334 lines
8.3 KiB
Puppet
334 lines
8.3 KiB
Puppet
class openstack::neutron::params (
|
|
$api_port = 9696,
|
|
$bgp_port = 179,
|
|
$region_name = undef,
|
|
$service_name = 'openstack-neutron',
|
|
$bgp_router_id = undef,
|
|
$service_create = false,
|
|
$configure_endpoint = true,
|
|
$tunnel_csum = undef,
|
|
) { }
|
|
|
|
class openstack::neutron
|
|
inherits ::openstack::neutron::params {
|
|
|
|
include ::platform::params
|
|
include ::platform::amqp::params
|
|
|
|
include ::neutron::logging
|
|
|
|
class { '::neutron':
|
|
rabbit_use_ssl => $::platform::amqp::params::ssl_enabled,
|
|
default_transport_url => $::platform::amqp::params::transport_url,
|
|
}
|
|
}
|
|
|
|
|
|
define openstack::neutron::sdn::controller (
|
|
$transport,
|
|
$ip_address,
|
|
$port,
|
|
) {
|
|
include ::platform::params
|
|
include ::platform::network::oam::params
|
|
include ::platform::network::mgmt::params
|
|
|
|
$oam_interface = $::platform::network::oam::params::interface_name
|
|
$mgmt_subnet_network = $::platform::network::mgmt::params::subnet_network
|
|
$mgmt_subnet_prefixlen = $::platform::network::mgmt::params::subnet_prefixlen
|
|
$oam_address = $::platform::network::oam::params::controller_address
|
|
$system_type = $::platform::params::system_type
|
|
|
|
$mgmt_subnet = "${mgmt_subnet_network}/${mgmt_subnet_prefixlen}"
|
|
|
|
if $system_type == 'Standard' {
|
|
if $transport == 'tls' {
|
|
$firewall_proto_transport = 'tcp'
|
|
} else {
|
|
$firewall_proto_transport = $transport
|
|
}
|
|
|
|
platform::firewall::rule { $name:
|
|
service_name => $name,
|
|
table => 'nat',
|
|
chain => 'POSTROUTING',
|
|
proto => $firewall_proto_transport,
|
|
outiface => $oam_interface,
|
|
tosource => $oam_address,
|
|
destination => $ip_address,
|
|
host => $mgmt_subnet,
|
|
jump => 'SNAT',
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
class openstack::neutron::odl::params(
|
|
$username = undef,
|
|
$password= undef,
|
|
$url = undef,
|
|
$controller_config = {},
|
|
$port_binding_controller = undef,
|
|
) {}
|
|
|
|
class openstack::neutron::odl
|
|
inherits ::openstack::neutron::odl::params {
|
|
|
|
include ::platform::params
|
|
|
|
if $::platform::params::sdn_enabled {
|
|
create_resources('openstack::neutron::sdn::controller', $controller_config, {})
|
|
}
|
|
class {'::neutron::plugins::ml2::opendaylight':
|
|
odl_username => $username,
|
|
odl_password => $password,
|
|
odl_url => $url,
|
|
port_binding_controller => $port_binding_controller,
|
|
}
|
|
}
|
|
|
|
|
|
class openstack::neutron::bgp
|
|
inherits ::openstack::neutron::params {
|
|
|
|
if $bgp_router_id {
|
|
class {'::neutron::bgp':
|
|
bgp_router_id => $bgp_router_id,
|
|
}
|
|
|
|
class {'::neutron::services::bgpvpn':
|
|
}
|
|
|
|
exec { 'systemctl enable neutron-bgp-dragent.service':
|
|
command => "systemctl enable neutron-bgp-dragent.service",
|
|
}
|
|
|
|
exec { 'systemctl restart neutron-bgp-dragent.service':
|
|
command => "systemctl restart neutron-bgp-dragent.service",
|
|
}
|
|
|
|
file { '/etc/pmon.d/':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
|
|
file { "/etc/pmon.d/neutron-bgp-dragent.conf":
|
|
ensure => link,
|
|
target => "/etc/neutron/pmon/neutron-bgp-dragent.conf",
|
|
owner => 'root',
|
|
group => 'root',
|
|
}
|
|
} else {
|
|
exec { 'pmon-stop neutron-bgp-dragent':
|
|
command => "pmon-stop neutron-bgp-dragent",
|
|
} ->
|
|
exec { 'rm -f /etc/pmon.d/neutron-bgp-dragent.conf':
|
|
command => "rm -f /etc/pmon.d/neutron-bgp-dragent.conf",
|
|
} ->
|
|
exec { 'systemctl disable neutron-bgp-dragent.service':
|
|
command => "systemctl disable neutron-bgp-dragent.service",
|
|
} ->
|
|
exec { 'systemctl stop neutron-bgp-dragent.service':
|
|
command => "systemctl stop neutron-bgp-dragent.service",
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
class openstack::neutron::sfc (
|
|
$sfc_drivers = 'ovs',
|
|
$flowclassifier_drivers = 'ovs',
|
|
$sfc_quota_flow_classifier = undef,
|
|
$sfc_quota_port_chain = undef,
|
|
$sfc_quota_port_pair_group = undef,
|
|
$sfc_quota_port_pair = undef,
|
|
) inherits ::openstack::neutron::params {
|
|
|
|
if $sfc_drivers {
|
|
class {'::neutron::sfc':
|
|
sfc_drivers => $sfc_drivers,
|
|
flowclassifier_drivers => $flowclassifier_drivers,
|
|
quota_flow_classifier => $sfc_quota_flow_classifier,
|
|
quota_port_chain => $sfc_quota_port_chain,
|
|
quota_port_pair_group => $sfc_quota_port_pair_group,
|
|
quota_port_pair => $sfc_quota_port_pair,
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
class openstack::neutron::server {
|
|
|
|
include ::platform::params
|
|
if $::platform::params::init_database {
|
|
include ::neutron::db::postgresql
|
|
}
|
|
include ::neutron::plugins::ml2
|
|
|
|
include ::neutron::server::notifications
|
|
|
|
include ::neutron::keystone::authtoken
|
|
|
|
class { '::neutron::server':
|
|
api_workers => $::platform::params::eng_workers_by_2,
|
|
rpc_workers => $::platform::params::eng_workers_by_2,
|
|
sync_db => $::platform::params::init_database,
|
|
}
|
|
|
|
file { '/etc/neutron/api-paste.ini':
|
|
ensure => file,
|
|
mode => '0640',
|
|
}
|
|
|
|
Class['::neutron::server'] -> File['/etc/neutron/api-paste.ini']
|
|
|
|
include ::openstack::neutron::bgp
|
|
include ::openstack::neutron::odl
|
|
include ::openstack::neutron::sfc
|
|
}
|
|
|
|
|
|
class openstack::neutron::agents
|
|
inherits ::openstack::neutron::params {
|
|
|
|
include ::platform::kubernetes::params
|
|
|
|
if (str2bool($::disable_worker_services) or
|
|
$::platform::kubernetes::params::enabled) {
|
|
$pmon_ensure = absent
|
|
|
|
class {'::neutron::agents::l3':
|
|
enabled => false
|
|
}
|
|
class {'::neutron::agents::dhcp':
|
|
enabled => false
|
|
}
|
|
class {'::neutron::agents::metadata':
|
|
enabled => false,
|
|
}
|
|
class {'::neutron::agents::ml2::sriov':
|
|
enabled => false
|
|
}
|
|
class {'::neutron::agents::ml2::ovs':
|
|
enabled => false
|
|
}
|
|
} else {
|
|
$pmon_ensure = link
|
|
|
|
class {'::neutron::agents::metadata':
|
|
metadata_workers => $::platform::params::eng_workers_by_4
|
|
}
|
|
|
|
include ::neutron::agents::dhcp
|
|
include ::neutron::agents::l3
|
|
include ::neutron::agents::ml2::sriov
|
|
include ::neutron::agents::ml2::ovs
|
|
}
|
|
|
|
if $::platform::params::vswitch_type =~ '^ovs' {
|
|
# Ensure bridges and addresses are configured before agent is started
|
|
Platform::Vswitch::Ovs::Bridge<||> ~> Service['neutron-ovs-agent-service']
|
|
Platform::Vswitch::Ovs::Address<||> ~> Service['neutron-ovs-agent-service']
|
|
|
|
# Enable/disable tunnel checksum
|
|
neutron_agent_ovs {
|
|
'agent/tunnel_csum': value => $tunnel_csum;
|
|
}
|
|
}
|
|
|
|
file { "/etc/pmon.d/neutron-dhcp-agent.conf":
|
|
ensure => $pmon_ensure,
|
|
target => "/etc/neutron/pmon/neutron-dhcp-agent.conf",
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
|
|
file { "/etc/pmon.d/neutron-metadata-agent.conf":
|
|
ensure => $pmon_ensure,
|
|
target => "/etc/neutron/pmon/neutron-metadata-agent.conf",
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
|
|
file { "/etc/pmon.d/neutron-sriov-nic-agent.conf":
|
|
ensure => $pmon_ensure,
|
|
target => "/etc/neutron/pmon/neutron-sriov-nic-agent.conf",
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
}
|
|
|
|
|
|
class openstack::neutron::firewall
|
|
inherits ::openstack::neutron::params {
|
|
|
|
platform::firewall::rule { 'neutron-api':
|
|
service_name => 'neutron',
|
|
ports => $api_port,
|
|
}
|
|
|
|
if $bgp_router_id {
|
|
platform::firewall::rule { 'ryu-bgp-port':
|
|
service_name => 'neutron',
|
|
ports => $bgp_port,
|
|
}
|
|
} else {
|
|
platform::firewall::rule { 'ryu-bgp-port':
|
|
service_name => 'neutron',
|
|
ports => $bgp_port,
|
|
ensure => absent
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
|
|
class openstack::neutron::haproxy
|
|
inherits ::openstack::neutron::params {
|
|
|
|
platform::haproxy::proxy { 'neutron-restapi':
|
|
server_name => 's-neutron',
|
|
public_port => $api_port,
|
|
private_port => $api_port,
|
|
}
|
|
}
|
|
|
|
|
|
class openstack::neutron::api
|
|
inherits ::openstack::neutron::params {
|
|
|
|
include ::platform::params
|
|
|
|
if ($::openstack::neutron::params::service_create and
|
|
$::platform::params::init_keystone) {
|
|
|
|
include ::neutron::keystone::auth
|
|
}
|
|
|
|
if $::openstack::neutron::params::configure_endpoint {
|
|
include ::openstack::neutron::firewall
|
|
include ::openstack::neutron::haproxy
|
|
}
|
|
}
|
|
|
|
|
|
class openstack::neutron::server::reload {
|
|
platform::sm::restart {'neutron-server': }
|
|
}
|
|
|
|
|
|
class openstack::neutron::server::runtime {
|
|
include ::openstack::neutron
|
|
include ::openstack::neutron::server
|
|
include ::openstack::neutron::firewall
|
|
|
|
class {'::openstack::neutron::server::reload':
|
|
stage => post
|
|
}
|
|
}
|