Add networking-calico support

Add support for using networking-calico Neutron ML2 plugin instead of OVS. Change-Id: I4de5ed0d90a9c9494117803f81a33cd62a5a1163
2016-07-25 16:58:04 +02:00 · 2016-07-25 16:58:04 +02:00 · 926b815e79
parent 0055279752
commit 926b815e79
8 changed files with 116 additions and 0 deletions
--- a/docker/calico-dhcp-agent/Dockerfile.j2
+++ b/docker/calico-dhcp-agent/Dockerfile.j2
@ -0,0 +1,2 @@
+FROM {{ namespace }}/neutron-base:{{ tag }}
+MAINTAINER {{ maintainer }}
--- a/docker/calico-felix/Dockerfile.j2
+++ b/docker/calico-felix/Dockerfile.j2
@ -0,0 +1,2 @@
+FROM {{ namespace }}/neutron-base:{{ tag }}
+MAINTAINER {{ maintainer }}
--- a/docker/neutron-base/Dockerfile.j2
+++ b/docker/neutron-base/Dockerfile.j2
@ -11,9 +11,13 @@ RUN apt-get -y install --no-install-recommends \
        openvswitch-switch \
        uuid-runtime \
        mysql-client \
+        net-tools \
    && apt-get clean

 {{ copy_sources("openstack/neutron", "/neutron") }}
+{{ copy_sources("projectcalico/libcalico", "/libcalico") }}
+{{ copy_sources("projectcalico/calico", "/calico") }}
+{{ copy_sources("openstack/networking-calico", "/networking-calico") }}

 RUN cd /neutron \
    && useradd --user-group neutron \
@ -32,4 +36,12 @@ RUN usermod -a -G microservices neutron \
    && chmod 750 /etc/sudoers.d \
    && chmod 440 /etc/sudoers.d/neutron_sudoers

+RUN /var/lib/microservices/venv/bin/pip --no-cache-dir install --upgrade /libcalico \
+    && rm -rf /libcalico \
+    && mkdir -p /var/log/calico /etc/calico \
+    && /var/lib/microservices/venv/bin/pip --no-cache-dir install --upgrade /calico \
+    && rm -rf /calico \
+    && /var/lib/microservices/venv/bin/pip --no-cache-dir install --upgrade /networking-calico \
+    && rm -rf /networking-calico
+
 ENV PATH /var/lib/microservices/venv/bin:$PATH
--- a/service/calico-dhcp-agent.yaml
+++ b/service/calico-dhcp-agent.yaml
@ -0,0 +1,37 @@
+service:
+  name: calico-dhcp-agent
+  host-net: true
+  daemonset: true
+  containers:
+    - name: calico-dhcp-agent
+      image: calico-dhcp-agent
+      privileged: true
+      probes:
+        readiness: "true"
+        liveness: "true"
+      volumes:
+        - name: metadata-socket
+          type: host
+          path: /var/lib/neutron/ccp
+      daemon:
+        command: calico-dhcp-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini
+        dependencies:
+          - neutron-db-sync
+          - rabbitmq
+        files:
+          - neutron.conf
+          - ml2-conf.ini
+          - dnsmasq.conf
+files:
+  neutron.conf:
+    path: /etc/neutron/neutron.conf
+    content: neutron.conf.j2
+    perm: "0600"
+  ml2-conf.ini:
+    path: /etc/neutron/plugins/ml2/ml2_conf.ini
+    content: ml2_conf.ini.j2
+    perm: "0600"
+  dnsmasq.conf:
+    path: /etc/neutron/dnsmasq.conf
+    content: dnsmasq.conf.j2
+    perm: "0600"
--- a/service/calico-felix.yaml
+++ b/service/calico-felix.yaml
@ -0,0 +1,33 @@
+service:
+  name: calico-felix
+  host-net: true
+  daemonset: true
+  containers:
+    - name: calico-felix
+      image: calico-felix
+      privileged: true
+      probes:
+        readiness: "true"
+        liveness: "true"
+      daemon:
+        command: calico-felix --config-file=/etc/calico/felix.cfg
+        dependencies:
+          - neutron-db-sync
+          - neutron-server
+        files:
+          - neutron.conf
+          - ml2-conf.ini
+          - felix.cfg
+files:
+  neutron.conf:
+    path: /etc/neutron/neutron.conf
+    content: neutron.conf.j2
+    perm: "0600"
+  ml2-conf.ini:
+    path: /etc/neutron/plugins/ml2/ml2_conf.ini
+    content: ml2_conf.ini.j2
+    perm: "0600"
+  felix.cfg:
+    path: /etc/calico/felix.cfg
+    content: felix.cfg.j2
+    perm: "0600"
--- a/service/files/defaults.yaml
+++ b/service/files/defaults.yaml
@ -14,6 +14,9 @@ configs:
      connection: "unix:/run/openvswitch/db.sock"
    enable_lbaas: false
    enable_qos: false
+    calico:
+      etcd_host: "etcd-k8s"
+      etcd_port: 2379
  ovs_db:
    loglevel: "info"

@ -21,3 +24,12 @@ sources:
  openstack/neutron:
    git_url: https://github.com/openstack/neutron.git
    git_ref: stable/newton
+  projectcalico/calico:
+    git_url: https://github.com/projectcalico/felix.git
+    git_ref: 1.4.3
+  projectcalico/libcalico:
+    git_url: https://github.com/projectcalico/libcalico.git
+    git_ref: v0.17.0
+  openstack/networking-calico:
+    git_url: https://github.com/openstack/networking-calico.git
+    git_ref: master
--- a/service/files/felix.cfg.j2
+++ b/service/files/felix.cfg.j2
@ -0,0 +1,5 @@
+[global]
+MetadataPort = 8775
+MetadataAddr = nova-api
+EtcdAddr = {{ calico_etcd_host }}:{{ calico_etcd_port }}
+#FelixHostname = hostname
--- a/service/files/ml2_conf.ini.j2
+++ b/service/files/ml2_conf.ini.j2
@ -1,13 +1,20 @@
 # ml2_conf.ini
 [ml2]
 # Changing type_drivers after bootstrap can lead to database inconsistencies
+{% if neutron.plugin_agent == "calico" %}
+type_drivers = local, flat
+tenant_network_types = local
+{% else %}
 type_drivers = flat,vlan,vxlan
 tenant_network_types = vxlan
+{% endif %}

 {% if neutron.plugin_agent == "openvswitch" %}
 mechanism_drivers = openvswitch,l2population
 {% elif neutron.plugin_agent == "linuxbridge" %}
 mechanism_drivers = linuxbridge,l2population
+{% elif neutron.plugin_agent == "calico" %}
+mechanism_drivers = calico
 {% endif %}

 {% if neutron.enable_qos %}
@ -50,3 +57,9 @@ physical_interface_mappings = physnet1:{{ neutron.external_interface }}
 l2_population = true
 {% endif %}
 local_ip = {{ network_topology["private"]["address"] }}
+
+{% if neutron.plugin_agent == "calico" %}
+[calico]
+etcd_host = {{ neutron.calico.etcd_host }}
+etcd_port = {{ neutron.calico.etcd_port }}
+{% endif %}