x
/
fuel-ccp-neutron
Code Issues Proposed changes

Retire repository 

Fuel (from openstack namespace) and fuel-ccp (in x namespace)
repositories are unused and ready to retire.

This change removes all content from the repository and adds the usual
README file to point out that the repository is retired following the
process from
https://docs.openstack.org/infra/manual/drivers.html#retiring-a-project

See also
http://lists.openstack.org/pipermail/openstack-discuss/2019-December/011647.html

Depends-On: https://review.opendev.org/699362
Change-Id: I673a4a600659a8cf7516e125c4754f3bfca4f1cc
This commit is contained in:
Andreas Jaeger 2019-12-18 09:50:31 +01:00
parent c911fc4f60
commit 8574c17c19
61 changed files with 10 additions and 1843 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
.gitignore vendored
View File

@ -1,69 +0,0 @@
*.py[cod]
# C extensions
*.so
# Packages
*.egg
*.egg-info
dist
build
.eggs
eggs
parts
bin
var
sdist
develop-eggs
.installed.cfg
lib
lib64
# Installer logs
pip-log.txt
# Unit test / coverage reports
.coverage
cover
.tox
nosetests.xml
.testrepository
.venv
# Translations
*.mo
# Mr Developer
.mr.developer.cfg
.project
.pydevproject
# Complexity
output/*.html
output/*/index.html
# Sphinx
doc/build
# oslo-config-generator
etc/*.sample
# pbr generates these
AUTHORS
ChangeLog
# Editors
*~
.*.swp
.*sw?
# Vagrant
.vagrant
vagrant/Vagrantfile.custom
vagrant/vagrantkey*
# generated openrc
openrc
# tests
tests/.cache/*

176
LICENSE
View File

@ -1,176 +0,0 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.

10
README.rst Normal file
View File

@ -0,0 +1,10 @@
This project is no longer maintained.
The contents of this repository are still available in the Git
source code management system. To see the contents of this
repository before it reached its end of life, please check out the
previous commit with "git checkout HEAD^1".
For any further questions, please email
openstack-discuss@lists.openstack.org or join #openstack-dev on
Freenode.

2
docker/calico-dhcp-agent/Dockerfile.j2
View File

@ -1,2 +0,0 @@
FROM {{ image_spec("neutron-base") }}
MAINTAINER {{ maintainer }}

2
docker/calico-felix/Dockerfile.j2
View File

@ -1,2 +0,0 @@
FROM {{ image_spec("neutron-base") }}
MAINTAINER {{ maintainer }}

51
docker/neutron-base/Dockerfile.j2
View File

@ -1,51 +0,0 @@
FROM {{ image_spec("openstack-base") }}
MAINTAINER {{ maintainer }}
RUN apt-get update \
&& apt-get -y install --no-install-recommends \
iputils-arping \
conntrack \
dnsmasq \
dnsmasq-utils \
ipset \
iptables \
openvswitch-switch \
uuid-runtime \
mysql-client \
net-tools \
&& apt-get clean
{{ copy_sources("openstack/neutron", "/neutron") }}
{{ copy_sources("projectcalico/libcalico", "/libcalico") }}
{{ copy_sources("projectcalico/calico", "/calico") }}
{{ copy_sources("openstack/networking-calico", "/networking-calico") }}
{{ copy_sources("openstack/networking-odl", "/networking-odl") }}
RUN cd /neutron \
&& useradd --user-group neutron \
&& /var/lib/microservices/venv/bin/pip install /neutron \
&& mkdir -p /etc/neutron /usr/share/neutron /var/lib/neutron /home/neutron \
&& cp -r /neutron/etc/* /etc/neutron/ \
&& cp -r /neutron/etc/neutron/* /etc/neutron/ \
&& cp /neutron/etc/api-paste.ini /usr/share/neutron \
&& mv /etc/neutron/neutron/ /etc/neutron/plugins/ \
&& chown -R neutron: /etc/neutron /usr/share/neutron /var/lib/neutron /home/neutron \
&& sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/microservices/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/neutron/rootwrap.conf
COPY neutron_sudoers /etc/sudoers.d/neutron_sudoers
RUN usermod -a -G microservices neutron \
&& chmod 750 /etc/sudoers.d \
&& chmod 440 /etc/sudoers.d/neutron_sudoers
RUN /var/lib/microservices/venv/bin/pip install /libcalico \
&& rm -rf /libcalico \
&& mkdir -p /var/log/calico /etc/calico \
&& /var/lib/microservices/venv/bin/pip install /calico \
&& rm -rf /calico \
&& /var/lib/microservices/venv/bin/pip install /networking-calico \
&& rm -rf /networking-calico \
&& /var/lib/microservices/venv/bin/pip install /networking-odl \
&& rm -rf /networking-odl
ENV PATH /var/lib/microservices/venv/bin:$PATH

2
docker/neutron-base/neutron_sudoers
View File

@ -1,2 +0,0 @@
neutron ALL = (root) NOPASSWD: /var/lib/microservices/venv/bin/neutron-rootwrap /etc/neutron/rootwrap.conf *
neutron ALL = (root) NOPASSWD: /var/lib/microservices/venv/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf *

2
docker/neutron-dhcp-agent/Dockerfile.j2
View File

@ -1,2 +0,0 @@
FROM {{ image_spec("neutron-base") }}
MAINTAINER {{ maintainer }}

6
docker/neutron-l3-agent/Dockerfile.j2
View File

@ -1,6 +0,0 @@
FROM {{ image_spec("neutron-base") }}
MAINTAINER {{ maintainer }}
RUN apt-get -y install --no-install-recommends \
keepalived \
&& apt-get clean

8
docker/neutron-metadata-agent/Dockerfile.j2
View File

@ -1,8 +0,0 @@
FROM {{ image_spec("neutron-base") }}
MAINTAINER {{ maintainer }}
COPY neutron_sudoers /etc/sudoers.d/neutron_sudoers
RUN chmod 750 /etc/sudoers.d \
&& chmod 440 /etc/sudoers.d/neutron_sudoers
USER neutron

1
docker/neutron-metadata-agent/neutron_sudoers
View File

@ -1 +0,0 @@
%microservices ALL=(root) NOPASSWD: /bin/chown neutron\: /var/lib/neutron/ccp, /usr/bin/chown neutron\: /var/lib/neutron/ccp

2
docker/neutron-openvswitch-agent/Dockerfile.j2
View File

@ -1,2 +0,0 @@
FROM {{ image_spec("neutron-base") }}
MAINTAINER {{ maintainer }}

4
docker/neutron-server/Dockerfile.j2
View File

@ -1,4 +0,0 @@
FROM {{ image_spec("neutron-base") }}
MAINTAINER {{ maintainer }}
USER neutron

2
docker/neutron-sriov-nic-agent/Dockerfile.j2
View File

@ -1,2 +0,0 @@
FROM {{ image_spec("neutron-base") }}
MAINTAINER {{ maintainer }}

16
docker/opendaylight/Dockerfile.j2
View File

@ -1,16 +0,0 @@
FROM {{ image_spec("base-tools") }}
MAINTAINER {{ maintainer }}
ENV JAVA_HOME /usr/lib/jvm/java-1.8.0-openjdk-amd64/
COPY {{ render('install_odl.sh.j2') }} /tmp/install_odl.sh
RUN apt-get update && \
apt-get install -y -t jessie-backports openjdk-8-jre-headless ca-certificates-java && \
apt-get install -y openjdk-8-jre libxml-xpath-perl && \
mkdir /odl && cd /odl && \
sh -ex /tmp/install_odl.sh && \
apt-get -y purge libxml-xpath-perl && \
apt-get clean
WORKDIR /odl/

6
docker/opendaylight/install_odl.sh.j2
View File

@ -1,6 +0,0 @@
curl -Lo maven-metadata.xml {{ url.opendaylight }}/{{ karaf_version }}/maven-metadata.xml
BUNDLE_TIMESTAMP=`xpath -e "//snapshotVersion[extension='tar.gz'][1]/value/text()" maven-metadata.xml 2>/dev/null`
curl -Lo distribution-karaf.tar.gz {{ url.opendaylight }}/{{ karaf_version }}/distribution-karaf-${BUNDLE_TIMESTAMP}.tar.gz
tar -xvzf distribution-karaf.tar.gz --strip-components=1
rm -rf distribution-karaf.tar.gz

84
docker/openvswitch-base/Dockerfile.j2
View File

@ -1,84 +0,0 @@
FROM {{ image_spec("base-tools") }}
MAINTAINER {{ maintainer }}
{% if ovs_version == "system" %}
RUN apt-get update && apt-get -y install --no-install-recommends \
openvswitch-switch \
&& apt-get clean
{% elif dpdk_version != "none" %}
RUN apt-get update && apt-get -y install --no-install-recommends \
gcc \
libc6-dev \
libssl-dev \
libcap-ng-dev \
libatomic1 \
pciutils \
make \
module-init-tools \
xz-utils \
&& echo Installing DPDK \
&& curl -LO {{ url.dpdk }}/dpdk-{{ dpdk_version }}.tar.xz \
&& tar -xf dpdk-{{ dpdk_version }}.tar.xz \
&& rm -f dpdk-{{ dpdk_version }}.tar.xz \
&& rename "s/-stable//" dpdk-* \
&& cd dpdk-{{ dpdk_version }} \
&& sed -i "/UIO\\|KMOD\\|KNI\\|POWER/s/=.*/=n/" config/common_linuxapp \
&& make install T=x86_64-native-linuxapp-gcc DESTDIR=install \
&& cd tools \
&& install dpdk-devbind.py dpdk-pmdinfo.py /usr/bin \
&& cd ../.. \
\
&& echo Installing OVS \
&& curl -LO {{ url.ovs }}/openvswitch-{{ ovs_version }}.tar.gz \
&& tar -xf openvswitch-{{ ovs_version }}.tar.gz \
&& rm -f openvswitch-{{ ovs_version }}.tar.gz \
&& cd openvswitch-{{ ovs_version }} \
&& ./configure \
--with-dpdk=../dpdk-{{ dpdk_version }}/x86_64-native-linuxapp-gcc \
--prefix=/usr \
--localstatedir=/var \
--sysconfdir=/etc \
&& make && make install && make clean \
&& cd .. \
\
&& echo Cleanup \
&& rm -rf dpdk-{{ dpdk_version }} \
&& rm -rf openvswitch-{{ ovs_version }} \
&& apt-get purge -y \
gcc \
libc6-dev \
make \
xz-utils \
&& apt-get autoremove -y \
&& apt-get clean
{% else %}
RUN apt-get update && apt-get -y install --no-install-recommends \
gcc \
libc6-dev \
libssl-dev \
libcap-ng-dev \
libatomic1 \
make \
module-init-tools \
&& echo Installing OVS \
&& curl -LO {{ url.ovs }}/openvswitch-{{ ovs_version }}.tar.gz \
&& tar -xf openvswitch-{{ ovs_version }}.tar.gz \
&& rm -f openvswitch-{{ ovs_version }}.tar.gz \
&& cd openvswitch-{{ ovs_version }} \
&& ./configure \
--prefix=/usr \
--localstatedir=/var \
--sysconfdir=/etc \
&& make && make install && make clean \
&& cd .. \
\
&& echo Cleanup \
&& rm -rf openvswitch-{{ ovs_version }} \
&& apt-get purge -y \
gcc \
libc6-dev \
make \
xz-utils \
&& apt-get autoremove -y \
&& apt-get clean
{% endif %}

2
docker/openvswitch-db/Dockerfile.j2
View File

@ -1,2 +0,0 @@
FROM {{ image_spec("openvswitch-base") }}
MAINTAINER {{ maintainer }}

3
docker/openvswitch-vswitchd/Dockerfile.j2
View File

@ -1,3 +0,0 @@
FROM {{ image_spec("openvswitch-base") }}
MAINTAINER {{ maintainer }}

11
service/actions/db-sync.yaml
View File

@ -1,11 +0,0 @@
actions:
- name: neutron-db-sync
image: neutron-base
dependencies:
- neutron-db-create
command: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head
files:
- path: /etc/neutron/neutron.conf
content: neutron.conf.j2
- path: /etc/neutron/plugins/ml2/ml2_conf.ini
content: ml2_conf.ini.j2

36
service/calico-dhcp-agent.yaml
View File

@ -1,36 +0,0 @@
dsl_version: 0.1.0
service:
name: calico-dhcp-agent
kind: DaemonSet
hostNetwork: true
containers:
- name: calico-dhcp-agent
image: calico-dhcp-agent
privileged: true
volumes:
- name: metadata-socket
type: host
path: /var/lib/neutron/ccp
daemon:
command: calico-dhcp-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
dependencies:
- neutron-db-sync
- rpc
- notifications
files:
- neutron.conf
- ml2-conf.ini
- dnsmasq.conf
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
ml2-conf.ini:
path: /etc/neutron/plugins/ml2/ml2_conf.ini
content: ml2_conf.ini.j2
perm: "0600"
dnsmasq.conf:
path: /etc/neutron/dnsmasq.conf
content: dnsmasq.conf.j2
perm: "0600"

42
service/calico-felix.yaml
View File

@ -1,42 +0,0 @@
dsl_version: 0.1.0
service:
name: calico-felix
kind: DaemonSet
hostNetwork: true
containers:
- name: calico-felix
image: calico-felix
privileged: true
daemon:
command: calico-felix --config-file=/etc/calico/felix.cfg
dependencies:
- neutron-db-sync
- neutron-server
files:
- neutron.conf
- ml2-conf.ini
- felix.cfg
# {% set int = neutron.bootstrap.internal %}
# {% if int.enable %}
# {% if neutron.plugin_agent == 'calico' %}
post:
- name: neutron-bootstrap-int-net-create
type: single
dependencies:
- neutron-server
command: openstack network create --provider-network-type local {{ int.net_name }}
# {% endif %}
# {% endif %}
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
ml2-conf.ini:
path: /etc/neutron/plugins/ml2/ml2_conf.ini
content: ml2_conf.ini.j2
perm: "0600"
felix.cfg:
path: /etc/calico/felix.cfg
content: felix.cfg.j2
perm: "0600"

6
service/files/backup.sh.j2
View File

@ -1,6 +0,0 @@
#!/bin/bash -ex
set -o pipefail
BACKUP_FILE="/var/ccp/backup/neutron/backup-$(date "+%Y%m%d%H%M%S").sql"
mysqldump {% if db.tls.enabled %} --ssl-mode REQUIRED {% endif %} -h {{ address("database") }} \
-u {{ neutron.db.username }} -p{{ neutron.db.password }} \
--single-transaction {{ neutron.db.name }} > "${BACKUP_FILE}"

1
service/files/ca-cert.pem.j2
View File

@ -1 +0,0 @@
{{ security.tls.ca_cert }}

137
service/files/defaults.yaml
View File

@ -1,137 +0,0 @@
configs:
neutron:
tls:
enabled: true
db:
max_pool_size: 10
max_overflow: 50
server_port:
cont: 9696
ingress: network
core_plugin: "ml2"
ml2:
tenant_network_types:
- "vxlan"
vni_ranges:
- "1:1000"
dhcp_agent:
enable_isolated_metadata: true
physnets:
- name: "physnet1"
bridge_name: "br-ex"
interface: "eth2"
flat: true
vlan_range: false
dpdk: false
dpdk:
driver: vfio-pci
pmd_cpu_mask: 4
core_cpu_mask: 2
mem_channels: 4
socket_mem: 2048,2048
debug: false
plugin_agent: "openvswitch"
l3_ha: false
dvr: false
ovsdb:
interface: "native"
connection: "unix:/run/openvswitch/db.sock"
enable_lbaas: false
enable_qos: false
sriov:
enabled: false
calico:
etcd_host: "etcd-k8s"
etcd_port: 2379
bootstrap:
external:
enable: false
net_name: ext-net
subnet_name: ext-subnet
physnet: changeme
network: changeme
gateway: changeme
nameserver: changeme
pool:
start: changeme
end: changeme
internal:
enable: true
net_name: int-net
subnet_name: int-subnet
subnetpool_name: int-default-pool
pool_prefix: 10.50.0.0/16
subnet_prefix_length: 24
dns_servers:
- 8.8.8.8
- 8.8.4.4
router:
name: ext-router
ovs_db:
loglevel: "info"
opendaylight:
api_port:
cont: 8080
ovs_port:
cont: 6640
openflow_port1:
cont: 6633
openflow_port2:
cont: 6653
dlux_port:
cont: 8181
karaf:
features_boot:
- odl-neutron-service
- odl-neutron-logger
- odl-restconf-all
- odl-aaa-authn
- odl-dlux-core
- odl-mdsal-apidocs
- odl-netvirt-openstack
- odl-ovsdb-ui
logging:
max_file_size: 1024GB
secret_configs:
neutron:
db:
password: password
name: neutron
username: neutron
username: neutron
password: password
opendaylight:
username: admin
password: password
sources:
openstack/neutron:
git_url: https://git.openstack.org/openstack/neutron.git
git_ref: stable/newton
projectcalico/calico:
git_url: https://github.com/projectcalico/felix.git
git_ref: 1.4.3
projectcalico/libcalico:
git_url: https://github.com/projectcalico/libcalico.git
git_ref: v0.17.0
openstack/networking-calico:
git_url: https://github.com/openstack/networking-calico.git
git_ref: master
openstack/networking-odl:
git_url: https://github.com/openstack/networking-odl.git
git_ref: stable/newton
versions:
karaf_version: "0.5.3-SNAPSHOT"
ovs_version: "system"
dpdk_version: "none"
url:
ovs: http://openvswitch.org/releases
opendaylight: https://nexus.opendaylight.org/content/repositories/opendaylight.snapshot/org/opendaylight/integration/distribution-karaf
dpdk: http://fast.dpdk.org/rel

8
service/files/dhcp_agent.ini.j2
View File

@ -1,8 +0,0 @@
# dhcp_agent.ini
[DEFAULT]
dnsmasq_config_file = /etc/neutron/dnsmasq.conf
enable_isolated_metadata = {{ neutron.dhcp_agent.enable_isolated_metadata }}
[ovs]
ovsdb_interface = {{ neutron.ovsdb.interface }}
ovsdb_connection = {{ neutron.ovsdb.connection }}

1
service/files/dnsmasq.conf.j2
View File

@ -1 +0,0 @@
log-facility=/tmp/dnsmasq.log

5
service/files/felix.cfg.j2
View File

@ -1,5 +0,0 @@
[global]
MetadataPort = 8775
MetadataAddr = nova-api
EtcdAddr = {{ calico_etcd_host }}:{{ calico_etcd_port }}
#FelixHostname = hostname

4
service/files/l3_agent.ini.j2
View File

@ -1,4 +0,0 @@
# l3_agent.ini
[DEFAULT]
agent_mode = {% if neutron.dvr %} dvr_snat {% else %} legacy {% endif %}
external_network_bridge =

3
service/files/l3_agent_compute.ini.j2
View File

@ -1,3 +0,0 @@
# l3_agent_compute.ini
[DEFAULT]
agent_mode = dvr

6
service/files/metadata-agent-bootstrap.sh
View File

@ -1,6 +0,0 @@
#!/bin/bash
# Only update permissions if permissions need to be updated
if [[ $(stat -c %U:%G /var/lib/neutron/ccp) != "neutron:neutron" ]]; then
sudo chown neutron: /var/lib/neutron/ccp
fi

5
service/files/metadata-agent.ini.j2
View File

@ -1,5 +0,0 @@
# metadata_agent.ini
[DEFAULT]
nova_metadata_ip = {{ address('nova-api') }}
nova_metadata_port = {{ nova.metadata.port.cont }}
metadata_proxy_shared_secret = {{ nova.metadata.secret }}

103
service/files/ml2_conf.ini.j2
View File

@ -1,103 +0,0 @@
# ml2_conf.ini
[ml2]
# Changing type_drivers after bootstrap can lead to database inconsistencies
{% if neutron.plugin_agent == "calico" %}
type_drivers = local, flat
tenant_network_types = local
{% else %}
type_drivers = flat,vlan,vxlan
tenant_network_types = {{ neutron.ml2.tenant_network_types|join(',') }}
{% endif %}
{% if neutron.plugin_agent == "openvswitch" %}
{% if neutron.sriov.enabled %}
mechanism_drivers = openvswitch,sriovnicswitch
{% else %}
mechanism_drivers = openvswitch,l2population
{% endif %}
{% elif neutron.plugin_agent == "linuxbridge" %}
mechanism_drivers = linuxbridge,l2population
{% elif neutron.plugin_agent == "calico" %}
mechanism_drivers = calico
{% elif neutron.plugin_agent == "opendaylight" %}
mechanism_drivers = opendaylight, logger
{% endif %}
extension_drivers = port_security{% if neutron.enable_qos %},qos{% endif %}
[ml2_type_vlan]
network_vlan_ranges =
{%- for net in neutron.physnets if net.vlan_range -%}
{%- if not loop.first %},{% endif -%}
{{ net.name }}:{{ net.vlan_range }}
{%- endfor %}
[ml2_type_flat]
flat_networks =
{%- for net in neutron.physnets if net.flat -%}
{%- if not loop.first %},{% endif -%}
{{ net.name }}
{%- endfor %}
[ml2_type_vxlan]
vni_ranges = {{ neutron.ml2.vni_ranges|join(',') }}
vxlan_group = 239.1.1.1
[securitygroup]
{% if neutron.plugin_agent == "openvswitch" %}
{% if True in neutron.physnets|map(attribute="dpdk") %}
firewall_driver = openvswitch
{% else %}
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
{% endif %}
{% elif neutron.plugin_agent == "linuxbridge" %}
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
{% endif %}
{% if neutron.plugin_agent == "openvswitch" %}
[agent]
tunnel_types = vxlan
l2_population = true
arp_responder = true
{% if neutron.dvr %}
enable_distributed_routing = true
{% endif %}
[ovs]
{% if True in neutron.physnets|map(attribute="dpdk") %}
datapath_type = netdev
{% endif %}
ovsdb_interface = {{ neutron.ovsdb.interface }}
ovsdb_connection = {{ neutron.ovsdb.connection }}
bridge_mappings =
{%- for net in neutron.physnets -%}
{%- if not loop.first %},{% endif -%}
{{ net.name }}:{{ net.bridge_name }}
{%- endfor %}
{% elif neutron.plugin_agent == "linuxbridge" %}
[linux_bridge]
physical_interface_mappings =
{%- for net in neutron.physnets -%}
{%- if not loop.first %},{% endif -%}
{{ net.name }}:{{ net.interface }}
{%- endfor %}
[vxlan]
l2_population = true
{% endif %}
local_ip = {{ network_topology["private"]["address"] }}
{% if neutron.plugin_agent == "calico" %}
[calico]
etcd_host = {{ neutron.calico.etcd_host }}
etcd_port = {{ neutron.calico.etcd_port }}
{% endif %}
{% if neutron.plugin_agent == "opendaylight" %}
[ml2_odl]
port_binding_controller = network-topology
password = {{ opendaylight.password }}
username = {{ opendaylight.username }}
url = {{ address('opendaylight', port=opendaylight.api_port, with_scheme=True) }}/controller/nb/v2/neutron
{% endif %}

84
service/files/neutron.conf.j2
View File

@ -1,84 +0,0 @@
# neutron.conf
[DEFAULT]
debug = {{ neutron.debug }}
use_stderr = true
use_syslog = false
{% if neutron.tls.enabled %}
bind_host = 127.0.0.1
{% else %}
bind_host = {{ network_topology["private"]["address"] }}
{% endif %}
bind_port = {{ neutron.server_port.cont }}
api_paste_config = /usr/share/neutron/api-paste.ini
endpoint_type = internalURL
metadata_proxy_socket = /var/lib/neutron/ccp/metadata_proxy
{% if neutron.plugin_agent in ["openvswitch", "opendaylight"] %}
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
{% elif neutron.plugin_agent == "linuxbridge" %}
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
{% endif %}
allow_overlapping_ips = true
dhcp_agents_per_network = 2
core_plugin = {{ neutron.core_plugin }}
service_plugins = {% if neutron.plugin_agent == "opendaylight" %}odl-router{% else %}router{% endif %}{% if neutron.enable_lbaas %},neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2{% endif %}{% if neutron.enable_qos %},qos{% endif %}
# Enable HA mode for virtual routers. (boolean value)
l3_ha = {{ neutron.l3_ha }}
# If it is set to 0 then the ha router will be scheduled on every L3 agent.
max_l3_agents_per_router=0
{% if neutron.dvr %}
# System-wide flag to determine the type of router that tenants can create. Only admin can override. (boolean value)
router_distributed = true
{% endif %}
{% if neutron.enable_lbaas %}
[service_providers]
service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
{% endif %}
[nova]
auth_url = {{ address('keystone', keystone.admin_port, with_scheme=True) }}
auth_type = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = {{ nova.db.username }}
password = {{ nova.db.password }}
endpoint_type = internal
{% if nova.tls.enabled %}
cafile = /opt/ccp/etc/tls/ca.pem
{% endif %}
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[agent]
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
root_helper_daemon = sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf
[database]
connection = mysql+pymysql://{{ neutron.db.username }}:{{ neutron.db.password }}@{{ address("database") }}/{{ neutron.db.name }}{% if db.tls.enabled %}?ssl_ca=/opt/ccp/etc/tls/ca.pem{% endif %}
max_retries = -1
max_pool_size = {{ neutron.db.max_pool_size }}
max_overflow = {{ neutron.db.max_overflow }}
{{ keystone_authtoken.keystone_authtoken(neutron.username, neutron.password) }}
{% if searchlight is defined and (searchlight.services.neutron or searchlight.services.nova) %}
[oslo_messaging_notifications]
driver = {{ searchlight.notification_driver }}
{% endif %}
{# messaging macros templates #}
{{ oslo_messaging[messaging.backend.notifications]('notifications_config') }}
{{ oslo_messaging[messaging.backend.rpc]('rpc_config') }}

9
service/files/nginx-neutron-server.conf.j2
View File

@ -1,9 +0,0 @@
server {
listen {{ network_topology["private"]["address"] }}:{{ neutron.server_port.cont }} ssl;
include common/ssl.conf;
location / {
proxy_pass http://neutron_server;
include common/proxy-headers.conf;
}
}

5
service/files/odl-set-admin-password.sh.j2
View File

@ -1,5 +0,0 @@
#!/bin/bash -ex
data='{"name":"admin", "description":"admin account", "enabled":"true", "email":"", "password":"{{ opendaylight.password }}"}'
curl -u admin:admin -X PUT -H "Content-Type: application/json" --data "$data" {{ address('opendaylight', port=opendaylight.dlux_port, with_scheme=True) }}/auth/v1/users/admin@sdn

9
service/files/odl-wait-boot.sh.j2
View File

@ -1,9 +0,0 @@
#!/bin/bash -ex
odl_port={{ opendaylight.ovs_port.cont }}
odl_boot_wait_url=restconf/operational/network-topology:network-topology/topology/netvirt:1
odl_boot_wait_timeout=60
odl_retry_check_interval=5
curl -o /dev/null --fail --silent --head -u admin:admin http://127.0.0.1:${odl_port}/${odl_boot_wait_url}

6
service/files/openvswitch-db-bootstrap.sh
View File

@ -1,6 +0,0 @@
#!/bin/bash
mkdir -p "/run/openvswitch"
if [[ ! -e "/etc/openvswitch/conf.db" ]]; then
ovsdb-tool create "/etc/openvswitch/conf.db"
fi

54
service/files/org.apache.karaf.features.cfg.j2
View File

@ -1,54 +0,0 @@
################################################################################
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################
#
# Defines if the startlvl should be respected during feature startup. The default value is true. The default
# behavior for 2.x is false (!) for this property
#
# Be aware that this property is deprecated and will be removed in Karaf 4.0. So, if you need to
# set this to false, please use this only as a temporary solution!
#
#respectStartLvlDuringFeatureStartup=true
#
# Defines if the startlvl should be respected during feature uninstall. The default value is true.
# If true, means stop bundles respecting the descend order of start level in a certain feature.
#
#respectStartLvlDuringFeatureUninstall=true
#
# Comma separated list of features repositories to register by default
#
featuresRepositories = mvn:org.apache.karaf.features/standard/3.0.7/xml/features,mvn:org.apache.karaf.features/enterprise/3.0.7/xml/features,mvn:org.ops4j.pax.web/pax-web-features/3.2.9/xml/features,mvn:org.apache.karaf.features/spring/3.0.7/xml/features,mvn:org.opendaylight.integration/features-integration-index/0.5.3-SNAPSHOT/xml/features
#
# Comma separated list of features to install at startup
#
featuresBoot=config,standard,region,package,kar,ssh,management,{{ opendaylight.karaf.features_boot|join(',') }}
#
# Defines if the boot features are started in asynchronous mode (in a dedicated thread)
#
featuresBootAsynchronous=false
#
# Store cfg file for config element in feature
#
#configCfgStore=true

50
service/files/org.ops4j.pax.logging.cfg.j2
View File

@ -1,50 +0,0 @@
################################################################################
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
################################################################################
# Root logger
log4j.rootLogger=INFO, async, osgi:*
log4j.throwableRenderer=org.apache.log4j.OsgiThrowableRenderer
# CONSOLE appender not used by default
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ISO8601} | %-5.5p | %-16.16t | %-32.32c{1} | %X{bundle.id} - %X{bundle.name} - %X{bundle.version} | %m%n
# Async appender forwarding to file appender
log4j.appender.async=org.apache.log4j.AsyncAppender
log4j.appender.async.appenders=out
# File appender
log4j.appender.out=org.apache.log4j.RollingFileAppender
log4j.appender.out.layout=org.apache.log4j.PatternLayout
log4j.appender.out.layout.ConversionPattern=%d{ISO8601} | %-5.5p | %-16.16t | %-32.32c{1} | %X{bundle.id} - %X{bundle.name} - %X{bundle.version} | %m%n
log4j.appender.out.file=${karaf.data}/log/karaf.log
log4j.appender.out.append=true
log4j.appender.out.maxFileSize={{ opendaylight.logging.max_file_size }}
log4j.appender.out.maxBackupIndex=10
# Sift appender
log4j.appender.sift=org.apache.log4j.sift.MDCSiftingAppender
log4j.appender.sift.key=bundle.name
log4j.appender.sift.default=karaf
log4j.appender.sift.appender=org.apache.log4j.FileAppender
log4j.appender.sift.appender.layout=org.apache.log4j.PatternLayout
log4j.appender.sift.appender.layout.ConversionPattern=%d{ISO8601} | %-5.5p | %-16.16t | %-32.32c{1} | %m%n
log4j.appender.sift.appender.file=${karaf.data}/log/$\\{bundle.name\\}.log
log4j.appender.sift.appender.append=true

76
service/files/ovs-ensure-configured.sh.j2
View File

@ -1,76 +0,0 @@
#!/bin/bash
set -ex
{% if True in neutron.physnets|map(attribute="dpdk") %}
modprobe {{ neutron.dpdk.driver }}
dpdk_init=$(ovs-vsctl get Open_vSwitch . other_config:dpdk-init \
2>/dev/null || true)
if [ "$dpdk_init" != "True" ]; then
dpdk_ifnames={{ neutron.physnets
| selectattr("dpdk")
| map(attribute="interface")
| join("|") }}
pci_whitelist=$(dpdk-devbind.py -s \
| awk "/ if=($dpdk_ifnames) /{print \" -w \"\$1}")
ovs-vsctl --no-wait set Open_vSwitch . \
other_config:dpdk-init=True \
other_config:dpdk-hugepage-dir=/dev/hugepages \
other_config:pmd-cpu-mask={{ neutron.dpdk.pmd_cpu_mask }} \
other_config:dpdk-lcore-mask={{ neutron.dpdk.core_cpu_mask }} \
other_config:dpdk-mem-channels={{ neutron.dpdk.mem_channels }} \
other_config:dpdk-socket-mem={{ neutron.dpdk.socket_mem }} \
other_config:dpdk-extra=" --proc-type primary $pci_whitelist "
fi
dpdk_ofport=0
{% endif %}
{% for net in neutron.physnets %}
bridge={{ net.bridge_name }}
{% if net.dpdk %}
interface={{ net.interface }}
port_name=dpdk$dpdk_ofport
dpdk_ofport=$((dpdk_ofport+1))
{% else %}
interface={{ net.interface }}
port_name={{ net.interface }}
ip link set $interface up
{% endif %}
if ! ovs-vsctl br-exists $bridge; then
changed=changed
{% if net.dpdk %}
ovs-vsctl --no-wait add-br $bridge \
-- set Bridge $bridge datapath_type=netdev
{% else %}
ovs-vsctl --no-wait add-br $bridge
{% endif %}
fi
if [[ ! $(ovs-vsctl list-ports $bridge) =~ $(echo "\<$port_name\>") ]]; then
changed=changed
ip_addrs=$(ip addr show $interface | awk "/inet/{print \$2}"|tr '\n' ' ')
{% if net.dpdk %}
pci_addr=$(dpdk-devbind.py -s|awk "/ if=$interface /{print \$1}")
mac_addr=$(cat /sys/class/net/$interface/address)
dpdk_driver={{ neutron.dpdk.driver }}
dpdk-devbind.py -b $dpdk_driver $pci_addr
ovs-vsctl --no-wait add-port $bridge $port_name \
-- set Interface $port_name \
type=dpdk \
options:dpdk-devargs=$pci_addr \
other_config:pci_address=$pci_addr \
other_config:driver=$dpdk_driver
ovs-vsctl --no-wait set bridge $bridge other_config:hwaddr=$mac_addr
{% else %}
ovs-vsctl --no-wait add-port $bridge $port_name
{% endif %}
ovs-vsctl --no-wait set bridge $bridge other_config:ipaddrs="$ip_addrs"
fi
echo $changed
{% endfor %}

20
service/files/ovs-set-bridge-ip.sh.j2
View File

@ -1,20 +0,0 @@
#!/bin/bash
set -ex
{% for net in neutron.physnets %}
bridge={{ net.bridge_name }}
port={{ net.interface }}
{% if not net.dpdk %}
ip addr flush dev $port
ip link set dev $port up
{% endif %}
ip_addrs=$(ovs-vsctl get bridge $bridge other_config:ipaddrs|tr -d \")
for ip_addr in $ip_addrs; do
ip addr add $ip_addr dev $bridge
done
ip link set dev $bridge up
{% endfor %}

20
service/files/ovs-set-managed-by-odl.sh.j2
View File

@ -1,20 +0,0 @@
#!/bin/bash
set -e
odl_ip={{ address('opendaylight') | gethostbyname }}
odl_port={{ opendaylight.ovs_port.cont }}
ovs-vsctl set-manager tcp:$odl_ip:$odl_port
ovs_id=$(ovs-vsctl get Open_vSwitch . _uuid)
local_ip="{{ network_topology["private"]["address"] }}"
ovs-vsctl set Open_vSwitch $ovs_id other_config:local_ip=$local_ip
provider_mappings=
{%- for net in neutron.physnets -%}
{%- if not loop.first %},{% endif -%}
{{ net.name }}:{{ net.interface }}
{%- endfor %}
ovs-vsctl set Open_vSwitch $ovs_id other_config:provider_mappings="$provider_mappings"

1
service/files/server-cert.pem.j2
View File

@ -1 +0,0 @@
{{ security.tls.server_cert }}

1
service/files/server-key.pem.j2
View File

@ -1 +0,0 @@
{{ security.tls.server_key }}

44
service/files/sriov_agent.ini.j2
View File

@ -1,44 +0,0 @@
[agent]
{% if neutron.enable_qos %}
extensions = qos
{% endif %}
[securitygroup]
firewall_driver = neutron.agent.firewall.NoopFirewallDriver
[sriov_nic]
#
# From neutron.ml2.sriov.agent
#
# Comma-separated list of <physical_network>:<network_device> tuples mapping
# physical network names to the agent's node-specific physical network device
# interfaces of SR-IOV physical function to be used for VLAN networks. All
# physical networks listed in network_vlan_ranges on the server should have
# mappings to appropriate interfaces on each agent. (list value)
physical_device_mappings =
{%- for dev in neutron.sriov.devices -%}
{%- for net in dev.physnets -%}
{%- if not loop.first %},{% endif -%}
{{ net }}:{{ dev.name }}
{%- endfor %}
{%- endfor %}
# Comma-separated list of <network_device>:<vfs_to_exclude> tuples, mapping
# network_device to the agent's node-specific list of virtual functions that
# should not be used for virtual networking. vfs_to_exclude is a semicolon-
# separated list of virtual functions to exclude from network_device. The
# network_device in the mapping should appear in the physical_device_mappings
# list. (list value)
exclude_devices =
{%- for dev in neutron.sriov.devices if dev.exclude_vfs -%}
{%- if not loop.first %},{% endif -%}
{{ dev.name }}:
{%- for vf in dev.exclude_vfs -%}
{%- if not loop.first %};{% endif -%}
{{ vf }}
{%- endfor %}
{%- endfor %}

3
service/files/upstreams.conf.j2
View File

@ -1,3 +0,0 @@
upstream neutron_server {
server 127.0.0.1:{{ neutron.server_port.cont }};
}

44
service/neutron-dhcp-agent.yaml
View File

@ -1,44 +0,0 @@
dsl_version: 0.1.0
service:
name: neutron-dhcp-agent
kind: DaemonSet
hostNetwork: true
containers:
- name: neutron-dhcp-agent
image: neutron-dhcp-agent
privileged: true
volumes:
- name: ovs-socket
type: host
path: /run/openvswitch
- name: metadata-socket
type: host
path: /var/lib/neutron/ccp
daemon:
command: neutron-dhcp-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini
dependencies:
- neutron-db-sync
- rpc
- notifications
files:
- neutron.conf
- ml2-conf.ini
- dhcp-agent.ini
- dnsmasq.conf
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
ml2-conf.ini:
path: /etc/neutron/plugins/ml2/ml2_conf.ini
content: ml2_conf.ini.j2
perm: "0600"
dhcp-agent.ini:
path: /etc/neutron/dhcp_agent.ini
content: dhcp_agent.ini.j2
perm: "0600"
dnsmasq.conf:
path: /etc/neutron/dnsmasq.conf
content: dnsmasq.conf.j2
perm: "0600"

37
service/neutron-l3-agent-compute.yaml
View File

@ -1,37 +0,0 @@
dsl_version: 0.2.0
service:
name: neutron-l3-agent-compute
antiAffinity: local
hostNetwork: true
containers:
- name: neutron-l3-agent
image: neutron-l3-agent
privileged: true
volumes:
- name: ovs-socket
type: host
path: /run/openvswitch
- name: metadata-socket
type: host
path: /var/lib/neutron/ccp
daemon:
command: neutron-l3-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent_compute.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
dependencies:
- rabbitmq
files:
- neutron.conf
- ml2-conf.ini
- l3-agent-compute.ini
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
ml2-conf.ini:
path: /etc/neutron/plugins/ml2/ml2_conf.ini
content: ml2_conf.ini.j2
perm: "0600"
l3-agent-compute.ini:
path: /etc/neutron/l3_agent_compute.ini
content: l3_agent_compute.ini.j2
perm: "0600"

95
service/neutron-l3-agent.yaml
View File

@ -1,95 +0,0 @@
dsl_version: 0.1.0
service:
name: neutron-l3-agent
kind: DaemonSet
hostNetwork: true
containers:
- name: neutron-l3-agent
image: neutron-l3-agent
privileged: true
volumes:
- name: ovs-socket
type: host
path: /run/openvswitch
- name: metadata-socket
type: host
path: /var/lib/neutron/ccp
daemon:
command: neutron-l3-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
dependencies:
- neutron-db-sync
- rpc
- notifications
files:
- neutron.conf
- ml2-conf.ini
- l3-agent.ini
post:
- name: neutron-bootstrap-router
type: single
dependencies:
- neutron-server
command: neutron --os-endpoint-type internal router-create {{ neutron.bootstrap.router.name }}
# {% set int = neutron.bootstrap.internal %}
# {% if int.enable %}
# {% if neutron.plugin_agent == 'openvswitch' %}
- name: neutron-bootstrap-int-net-create
type: single
dependencies:
- neutron-server
command: neutron --os-endpoint-type internal net-create {{ int.net_name }}
# {% endif %}
- name: neutron-bootstrap-int-net-subnetpool-create
type: single
dependencies:
- neutron-server
command: neutron --os-endpoint-type internal subnetpool-create --default-prefixlen {{ int.subnet_prefix_length }} --pool-prefix {{ int.pool_prefix }} --shared --is-default True {{ int.subnetpool_name }}
- name: neutron-bootstrap-int-net-subnet-create
type: single
dependencies:
- neutron-bootstrap-int-net-create
- neutron-bootstrap-int-net-subnetpool-create
command: neutron --os-endpoint-type internal subnet-create --use-default-subnetpool {% for svc in int.dns_servers %} --dns-nameserver {{ svc }} {% endfor %} --name {{ int.subnet_name }} {{ int.net_name }}
- name: neutron-bootstrap-int-net-add-route
type: single
dependencies:
- neutron-bootstrap-router
- neutron-bootstrap-int-net-subnet-create
command: neutron --os-endpoint-type internal router-interface-add {{ neutron.bootstrap.router.name }} {{ int.subnet_name }}
# {% endif %}
# {% set ext = neutron.bootstrap.external %}
# {% if ext.enable %}
# {% if "changeme" not in [ext.network, ext.physnet, ext.gateway, ext.nameserver, ext.pool.start, ext.pool.end] %}
- name: neutron-bootstrap-ext-net-create
type: single
dependencies:
- neutron-server
command: neutron --os-endpoint-type internal net-create --router:external=True --provider:network_type flat --provider:physical_network {{ ext.physnet }} {{ ext.net_name }}
- name: neutron-bootstrap-ext-subnet-create
type: single
dependencies:
- neutron-bootstrap-ext-net-create
command: neutron --os-endpoint-type internal subnet-create --name {{ ext.subnet_name }} --disable-dhcp --allocation-pool start={{ ext.pool.start }},end={{ ext.pool.end }} --dns-nameserver {{ ext.nameserver }} {{ ext.net_name }} {{ ext.network }}
- name: neutron-bootstrap-ext-net-set-gateway
type: single
dependencies:
- neutron-bootstrap-router
- neutron-bootstrap-ext-subnet-create
command: neutron --os-endpoint-type internal router-gateway-set {{ neutron.bootstrap.router.name }} {{ ext.net_name }}
# {% endif %}
# {% endif %}
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
ml2-conf.ini:
path: /etc/neutron/plugins/ml2/ml2_conf.ini
content: ml2_conf.ini.j2
perm: "0600"
l3-agent.ini:
path: /etc/neutron/l3_agent.ini
content: l3_agent.ini.j2
perm: "0600"

46
service/neutron-metadata-agent.yaml
View File

@ -1,46 +0,0 @@
dsl_version: 0.2.0
service:
name: neutron-metadata-agent
# {% if neutron.dvr %}
antiAffinity: local
# {% endif %}
hostNetwork: true
containers:
- name: neutron-metadata-agent
image: neutron-metadata-agent
privileged: true
volumes:
- name: metadata-socket
type: host
path: /var/lib/neutron/ccp
pre:
- name: metadata-agent-bootstrap
command: /tmp/metadata-agent-bootstrap.sh
daemon:
command: neutron-metadata-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata-agent.ini
dependencies:
- neutron-db-sync
- rpc
files:
- neutron.conf
- ml2-conf.ini
- metadata-agent.ini
- metadata-agent-bootstrap.sh
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
ml2-conf.ini:
path: /etc/neutron/plugins/ml2/ml2_conf.ini
content: ml2_conf.ini.j2
perm: "0600"
metadata-agent.ini:
path: /etc/neutron/metadata-agent.ini
content: metadata-agent.ini.j2
perm: "0600"
metadata-agent-bootstrap.sh:
path: /tmp/metadata-agent-bootstrap.sh
content: metadata-agent-bootstrap.sh
perm: "0755"

35
service/neutron-openvswitch-agent.yaml
View File

@ -1,35 +0,0 @@
dsl_version: 0.1.0
service:
name: neutron-openvswitch-agent
kind: DaemonSet
hostNetwork: true
containers:
- name: neutron-openvswitch-agent
image: neutron-openvswitch-agent
privileged: true
volumes:
- name: ovs-socket
type: host
path: /run/openvswitch
- name: modules
type: host
path: /lib/modules
daemon:
command: neutron-openvswitch-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
dependencies:
- neutron-db-sync
- rpc
- notifications
- openvswitch-vswitchd:local
files:
- neutron.conf
- ml2-conf.ini
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
ml2-conf.ini:
path: /etc/neutron/plugins/ml2/ml2_conf.ini
content: ml2_conf.ini.j2
perm: "0600"

119
service/neutron-server.yaml
View File

@ -1,119 +0,0 @@
dsl_version: 0.4.0
service:
name: neutron-server
# {% if neutron.plugin_agent == "opendaylight" %}
hostNetwork: true
# {% endif %}
ports:
- {{ neutron.server_port }}
annotations:
service:
prometheus.io/probe: "true"
containers:
- name: neutron-server
image: neutron-server
pre:
- name: neutron-db-create
dependencies:
- database
type: single
command: mysql -u root -p{{ db.root_password }} -h {{ address("database") }} -e 'create database `{{ neutron.db.name }}`;
create user "{{ neutron.db.username }}"@"%" identified by "{{ neutron.db.password }}"
{% if db.tls.enabled %} require ssl {% endif %};
grant all privileges on `{{ neutron.db.name }}`.* to "{{ neutron.db.username }}"@"%" identified by "{{ neutron.db.password }}"
{% if db.tls.enabled %} require ssl {% endif %};'
- name: neutron-db-sync
type: single
command: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head
dependencies:
- rpc
- notifications
- neutron-db-create
files:
- neutron.conf
- ml2-conf.ini
- name: neutron-user-create
dependencies:
- keystone-create-domain
type: single
command: openstack user create --domain {{ service_account.domain }} --password {{ neutron.password }} {{ neutron.username }}
- name: neutron-role-add
dependencies:
- neutron-user-create
type: single
command: openstack role add --project {{ service_account.project }} --user {{ neutron.username }} admin
- name: neutron-service-create
dependencies:
- keystone
type: single
command: openstack service create --name neutron --description "OpenStack Networking" network
- name: neutron-public-endpoint-create
dependencies:
- neutron-service-create
type: single
command: openstack endpoint create --region RegionOne network public {{ address('neutron-server', neutron.server_port, external=True, with_scheme=True) }}
- name: neutron-internal-endpoint-create
dependencies:
- neutron-service-create
type: single
command: openstack endpoint create --region RegionOne network internal {{ address('neutron-server', neutron.server_port, with_scheme=True) }}
- name: neutron-admin-endpoint-create
dependencies:
- neutron-service-create
type: single
command: openstack endpoint create --region RegionOne network admin {{ address('neutron-server', neutron.server_port, with_scheme=True) }}
daemon:
command: neutron-server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
files:
- neutron.conf
- ml2-conf.ini
# {% if neutron.tls.enabled %}
- ca-cert
# {% endif %}
# {% if neutron.plugin_agent == "opendaylight" %}
dependencies:
- openvswitch-vswitchd
# {% endif %}
# {% if neutron.tls.enabled %}
- name: nginx-neutron-server
image: nginx
daemon:
files:
- servers
- server-cert
- server-key
- upstreams
command: nginx
# {% endif %}
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
ml2-conf.ini:
path: /etc/neutron/plugins/ml2/ml2_conf.ini
content: ml2_conf.ini.j2
perm: "0600"
# {% if neutron.tls.enabled %}
servers:
path: /etc/nginx/conf.d/servers.conf
content: nginx-neutron-server.conf.j2
perm: "0400"
upstreams:
path: /etc/nginx/conf.d/upstreams.conf
content: upstreams.conf.j2
perm: "0400"
server-cert:
path: /opt/ccp/etc/tls/server-cert.pem
content: server-cert.pem.j2
perm: "0400"
server-key:
path: /opt/ccp/etc/tls/server-key.pem
content: server-key.pem.j2
perm: "0400"
ca-cert:
path: /opt/ccp/etc/tls/ca.pem
content: ca-cert.pem.j2
perm: "0400"
# {% endif %}

34
service/neutron-sriov-nic-agent.yaml
View File

@ -1,34 +0,0 @@
dsl_version: 0.1.0
service:
name: neutron-sriov-nic-agent
kind: DaemonSet
hostNetwork: true
containers:
- name: neutron-sriov-nic-agent
image: neutron-sriov-nic-agent
privileged: true
volumes:
- name: ovs-socket
type: host
path: /run/openvswitch
- name: modules
type: host
path: /lib/modules
daemon:
command: neutron-sriov-nic-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/sriov_agent.ini
dependencies:
- neutron-db-sync
- rpc
- notifications
files:
- neutron.conf
- sriov_agent.ini
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
sriov_agent.ini:
path: /etc/neutron/plugins/ml2/sriov_agent.ini
content: sriov_agent.ini.j2
perm: "0600"

50
service/opendaylight.yaml
View File

@ -1,50 +0,0 @@
dsl_version: 0.1.0
service:
name: opendaylight
ports:
- {{ opendaylight.api_port }}
- {{ opendaylight.ovs_port }}
- {{ opendaylight.openflow_port1 }}
- {{ opendaylight.openflow_port2 }}
- {{ opendaylight.dlux_port }}
containers:
- name: opendaylight
image: opendaylight
probes:
readiness:
type: exec
command: /usr/local/bin/odl-wait-boot.sh
volumes:
- name: ovs-socket
type: host
path: /run/openvswitch
daemon:
command: ./bin/karaf
files:
- odl-wait-boot.sh
- org.apache.karaf.features.cfg
- org.ops4j.pax.logging.cfg
post:
- name: odl-set-admin-password
type: single
command: /tmp/odl-set-admin-password.sh
files:
- odl-set-admin-password.sh
files:
odl-wait-boot.sh:
path: /usr/local/bin/odl-wait-boot.sh
content: odl-wait-boot.sh.j2
perm: "0755"
odl-set-admin-password.sh:
path: /tmp/odl-set-admin-password.sh
content: odl-set-admin-password.sh.j2
perm: "0755"
org.apache.karaf.features.cfg:
path: /odl/etc/org.apache.karaf.features.cfg
content: org.apache.karaf.features.cfg.j2
perm: "0600"
org.ops4j.pax.logging.cfg:
path: /odl/etc/org.ops4j.pax.logging.cfg
content: org.ops4j.pax.logging.cfg.j2
perm: "0600"

24
service/openvswitch-db.yaml
View File

@ -1,24 +0,0 @@
dsl_version: 0.1.0
service:
name: openvswitch-db
kind: DaemonSet
hostNetwork: true
containers:
- name: openvswitch-db
image: openvswitch-db
volumes:
- name: ovs-socket
type: host
path: /run/openvswitch
pre:
- name: ovs-bootstrap
command: /opt/ccp/bin/openvswitch-db-bootstrap.sh
daemon:
command: "/usr/sbin/ovsdb-server /etc/openvswitch/conf.db -vconsole:{{ ovs_db.loglevel }} --remote=punix:/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options"
files:
- openvswitch-db-bootstrap.sh
files:
openvswitch-db-bootstrap.sh:
path: /opt/ccp/bin/openvswitch-db-bootstrap.sh
content: openvswitch-db-bootstrap.sh
perm: "0755"

82
service/openvswitch-vswitchd.yaml
View File

@ -1,82 +0,0 @@
dsl_version: 0.1.0
service:
name: openvswitch-vswitchd
kind: DaemonSet
hostNetwork: true
containers:
- name: openvswitch-vswitchd
image: openvswitch-vswitchd
privileged: true
# {% if neutron.plugin_agent == "opendaylight" %}
probes:
readiness:
type: exec
command: "ovs-vsctl list Bridge | grep br-int > /dev/null"
# {% endif %}
volumes:
- name: ovs-socket
type: host
path: /run/openvswitch
- name: modules
type: host
path: /lib/modules
# {% if True in neutron.physnets|map(attribute="dpdk") %}
- name: hugepages
type: host
path: /dev/hugepages
- name: dev
type: host
path: /dev
- name: sys
type: host
path: /sys
# {% endif %}
pre:
- name: vswitchd-bootstrap
command: modprobe openvswitch
- name: vswitchd-port-forwarding
command: echo 1 > /proc/sys/net/ipv4/ip_forward
- name: vswitchd-check-ovs-db
command: ovs-vsctl --no-wait show
dependencies:
- openvswitch-db:local
# {% if neutron.plugin_agent == "opendaylight" %}
- opendaylight
# {% endif %}
# {% if neutron.plugin_agent != "opendaylight" %}
- name: vswitchd-setup-ovs-bridge
command: /usr/local/bin/ovs-ensure-configured.sh
# {% endif %}
daemon:
command: /usr/sbin/ovs-vswitchd unix:/run/openvswitch/db.sock --mlockall
dependencies:
- openvswitch-db:local
# {% if neutron.plugin_agent == "opendaylight" %}
- opendaylight
# {% endif %}
files:
- ovs-ensure-configured.sh
- ovs-set-bridge-ip.sh
# {% if neutron.plugin_agent == "opendaylight" %}
- ovs-set-managed-by-odl.sh
# {% endif %}
post:
- name: ovs-set-bridge-ip
command: /usr/local/bin/ovs-set-bridge-ip.sh
# {% if neutron.plugin_agent == "opendaylight" %}
- name: ovs-set-managed-by-odl
command: /usr/local/bin/ovs-set-managed-by-odl.sh
# {% endif %}
files:
ovs-ensure-configured.sh:
path: /usr/local/bin/ovs-ensure-configured.sh
content: ovs-ensure-configured.sh.j2
perm: "0755"
ovs-set-managed-by-odl.sh:
path: /usr/local/bin/ovs-set-managed-by-odl.sh
content: ovs-set-managed-by-odl.sh.j2
perm: "0755"
ovs-set-bridge-ip.sh:
path: /usr/local/bin/ovs-set-bridge-ip.sh
content: ovs-set-bridge-ip.sh.j2
perm: "0755"

46
service/upgrade/default.yaml
View File

@ -1,46 +0,0 @@
upgrade:
name: upgrade-neutron
image: neutron-base
steps:
- name: backup
command: /opt/ccp/bin/backup.sh
files:
- backup-sh
volumes:
- name: backup-dir
path: /var/ccp/backup/neutron
type: host
readOnly: false
topology_key: backup
- name: expand
command: neutron-db-manage upgrade --expand
files:
- neutron.conf
- name: kill-server
type: kill-services
services: [neutron-server]
- name: contract
command: neutron-db-manage upgrade --contract
files:
- neutron.conf
- name: roll-server
type: rolling-upgrade
services: [neutron-server]
- name: roll-l2
type: rolling-upgrade
services: [neutron-openvswitch-agent]
- name: roll-agents
type: rolling-upgrade
services:
- neutron-l3-agent
- neutron-dhcp-agent
- neutron-metadata-agent
files:
neutron.conf:
path: /etc/neutron/neutron.conf
content: neutron.conf.j2
perm: "0600"
backup-sh:
path: /opt/ccp/bin/backup.sh
content: backup.sh.j2
perm: "500"

5
tools/yamllint.sh
View File

@ -1,5 +0,0 @@
#!/bin/bash
set -ex
workdir=$(dirname $0)
yamllint -c $workdir/yamllint.yaml $(find . -not -path '*/\.*' -type f -name '*.yaml')

21
tools/yamllint.yaml
View File

@ -1,21 +0,0 @@
extends: default
rules:
braces:
max-spaces-inside: 1
comments:
level: error
comments-indentation:
level: warning
document-end:
present: no
document-start:
level: error
present: no
empty-lines:
max: 1
max-start: 0
max-end: 0
line-length:
level: warning
max: 120

17
tox.ini
View File

@ -1,17 +0,0 @@
[tox]
minversion = 1.6
envlist = linters,bashate
skipsdist = True
[testenv:linters]
deps = yamllint
commands =
{toxinidir}/tools/yamllint.sh
[testenv:bashate]
deps = bashate>=0.2
whitelist_externals = bash
commands = bash -c "find {toxinidir} -type f -name '*.sh' -not -path '*/.tox/*' -print0 | xargs -0 bashate -v"
[testenv:venv]
commands = {posargs}