names'
- name: Enable DPDK support for openvswitch - name: Enable DPDK support for openvswitch
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-init=true" command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-init=true"
changed_when: false
when: when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names - neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names' - '"nova_compute" in group_names'
@ -117,8 +121,8 @@
- name: Add ports to Network Provider Bridges - name: Add ports to Network Provider Bridges
openvswitch_port: openvswitch_port:
bridge: "{{ interface_mapping.split(':')[0] }}" bridge: "{{ interface_mapping.split(':')[0] }}"
port: "{{ interface_mapping.split(':',1)[1] }}" port: "{{ interface_mapping.split(':', 1)[1] }}"
set: "Interface {{ interface_mapping.split(':',1)[1] }} type=dpdk options:dpdk-devargs='{{ interface_mapping.split(':',1)[1] }}'" set: "Interface {{ interface_mapping.split(':', 1)[1] }} type=dpdk options:dpdk-devargs='{{ interface_mapping.split(':', 1)[1] }}'"
state: present state: present
with_items: "{{ neutron_provider_networks.network_interface_mappings.split(',') }}" with_items: "{{ neutron_provider_networks.network_interface_mappings.split(',') }}"
loop_control: loop_control:
@ -138,7 +142,9 @@
lacp: "{{ bond_interfaces_mapping.lacp | default('off') }}" lacp: "{{ bond_interfaces_mapping.lacp | default('off') }}"
bond_updelay: "{{ bond_interfaces_mapping.bond_updelay | default(100) }}" bond_updelay: "{{ bond_interfaces_mapping.bond_updelay | default(100) }}"
bond_downdelay: "{{ bond_interfaces_mapping.bond_downdelay | default(100) }}" bond_downdelay: "{{ bond_interfaces_mapping.bond_downdelay | default(100) }}"
set: "{% for interface in bond_interfaces_mapping.interfaces %}interface {{ interface }} type=dpdk options:dpdk-devargs='{{ interface }}'{% if not loop.last %},{% endif %}{% endfor %}" set: >-
{% for interface in bond_interfaces_mapping.interfaces %}interface {{ interface }} type=dpdk options:dpdk-devargs='{{ interface }}'{%
if not loop.last %},{% endif %}{% endfor %}
state: present state: present
with_items: "{{ neutron_provider_networks.network_bond_interfaces_mappings }}" with_items: "{{ neutron_provider_networks.network_bond_interfaces_mappings }}"
loop_control: loop_control:

11
tasks/providers/setup_ovs_opendaylight.yml
View File

@ -22,11 +22,16 @@
delay: 5 delay: 5
- name: Set ODL as OvS manager - name: Set ODL as OvS manager
changed_when: false
command: ovs-vsctl set-manager {{ ovs_manager_list }} command: ovs-vsctl set-manager {{ ovs_manager_list }}
when: ovs_manager.stdout | length == 0 when: ovs_manager.stdout | length == 0
- name: Configure hosts for networking-odl, force kernel datapath - name: Configure hosts for networking-odl, force kernel datapath
command: "{{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk {% if neutron_provider_networks.network_mappings is defined and 'odl-router_v2' in neutron_plugin_base or 'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %}" changed_when: false
command: >-
{{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk
{% if neutron_provider_networks.network_mappings is defined and 'odl-router_v2' in neutron_plugin_base or
'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %}
when: ovs_manager.stdout | length == 0 when: ovs_manager.stdout | length == 0
- name: Retrieve current OvS local ip - name: Retrieve current OvS local ip
@ -36,17 +41,19 @@
changed_when: False changed_when: False
- name: Set local ip for OpenvSwitch - name: Set local ip for OpenvSwitch
changed_when: false
command: "ovs-vsctl set Open_vSwitch . other_config:local_ip={{ neutron_local_ip }}" command: "ovs-vsctl set Open_vSwitch . other_config:local_ip={{ neutron_local_ip }}"
when: ovs_local_ip.rc != 0 when: ovs_local_ip.rc != 0
- name: Set the bridge mappings - name: Set the bridge mappings
changed_when: false
command: "ovs-vsctl set Open_vSwitch . other_config:provider_mappings={{ neutron_provider_networks.network_mappings }}" command: "ovs-vsctl set Open_vSwitch . other_config:provider_mappings={{ neutron_provider_networks.network_mappings }}"
when: when:
- neutron_provider_networks.network_mappings is defined - neutron_provider_networks.network_mappings is defined
- (neutron_plugin_base == 'odl-router' or neutron_plugin_base == 'odl-router_v2') - (neutron_plugin_base == 'odl-router' or neutron_plugin_base == 'odl-router_v2')
- name: Set the of-tunnel to true - name: Set the of-tunnel to true
changed_when: false
command: "ovs-vsctl set Open_vSwitch . external_ids:of-tunnel=true" command: "ovs-vsctl set Open_vSwitch . external_ids:of-tunnel=true"
when: when:
- neutron_plugin_base == 'sfc' - neutron_plugin_base == 'sfc'

15
tasks/providers/setup_ovs_ovn.yml
View File

@ -15,26 +15,33 @@
# limitations under the License. # limitations under the License.
- name: Set openvswitch hostname - name: Set openvswitch hostname
changed_when: false
command: "ovs-vsctl set open_vswitch . external-ids:hostname='{{ ansible_facts['nodename'] }}'" command: "ovs-vsctl set open_vswitch . external-ids:hostname='{{ ansible_facts['nodename'] }}'"
when: when:
- (neutron_services['neutron-ovn-controller']['group'] in group_names) - (neutron_services['neutron-ovn-controller']['group'] in group_names)
- name: Set CMS Options for Gateway Scheduling - name: Set CMS Options for Gateway Scheduling
changed_when: false
command: "ovs-vsctl set open . external-ids:ovn-cms-options=enable-chassis-as-gw" command: "ovs-vsctl set open . external-ids:ovn-cms-options=enable-chassis-as-gw"
when: when:
- '"neutron_ovn_gateway" in group_names' - '"neutron_ovn_gateway" in group_names'
- name: Configure OVN Southbound Connection - name: Configure OVN Southbound Connection
changed_when: false
command: "ovs-vsctl set open . external-ids:ovn-remote={{ neutron_ovn_sb_connection }}" command: "ovs-vsctl set open . external-ids:ovn-remote={{ neutron_ovn_sb_connection }}"
when: when:
- neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Configure Supported OVN Overlay Protocols - name: Configure Supported OVN Overlay Protocols
command: "ovs-vsctl set open . external-ids:ovn-encap-type={{ neutron_provider_networks.network_types.split(',') | intersect(['geneve', 'vxlan', 'stt']) | join(',') }}" changed_when: false
command: >-
ovs-vsctl set open . external-ids:ovn-encap-type={{ neutron_provider_networks.network_types.split(',') | intersect(
['geneve', 'vxlan', 'stt']) | join(',') }}
when: when:
- neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Configure Encapsulation Address for Overlay Traffic - name: Configure Encapsulation Address for Overlay Traffic
changed_when: false
command: "ovs-vsctl set open . external-ids:ovn-encap-ip={{ neutron_local_ip }}" command: "ovs-vsctl set open . external-ids:ovn-encap-ip={{ neutron_local_ip }}"
when: when:
- neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_services['neutron-ovn-controller']['group'] in group_names
@ -42,12 +49,14 @@
# Create an ovsdb manager for Nova (os-vif) # Create an ovsdb manager for Nova (os-vif)
- name: Register existing OVSDB Manager(s) - name: Register existing OVSDB Manager(s)
command: ovs-vsctl get-manager command: ovs-vsctl get-manager
changed_when: false
register: existing_ovsdb_manager register: existing_ovsdb_manager
when: when:
- neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Create OVSDB Manager - name: Create OVSDB Manager
command: ovs-vsctl --id @manager create Manager "target=\"{{ neutron_ovsdb_manager }}\"" -- add Open_vSwitch . manager_options @manager command: ovs-vsctl --id @manager create Manager "target=\"{{ neutron_ovsdb_manager }}\"" -- add Open_vSwitch . manager_options @manager
changed_when: false
when: when:
- neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_services['neutron-ovn-controller']['group'] in group_names
- neutron_ovsdb_manager not in existing_ovsdb_manager.stdout_lines - neutron_ovsdb_manager not in existing_ovsdb_manager.stdout_lines
@ -78,10 +87,12 @@
- name: Set the OVN Bridge Mappings in OVS - name: Set the OVN Bridge Mappings in OVS
command: "ovs-vsctl set open . external-ids:ovn-bridge-mappings={{ neutron_provider_networks.network_mappings }}" command: "ovs-vsctl set open . external-ids:ovn-bridge-mappings={{ neutron_provider_networks.network_mappings }}"
changed_when: false
when: when:
- neutron_provider_networks.network_mappings is defined - neutron_provider_networks.network_mappings is defined
- neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_services['neutron-ovn-controller']['group'] in group_names
- include_tasks: ovn_cluster_setup.yml - name: Including ovn_cluster_setup tasks
include_tasks: ovn_cluster_setup.yml
when: when:
- neutron_services['neutron-ovn-northd']['group'] in group_names - neutron_services['neutron-ovn-northd']['group'] in group_names

95
vars/main.yml
View File

@ -13,9 +13,21 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
_neutron_is_first_play_host: "{{ (neutron_services['neutron-server']['group'] in group_names and inventory_hostname == (groups[neutron_services['neutron-server']['group']] | intersect(ansible_play_hosts)) | first) | bool }}" _neutron_is_first_play_host: >-
_neutron_oslomsg_rpc_vhost_conf: "{{ (neutron_oslomsg_rpc_vhost is string) | ternary(neutron_oslomsg_rpc_vhost, neutron_oslomsg_rpc_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) }}" {{
_neutron_oslomsg_notify_vhost_conf: "{{ (neutron_oslomsg_notify_vhost is string) | ternary(neutron_oslomsg_notify_vhost, neutron_oslomsg_notify_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) }}" (neutron_services['neutron-server']['group'] in group_names and inventory_hostname == (
groups[neutron_services['neutron-server']['group']] | intersect(ansible_play_hosts)) | first) | bool
}}
_neutron_oslomsg_rpc_vhost_conf: >-
{{
(neutron_oslomsg_rpc_vhost is string) | ternary(
neutron_oslomsg_rpc_vhost, neutron_oslomsg_rpc_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first)
}}
_neutron_oslomsg_notify_vhost_conf: >-
{{
(neutron_oslomsg_notify_vhost is string) | ternary(
neutron_oslomsg_notify_vhost, neutron_oslomsg_notify_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first)
}}
### ###
### Open vSwitch ### Open vSwitch
@ -233,11 +245,11 @@ neutron_plugins:
neutron_ml2_mechanism_drivers: >- neutron_ml2_mechanism_drivers: >-
{%- set _var = [] -%} {%- set _var = [] -%}
{%- for plugin in [neutron_plugin_type]|union(neutron_plugin_types) -%} {%- for plugin in [neutron_plugin_type] | union(neutron_plugin_types) -%}
{%- if _var.append(neutron_plugins[plugin].mechanisms) -%}{%- endif -%} {%- if _var.append(neutron_plugins[plugin].mechanisms) -%}{%- endif -%}
{%- endfor -%} {%- endfor -%}
{%- if neutron_l2_population | bool -%} {%- if neutron_l2_population | bool -%}
{%- if _var.append('l2population') -%}{%- endif -%} {%- if _var.append('l2population') -%}{%- endif -%}
{%- endif -%} {%- endif -%}
{{ _var | join(',') }} {{ _var | join(',') }}
@ -247,7 +259,11 @@ _neutron_non_tunnel_types:
- vlan - vlan
- local - local
_neutron_ovs_disabled: "{{ (neutron_services['neutron-ovn-northd']['group'] or neutron_services['neutron-server']['group'] in group_names) and (neutron_services['neutron-ovn-controller']['group'] not in group_names) and (neutron_plugin_type == 'ml2.ovn') }}" _neutron_ovs_disabled: >-
{{
(neutron_services['neutron-ovn-northd']['group'] or neutron_services['neutron-server']['group'] in group_names) and
(neutron_services['neutron-ovn-controller']['group'] not in group_names) and (neutron_plugin_type == 'ml2.ovn')
}}
# Tunnel network types used by the OVS agent # Tunnel network types used by the OVS agent
neutron_tunnel_types: "{{ neutron_ml2_drivers_type.split(',') | difference(_neutron_non_tunnel_types) | join(',') }}" neutron_tunnel_types: "{{ neutron_ml2_drivers_type.split(',') | difference(_neutron_non_tunnel_types) | join(',') }}"
@ -260,7 +276,7 @@ opendaylight_extra_features: |-
{%- endif -%} {%- endif -%}
{{ features }} {{ features }}
opendaylight_install_method: "{{ (ansible_facts['os_family']=='Debian') | ternary('deb_repo', 'rpm_repo') }}" opendaylight_install_method: "{{ (ansible_facts['os_family'] == 'Debian') | ternary('deb_repo', 'rpm_repo') }}"
ovs_manager_list: |- ovs_manager_list: |-
{% set ovs_managers_odls = [] %} {% set ovs_managers_odls = [] %}
@ -273,15 +289,20 @@ ovs_manager_list: |-
### ###
## Please add 'router' to the neutron_plugin_base list ## Please add 'router' to the neutron_plugin_base list
#TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle # TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle
# Should the neutron-l3-agent service should be enabled on the host # Should the neutron-l3-agent service should be enabled on the host
neutron_l3: "{% if 'router' in neutron_plugin_base or 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base or 'df-l3' in neutron_plugin_base %}True{% else %}False{% endif %}" neutron_l3: >-
{%
if 'router' in neutron_plugin_base or
'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base or
'df-l3' in neutron_plugin_base
%}True{% else %}False{% endif %}
### ###
### DHCP Agent Plugin Configuration ### DHCP Agent Plugin Configuration
### ###
neutron_dhcp: "{% if (neutron_plugin_type.split('.')[0] == 'ml2') and (neutron_plugin_type != 'ml2.ovn') %}True{% else %}False{% endif %}" neutron_dhcp: "{% if (neutron_plugin_type.split('.')[0] == 'ml2') and (neutron_plugin_type != 'ml2.ovn') %}True{% else %}False{% endif %}"
### ###
### Metadata Agent Plugin Configuration ### Metadata Agent Plugin Configuration
@ -387,7 +408,8 @@ neutron_services:
service_conf_path: "{{ neutron_conf_version_dir }}" service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: dhcp_agent.ini service_conf: dhcp_agent.ini
service_rootwrap: rootwrap.d/dhcp.filters service_rootwrap: rootwrap.d/dhcp.filters
execstarts: "{{ neutron_bin }}/neutron-dhcp-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini" execstarts: >-
{{ neutron_bin }}/neutron-dhcp-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini
config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}" config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}"
config_type: "ini" config_type: "ini"
init_config_overrides: "{{ neutron_dhcp_agent_init_overrides }}" init_config_overrides: "{{ neutron_dhcp_agent_init_overrides }}"
@ -399,7 +421,9 @@ neutron_services:
service_conf_path: "{{ neutron_conf_version_dir }}" service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: plugins/ml2/openvswitch_agent.ini service_conf: plugins/ml2/openvswitch_agent.ini
service_rootwrap: rootwrap.d/openvswitch-plugin.filters service_rootwrap: rootwrap.d/openvswitch-plugin.filters
execstarts: "{{ neutron_bin }}/neutron-openvswitch-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini" execstarts: >-
{{ neutron_bin }}/neutron-openvswitch-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini
config_overrides: "{{ neutron_openvswitch_agent_ini_overrides }}" config_overrides: "{{ neutron_openvswitch_agent_ini_overrides }}"
config_type: "ini" config_type: "ini"
init_config_overrides: "{{ neutron_openvswitch_agent_init_overrides }}" init_config_overrides: "{{ neutron_openvswitch_agent_init_overrides }}"
@ -411,7 +435,9 @@ neutron_services:
service_conf_path: "{{ neutron_conf_version_dir }}" service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: plugins/ml2/linuxbridge_agent.ini service_conf: plugins/ml2/linuxbridge_agent.ini
service_rootwrap: rootwrap.d/linuxbridge-plugin.filters service_rootwrap: rootwrap.d/linuxbridge-plugin.filters
execstarts: "{{ neutron_bin }}/neutron-linuxbridge-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini" execstarts: >-
{{ neutron_bin }}/neutron-linuxbridge-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini
config_overrides: "{{ neutron_linuxbridge_agent_ini_overrides }}" config_overrides: "{{ neutron_linuxbridge_agent_ini_overrides }}"
config_type: "ini" config_type: "ini"
init_config_overrides: "{{ neutron_linuxbridge_agent_init_overrides }}" init_config_overrides: "{{ neutron_linuxbridge_agent_init_overrides }}"
@ -422,7 +448,8 @@ neutron_services:
service_en: "{{ neutron_metadata | bool }}" service_en: "{{ neutron_metadata | bool }}"
service_conf_path: "{{ neutron_conf_version_dir }}" service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: metadata_agent.ini service_conf: metadata_agent.ini
execstarts: "{{ neutron_bin }}/neutron-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini" execstarts: >-
{{ neutron_bin }}/neutron-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini
config_overrides: "{{ neutron_metadata_agent_ini_overrides }}" config_overrides: "{{ neutron_metadata_agent_ini_overrides }}"
config_type: "ini" config_type: "ini"
init_config_overrides: "{{ neutron_metadata_agent_init_overrides }}" init_config_overrides: "{{ neutron_metadata_agent_init_overrides }}"
@ -433,7 +460,8 @@ neutron_services:
service_en: "{{ neutron_metering | bool }}" service_en: "{{ neutron_metering | bool }}"
service_conf_path: "{{ neutron_conf_version_dir }}" service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: metering_agent.ini service_conf: metering_agent.ini
execstarts: "{{ neutron_bin }}/neutron-metering-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini" execstarts: >-
{{ neutron_bin }}/neutron-metering-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini
config_overrides: "{{ neutron_metering_agent_ini_overrides }}" config_overrides: "{{ neutron_metering_agent_ini_overrides }}"
config_type: "ini" config_type: "ini"
init_config_overrides: "{{ neutron_metering_agent_init_overrides }}" init_config_overrides: "{{ neutron_metering_agent_init_overrides }}"
@ -458,7 +486,8 @@ neutron_services:
service_en: "{{ neutron_bgp | bool }}" service_en: "{{ neutron_bgp | bool }}"
service_conf_path: "{{ neutron_conf_version_dir }}" service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: bgp_dragent.ini service_conf: bgp_dragent.ini
execstarts: "{{ neutron_bin }}/neutron-bgp-dragent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/bgp_dragent.ini" execstarts: >-
{{ neutron_bin }}/neutron-bgp-dragent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/bgp_dragent.ini
config_overrides: "{{ neutron_bgp_dragent_ini_overrides }}" config_overrides: "{{ neutron_bgp_dragent_ini_overrides }}"
config_type: "ini" config_type: "ini"
init_config_overrides: "{{ neutron_bgp_dragent_init_overrides }}" init_config_overrides: "{{ neutron_bgp_dragent_init_overrides }}"
@ -473,9 +502,18 @@ neutron_services:
uwsgi_bind_address: "{{ neutron_api_bind_address }}" uwsgi_bind_address: "{{ neutron_api_bind_address }}"
uwsgi_port: "{{ neutron_service_port }}" uwsgi_port: "{{ neutron_service_port }}"
uwsgi_tls: "{{ neutron_backend_ssl | ternary(neutron_uwsgi_tls, {}) }}" uwsgi_tls: "{{ neutron_backend_ssl | ternary(neutron_uwsgi_tls, {}) }}"
uwsgi_pyargv: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}" uwsgi_pyargv: >-
--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini -}}
{% if ('ml2.genericswitch' in neutron_plugin_types) -%}
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}
{% endif %}
wsgi_name: "neutron-api" wsgi_name: "neutron-api"
execstarts: "{{ neutron_bin }}/neutron-server --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}" execstarts: >-
{{ neutron_bin }}/neutron-server --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}
{% if ('ml2.genericswitch' in neutron_plugin_types) -%}
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}
{% endif %}
init_config_overrides: "{{ neutron_server_init_overrides }}" init_config_overrides: "{{ neutron_server_init_overrides }}"
neutron-rpc-server: neutron-rpc-server:
group: neutron_server group: neutron_server
@ -483,14 +521,21 @@ neutron_services:
service_en: "{{ neutron_use_uwsgi }}" service_en: "{{ neutron_use_uwsgi }}"
init_config_overrides: "{{ neutron_rpc_server_init_overrides | combine(neutron_server_init_overrides) }}" init_config_overrides: "{{ neutron_rpc_server_init_overrides | combine(neutron_server_init_overrides) }}"
start_order: 2 start_order: 2
execstarts: "{{ neutron_bin }}/neutron-rpc-server --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}" execstarts: >-
{{ neutron_bin }}/neutron-rpc-server --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}
{% if ('ml2.genericswitch' in neutron_plugin_types) -%}
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}
{% endif %}
neutron-sriov-nic-agent: neutron-sriov-nic-agent:
group: neutron_sriov_nic_agent group: neutron_sriov_nic_agent
service_name: neutron-sriov-nic-agent service_name: neutron-sriov-nic-agent
service_en: "{{ 'ml2.sriov' in neutron_plugin_types }}" service_en: "{{ 'ml2.sriov' in neutron_plugin_types }}"
service_conf_path: "{{ neutron_conf_version_dir }}" service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: plugins/ml2/sriov_nic_agent.ini service_conf: plugins/ml2/sriov_nic_agent.ini
execstarts: "{{ neutron_bin }}/neutron-sriov-nic-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/sriov_nic_agent.ini" execstarts: >-
{{ neutron_bin }}/neutron-sriov-nic-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/sriov_nic_agent.ini
config_overrides: "{{ neutron_sriov_nic_agent_ini_overrides }}" config_overrides: "{{ neutron_sriov_nic_agent_ini_overrides }}"
config_type: "ini" config_type: "ini"
init_config_overrides: "{{ neutron_sriov_nic_agent_init_overrides }}" init_config_overrides: "{{ neutron_sriov_nic_agent_init_overrides }}"
@ -511,7 +556,9 @@ neutron_services:
service_conf_path: "{{ neutron_conf_version_dir }}" service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: neutron_ovn_metadata_agent.ini service_conf: neutron_ovn_metadata_agent.ini
service_rootwrap: rootwrap.d/ovn-plugin.filters service_rootwrap: rootwrap.d/ovn-plugin.filters
execstarts: "{{ neutron_bin }}/neutron-ovn-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/neutron_ovn_metadata_agent.ini" execstarts: >-
{{ neutron_bin }}/neutron-ovn-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/neutron_ovn_metadata_agent.ini
config_overrides: "{{ neutron_ovn_metadata_agent_ini_overrides }}" config_overrides: "{{ neutron_ovn_metadata_agent_ini_overrides }}"
config_type: "ini" config_type: "ini"
init_config_overrides: "{{ neutron_ovn_metadata_agent_init_overrides }}" init_config_overrides: "{{ neutron_ovn_metadata_agent_init_overrides }}"
@ -522,7 +569,9 @@ neutron_services:
service_en: "{{ 'ml2.baremetal' in neutron_plugin_types }}" service_en: "{{ 'ml2.baremetal' in neutron_plugin_types }}"
service_conf_path: "{{ neutron_conf_version_dir }}" service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: plugins/ml2/ironic_neutron_agent.ini service_conf: plugins/ml2/ironic_neutron_agent.ini
execstarts: "{{ neutron_bin }}/ironic-neutron-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/ironic_neutron_agent.ini" execstarts: >-
{{ neutron_bin }}/ironic-neutron-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/ironic_neutron_agent.ini
config_overrides: "{{ neutron_ironic_neutron_agent_ini_overrides }}" config_overrides: "{{ neutron_ironic_neutron_agent_ini_overrides }}"
config_type: "ini" config_type: "ini"
init_config_overrides: "{{ neutron_ironic_neutron_agent_init_overrides }}" init_config_overrides: "{{ neutron_ironic_neutron_agent_init_overrides }}"

2
vars/redhat.yml
View File

@ -57,7 +57,7 @@ neutron_distro_packages:
- which - which
neutron_ovn_distro_packages: neutron_ovn_distro_packages:
- openvswitch-ovn-common - openvswitch-ovn-common
neutron_ovn_controller_distro_packages: neutron_ovn_controller_distro_packages:
- openvswitch-ovn-host - openvswitch-ovn-host