Fix linters and metadata

With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/888223
Change-Id: I3905e334cfbeb7ccb976358016f81c5edd6cd284
This commit is contained in:
Dmitriy Rabotyagov 2023-07-17 18:17:23 +02:00
parent 01da88f560
commit 8ceea78a97
19 changed files with 222 additions and 101 deletions

View File

@ -28,7 +28,11 @@ debug: False
# for the service setup. The host must already have
# clouds.yaml properly configured.
neutron_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}"
neutron_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((neutron_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}"
neutron_service_setup_host_python_interpreter: >-
{{
openstack_service_setup_host_python_interpreter | default(
(neutron_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))
}}
###
### Packages Options
@ -76,7 +80,8 @@ networking_nsx_git_install_branch: master
networking_nsxlib_git_repo: https://opendev.org/x/vmware-nsxlib
networking_nsxlib_git_install_branch: master
neutron_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}"
neutron_upper_constraints_url: >-
{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}
neutron_git_constraints:
- "--constraint {{ neutron_upper_constraints_url }}"
@ -98,7 +103,7 @@ neutron_fatal_deprecations: False
## Cap the maximun number of threads / workers when a user value is unspecified.
neutron_api_threads_max: 16
neutron_api_threads: "{{ [[ansible_facts['processor_vcpus']|default(2) // 2, 1] | max, neutron_api_threads_max] | min }}"
neutron_api_threads: "{{ [[ansible_facts['processor_vcpus'] | default(2) // 2, 1] | max, neutron_api_threads_max] | min }}"
neutron_agent_down_time: 120
neutron_agent_polling_interval: 5
@ -115,7 +120,7 @@ neutron_dns_domain: "{{ dhcp_domain | default('openstacklocal.') }}"
###
# Dnsmasq doesn't work with config_template override, a deployer
# should instead configure its own neutron_dhcp_config key/values like this:
#neutron_dhcp_config:
# neutron_dhcp_config:
# dhcp-option-force: "26,1500"
neutron_dhcp_config: {}
@ -164,7 +169,7 @@ neutron_nsx_conf_ini_overrides: {}
# Provide a list of access controls to update the default policy.json with.
# These changes will be merged
# with the access controls in the default policy.json. E.g.
#neutron_policy_overrides:
# neutron_policy_overrides:
# "create_subnet": "rule:admin_or_network_owner"
# "get_subnet": "rule:admin_or_owner or rule:shared"
neutron_policy_overrides: {}
@ -188,7 +193,7 @@ neutron_ovn_metadata_agent_init_overrides: {}
# NOTE(noonedeadpunk): uWSGI is still not fully supported. See: https://bugs.launchpad.net/neutron/+bug/1912359
neutron_use_uwsgi: "{{ (neutron_plugin_type not in ['ml2.ovn']) }}"
neutron_wsgi_processes_max: 16
neutron_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, neutron_wsgi_processes_max] | min }}"
neutron_wsgi_processes: "{{ [[ansible_processor_vcpus | default(1), 1] | max * 2, neutron_wsgi_processes_max] | min }}"
neutron_wsgi_threads: 1
neutron_uwsgi_tls:
crt: "{{ neutron_ssl_cert }}"
@ -221,7 +226,11 @@ neutron_quota_firewall_rule: 100
###
neutron_db_setup_host: "{{ openstack_db_setup_host | default('localhost') }}"
neutron_db_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((neutron_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}"
neutron_db_setup_python_interpreter: >-
{{
openstack_db_setup_python_interpreter | default(
(neutron_db_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable']))
}}
neutron_galera_address: "{{ galera_address | default('127.0.0.1') }}"
neutron_galera_user: neutron
neutron_galera_database: neutron
@ -261,7 +270,8 @@ neutron_oslomsg_rpc_ssl_ca_file: "{{ oslomsg_rpc_ssl_ca_file | default('') }}"
# Notify
neutron_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}"
neutron_oslomsg_notify_setup_host: "{{ (neutron_oslomsg_notify_host_group in groups) | ternary(groups[neutron_oslomsg_notify_host_group][0], 'localhost') }}"
neutron_oslomsg_notify_setup_host: >-
{{ (neutron_oslomsg_notify_host_group in groups) | ternary(groups[neutron_oslomsg_notify_host_group][0], 'localhost') }}
neutron_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}"
neutron_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}"
neutron_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}"
@ -288,7 +298,8 @@ neutron_rpc_thread_pool_size: 64
neutron_rpc_conn_pool_size: 30
neutron_rpc_response_timeout: 60
neutron_rpc_workers_max: 16
neutron_rpc_workers: "{{ [[(ansible_facts['processor_vcpus']//ansible_facts['processor_threads_per_core'])|default(1), 1] | max * 2, neutron_rpc_workers_max] | min }}"
neutron_rpc_workers: >-
{{ [[(ansible_facts['processor_vcpus'] // ansible_facts['processor_threads_per_core']) | default(1), 1] | max * 2, neutron_rpc_workers_max] | min }}
###
### Identity (Keystone) integration
@ -469,7 +480,7 @@ neutron_fwaasv2_service_provider: FIREWALL_V2:fwaas_db:neutron_fwaas.services.fi
neutron_driver_vpnaas: "{{ _neutron_driver_vpnaas }}"
neutron_vpnaas_service_provider: "{{ _neutron_vpnaas_service_provider }}"
#Set this variable to use custom config file for strongswan/openswan
# Set this variable to use custom config file for strongswan/openswan
# neutron_vpnaas_custom_config:
# - src: "/etc/openstack_deploy/strongswan/strongswan.conf.template"
# dest: "{{ neutron_conf_dir }}/strongswan.conf.template"
@ -479,13 +490,15 @@ neutron_vpnaas_custom_config: []
# OVN Defaults
neutron_ovn_ssl: True
ovn_proto: "{{ (neutron_ovn_ssl) | ternary('ssl','tcp') }}"
ovn_proto: "{{ (neutron_ovn_ssl) | ternary('ssl', 'tcp') }}"
neutron_ovn_primary_cluster_node: "{{ groups[neutron_services['neutron-ovn-northd']['group']] | first }}"
neutron_ovn_northd_service_name: ovn-northd
neutron_ovn_controller_service_name: ovn-controller
neutron_ovn_l3_scheduler: leastloaded
neutron_ovn_nb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6641,'+ ovn_proto + ':') }}:6641"
neutron_ovn_sb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6642,' + ovn_proto + ':') }}:6642"
neutron_ovn_nb_connection: >-
{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6641,' + ovn_proto + ':') }}:6641
neutron_ovn_sb_connection: >-
{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6642,' + ovn_proto + ':') }}:6642
neutron_ovsdb_manager: ptcp:6640:127.0.0.1
neutron_ovn_sb_inactivity_probe: 60000
neutron_ovn_nb_inactivity_probe: 60000
@ -500,7 +513,8 @@ neutron_ovn_node_address: "{{ management_address | default('127.0.0.1') }}"
neutron_ovn_pki_keys_path: "{{ neutron_ovn_pki_dir ~ '/certs/private/' }}"
neutron_ovn_pki_certs_path: "{{ neutron_ovn_pki_dir ~ '/certs/certs/' }}"
neutron_ovn_pki_intermediate_cert_name: "{{ openstack_pki_service_intermediate_cert_name }}"
neutron_ovn_pki_intermediate_chain_path: "{{ neutron_ovn_pki_dir ~ '/roots/' ~ neutron_ovn_pki_intermediate_cert_name ~ '/certs/' ~ neutron_ovn_pki_intermediate_cert_name ~ '-chain.crt' }}"
neutron_ovn_pki_intermediate_chain_path: >-
{{ neutron_ovn_pki_dir ~ '/roots/' ~ neutron_ovn_pki_intermediate_cert_name ~ '/certs/' ~ neutron_ovn_pki_intermediate_cert_name ~ '-chain.crt' }}
neutron_ovn_pki_regen_cert: ""
neutron_ovn_pki_certificates:
- name: "neutron_ovn_{{ ansible_facts['hostname'] }}"
@ -531,8 +545,8 @@ neutron_ovn_pki_install_certificates:
condition: "{{ (neutron_ovn_ssl and neutron_needs_openvswitch) }}"
- src: "{{ neutron_ovn_user_ssl_ca_cert | default(neutron_ovn_pki_intermediate_chain_path) }}"
dest: "{{ [neutron_ovn_conf_dir, neutron_ovn_ssl_ca_cert] | join('/') }}"
owner: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary( neutron_service_user_name, neutron_ovn_system_user_name) }}"
group: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary( neutron_service_user_name, neutron_ovn_system_user_name) }}"
owner: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary(neutron_service_user_name, neutron_ovn_system_user_name) }}"
group: "{{ (neutron_services['neutron-server']['group'] in group_names) | ternary(neutron_service_user_name, neutron_ovn_system_user_name) }}"
mode: "0644"
condition: "{{ (neutron_ovn_ssl and neutron_needs_openvswitch and neutron_plugin_type == 'ml2.ovn') }}"
- src: "{{ neutron_ovn_user_ssl_cert | default(neutron_ovn_pki_certs_path ~ 'neutron_ovn_' ~ ansible_facts['hostname'] ~ '-chain.crt') }}"
@ -540,26 +554,26 @@ neutron_ovn_pki_install_certificates:
owner: "{{ neutron_service_user_name }}"
group: "{{ neutron_service_user_name }}"
mode: "0644"
condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services |length + uwsgi_neutron_services | length ) > 0) }}"
condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services | length + uwsgi_neutron_services | length) > 0) }}"
- src: "{{ neutron_ovn_user_ssl_key | default(neutron_ovn_pki_keys_path ~ 'neutron_ovn_' ~ ansible_facts['hostname'] ~ '.key.pem') }}"
dest: "{{ [neutron_conf_version_dir, neutron_ovn_ssl_key] | join('/') }}"
owner: "{{ neutron_service_user_name }}"
group: "{{ neutron_service_user_name }}"
mode: "0600"
condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services |length + uwsgi_neutron_services | length ) > 0) }}"
condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services | length + uwsgi_neutron_services | length) > 0) }}"
- src: "{{ neutron_ovn_user_ssl_ca_cert | default(neutron_ovn_pki_intermediate_chain_path) }}"
dest: "{{ [neutron_conf_version_dir, neutron_ovn_ssl_ca_cert] | join('/') }}"
owner: "{{ neutron_service_user_name }}"
group: "{{ neutron_service_user_name }}"
mode: "0644"
condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services |length + uwsgi_neutron_services | length ) > 0) }}"
condition: "{{ (neutron_ovn_ssl and neutron_plugin_type == 'ml2.ovn' and (filtered_neutron_services | length + uwsgi_neutron_services | length) > 0) }}"
# Define user-provided SSL certificates in:
# /etc/openstack_deploy/user_variables.yml
#neutron_ovnnb_user_ssl_cert: <path to cert on ansible deployment host>
#neutron_ovnnb_user_ssl_key: <path to cert on ansible deployment host>
#neutron_ovnsb_user_ssl_cert: <path to cert on ansible deployment host>
#neutron_ovnsb_user_ssl_key: <path to cert on ansible deployment host>
# neutron_ovnnb_user_ssl_cert: <path to cert on ansible deployment host>
# neutron_ovnnb_user_ssl_key: <path to cert on ansible deployment host>
# neutron_ovnsb_user_ssl_cert: <path to cert on ansible deployment host>
# neutron_ovnsb_user_ssl_key: <path to cert on ansible deployment host>
###
### DPDK Configuration
@ -620,5 +634,5 @@ neutron_pki_install_certificates:
mode: "0600"
# Define user-provided SSL certificates
#neutron_user_ssl_cert: <path to cert on ansible deployment host>
#neutron_user_ssl_key: <path to cert on ansible deployment host>
# neutron_user_ssl_cert: <path to cert on ansible deployment host>
# neutron_user_ssl_key: <path to cert on ansible deployment host>

View File

@ -47,6 +47,7 @@
fi
done
when: "'neutron-metadata-agent' in (filtered_neutron_services | map(attribute='service_key') | list)"
changed_when: false
listen:
- "Restart neutron services"
- "venv changed"
@ -68,6 +69,7 @@
fi
done
when: "'neutron-l3-agent' in (filtered_neutron_services | map(attribute='service_key') | list)"
changed_when: false
listen:
- "Restart neutron services"
- "venv changed"
@ -111,6 +113,7 @@
become: yes
become_user: "{{ neutron_system_user_name }}"
delegate_to: "{{ groups[neutron_services['neutron-server']['group']][0] }}"
changed_when: false
when:
- "ansible_local['openstack_ansible']['neutron']['need_db_contract'] | bool"
- "_neutron_is_first_play_host"
@ -135,10 +138,12 @@
- "systemd service changed"
- "cert installed"
- name: start ovn service
- name: Start ovn service
service:
name: "{{ neutron_ovn_northd_service_name }}"
state: started
listen:
- start ovn service
# (NOTE) Restarting twice to cleanup some pid.
- name: Restart ovn northd

View File

@ -18,19 +18,21 @@ galaxy_info:
description: Installation and setup of neutron
company: Rackspace
license: Apache2
min_ansible_version: 2.2
role_name: os_neutron
namespace: openstack
min_ansible_version: "2.10"
platforms:
- name: Debian
versions:
- buster
- bullseye
- name: Ubuntu
versions:
- bionic
- focal
- jammy
- name: EL
versions:
- 8
categories:
- "9"
galaxy_tags:
- cloud
- python
- neutron

View File

@ -14,7 +14,8 @@
# limitations under the License.
- import_tasks: neutron_check.yml
- name: Importing neutron_check tasks
import_tasks: neutron_check.yml
- name: Gather variables for each operating system
include_vars: "{{ lookup('first_found', params) }}"
@ -36,7 +37,8 @@
tags:
- always
- include_role:
- name: Including osa.db_setup role
include_role:
name: openstack.osa.db_setup
apply:
tags:
@ -57,7 +59,8 @@
tags:
- always
- include_role:
- name: Including osa.mq_setup role
include_role:
name: openstack.osa.mq_setup
apply:
tags:
@ -106,17 +109,20 @@
tags:
- always
- import_tasks: dependent_neutron_roles.yml
- name: Importing dependent_neutron_roles tasks
import_tasks: dependent_neutron_roles.yml
- import_tasks: neutron_pre_install.yml
- name: Importing neutron_pre_install tasks
import_tasks: neutron_pre_install.yml
tags:
- neutron-install
- import_tasks: neutron_install.yml
- name: Importing neutron_install tasks
import_tasks: neutron_install.yml
tags:
- neutron-install
- name: refresh local facts
- name: Refresh local facts
setup:
filter: ansible_local
gather_subset: "!all"
@ -163,12 +169,15 @@
when:
- neutron_plugin_type == 'ml2.ovn'
- neutron_ovn_ssl
- (neutron_services['neutron-ovn-controller']['group'] in group_names) or (neutron_services['neutron-ovn-northd']['group'] in group_names) or (neutron_services['neutron-server']['group'] in group_names)
- (neutron_services['neutron-ovn-controller']['group'] in group_names) or
(neutron_services['neutron-ovn-northd']['group'] in group_names) or
(neutron_services['neutron-server']['group'] in group_names)
tags:
- always
# Include provider specific config(s)
- include_tasks: "{{ item }}"
- name: Including plugin-specific tasks
include_tasks: "{{ item }}"
with_first_found:
- files:
- "{{ neutron_plugin_type.split('.')[-1] }}_config.yml"
@ -178,7 +187,8 @@
tags:
- neutron-install
- import_tasks: neutron_post_install.yml
- name: Importing neutron_post_install tasks
import_tasks: neutron_post_install.yml
tags:
- neutron-config
@ -192,7 +202,7 @@
service_facts:
- name: Disable services if they present
service:
systemd:
name: "{{ item['service_name'] }}"
state: stopped
enabled: False
@ -215,10 +225,10 @@
systemd_tempd_prefix: openstack
systemd_slice_name: "{{ neutron_system_slice_name }}"
systemd_lock_dir: "{{ neutron_lock_dir }}"
systemd_CPUAccounting: true
systemd_BlockIOAccounting: true
systemd_MemoryAccounting: true
systemd_TasksAccounting: true
systemd_service_cpu_accounting: true
systemd_service_block_io_accounting: true
systemd_service_memory_accounting: true
systemd_service_tasks_accounting: true
systemd_services: |-
{%- set services = [] -%}
{%- for service in filtered_neutron_services -%}
@ -238,7 +248,8 @@
- neutron-config
- systemd-service
- include_tasks: neutron_db_setup.yml
- name: Including neutron_db_setup role
include_tasks: neutron_db_setup.yml
args:
apply:
tags:
@ -258,7 +269,8 @@
- neutron-config
- uwsgi
- include_role:
- name: Including osa.service_setup role
include_role:
name: openstack.osa.service_setup
apply:
tags:

View File

@ -17,6 +17,7 @@
command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf upgrade --expand"
become: yes
become_user: "{{ neutron_system_user_name }}"
changed_when: false
when:
- "ansible_local['openstack_ansible']['neutron']['need_db_expand'] | bool"
- "_neutron_is_first_play_host"
@ -27,6 +28,7 @@
section: neutron
option: "need_db_expand"
value: "False"
mode: "0644"
- name: Check for available offline migrations
command: "{{ neutron_bin }}/neutron-db-manage --config-file {{ neutron_conf_version_dir }}/neutron.conf has_offline_migrations"
@ -48,6 +50,7 @@
section: neutron
option: "need_db_contract"
value: "True"
mode: "0644"
when:
- "'stdout' in _offline_migrations_check"
- "'Need to apply migrations' in _offline_migrations_check.stdout"

View File

@ -19,6 +19,7 @@
section: "neutron"
option: "install_method"
value: "{{ neutron_install_method }}"
mode: "0644"
- name: Refresh local facts to ensure the neutron section is present
setup:
@ -97,6 +98,7 @@
section: neutron
option: "{{ item.name }}"
value: "{{ item.state }}"
mode: "0644"
with_items:
- name: "need_db_expand"
state: "True"
@ -140,7 +142,8 @@
{{ apparmor_hosts | unique }}
when: ansible_facts['pkg_mgr'] == 'apt'
- import_tasks: neutron_apparmor.yml
- name: Importing neutron_apparmor tasks
import_tasks: neutron_apparmor.yml
when:
- ansible_facts['pkg_mgr'] == 'apt'
- inventory_hostname in neutron_apparmor_hosts

View File

@ -21,9 +21,9 @@
file:
path: "{{ item.path | default(omit) }}"
state: "directory"
owner: "{{ item.owner|default(neutron_system_user_name) }}"
group: "{{ item.group|default(neutron_system_group_name) }}"
mode: "{{ item.mode | default(omit) }}"
owner: "{{ item.owner | default(neutron_system_user_name) }}"
group: "{{ item.group | default(neutron_system_group_name) }}"
mode: "{{ item.mode | default('0755') }}"
with_items:
- path: "{{ neutron_conf_version_dir }}/plugins"
mode: "0750"
@ -41,6 +41,7 @@
dest: "{{ neutron_conf_version_dir }}/rootwrap.d/"
owner: "root"
group: "root"
mode: "0644"
with_fileglob:
- rootwrap.d/*
notify:
@ -52,7 +53,7 @@
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "root"
group: "{{ item.group|default(neutron_system_group_name) }}"
group: "{{ item.group | default(neutron_system_group_name) }}"
mode: "0640"
config_overrides: "{{ item.config_overrides }}"
config_type: "{{ item.config_type }}"

View File

@ -73,7 +73,7 @@
- path: "{{ neutron_system_home_folder }}"
mode: "0755"
- path: "{{ neutron_system_home_folder }}/ha_confs"
state: "{{ (neutron_plugin_type == 'ml2.ovn') | ternary('absent','directory') }}"
state: "{{ (neutron_plugin_type == 'ml2.ovn') | ternary('absent', 'directory') }}"
- name: Add dependency repos for Neutron
package:
@ -92,6 +92,7 @@
dest: "/etc/tmpfiles.d/openstack-openvswitch.conf"
line: "D /var/run/openvswitch 2755 root root"
create: true
mode: "0644"
- name: Create ovs tmp directory
file:

View File

@ -13,5 +13,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- import_tasks: setup_ovs_opendaylight.yml
- name: Importing setup_ovs_opendaylight tasks
import_tasks: setup_ovs_opendaylight.yml
when: neutron_services['neutron-server']['group'] not in group_names

View File

@ -65,6 +65,7 @@
template:
src: ovn-northd-opts.j2
dest: "{{ neutron_ovn_northd_opts_file }}"
mode: "0644"
when:
- "inventory_hostname == neutron_ovn_primary_cluster_node"
- _check_cluster_db.rc != 0
@ -83,6 +84,7 @@
- name: Configure connection settings for ovn-nb and ovn-sb
command: "{{ cmd }}"
changed_when: false
with_items:
- "ovn-nbctl --inactivity-probe={{ neutron_ovn_nb_inactivity_probe }} set-connection p{{ ovn_proto }}:6641"
- "ovn-sbctl --inactivity-probe={{ neutron_ovn_sb_inactivity_probe }} set-connection p{{ ovn_proto }}:6642"
@ -101,6 +103,7 @@
template:
src: ovn-northd-opts.j2
dest: "{{ neutron_ovn_northd_opts_file }}"
mode: "0644"
when:
- _check_cluster_db.rc != 0
notify:

View File

@ -18,6 +18,7 @@
template:
src: ovn-controller-opts.j2
dest: "{{ neutron_ovn_controller_opts_file }}"
mode: "0644"
register: ovn_controller_config
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
@ -62,9 +63,10 @@
- name: Ensure ovn-controller service is started and enabled
systemd:
name: "{{ neutron_ovn_controller_service_name }}"
state: "{{ (ovn_controller_config.changed) | ternary('restarted','started') }}"
state: "{{ (ovn_controller_config.changed) | ternary('restarted', 'started') }}"
enabled: yes
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- ansible.builtin.include_tasks: setup_ovs_ovn.yml
- name: Including setup_ovs_ovn tasks
ansible.builtin.include_tasks: setup_ovs_ovn.yml

View File

@ -41,6 +41,7 @@
- neutron_provider_networks.network_interface_mappings is defined and (neutron_provider_networks.network_interface_mappings|length > 0)
- not ovs_dpdk_support
- ansible.builtin.include_tasks: setup_ovs_dpdk.yml
- name: Including setup_ovs_dpdk tasks
ansible.builtin.include_tasks: setup_ovs_dpdk.yml
when:
- ovs_dpdk_support

View File

@ -63,24 +63,28 @@
- name: Set DPDK lcore mask
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-lcore-mask={{ ovs_dpdk_lcore_mask }}"
changed_when: false
when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names'
- name: Set DPDK PMD cpu mask
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:pmd-cpu-mask={{ ovs_dpdk_pmd_cpu_mask }}"
changed_when: false
when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names'
- name: Set DPDK socket memory
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-socket-mem={{ ovs_dpdk_socket_mem }}"
changed_when: false
when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names'
- name: Enable DPDK support for openvswitch
command: "ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-init=true"
changed_when: false
when:
- neutron_services['neutron-openvswitch-agent']['group'] in group_names
- '"nova_compute" in group_names'
@ -117,8 +121,8 @@
- name: Add ports to Network Provider Bridges
openvswitch_port:
bridge: "{{ interface_mapping.split(':')[0] }}"
port: "{{ interface_mapping.split(':',1)[1] }}"
set: "Interface {{ interface_mapping.split(':',1)[1] }} type=dpdk options:dpdk-devargs='{{ interface_mapping.split(':',1)[1] }}'"
port: "{{ interface_mapping.split(':', 1)[1] }}"
set: "Interface {{ interface_mapping.split(':', 1)[1] }} type=dpdk options:dpdk-devargs='{{ interface_mapping.split(':', 1)[1] }}'"
state: present
with_items: "{{ neutron_provider_networks.network_interface_mappings.split(',') }}"
loop_control:
@ -138,7 +142,9 @@
lacp: "{{ bond_interfaces_mapping.lacp | default('off') }}"
bond_updelay: "{{ bond_interfaces_mapping.bond_updelay | default(100) }}"
bond_downdelay: "{{ bond_interfaces_mapping.bond_downdelay | default(100) }}"
set: "{% for interface in bond_interfaces_mapping.interfaces %}interface {{ interface }} type=dpdk options:dpdk-devargs='{{ interface }}'{% if not loop.last %},{% endif %}{% endfor %}"
set: >-
{% for interface in bond_interfaces_mapping.interfaces %}interface {{ interface }} type=dpdk options:dpdk-devargs='{{ interface }}'{%
if not loop.last %},{% endif %}{% endfor %}
state: present
with_items: "{{ neutron_provider_networks.network_bond_interfaces_mappings }}"
loop_control:

View File

@ -22,11 +22,16 @@
delay: 5
- name: Set ODL as OvS manager
changed_when: false
command: ovs-vsctl set-manager {{ ovs_manager_list }}
when: ovs_manager.stdout | length == 0
- name: Configure hosts for networking-odl, force kernel datapath
command: "{{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk {% if neutron_provider_networks.network_mappings is defined and 'odl-router_v2' in neutron_plugin_base or 'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %}"
changed_when: false
command: >-
{{ neutron_bin }}/neutron-odl-ovs-hostconfig --noovs_dpdk
{% if neutron_provider_networks.network_mappings is defined and 'odl-router_v2' in neutron_plugin_base or
'odl-router' in neutron_plugin_base %}--datapath_type=system --bridge_mappings={{ neutron_provider_networks.network_mappings }} {% endif %}
when: ovs_manager.stdout | length == 0
- name: Retrieve current OvS local ip
@ -36,17 +41,19 @@
changed_when: False
- name: Set local ip for OpenvSwitch
changed_when: false
command: "ovs-vsctl set Open_vSwitch . other_config:local_ip={{ neutron_local_ip }}"
when: ovs_local_ip.rc != 0
- name: Set the bridge mappings
changed_when: false
command: "ovs-vsctl set Open_vSwitch . other_config:provider_mappings={{ neutron_provider_networks.network_mappings }}"
when:
- neutron_provider_networks.network_mappings is defined
- (neutron_plugin_base == 'odl-router' or neutron_plugin_base == 'odl-router_v2')
- name: Set the of-tunnel to true
changed_when: false
command: "ovs-vsctl set Open_vSwitch . external_ids:of-tunnel=true"
when:
- neutron_plugin_base == 'sfc'

View File

@ -15,26 +15,33 @@
# limitations under the License.
- name: Set openvswitch hostname
changed_when: false
command: "ovs-vsctl set open_vswitch . external-ids:hostname='{{ ansible_facts['nodename'] }}'"
when:
- (neutron_services['neutron-ovn-controller']['group'] in group_names)
- name: Set CMS Options for Gateway Scheduling
changed_when: false
command: "ovs-vsctl set open . external-ids:ovn-cms-options=enable-chassis-as-gw"
when:
- '"neutron_ovn_gateway" in group_names'
- name: Configure OVN Southbound Connection
changed_when: false
command: "ovs-vsctl set open . external-ids:ovn-remote={{ neutron_ovn_sb_connection }}"
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Configure Supported OVN Overlay Protocols
command: "ovs-vsctl set open . external-ids:ovn-encap-type={{ neutron_provider_networks.network_types.split(',') | intersect(['geneve', 'vxlan', 'stt']) | join(',') }}"
changed_when: false
command: >-
ovs-vsctl set open . external-ids:ovn-encap-type={{ neutron_provider_networks.network_types.split(',') | intersect(
['geneve', 'vxlan', 'stt']) | join(',') }}
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Configure Encapsulation Address for Overlay Traffic
changed_when: false
command: "ovs-vsctl set open . external-ids:ovn-encap-ip={{ neutron_local_ip }}"
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
@ -42,12 +49,14 @@
# Create an ovsdb manager for Nova (os-vif)
- name: Register existing OVSDB Manager(s)
command: ovs-vsctl get-manager
changed_when: false
register: existing_ovsdb_manager
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- name: Create OVSDB Manager
command: ovs-vsctl --id @manager create Manager "target=\"{{ neutron_ovsdb_manager }}\"" -- add Open_vSwitch . manager_options @manager
changed_when: false
when:
- neutron_services['neutron-ovn-controller']['group'] in group_names
- neutron_ovsdb_manager not in existing_ovsdb_manager.stdout_lines
@ -78,10 +87,12 @@
- name: Set the OVN Bridge Mappings in OVS
command: "ovs-vsctl set open . external-ids:ovn-bridge-mappings={{ neutron_provider_networks.network_mappings }}"
changed_when: false
when:
- neutron_provider_networks.network_mappings is defined
- neutron_services['neutron-ovn-controller']['group'] in group_names
- include_tasks: ovn_cluster_setup.yml
- name: Including ovn_cluster_setup tasks
include_tasks: ovn_cluster_setup.yml
when:
- neutron_services['neutron-ovn-northd']['group'] in group_names

View File

@ -13,9 +13,21 @@
# See the License for the specific language governing permissions and
# limitations under the License.
_neutron_is_first_play_host: "{{ (neutron_services['neutron-server']['group'] in group_names and inventory_hostname == (groups[neutron_services['neutron-server']['group']] | intersect(ansible_play_hosts)) | first) | bool }}"
_neutron_oslomsg_rpc_vhost_conf: "{{ (neutron_oslomsg_rpc_vhost is string) | ternary(neutron_oslomsg_rpc_vhost, neutron_oslomsg_rpc_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) }}"
_neutron_oslomsg_notify_vhost_conf: "{{ (neutron_oslomsg_notify_vhost is string) | ternary(neutron_oslomsg_notify_vhost, neutron_oslomsg_notify_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first) }}"
_neutron_is_first_play_host: >-
{{
(neutron_services['neutron-server']['group'] in group_names and inventory_hostname == (
groups[neutron_services['neutron-server']['group']] | intersect(ansible_play_hosts)) | first) | bool
}}
_neutron_oslomsg_rpc_vhost_conf: >-
{{
(neutron_oslomsg_rpc_vhost is string) | ternary(
neutron_oslomsg_rpc_vhost, neutron_oslomsg_rpc_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first)
}}
_neutron_oslomsg_notify_vhost_conf: >-
{{
(neutron_oslomsg_notify_vhost is string) | ternary(
neutron_oslomsg_notify_vhost, neutron_oslomsg_notify_vhost | selectattr('state', 'eq', 'present') | map(attribute='name') | first)
}}
###
### Open vSwitch
@ -233,7 +245,7 @@ neutron_plugins:
neutron_ml2_mechanism_drivers: >-
{%- set _var = [] -%}
{%- for plugin in [neutron_plugin_type]|union(neutron_plugin_types) -%}
{%- for plugin in [neutron_plugin_type] | union(neutron_plugin_types) -%}
{%- if _var.append(neutron_plugins[plugin].mechanisms) -%}{%- endif -%}
{%- endfor -%}
{%- if neutron_l2_population | bool -%}
@ -247,7 +259,11 @@ _neutron_non_tunnel_types:
- vlan
- local
_neutron_ovs_disabled: "{{ (neutron_services['neutron-ovn-northd']['group'] or neutron_services['neutron-server']['group'] in group_names) and (neutron_services['neutron-ovn-controller']['group'] not in group_names) and (neutron_plugin_type == 'ml2.ovn') }}"
_neutron_ovs_disabled: >-
{{
(neutron_services['neutron-ovn-northd']['group'] or neutron_services['neutron-server']['group'] in group_names) and
(neutron_services['neutron-ovn-controller']['group'] not in group_names) and (neutron_plugin_type == 'ml2.ovn')
}}
# Tunnel network types used by the OVS agent
neutron_tunnel_types: "{{ neutron_ml2_drivers_type.split(',') | difference(_neutron_non_tunnel_types) | join(',') }}"
@ -260,7 +276,7 @@ opendaylight_extra_features: |-
{%- endif -%}
{{ features }}
opendaylight_install_method: "{{ (ansible_facts['os_family']=='Debian') | ternary('deb_repo', 'rpm_repo') }}"
opendaylight_install_method: "{{ (ansible_facts['os_family'] == 'Debian') | ternary('deb_repo', 'rpm_repo') }}"
ovs_manager_list: |-
{% set ovs_managers_odls = [] %}
@ -273,9 +289,14 @@ ovs_manager_list: |-
###
## Please add 'router' to the neutron_plugin_base list
#TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle
# TODO(odyssey4me): Remove the class path from this conditional in the Newton cycle
# Should the neutron-l3-agent service should be enabled on the host
neutron_l3: "{% if 'router' in neutron_plugin_base or 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base or 'df-l3' in neutron_plugin_base %}True{% else %}False{% endif %}"
neutron_l3: >-
{%
if 'router' in neutron_plugin_base or
'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin' in neutron_plugin_base or
'df-l3' in neutron_plugin_base
%}True{% else %}False{% endif %}
###
### DHCP Agent Plugin Configuration
@ -387,7 +408,8 @@ neutron_services:
service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: dhcp_agent.ini
service_rootwrap: rootwrap.d/dhcp.filters
execstarts: "{{ neutron_bin }}/neutron-dhcp-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini"
execstarts: >-
{{ neutron_bin }}/neutron-dhcp-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/dhcp_agent.ini
config_overrides: "{{ neutron_dhcp_agent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_dhcp_agent_init_overrides }}"
@ -399,7 +421,9 @@ neutron_services:
service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: plugins/ml2/openvswitch_agent.ini
service_rootwrap: rootwrap.d/openvswitch-plugin.filters
execstarts: "{{ neutron_bin }}/neutron-openvswitch-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini"
execstarts: >-
{{ neutron_bin }}/neutron-openvswitch-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/openvswitch_agent.ini
config_overrides: "{{ neutron_openvswitch_agent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_openvswitch_agent_init_overrides }}"
@ -411,7 +435,9 @@ neutron_services:
service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: plugins/ml2/linuxbridge_agent.ini
service_rootwrap: rootwrap.d/linuxbridge-plugin.filters
execstarts: "{{ neutron_bin }}/neutron-linuxbridge-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini"
execstarts: >-
{{ neutron_bin }}/neutron-linuxbridge-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/linuxbridge_agent.ini
config_overrides: "{{ neutron_linuxbridge_agent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_linuxbridge_agent_init_overrides }}"
@ -422,7 +448,8 @@ neutron_services:
service_en: "{{ neutron_metadata | bool }}"
service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: metadata_agent.ini
execstarts: "{{ neutron_bin }}/neutron-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini"
execstarts: >-
{{ neutron_bin }}/neutron-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metadata_agent.ini
config_overrides: "{{ neutron_metadata_agent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_metadata_agent_init_overrides }}"
@ -433,7 +460,8 @@ neutron_services:
service_en: "{{ neutron_metering | bool }}"
service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: metering_agent.ini
execstarts: "{{ neutron_bin }}/neutron-metering-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini"
execstarts: >-
{{ neutron_bin }}/neutron-metering-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/metering_agent.ini
config_overrides: "{{ neutron_metering_agent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_metering_agent_init_overrides }}"
@ -458,7 +486,8 @@ neutron_services:
service_en: "{{ neutron_bgp | bool }}"
service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: bgp_dragent.ini
execstarts: "{{ neutron_bin }}/neutron-bgp-dragent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/bgp_dragent.ini"
execstarts: >-
{{ neutron_bin }}/neutron-bgp-dragent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/bgp_dragent.ini
config_overrides: "{{ neutron_bgp_dragent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_bgp_dragent_init_overrides }}"
@ -473,9 +502,18 @@ neutron_services:
uwsgi_bind_address: "{{ neutron_api_bind_address }}"
uwsgi_port: "{{ neutron_service_port }}"
uwsgi_tls: "{{ neutron_backend_ssl | ternary(neutron_uwsgi_tls, {}) }}"
uwsgi_pyargv: "--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}"
uwsgi_pyargv: >-
--config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini -}}
{% if ('ml2.genericswitch' in neutron_plugin_types) -%}
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}
{% endif %}
wsgi_name: "neutron-api"
execstarts: "{{ neutron_bin }}/neutron-server --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}"
execstarts: >-
{{ neutron_bin }}/neutron-server --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}
{% if ('ml2.genericswitch' in neutron_plugin_types) -%}
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}
{% endif %}
init_config_overrides: "{{ neutron_server_init_overrides }}"
neutron-rpc-server:
group: neutron_server
@ -483,14 +521,21 @@ neutron_services:
service_en: "{{ neutron_use_uwsgi }}"
init_config_overrides: "{{ neutron_rpc_server_init_overrides | combine(neutron_server_init_overrides) }}"
start_order: 2
execstarts: "{{ neutron_bin }}/neutron-rpc-server --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}{%- if ('ml2.genericswitch' in neutron_plugin_types) %} --config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}{%- endif %}"
execstarts: >-
{{ neutron_bin }}/neutron-rpc-server --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins[neutron_plugin_type].plugin_ini }}
{% if ('ml2.genericswitch' in neutron_plugin_types) -%}
--config-file {{ neutron_conf_dir }}/{{ neutron_plugins['ml2.genericswitch'].plugin_ini }}
{% endif %}
neutron-sriov-nic-agent:
group: neutron_sriov_nic_agent
service_name: neutron-sriov-nic-agent
service_en: "{{ 'ml2.sriov' in neutron_plugin_types }}"
service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: plugins/ml2/sriov_nic_agent.ini
execstarts: "{{ neutron_bin }}/neutron-sriov-nic-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/sriov_nic_agent.ini"
execstarts: >-
{{ neutron_bin }}/neutron-sriov-nic-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/sriov_nic_agent.ini
config_overrides: "{{ neutron_sriov_nic_agent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_sriov_nic_agent_init_overrides }}"
@ -511,7 +556,9 @@ neutron_services:
service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: neutron_ovn_metadata_agent.ini
service_rootwrap: rootwrap.d/ovn-plugin.filters
execstarts: "{{ neutron_bin }}/neutron-ovn-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/neutron_ovn_metadata_agent.ini"
execstarts: >-
{{ neutron_bin }}/neutron-ovn-metadata-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/neutron_ovn_metadata_agent.ini
config_overrides: "{{ neutron_ovn_metadata_agent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_ovn_metadata_agent_init_overrides }}"
@ -522,7 +569,9 @@ neutron_services:
service_en: "{{ 'ml2.baremetal' in neutron_plugin_types }}"
service_conf_path: "{{ neutron_conf_version_dir }}"
service_conf: plugins/ml2/ironic_neutron_agent.ini
execstarts: "{{ neutron_bin }}/ironic-neutron-agent --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/ironic_neutron_agent.ini"
execstarts: >-
{{ neutron_bin }}/ironic-neutron-agent --config-file {{ neutron_conf_dir }}/neutron.conf
--config-file {{ neutron_conf_dir }}/plugins/ml2/ml2_conf.ini --config-file {{ neutron_conf_dir }}/plugins/ml2/ironic_neutron_agent.ini
config_overrides: "{{ neutron_ironic_neutron_agent_ini_overrides }}"
config_type: "ini"
init_config_overrides: "{{ neutron_ironic_neutron_agent_init_overrides }}"