summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEmma Gordon <emma@projectcalico.org>2015-05-12 11:17:07 +0100
committerEmma Gordon <emma@projectcalico.org>2015-05-20 14:42:38 +0100
commita25d0b87de01b5878d15ccfac4424d7cbe969926 (patch)
tree8547dc356c951ddab8b1f93aadc567a1ace19abc
parent88aed2de76e928a4d99dea935a51b6d82bb08b54 (diff)
Create Calico plugin for Fuel 6.1
Notes
Notes (review): Verified+2: Jenkins Code-Review+2: Neil Jerram <Neil.Jerram@metaswitch.com> Workflow+1: Neil Jerram <Neil.Jerram@metaswitch.com> Submitted-by: Jenkins Submitted-at: Thu, 21 May 2015 22:11:19 +0000 Reviewed-on: https://review.openstack.org/182656 Project: stackforge/fuel-plugin-calico Branch: refs/heads/master
-rw-r--r--LICENSE204
-rwxr-xr-xREADME.md98
-rwxr-xr-xdeployment_scripts/calico_compute.sh163
-rwxr-xr-xdeployment_scripts/calico_controller.sh183
-rwxr-xr-xdeployment_scripts/calico_route_reflector.sh63
-rwxr-xr-xdeployment_scripts/get_controller_ip.py15
-rwxr-xr-xdeployment_scripts/get_node_ip.py50
-rw-r--r--environment_config.yaml1
-rw-r--r--metadata.yaml29
-rw-r--r--pre_build_hook18
-rw-r--r--repositories/centos/.gitkeep0
-rw-r--r--repositories/ubuntu/.gitkeep0
-rwxr-xr-xspecs/calico-fuel-plugin.rst144
-rw-r--r--tasks.yaml23
14 files changed, 991 insertions, 0 deletions
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..71bf45b
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,204 @@
1Copyright 2015 Metaswitch Networks
2
3Apache License
4 Version 2.0, January 2004
5 http://www.apache.org/licenses/
6
7 TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
8
9 1. Definitions.
10
11 "License" shall mean the terms and conditions for use, reproduction,
12 and distribution as defined by Sections 1 through 9 of this document.
13
14 "Licensor" shall mean the copyright owner or entity authorized by
15 the copyright owner that is granting the License.
16
17 "Legal Entity" shall mean the union of the acting entity and all
18 other entities that control, are controlled by, or are under common
19 control with that entity. For the purposes of this definition,
20 "control" means (i) the power, direct or indirect, to cause the
21 direction or management of such entity, whether by contract or
22 otherwise, or (ii) ownership of fifty percent (50%) or more of the
23 outstanding shares, or (iii) beneficial ownership of such entity.
24
25 "You" (or "Your") shall mean an individual or Legal Entity
26 exercising permissions granted by this License.
27
28 "Source" form shall mean the preferred form for making modifications,
29 including but not limited to software source code, documentation
30 source, and configuration files.
31
32 "Object" form shall mean any form resulting from mechanical
33 transformation or translation of a Source form, including but
34 not limited to compiled object code, generated documentation,
35 and conversions to other media types.
36
37 "Work" shall mean the work of authorship, whether in Source or
38 Object form, made available under the License, as indicated by a
39 copyright notice that is included in or attached to the work
40 (an example is provided in the Appendix below).
41
42 "Derivative Works" shall mean any work, whether in Source or Object
43 form, that is based on (or derived from) the Work and for which the
44 editorial revisions, annotations, elaborations, or other modifications
45 represent, as a whole, an original work of authorship. For the purposes
46 of this License, Derivative Works shall not include works that remain
47 separable from, or merely link (or bind by name) to the interfaces of,
48 the Work and Derivative Works thereof.
49
50 "Contribution" shall mean any work of authorship, including
51 the original version of the Work and any modifications or additions
52 to that Work or Derivative Works thereof, that is intentionally
53 submitted to Licensor for inclusion in the Work by the copyright owner
54 or by an individual or Legal Entity authorized to submit on behalf of
55 the copyright owner. For the purposes of this definition, "submitted"
56 means any form of electronic, verbal, or written communication sent
57 to the Licensor or its representatives, including but not limited to
58 communication on electronic mailing lists, source code control systems,
59 and issue tracking systems that are managed by, or on behalf of, the
60 Licensor for the purpose of discussing and improving the Work, but
61 excluding communication that is conspicuously marked or otherwise
62 designated in writing by the copyright owner as "Not a Contribution."
63
64 "Contributor" shall mean Licensor and any individual or Legal Entity
65 on behalf of whom a Contribution has been received by Licensor and
66 subsequently incorporated within the Work.
67
68 2. Grant of Copyright License. Subject to the terms and conditions of
69 this License, each Contributor hereby grants to You a perpetual,
70 worldwide, non-exclusive, no-charge, royalty-free, irrevocable
71 copyright license to reproduce, prepare Derivative Works of,
72 publicly display, publicly perform, sublicense, and distribute the
73 Work and such Derivative Works in Source or Object form.
74
75 3. Grant of Patent License. Subject to the terms and conditions of
76 this License, each Contributor hereby grants to You a perpetual,
77 worldwide, non-exclusive, no-charge, royalty-free, irrevocable
78 (except as stated in this section) patent license to make, have made,
79 use, offer to sell, sell, import, and otherwise transfer the Work,
80 where such license applies only to those patent claims licensable
81 by such Contributor that are necessarily infringed by their
82 Contribution(s) alone or by combination of their Contribution(s)
83 with the Work to which such Contribution(s) was submitted. If You
84 institute patent litigation against any entity (including a
85 cross-claim or counterclaim in a lawsuit) alleging that the Work
86 or a Contribution incorporated within the Work constitutes direct
87 or contributory patent infringement, then any patent licenses
88 granted to You under this License for that Work shall terminate
89 as of the date such litigation is filed.
90
91 4. Redistribution. You may reproduce and distribute copies of the
92 Work or Derivative Works thereof in any medium, with or without
93 modifications, and in Source or Object form, provided that You
94 meet the following conditions:
95
96 (a) You must give any other recipients of the Work or
97 Derivative Works a copy of this License; and
98
99 (b) You must cause any modified files to carry prominent notices
100 stating that You changed the files; and
101
102 (c) You must retain, in the Source form of any Derivative Works
103 that You distribute, all copyright, patent, trademark, and
104 attribution notices from the Source form of the Work,
105 excluding those notices that do not pertain to any part of
106 the Derivative Works; and
107
108 (d) If the Work includes a "NOTICE" text file as part of its
109 distribution, then any Derivative Works that You distribute must
110 include a readable copy of the attribution notices contained
111 within such NOTICE file, excluding those notices that do not
112 pertain to any part of the Derivative Works, in at least one
113 of the following places: within a NOTICE text file distributed
114 as part of the Derivative Works; within the Source form or
115 documentation, if provided along with the Derivative Works; or,
116 within a display generated by the Derivative Works, if and
117 wherever such third-party notices normally appear. The contents
118 of the NOTICE file are for informational purposes only and
119 do not modify the License. You may add Your own attribution
120 notices within Derivative Works that You distribute, alongside
121 or as an addendum to the NOTICE text from the Work, provided
122 that such additional attribution notices cannot be construed
123 as modifying the License.
124
125 You may add Your own copyright statement to Your modifications and
126 may provide additional or different license terms and conditions
127 for use, reproduction, or distribution of Your modifications, or
128 for any such Derivative Works as a whole, provided Your use,
129 reproduction, and distribution of the Work otherwise complies with
130 the conditions stated in this License.
131
132 5. Submission of Contributions. Unless You explicitly state otherwise,
133 any Contribution intentionally submitted for inclusion in the Work
134 by You to the Licensor shall be under the terms and conditions of
135 this License, without any additional terms or conditions.
136 Notwithstanding the above, nothing herein shall supersede or modify
137 the terms of any separate license agreement you may have executed
138 with Licensor regarding such Contributions.
139
140 6. Trademarks. This License does not grant permission to use the trade
141 names, trademarks, service marks, or product names of the Licensor,
142 except as required for reasonable and customary use in describing the
143 origin of the Work and reproducing the content of the NOTICE file.
144
145 7. Disclaimer of Warranty. Unless required by applicable law or
146 agreed to in writing, Licensor provides the Work (and each
147 Contributor provides its Contributions) on an "AS IS" BASIS,
148 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
149 implied, including, without limitation, any warranties or conditions
150 of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
151 PARTICULAR PURPOSE. You are solely responsible for determining the
152 appropriateness of using or redistributing the Work and assume any
153 risks associated with Your exercise of permissions under this License.
154
155 8. Limitation of Liability. In no event and under no legal theory,
156 whether in tort (including negligence), contract, or otherwise,
157 unless required by applicable law (such as deliberate and grossly
158 negligent acts) or agreed to in writing, shall any Contributor be
159 liable to You for damages, including any direct, indirect, special,
160 incidental, or consequential damages of any character arising as a
161 result of this License or out of the use or inability to use the
162 Work (including but not limited to damages for loss of goodwill,
163 work stoppage, computer failure or malfunction, or any and all
164 other commercial damages or losses), even if such Contributor
165 has been advised of the possibility of such damages.
166
167 9. Accepting Warranty or Additional Liability. While redistributing
168 the Work or Derivative Works thereof, You may choose to offer,
169 and charge a fee for, acceptance of support, warranty, indemnity,
170 or other liability obligations and/or rights consistent with this
171 License. However, in accepting such obligations, You may act only
172 on Your own behalf and on Your sole responsibility, not on behalf
173 of any other Contributor, and only if You agree to indemnify,
174 defend, and hold each Contributor harmless for any liability
175 incurred by, or claims asserted against, such Contributor by reason
176 of your accepting any such warranty or additional liability.
177
178 END OF TERMS AND CONDITIONS
179
180 APPENDIX: How to apply the Apache License to your work.
181
182 To apply the Apache License to your work, attach the following
183 boilerplate notice, with the fields enclosed by brackets "{}"
184 replaced with your own identifying information. (Don't include
185 the brackets!) The text should be enclosed in the appropriate
186 comment syntax for the file format. We also recommend that a
187 file or class name and description of purpose be included on the
188 same "printed page" as the copyright notice for easier
189 identification within third-party archives.
190
191 Copyright {yyyy} {name of copyright owner}
192
193 Licensed under the Apache License, Version 2.0 (the "License");
194 you may not use this file except in compliance with the License.
195 You may obtain a copy of the License at
196
197 http://www.apache.org/licenses/LICENSE-2.0
198
199 Unless required by applicable law or agreed to in writing, software
200 distributed under the License is distributed on an "AS IS" BASIS,
201 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
202 See the License for the specific language governing permissions and
203 limitations under the License.
204
diff --git a/README.md b/README.md
new file mode 100755
index 0000000..63dfa58
--- /dev/null
+++ b/README.md
@@ -0,0 +1,98 @@
1Calico plugin for Mirantis Fuel
2===============================
3
4Calico provides seamless, scalable, secure Layer 3 Virtual Networking for your
5Mirantis OpenStack Deployment.
6
7By replacing OpenStack’s native networking model, Calico targets deployments
8where the vast majority of workloads only require L3 connectivity, providing
9efficient, easy to troubleshoot networking, without the complexity and
10inefficiency of overlay networking models. Calico does not require any
11additional nodes or Calico specific management – it just works, and gets out
12of your way!
13
14Limitations:
15------------
16
17In the current release, Calico requires a deployment with a single OpenStack
18controller. This limitation will be lifted in future releases.
19
20Compatible versions:
21--------------------
22
23 Mirantis Fuel 6.1
24
25
26To build the plugin:
27--------------------
28
29- Install the fuel plugin builder, fpb:
30
31 easy_install pip
32
33 pip install fuel-plugin-builder
34
35- Clone the calico plugin repository and run the plugin builder:
36
37 git clone https://github.com/stackforge/fuel-plugin-calico
38
39 cd fuel-plugin-calico/
40
41 fpb --build .
42
43- Check that the file calico-fuel-plugin-1.0-1.0.0-0.noarch.rpm was created.
44
45
46To install the plugin:
47----------------------
48
49- Prepare a clean fuel master node.
50
51- Copy the plugin onto the fuel master node:
52
53 scp calico-fuel-plugin-1.0-1.0.0-0.noarch.rpm root@<Fuel_Master_Node_IP>:/tmp
54
55- Install the plugin on the fuel master node:
56
57 cd /tmp
58
59 fuel plugins --install calico-fuel-plugin-1.0-1.0.0-0.noarch.rpm
60
61- Check the plugin was installed:
62
63 fuel plugins --list
64
65
66User Guide
67----------
68
69To deploy a cluster with the Calico plugin, use the Fuel web UI to deploy an
70OpenStack cluster in the usual way, with the following guidelines:
71
72- Create a new OpenStack environment, selecting:
73
74 Juno on Ubuntu Trusty
75
76 "Neutron with VLAN segmentation" as the networking setup
77
78- Under the settings tab, make sure the following options are checked:
79
80 "Assign public network to all nodes"
81
82 "Use Calico Virtual Networking"
83
84- Under the network tab, configure the 'Public' settings (leaving all of the
85 other sections with their default values). For example (exact values will
86 depend on your setup):
87
88 - IP Range: 172.18.203.60 - 172.18.203.69
89 - CIDR: 172.18.203.0/24
90 - Use VLAN tagging: No
91 - Gateway: 172.18.203.1
92 - Floating IP range: 172.18.203.70 - 172.18.203.79
93
94- Add nodes (for meaningful testing, you will need at least two compute nodes
95 in addition to the controller). Note that, in this release of Calico, only
96 a single controller node is supported.
97
98- Deploy changes
diff --git a/deployment_scripts/calico_compute.sh b/deployment_scripts/calico_compute.sh
new file mode 100755
index 0000000..24730f2
--- /dev/null
+++ b/deployment_scripts/calico_compute.sh
@@ -0,0 +1,163 @@
1#!/bin/bash
2
3exec > /tmp/calico_compute.log 2>&1
4
5set -x
6
7echo "Hi, I'm a compute node!"
8
9this_node_address=$(python get_node_ip.py `hostname`)
10controller_node_address=$(python get_controller_ip.py)
11
12# Get APT key for binaries.projectcalico.org.
13
14curl -L http://binaries.projectcalico.org/repo/key | apt-key add -
15
16# Add source for binaries.projectcalico.org, removing the priority files that
17# were automatically created by the fuel plugin installer (the version number
18# in the file names causes problems as it contains full stops, and the file
19# contents aren't what we want).
20
21rm -f /etc/apt/preferences.d/calico-fuel-plugin-1.0.0 /etc/apt/sources.list.d/calico-fuel-plugin-1.0.0.list
22
23cat > /etc/apt/sources.list.d/calico.list <<EOF
24deb http://binaries.projectcalico.org/fuel6.1 ./
25EOF
26
27cat << PREFS >> /etc/apt/preferences.d/calico-fuel
28Package: *
29Pin: origin binaries.projectcalico.org
30Pin-Priority: 1100
31PREFS
32
33# Add PPA for the etcd packages, and ensure that it has lower priority than
34# binaries.projectcalico.org so that we get the fuel versions of the calico
35# packages.
36
37apt-add-repository -y ppa:project-calico/juno
38
39cat > /etc/apt/preferences.d/calico-etcd <<EOF
40Package: *
41Pin: origin ppa:project-calico/juno
42Pin-Priority: 1075
43EOF
44
45# Pick up package details from new sources.
46apt-get update
47
48# Install etcd and configure it for a compute node.
49
50apt-get -y install etcd
51
52service etcd stop
53rm -rf /var/lib/etcd/*
54awk '/exec \/usr\/bin\/etcd/{while(getline && $0 != ""){}}1' /etc/init/etcd.conf > tmp
55mv tmp /etc/init/etcd.conf
56cat << EXEC_CMD >> /etc/init/etcd.conf
57exec /usr/bin/etcd -proxy on \\
58 -listen-client-urls http://127.0.0.1:4001 \\
59 -initial-cluster controller=http://${controller_node_address}:2380
60EXEC_CMD
61service etcd start
62
63# Run apt-get upgrade and apt-get dist-upgrade. These commands will
64# bring in Calico-specific updates to the OpenStack packages and to
65# dnsmasq.
66
67apt-get -y upgrade
68apt-get -y dist-upgrade
69
70# Open /etc/nova/nova.conf and remove the linuxnet_interface_driver line.
71
72cp /etc/nova/nova.conf /etc/nova/nova.conf.pre-calico
73
74sed -i "/^linuxnet_interface_driver/d" /etc/nova/nova.conf
75service nova-compute restart
76
77# Install some extra packages.
78
79apt-get -y install neutron-common neutron-dhcp-agent nova-api-metadata
80
81# Open /etc/neutron/dhcp_agent.ini in your preferred text editor. In
82# the [DEFAULT] section, add the following line:
83#
84# interface_driver = neutron.agent.linux.interface.RoutedInterfaceDriver
85
86cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.pre-calico
87
88sed -i "/^interface_driver/d" /etc/neutron/dhcp_agent.ini
89
90sed -i "/^\[DEFAULT\]/a\
91interface_driver = neutron.agent.linux.interface.RoutedInterfaceDriver
92" /etc/neutron/dhcp_agent.ini
93
94# Allow BGP connections through the Fuel firewall. We do this before
95# installing calico-compute, so that they will be included when the
96# calico-compute install script does iptables-save.
97iptables -I INPUT 1 -p tcp --dport 179 -j ACCEPT
98
99# Add sources for BIRD and Ubuntu Precise.
100
101gpg --keyserver keyserver.ubuntu.com --recv-keys F9C59A45
102gpg -a --export F9C59A45 | apt-key add -
103
104cat > /etc/apt/sources.list.d/bird.list <<EOF
105deb http://ppa.launchpad.net/cz.nic-labs/bird/ubuntu trusty main
106EOF
107
108cat > /etc/apt/sources.list.d/trusty.list <<EOF
109deb http://gb.archive.ubuntu.com/ubuntu/ trusty main
110deb http://gb.archive.ubuntu.com/ubuntu/ trusty universe
111EOF
112
113apt-get update
114
115# Install BIRD and calico-compute packages.
116
117# Note that this will trigger the installation of iptables-persistent which
118# will attempt to bring up a dialog box. We use debconf-set-selections to set
119# the value beforehand to avoid this (so not to interrupt the automated
120# installation process).
121echo iptables-persistent iptables-persistent/autosave_v4 boolean true | debconf-set-selections
122echo iptables-persistent iptables-persistent/autosave_v6 boolean true | debconf-set-selections
123
124apt-get -y install calico-compute bird
125
126# Configure BIRD. By default Calico assumes that you'll be deploying
127# a route reflector to avoid the need for a full BGP mesh. To this
128# end, it includes useful configuration scripts that will prepare a
129# BIRD config file with a single peering to the route reflector. If
130# that's correct for your network, you can run the following command
131# for IPv4 connectivity between compute hosts.
132#
133# The calico_route_reflector.sh script will set up the required BGP
134# Route Reflctor configuration on the controller to allow connections
135# from the compute nodes.
136#
137# If you are configuring a full BGP mesh you'll need to handle the BGP
138# configuration appropriately - by editing this script/the Route Reflector
139# script. You should consult the relevant documentation for your chosen BGP
140# stack.
141
142calico-gen-bird-conf.sh $this_node_address $controller_node_address 64511
143
144# Edit the /etc/calico/felix.cfg file:
145# Change the MetadataAddr setting to 127.0.0.1.
146# Change the MetadataPort setting to 8775.
147
148cp /etc/calico/felix.cfg.example /etc/calico/felix.cfg
149
150sed -i "/^MetadataAddr/d" /etc/calico/felix.cfg
151sed -i "/^\[global\]/a\
152MetadataAddr = 127.0.0.1
153" /etc/calico/felix.cfg
154
155sed -i "/^MetadataPort/d" /etc/calico/felix.cfg
156sed -i "/^\[global\]/a\
157MetadataPort = 8775
158" /etc/calico/felix.cfg
159
160# Restart the Felix service:
161service calico-felix restart
162
163exit 0
diff --git a/deployment_scripts/calico_controller.sh b/deployment_scripts/calico_controller.sh
new file mode 100755
index 0000000..e7c314b
--- /dev/null
+++ b/deployment_scripts/calico_controller.sh
@@ -0,0 +1,183 @@
1#!/bin/bash
2
3exec > /tmp/calico_controller.log 2>&1
4
5set -x
6
7echo "Hi, I'm a controller node!"
8
9this_node_address=$(python get_node_ip.py `hostname`)
10
11# Get APT key for binaries.projectcalico.org.
12
13curl -L http://binaries.projectcalico.org/repo/key | apt-key add -
14
15# Add source for binaries.projectcalico.org, removing the priority files that
16# were automatically created by the fuel plugin installer (the version number
17# in the file names causes problems as it contains full stops, and the file
18# contents aren't what we want).
19
20rm -f /etc/apt/preferences.d/calico-fuel-plugin-1.0.0 /etc/apt/sources.list.d/calico-fuel-plugin-1.0.0.list
21
22cat > /etc/apt/sources.list.d/calico.list <<EOF
23deb http://binaries.projectcalico.org/fuel6.1 ./
24EOF
25
26cat << PREFS >> /etc/apt/preferences.d/calico-fuel
27Package: *
28Pin: origin binaries.projectcalico.org
29Pin-Priority: 1100
30PREFS
31
32# Add PPA for the etcd packages, and ensure that it has lower priority than
33# binaries.projectcalico.org so that we get the fuel versions of the calico
34# packages.
35
36apt-add-repository -y ppa:project-calico/juno
37
38cat > /etc/apt/preferences.d/calico-etcd <<EOF
39Package: *
40Pin: origin ppa:project-calico/juno
41Pin-Priority: 1075
42EOF
43
44# Pick up package details from new sources.
45apt-get update
46
47# Install etcd and configure it for a controller node.
48
49apt-get -y install etcd
50
51service etcd stop
52rm -rf /var/lib/etcd/*
53awk '/exec \/usr\/bin\/etcd/{while(getline && $0 != ""){}}1' /etc/init/etcd.conf > tmp
54mv tmp /etc/init/etcd.conf
55cat << EXEC_CMD >> /etc/init/etcd.conf
56exec /usr/bin/etcd -name controller \\
57 -advertise-client-urls "http://${this_node_address}:2379,http://${this_node_address}:4001" \\
58 -listen-client-urls "http://0.0.0.0:2379,http://0.0.0.0:4001" \\
59 -listen-peer-urls "http://0.0.0.0:2380" \\
60 -initial-advertise-peer-urls "http://${this_node_address}:2380" \\
61 -initial-cluster-token fuel-cluster-1 \\
62 -initial-cluster controller=http://${this_node_address}:2380 \\
63 -initial-cluster-state new
64EXEC_CMD
65
66service etcd start
67
68# Ensure that the firewall isn't dropping traffic to the ports used by etcd.
69iptables -I INPUT 1 -p tcp --dport 2379 -j ACCEPT
70iptables -I INPUT 2 -p tcp --dport 2380 -j ACCEPT
71iptables -I INPUT 3 -p tcp --dport 4001 -j ACCEPT
72iptables-save > /etc/iptables.local
73/sbin/iptables-restore < /etc/iptables.local
74
75# Run apt-get upgrade and apt-get dist-upgrade. These commands will
76# bring in Calico-specific updates to the OpenStack packages and to
77# dnsmasq.
78
79apt-get -y upgrade
80apt-get -y dist-upgrade
81
82# Install the calico-control package:
83
84apt-get -y install calico-control
85
86# Edit the /etc/neutron/plugins/ml2/ml2_conf.ini file:
87#
88# Find the line beginning with type_drivers, and change it to
89# read type_drivers = local, flat.
90
91cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.pre-calico
92
93sed -i "/^type_drivers/d" /etc/neutron/plugins/ml2/ml2_conf.ini
94
95sed -i "/^\[ml2\]/a\
96type_drivers = local, flat
97" /etc/neutron/plugins/ml2/ml2_conf.ini
98
99# Find the line beginning with mechanism_drivers, and change it
100# to read mechanism_drivers = calico.
101
102sed -i "/^mechanism_drivers/d" /etc/neutron/plugins/ml2/ml2_conf.ini
103
104sed -i "/^\[ml2\]/a\
105mechanism_drivers = calico
106" /etc/neutron/plugins/ml2/ml2_conf.ini
107
108# Find the line beginning with tenant_network_types, and change it
109# to read tenant_network_types = local.
110
111sed -i "/^tenant_network_types/d" /etc/neutron/plugins/ml2/ml2_conf.ini
112
113sed -i "/^\[ml2\]/a\
114tenant_network_types = local
115" /etc/neutron/plugins/ml2/ml2_conf.ini
116
117# Edit the /etc/neutron/neutron.conf file:
118#
119# Find the line for the dhcp_agents_per_network setting,
120# uncomment it, and set its value to the number of compute nodes
121# that you will have (or any number larger than that). This
122# allows a DHCP agent to run on every compute node, which Calico
123# requires because the networks on different compute nodes are
124# not bridged together.
125
126cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.pre-calico
127
128sed -i "/^dhcp_agents_per_network/d" /etc/neutron/neutron.conf
129
130sed -i "/^\[DEFAULT\]/a\
131dhcp_agents_per_network = 1000
132" /etc/neutron/neutron.conf
133
134# Remove api_workers and rpc_workers config, so that these default to
135# 0. The Calico/OpenStack plugin doesn't currently work if the
136# Neutron server is split across multiple OS processes.
137
138sed -i "/^api_workers/d" /etc/neutron/neutron.conf
139sed -i "/^rpc_workers/d" /etc/neutron/neutron.conf
140
141# Set agent_down_time to 60, instead of Fuel's default setting of 15.
142# The Calico/OpenStack plugin reports Felix agent status every 30
143# seconds, based on the HEARTBEAT exchange between the plugin and each
144# Felix; and it is recommended that agent_down_time should be double
145# the expected reporting interval.
146
147sed -i "/^agent_down_time/d" /etc/neutron/neutron.conf
148
149sed -i "/^\[DEFAULT\]/a\
150agent_down_time = 60
151" /etc/neutron/neutron.conf
152
153# If dnspython is installed, eventlet replaces socket.getaddrinfo() with its
154# own version that cannot handle IPv6 addresses. As a workaround, we comment
155# out the '::1 localhost' line from /etc/hosts.
156
157sed -i "s/^::1\(.*\)/#::1\1 #commented out due to dnspython IPv6 issue/" /etc/hosts
158
159# Restart the neutron server process:
160
161service neutron-server restart
162
163# BIRD installation
164
165gpg --keyserver keyserver.ubuntu.com --recv-keys F9C59A45
166gpg -a --export F9C59A45 | apt-key add -
167
168cat > /etc/apt/sources.list.d/bird.list <<EOF
169deb http://ppa.launchpad.net/cz.nic-labs/bird/ubuntu trusty main
170EOF
171
172apt-get update
173
174apt-get -y install bird
175
176# Allow BGP through the Fuel firewall
177iptables -I INPUT 1 -p tcp --dport 179 -j ACCEPT
178
179# Save the current iptables so that they will be restored if the
180# controller is rebooted.
181iptables-save > /etc/iptables/rules.v4
182
183exit 0
diff --git a/deployment_scripts/calico_route_reflector.sh b/deployment_scripts/calico_route_reflector.sh
new file mode 100755
index 0000000..b257478
--- /dev/null
+++ b/deployment_scripts/calico_route_reflector.sh
@@ -0,0 +1,63 @@
1#!/bin/bash
2
3exec > /tmp/calico_route_reflector.log 2>&1
4
5set -x
6
7echo "Hi, I'm a route_reflector node!"
8
9this_node_address=$(grep `hostname` /etc/hosts | awk '{print $1;}')
10
11all_nodes=$(grep node- /etc/hosts | awk '{print $1;}')
12
13# Generate basic config for a BIRD BGP route reflector.
14cat > /etc/bird/bird.conf <<EOF
15# Configure logging
16log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug };
17log stderr all;
18#log "tmp" all;
19
20# Override router ID
21router id $this_node_address;
22
23
24filter import_kernel {
25if ( net != 0.0.0.0/0 ) then {
26 accept;
27 }
28reject;
29}
30
31# Turn on global debugging of all protocols
32debug protocols all;
33
34# This pseudo-protocol watches all interface up/down events.
35protocol device {
36 scan time 2; # Scan interfaces every 10 seconds
37}
38EOF
39
40# Add a BGP protocol stanza for each compute node.
41for node in $all_nodes; do
42 if [ $node != $this_node_address ]; then
43 cat >> /etc/bird/bird.conf <<EOF
44
45protocol bgp {
46 description "$node";
47 local as 64511;
48 neighbor $node as 64511;
49 multihop;
50 rr client;
51 import all;
52 export all;
53 source address ${this_node_address};
54}
55
56EOF
57 fi
58done
59
60# Restart BIRD with the new config.
61service bird restart
62
63exit 0
diff --git a/deployment_scripts/get_controller_ip.py b/deployment_scripts/get_controller_ip.py
new file mode 100755
index 0000000..0074915
--- /dev/null
+++ b/deployment_scripts/get_controller_ip.py
@@ -0,0 +1,15 @@
1#!/usr/bin/env python
2
3import yaml
4
5with open("/etc/compute.yaml", "r") as f:
6 config = yaml.safe_load(f)
7
8for node in config["nodes"]:
9 if node["role"] == "primary-controller":
10 controller_ip = node["internal_address"]
11 break
12else:
13 controller_ip = None
14
15print controller_ip
diff --git a/deployment_scripts/get_node_ip.py b/deployment_scripts/get_node_ip.py
new file mode 100755
index 0000000..2546edf
--- /dev/null
+++ b/deployment_scripts/get_node_ip.py
@@ -0,0 +1,50 @@
1#!/usr/bin/env python
2
3import os
4import sys
5import yaml
6
7usage = "./get_node_ip.py <hostname>"
8
9PRIMARY_CONTROLLER_CFG = "/etc/primary-controller.yaml"
10CONTROLLER_CFG = "/etc/controller.yaml"
11COMPUTE_CFG = "/etc/compute.yaml"
12
13def get_config_file_for_node_type():
14 if os.path.isfile(PRIMARY_CONTROLLER_CFG):
15 config_file = PRIMARY_CONTROLLER_CFG
16
17 elif os.path.isfile(CONTROLLER_CFG):
18 config_file = CONTROLLER_CFG
19
20 elif os.path.isfile(COMPUTE_CFG):
21 config_file = COMPUTE_CFG
22
23 else:
24 raise Exception("Unrecognised node type - can't obtain config")
25
26 return config_file
27
28def main(hostname):
29 config_file = get_config_file_for_node_type()
30
31 with open(config_file, "r") as f:
32 config = yaml.safe_load(f)
33
34 for node in config["nodes"]:
35 if node["fqdn"] == hostname:
36 # Get the IP address that other OpenStack nodes can use to address
37 # services on this node, rather than the node's public IP address.
38 this_node_ip = node["internal_address"]
39 break
40 else:
41 this_node_ip = None
42
43 print this_node_ip
44
45if __name__ == "__main__":
46 if len(sys.argv) != 2:
47 print usage
48 sys.exit(1)
49
50 main(sys.argv[1])
diff --git a/environment_config.yaml b/environment_config.yaml
new file mode 100644
index 0000000..63aed59
--- /dev/null
+++ b/environment_config.yaml
@@ -0,0 +1 @@
attributes: {}
diff --git a/metadata.yaml b/metadata.yaml
new file mode 100644
index 0000000..2c4365c
--- /dev/null
+++ b/metadata.yaml
@@ -0,0 +1,29 @@
1# Plugin name
2name: calico-fuel-plugin
3# Human-readable name for your plugin
4title: Use Calico Virtual Networking
5# Plugin version
6version: 1.0.0
7# Description
8description: Layer 3 Virtual Networking for Highly Scalable Data Centers
9# Required fuel version
10fuel_version: ['6.1']
11# Plugin authors
12authors: ['Emma Gordon']
13# Plugin license
14licenses: [Apache License Version 2.0]
15# Plugin project homepage
16homepage: https://github.com/stackforge/fuel-plugin-calico
17# Plugin group
18groups: ['network']
19
20# The plugin is compatible with releases in the list
21releases:
22 - os: ubuntu
23 version: 2014.2-6.1
24 mode: ['ha', 'multinode']
25 deployment_scripts_path: deployment_scripts/
26 repository_path: repositories/ubuntu
27
28# Version of plugin package
29package_version: '2.0.0'
diff --git a/pre_build_hook b/pre_build_hook
new file mode 100644
index 0000000..c7420db
--- /dev/null
+++ b/pre_build_hook
@@ -0,0 +1,18 @@
1#!/bin/bash
2
3# Add here any the actions which are required before plugin build
4# like packages building, packages downloading from mirrors and so on.
5# The script should return 0 if there were no errors.
6
7#!/bin/bash
8set -eux
9ROOT="$(dirname `readlink -f $0`)"
10MODULES="${ROOT}"/deployment_scripts/puppet/modules
11mkdir -p "${MODULES}"
12REPO_PATH='https://github.com/stackforge/fuel-library/tarball/f43d885914d74fbd062096763222f350f47480e1'
13RPM_REPO="${ROOT}"/repositories/centos/
14DEB_REPO="${ROOT}"/repositories/ubuntu/
15
16wget -qO- "${REPO_PATH}" | \
17 tar -C "${MODULES}" --strip-components=3 -zxvf - \
18 stackforge-fuel-library-f43d885/deployment/puppet/{inifile,stdlib}
diff --git a/repositories/centos/.gitkeep b/repositories/centos/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/repositories/centos/.gitkeep
diff --git a/repositories/ubuntu/.gitkeep b/repositories/ubuntu/.gitkeep
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/repositories/ubuntu/.gitkeep
diff --git a/specs/calico-fuel-plugin.rst b/specs/calico-fuel-plugin.rst
new file mode 100755
index 0000000..caf87f5
--- /dev/null
+++ b/specs/calico-fuel-plugin.rst
@@ -0,0 +1,144 @@
1Fuel Plugin for Project Calico
2==============================
3
4The Calico plugin provides the ability to use Calico as a networking backend
5for Mirantis OpenStack.
6
7Compatible with Fuel version 6.1.
8
9Problem description
10===================
11
12Calico is a new approach to virtual networking, based on the same scalable IP
13networking principles as the Internet. It targets data centers where most of
14the workloads (VMs, containers or bare metal servers) only require IP
15connectivity, and provides that using standard IP routing. Isolation between
16workloads - whether according to tenant ownership, or any finer grained
17policy - is achieved by iptables programming at the servers hosting the source
18and destination workloads.
19
20Proposed change
21===============
22
23Implement a Fuel plugin that will install and configure Calico networking in a
24Mirantis OpenStack deployment.
25
26Alternatives
27------------
28
29N/A - the aim is to implement a Fuel plugin.
30
31Data model impact
32-----------------
33
34None.
35
36REST API impact
37---------------
38
39None.
40
41Upgrade impact
42--------------
43
44When upgrading the Fuel Master node to Fuel Version higher than 6.1, plugin
45compatibility should be checked, and a new plugin installed if necessary.
46
47Security impact
48---------------
49
50None.
51
52Notifications impact
53--------------------
54
55None.
56
57Other end user impact
58---------------------
59
60Once the plugin is installed, the user can enable Calico networking on the
61Settings tab of the Fuel Web UI, and customize the network settings.
62
63Performance Impact
64------------------
65
66None.
67
68Plugin impact
69-------------
70
71None.
72
73Other deployer impact
74---------------------
75
76None.
77
78Developer impact
79----------------
80
81None.
82
83Infrastructure impact
84---------------------
85
86None.
87
88Implementation
89==============
90
91Assignee(s)
92-----------
93
94Primary assignee:
95 Emma Gordon <emma@projectcalico.org> (developer)
96
97Other contributors:
98 Neil Jerram <neil@projectcalico.org> (developer, reviewer)
99
100Work Items
101----------
102
103* Integrate Calico with Fuel 6.1.
104
105* Implement the Calico plugin.
106
107* Test Calico plugin.
108
109* Create the documentation.
110
111Dependencies
112============
113
114* Fuel 6.1.
115
116Testing
117=======
118
119* Prepare a test plan.
120
121* Test the plugin according to the test plan.
122
123Documentation Impact
124====================
125
126* User Guide.
127
128* Test Plan.
129
130* Test Report.
131
132References
133==========
134
135* Project Calico wesbite - http://www.projectcalico.org/
136
137* Calico code on GitHub - https://github.com/Metaswitch/calico
138
139* Calico Documentation - http://docs.projectcalico.org/en/latest/index.html
140
141* Subscribe to the Calico Technical Mailing List -
142 http://lists.projectcalico.org/listinfo/calico-tech
143
144* Calico IRC - freenode IRC: #calico
diff --git a/tasks.yaml b/tasks.yaml
new file mode 100644
index 0000000..a114a09
--- /dev/null
+++ b/tasks.yaml
@@ -0,0 +1,23 @@
1# Install/configure calico on the controller after cluster deployment
2# but before starting the BGP Route Reflector.
3- role: ['controller', 'primary-controller']
4 stage: post_deployment/50
5 type: shell
6 parameters:
7 cmd: ./calico_controller.sh
8 timeout: 600
9
10- role: ['controller', 'primary-controller']
11 stage: post_deployment/100
12 type: shell
13 parameters:
14 cmd: ./calico_route_reflector.sh
15 timeout: 60
16
17# Install/configure calico on the compute nodes after cluster deployment.
18- role: ['compute']
19 stage: post_deployment
20 type: shell
21 parameters:
22 cmd: ./calico_compute.sh
23 timeout: 600