diff --git a/doc/source/app-openvswitch-dvr.rst b/doc/source/app-openvswitch-dvr.rst index a4d504ce..8657f7b5 100644 --- a/doc/source/app-openvswitch-dvr.rst +++ b/doc/source/app-openvswitch-dvr.rst @@ -14,6 +14,11 @@ outlines how to set it up in your environment. Recommended reading ~~~~~~~~~~~~~~~~~~~ +This guide is a variation of the standard Open vSwitch deployment guide +available at: + +``_ + We recommend that you read the following documents before proceeding: * Neutron documentation on Open vSwitch DVR OpenStack deployments: @@ -42,39 +47,94 @@ Create a group var file for your network hosts - name: "openvswitch" pattern: "CONFIG_OPENVSWITCH" +Specify provider network definitions in your +``/etc/openstack_deploy/openstack_user_config.yml`` that define +one or more Neutron provider bridges and related configuration: + +.. note:: + + Bridges specified here will be created automatically. If + ``network_interface`` is defined, the interface will be placed into + the bridge automatically. + +.. code-block:: yaml + + - network: + container_bridge: "br-provider" + container_type: "veth" + type: "vlan" + range: "101:200,301:400" + net_name: "physnet1" + network_interface: "bond1" + group_binds: + - neutron_openvswitch_agent + - network: + container_bridge: "br-provider2" + container_type: "veth" + type: "vlan" + range: "203:203,467:500" + net_name: "physnet2" + network_interface: "bond2" + group_binds: + - neutron_openvswitch_agent + +When using ``flat`` provider networks, modify the network type accordingly: + +.. code-block:: yaml + + - network: + container_bridge: "br-provider" + container_type: "veth" + type: "flat" + net_name: "flat" + group_binds: + - neutron_openvswitch_agent + +Specify an overlay network definition in your +``/etc/openstack_deploy/openstack_user_config.yml`` that defines +overlay network-related configuration: + +.. note:: + + The bridge name should correspond to a pre-created Linux bridge or + OVS bridge. + +.. code-block:: yaml + + - network: + container_bridge: "br-vxlan" + container_type: "veth" + container_interface: "eth10" + ip_from_q: "tunnel" + type: "vxlan" + range: "1:1000" + net_name: "vxlan" + group_binds: + - neutron_openvswitch_agent Set the following user variables in your ``/etc/openstack_deploy/user_variables.yml``: +.. note:: + + The only difference a DVR deployment and the standard Open vSwitch + deployment is the setting of the respective ``neutron_plugin_type``. + .. code-block:: yaml - ### neutron specific config neutron_plugin_type: ml2.ovs.dvr - neutron_ml2_drivers_type: "flat,vlan" + neutron_ml2_drivers_type: "flat,vlan,vxlan" - # Typically this would be defined by the os-neutron-install - # playbook. The provider_networks library would parse the - # provider_networks list in openstack_user_config.yml and - # generate the values of network_types, network_vlan_ranges - # and network_mappings. network_mappings would have a - # different value for each host in the inventory based on - # whether or not the host was metal (typically a compute host) - # or a container (typically a neutron agent container) - # - # When using Open vSwitch, we override it to take into account - # the Open vSwitch bridge we are going to define outside of - # OpenStack-Ansible plays - neutron_provider_networks: - network_flat_networks: "*" - network_types: "vlan" - network_vlan_ranges: "physnet1:102:199" - network_mappings: "physnet1:br-provider" +The overrides are instructing Ansible to deploy the OVS mechanism driver and +associated OVS and DVR components. This is done by setting ``neutron_plugin_type`` +to ``ml2.ovs.dvr``. -**Note:** The only difference to the Standard Open vSwitch configuration -is the setting of the ``ml2_plugin_type``. +The ``neutron_ml2_drivers_type`` override provides support for all common type +drivers supported by OVS. -Customization is needed to support additional network types such as vxlan, -GRE or Geneve. Refer to the `neutron agent configuration -`_ for -more information on these attributes. +For additional information regarding provider network overrides and other +configuration options, please refer to the standard Open vSwitch deployment +available at: + +``_ diff --git a/doc/source/app-openvswitch.rst b/doc/source/app-openvswitch.rst index 305944eb..d2c31a7b 100644 --- a/doc/source/app-openvswitch.rst +++ b/doc/source/app-openvswitch.rst @@ -141,46 +141,220 @@ Create a group var file for your network hosts - name: "openvswitch" pattern: "CONFIG_OPENVSWITCH" +Specify provider network definitions in your +``/etc/openstack_deploy/openstack_user_config.yml`` that define +one or more Neutron provider bridges and related configuration: -Set the following user variables in your -``/etc/openstack_deploy/user_variables.yml``: * +.. note:: + + Bridges specified here will be created automatically. If + ``network_interface`` is defined, the interface will be placed into + the bridge automatically. + +.. code-block:: yaml + + - network: + container_bridge: "br-provider" + container_type: "veth" + type: "vlan" + range: "101:200,301:400" + net_name: "physnet1" + network_interface: "bond1" + group_binds: + - neutron_openvswitch_agent + - network: + container_bridge: "br-provider2" + container_type: "veth" + type: "vlan" + range: "203:203,467:500" + net_name: "physnet2" + network_interface: "bond2" + group_binds: + - neutron_openvswitch_agent + +When using ``flat`` provider networks, modify the network type accordingly: + +.. code-block:: yaml + + - network: + container_bridge: "br-publicnet" + container_type: "veth" + type: "flat" + net_name: "flat" + group_binds: + - neutron_openvswitch_agent + +Specify an overlay network definition in your +``/etc/openstack_deploy/openstack_user_config.yml`` that defines +overlay network-related configuration: + +.. note:: + + The bridge name should correspond to a pre-created Linux bridge or + OVS bridge. + +.. code-block:: yaml + + - network: + container_bridge: "br-vxlan" + container_type: "veth" + container_interface: "eth10" + ip_from_q: "tunnel" + type: "vxlan" + range: "1:1000" + net_name: "vxlan" + group_binds: + - neutron_openvswitch_agent + +Set the following user variables in your +``/etc/openstack_deploy/user_variables.yml``: .. code-block:: yaml - ### neutron specific config neutron_plugin_type: ml2.ovs - neutron_ml2_drivers_type: "flat,vlan" + neutron_ml2_drivers_type: "flat,vlan,vxlan" - # Typically this would be defined by the os-neutron-install - # playbook. The provider_networks library would parse the - # provider_networks list in openstack_user_config.yml and - # generate the values of network_types, network_vlan_ranges - # and network_mappings. network_mappings would have a - # different value for each host in the inventory based on - # whether or not the host was metal (typically a compute host) - # or a container (typically a neutron agent container) - # - # When using Open vSwitch, we override it to take into account - # the Open vSwitch bridge we are going to define outside of - # OpenStack-Ansible plays +The overrides are instructing Ansible to deploy the OVS mechanism driver and +associated OVS components. This is done by setting ``neutron_plugin_type`` +to ``ml2.ovs``. + +The ``neutron_ml2_drivers_type`` override provides support for all common type +drivers supported by OVS. + +If provider network overrides are needed on a global or per-host basis, +the following format can be used in ``user_variables.yml`` or per-host +in ``openstack_user_config.yml``. + +.. note:: + + These overrides are not normally required when defining global provider + networks in the ``openstack_user_config.yml`` file. + +.. code-block:: yaml + + # When configuring Neutron to support vxlan tenant networks and + # vlan provider networks the configuration may resemble the following: + neutron_provider_networks: + network_types: "vxlan" + network_vxlan_ranges: "1:1000" + network_vlan_ranges: "physnet1:102:199" + network_mappings: "physnet1:br-provider" + network_interface_mappings: "br-provider:bond1" + + # When configuring Neutron to support only vlan tenant networks and + # vlan provider networks the configuration may resemble the following: neutron_provider_networks: - network_flat_networks: "*" network_types: "vlan" network_vlan_ranges: "physnet1:102:199" network_mappings: "physnet1:br-provider" + network_interface_mappings: "br-provider:bond1" - # When using Open vSwitch, Tenant network is of type vxlan and want - # to provide the external network connectivity over flat provider - # network, then configure neutron_provider_networks like following. + # When configuring Neutron to support multiple vlan provider networks + # the configuration may resemble the following: + neutron_provider_networks: + network_types: "vlan" + network_vlan_ranges: "physnet1:102:199,physnet2:2000:2999" + network_mappings: "physnet1:br-provider,physnet2:br-provider2" + network_interface_mappings: "br-provider:bond1,br-provider2:bond2" + + # When configuring Neutron to support multiple vlan and flat provider + # networks the configuration may resemble the following: neutron_provider_networks: network_flat_networks: "*" - network_types: "vxlan" - network_vxlan_ranges: "1:1000" - network_mappings: "provider:br-provider" - network_interface: eth12 + network_types: "vlan" + network_vlan_ranges: "physnet1:102:199,physnet2:2000:2999" + network_mappings: "physnet1:br-provider,physnet2:br-provider2" + network_interface_mappings: "br-provider:bond1,br-provider2:bond2" -Customization is needed to support additional network types such as vxlan, -GRE or Geneve. Refer to the `neutron agent configuration -`_ for -more information on these attributes. +Open Virtual Switch (OVS) commands +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following commands can be used to provide useful information about the +state of Open vSwitch networking and configurations. + +The ``ovs-vsctl show`` command provides information about the virtual switches +and connected ports currently configured on the host: + +.. code-block:: console + + root@infra01:~# ovs-vsctl show + 4ef304ff-b803-4d09-95f5-59a076323949 + Manager "ptcp:6640:127.0.0.1" + is_connected: true + Bridge br-int + Controller "tcp:127.0.0.1:6633" + is_connected: true + fail_mode: secure + Port "tap2e7e0507-e4" + tag: 2 + Interface "tap2e7e0507-e4" + type: internal + Port int-br-vlan + Interface int-br-vlan + type: patch + options: {peer=phy-br-provider} + Port br-int + Interface br-int + type: internal + Port "tap7796ab3d-e9" + tag: 5 + Interface "tap7796ab3d-e9" + type: internal + Port patch-tun + Interface patch-tun + type: patch + options: {peer=patch-int} + Bridge br-tun + Controller "tcp:127.0.0.1:6633" + is_connected: true + fail_mode: secure + Port "vxlan-ac1df015" + Interface "vxlan-ac1df015" + type: vxlan + options: {df_default="true", in_key=flow, local_ip="172.29.240.20", out_key=flow, remote_ip="172.29.240.21"} + Port patch-int + Interface patch-int + type: patch + options: {peer=patch-tun} + Port "vxlan-ac1df017" + Interface "vxlan-ac1df017" + type: vxlan + options: {df_default="true", in_key=flow, local_ip="172.29.240.20", out_key=flow, remote_ip="172.29.240.23"} + Port br-tun + Interface br-tun + type: internal + Bridge br-provider + Controller "tcp:127.0.0.1:6633" + is_connected: true + fail_mode: secure + Port "ens192" + Interface "ens192" + Port br-provider + Interface br-provider + type: internal + Port phy-br-provider + Interface phy-br-provider + type: patch + options: {peer=int-br-provider} + ovs_version: "2.10.0" + +Additional commands can be found in upstream Open vSwitch documentation. + +Notes +~~~~~ + +The ``neutron-openvswitch-agent`` service will check in as an agent +and can be observed using the ``openstack network agent list`` command: + +.. code-block:: console + + root@infra01-utility-container-ce1509fd:~# openstack network agent list --agent-type open-vswitch + +--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+ + | ID | Agent Type | Host | Availability Zone | Alive | State | Binary | + +--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+ + | 4dcef710-ec0c-4925-a940-dc319cd6849f | Open vSwitch agent | compute03 | None | :-) | UP | neutron-openvswitch-agent | + | 5e1f8670-b90e-49c3-84ff-e981aeccb171 | Open vSwitch agent | compute02 | None | :-) | UP | neutron-openvswitch-agent | + | 78746672-d77a-4d8a-bb48-f659251fa246 | Open vSwitch agent | compute01 | None | :-) | UP | neutron-openvswitch-agent | + | eebab5da-3ef5-4582-84c5-f29e2472a44a | Open vSwitch agent | infra01 | None | :-) | UP | neutron-openvswitch-agent | + +--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+ diff --git a/doc/source/app-ovn.rst b/doc/source/app-ovn.rst index 25f3977d..80ea6e62 100644 --- a/doc/source/app-ovn.rst +++ b/doc/source/app-ovn.rst @@ -61,8 +61,8 @@ Create a group var file for your network hosts pattern: "CONFIG_OPENVSWITCH" Copy the neutron environment overrides to -/etc/openstack_deploy/env.d/neutron.yml to disable the creation of the -neutron agents container and implement the neutron_ovn_northd_container +``/etc/openstack_deploy/env.d/neutron.yml`` to disable the creation of the +neutron agents container and implement the ``neutron_ovn_northd_container`` hosts group containing all network nodes: .. code-block:: yaml @@ -85,8 +85,8 @@ hosts group containing all network nodes: - neutron_ovn_northd Copy the nova environment overrides to -/etc/openstack_deploy/env.d/nova.yml to implement the -neutron_ovn_controller hosts group containing all compute nodes: +``/etc/openstack_deploy/env.d/nova.yml`` to implement the +``neutron_ovn_controller`` hosts group containing all compute nodes: .. code-block:: yaml @@ -109,8 +109,10 @@ one or more Neutron provider bridges and related configuration: .. note:: - Bridges specified here will be created automatically. Only VLAN - network types are supported at this time. + Bridges specified here will be created automatically. If + ``network_interface`` is defined, the interface will be placed into + the bridge automatically. Only VLAN network types are supported at + this time. .. code-block:: yaml @@ -120,6 +122,7 @@ one or more Neutron provider bridges and related configuration: type: "vlan" range: "101:200,301:400" net_name: "private" + network_interface: "bond2" group_binds: - neutron_ovn_controller - network: @@ -128,6 +131,7 @@ one or more Neutron provider bridges and related configuration: type: "vlan" range: "203:203,467:500" net_name: "public" + network_interface: "bond1" group_binds: - neutron_ovn_controller @@ -185,13 +189,14 @@ in ``openstack_user_config.yml``. .. code-block:: yaml - # When configuring Neutron to support only geneve tenant networks and + # When configuring Neutron to support geneve tenant networks and # vlan provider networks the configuration may resemble the following: neutron_provider_networks: network_types: "geneve" network_geneve_ranges: "1:1000" network_vlan_ranges: "public" network_mappings: "public:br-publicnet" + network_interface_mappings: "br-publicnet:bond1" # When configuring Neutron to support only vlan tenant networks and # vlan provider networks the configuration may resemble the following: @@ -199,6 +204,7 @@ in ``openstack_user_config.yml``. network_types: "vlan" network_vlan_ranges: "public:203:203,467:500" network_mappings: "public:br-publicnet" + network_interface_mappings: "br-publicnet:bond1" # When configuring Neutron to support multiple vlan provider networks # the configuration may resemble the following: @@ -206,16 +212,18 @@ in ``openstack_user_config.yml``. network_types: "vlan" network_vlan_ranges: "public:203:203,467:500,private:101:200,301:400" network_mappings: "public:br-publicnet,private:br-privatenet" + network_interface_mappings: "br-publicnet:bond1,br-privatenet:bond2" Open Virtual Network (OVN) commands ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -The following commands can be used to provide useful information about... +The following commands can be used to provide useful information about the +state of Open vSwitch networking and configurations. The ``ovs-vsctl list open_vswitch`` command provides information about the ``open_vswitch`` table in the local Open vSwitch database: -.. code-block:: +.. code-block:: console root@aio1:~# ovs-vsctl list open_vswitch _uuid : 855c820b-c082-4d8f-9828-8cab01c6c9a0 @@ -238,7 +246,7 @@ The ``ovn-sbctl show`` command provides information related to southbound connections. If used outside the ovn_northd container, specify the connection details: -.. code-block:: +.. code-block:: console root@aio1-neutron-ovn-northd-container-57a6f1a9:~# ovn-sbctl show Chassis "11af26c6-9ec1-4cf7-bf41-2af45bd59b03" @@ -264,7 +272,7 @@ The ``ovn-nbctl show`` command provides information about networks known to OVN and demonstrates connectivity between the northbound database and neutron-server. -.. code-block:: +.. code-block:: console root@aio1-neutron-ovn-northd-container-57a6f1a9:~# ovn-nbctl show switch 5e77f29e-5dd3-4875-984f-94bd30a12dc3 (neutron-87ec5a05-9abe-4c93-89bd-c6d40320db87) (aka testnet) @@ -276,7 +284,7 @@ The ``ovn-nbctl list Address_Set`` command provides information related to security groups. If used outside the ovn_northd container, specify the connection details: -.. code-block:: +.. code-block:: console root@aio1-neutron-ovn-northd-container-57a6f1a9:~# ovn-nbctl list Address_Set _uuid : 575b3015-f83f-4bd6-a698-3fe67e43bec6 @@ -308,7 +316,7 @@ Notes The ``ovn-controller`` service on compute nodes will check in as an agent and can be observed using the ``openstack network agent list`` command: -.. code-block:: +.. code-block:: console root@aio1-utility-container-35bebd2a:~# openstack network agent list +--------------------------------------+------------------------------+------+-------------------+-------+-------+----------------+ @@ -317,9 +325,6 @@ and can be observed using the ``openstack network agent list`` command: | 4db288a6-8f8a-4153-b4b7-7eaf44f9e881 | OVN Controller Gateway agent | aio1 | n/a | :-) | UP | ovn-controller | +--------------------------------------+------------------------------+------+-------------------+-------+-------+----------------+ -The HAproxy client and server timeout values have been increased from -50 seconds to 90 minutes for all load-balanced OVN-related services. - The HAproxy implementation in use may not properly handle active/backup failover for ovsdb-server with OVN. Work may be done to implement -pacemaker/corosync or wait for active/active support. +pacemaker/corosync or wait for upstream active/active support. diff --git a/releasenotes/notes/neutron-ovs-interface-mappings-789902128b82e721.yaml b/releasenotes/notes/neutron-ovs-interface-mappings-789902128b82e721.yaml new file mode 100644 index 00000000..b0b0820e --- /dev/null +++ b/releasenotes/notes/neutron-ovs-interface-mappings-789902128b82e721.yaml @@ -0,0 +1,22 @@ +--- +features: + - | + The ``provider_networks`` library has been updated to support the + definition of network interfaces that can automatically be added as ports + to OVS provider bridges setup during a deployment. To activate this feature, + add the ``network_interface`` key to the respective flat and/or vlan provider + network definition in ``openstack_user_config.yml``. For more information, + refer to the latest Open vSwitch deployment guide. +upgrade: + - | + The ``provider_networks`` library has been updated to support the + definition of network interfaces that can automatically be added as ports + to OVS provider bridges setup during a deployment. As a result, the + ``network_interface`` value applied to the ``neutron_provider_networks`` + override in ``user_variables.yml``, as described in previous Open vSwitch + deployment guides, is no longer effective. If overrides are + necessary, use ``network_interface_mappings`` within the provider network + override and specify the respective bridge-to-interface mapping + (e.g. "br-provider:bond1"). For more information, refer to the latest Open + vSwitch deployment guide. + diff --git a/tasks/providers/ovn_config.yml b/tasks/providers/ovn_config.yml index 7a20ee60..f32ed3a6 100644 --- a/tasks/providers/ovn_config.yml +++ b/tasks/providers/ovn_config.yml @@ -68,8 +68,6 @@ name: "{{ neutron_ovs_service_name }}" state: started enabled: yes - tags: - - ovn-config when: - neutron_services['neutron-ovn-northd']['group'] in group_names or neutron_services['neutron-ovn-controller']['group'] in group_names @@ -79,8 +77,6 @@ name: "{{ neutron_ovn_northd_service_name }}" state: started enabled: yes - tags: - - ovn-config when: - neutron_services['neutron-ovn-northd']['group'] in group_names @@ -89,8 +85,6 @@ name: "{{ neutron_ovn_controller_service_name }}" state: started enabled: yes - tags: - - ovn-config when: - neutron_services['neutron-ovn-controller']['group'] in group_names diff --git a/tasks/providers/ovs_config.yml b/tasks/providers/ovs_config.yml index cf76ed0e..faecf6d3 100644 --- a/tasks/providers/ovs_config.yml +++ b/tasks/providers/ovs_config.yml @@ -13,24 +13,28 @@ # See the License for the specific language governing permissions and # limitations under the License. -# This file is responsible for the L3 configuration -- name: Setup External Network Provider Bridge +- name: Setup Network Provider Bridges openvswitch_bridge: - bridge: "{{ neutron_provider_networks.network_mappings.split(':')[1] }}" + bridge: "{{ bridge_mapping.split(':')[1] }}" fail_mode: secure state: present + with_items: "{{ neutron_provider_networks.network_mappings.split(',') }}" + loop_control: + loop_var: bridge_mapping when: - neutron_services['neutron-openvswitch-agent']['group'] in group_names - neutron_plugin_type in ['ml2.ovs', 'ml2.ovs.dvr'] - neutron_provider_networks.network_mappings is defined -- name: Add port to External Network Provider Bridge +- name: Add ports to Network Provider Bridges openvswitch_port: - bridge: "{{ neutron_provider_networks.network_mappings.split(':')[1] }}" - port: "{{ neutron_provider_networks.network_interface }}" + bridge: "{{ interface_mapping.split(':')[0] }}" + port: "{{ interface_mapping.split(':')[1] }}" state: present + with_items: "{{ neutron_provider_networks.network_interface_mappings.split(',') }}" + loop_control: + loop_var: interface_mapping when: - neutron_services['neutron-openvswitch-agent']['group'] in group_names - neutron_plugin_type in ['ml2.ovs', 'ml2.ovs.dvr'] - - neutron_provider_networks.network_mappings is defined - - neutron_provider_networks.network_interface is defined + - neutron_provider_networks.network_interface_mappings is defined and (neutron_provider_networks.network_interface_mappings|length > 0) diff --git a/tasks/providers/setup_ovs_ovn.yml b/tasks/providers/setup_ovs_ovn.yml index 57e6b3a9..5aa04cc2 100644 --- a/tasks/providers/setup_ovs_ovn.yml +++ b/tasks/providers/setup_ovs_ovn.yml @@ -16,75 +16,73 @@ - name: Set openvswitch hostname command: "ovs-vsctl set open_vswitch . external-ids:hostname='{{ ansible_hostname }}'" - tags: - - ovn-config when: - (neutron_services['neutron-ovn-northd']['group'] in group_names) or (neutron_services['neutron-ovn-controller']['group'] in group_names) - name: Create ovsdb-server Listener command: "ovs-vsctl set-manager ptcp:6640" - tags: - - ovn-config when: - neutron_services['neutron-ovn-northd']['group'] in group_names - name: Configure OVN Northbound Listener command: "ovn-nbctl set-connection ptcp:6641:0.0.0.0 -- set connection . inactivity_probe=60000" - tags: - - ovn-config when: - neutron_services['neutron-ovn-northd']['group'] in group_names - name: Configure OVN Southbound Listener command: "ovn-sbctl set-connection ptcp:6642:0.0.0.0 -- set connection . inactivity_probe=60000" - tags: - - ovn-config when: - neutron_services['neutron-ovn-northd']['group'] in group_names # (NOTE) This makes all computes eligible to be gateway nodes - name: Set CMS Options for Gateway Scheduling command: "ovs-vsctl set open . external-ids:ovn-cms-options=enable-chassis-as-gw" - tags: - - ovn-config when: - neutron_services['neutron-ovn-controller']['group'] in group_names - name: Configure OVN Southbound Connection command: "ovs-vsctl set open . external-ids:ovn-remote=tcp:{{ neutron_ovn_ip }}:6642" - tags: - - ovn-config when: - neutron_services['neutron-ovn-controller']['group'] in group_names # (todo) Dynamic encap type - name: Configure Supported OVN Overlay Protocols command: "ovs-vsctl set open . external-ids:ovn-encap-type=geneve,vxlan" - tags: - - ovn-config when: - neutron_services['neutron-ovn-controller']['group'] in group_names - name: Configure Encapsulation Address for Overlay Traffic command: "ovs-vsctl set open . external-ids:ovn-encap-ip={{ neutron_local_ip }}" - tags: - - ovn-config when: - neutron_services['neutron-ovn-controller']['group'] in group_names -- name: Setup Network Provider Bridge +- name: Setup Network Provider Bridges openvswitch_bridge: - bridge: "{{ neutron_provider_networks.network_mappings.split(':')[1] }}" + bridge: "{{ bridge_mapping.split(':')[1] }}" state: present + with_items: "{{ neutron_provider_networks.network_mappings.split(',') }}" + loop_control: + loop_var: bridge_mapping when: - neutron_services['neutron-ovn-controller']['group'] in group_names - neutron_provider_networks.network_mappings is defined -- name: Set the Bridge Mappings +- name: Add ports to Network Provider Bridges + openvswitch_port: + bridge: "{{ interface_mapping.split(':')[0] }}" + port: "{{ interface_mapping.split(':')[1] }}" + state: present + with_items: "{{ neutron_provider_networks.network_interface_mappings.split(',') }}" + loop_control: + loop_var: interface_mapping + when: + - neutron_services['neutron-ovn-controller']['group'] in group_names + - neutron_provider_networks.network_interface_mappings is defined and (neutron_provider_networks.network_interface_mappings|length > 0) + +- name: Set the OVN Bridge Mappings in OVS command: "ovs-vsctl set open . external-ids:ovn-bridge-mappings={{ neutron_provider_networks.network_mappings }}" - tags: - - ovn-config when: - neutron_provider_networks.network_mappings is defined - neutron_services['neutron-ovn-controller']['group'] in group_names +