Finish/fix neutron sfc service

Neutron-sfc-agent start its functions with openvswitch. This change moves sfc configuration into neutron-openvswitch-agent. Rework config files to use openvswitch when sfc or openvswitch are used as network plugin. Also adds sfc extension_driver to ml2 Change-Id: If1ebf9554f6d686cc6d064e698a48f8a6b6172b3 Closes-Bug: #1664493 Depends-On: I60ba1333231a4ae38a041d41e551f7d74fe15e3b
2017-05-02 11:03:52 +02:00 · 2017-05-02 11:03:52 +02:00 · d4e7dfb376
parent eab8efe166
commit d4e7dfb376
9 changed files with 47 additions and 105 deletions
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@ -122,7 +122,7 @@ bifrost_network_interface: "{{ network_interface }}"
 dns_interface: "{{ network_interface }}"
 tunnel_interface_address: "{{ hostvars[inventory_hostname]['ansible_' + tunnel_interface]['ipv4']['address'] }}"

-# Valid options are [ openvswitch, linuxbridge, sfc ]
+# Valid options are [ openvswitch, linuxbridge ]
 neutron_plugin_agent: "openvswitch"

 # The default ports used by each service.
@ -369,6 +369,7 @@ enable_neutron_qos: "no"
 enable_neutron_agent_ha: "no"
 enable_neutron_bgp_dragent: "no"
 enable_neutron_provider_networks: "no"
+enable_neutron_sfc: "no"
 enable_nova_serialconsole_proxy: "no"
 enable_octavia: "no"
 enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' | bool }}"
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@ -40,31 +40,6 @@ neutron_services:
      - "/lib/modules:/lib/modules:ro"
      - "/run:/run:shared"
      - "kolla_logs:/var/log/kolla/"
-  neutron-sfc-agent:
-    container_name: "neutron_sfc_agent"
-    image: "{{ neutron_sfc_agent_image_full }}"
-    enabled: "{{ neutron_plugin_agent == 'sfc' }}"
-    privileged: True
-    host_in_groups: >-
-      {{
-      ( inventory_hostname in groups['compute']
-      or (enable_manila | bool and inventory_hostname in groups['manila-share'])
-      or inventory_hostname in groups['neutron-dhcp-agent']
-      or inventory_hostname in groups['neutron-l3-agent']
-      or inventory_hostname in groups['neutron-metadata-agent']
-      and not enable_nova_fake | bool
-      ) or
-      ( inventory_hostname in groups['neutron-dhcp-agent']
-      or inventory_hostname in groups['neutron-l3-agent']
-      or inventory_hostname in groups['neutron-metadata-agent']
-      and enable_nova_fake | bool
-      )
-      }}
-    volumes:
-      - "{{ node_config_directory }}/neutron-sfc-agent/:{{ container_config_directory }}/:ro"
-      - "/etc/localtime:/etc/localtime:ro"
-      - "/run:/run:shared"
-      - "kolla_logs:/var/log/kolla/"
  neutron-linuxbridge-agent:
    container_name: "neutron_linuxbridge_agent"
    image: "{{  neutron_linuxbridge_agent_image_full }}"
@ -211,10 +186,6 @@ neutron_openvswitch_agent_image: "{{ docker_registry ~ '/' if docker_registry el
 neutron_openvswitch_agent_tag: "{{ neutron_tag }}"
 neutron_openvswitch_agent_image_full: "{{ neutron_openvswitch_agent_image }}:{{ neutron_openvswitch_agent_tag }}"

-neutron_sfc_agent_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-sfc-agent"
-neutron_sfc_agent_tag: "{{ neutron_tag }}"
-neutron_sfc_agent_image_full: "{{ neutron_sfc_agent_image }}:{{ neutron_sfc_agent_tag }}"
-
 neutron_server_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/{{ kolla_base_distro }}-{{ neutron_install_type }}-neutron-server"
 neutron_server_tag: "{{ neutron_tag }}"
 neutron_server_image_full: "{{ neutron_server_image }}:{{ neutron_server_tag }}"
@ -252,6 +223,8 @@ extension_drivers:
    enabled: true
  - name: "dns"
    enabled: "{{ enable_designate | bool }}"
+  - name: "sfc"
+    enabled: "{{ enable_neutron_sfc | bool }}"

 neutron_extension_drivers: "{{ extension_drivers|selectattr('enabled', 'equalto', true)|list }}"

@ -260,7 +233,7 @@ neutron_extension_drivers: "{{ extension_drivers|selectattr('enabled', 'equalto'
 ####################
 service_plugins:
  - name: "flow_classifier"
-    enabled: "{{ neutron_plugin_agent == 'sfc' }}"
+    enabled: "{{ enable_neutron_sfc | bool }}"
  - name: "lbaasv2"
    enabled: "{{ enable_neutron_lbaas | bool }}"
  - name: "firewall"
@ -272,7 +245,7 @@ service_plugins:
  - name: "router"
    enabled: true
  - name: "sfc"
-    enabled: "{{ neutron_plugin_agent == 'sfc' }}"
+    enabled: "{{ enable_neutron_sfc | bool }}"
  - name: "neutron_dynamic_routing.services.bgp.bgp_plugin.BgpPlugin"
    enabled: "{{ enable_neutron_bgp_dragent | bool }}"

@ -289,6 +262,17 @@ neutron_notification_topics:

 neutron_enabled_notification_topics: "{{ neutron_notification_topics | selectattr('enabled', 'equalto', true) | list }}"

+####################
+# Agent Extensions
+####################
+agent_extensions:
+  - name: "qos"
+    enabled: "{{ enable_neutron_qos | bool }}"
+  - name: "sfc"
+    enabled: "{{ enable_neutron_sfc | bool }}"
+
+neutron_agent_extensions: "{{ agent_extensions | selectattr('enabled', 'equalto', true) | list }}"
+
 ####################
 # VMware NSXV
 ####################
@ -307,4 +291,3 @@ vmware_nsxv_backup_edge_pool: "service:compact:1:2"
 vmware_nsxv_spoofguard_enabled: "false"
 vmware_nsxv_metadata_initializer: "false"
 vmware_nsxv_edge_ha: "false"
-
--- a/ansible/roles/neutron/handlers/main.yml
+++ b/ansible/roles/neutron/handlers/main.yml
@ -82,54 +82,6 @@
      or fake_neutron_ml2_conf_ini | changed
      or check_fake_neutron_openvswitch_agent | changed

- name: Restart fake neutron-sfc-agent container
-  vars:
-    service_name: "neutron-sfc-agent"
-    service: "{{ neutron_services[service_name] }}"
-    config_json: "{{ neutron_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
-    neutron_conf: "{{ neutron_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
-    neutron_ml2_conf: "{{ neutron_ml2_confs.results|selectattr('item.key', 'equalto', service_name)|first }}"
-    policy_json: "{{ policy_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
-    neutron_sfc_agent_container: "{{ check_neutron_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
-  kolla_docker:
-    action: "recreate_or_restart_container"
-    common_options: "{{ docker_common_options }}"
-    name: "{{ service.container_name }}"
-    image: "{{ service.image }}"
-    volumes: "{{ service.volumes }}"
-    privileged: "{{ service.privileged | default(False) }}"
-  with_sequence: "start=1 end={{ num_nova_fake_per_node }}"
-  when:
-    - action != "config"
-    - enable_nova_fake | bool
-    - neutron_plugin_agent == "sfc"
-    - inventory_hostname in groups["compute"]
-    - fake_config_json | changed
-      or fake_neutron_conf | changed
-      or fake_neutron_ml2_conf_ini | changed
-      or check_fake_neutron_sfc_agent | changed
-
-# TODO(Jeffrey4l): sfc do not have config.json file at all. it is not finished
- name: Restart neutron-sfc-agent container
-  vars:
-    service_name: "neutron-sfc-agent"
-    service: "{{ neutron_services[service_name] }}"
-    config_json: "{{ neutron_config_jsons.results|selectattr('item.key', 'equalto', service_name)|first }}"
-    neutron_sfc_agent_container: "{{ check_neutron_containers.results|selectattr('item.key', 'equalto', service_name)|first }}"
-  kolla_docker:
-    action: "recreate_or_restart_container"
-    common_options: "{{ docker_common_options }}"
-    name: "{{ service.container_name }}"
-    image: "{{ service.image }}"
-    volumes: "{{ service.volumes }}"
-    privileged: "{{ service.privileged | default(False) }}"
-  when:
-    - action != "config"
-    - service.enabled | bool
-    - service.host_in_groups | bool
-    - config_json | changed
-      or neutron_sfc_agent_container | changed
-
 - name: Restart neutron-linuxbridge-agent container
  vars:
    service_name: "neutron-linuxbridge-agent"
--- a/ansible/roles/neutron/tasks/bootstrap_service.yml
+++ b/ansible/roles/neutron/tasks/bootstrap_service.yml
@ -61,3 +61,26 @@
    - neutron_vpnaas_agent.host_in_groups | bool
  run_once: True
  delegate_to: "{{ groups[neutron_vpnaas_agent.group][0] }}"
+
+- name: Running Neutron sfc bootstrap container
+  vars:
+    neutron_server: "{{ neutron_services['neutron-server'] }}"
+  kolla_docker:
+    action: "start_container"
+    common_options: "{{ docker_common_options }}"
+    detach: False
+    environment:
+      NEUTRON_SFC_BOOTSTRAP:
+      KOLLA_CONFIG_STRATEGY: "{{ config_strategy }}"
+    image: "{{ neutron_server.image }}"
+    labels:
+      BOOTSTRAP:
+    name: "bootstrap_neutron_sfc"
+    restart_policy: "never"
+    volumes: "{{ neutron_server.volumes }}"
+  when:
+    - enable_neutron_sfc | bool
+    - neutron_server.enabled | bool
+    - neutron_server.host_in_groups | bool
+  run_once: True
+  delegate_to: "{{ groups[neutron_server.group][0] }}"
--- a/ansible/roles/neutron/tasks/config-neutron-fake.yml
+++ b/ansible/roles/neutron/tasks/config-neutron-fake.yml
@ -70,23 +70,3 @@
  with_sequence: "start=1 end={{ num_nova_fake_per_node }}"
  notify:
    - Restart fake neutron-openvswitch-agent container
-
- name: Checking neutron-sfc-agent container for nova fake node
-  vars:
-    neutron_sfc_agent: "{{ neutron_services['neutron-sfc-agent'] }}"
-  kolla_docker:
-    action: "compare_container"
-    common_options: "{{ docker_common_options }}"
-    name: "{{ neutron_sfc_agent.container_name }}"
-    image: "{{ neutron_sfc_agent.image }}"
-    privileged: "{{ neutron_sfc_agent.privileged | default(False) }}"
-    volumes: "{{ neutron_sfc_agent.volumes }}"
-  register: check_fake_neutron_sfc_agent
-  when:
-    - action != "config"
-    - enable_nova_fake | bool
-    - neutron_plugin_agent == "sfc"
-    - inventory_hostname in groups["compute"]
-  with_sequence: "start=1 end={{ num_nova_fake_per_node }}"
-  notify:
-    - Restart fake neutron-sfc-agent container
--- a/ansible/roles/neutron/templates/ml2_conf.ini.j2
+++ b/ansible/roles/neutron/templates/ml2_conf.ini.j2
@ -59,8 +59,8 @@ arp_responder = true
 enable_distributed_routing = True
 {% endif %}

-{% if enable_neutron_qos | bool %}
-extensions = qos
+{% if neutron_agent_extensions %}
+extensions = {{ neutron_agent_extensions|map(attribute='name')|join(',') }}
 {% endif %}

 [ovs]
--- a/ansible/roles/neutron/templates/neutron.conf.j2
+++ b/ansible/roles/neutron/templates/neutron.conf.j2
@ -105,10 +105,12 @@ topics = {{ neutron_enabled_notification_topics | map(attribute='name') | join('
 driver = noop
 {% endif %}

-{% if neutron_plugin_agent == "sfc" %}
+{% if enable_neutron_sfc | bool %}
 [sfc]
 drivers = ovs
+
 [flowclassifier]
+drivers = ovs
 {% endif %}

 {% if enable_octavia | bool %}
--- a/doc/networking-guide.rst
+++ b/doc/networking-guide.rst
@ -40,7 +40,7 @@ the following:

 ::

-    neutron_plugin_agent: "sfc"
+    enable_neutron_sfc: "yes"

 Networking-SFC is an additional Neutron plugin. For SFC to work, this plugin
 has to be installed in ``neutron-server`` container as well. Modify the
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@ -180,6 +180,7 @@ kolla_internal_vip_address: "10.10.10.254"
 #enable_neutron_qos: "no"
 #enable_neutron_agent_ha: "no"
 #enable_neutron_vpnaas: "no"
+#enable_neutron_sfc: "no"
 #enable_nova_serialconsole_proxy: "no"
 #enable_octavia: "no"
 #enable_openvswitch: "{{ neutron_plugin_agent != 'linuxbridge' }}"