Preparing to refactor lib/neutron to support Neutron as the default
network config. lib/neutron will be renamed internally and refined
to support a couple of specific configurations.
Change-Id: I0d3773d14c4c636a4b915734784e7241f4d15474
... | ... |
@@ -166,7 +166,7 @@ Scripts |
166 | 166 |
* `lib/ironic <lib/ironic.html>`__ |
167 | 167 |
* `lib/keystone <lib/keystone.html>`__ |
168 | 168 |
* `lib/ldap <lib/ldap.html>`__ |
169 |
-* `lib/neutron <lib/neutron.html>`__ |
|
169 |
+* `lib/neutron-legacy <lib/neutron-legacy.html>`__ |
|
170 | 170 |
* `lib/nova <lib/nova.html>`__ |
171 | 171 |
* `lib/oslo <lib/oslo.html>`__ |
172 | 172 |
* `lib/rpc\_backend <lib/rpc_backend.html>`__ |
... | ... |
@@ -49,7 +49,7 @@ source $TOP_DIR/functions |
49 | 49 |
source $TOP_DIR/openrc |
50 | 50 |
|
51 | 51 |
# Import neutron functions |
52 |
-source $TOP_DIR/lib/neutron |
|
52 |
+source $TOP_DIR/lib/neutron-legacy |
|
53 | 53 |
|
54 | 54 |
# If neutron is not enabled we exit with exitcode 55, which means exercise is skipped. |
55 | 55 |
neutron_plugin_check_adv_test_requirements || exit 55 |
39 | 39 |
deleted file mode 100755 |
... | ... |
@@ -1,1467 +0,0 @@ |
1 |
-#!/bin/bash |
|
2 |
-# |
|
3 |
-# lib/neutron |
|
4 |
-# functions - functions specific to neutron |
|
5 |
- |
|
6 |
-# Dependencies: |
|
7 |
-# ``functions`` file |
|
8 |
-# ``DEST`` must be defined |
|
9 |
-# ``STACK_USER`` must be defined |
|
10 |
- |
|
11 |
-# ``stack.sh`` calls the entry points in this order: |
|
12 |
-# |
|
13 |
-# - install_neutron_agent_packages |
|
14 |
-# - install_neutronclient |
|
15 |
-# - install_neutron |
|
16 |
-# - install_neutron_third_party |
|
17 |
-# - configure_neutron |
|
18 |
-# - init_neutron |
|
19 |
-# - configure_neutron_third_party |
|
20 |
-# - init_neutron_third_party |
|
21 |
-# - start_neutron_third_party |
|
22 |
-# - create_nova_conf_neutron |
|
23 |
-# - start_neutron_service_and_check |
|
24 |
-# - check_neutron_third_party_integration |
|
25 |
-# - start_neutron_agents |
|
26 |
-# - create_neutron_initial_network |
|
27 |
-# - setup_neutron_debug |
|
28 |
-# |
|
29 |
-# ``unstack.sh`` calls the entry points in this order: |
|
30 |
-# |
|
31 |
-# - teardown_neutron_debug |
|
32 |
-# - stop_neutron |
|
33 |
-# - stop_neutron_third_party |
|
34 |
-# - cleanup_neutron |
|
35 |
- |
|
36 |
-# Functions in lib/neutron are classified into the following categories: |
|
37 |
-# |
|
38 |
-# - entry points (called from stack.sh or unstack.sh) |
|
39 |
-# - internal functions |
|
40 |
-# - neutron exercises |
|
41 |
-# - 3rd party programs |
|
42 |
- |
|
43 |
- |
|
44 |
-# Neutron Networking |
|
45 |
-# ------------------ |
|
46 |
- |
|
47 |
-# Make sure that neutron is enabled in ``ENABLED_SERVICES``. If you want |
|
48 |
-# to run Neutron on this host, make sure that q-svc is also in |
|
49 |
-# ``ENABLED_SERVICES``. |
|
50 |
-# |
|
51 |
-# See "Neutron Network Configuration" below for additional variables |
|
52 |
-# that must be set in localrc for connectivity across hosts with |
|
53 |
-# Neutron. |
|
54 |
-# |
|
55 |
-# With Neutron networking the NETWORK_MANAGER variable is ignored. |
|
56 |
- |
|
57 |
-# Settings |
|
58 |
-# -------- |
|
59 |
- |
|
60 |
-# Timeout value in seconds to wait for IPv6 gateway configuration |
|
61 |
-GATEWAY_TIMEOUT=30 |
|
62 |
- |
|
63 |
- |
|
64 |
-# Neutron Network Configuration |
|
65 |
-# ----------------------------- |
|
66 |
- |
|
67 |
-# Subnet IP version |
|
68 |
-IP_VERSION=${IP_VERSION:-4} |
|
69 |
-# Validate IP_VERSION |
|
70 |
-if [[ $IP_VERSION != "4" ]] && [[ $IP_VERSION != "6" ]] && [[ $IP_VERSION != "4+6" ]]; then |
|
71 |
- die $LINENO "IP_VERSION must be either 4, 6, or 4+6" |
|
72 |
-fi |
|
73 |
-# Gateway and subnet defaults, in case they are not customized in localrc |
|
74 |
-NETWORK_GATEWAY=${NETWORK_GATEWAY:-10.0.0.1} |
|
75 |
-PUBLIC_NETWORK_GATEWAY=${PUBLIC_NETWORK_GATEWAY:-172.24.4.1} |
|
76 |
-PRIVATE_SUBNET_NAME=${PRIVATE_SUBNET_NAME:-"private-subnet"} |
|
77 |
-PUBLIC_SUBNET_NAME=${PUBLIC_SUBNET_NAME:-"public-subnet"} |
|
78 |
- |
|
79 |
-if is_ssl_enabled_service "neutron" || is_service_enabled tls-proxy; then |
|
80 |
- Q_PROTOCOL="https" |
|
81 |
-fi |
|
82 |
- |
|
83 |
-# Generate 40-bit IPv6 Global ID to comply with RFC 4193 |
|
84 |
-IPV6_GLOBAL_ID=`uuidgen | sed s/-//g | cut -c 23- | sed -e "s/\(..\)\(....\)\(....\)/\1:\2:\3/"` |
|
85 |
- |
|
86 |
-# IPv6 gateway and subnet defaults, in case they are not customized in localrc |
|
87 |
-IPV6_RA_MODE=${IPV6_RA_MODE:-slaac} |
|
88 |
-IPV6_ADDRESS_MODE=${IPV6_ADDRESS_MODE:-slaac} |
|
89 |
-IPV6_PUBLIC_SUBNET_NAME=${IPV6_PUBLIC_SUBNET_NAME:-ipv6-public-subnet} |
|
90 |
-IPV6_PRIVATE_SUBNET_NAME=${IPV6_PRIVATE_SUBNET_NAME:-ipv6-private-subnet} |
|
91 |
-FIXED_RANGE_V6=${FIXED_RANGE_V6:-fd$IPV6_GLOBAL_ID::/64} |
|
92 |
-IPV6_PRIVATE_NETWORK_GATEWAY=${IPV6_PRIVATE_NETWORK_GATEWAY:-fd$IPV6_GLOBAL_ID::1} |
|
93 |
-IPV6_PUBLIC_RANGE=${IPV6_PUBLIC_RANGE:-fe80:cafe:cafe::/64} |
|
94 |
-IPV6_PUBLIC_NETWORK_GATEWAY=${IPV6_PUBLIC_NETWORK_GATEWAY:-fe80:cafe:cafe::2} |
|
95 |
-# IPV6_ROUTER_GW_IP must be defined when IP_VERSION=4+6 as it cannot be |
|
96 |
-# obtained conventionally until the l3-agent has support for dual-stack |
|
97 |
-# TODO (john-davidge) Remove once l3-agent supports dual-stack |
|
98 |
-IPV6_ROUTER_GW_IP=${IPV6_ROUTER_GW_IP:-fe80:cafe:cafe::1} |
|
99 |
- |
|
100 |
-# Set up default directories |
|
101 |
-GITDIR["python-neutronclient"]=$DEST/python-neutronclient |
|
102 |
- |
|
103 |
- |
|
104 |
-NEUTRON_DIR=$DEST/neutron |
|
105 |
-NEUTRON_FWAAS_DIR=$DEST/neutron-fwaas |
|
106 |
-NEUTRON_LBAAS_DIR=$DEST/neutron-lbaas |
|
107 |
-NEUTRON_VPNAAS_DIR=$DEST/neutron-vpnaas |
|
108 |
-NEUTRON_AUTH_CACHE_DIR=${NEUTRON_AUTH_CACHE_DIR:-/var/cache/neutron} |
|
109 |
- |
|
110 |
-# Support entry points installation of console scripts |
|
111 |
-if [[ -d $NEUTRON_DIR/bin/neutron-server ]]; then |
|
112 |
- NEUTRON_BIN_DIR=$NEUTRON_DIR/bin |
|
113 |
-else |
|
114 |
- NEUTRON_BIN_DIR=$(get_python_exec_prefix) |
|
115 |
-fi |
|
116 |
- |
|
117 |
-NEUTRON_CONF_DIR=/etc/neutron |
|
118 |
-NEUTRON_CONF=$NEUTRON_CONF_DIR/neutron.conf |
|
119 |
-export NEUTRON_TEST_CONFIG_FILE=${NEUTRON_TEST_CONFIG_FILE:-"$NEUTRON_CONF_DIR/debug.ini"} |
|
120 |
- |
|
121 |
-# Agent binaries. Note, binary paths for other agents are set in per-service |
|
122 |
-# scripts in lib/neutron_plugins/services/ |
|
123 |
-AGENT_DHCP_BINARY="$NEUTRON_BIN_DIR/neutron-dhcp-agent" |
|
124 |
-AGENT_L3_BINARY=${AGENT_L3_BINARY:-"$NEUTRON_BIN_DIR/neutron-l3-agent"} |
|
125 |
-AGENT_META_BINARY="$NEUTRON_BIN_DIR/neutron-metadata-agent" |
|
126 |
- |
|
127 |
-# Agent config files. Note, plugin-specific Q_PLUGIN_CONF_FILE is set and |
|
128 |
-# loaded from per-plugin scripts in lib/neutron_plugins/ |
|
129 |
-Q_DHCP_CONF_FILE=$NEUTRON_CONF_DIR/dhcp_agent.ini |
|
130 |
-Q_L3_CONF_FILE=$NEUTRON_CONF_DIR/l3_agent.ini |
|
131 |
-Q_FWAAS_CONF_FILE=$NEUTRON_CONF_DIR/fwaas_driver.ini |
|
132 |
-Q_VPN_CONF_FILE=$NEUTRON_CONF_DIR/vpn_agent.ini |
|
133 |
-Q_META_CONF_FILE=$NEUTRON_CONF_DIR/metadata_agent.ini |
|
134 |
- |
|
135 |
-# Default name for Neutron database |
|
136 |
-Q_DB_NAME=${Q_DB_NAME:-neutron} |
|
137 |
-# Default Neutron Plugin |
|
138 |
-Q_PLUGIN=${Q_PLUGIN:-ml2} |
|
139 |
-# Default Neutron Port |
|
140 |
-Q_PORT=${Q_PORT:-9696} |
|
141 |
-# Default Neutron Internal Port when using TLS proxy |
|
142 |
-Q_PORT_INT=${Q_PORT_INT:-19696} |
|
143 |
-# Default Neutron Host |
|
144 |
-Q_HOST=${Q_HOST:-$SERVICE_HOST} |
|
145 |
-# Default protocol |
|
146 |
-Q_PROTOCOL=${Q_PROTOCOL:-$SERVICE_PROTOCOL} |
|
147 |
-# Default admin username |
|
148 |
-Q_ADMIN_USERNAME=${Q_ADMIN_USERNAME:-neutron} |
|
149 |
-# Default auth strategy |
|
150 |
-Q_AUTH_STRATEGY=${Q_AUTH_STRATEGY:-keystone} |
|
151 |
-# Use namespace or not |
|
152 |
-Q_USE_NAMESPACE=${Q_USE_NAMESPACE:-True} |
|
153 |
-# RHEL's support for namespaces requires using veths with ovs |
|
154 |
-Q_OVS_USE_VETH=${Q_OVS_USE_VETH:-False} |
|
155 |
-Q_USE_ROOTWRAP=${Q_USE_ROOTWRAP:-True} |
|
156 |
-Q_USE_ROOTWRAP_DAEMON=$(trueorfalse True Q_USE_ROOTWRAP_DAEMON) |
|
157 |
-# Meta data IP |
|
158 |
-Q_META_DATA_IP=${Q_META_DATA_IP:-$SERVICE_HOST} |
|
159 |
-# Allow Overlapping IP among subnets |
|
160 |
-Q_ALLOW_OVERLAPPING_IP=${Q_ALLOW_OVERLAPPING_IP:-True} |
|
161 |
-# Use neutron-debug command |
|
162 |
-Q_USE_DEBUG_COMMAND=${Q_USE_DEBUG_COMMAND:-False} |
|
163 |
-# The name of the default q-l3 router |
|
164 |
-Q_ROUTER_NAME=${Q_ROUTER_NAME:-router1} |
|
165 |
-# nova vif driver that all plugins should use |
|
166 |
-NOVA_VIF_DRIVER=${NOVA_VIF_DRIVER:-"nova.virt.libvirt.vif.LibvirtGenericVIFDriver"} |
|
167 |
-Q_NOTIFY_NOVA_PORT_STATUS_CHANGES=${Q_NOTIFY_NOVA_PORT_STATUS_CHANGES:-True} |
|
168 |
-Q_NOTIFY_NOVA_PORT_DATA_CHANGES=${Q_NOTIFY_NOVA_PORT_DATA_CHANGES:-True} |
|
169 |
-VIF_PLUGGING_IS_FATAL=${VIF_PLUGGING_IS_FATAL:-True} |
|
170 |
-VIF_PLUGGING_TIMEOUT=${VIF_PLUGGING_TIMEOUT:-300} |
|
171 |
-# Specify if the initial private and external networks should be created |
|
172 |
-NEUTRON_CREATE_INITIAL_NETWORKS=${NEUTRON_CREATE_INITIAL_NETWORKS:-True} |
|
173 |
- |
|
174 |
-## Provider Network Information |
|
175 |
-PROVIDER_SUBNET_NAME=${PROVIDER_SUBNET_NAME:-"provider_net"} |
|
176 |
- |
|
177 |
-# Use flat providernet for public network |
|
178 |
-# |
|
179 |
-# If Q_USE_PROVIDERNET_FOR_PUBLIC=True, use a flat provider network |
|
180 |
-# for external interface of neutron l3-agent. In that case, |
|
181 |
-# PUBLIC_PHYSICAL_NETWORK specifies provider:physical_network value |
|
182 |
-# used for the network. In case of ofagent, you should add the |
|
183 |
-# corresponding entry to your OFAGENT_PHYSICAL_INTERFACE_MAPPINGS. |
|
184 |
-# For openvswitch agent, you should add the corresponding entry to |
|
185 |
-# your OVS_BRIDGE_MAPPINGS. |
|
186 |
-# |
|
187 |
-# eg. (ofagent) |
|
188 |
-# Q_USE_PROVIDERNET_FOR_PUBLIC=True |
|
189 |
-# Q_USE_PUBLIC_VETH=True |
|
190 |
-# PUBLIC_PHYSICAL_NETWORK=public |
|
191 |
-# OFAGENT_PHYSICAL_INTERFACE_MAPPINGS=public:veth-pub-int |
|
192 |
-# |
|
193 |
-# eg. (openvswitch agent) |
|
194 |
-# Q_USE_PROVIDERNET_FOR_PUBLIC=True |
|
195 |
-# PUBLIC_PHYSICAL_NETWORK=public |
|
196 |
-# OVS_BRIDGE_MAPPINGS=public:br-ex |
|
197 |
-Q_USE_PROVIDERNET_FOR_PUBLIC=${Q_USE_PROVIDERNET_FOR_PUBLIC:-False} |
|
198 |
-PUBLIC_PHYSICAL_NETWORK=${PUBLIC_PHYSICAL_NETWORK:-public} |
|
199 |
- |
|
200 |
-# If Q_USE_PUBLIC_VETH=True, create and use a veth pair instead of |
|
201 |
-# PUBLIC_BRIDGE. This is intended to be used with |
|
202 |
-# Q_USE_PROVIDERNET_FOR_PUBLIC=True. |
|
203 |
-Q_USE_PUBLIC_VETH=${Q_USE_PUBLIC_VETH:-False} |
|
204 |
-Q_PUBLIC_VETH_EX=${Q_PUBLIC_VETH_EX:-veth-pub-ex} |
|
205 |
-Q_PUBLIC_VETH_INT=${Q_PUBLIC_VETH_INT:-veth-pub-int} |
|
206 |
- |
|
207 |
-# The next two variables are configured by plugin |
|
208 |
-# e.g. _configure_neutron_l3_agent or lib/neutron_plugins/* |
|
209 |
-# |
|
210 |
-# The plugin supports L3. |
|
211 |
-Q_L3_ENABLED=${Q_L3_ENABLED:-False} |
|
212 |
-# L3 routers exist per tenant |
|
213 |
-Q_L3_ROUTER_PER_TENANT=${Q_L3_ROUTER_PER_TENANT:-False} |
|
214 |
- |
|
215 |
-# List of config file names in addition to the main plugin config file |
|
216 |
-# See _configure_neutron_common() for details about setting it up |
|
217 |
-declare -a Q_PLUGIN_EXTRA_CONF_FILES |
|
218 |
- |
|
219 |
-# List of (optional) config files for VPN device drivers to use with |
|
220 |
-# the neutron-q-vpn agent |
|
221 |
-declare -a Q_VPN_EXTRA_CONF_FILES |
|
222 |
- |
|
223 |
- |
|
224 |
-Q_RR_CONF_FILE=$NEUTRON_CONF_DIR/rootwrap.conf |
|
225 |
-if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then |
|
226 |
- Q_RR_COMMAND="sudo" |
|
227 |
-else |
|
228 |
- NEUTRON_ROOTWRAP=$(get_rootwrap_location neutron) |
|
229 |
- Q_RR_COMMAND="sudo $NEUTRON_ROOTWRAP $Q_RR_CONF_FILE" |
|
230 |
- if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
231 |
- Q_RR_DAEMON_COMMAND="sudo $NEUTRON_ROOTWRAP-daemon $Q_RR_CONF_FILE" |
|
232 |
- fi |
|
233 |
-fi |
|
234 |
- |
|
235 |
- |
|
236 |
-# Distributed Virtual Router (DVR) configuration |
|
237 |
-# Can be: |
|
238 |
-# - ``legacy`` - No DVR functionality |
|
239 |
-# - ``dvr_snat`` - Controller or single node DVR |
|
240 |
-# - ``dvr`` - Compute node in multi-node DVR |
|
241 |
-# |
|
242 |
-Q_DVR_MODE=${Q_DVR_MODE:-legacy} |
|
243 |
-if [[ "$Q_DVR_MODE" != "legacy" ]]; then |
|
244 |
- Q_ML2_PLUGIN_MECHANISM_DRIVERS=openvswitch,linuxbridge,l2population |
|
245 |
-fi |
|
246 |
- |
|
247 |
-# Provider Network Configurations |
|
248 |
-# -------------------------------- |
|
249 |
- |
|
250 |
-# The following variables control the Neutron ML2 plugins' allocation |
|
251 |
-# of tenant networks and availability of provider networks. If these |
|
252 |
-# are not configured in ``localrc``, tenant networks will be local to |
|
253 |
-# the host (with no remote connectivity), and no physical resources |
|
254 |
-# will be available for the allocation of provider networks. |
|
255 |
- |
|
256 |
-# To disable tunnels (GRE or VXLAN) for tenant networks, |
|
257 |
-# set to False in ``local.conf``. |
|
258 |
-# GRE tunnels are only supported by the openvswitch. |
|
259 |
-ENABLE_TENANT_TUNNELS=${ENABLE_TENANT_TUNNELS:-True} |
|
260 |
- |
|
261 |
-# If using GRE tunnels for tenant networks, specify the range of |
|
262 |
-# tunnel IDs from which tenant networks are allocated. Can be |
|
263 |
-# overriden in ``localrc`` in necesssary. |
|
264 |
-TENANT_TUNNEL_RANGES=${TENANT_TUNNEL_RANGES:-1:1000} |
|
265 |
- |
|
266 |
-# To use VLANs for tenant networks, set to True in localrc. VLANs |
|
267 |
-# are supported by the ML2 plugins, requiring additional configuration |
|
268 |
-# described below. |
|
269 |
-ENABLE_TENANT_VLANS=${ENABLE_TENANT_VLANS:-False} |
|
270 |
- |
|
271 |
-# If using VLANs for tenant networks, set in ``localrc`` to specify |
|
272 |
-# the range of VLAN VIDs from which tenant networks are |
|
273 |
-# allocated. An external network switch must be configured to |
|
274 |
-# trunk these VLANs between hosts for multi-host connectivity. |
|
275 |
-# |
|
276 |
-# Example: ``TENANT_VLAN_RANGE=1000:1999`` |
|
277 |
-TENANT_VLAN_RANGE=${TENANT_VLAN_RANGE:-} |
|
278 |
- |
|
279 |
-# If using VLANs for tenant networks, or if using flat or VLAN |
|
280 |
-# provider networks, set in ``localrc`` to the name of the physical |
|
281 |
-# network, and also configure ``OVS_PHYSICAL_BRIDGE`` for the |
|
282 |
-# openvswitch agent or ``LB_PHYSICAL_INTERFACE`` for the linuxbridge |
|
283 |
-# agent, as described below. |
|
284 |
-# |
|
285 |
-# Example: ``PHYSICAL_NETWORK=default`` |
|
286 |
-PHYSICAL_NETWORK=${PHYSICAL_NETWORK:-} |
|
287 |
- |
|
288 |
-# With the openvswitch agent, if using VLANs for tenant networks, |
|
289 |
-# or if using flat or VLAN provider networks, set in ``localrc`` to |
|
290 |
-# the name of the OVS bridge to use for the physical network. The |
|
291 |
-# bridge will be created if it does not already exist, but a |
|
292 |
-# physical interface must be manually added to the bridge as a |
|
293 |
-# port for external connectivity. |
|
294 |
-# |
|
295 |
-# Example: ``OVS_PHYSICAL_BRIDGE=br-eth1`` |
|
296 |
-OVS_PHYSICAL_BRIDGE=${OVS_PHYSICAL_BRIDGE:-} |
|
297 |
- |
|
298 |
-# With the linuxbridge agent, if using VLANs for tenant networks, |
|
299 |
-# or if using flat or VLAN provider networks, set in ``localrc`` to |
|
300 |
-# the name of the network interface to use for the physical |
|
301 |
-# network. |
|
302 |
-# |
|
303 |
-# Example: ``LB_PHYSICAL_INTERFACE=eth1`` |
|
304 |
-LB_PHYSICAL_INTERFACE=${LB_PHYSICAL_INTERFACE:-} |
|
305 |
- |
|
306 |
-# When Neutron tunnels are enabled it is needed to specify the |
|
307 |
-# IP address of the end point in the local server. This IP is set |
|
308 |
-# by default to the same IP address that the HOST IP. |
|
309 |
-# This variable can be used to specify a different end point IP address |
|
310 |
-# Example: ``TUNNEL_ENDPOINT_IP=1.1.1.1`` |
|
311 |
-TUNNEL_ENDPOINT_IP=${TUNNEL_ENDPOINT_IP:-$HOST_IP} |
|
312 |
- |
|
313 |
-# With the openvswitch plugin, set to True in ``localrc`` to enable |
|
314 |
-# provider GRE tunnels when ``ENABLE_TENANT_TUNNELS`` is False. |
|
315 |
-# |
|
316 |
-# Example: ``OVS_ENABLE_TUNNELING=True`` |
|
317 |
-OVS_ENABLE_TUNNELING=${OVS_ENABLE_TUNNELING:-$ENABLE_TENANT_TUNNELS} |
|
318 |
- |
|
319 |
-# Use DHCP agent for providing metadata service in the case of |
|
320 |
-# without L3 agent (No Route Agent), set to True in localrc. |
|
321 |
-ENABLE_ISOLATED_METADATA=${ENABLE_ISOLATED_METADATA:-False} |
|
322 |
- |
|
323 |
-# Add a static route as dhcp option, so the request to 169.254.169.254 |
|
324 |
-# will be able to reach through a route(DHCP agent) |
|
325 |
-# This option require ENABLE_ISOLATED_METADATA = True |
|
326 |
-ENABLE_METADATA_NETWORK=${ENABLE_METADATA_NETWORK:-False} |
|
327 |
-# Neutron plugin specific functions |
|
328 |
-# --------------------------------- |
|
329 |
- |
|
330 |
-# Please refer to ``lib/neutron_plugins/README.md`` for details. |
|
331 |
-source $TOP_DIR/lib/neutron_plugins/$Q_PLUGIN |
|
332 |
- |
|
333 |
-# Agent loadbalancer service plugin functions |
|
334 |
-# ------------------------------------------- |
|
335 |
- |
|
336 |
-# Hardcoding for 1 service plugin for now |
|
337 |
-source $TOP_DIR/lib/neutron_plugins/services/loadbalancer |
|
338 |
- |
|
339 |
-# Agent metering service plugin functions |
|
340 |
-# ------------------------------------------- |
|
341 |
- |
|
342 |
-# Hardcoding for 1 service plugin for now |
|
343 |
-source $TOP_DIR/lib/neutron_plugins/services/metering |
|
344 |
- |
|
345 |
-# VPN service plugin functions |
|
346 |
-# ------------------------------------------- |
|
347 |
-# Hardcoding for 1 service plugin for now |
|
348 |
-source $TOP_DIR/lib/neutron_plugins/services/vpn |
|
349 |
- |
|
350 |
-# Firewall Service Plugin functions |
|
351 |
-# --------------------------------- |
|
352 |
-source $TOP_DIR/lib/neutron_plugins/services/firewall |
|
353 |
- |
|
354 |
-# Use security group or not |
|
355 |
-if has_neutron_plugin_security_group; then |
|
356 |
- Q_USE_SECGROUP=${Q_USE_SECGROUP:-True} |
|
357 |
-else |
|
358 |
- Q_USE_SECGROUP=False |
|
359 |
-fi |
|
360 |
- |
|
361 |
-# Tell Tempest this project is present |
|
362 |
-TEMPEST_SERVICES+=,neutron |
|
363 |
- |
|
364 |
- |
|
365 |
-# Save trace setting |
|
366 |
-XTRACE=$(set +o | grep xtrace) |
|
367 |
-set +o xtrace |
|
368 |
- |
|
369 |
- |
|
370 |
-# Functions |
|
371 |
-# --------- |
|
372 |
- |
|
373 |
-function _determine_config_server { |
|
374 |
- local cfg_file |
|
375 |
- local opts="--config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE" |
|
376 |
- for cfg_file in ${Q_PLUGIN_EXTRA_CONF_FILES[@]}; do |
|
377 |
- opts+=" --config-file /$cfg_file" |
|
378 |
- done |
|
379 |
- echo "$opts" |
|
380 |
-} |
|
381 |
- |
|
382 |
-function _determine_config_vpn { |
|
383 |
- local cfg_file |
|
384 |
- local opts="--config-file $NEUTRON_CONF --config-file=$Q_L3_CONF_FILE --config-file=$Q_VPN_CONF_FILE" |
|
385 |
- if is_service_enabled q-fwaas; then |
|
386 |
- opts+=" --config-file $Q_FWAAS_CONF_FILE" |
|
387 |
- fi |
|
388 |
- for cfg_file in ${Q_VPN_EXTRA_CONF_FILES[@]}; do |
|
389 |
- opts+=" --config-file $cfg_file" |
|
390 |
- done |
|
391 |
- echo "$opts" |
|
392 |
- |
|
393 |
-} |
|
394 |
- |
|
395 |
-function _determine_config_l3 { |
|
396 |
- local opts="--config-file $NEUTRON_CONF --config-file=$Q_L3_CONF_FILE" |
|
397 |
- if is_service_enabled q-fwaas; then |
|
398 |
- opts+=" --config-file $Q_FWAAS_CONF_FILE" |
|
399 |
- fi |
|
400 |
- echo "$opts" |
|
401 |
-} |
|
402 |
- |
|
403 |
-# For services and agents that require it, dynamically construct a list of |
|
404 |
-# --config-file arguments that are passed to the binary. |
|
405 |
-function determine_config_files { |
|
406 |
- local opts="" |
|
407 |
- case "$1" in |
|
408 |
- "neutron-server") opts="$(_determine_config_server)" ;; |
|
409 |
- "neutron-vpn-agent") opts="$(_determine_config_vpn)" ;; |
|
410 |
- "neutron-l3-agent") opts="$(_determine_config_l3)" ;; |
|
411 |
- esac |
|
412 |
- if [ -z "$opts" ] ; then |
|
413 |
- die $LINENO "Could not determine config files for $1." |
|
414 |
- fi |
|
415 |
- echo "$opts" |
|
416 |
-} |
|
417 |
- |
|
418 |
-# Test if any Neutron services are enabled |
|
419 |
-# is_neutron_enabled |
|
420 |
-function is_neutron_enabled { |
|
421 |
- [[ ,${ENABLED_SERVICES} =~ ,"q-" ]] && return 0 |
|
422 |
- return 1 |
|
423 |
-} |
|
424 |
- |
|
425 |
-# configure_neutron() |
|
426 |
-# Set common config for all neutron server and agents. |
|
427 |
-function configure_neutron { |
|
428 |
- _configure_neutron_common |
|
429 |
- iniset_rpc_backend neutron $NEUTRON_CONF |
|
430 |
- |
|
431 |
- # goes before q-svc to init Q_SERVICE_PLUGIN_CLASSES |
|
432 |
- if is_service_enabled q-lbaas; then |
|
433 |
- _configure_neutron_lbaas |
|
434 |
- fi |
|
435 |
- if is_service_enabled q-metering; then |
|
436 |
- _configure_neutron_metering |
|
437 |
- fi |
|
438 |
- if is_service_enabled q-vpn; then |
|
439 |
- _configure_neutron_vpn |
|
440 |
- fi |
|
441 |
- if is_service_enabled q-fwaas; then |
|
442 |
- _configure_neutron_fwaas |
|
443 |
- fi |
|
444 |
- if is_service_enabled q-agt q-svc; then |
|
445 |
- _configure_neutron_service |
|
446 |
- fi |
|
447 |
- if is_service_enabled q-agt; then |
|
448 |
- _configure_neutron_plugin_agent |
|
449 |
- fi |
|
450 |
- if is_service_enabled q-dhcp; then |
|
451 |
- _configure_neutron_dhcp_agent |
|
452 |
- fi |
|
453 |
- if is_service_enabled q-l3; then |
|
454 |
- _configure_neutron_l3_agent |
|
455 |
- fi |
|
456 |
- if is_service_enabled q-meta; then |
|
457 |
- _configure_neutron_metadata_agent |
|
458 |
- fi |
|
459 |
- |
|
460 |
- if [[ "$Q_DVR_MODE" != "legacy" ]]; then |
|
461 |
- _configure_dvr |
|
462 |
- fi |
|
463 |
- if is_service_enabled ceilometer; then |
|
464 |
- _configure_neutron_ceilometer_notifications |
|
465 |
- fi |
|
466 |
- |
|
467 |
- _configure_neutron_debug_command |
|
468 |
-} |
|
469 |
- |
|
470 |
-function create_nova_conf_neutron { |
|
471 |
- iniset $NOVA_CONF DEFAULT network_api_class "nova.network.neutronv2.api.API" |
|
472 |
- iniset $NOVA_CONF neutron admin_username "$Q_ADMIN_USERNAME" |
|
473 |
- iniset $NOVA_CONF neutron admin_password "$SERVICE_PASSWORD" |
|
474 |
- iniset $NOVA_CONF neutron admin_auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v2.0" |
|
475 |
- iniset $NOVA_CONF neutron auth_strategy "$Q_AUTH_STRATEGY" |
|
476 |
- iniset $NOVA_CONF neutron admin_tenant_name "$SERVICE_TENANT_NAME" |
|
477 |
- iniset $NOVA_CONF neutron region_name "$REGION_NAME" |
|
478 |
- iniset $NOVA_CONF neutron url "${Q_PROTOCOL}://$Q_HOST:$Q_PORT" |
|
479 |
- |
|
480 |
- if [[ "$Q_USE_SECGROUP" == "True" ]]; then |
|
481 |
- LIBVIRT_FIREWALL_DRIVER=nova.virt.firewall.NoopFirewallDriver |
|
482 |
- iniset $NOVA_CONF DEFAULT firewall_driver $LIBVIRT_FIREWALL_DRIVER |
|
483 |
- iniset $NOVA_CONF DEFAULT security_group_api neutron |
|
484 |
- fi |
|
485 |
- |
|
486 |
- # set NOVA_VIF_DRIVER and optionally set options in nova_conf |
|
487 |
- neutron_plugin_create_nova_conf |
|
488 |
- |
|
489 |
- iniset $NOVA_CONF libvirt vif_driver "$NOVA_VIF_DRIVER" |
|
490 |
- iniset $NOVA_CONF DEFAULT linuxnet_interface_driver "$LINUXNET_VIF_DRIVER" |
|
491 |
- if is_service_enabled q-meta; then |
|
492 |
- iniset $NOVA_CONF neutron service_metadata_proxy "True" |
|
493 |
- fi |
|
494 |
- |
|
495 |
- iniset $NOVA_CONF DEFAULT vif_plugging_is_fatal "$VIF_PLUGGING_IS_FATAL" |
|
496 |
- iniset $NOVA_CONF DEFAULT vif_plugging_timeout "$VIF_PLUGGING_TIMEOUT" |
|
497 |
-} |
|
498 |
- |
|
499 |
-# create_neutron_cache_dir() - Part of the _neutron_setup_keystone() process |
|
500 |
-function create_neutron_cache_dir { |
|
501 |
- # Create cache dir |
|
502 |
- sudo install -d -o $STACK_USER $NEUTRON_AUTH_CACHE_DIR |
|
503 |
- rm -f $NEUTRON_AUTH_CACHE_DIR/* |
|
504 |
-} |
|
505 |
- |
|
506 |
-# create_neutron_accounts() - Set up common required neutron accounts |
|
507 |
- |
|
508 |
-# Tenant User Roles |
|
509 |
-# ------------------------------------------------------------------ |
|
510 |
-# service neutron admin # if enabled |
|
511 |
- |
|
512 |
-# Migrated from keystone_data.sh |
|
513 |
-function create_neutron_accounts { |
|
514 |
- if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then |
|
515 |
- |
|
516 |
- create_service_user "neutron" |
|
517 |
- |
|
518 |
- if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
|
519 |
- |
|
520 |
- local neutron_service=$(get_or_create_service "neutron" \ |
|
521 |
- "network" "Neutron Service") |
|
522 |
- get_or_create_endpoint $neutron_service \ |
|
523 |
- "$REGION_NAME" \ |
|
524 |
- "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \ |
|
525 |
- "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \ |
|
526 |
- "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" |
|
527 |
- fi |
|
528 |
- fi |
|
529 |
-} |
|
530 |
- |
|
531 |
-function create_neutron_initial_network { |
|
532 |
- TENANT_ID=$(openstack project list | grep " demo " | get_field 1) |
|
533 |
- die_if_not_set $LINENO TENANT_ID "Failure retrieving TENANT_ID for demo" |
|
534 |
- |
|
535 |
- # Allow drivers that need to create an initial network to do so here |
|
536 |
- if type -p neutron_plugin_create_initial_network_profile > /dev/null; then |
|
537 |
- neutron_plugin_create_initial_network_profile $PHYSICAL_NETWORK |
|
538 |
- fi |
|
539 |
- |
|
540 |
- if is_provider_network; then |
|
541 |
- die_if_not_set $LINENO PHYSICAL_NETWORK "You must specify the PHYSICAL_NETWORK" |
|
542 |
- die_if_not_set $LINENO PROVIDER_NETWORK_TYPE "You must specifiy the PROVIDER_NETWORK_TYPE" |
|
543 |
- NET_ID=$(neutron net-create $PHYSICAL_NETWORK --tenant_id $TENANT_ID --provider:network_type $PROVIDER_NETWORK_TYPE --provider:physical_network "$PHYSICAL_NETWORK" ${SEGMENTATION_ID:+--provider:segmentation_id $SEGMENTATION_ID} --shared | grep ' id ' | get_field 2) |
|
544 |
- die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PHYSICAL_NETWORK $TENANT_ID" |
|
545 |
- |
|
546 |
- if [[ "$IP_VERSION" =~ 4.* ]]; then |
|
547 |
- SUBNET_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 4 ${ALLOCATION_POOL:+--allocation-pool $ALLOCATION_POOL} --name $PROVIDER_SUBNET_NAME --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE | grep ' id ' | get_field 2) |
|
548 |
- die_if_not_set $LINENO SUBNET_ID "Failure creating SUBNET_ID for $PROVIDER_SUBNET_NAME $TENANT_ID" |
|
549 |
- fi |
|
550 |
- |
|
551 |
- if [[ "$IP_VERSION" =~ .*6 ]]; then |
|
552 |
- SUBNET_V6_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 6 --ipv6-address-mode slaac --gateway $V6_NETWORK_GATEWAY --name $PROVIDER_SUBNET_NAME_V6 $NET_ID $FIXED_RANGE_V6 | grep 'id' | get_field 2) |
|
553 |
- die_if_not_set $LINENO SUBNET_V6_ID "Failure creating SUBNET_V6_ID for $PROVIDER_SUBNET_NAME_V6 $TENANT_ID" |
|
554 |
- fi |
|
555 |
- |
|
556 |
- sudo ip link set $OVS_PHYSICAL_BRIDGE up |
|
557 |
- sudo ip link set br-int up |
|
558 |
- sudo ip link set $PUBLIC_INTERFACE up |
|
559 |
- else |
|
560 |
- NET_ID=$(neutron net-create --tenant-id $TENANT_ID "$PRIVATE_NETWORK_NAME" | grep ' id ' | get_field 2) |
|
561 |
- die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PRIVATE_NETWORK_NAME $TENANT_ID" |
|
562 |
- |
|
563 |
- if [[ "$IP_VERSION" =~ 4.* ]]; then |
|
564 |
- # Create IPv4 private subnet |
|
565 |
- SUBNET_ID=$(_neutron_create_private_subnet_v4) |
|
566 |
- fi |
|
567 |
- |
|
568 |
- if [[ "$IP_VERSION" =~ .*6 ]]; then |
|
569 |
- # Create IPv6 private subnet |
|
570 |
- IPV6_SUBNET_ID=$(_neutron_create_private_subnet_v6) |
|
571 |
- fi |
|
572 |
- fi |
|
573 |
- |
|
574 |
- if [[ "$Q_L3_ENABLED" == "True" ]]; then |
|
575 |
- # Create a router, and add the private subnet as one of its interfaces |
|
576 |
- if [[ "$Q_L3_ROUTER_PER_TENANT" == "True" ]]; then |
|
577 |
- # create a tenant-owned router. |
|
578 |
- ROUTER_ID=$(neutron router-create --tenant-id $TENANT_ID $Q_ROUTER_NAME | grep ' id ' | get_field 2) |
|
579 |
- die_if_not_set $LINENO ROUTER_ID "Failure creating ROUTER_ID for $TENANT_ID $Q_ROUTER_NAME" |
|
580 |
- else |
|
581 |
- # Plugin only supports creating a single router, which should be admin owned. |
|
582 |
- ROUTER_ID=$(neutron router-create $Q_ROUTER_NAME | grep ' id ' | get_field 2) |
|
583 |
- die_if_not_set $LINENO ROUTER_ID "Failure creating ROUTER_ID for $Q_ROUTER_NAME" |
|
584 |
- fi |
|
585 |
- |
|
586 |
- # Create an external network, and a subnet. Configure the external network as router gw |
|
587 |
- if [ "$Q_USE_PROVIDERNET_FOR_PUBLIC" = "True" ]; then |
|
588 |
- EXT_NET_ID=$(neutron net-create "$PUBLIC_NETWORK_NAME" -- --router:external=True --provider:network_type=flat --provider:physical_network=${PUBLIC_PHYSICAL_NETWORK} | grep ' id ' | get_field 2) |
|
589 |
- else |
|
590 |
- EXT_NET_ID=$(neutron net-create "$PUBLIC_NETWORK_NAME" -- --router:external=True | grep ' id ' | get_field 2) |
|
591 |
- fi |
|
592 |
- die_if_not_set $LINENO EXT_NET_ID "Failure creating EXT_NET_ID for $PUBLIC_NETWORK_NAME" |
|
593 |
- |
|
594 |
- if [[ "$IP_VERSION" =~ 4.* ]]; then |
|
595 |
- # Configure router for IPv4 public access |
|
596 |
- _neutron_configure_router_v4 |
|
597 |
- fi |
|
598 |
- |
|
599 |
- if [[ "$IP_VERSION" =~ .*6 ]]; then |
|
600 |
- # Configure router for IPv6 public access |
|
601 |
- _neutron_configure_router_v6 |
|
602 |
- fi |
|
603 |
- fi |
|
604 |
-} |
|
605 |
- |
|
606 |
-# init_neutron() - Initialize databases, etc. |
|
607 |
-function init_neutron { |
|
608 |
- recreate_database $Q_DB_NAME |
|
609 |
- # Run Neutron db migrations |
|
610 |
- $NEUTRON_BIN_DIR/neutron-db-manage --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE upgrade head |
|
611 |
- for svc in fwaas lbaas vpnaas; do |
|
612 |
- if [ "$svc" = "vpnaas" ]; then |
|
613 |
- q_svc="q-vpn" |
|
614 |
- else |
|
615 |
- q_svc="q-$svc" |
|
616 |
- fi |
|
617 |
- if is_service_enabled $q_svc; then |
|
618 |
- $NEUTRON_BIN_DIR/neutron-db-manage --service $svc --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE upgrade head |
|
619 |
- fi |
|
620 |
- done |
|
621 |
-} |
|
622 |
- |
|
623 |
-# install_neutron() - Collect source and prepare |
|
624 |
-function install_neutron { |
|
625 |
- git_clone $NEUTRON_REPO $NEUTRON_DIR $NEUTRON_BRANCH |
|
626 |
- setup_develop $NEUTRON_DIR |
|
627 |
- if is_service_enabled q-fwaas; then |
|
628 |
- git_clone $NEUTRON_FWAAS_REPO $NEUTRON_FWAAS_DIR $NEUTRON_FWAAS_BRANCH |
|
629 |
- setup_develop $NEUTRON_FWAAS_DIR |
|
630 |
- fi |
|
631 |
- if is_service_enabled q-lbaas; then |
|
632 |
- git_clone $NEUTRON_LBAAS_REPO $NEUTRON_LBAAS_DIR $NEUTRON_LBAAS_BRANCH |
|
633 |
- setup_develop $NEUTRON_LBAAS_DIR |
|
634 |
- fi |
|
635 |
- if is_service_enabled q-vpn; then |
|
636 |
- git_clone $NEUTRON_VPNAAS_REPO $NEUTRON_VPNAAS_DIR $NEUTRON_VPNAAS_BRANCH |
|
637 |
- setup_develop $NEUTRON_VPNAAS_DIR |
|
638 |
- fi |
|
639 |
- |
|
640 |
- if [ "$VIRT_DRIVER" == 'xenserver' ]; then |
|
641 |
- local dom0_ip |
|
642 |
- dom0_ip=$(echo "$XENAPI_CONNECTION_URL" | cut -d "/" -f 3-) |
|
643 |
- |
|
644 |
- local ssh_dom0 |
|
645 |
- ssh_dom0="sudo -u $DOMZERO_USER ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@$dom0_ip" |
|
646 |
- |
|
647 |
- # Find where the plugins should go in dom0 |
|
648 |
- local xen_functions |
|
649 |
- xen_functions=$(cat $TOP_DIR/tools/xen/functions) |
|
650 |
- local plugin_dir |
|
651 |
- plugin_dir=$($ssh_dom0 "$xen_functions; set -eux; xapi_plugin_location") |
|
652 |
- |
|
653 |
- # install neutron plugins to dom0 |
|
654 |
- tar -czf - -C $NEUTRON_DIR/neutron/plugins/openvswitch/agent/xenapi/etc/xapi.d/plugins/ ./ | |
|
655 |
- $ssh_dom0 "tar -xzf - -C $plugin_dir && chmod a+x $plugin_dir/*" |
|
656 |
- fi |
|
657 |
-} |
|
658 |
- |
|
659 |
-# install_neutronclient() - Collect source and prepare |
|
660 |
-function install_neutronclient { |
|
661 |
- if use_library_from_git "python-neutronclient"; then |
|
662 |
- git_clone_by_name "python-neutronclient" |
|
663 |
- setup_dev_lib "python-neutronclient" |
|
664 |
- sudo install -D -m 0644 -o $STACK_USER {${GITDIR["python-neutronclient"]}/tools/,/etc/bash_completion.d/}neutron.bash_completion |
|
665 |
- fi |
|
666 |
-} |
|
667 |
- |
|
668 |
-# install_neutron_agent_packages() - Collect source and prepare |
|
669 |
-function install_neutron_agent_packages { |
|
670 |
- # radvd doesn't come with the OS. Install it if the l3 service is enabled. |
|
671 |
- if is_service_enabled q-l3; then |
|
672 |
- install_package radvd |
|
673 |
- fi |
|
674 |
- # install packages that are specific to plugin agent(s) |
|
675 |
- if is_service_enabled q-agt q-dhcp q-l3; then |
|
676 |
- neutron_plugin_install_agent_packages |
|
677 |
- fi |
|
678 |
- |
|
679 |
- if is_service_enabled q-lbaas; then |
|
680 |
- neutron_agent_lbaas_install_agent_packages |
|
681 |
- fi |
|
682 |
-} |
|
683 |
- |
|
684 |
-# Start running processes, including screen |
|
685 |
-function start_neutron_service_and_check { |
|
686 |
- local cfg_file_options="$(determine_config_files neutron-server)" |
|
687 |
- local service_port=$Q_PORT |
|
688 |
- local service_protocol=$Q_PROTOCOL |
|
689 |
- if is_service_enabled tls-proxy; then |
|
690 |
- service_port=$Q_PORT_INT |
|
691 |
- service_protocol="http" |
|
692 |
- fi |
|
693 |
- # Start the Neutron service |
|
694 |
- run_process q-svc "python $NEUTRON_BIN_DIR/neutron-server $cfg_file_options" |
|
695 |
- echo "Waiting for Neutron to start..." |
|
696 |
- if is_ssl_enabled_service "neutron"; then |
|
697 |
- ssl_ca="--ca-certificate=${SSL_BUNDLE_FILE}" |
|
698 |
- fi |
|
699 |
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget ${ssl_ca} --no-proxy -q -O- $service_protocol://$Q_HOST:$service_port; do sleep 1; done"; then |
|
700 |
- die $LINENO "Neutron did not start" |
|
701 |
- fi |
|
702 |
- # Start proxy if enabled |
|
703 |
- if is_service_enabled tls-proxy; then |
|
704 |
- start_tls_proxy '*' $Q_PORT $Q_HOST $Q_PORT_INT & |
|
705 |
- fi |
|
706 |
-} |
|
707 |
- |
|
708 |
-# Start running processes, including screen |
|
709 |
-function start_neutron_agents { |
|
710 |
- # Start up the neutron agents if enabled |
|
711 |
- run_process q-agt "python $AGENT_BINARY --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE" |
|
712 |
- run_process q-dhcp "python $AGENT_DHCP_BINARY --config-file $NEUTRON_CONF --config-file=$Q_DHCP_CONF_FILE" |
|
713 |
- |
|
714 |
- if is_provider_network; then |
|
715 |
- sudo ovs-vsctl --no-wait -- --may-exist add-port $OVS_PHYSICAL_BRIDGE $PUBLIC_INTERFACE |
|
716 |
- sudo ip link set $OVS_PHYSICAL_BRIDGE up |
|
717 |
- sudo ip link set br-int up |
|
718 |
- sudo ip link set $PUBLIC_INTERFACE up |
|
719 |
- if is_ironic_hardware; then |
|
720 |
- for IP in $(ip addr show dev $PUBLIC_INTERFACE | grep ' inet ' | awk '{print $2}'); do |
|
721 |
- sudo ip addr del $IP dev $PUBLIC_INTERFACE |
|
722 |
- sudo ip addr add $IP dev $OVS_PHYSICAL_BRIDGE |
|
723 |
- done |
|
724 |
- sudo route add -net $FIXED_RANGE gw $NETWORK_GATEWAY dev $OVS_PHYSICAL_BRIDGE |
|
725 |
- fi |
|
726 |
- fi |
|
727 |
- |
|
728 |
- if is_service_enabled q-vpn; then |
|
729 |
- run_process q-vpn "$AGENT_VPN_BINARY $(determine_config_files neutron-vpn-agent)" |
|
730 |
- else |
|
731 |
- run_process q-l3 "python $AGENT_L3_BINARY $(determine_config_files neutron-l3-agent)" |
|
732 |
- fi |
|
733 |
- |
|
734 |
- run_process q-meta "python $AGENT_META_BINARY --config-file $NEUTRON_CONF --config-file=$Q_META_CONF_FILE" |
|
735 |
- |
|
736 |
- if [ "$VIRT_DRIVER" = 'xenserver' ]; then |
|
737 |
- # For XenServer, start an agent for the domU openvswitch |
|
738 |
- run_process q-domua "python $AGENT_BINARY --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE.domU" |
|
739 |
- fi |
|
740 |
- |
|
741 |
- if is_service_enabled q-lbaas; then |
|
742 |
- run_process q-lbaas "python $AGENT_LBAAS_BINARY --config-file $NEUTRON_CONF --config-file=$LBAAS_AGENT_CONF_FILENAME" |
|
743 |
- fi |
|
744 |
- |
|
745 |
- if is_service_enabled q-metering; then |
|
746 |
- run_process q-metering "python $AGENT_METERING_BINARY --config-file $NEUTRON_CONF --config-file $METERING_AGENT_CONF_FILENAME" |
|
747 |
- fi |
|
748 |
-} |
|
749 |
- |
|
750 |
-# stop_neutron() - Stop running processes (non-screen) |
|
751 |
-function stop_neutron { |
|
752 |
- if is_service_enabled q-dhcp; then |
|
753 |
- stop_process q-dhcp |
|
754 |
- pid=$(ps aux | awk '/[d]nsmasq.+interface=(tap|ns-)/ { print $2 }') |
|
755 |
- [ ! -z "$pid" ] && sudo kill -9 $pid |
|
756 |
- fi |
|
757 |
- |
|
758 |
- stop_process q-svc |
|
759 |
- stop_process q-l3 |
|
760 |
- |
|
761 |
- if is_service_enabled q-meta; then |
|
762 |
- sudo pkill -9 -f neutron-ns-metadata-proxy || : |
|
763 |
- stop_process q-meta |
|
764 |
- fi |
|
765 |
- |
|
766 |
- stop_process q-agt |
|
767 |
- |
|
768 |
- if is_service_enabled q-lbaas; then |
|
769 |
- neutron_lbaas_stop |
|
770 |
- fi |
|
771 |
- if is_service_enabled q-fwaas; then |
|
772 |
- neutron_fwaas_stop |
|
773 |
- fi |
|
774 |
- if is_service_enabled q-vpn; then |
|
775 |
- neutron_vpn_stop |
|
776 |
- fi |
|
777 |
- if is_service_enabled q-metering; then |
|
778 |
- neutron_metering_stop |
|
779 |
- fi |
|
780 |
-} |
|
781 |
- |
|
782 |
-# cleanup_neutron() - Remove residual data files, anything left over from previous |
|
783 |
-# runs that a clean run would need to clean up |
|
784 |
-function cleanup_neutron { |
|
785 |
- if is_provider_network && is_ironic_hardware; then |
|
786 |
- for IP in $(ip addr show dev $OVS_PHYSICAL_BRIDGE | grep ' inet ' | awk '{print $2}'); do |
|
787 |
- sudo ip addr del $IP dev $OVS_PHYSICAL_BRIDGE |
|
788 |
- sudo ip addr add $IP dev $PUBLIC_INTERFACE |
|
789 |
- done |
|
790 |
- sudo route del -net $FIXED_RANGE gw $NETWORK_GATEWAY dev $OVS_PHYSICAL_BRIDGE |
|
791 |
- fi |
|
792 |
- |
|
793 |
- if is_neutron_ovs_base_plugin; then |
|
794 |
- neutron_ovs_base_cleanup |
|
795 |
- fi |
|
796 |
- |
|
797 |
- # delete all namespaces created by neutron |
|
798 |
- for ns in $(sudo ip netns list | grep -o -E '(qdhcp|qrouter|qlbaas|fip|snat)-[0-9a-f-]*'); do |
|
799 |
- sudo ip netns delete ${ns} |
|
800 |
- done |
|
801 |
-} |
|
802 |
- |
|
803 |
- |
|
804 |
-function _create_neutron_conf_dir { |
|
805 |
- # Put config files in ``NEUTRON_CONF_DIR`` for everyone to find |
|
806 |
- sudo install -d -o $STACK_USER $NEUTRON_CONF_DIR |
|
807 |
-} |
|
808 |
- |
|
809 |
-# _configure_neutron_common() |
|
810 |
-# Set common config for all neutron server and agents. |
|
811 |
-# This MUST be called before other ``_configure_neutron_*`` functions. |
|
812 |
-function _configure_neutron_common { |
|
813 |
- _create_neutron_conf_dir |
|
814 |
- |
|
815 |
- cp $NEUTRON_DIR/etc/neutron.conf $NEUTRON_CONF |
|
816 |
- |
|
817 |
- # Set plugin-specific variables ``Q_DB_NAME``, ``Q_PLUGIN_CLASS``. |
|
818 |
- # For main plugin config file, set ``Q_PLUGIN_CONF_PATH``, ``Q_PLUGIN_CONF_FILENAME``. |
|
819 |
- # For addition plugin config files, set ``Q_PLUGIN_EXTRA_CONF_PATH``, |
|
820 |
- # ``Q_PLUGIN_EXTRA_CONF_FILES``. For example: |
|
821 |
- # |
|
822 |
- # ``Q_PLUGIN_EXTRA_CONF_FILES=(file1, file2)`` |
|
823 |
- neutron_plugin_configure_common |
|
824 |
- |
|
825 |
- if [[ "$Q_PLUGIN_CONF_PATH" == '' || "$Q_PLUGIN_CONF_FILENAME" == '' || "$Q_PLUGIN_CLASS" == '' ]]; then |
|
826 |
- die $LINENO "Neutron plugin not set.. exiting" |
|
827 |
- fi |
|
828 |
- |
|
829 |
- # If needed, move config file from ``$NEUTRON_DIR/etc/neutron`` to ``NEUTRON_CONF_DIR`` |
|
830 |
- mkdir -p /$Q_PLUGIN_CONF_PATH |
|
831 |
- Q_PLUGIN_CONF_FILE=$Q_PLUGIN_CONF_PATH/$Q_PLUGIN_CONF_FILENAME |
|
832 |
- cp $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE /$Q_PLUGIN_CONF_FILE |
|
833 |
- |
|
834 |
- iniset $NEUTRON_CONF database connection `database_connection_url $Q_DB_NAME` |
|
835 |
- iniset $NEUTRON_CONF DEFAULT state_path $DATA_DIR/neutron |
|
836 |
- iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG |
|
837 |
- # If addition config files are set, make sure their path name is set as well |
|
838 |
- if [[ ${#Q_PLUGIN_EXTRA_CONF_FILES[@]} > 0 && $Q_PLUGIN_EXTRA_CONF_PATH == '' ]]; then |
|
839 |
- die $LINENO "Neutron additional plugin config not set.. exiting" |
|
840 |
- fi |
|
841 |
- |
|
842 |
- # If additional config files exist, copy them over to neutron configuration |
|
843 |
- # directory |
|
844 |
- if [[ $Q_PLUGIN_EXTRA_CONF_PATH != '' ]]; then |
|
845 |
- local f |
|
846 |
- for (( f=0; $f < ${#Q_PLUGIN_EXTRA_CONF_FILES[@]}; f+=1 )); do |
|
847 |
- Q_PLUGIN_EXTRA_CONF_FILES[$f]=$Q_PLUGIN_EXTRA_CONF_PATH/${Q_PLUGIN_EXTRA_CONF_FILES[$f]} |
|
848 |
- done |
|
849 |
- fi |
|
850 |
- |
|
851 |
- if [ "$VIRT_DRIVER" = 'fake' ]; then |
|
852 |
- # Disable arbitrary limits |
|
853 |
- iniset $NEUTRON_CONF quotas quota_network -1 |
|
854 |
- iniset $NEUTRON_CONF quotas quota_subnet -1 |
|
855 |
- iniset $NEUTRON_CONF quotas quota_port -1 |
|
856 |
- iniset $NEUTRON_CONF quotas quota_security_group -1 |
|
857 |
- iniset $NEUTRON_CONF quotas quota_security_group_rule -1 |
|
858 |
- fi |
|
859 |
- |
|
860 |
- # Format logging |
|
861 |
- if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then |
|
862 |
- setup_colorized_logging $NEUTRON_CONF DEFAULT project_id |
|
863 |
- else |
|
864 |
- # Show user_name and project_name by default like in nova |
|
865 |
- iniset $NEUTRON_CONF DEFAULT logging_context_format_string "%(asctime)s.%(msecs)03d %(levelname)s %(name)s [%(request_id)s %(user_name)s %(project_name)s] %(instance)s%(message)s" |
|
866 |
- fi |
|
867 |
- |
|
868 |
- if is_service_enabled tls-proxy; then |
|
869 |
- # Set the service port for a proxy to take the original |
|
870 |
- iniset $NEUTRON_CONF DEFAULT bind_port "$Q_PORT_INT" |
|
871 |
- fi |
|
872 |
- |
|
873 |
- if is_ssl_enabled_service "nova"; then |
|
874 |
- iniset $NEUTRON_CONF nova cafile $SSL_BUNDLE_FILE |
|
875 |
- fi |
|
876 |
- |
|
877 |
- if is_ssl_enabled_service "neutron"; then |
|
878 |
- ensure_certificates NEUTRON |
|
879 |
- |
|
880 |
- iniset $NEUTRON_CONF DEFAULT use_ssl True |
|
881 |
- iniset $NEUTRON_CONF DEFAULT ssl_cert_file "$NEUTRON_SSL_CERT" |
|
882 |
- iniset $NEUTRON_CONF DEFAULT ssl_key_file "$NEUTRON_SSL_KEY" |
|
883 |
- fi |
|
884 |
- |
|
885 |
- _neutron_setup_rootwrap |
|
886 |
-} |
|
887 |
- |
|
888 |
-function _configure_neutron_debug_command { |
|
889 |
- if [[ "$Q_USE_DEBUG_COMMAND" != "True" ]]; then |
|
890 |
- return |
|
891 |
- fi |
|
892 |
- |
|
893 |
- cp $NEUTRON_DIR/etc/l3_agent.ini $NEUTRON_TEST_CONFIG_FILE |
|
894 |
- |
|
895 |
- iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT verbose False |
|
896 |
- iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT debug False |
|
897 |
- iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE |
|
898 |
- iniset $NEUTRON_TEST_CONFIG_FILE agent root_helper "$Q_RR_COMMAND" |
|
899 |
- if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
900 |
- iniset $NEUTRON_TEST_CONFIG_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
901 |
- fi |
|
902 |
- |
|
903 |
- _neutron_setup_interface_driver $NEUTRON_TEST_CONFIG_FILE |
|
904 |
- |
|
905 |
- neutron_plugin_configure_debug_command |
|
906 |
-} |
|
907 |
- |
|
908 |
-function _configure_neutron_dhcp_agent { |
|
909 |
- |
|
910 |
- cp $NEUTRON_DIR/etc/dhcp_agent.ini $Q_DHCP_CONF_FILE |
|
911 |
- |
|
912 |
- iniset $Q_DHCP_CONF_FILE DEFAULT verbose True |
|
913 |
- iniset $Q_DHCP_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
914 |
- iniset $Q_DHCP_CONF_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE |
|
915 |
- iniset $Q_DHCP_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND" |
|
916 |
- if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
917 |
- iniset $NEUTRON_TEST_CONFIG_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
918 |
- fi |
|
919 |
- |
|
920 |
- if ! is_service_enabled q-l3; then |
|
921 |
- if [[ "$ENABLE_ISOLATED_METADATA" = "True" ]]; then |
|
922 |
- iniset $Q_DHCP_CONF_FILE DEFAULT enable_isolated_metadata $ENABLE_ISOLATED_METADATA |
|
923 |
- iniset $Q_DHCP_CONF_FILE DEFAULT enable_metadata_network $ENABLE_METADATA_NETWORK |
|
924 |
- else |
|
925 |
- if [[ "$ENABLE_METADATA_NETWORK" = "True" ]]; then |
|
926 |
- die "$LINENO" "Enable isolated metadata is a must for metadata network" |
|
927 |
- fi |
|
928 |
- fi |
|
929 |
- fi |
|
930 |
- |
|
931 |
- _neutron_setup_interface_driver $Q_DHCP_CONF_FILE |
|
932 |
- |
|
933 |
- neutron_plugin_configure_dhcp_agent |
|
934 |
-} |
|
935 |
- |
|
936 |
-function _configure_neutron_l3_agent { |
|
937 |
- local cfg_file |
|
938 |
- Q_L3_ENABLED=True |
|
939 |
- # for l3-agent, only use per tenant router if we have namespaces |
|
940 |
- Q_L3_ROUTER_PER_TENANT=$Q_USE_NAMESPACE |
|
941 |
- |
|
942 |
- if is_service_enabled q-vpn; then |
|
943 |
- neutron_vpn_configure_agent |
|
944 |
- fi |
|
945 |
- |
|
946 |
- cp $NEUTRON_DIR/etc/l3_agent.ini $Q_L3_CONF_FILE |
|
947 |
- |
|
948 |
- iniset $Q_L3_CONF_FILE DEFAULT verbose True |
|
949 |
- iniset $Q_L3_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
950 |
- iniset $Q_L3_CONF_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE |
|
951 |
- iniset $Q_L3_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND" |
|
952 |
- if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
953 |
- iniset $Q_L3_CONF_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
954 |
- fi |
|
955 |
- |
|
956 |
- _neutron_setup_interface_driver $Q_L3_CONF_FILE |
|
957 |
- |
|
958 |
- neutron_plugin_configure_l3_agent |
|
959 |
-} |
|
960 |
- |
|
961 |
-function _configure_neutron_metadata_agent { |
|
962 |
- cp $NEUTRON_DIR/etc/metadata_agent.ini $Q_META_CONF_FILE |
|
963 |
- |
|
964 |
- iniset $Q_META_CONF_FILE DEFAULT verbose True |
|
965 |
- iniset $Q_META_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
966 |
- iniset $Q_META_CONF_FILE DEFAULT nova_metadata_ip $Q_META_DATA_IP |
|
967 |
- iniset $Q_META_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND" |
|
968 |
- if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
969 |
- iniset $Q_META_CONF_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
970 |
- fi |
|
971 |
- |
|
972 |
- # Configures keystone for metadata_agent |
|
973 |
- # The third argument "True" sets auth_url needed to communicate with keystone |
|
974 |
- _neutron_setup_keystone $Q_META_CONF_FILE DEFAULT True |
|
975 |
- |
|
976 |
-} |
|
977 |
- |
|
978 |
-function _configure_neutron_ceilometer_notifications { |
|
979 |
- iniset $NEUTRON_CONF DEFAULT notification_driver messaging |
|
980 |
-} |
|
981 |
- |
|
982 |
-function _configure_neutron_lbaas { |
|
983 |
- if [ -f $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf ]; then |
|
984 |
- cp $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf $NEUTRON_CONF_DIR |
|
985 |
- fi |
|
986 |
- neutron_agent_lbaas_configure_common |
|
987 |
- neutron_agent_lbaas_configure_agent |
|
988 |
-} |
|
989 |
- |
|
990 |
-function _configure_neutron_metering { |
|
991 |
- neutron_agent_metering_configure_common |
|
992 |
- neutron_agent_metering_configure_agent |
|
993 |
-} |
|
994 |
- |
|
995 |
-function _configure_neutron_fwaas { |
|
996 |
- if [ -f $NEUTRON_FWAAS_DIR/etc/neutron_fwaas.conf ]; then |
|
997 |
- cp $NEUTRON_FWAAS_DIR/etc/neutron_fwaas.conf $NEUTRON_CONF_DIR |
|
998 |
- fi |
|
999 |
- neutron_fwaas_configure_common |
|
1000 |
- neutron_fwaas_configure_driver |
|
1001 |
-} |
|
1002 |
- |
|
1003 |
-function _configure_neutron_vpn { |
|
1004 |
- if [ -f $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf ]; then |
|
1005 |
- cp $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf $NEUTRON_CONF_DIR |
|
1006 |
- fi |
|
1007 |
- neutron_vpn_install_agent_packages |
|
1008 |
- neutron_vpn_configure_common |
|
1009 |
-} |
|
1010 |
- |
|
1011 |
-function _configure_dvr { |
|
1012 |
- iniset $NEUTRON_CONF DEFAULT router_distributed True |
|
1013 |
- iniset $Q_L3_CONF_FILE DEFAULT agent_mode $Q_DVR_MODE |
|
1014 |
-} |
|
1015 |
- |
|
1016 |
- |
|
1017 |
-# _configure_neutron_plugin_agent() - Set config files for neutron plugin agent |
|
1018 |
-# It is called when q-agt is enabled. |
|
1019 |
-function _configure_neutron_plugin_agent { |
|
1020 |
- # Specify the default root helper prior to agent configuration to |
|
1021 |
- # ensure that an agent's configuration can override the default |
|
1022 |
- iniset /$Q_PLUGIN_CONF_FILE agent root_helper "$Q_RR_COMMAND" |
|
1023 |
- if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
1024 |
- iniset /$Q_PLUGIN_CONF_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
1025 |
- fi |
|
1026 |
- iniset $NEUTRON_CONF DEFAULT verbose True |
|
1027 |
- iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
1028 |
- |
|
1029 |
- # Configure agent for plugin |
|
1030 |
- neutron_plugin_configure_plugin_agent |
|
1031 |
-} |
|
1032 |
- |
|
1033 |
-# _configure_neutron_service() - Set config files for neutron service |
|
1034 |
-# It is called when q-svc is enabled. |
|
1035 |
-function _configure_neutron_service { |
|
1036 |
- Q_API_PASTE_FILE=$NEUTRON_CONF_DIR/api-paste.ini |
|
1037 |
- Q_POLICY_FILE=$NEUTRON_CONF_DIR/policy.json |
|
1038 |
- |
|
1039 |
- cp $NEUTRON_DIR/etc/api-paste.ini $Q_API_PASTE_FILE |
|
1040 |
- cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE |
|
1041 |
- |
|
1042 |
- # allow neutron user to administer neutron to match neutron account |
|
1043 |
- sed -i 's/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $Q_POLICY_FILE |
|
1044 |
- |
|
1045 |
- # Update either configuration file with plugin |
|
1046 |
- iniset $NEUTRON_CONF DEFAULT core_plugin $Q_PLUGIN_CLASS |
|
1047 |
- |
|
1048 |
- if [[ $Q_SERVICE_PLUGIN_CLASSES != '' ]]; then |
|
1049 |
- iniset $NEUTRON_CONF DEFAULT service_plugins $Q_SERVICE_PLUGIN_CLASSES |
|
1050 |
- fi |
|
1051 |
- |
|
1052 |
- iniset $NEUTRON_CONF DEFAULT verbose True |
|
1053 |
- iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
1054 |
- iniset $NEUTRON_CONF DEFAULT policy_file $Q_POLICY_FILE |
|
1055 |
- iniset $NEUTRON_CONF DEFAULT allow_overlapping_ips $Q_ALLOW_OVERLAPPING_IP |
|
1056 |
- |
|
1057 |
- iniset $NEUTRON_CONF DEFAULT auth_strategy $Q_AUTH_STRATEGY |
|
1058 |
- _neutron_setup_keystone $NEUTRON_CONF keystone_authtoken |
|
1059 |
- |
|
1060 |
- # Configuration for neutron notifations to nova. |
|
1061 |
- iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_status_changes $Q_NOTIFY_NOVA_PORT_STATUS_CHANGES |
|
1062 |
- iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_data_changes $Q_NOTIFY_NOVA_PORT_DATA_CHANGES |
|
1063 |
- |
|
1064 |
- iniset $NEUTRON_CONF nova auth_plugin password |
|
1065 |
- iniset $NEUTRON_CONF nova auth_url $KEYSTONE_AUTH_URI |
|
1066 |
- iniset $NEUTRON_CONF nova username nova |
|
1067 |
- iniset $NEUTRON_CONF nova password $SERVICE_PASSWORD |
|
1068 |
- iniset $NEUTRON_CONF nova user_domain_id default |
|
1069 |
- iniset $NEUTRON_CONF nova project_name $SERVICE_TENANT_NAME |
|
1070 |
- iniset $NEUTRON_CONF nova project_domain_id default |
|
1071 |
- iniset $NEUTRON_CONF nova region_name $REGION_NAME |
|
1072 |
- |
|
1073 |
- # Configure plugin |
|
1074 |
- neutron_plugin_configure_service |
|
1075 |
-} |
|
1076 |
- |
|
1077 |
-# Utility Functions |
|
1078 |
-#------------------ |
|
1079 |
- |
|
1080 |
-# _neutron_service_plugin_class_add() - add service plugin class |
|
1081 |
-function _neutron_service_plugin_class_add { |
|
1082 |
- local service_plugin_class=$1 |
|
1083 |
- if [[ $Q_SERVICE_PLUGIN_CLASSES == '' ]]; then |
|
1084 |
- Q_SERVICE_PLUGIN_CLASSES=$service_plugin_class |
|
1085 |
- elif [[ ! ,${Q_SERVICE_PLUGIN_CLASSES}, =~ ,${service_plugin_class}, ]]; then |
|
1086 |
- Q_SERVICE_PLUGIN_CLASSES="$Q_SERVICE_PLUGIN_CLASSES,$service_plugin_class" |
|
1087 |
- fi |
|
1088 |
-} |
|
1089 |
- |
|
1090 |
-# _neutron_deploy_rootwrap_filters() - deploy rootwrap filters to $Q_CONF_ROOTWRAP_D (owned by root). |
|
1091 |
-function _neutron_deploy_rootwrap_filters { |
|
1092 |
- local srcdir=$1 |
|
1093 |
- sudo install -d -o root -m 755 $Q_CONF_ROOTWRAP_D |
|
1094 |
- sudo install -o root -m 644 $srcdir/etc/neutron/rootwrap.d/* $Q_CONF_ROOTWRAP_D/ |
|
1095 |
-} |
|
1096 |
- |
|
1097 |
-# _neutron_setup_rootwrap() - configure Neutron's rootwrap |
|
1098 |
-function _neutron_setup_rootwrap { |
|
1099 |
- if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then |
|
1100 |
- return |
|
1101 |
- fi |
|
1102 |
- # Wipe any existing ``rootwrap.d`` files first |
|
1103 |
- Q_CONF_ROOTWRAP_D=$NEUTRON_CONF_DIR/rootwrap.d |
|
1104 |
- if [[ -d $Q_CONF_ROOTWRAP_D ]]; then |
|
1105 |
- sudo rm -rf $Q_CONF_ROOTWRAP_D |
|
1106 |
- fi |
|
1107 |
- |
|
1108 |
- _neutron_deploy_rootwrap_filters $NEUTRON_DIR |
|
1109 |
- |
|
1110 |
- # Set up ``rootwrap.conf``, pointing to ``$NEUTRON_CONF_DIR/rootwrap.d`` |
|
1111 |
- # location moved in newer versions, prefer new location |
|
1112 |
- if test -r $NEUTRON_DIR/etc/neutron/rootwrap.conf; then |
|
1113 |
- sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/neutron/rootwrap.conf $Q_RR_CONF_FILE |
|
1114 |
- else |
|
1115 |
- sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/rootwrap.conf $Q_RR_CONF_FILE |
|
1116 |
- fi |
|
1117 |
- sudo sed -e "s:^filters_path=.*$:filters_path=$Q_CONF_ROOTWRAP_D:" -i $Q_RR_CONF_FILE |
|
1118 |
- # Specify ``rootwrap.conf`` as first parameter to neutron-rootwrap |
|
1119 |
- ROOTWRAP_SUDOER_CMD="$NEUTRON_ROOTWRAP $Q_RR_CONF_FILE *" |
|
1120 |
- ROOTWRAP_DAEMON_SUDOER_CMD="$NEUTRON_ROOTWRAP-daemon $Q_RR_CONF_FILE" |
|
1121 |
- |
|
1122 |
- # Set up the rootwrap sudoers for neutron |
|
1123 |
- TEMPFILE=`mktemp` |
|
1124 |
- echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_SUDOER_CMD" >$TEMPFILE |
|
1125 |
- echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_DAEMON_SUDOER_CMD" >>$TEMPFILE |
|
1126 |
- chmod 0440 $TEMPFILE |
|
1127 |
- sudo chown root:root $TEMPFILE |
|
1128 |
- sudo mv $TEMPFILE /etc/sudoers.d/neutron-rootwrap |
|
1129 |
- |
|
1130 |
- # Update the root_helper |
|
1131 |
- iniset $NEUTRON_CONF agent root_helper "$Q_RR_COMMAND" |
|
1132 |
- if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
1133 |
- iniset $NEUTRON_CONF agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
1134 |
- fi |
|
1135 |
-} |
|
1136 |
- |
|
1137 |
-# Configures keystone integration for neutron service and agents |
|
1138 |
-function _neutron_setup_keystone { |
|
1139 |
- local conf_file=$1 |
|
1140 |
- local section=$2 |
|
1141 |
- local use_auth_url=$3 |
|
1142 |
- |
|
1143 |
- # Configures keystone for metadata_agent |
|
1144 |
- # metadata_agent needs auth_url to communicate with keystone |
|
1145 |
- if [[ "$use_auth_url" == "True" ]]; then |
|
1146 |
- iniset $conf_file $section auth_url $KEYSTONE_SERVICE_URI/v2.0 |
|
1147 |
- fi |
|
1148 |
- |
|
1149 |
- create_neutron_cache_dir |
|
1150 |
- configure_auth_token_middleware $conf_file $Q_ADMIN_USERNAME $NEUTRON_AUTH_CACHE_DIR $section |
|
1151 |
-} |
|
1152 |
- |
|
1153 |
-function _neutron_setup_interface_driver { |
|
1154 |
- |
|
1155 |
- # ovs_use_veth needs to be set before the plugin configuration |
|
1156 |
- # occurs to allow plugins to override the setting. |
|
1157 |
- iniset $1 DEFAULT ovs_use_veth $Q_OVS_USE_VETH |
|
1158 |
- |
|
1159 |
- neutron_plugin_setup_interface_driver $1 |
|
1160 |
-} |
|
1161 |
- |
|
1162 |
-# Create private IPv4 subnet |
|
1163 |
-function _neutron_create_private_subnet_v4 { |
|
1164 |
- local subnet_params="--tenant-id $TENANT_ID " |
|
1165 |
- subnet_params+="--ip_version 4 " |
|
1166 |
- subnet_params+="--gateway $NETWORK_GATEWAY " |
|
1167 |
- subnet_params+="--name $PRIVATE_SUBNET_NAME " |
|
1168 |
- subnet_params+="$NET_ID $FIXED_RANGE" |
|
1169 |
- local subnet_id=$(neutron subnet-create $subnet_params | grep ' id ' | get_field 2) |
|
1170 |
- die_if_not_set $LINENO subnet_id "Failure creating private IPv4 subnet for $TENANT_ID" |
|
1171 |
- echo $subnet_id |
|
1172 |
-} |
|
1173 |
- |
|
1174 |
-# Create private IPv6 subnet |
|
1175 |
-function _neutron_create_private_subnet_v6 { |
|
1176 |
- die_if_not_set $LINENO IPV6_RA_MODE "IPV6 RA Mode not set" |
|
1177 |
- die_if_not_set $LINENO IPV6_ADDRESS_MODE "IPV6 Address Mode not set" |
|
1178 |
- local ipv6_modes="--ipv6-ra-mode $IPV6_RA_MODE --ipv6-address-mode $IPV6_ADDRESS_MODE" |
|
1179 |
- local subnet_params="--tenant-id $TENANT_ID " |
|
1180 |
- subnet_params+="--ip_version 6 " |
|
1181 |
- subnet_params+="--gateway $IPV6_PRIVATE_NETWORK_GATEWAY " |
|
1182 |
- subnet_params+="--name $IPV6_PRIVATE_SUBNET_NAME " |
|
1183 |
- subnet_params+="$NET_ID $FIXED_RANGE_V6 $ipv6_modes" |
|
1184 |
- local ipv6_subnet_id=$(neutron subnet-create $subnet_params | grep ' id ' | get_field 2) |
|
1185 |
- die_if_not_set $LINENO ipv6_subnet_id "Failure creating private IPv6 subnet for $TENANT_ID" |
|
1186 |
- echo $ipv6_subnet_id |
|
1187 |
-} |
|
1188 |
- |
|
1189 |
-# Create public IPv4 subnet |
|
1190 |
-function _neutron_create_public_subnet_v4 { |
|
1191 |
- local subnet_params+="--ip_version 4 " |
|
1192 |
- subnet_params+="${Q_FLOATING_ALLOCATION_POOL:+--allocation-pool $Q_FLOATING_ALLOCATION_POOL} " |
|
1193 |
- subnet_params+="--gateway $PUBLIC_NETWORK_GATEWAY " |
|
1194 |
- subnet_params+="--name $PUBLIC_SUBNET_NAME " |
|
1195 |
- subnet_params+="$EXT_NET_ID $FLOATING_RANGE " |
|
1196 |
- subnet_params+="-- --enable_dhcp=False" |
|
1197 |
- local id_and_ext_gw_ip=$(neutron subnet-create $subnet_params | grep -e 'gateway_ip' -e ' id ') |
|
1198 |
- die_if_not_set $LINENO id_and_ext_gw_ip "Failure creating public IPv4 subnet" |
|
1199 |
- echo $id_and_ext_gw_ip |
|
1200 |
-} |
|
1201 |
- |
|
1202 |
-# Create public IPv6 subnet |
|
1203 |
-function _neutron_create_public_subnet_v6 { |
|
1204 |
- local subnet_params="--ip_version 6 " |
|
1205 |
- subnet_params+="--gateway $IPV6_PUBLIC_NETWORK_GATEWAY " |
|
1206 |
- subnet_params+="--name $IPV6_PUBLIC_SUBNET_NAME " |
|
1207 |
- subnet_params+="$EXT_NET_ID $IPV6_PUBLIC_RANGE " |
|
1208 |
- subnet_params+="-- --enable_dhcp=False" |
|
1209 |
- local ipv6_id_and_ext_gw_ip=$(neutron subnet-create $subnet_params | grep -e 'gateway_ip' -e ' id ') |
|
1210 |
- die_if_not_set $LINENO ipv6_id_and_ext_gw_ip "Failure creating an IPv6 public subnet" |
|
1211 |
- echo $ipv6_id_and_ext_gw_ip |
|
1212 |
-} |
|
1213 |
- |
|
1214 |
-# Configure neutron router for IPv4 public access |
|
1215 |
-function _neutron_configure_router_v4 { |
|
1216 |
- neutron router-interface-add $ROUTER_ID $SUBNET_ID |
|
1217 |
- # Create a public subnet on the external network |
|
1218 |
- local id_and_ext_gw_ip=$(_neutron_create_public_subnet_v4 $EXT_NET_ID) |
|
1219 |
- local ext_gw_ip=$(echo $id_and_ext_gw_ip | get_field 2) |
|
1220 |
- PUB_SUBNET_ID=$(echo $id_and_ext_gw_ip | get_field 5) |
|
1221 |
- # Configure the external network as the default router gateway |
|
1222 |
- neutron router-gateway-set $ROUTER_ID $EXT_NET_ID |
|
1223 |
- |
|
1224 |
- # This logic is specific to using the l3-agent for layer 3 |
|
1225 |
- if is_service_enabled q-l3; then |
|
1226 |
- # Configure and enable public bridge |
|
1227 |
- if is_neutron_ovs_base_plugin && [[ "$Q_USE_NAMESPACE" = "True" ]]; then |
|
1228 |
- local ext_gw_interface=$(_neutron_get_ext_gw_interface) |
|
1229 |
- local cidr_len=${FLOATING_RANGE#*/} |
|
1230 |
- sudo ip addr add $ext_gw_ip/$cidr_len dev $ext_gw_interface |
|
1231 |
- sudo ip link set $ext_gw_interface up |
|
1232 |
- ROUTER_GW_IP=`neutron port-list -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' -v subnet_id=$PUB_SUBNET_ID '$4 == subnet_id { print $8; }'` |
|
1233 |
- die_if_not_set $LINENO ROUTER_GW_IP "Failure retrieving ROUTER_GW_IP" |
|
1234 |
- sudo route add -net $FIXED_RANGE gw $ROUTER_GW_IP |
|
1235 |
- fi |
|
1236 |
- _neutron_set_router_id |
|
1237 |
- fi |
|
1238 |
-} |
|
1239 |
- |
|
1240 |
-# Configure neutron router for IPv6 public access |
|
1241 |
-function _neutron_configure_router_v6 { |
|
1242 |
- neutron router-interface-add $ROUTER_ID $IPV6_SUBNET_ID |
|
1243 |
- # Create a public subnet on the external network |
|
1244 |
- local ipv6_id_and_ext_gw_ip=$(_neutron_create_public_subnet_v6 $EXT_NET_ID) |
|
1245 |
- local ipv6_ext_gw_ip=$(echo $ipv6_id_and_ext_gw_ip | get_field 2) |
|
1246 |
- local ipv6_pub_subnet_id=$(echo $ipv6_id_and_ext_gw_ip | get_field 5) |
|
1247 |
- |
|
1248 |
- # If the external network has not already been set as the default router |
|
1249 |
- # gateway when configuring an IPv4 public subnet, do so now |
|
1250 |
- if [[ "$IP_VERSION" == "6" ]]; then |
|
1251 |
- neutron router-gateway-set $ROUTER_ID $EXT_NET_ID |
|
1252 |
- fi |
|
1253 |
- |
|
1254 |
- # This logic is specific to using the l3-agent for layer 3 |
|
1255 |
- if is_service_enabled q-l3; then |
|
1256 |
- local ipv6_router_gw_port |
|
1257 |
- # Ensure IPv6 forwarding is enabled on the host |
|
1258 |
- sudo sysctl -w net.ipv6.conf.all.forwarding=1 |
|
1259 |
- # Configure and enable public bridge |
|
1260 |
- if [[ "$IP_VERSION" = "6" ]]; then |
|
1261 |
- # Override global IPV6_ROUTER_GW_IP with the true value from neutron |
|
1262 |
- IPV6_ROUTER_GW_IP=`neutron port-list -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' -v subnet_id=$ipv6_pub_subnet_id '$4 == subnet_id { print $8; }'` |
|
1263 |
- die_if_not_set $LINENO IPV6_ROUTER_GW_IP "Failure retrieving IPV6_ROUTER_GW_IP" |
|
1264 |
- ipv6_router_gw_port=`neutron port-list -c id -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' -v subnet_id=$ipv6_pub_subnet_id '$4 == subnet_id { print $1; }' | awk -F ' | ' '{ print $2; }'` |
|
1265 |
- die_if_not_set $LINENO ipv6_router_gw_port "Failure retrieving ipv6_router_gw_port" |
|
1266 |
- else |
|
1267 |
- ipv6_router_gw_port=`neutron port-list -c id -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' -v subnet_id=$PUB_SUBNET_ID '$4 == subnet_id { print $1; }' | awk -F ' | ' '{ print $2; }'` |
|
1268 |
- die_if_not_set $LINENO ipv6_router_gw_port "Failure retrieving ipv6_router_gw_port" |
|
1269 |
- fi |
|
1270 |
- |
|
1271 |
- # The ovs_base_configure_l3_agent function flushes the public |
|
1272 |
- # bridge's ip addresses, so turn IPv6 support in the host off |
|
1273 |
- # and then on to recover the public bridge's link local address |
|
1274 |
- sudo sysctl -w net.ipv6.conf.${PUBLIC_BRIDGE}.disable_ipv6=1 |
|
1275 |
- sudo sysctl -w net.ipv6.conf.${PUBLIC_BRIDGE}.disable_ipv6=0 |
|
1276 |
- if ! ip -6 addr show dev $PUBLIC_BRIDGE | grep 'scope global'; then |
|
1277 |
- # Create an IPv6 ULA address for PUBLIC_BRIDGE if one is not present |
|
1278 |
- IPV6_BRIDGE_ULA=`uuidgen | sed s/-//g | cut -c 23- | sed -e "s/\(..\)\(....\)\(....\)/\1:\2:\3/"` |
|
1279 |
- sudo ip -6 addr add fd$IPV6_BRIDGE_ULA::1 dev $PUBLIC_BRIDGE |
|
1280 |
- fi |
|
1281 |
- |
|
1282 |
- if is_neutron_ovs_base_plugin && [[ "$Q_USE_NAMESPACE" = "True" ]]; then |
|
1283 |
- local ext_gw_interface=$(_neutron_get_ext_gw_interface) |
|
1284 |
- local ipv6_cidr_len=${IPV6_PUBLIC_RANGE#*/} |
|
1285 |
- |
|
1286 |
- # Define router_ns based on whether DVR is enabled |
|
1287 |
- local router_ns=qrouter |
|
1288 |
- if [[ "$Q_DVR_MODE" == "dvr_snat" ]]; then |
|
1289 |
- router_ns=snat |
|
1290 |
- fi |
|
1291 |
- |
|
1292 |
- # Configure interface for public bridge |
|
1293 |
- sudo ip -6 addr add $ipv6_ext_gw_ip/$ipv6_cidr_len dev $ext_gw_interface |
|
1294 |
- |
|
1295 |
- # Wait until layer 3 agent has configured the gateway port on |
|
1296 |
- # the public bridge, then add gateway address to the interface |
|
1297 |
- # TODO (john-davidge) Remove once l3-agent supports dual-stack |
|
1298 |
- if [[ "$IP_VERSION" == "4+6" ]]; then |
|
1299 |
- if ! timeout $GATEWAY_TIMEOUT sh -c "until sudo ip netns exec $router_ns-$ROUTER_ID ip addr show qg-${ipv6_router_gw_port:0:11} | grep $ROUTER_GW_IP; do sleep 1; done"; then |
|
1300 |
- die $LINENO "Timeout retrieving ROUTER_GW_IP" |
|
1301 |
- fi |
|
1302 |
- # Configure the gateway port with the public IPv6 adress |
|
1303 |
- sudo ip netns exec $router_ns-$ROUTER_ID ip -6 addr add $IPV6_ROUTER_GW_IP/$ipv6_cidr_len dev qg-${ipv6_router_gw_port:0:11} |
|
1304 |
- # Add a default IPv6 route to the neutron router as the |
|
1305 |
- # l3-agent does not add one in the dual-stack case |
|
1306 |
- sudo ip netns exec $router_ns-$ROUTER_ID ip -6 route replace default via $ipv6_ext_gw_ip dev qg-${ipv6_router_gw_port:0:11} |
|
1307 |
- fi |
|
1308 |
- sudo ip -6 route add $FIXED_RANGE_V6 via $IPV6_ROUTER_GW_IP dev $ext_gw_interface |
|
1309 |
- fi |
|
1310 |
- _neutron_set_router_id |
|
1311 |
- fi |
|
1312 |
-} |
|
1313 |
- |
|
1314 |
-# Explicitly set router id in l3 agent configuration |
|
1315 |
-function _neutron_set_router_id { |
|
1316 |
- if [[ "$Q_USE_NAMESPACE" == "False" ]]; then |
|
1317 |
- iniset $Q_L3_CONF_FILE DEFAULT router_id $ROUTER_ID |
|
1318 |
- fi |
|
1319 |
-} |
|
1320 |
- |
|
1321 |
-# Get ext_gw_interface depending on value of Q_USE_PUBLIC_VETH |
|
1322 |
-function _neutron_get_ext_gw_interface { |
|
1323 |
- if [[ "$Q_USE_PUBLIC_VETH" == "True" ]]; then |
|
1324 |
- echo $Q_PUBLIC_VETH_EX |
|
1325 |
- else |
|
1326 |
- # Disable in-band as we are going to use local port |
|
1327 |
- # to communicate with VMs |
|
1328 |
- sudo ovs-vsctl set Bridge $PUBLIC_BRIDGE \ |
|
1329 |
- other_config:disable-in-band=true |
|
1330 |
- echo $PUBLIC_BRIDGE |
|
1331 |
- fi |
|
1332 |
-} |
|
1333 |
- |
|
1334 |
-# Functions for Neutron Exercises |
|
1335 |
-#-------------------------------- |
|
1336 |
- |
|
1337 |
-function delete_probe { |
|
1338 |
- local from_net="$1" |
|
1339 |
- net_id=`_get_net_id $from_net` |
|
1340 |
- probe_id=`neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}'` |
|
1341 |
- neutron-debug --os-tenant-name admin --os-username admin probe-delete $probe_id |
|
1342 |
-} |
|
1343 |
- |
|
1344 |
-function setup_neutron_debug { |
|
1345 |
- if [[ "$Q_USE_DEBUG_COMMAND" == "True" ]]; then |
|
1346 |
- public_net_id=`_get_net_id $PUBLIC_NETWORK_NAME` |
|
1347 |
- neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create --device-owner compute $public_net_id |
|
1348 |
- private_net_id=`_get_net_id $PRIVATE_NETWORK_NAME` |
|
1349 |
- neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create --device-owner compute $private_net_id |
|
1350 |
- fi |
|
1351 |
-} |
|
1352 |
- |
|
1353 |
-function teardown_neutron_debug { |
|
1354 |
- delete_probe $PUBLIC_NETWORK_NAME |
|
1355 |
- delete_probe $PRIVATE_NETWORK_NAME |
|
1356 |
-} |
|
1357 |
- |
|
1358 |
-function _get_net_id { |
|
1359 |
- neutron --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD net-list | grep $1 | awk '{print $2}' |
|
1360 |
-} |
|
1361 |
- |
|
1362 |
-function _get_probe_cmd_prefix { |
|
1363 |
- local from_net="$1" |
|
1364 |
- net_id=`_get_net_id $from_net` |
|
1365 |
- probe_id=`neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}' | head -n 1` |
|
1366 |
- echo "$Q_RR_COMMAND ip netns exec qprobe-$probe_id" |
|
1367 |
-} |
|
1368 |
- |
|
1369 |
-function _ping_check_neutron { |
|
1370 |
- local from_net=$1 |
|
1371 |
- local ip=$2 |
|
1372 |
- local timeout_sec=$3 |
|
1373 |
- local expected=${4:-"True"} |
|
1374 |
- local check_command="" |
|
1375 |
- probe_cmd=`_get_probe_cmd_prefix $from_net` |
|
1376 |
- if [[ "$expected" = "True" ]]; then |
|
1377 |
- check_command="while ! $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done" |
|
1378 |
- else |
|
1379 |
- check_command="while $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done" |
|
1380 |
- fi |
|
1381 |
- if ! timeout $timeout_sec sh -c "$check_command"; then |
|
1382 |
- if [[ "$expected" = "True" ]]; then |
|
1383 |
- die $LINENO "[Fail] Couldn't ping server" |
|
1384 |
- else |
|
1385 |
- die $LINENO "[Fail] Could ping server" |
|
1386 |
- fi |
|
1387 |
- fi |
|
1388 |
-} |
|
1389 |
- |
|
1390 |
-# ssh check |
|
1391 |
-function _ssh_check_neutron { |
|
1392 |
- local from_net=$1 |
|
1393 |
- local key_file=$2 |
|
1394 |
- local ip=$3 |
|
1395 |
- local user=$4 |
|
1396 |
- local timeout_sec=$5 |
|
1397 |
- local probe_cmd = "" |
|
1398 |
- probe_cmd=`_get_probe_cmd_prefix $from_net` |
|
1399 |
- if ! timeout $timeout_sec sh -c "while ! $probe_cmd ssh -o StrictHostKeyChecking=no -i $key_file ${user}@$ip echo success; do sleep 1; done"; then |
|
1400 |
- die $LINENO "server didn't become ssh-able!" |
|
1401 |
- fi |
|
1402 |
-} |
|
1403 |
- |
|
1404 |
-# Neutron 3rd party programs |
|
1405 |
-#--------------------------- |
|
1406 |
- |
|
1407 |
-# please refer to ``lib/neutron_thirdparty/README.md`` for details |
|
1408 |
-NEUTRON_THIRD_PARTIES="" |
|
1409 |
-for f in $TOP_DIR/lib/neutron_thirdparty/*; do |
|
1410 |
- third_party=$(basename $f) |
|
1411 |
- if is_service_enabled $third_party; then |
|
1412 |
- source $TOP_DIR/lib/neutron_thirdparty/$third_party |
|
1413 |
- NEUTRON_THIRD_PARTIES="$NEUTRON_THIRD_PARTIES,$third_party" |
|
1414 |
- fi |
|
1415 |
-done |
|
1416 |
- |
|
1417 |
-function _neutron_third_party_do { |
|
1418 |
- for third_party in ${NEUTRON_THIRD_PARTIES//,/ }; do |
|
1419 |
- ${1}_${third_party} |
|
1420 |
- done |
|
1421 |
-} |
|
1422 |
- |
|
1423 |
-# configure_neutron_third_party() - Set config files, create data dirs, etc |
|
1424 |
-function configure_neutron_third_party { |
|
1425 |
- _neutron_third_party_do configure |
|
1426 |
-} |
|
1427 |
- |
|
1428 |
-# init_neutron_third_party() - Initialize databases, etc. |
|
1429 |
-function init_neutron_third_party { |
|
1430 |
- _neutron_third_party_do init |
|
1431 |
-} |
|
1432 |
- |
|
1433 |
-# install_neutron_third_party() - Collect source and prepare |
|
1434 |
-function install_neutron_third_party { |
|
1435 |
- _neutron_third_party_do install |
|
1436 |
-} |
|
1437 |
- |
|
1438 |
-# start_neutron_third_party() - Start running processes, including screen |
|
1439 |
-function start_neutron_third_party { |
|
1440 |
- _neutron_third_party_do start |
|
1441 |
-} |
|
1442 |
- |
|
1443 |
-# stop_neutron_third_party - Stop running processes (non-screen) |
|
1444 |
-function stop_neutron_third_party { |
|
1445 |
- _neutron_third_party_do stop |
|
1446 |
-} |
|
1447 |
- |
|
1448 |
-# check_neutron_third_party_integration() - Check that third party integration is sane |
|
1449 |
-function check_neutron_third_party_integration { |
|
1450 |
- _neutron_third_party_do check |
|
1451 |
-} |
|
1452 |
- |
|
1453 |
-function is_provider_network { |
|
1454 |
- if [ "$Q_USE_PROVIDER_NETWORKING" == "True" ] && [ "$Q_L3_ENABLED" == "False" ]; then |
|
1455 |
- return 0 |
|
1456 |
- fi |
|
1457 |
- return 1 |
|
1458 |
-} |
|
1459 |
- |
|
1460 |
- |
|
1461 |
-# Restore xtrace |
|
1462 |
-$XTRACE |
|
1463 |
- |
|
1464 |
-# Tell emacs to use shell-script-mode |
|
1465 |
-## Local variables: |
|
1466 |
-## mode: shell-script |
|
1467 |
-## End: |
1 | 2 |
new file mode 100755 |
... | ... |
@@ -0,0 +1,1467 @@ |
0 |
+#!/bin/bash |
|
1 |
+# |
|
2 |
+# lib/neutron |
|
3 |
+# functions - functions specific to neutron |
|
4 |
+ |
|
5 |
+# Dependencies: |
|
6 |
+# ``functions`` file |
|
7 |
+# ``DEST`` must be defined |
|
8 |
+# ``STACK_USER`` must be defined |
|
9 |
+ |
|
10 |
+# ``stack.sh`` calls the entry points in this order: |
|
11 |
+# |
|
12 |
+# - install_neutron_agent_packages |
|
13 |
+# - install_neutronclient |
|
14 |
+# - install_neutron |
|
15 |
+# - install_neutron_third_party |
|
16 |
+# - configure_neutron |
|
17 |
+# - init_neutron |
|
18 |
+# - configure_neutron_third_party |
|
19 |
+# - init_neutron_third_party |
|
20 |
+# - start_neutron_third_party |
|
21 |
+# - create_nova_conf_neutron |
|
22 |
+# - start_neutron_service_and_check |
|
23 |
+# - check_neutron_third_party_integration |
|
24 |
+# - start_neutron_agents |
|
25 |
+# - create_neutron_initial_network |
|
26 |
+# - setup_neutron_debug |
|
27 |
+# |
|
28 |
+# ``unstack.sh`` calls the entry points in this order: |
|
29 |
+# |
|
30 |
+# - teardown_neutron_debug |
|
31 |
+# - stop_neutron |
|
32 |
+# - stop_neutron_third_party |
|
33 |
+# - cleanup_neutron |
|
34 |
+ |
|
35 |
+# Functions in lib/neutron are classified into the following categories: |
|
36 |
+# |
|
37 |
+# - entry points (called from stack.sh or unstack.sh) |
|
38 |
+# - internal functions |
|
39 |
+# - neutron exercises |
|
40 |
+# - 3rd party programs |
|
41 |
+ |
|
42 |
+ |
|
43 |
+# Neutron Networking |
|
44 |
+# ------------------ |
|
45 |
+ |
|
46 |
+# Make sure that neutron is enabled in ``ENABLED_SERVICES``. If you want |
|
47 |
+# to run Neutron on this host, make sure that q-svc is also in |
|
48 |
+# ``ENABLED_SERVICES``. |
|
49 |
+# |
|
50 |
+# See "Neutron Network Configuration" below for additional variables |
|
51 |
+# that must be set in localrc for connectivity across hosts with |
|
52 |
+# Neutron. |
|
53 |
+# |
|
54 |
+# With Neutron networking the NETWORK_MANAGER variable is ignored. |
|
55 |
+ |
|
56 |
+# Settings |
|
57 |
+# -------- |
|
58 |
+ |
|
59 |
+# Timeout value in seconds to wait for IPv6 gateway configuration |
|
60 |
+GATEWAY_TIMEOUT=30 |
|
61 |
+ |
|
62 |
+ |
|
63 |
+# Neutron Network Configuration |
|
64 |
+# ----------------------------- |
|
65 |
+ |
|
66 |
+# Subnet IP version |
|
67 |
+IP_VERSION=${IP_VERSION:-4} |
|
68 |
+# Validate IP_VERSION |
|
69 |
+if [[ $IP_VERSION != "4" ]] && [[ $IP_VERSION != "6" ]] && [[ $IP_VERSION != "4+6" ]]; then |
|
70 |
+ die $LINENO "IP_VERSION must be either 4, 6, or 4+6" |
|
71 |
+fi |
|
72 |
+# Gateway and subnet defaults, in case they are not customized in localrc |
|
73 |
+NETWORK_GATEWAY=${NETWORK_GATEWAY:-10.0.0.1} |
|
74 |
+PUBLIC_NETWORK_GATEWAY=${PUBLIC_NETWORK_GATEWAY:-172.24.4.1} |
|
75 |
+PRIVATE_SUBNET_NAME=${PRIVATE_SUBNET_NAME:-"private-subnet"} |
|
76 |
+PUBLIC_SUBNET_NAME=${PUBLIC_SUBNET_NAME:-"public-subnet"} |
|
77 |
+ |
|
78 |
+if is_ssl_enabled_service "neutron" || is_service_enabled tls-proxy; then |
|
79 |
+ Q_PROTOCOL="https" |
|
80 |
+fi |
|
81 |
+ |
|
82 |
+# Generate 40-bit IPv6 Global ID to comply with RFC 4193 |
|
83 |
+IPV6_GLOBAL_ID=`uuidgen | sed s/-//g | cut -c 23- | sed -e "s/\(..\)\(....\)\(....\)/\1:\2:\3/"` |
|
84 |
+ |
|
85 |
+# IPv6 gateway and subnet defaults, in case they are not customized in localrc |
|
86 |
+IPV6_RA_MODE=${IPV6_RA_MODE:-slaac} |
|
87 |
+IPV6_ADDRESS_MODE=${IPV6_ADDRESS_MODE:-slaac} |
|
88 |
+IPV6_PUBLIC_SUBNET_NAME=${IPV6_PUBLIC_SUBNET_NAME:-ipv6-public-subnet} |
|
89 |
+IPV6_PRIVATE_SUBNET_NAME=${IPV6_PRIVATE_SUBNET_NAME:-ipv6-private-subnet} |
|
90 |
+FIXED_RANGE_V6=${FIXED_RANGE_V6:-fd$IPV6_GLOBAL_ID::/64} |
|
91 |
+IPV6_PRIVATE_NETWORK_GATEWAY=${IPV6_PRIVATE_NETWORK_GATEWAY:-fd$IPV6_GLOBAL_ID::1} |
|
92 |
+IPV6_PUBLIC_RANGE=${IPV6_PUBLIC_RANGE:-fe80:cafe:cafe::/64} |
|
93 |
+IPV6_PUBLIC_NETWORK_GATEWAY=${IPV6_PUBLIC_NETWORK_GATEWAY:-fe80:cafe:cafe::2} |
|
94 |
+# IPV6_ROUTER_GW_IP must be defined when IP_VERSION=4+6 as it cannot be |
|
95 |
+# obtained conventionally until the l3-agent has support for dual-stack |
|
96 |
+# TODO (john-davidge) Remove once l3-agent supports dual-stack |
|
97 |
+IPV6_ROUTER_GW_IP=${IPV6_ROUTER_GW_IP:-fe80:cafe:cafe::1} |
|
98 |
+ |
|
99 |
+# Set up default directories |
|
100 |
+GITDIR["python-neutronclient"]=$DEST/python-neutronclient |
|
101 |
+ |
|
102 |
+ |
|
103 |
+NEUTRON_DIR=$DEST/neutron |
|
104 |
+NEUTRON_FWAAS_DIR=$DEST/neutron-fwaas |
|
105 |
+NEUTRON_LBAAS_DIR=$DEST/neutron-lbaas |
|
106 |
+NEUTRON_VPNAAS_DIR=$DEST/neutron-vpnaas |
|
107 |
+NEUTRON_AUTH_CACHE_DIR=${NEUTRON_AUTH_CACHE_DIR:-/var/cache/neutron} |
|
108 |
+ |
|
109 |
+# Support entry points installation of console scripts |
|
110 |
+if [[ -d $NEUTRON_DIR/bin/neutron-server ]]; then |
|
111 |
+ NEUTRON_BIN_DIR=$NEUTRON_DIR/bin |
|
112 |
+else |
|
113 |
+ NEUTRON_BIN_DIR=$(get_python_exec_prefix) |
|
114 |
+fi |
|
115 |
+ |
|
116 |
+NEUTRON_CONF_DIR=/etc/neutron |
|
117 |
+NEUTRON_CONF=$NEUTRON_CONF_DIR/neutron.conf |
|
118 |
+export NEUTRON_TEST_CONFIG_FILE=${NEUTRON_TEST_CONFIG_FILE:-"$NEUTRON_CONF_DIR/debug.ini"} |
|
119 |
+ |
|
120 |
+# Agent binaries. Note, binary paths for other agents are set in per-service |
|
121 |
+# scripts in lib/neutron_plugins/services/ |
|
122 |
+AGENT_DHCP_BINARY="$NEUTRON_BIN_DIR/neutron-dhcp-agent" |
|
123 |
+AGENT_L3_BINARY=${AGENT_L3_BINARY:-"$NEUTRON_BIN_DIR/neutron-l3-agent"} |
|
124 |
+AGENT_META_BINARY="$NEUTRON_BIN_DIR/neutron-metadata-agent" |
|
125 |
+ |
|
126 |
+# Agent config files. Note, plugin-specific Q_PLUGIN_CONF_FILE is set and |
|
127 |
+# loaded from per-plugin scripts in lib/neutron_plugins/ |
|
128 |
+Q_DHCP_CONF_FILE=$NEUTRON_CONF_DIR/dhcp_agent.ini |
|
129 |
+Q_L3_CONF_FILE=$NEUTRON_CONF_DIR/l3_agent.ini |
|
130 |
+Q_FWAAS_CONF_FILE=$NEUTRON_CONF_DIR/fwaas_driver.ini |
|
131 |
+Q_VPN_CONF_FILE=$NEUTRON_CONF_DIR/vpn_agent.ini |
|
132 |
+Q_META_CONF_FILE=$NEUTRON_CONF_DIR/metadata_agent.ini |
|
133 |
+ |
|
134 |
+# Default name for Neutron database |
|
135 |
+Q_DB_NAME=${Q_DB_NAME:-neutron} |
|
136 |
+# Default Neutron Plugin |
|
137 |
+Q_PLUGIN=${Q_PLUGIN:-ml2} |
|
138 |
+# Default Neutron Port |
|
139 |
+Q_PORT=${Q_PORT:-9696} |
|
140 |
+# Default Neutron Internal Port when using TLS proxy |
|
141 |
+Q_PORT_INT=${Q_PORT_INT:-19696} |
|
142 |
+# Default Neutron Host |
|
143 |
+Q_HOST=${Q_HOST:-$SERVICE_HOST} |
|
144 |
+# Default protocol |
|
145 |
+Q_PROTOCOL=${Q_PROTOCOL:-$SERVICE_PROTOCOL} |
|
146 |
+# Default admin username |
|
147 |
+Q_ADMIN_USERNAME=${Q_ADMIN_USERNAME:-neutron} |
|
148 |
+# Default auth strategy |
|
149 |
+Q_AUTH_STRATEGY=${Q_AUTH_STRATEGY:-keystone} |
|
150 |
+# Use namespace or not |
|
151 |
+Q_USE_NAMESPACE=${Q_USE_NAMESPACE:-True} |
|
152 |
+# RHEL's support for namespaces requires using veths with ovs |
|
153 |
+Q_OVS_USE_VETH=${Q_OVS_USE_VETH:-False} |
|
154 |
+Q_USE_ROOTWRAP=${Q_USE_ROOTWRAP:-True} |
|
155 |
+Q_USE_ROOTWRAP_DAEMON=$(trueorfalse True Q_USE_ROOTWRAP_DAEMON) |
|
156 |
+# Meta data IP |
|
157 |
+Q_META_DATA_IP=${Q_META_DATA_IP:-$SERVICE_HOST} |
|
158 |
+# Allow Overlapping IP among subnets |
|
159 |
+Q_ALLOW_OVERLAPPING_IP=${Q_ALLOW_OVERLAPPING_IP:-True} |
|
160 |
+# Use neutron-debug command |
|
161 |
+Q_USE_DEBUG_COMMAND=${Q_USE_DEBUG_COMMAND:-False} |
|
162 |
+# The name of the default q-l3 router |
|
163 |
+Q_ROUTER_NAME=${Q_ROUTER_NAME:-router1} |
|
164 |
+# nova vif driver that all plugins should use |
|
165 |
+NOVA_VIF_DRIVER=${NOVA_VIF_DRIVER:-"nova.virt.libvirt.vif.LibvirtGenericVIFDriver"} |
|
166 |
+Q_NOTIFY_NOVA_PORT_STATUS_CHANGES=${Q_NOTIFY_NOVA_PORT_STATUS_CHANGES:-True} |
|
167 |
+Q_NOTIFY_NOVA_PORT_DATA_CHANGES=${Q_NOTIFY_NOVA_PORT_DATA_CHANGES:-True} |
|
168 |
+VIF_PLUGGING_IS_FATAL=${VIF_PLUGGING_IS_FATAL:-True} |
|
169 |
+VIF_PLUGGING_TIMEOUT=${VIF_PLUGGING_TIMEOUT:-300} |
|
170 |
+# Specify if the initial private and external networks should be created |
|
171 |
+NEUTRON_CREATE_INITIAL_NETWORKS=${NEUTRON_CREATE_INITIAL_NETWORKS:-True} |
|
172 |
+ |
|
173 |
+## Provider Network Information |
|
174 |
+PROVIDER_SUBNET_NAME=${PROVIDER_SUBNET_NAME:-"provider_net"} |
|
175 |
+ |
|
176 |
+# Use flat providernet for public network |
|
177 |
+# |
|
178 |
+# If Q_USE_PROVIDERNET_FOR_PUBLIC=True, use a flat provider network |
|
179 |
+# for external interface of neutron l3-agent. In that case, |
|
180 |
+# PUBLIC_PHYSICAL_NETWORK specifies provider:physical_network value |
|
181 |
+# used for the network. In case of ofagent, you should add the |
|
182 |
+# corresponding entry to your OFAGENT_PHYSICAL_INTERFACE_MAPPINGS. |
|
183 |
+# For openvswitch agent, you should add the corresponding entry to |
|
184 |
+# your OVS_BRIDGE_MAPPINGS. |
|
185 |
+# |
|
186 |
+# eg. (ofagent) |
|
187 |
+# Q_USE_PROVIDERNET_FOR_PUBLIC=True |
|
188 |
+# Q_USE_PUBLIC_VETH=True |
|
189 |
+# PUBLIC_PHYSICAL_NETWORK=public |
|
190 |
+# OFAGENT_PHYSICAL_INTERFACE_MAPPINGS=public:veth-pub-int |
|
191 |
+# |
|
192 |
+# eg. (openvswitch agent) |
|
193 |
+# Q_USE_PROVIDERNET_FOR_PUBLIC=True |
|
194 |
+# PUBLIC_PHYSICAL_NETWORK=public |
|
195 |
+# OVS_BRIDGE_MAPPINGS=public:br-ex |
|
196 |
+Q_USE_PROVIDERNET_FOR_PUBLIC=${Q_USE_PROVIDERNET_FOR_PUBLIC:-False} |
|
197 |
+PUBLIC_PHYSICAL_NETWORK=${PUBLIC_PHYSICAL_NETWORK:-public} |
|
198 |
+ |
|
199 |
+# If Q_USE_PUBLIC_VETH=True, create and use a veth pair instead of |
|
200 |
+# PUBLIC_BRIDGE. This is intended to be used with |
|
201 |
+# Q_USE_PROVIDERNET_FOR_PUBLIC=True. |
|
202 |
+Q_USE_PUBLIC_VETH=${Q_USE_PUBLIC_VETH:-False} |
|
203 |
+Q_PUBLIC_VETH_EX=${Q_PUBLIC_VETH_EX:-veth-pub-ex} |
|
204 |
+Q_PUBLIC_VETH_INT=${Q_PUBLIC_VETH_INT:-veth-pub-int} |
|
205 |
+ |
|
206 |
+# The next two variables are configured by plugin |
|
207 |
+# e.g. _configure_neutron_l3_agent or lib/neutron_plugins/* |
|
208 |
+# |
|
209 |
+# The plugin supports L3. |
|
210 |
+Q_L3_ENABLED=${Q_L3_ENABLED:-False} |
|
211 |
+# L3 routers exist per tenant |
|
212 |
+Q_L3_ROUTER_PER_TENANT=${Q_L3_ROUTER_PER_TENANT:-False} |
|
213 |
+ |
|
214 |
+# List of config file names in addition to the main plugin config file |
|
215 |
+# See _configure_neutron_common() for details about setting it up |
|
216 |
+declare -a Q_PLUGIN_EXTRA_CONF_FILES |
|
217 |
+ |
|
218 |
+# List of (optional) config files for VPN device drivers to use with |
|
219 |
+# the neutron-q-vpn agent |
|
220 |
+declare -a Q_VPN_EXTRA_CONF_FILES |
|
221 |
+ |
|
222 |
+ |
|
223 |
+Q_RR_CONF_FILE=$NEUTRON_CONF_DIR/rootwrap.conf |
|
224 |
+if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then |
|
225 |
+ Q_RR_COMMAND="sudo" |
|
226 |
+else |
|
227 |
+ NEUTRON_ROOTWRAP=$(get_rootwrap_location neutron) |
|
228 |
+ Q_RR_COMMAND="sudo $NEUTRON_ROOTWRAP $Q_RR_CONF_FILE" |
|
229 |
+ if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
230 |
+ Q_RR_DAEMON_COMMAND="sudo $NEUTRON_ROOTWRAP-daemon $Q_RR_CONF_FILE" |
|
231 |
+ fi |
|
232 |
+fi |
|
233 |
+ |
|
234 |
+ |
|
235 |
+# Distributed Virtual Router (DVR) configuration |
|
236 |
+# Can be: |
|
237 |
+# - ``legacy`` - No DVR functionality |
|
238 |
+# - ``dvr_snat`` - Controller or single node DVR |
|
239 |
+# - ``dvr`` - Compute node in multi-node DVR |
|
240 |
+# |
|
241 |
+Q_DVR_MODE=${Q_DVR_MODE:-legacy} |
|
242 |
+if [[ "$Q_DVR_MODE" != "legacy" ]]; then |
|
243 |
+ Q_ML2_PLUGIN_MECHANISM_DRIVERS=openvswitch,linuxbridge,l2population |
|
244 |
+fi |
|
245 |
+ |
|
246 |
+# Provider Network Configurations |
|
247 |
+# -------------------------------- |
|
248 |
+ |
|
249 |
+# The following variables control the Neutron ML2 plugins' allocation |
|
250 |
+# of tenant networks and availability of provider networks. If these |
|
251 |
+# are not configured in ``localrc``, tenant networks will be local to |
|
252 |
+# the host (with no remote connectivity), and no physical resources |
|
253 |
+# will be available for the allocation of provider networks. |
|
254 |
+ |
|
255 |
+# To disable tunnels (GRE or VXLAN) for tenant networks, |
|
256 |
+# set to False in ``local.conf``. |
|
257 |
+# GRE tunnels are only supported by the openvswitch. |
|
258 |
+ENABLE_TENANT_TUNNELS=${ENABLE_TENANT_TUNNELS:-True} |
|
259 |
+ |
|
260 |
+# If using GRE tunnels for tenant networks, specify the range of |
|
261 |
+# tunnel IDs from which tenant networks are allocated. Can be |
|
262 |
+# overriden in ``localrc`` in necesssary. |
|
263 |
+TENANT_TUNNEL_RANGES=${TENANT_TUNNEL_RANGES:-1:1000} |
|
264 |
+ |
|
265 |
+# To use VLANs for tenant networks, set to True in localrc. VLANs |
|
266 |
+# are supported by the ML2 plugins, requiring additional configuration |
|
267 |
+# described below. |
|
268 |
+ENABLE_TENANT_VLANS=${ENABLE_TENANT_VLANS:-False} |
|
269 |
+ |
|
270 |
+# If using VLANs for tenant networks, set in ``localrc`` to specify |
|
271 |
+# the range of VLAN VIDs from which tenant networks are |
|
272 |
+# allocated. An external network switch must be configured to |
|
273 |
+# trunk these VLANs between hosts for multi-host connectivity. |
|
274 |
+# |
|
275 |
+# Example: ``TENANT_VLAN_RANGE=1000:1999`` |
|
276 |
+TENANT_VLAN_RANGE=${TENANT_VLAN_RANGE:-} |
|
277 |
+ |
|
278 |
+# If using VLANs for tenant networks, or if using flat or VLAN |
|
279 |
+# provider networks, set in ``localrc`` to the name of the physical |
|
280 |
+# network, and also configure ``OVS_PHYSICAL_BRIDGE`` for the |
|
281 |
+# openvswitch agent or ``LB_PHYSICAL_INTERFACE`` for the linuxbridge |
|
282 |
+# agent, as described below. |
|
283 |
+# |
|
284 |
+# Example: ``PHYSICAL_NETWORK=default`` |
|
285 |
+PHYSICAL_NETWORK=${PHYSICAL_NETWORK:-} |
|
286 |
+ |
|
287 |
+# With the openvswitch agent, if using VLANs for tenant networks, |
|
288 |
+# or if using flat or VLAN provider networks, set in ``localrc`` to |
|
289 |
+# the name of the OVS bridge to use for the physical network. The |
|
290 |
+# bridge will be created if it does not already exist, but a |
|
291 |
+# physical interface must be manually added to the bridge as a |
|
292 |
+# port for external connectivity. |
|
293 |
+# |
|
294 |
+# Example: ``OVS_PHYSICAL_BRIDGE=br-eth1`` |
|
295 |
+OVS_PHYSICAL_BRIDGE=${OVS_PHYSICAL_BRIDGE:-} |
|
296 |
+ |
|
297 |
+# With the linuxbridge agent, if using VLANs for tenant networks, |
|
298 |
+# or if using flat or VLAN provider networks, set in ``localrc`` to |
|
299 |
+# the name of the network interface to use for the physical |
|
300 |
+# network. |
|
301 |
+# |
|
302 |
+# Example: ``LB_PHYSICAL_INTERFACE=eth1`` |
|
303 |
+LB_PHYSICAL_INTERFACE=${LB_PHYSICAL_INTERFACE:-} |
|
304 |
+ |
|
305 |
+# When Neutron tunnels are enabled it is needed to specify the |
|
306 |
+# IP address of the end point in the local server. This IP is set |
|
307 |
+# by default to the same IP address that the HOST IP. |
|
308 |
+# This variable can be used to specify a different end point IP address |
|
309 |
+# Example: ``TUNNEL_ENDPOINT_IP=1.1.1.1`` |
|
310 |
+TUNNEL_ENDPOINT_IP=${TUNNEL_ENDPOINT_IP:-$HOST_IP} |
|
311 |
+ |
|
312 |
+# With the openvswitch plugin, set to True in ``localrc`` to enable |
|
313 |
+# provider GRE tunnels when ``ENABLE_TENANT_TUNNELS`` is False. |
|
314 |
+# |
|
315 |
+# Example: ``OVS_ENABLE_TUNNELING=True`` |
|
316 |
+OVS_ENABLE_TUNNELING=${OVS_ENABLE_TUNNELING:-$ENABLE_TENANT_TUNNELS} |
|
317 |
+ |
|
318 |
+# Use DHCP agent for providing metadata service in the case of |
|
319 |
+# without L3 agent (No Route Agent), set to True in localrc. |
|
320 |
+ENABLE_ISOLATED_METADATA=${ENABLE_ISOLATED_METADATA:-False} |
|
321 |
+ |
|
322 |
+# Add a static route as dhcp option, so the request to 169.254.169.254 |
|
323 |
+# will be able to reach through a route(DHCP agent) |
|
324 |
+# This option require ENABLE_ISOLATED_METADATA = True |
|
325 |
+ENABLE_METADATA_NETWORK=${ENABLE_METADATA_NETWORK:-False} |
|
326 |
+# Neutron plugin specific functions |
|
327 |
+# --------------------------------- |
|
328 |
+ |
|
329 |
+# Please refer to ``lib/neutron_plugins/README.md`` for details. |
|
330 |
+source $TOP_DIR/lib/neutron_plugins/$Q_PLUGIN |
|
331 |
+ |
|
332 |
+# Agent loadbalancer service plugin functions |
|
333 |
+# ------------------------------------------- |
|
334 |
+ |
|
335 |
+# Hardcoding for 1 service plugin for now |
|
336 |
+source $TOP_DIR/lib/neutron_plugins/services/loadbalancer |
|
337 |
+ |
|
338 |
+# Agent metering service plugin functions |
|
339 |
+# ------------------------------------------- |
|
340 |
+ |
|
341 |
+# Hardcoding for 1 service plugin for now |
|
342 |
+source $TOP_DIR/lib/neutron_plugins/services/metering |
|
343 |
+ |
|
344 |
+# VPN service plugin functions |
|
345 |
+# ------------------------------------------- |
|
346 |
+# Hardcoding for 1 service plugin for now |
|
347 |
+source $TOP_DIR/lib/neutron_plugins/services/vpn |
|
348 |
+ |
|
349 |
+# Firewall Service Plugin functions |
|
350 |
+# --------------------------------- |
|
351 |
+source $TOP_DIR/lib/neutron_plugins/services/firewall |
|
352 |
+ |
|
353 |
+# Use security group or not |
|
354 |
+if has_neutron_plugin_security_group; then |
|
355 |
+ Q_USE_SECGROUP=${Q_USE_SECGROUP:-True} |
|
356 |
+else |
|
357 |
+ Q_USE_SECGROUP=False |
|
358 |
+fi |
|
359 |
+ |
|
360 |
+# Tell Tempest this project is present |
|
361 |
+TEMPEST_SERVICES+=,neutron |
|
362 |
+ |
|
363 |
+ |
|
364 |
+# Save trace setting |
|
365 |
+XTRACE=$(set +o | grep xtrace) |
|
366 |
+set +o xtrace |
|
367 |
+ |
|
368 |
+ |
|
369 |
+# Functions |
|
370 |
+# --------- |
|
371 |
+ |
|
372 |
+function _determine_config_server { |
|
373 |
+ local cfg_file |
|
374 |
+ local opts="--config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE" |
|
375 |
+ for cfg_file in ${Q_PLUGIN_EXTRA_CONF_FILES[@]}; do |
|
376 |
+ opts+=" --config-file /$cfg_file" |
|
377 |
+ done |
|
378 |
+ echo "$opts" |
|
379 |
+} |
|
380 |
+ |
|
381 |
+function _determine_config_vpn { |
|
382 |
+ local cfg_file |
|
383 |
+ local opts="--config-file $NEUTRON_CONF --config-file=$Q_L3_CONF_FILE --config-file=$Q_VPN_CONF_FILE" |
|
384 |
+ if is_service_enabled q-fwaas; then |
|
385 |
+ opts+=" --config-file $Q_FWAAS_CONF_FILE" |
|
386 |
+ fi |
|
387 |
+ for cfg_file in ${Q_VPN_EXTRA_CONF_FILES[@]}; do |
|
388 |
+ opts+=" --config-file $cfg_file" |
|
389 |
+ done |
|
390 |
+ echo "$opts" |
|
391 |
+ |
|
392 |
+} |
|
393 |
+ |
|
394 |
+function _determine_config_l3 { |
|
395 |
+ local opts="--config-file $NEUTRON_CONF --config-file=$Q_L3_CONF_FILE" |
|
396 |
+ if is_service_enabled q-fwaas; then |
|
397 |
+ opts+=" --config-file $Q_FWAAS_CONF_FILE" |
|
398 |
+ fi |
|
399 |
+ echo "$opts" |
|
400 |
+} |
|
401 |
+ |
|
402 |
+# For services and agents that require it, dynamically construct a list of |
|
403 |
+# --config-file arguments that are passed to the binary. |
|
404 |
+function determine_config_files { |
|
405 |
+ local opts="" |
|
406 |
+ case "$1" in |
|
407 |
+ "neutron-server") opts="$(_determine_config_server)" ;; |
|
408 |
+ "neutron-vpn-agent") opts="$(_determine_config_vpn)" ;; |
|
409 |
+ "neutron-l3-agent") opts="$(_determine_config_l3)" ;; |
|
410 |
+ esac |
|
411 |
+ if [ -z "$opts" ] ; then |
|
412 |
+ die $LINENO "Could not determine config files for $1." |
|
413 |
+ fi |
|
414 |
+ echo "$opts" |
|
415 |
+} |
|
416 |
+ |
|
417 |
+# Test if any Neutron services are enabled |
|
418 |
+# is_neutron_enabled |
|
419 |
+function is_neutron_enabled { |
|
420 |
+ [[ ,${ENABLED_SERVICES} =~ ,"q-" ]] && return 0 |
|
421 |
+ return 1 |
|
422 |
+} |
|
423 |
+ |
|
424 |
+# configure_neutron() |
|
425 |
+# Set common config for all neutron server and agents. |
|
426 |
+function configure_neutron { |
|
427 |
+ _configure_neutron_common |
|
428 |
+ iniset_rpc_backend neutron $NEUTRON_CONF |
|
429 |
+ |
|
430 |
+ # goes before q-svc to init Q_SERVICE_PLUGIN_CLASSES |
|
431 |
+ if is_service_enabled q-lbaas; then |
|
432 |
+ _configure_neutron_lbaas |
|
433 |
+ fi |
|
434 |
+ if is_service_enabled q-metering; then |
|
435 |
+ _configure_neutron_metering |
|
436 |
+ fi |
|
437 |
+ if is_service_enabled q-vpn; then |
|
438 |
+ _configure_neutron_vpn |
|
439 |
+ fi |
|
440 |
+ if is_service_enabled q-fwaas; then |
|
441 |
+ _configure_neutron_fwaas |
|
442 |
+ fi |
|
443 |
+ if is_service_enabled q-agt q-svc; then |
|
444 |
+ _configure_neutron_service |
|
445 |
+ fi |
|
446 |
+ if is_service_enabled q-agt; then |
|
447 |
+ _configure_neutron_plugin_agent |
|
448 |
+ fi |
|
449 |
+ if is_service_enabled q-dhcp; then |
|
450 |
+ _configure_neutron_dhcp_agent |
|
451 |
+ fi |
|
452 |
+ if is_service_enabled q-l3; then |
|
453 |
+ _configure_neutron_l3_agent |
|
454 |
+ fi |
|
455 |
+ if is_service_enabled q-meta; then |
|
456 |
+ _configure_neutron_metadata_agent |
|
457 |
+ fi |
|
458 |
+ |
|
459 |
+ if [[ "$Q_DVR_MODE" != "legacy" ]]; then |
|
460 |
+ _configure_dvr |
|
461 |
+ fi |
|
462 |
+ if is_service_enabled ceilometer; then |
|
463 |
+ _configure_neutron_ceilometer_notifications |
|
464 |
+ fi |
|
465 |
+ |
|
466 |
+ _configure_neutron_debug_command |
|
467 |
+} |
|
468 |
+ |
|
469 |
+function create_nova_conf_neutron { |
|
470 |
+ iniset $NOVA_CONF DEFAULT network_api_class "nova.network.neutronv2.api.API" |
|
471 |
+ iniset $NOVA_CONF neutron admin_username "$Q_ADMIN_USERNAME" |
|
472 |
+ iniset $NOVA_CONF neutron admin_password "$SERVICE_PASSWORD" |
|
473 |
+ iniset $NOVA_CONF neutron admin_auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v2.0" |
|
474 |
+ iniset $NOVA_CONF neutron auth_strategy "$Q_AUTH_STRATEGY" |
|
475 |
+ iniset $NOVA_CONF neutron admin_tenant_name "$SERVICE_TENANT_NAME" |
|
476 |
+ iniset $NOVA_CONF neutron region_name "$REGION_NAME" |
|
477 |
+ iniset $NOVA_CONF neutron url "${Q_PROTOCOL}://$Q_HOST:$Q_PORT" |
|
478 |
+ |
|
479 |
+ if [[ "$Q_USE_SECGROUP" == "True" ]]; then |
|
480 |
+ LIBVIRT_FIREWALL_DRIVER=nova.virt.firewall.NoopFirewallDriver |
|
481 |
+ iniset $NOVA_CONF DEFAULT firewall_driver $LIBVIRT_FIREWALL_DRIVER |
|
482 |
+ iniset $NOVA_CONF DEFAULT security_group_api neutron |
|
483 |
+ fi |
|
484 |
+ |
|
485 |
+ # set NOVA_VIF_DRIVER and optionally set options in nova_conf |
|
486 |
+ neutron_plugin_create_nova_conf |
|
487 |
+ |
|
488 |
+ iniset $NOVA_CONF libvirt vif_driver "$NOVA_VIF_DRIVER" |
|
489 |
+ iniset $NOVA_CONF DEFAULT linuxnet_interface_driver "$LINUXNET_VIF_DRIVER" |
|
490 |
+ if is_service_enabled q-meta; then |
|
491 |
+ iniset $NOVA_CONF neutron service_metadata_proxy "True" |
|
492 |
+ fi |
|
493 |
+ |
|
494 |
+ iniset $NOVA_CONF DEFAULT vif_plugging_is_fatal "$VIF_PLUGGING_IS_FATAL" |
|
495 |
+ iniset $NOVA_CONF DEFAULT vif_plugging_timeout "$VIF_PLUGGING_TIMEOUT" |
|
496 |
+} |
|
497 |
+ |
|
498 |
+# create_neutron_cache_dir() - Part of the _neutron_setup_keystone() process |
|
499 |
+function create_neutron_cache_dir { |
|
500 |
+ # Create cache dir |
|
501 |
+ sudo install -d -o $STACK_USER $NEUTRON_AUTH_CACHE_DIR |
|
502 |
+ rm -f $NEUTRON_AUTH_CACHE_DIR/* |
|
503 |
+} |
|
504 |
+ |
|
505 |
+# create_neutron_accounts() - Set up common required neutron accounts |
|
506 |
+ |
|
507 |
+# Tenant User Roles |
|
508 |
+# ------------------------------------------------------------------ |
|
509 |
+# service neutron admin # if enabled |
|
510 |
+ |
|
511 |
+# Migrated from keystone_data.sh |
|
512 |
+function create_neutron_accounts { |
|
513 |
+ if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then |
|
514 |
+ |
|
515 |
+ create_service_user "neutron" |
|
516 |
+ |
|
517 |
+ if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
|
518 |
+ |
|
519 |
+ local neutron_service=$(get_or_create_service "neutron" \ |
|
520 |
+ "network" "Neutron Service") |
|
521 |
+ get_or_create_endpoint $neutron_service \ |
|
522 |
+ "$REGION_NAME" \ |
|
523 |
+ "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \ |
|
524 |
+ "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \ |
|
525 |
+ "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" |
|
526 |
+ fi |
|
527 |
+ fi |
|
528 |
+} |
|
529 |
+ |
|
530 |
+function create_neutron_initial_network { |
|
531 |
+ TENANT_ID=$(openstack project list | grep " demo " | get_field 1) |
|
532 |
+ die_if_not_set $LINENO TENANT_ID "Failure retrieving TENANT_ID for demo" |
|
533 |
+ |
|
534 |
+ # Allow drivers that need to create an initial network to do so here |
|
535 |
+ if type -p neutron_plugin_create_initial_network_profile > /dev/null; then |
|
536 |
+ neutron_plugin_create_initial_network_profile $PHYSICAL_NETWORK |
|
537 |
+ fi |
|
538 |
+ |
|
539 |
+ if is_provider_network; then |
|
540 |
+ die_if_not_set $LINENO PHYSICAL_NETWORK "You must specify the PHYSICAL_NETWORK" |
|
541 |
+ die_if_not_set $LINENO PROVIDER_NETWORK_TYPE "You must specifiy the PROVIDER_NETWORK_TYPE" |
|
542 |
+ NET_ID=$(neutron net-create $PHYSICAL_NETWORK --tenant_id $TENANT_ID --provider:network_type $PROVIDER_NETWORK_TYPE --provider:physical_network "$PHYSICAL_NETWORK" ${SEGMENTATION_ID:+--provider:segmentation_id $SEGMENTATION_ID} --shared | grep ' id ' | get_field 2) |
|
543 |
+ die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PHYSICAL_NETWORK $TENANT_ID" |
|
544 |
+ |
|
545 |
+ if [[ "$IP_VERSION" =~ 4.* ]]; then |
|
546 |
+ SUBNET_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 4 ${ALLOCATION_POOL:+--allocation-pool $ALLOCATION_POOL} --name $PROVIDER_SUBNET_NAME --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE | grep ' id ' | get_field 2) |
|
547 |
+ die_if_not_set $LINENO SUBNET_ID "Failure creating SUBNET_ID for $PROVIDER_SUBNET_NAME $TENANT_ID" |
|
548 |
+ fi |
|
549 |
+ |
|
550 |
+ if [[ "$IP_VERSION" =~ .*6 ]]; then |
|
551 |
+ SUBNET_V6_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 6 --ipv6-address-mode slaac --gateway $V6_NETWORK_GATEWAY --name $PROVIDER_SUBNET_NAME_V6 $NET_ID $FIXED_RANGE_V6 | grep 'id' | get_field 2) |
|
552 |
+ die_if_not_set $LINENO SUBNET_V6_ID "Failure creating SUBNET_V6_ID for $PROVIDER_SUBNET_NAME_V6 $TENANT_ID" |
|
553 |
+ fi |
|
554 |
+ |
|
555 |
+ sudo ip link set $OVS_PHYSICAL_BRIDGE up |
|
556 |
+ sudo ip link set br-int up |
|
557 |
+ sudo ip link set $PUBLIC_INTERFACE up |
|
558 |
+ else |
|
559 |
+ NET_ID=$(neutron net-create --tenant-id $TENANT_ID "$PRIVATE_NETWORK_NAME" | grep ' id ' | get_field 2) |
|
560 |
+ die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PRIVATE_NETWORK_NAME $TENANT_ID" |
|
561 |
+ |
|
562 |
+ if [[ "$IP_VERSION" =~ 4.* ]]; then |
|
563 |
+ # Create IPv4 private subnet |
|
564 |
+ SUBNET_ID=$(_neutron_create_private_subnet_v4) |
|
565 |
+ fi |
|
566 |
+ |
|
567 |
+ if [[ "$IP_VERSION" =~ .*6 ]]; then |
|
568 |
+ # Create IPv6 private subnet |
|
569 |
+ IPV6_SUBNET_ID=$(_neutron_create_private_subnet_v6) |
|
570 |
+ fi |
|
571 |
+ fi |
|
572 |
+ |
|
573 |
+ if [[ "$Q_L3_ENABLED" == "True" ]]; then |
|
574 |
+ # Create a router, and add the private subnet as one of its interfaces |
|
575 |
+ if [[ "$Q_L3_ROUTER_PER_TENANT" == "True" ]]; then |
|
576 |
+ # create a tenant-owned router. |
|
577 |
+ ROUTER_ID=$(neutron router-create --tenant-id $TENANT_ID $Q_ROUTER_NAME | grep ' id ' | get_field 2) |
|
578 |
+ die_if_not_set $LINENO ROUTER_ID "Failure creating ROUTER_ID for $TENANT_ID $Q_ROUTER_NAME" |
|
579 |
+ else |
|
580 |
+ # Plugin only supports creating a single router, which should be admin owned. |
|
581 |
+ ROUTER_ID=$(neutron router-create $Q_ROUTER_NAME | grep ' id ' | get_field 2) |
|
582 |
+ die_if_not_set $LINENO ROUTER_ID "Failure creating ROUTER_ID for $Q_ROUTER_NAME" |
|
583 |
+ fi |
|
584 |
+ |
|
585 |
+ # Create an external network, and a subnet. Configure the external network as router gw |
|
586 |
+ if [ "$Q_USE_PROVIDERNET_FOR_PUBLIC" = "True" ]; then |
|
587 |
+ EXT_NET_ID=$(neutron net-create "$PUBLIC_NETWORK_NAME" -- --router:external=True --provider:network_type=flat --provider:physical_network=${PUBLIC_PHYSICAL_NETWORK} | grep ' id ' | get_field 2) |
|
588 |
+ else |
|
589 |
+ EXT_NET_ID=$(neutron net-create "$PUBLIC_NETWORK_NAME" -- --router:external=True | grep ' id ' | get_field 2) |
|
590 |
+ fi |
|
591 |
+ die_if_not_set $LINENO EXT_NET_ID "Failure creating EXT_NET_ID for $PUBLIC_NETWORK_NAME" |
|
592 |
+ |
|
593 |
+ if [[ "$IP_VERSION" =~ 4.* ]]; then |
|
594 |
+ # Configure router for IPv4 public access |
|
595 |
+ _neutron_configure_router_v4 |
|
596 |
+ fi |
|
597 |
+ |
|
598 |
+ if [[ "$IP_VERSION" =~ .*6 ]]; then |
|
599 |
+ # Configure router for IPv6 public access |
|
600 |
+ _neutron_configure_router_v6 |
|
601 |
+ fi |
|
602 |
+ fi |
|
603 |
+} |
|
604 |
+ |
|
605 |
+# init_neutron() - Initialize databases, etc. |
|
606 |
+function init_neutron { |
|
607 |
+ recreate_database $Q_DB_NAME |
|
608 |
+ # Run Neutron db migrations |
|
609 |
+ $NEUTRON_BIN_DIR/neutron-db-manage --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE upgrade head |
|
610 |
+ for svc in fwaas lbaas vpnaas; do |
|
611 |
+ if [ "$svc" = "vpnaas" ]; then |
|
612 |
+ q_svc="q-vpn" |
|
613 |
+ else |
|
614 |
+ q_svc="q-$svc" |
|
615 |
+ fi |
|
616 |
+ if is_service_enabled $q_svc; then |
|
617 |
+ $NEUTRON_BIN_DIR/neutron-db-manage --service $svc --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE upgrade head |
|
618 |
+ fi |
|
619 |
+ done |
|
620 |
+} |
|
621 |
+ |
|
622 |
+# install_neutron() - Collect source and prepare |
|
623 |
+function install_neutron { |
|
624 |
+ git_clone $NEUTRON_REPO $NEUTRON_DIR $NEUTRON_BRANCH |
|
625 |
+ setup_develop $NEUTRON_DIR |
|
626 |
+ if is_service_enabled q-fwaas; then |
|
627 |
+ git_clone $NEUTRON_FWAAS_REPO $NEUTRON_FWAAS_DIR $NEUTRON_FWAAS_BRANCH |
|
628 |
+ setup_develop $NEUTRON_FWAAS_DIR |
|
629 |
+ fi |
|
630 |
+ if is_service_enabled q-lbaas; then |
|
631 |
+ git_clone $NEUTRON_LBAAS_REPO $NEUTRON_LBAAS_DIR $NEUTRON_LBAAS_BRANCH |
|
632 |
+ setup_develop $NEUTRON_LBAAS_DIR |
|
633 |
+ fi |
|
634 |
+ if is_service_enabled q-vpn; then |
|
635 |
+ git_clone $NEUTRON_VPNAAS_REPO $NEUTRON_VPNAAS_DIR $NEUTRON_VPNAAS_BRANCH |
|
636 |
+ setup_develop $NEUTRON_VPNAAS_DIR |
|
637 |
+ fi |
|
638 |
+ |
|
639 |
+ if [ "$VIRT_DRIVER" == 'xenserver' ]; then |
|
640 |
+ local dom0_ip |
|
641 |
+ dom0_ip=$(echo "$XENAPI_CONNECTION_URL" | cut -d "/" -f 3-) |
|
642 |
+ |
|
643 |
+ local ssh_dom0 |
|
644 |
+ ssh_dom0="sudo -u $DOMZERO_USER ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@$dom0_ip" |
|
645 |
+ |
|
646 |
+ # Find where the plugins should go in dom0 |
|
647 |
+ local xen_functions |
|
648 |
+ xen_functions=$(cat $TOP_DIR/tools/xen/functions) |
|
649 |
+ local plugin_dir |
|
650 |
+ plugin_dir=$($ssh_dom0 "$xen_functions; set -eux; xapi_plugin_location") |
|
651 |
+ |
|
652 |
+ # install neutron plugins to dom0 |
|
653 |
+ tar -czf - -C $NEUTRON_DIR/neutron/plugins/openvswitch/agent/xenapi/etc/xapi.d/plugins/ ./ | |
|
654 |
+ $ssh_dom0 "tar -xzf - -C $plugin_dir && chmod a+x $plugin_dir/*" |
|
655 |
+ fi |
|
656 |
+} |
|
657 |
+ |
|
658 |
+# install_neutronclient() - Collect source and prepare |
|
659 |
+function install_neutronclient { |
|
660 |
+ if use_library_from_git "python-neutronclient"; then |
|
661 |
+ git_clone_by_name "python-neutronclient" |
|
662 |
+ setup_dev_lib "python-neutronclient" |
|
663 |
+ sudo install -D -m 0644 -o $STACK_USER {${GITDIR["python-neutronclient"]}/tools/,/etc/bash_completion.d/}neutron.bash_completion |
|
664 |
+ fi |
|
665 |
+} |
|
666 |
+ |
|
667 |
+# install_neutron_agent_packages() - Collect source and prepare |
|
668 |
+function install_neutron_agent_packages { |
|
669 |
+ # radvd doesn't come with the OS. Install it if the l3 service is enabled. |
|
670 |
+ if is_service_enabled q-l3; then |
|
671 |
+ install_package radvd |
|
672 |
+ fi |
|
673 |
+ # install packages that are specific to plugin agent(s) |
|
674 |
+ if is_service_enabled q-agt q-dhcp q-l3; then |
|
675 |
+ neutron_plugin_install_agent_packages |
|
676 |
+ fi |
|
677 |
+ |
|
678 |
+ if is_service_enabled q-lbaas; then |
|
679 |
+ neutron_agent_lbaas_install_agent_packages |
|
680 |
+ fi |
|
681 |
+} |
|
682 |
+ |
|
683 |
+# Start running processes, including screen |
|
684 |
+function start_neutron_service_and_check { |
|
685 |
+ local cfg_file_options="$(determine_config_files neutron-server)" |
|
686 |
+ local service_port=$Q_PORT |
|
687 |
+ local service_protocol=$Q_PROTOCOL |
|
688 |
+ if is_service_enabled tls-proxy; then |
|
689 |
+ service_port=$Q_PORT_INT |
|
690 |
+ service_protocol="http" |
|
691 |
+ fi |
|
692 |
+ # Start the Neutron service |
|
693 |
+ run_process q-svc "python $NEUTRON_BIN_DIR/neutron-server $cfg_file_options" |
|
694 |
+ echo "Waiting for Neutron to start..." |
|
695 |
+ if is_ssl_enabled_service "neutron"; then |
|
696 |
+ ssl_ca="--ca-certificate=${SSL_BUNDLE_FILE}" |
|
697 |
+ fi |
|
698 |
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget ${ssl_ca} --no-proxy -q -O- $service_protocol://$Q_HOST:$service_port; do sleep 1; done"; then |
|
699 |
+ die $LINENO "Neutron did not start" |
|
700 |
+ fi |
|
701 |
+ # Start proxy if enabled |
|
702 |
+ if is_service_enabled tls-proxy; then |
|
703 |
+ start_tls_proxy '*' $Q_PORT $Q_HOST $Q_PORT_INT & |
|
704 |
+ fi |
|
705 |
+} |
|
706 |
+ |
|
707 |
+# Start running processes, including screen |
|
708 |
+function start_neutron_agents { |
|
709 |
+ # Start up the neutron agents if enabled |
|
710 |
+ run_process q-agt "python $AGENT_BINARY --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE" |
|
711 |
+ run_process q-dhcp "python $AGENT_DHCP_BINARY --config-file $NEUTRON_CONF --config-file=$Q_DHCP_CONF_FILE" |
|
712 |
+ |
|
713 |
+ if is_provider_network; then |
|
714 |
+ sudo ovs-vsctl --no-wait -- --may-exist add-port $OVS_PHYSICAL_BRIDGE $PUBLIC_INTERFACE |
|
715 |
+ sudo ip link set $OVS_PHYSICAL_BRIDGE up |
|
716 |
+ sudo ip link set br-int up |
|
717 |
+ sudo ip link set $PUBLIC_INTERFACE up |
|
718 |
+ if is_ironic_hardware; then |
|
719 |
+ for IP in $(ip addr show dev $PUBLIC_INTERFACE | grep ' inet ' | awk '{print $2}'); do |
|
720 |
+ sudo ip addr del $IP dev $PUBLIC_INTERFACE |
|
721 |
+ sudo ip addr add $IP dev $OVS_PHYSICAL_BRIDGE |
|
722 |
+ done |
|
723 |
+ sudo route add -net $FIXED_RANGE gw $NETWORK_GATEWAY dev $OVS_PHYSICAL_BRIDGE |
|
724 |
+ fi |
|
725 |
+ fi |
|
726 |
+ |
|
727 |
+ if is_service_enabled q-vpn; then |
|
728 |
+ run_process q-vpn "$AGENT_VPN_BINARY $(determine_config_files neutron-vpn-agent)" |
|
729 |
+ else |
|
730 |
+ run_process q-l3 "python $AGENT_L3_BINARY $(determine_config_files neutron-l3-agent)" |
|
731 |
+ fi |
|
732 |
+ |
|
733 |
+ run_process q-meta "python $AGENT_META_BINARY --config-file $NEUTRON_CONF --config-file=$Q_META_CONF_FILE" |
|
734 |
+ |
|
735 |
+ if [ "$VIRT_DRIVER" = 'xenserver' ]; then |
|
736 |
+ # For XenServer, start an agent for the domU openvswitch |
|
737 |
+ run_process q-domua "python $AGENT_BINARY --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE.domU" |
|
738 |
+ fi |
|
739 |
+ |
|
740 |
+ if is_service_enabled q-lbaas; then |
|
741 |
+ run_process q-lbaas "python $AGENT_LBAAS_BINARY --config-file $NEUTRON_CONF --config-file=$LBAAS_AGENT_CONF_FILENAME" |
|
742 |
+ fi |
|
743 |
+ |
|
744 |
+ if is_service_enabled q-metering; then |
|
745 |
+ run_process q-metering "python $AGENT_METERING_BINARY --config-file $NEUTRON_CONF --config-file $METERING_AGENT_CONF_FILENAME" |
|
746 |
+ fi |
|
747 |
+} |
|
748 |
+ |
|
749 |
+# stop_neutron() - Stop running processes (non-screen) |
|
750 |
+function stop_neutron { |
|
751 |
+ if is_service_enabled q-dhcp; then |
|
752 |
+ stop_process q-dhcp |
|
753 |
+ pid=$(ps aux | awk '/[d]nsmasq.+interface=(tap|ns-)/ { print $2 }') |
|
754 |
+ [ ! -z "$pid" ] && sudo kill -9 $pid |
|
755 |
+ fi |
|
756 |
+ |
|
757 |
+ stop_process q-svc |
|
758 |
+ stop_process q-l3 |
|
759 |
+ |
|
760 |
+ if is_service_enabled q-meta; then |
|
761 |
+ sudo pkill -9 -f neutron-ns-metadata-proxy || : |
|
762 |
+ stop_process q-meta |
|
763 |
+ fi |
|
764 |
+ |
|
765 |
+ stop_process q-agt |
|
766 |
+ |
|
767 |
+ if is_service_enabled q-lbaas; then |
|
768 |
+ neutron_lbaas_stop |
|
769 |
+ fi |
|
770 |
+ if is_service_enabled q-fwaas; then |
|
771 |
+ neutron_fwaas_stop |
|
772 |
+ fi |
|
773 |
+ if is_service_enabled q-vpn; then |
|
774 |
+ neutron_vpn_stop |
|
775 |
+ fi |
|
776 |
+ if is_service_enabled q-metering; then |
|
777 |
+ neutron_metering_stop |
|
778 |
+ fi |
|
779 |
+} |
|
780 |
+ |
|
781 |
+# cleanup_neutron() - Remove residual data files, anything left over from previous |
|
782 |
+# runs that a clean run would need to clean up |
|
783 |
+function cleanup_neutron { |
|
784 |
+ if is_provider_network && is_ironic_hardware; then |
|
785 |
+ for IP in $(ip addr show dev $OVS_PHYSICAL_BRIDGE | grep ' inet ' | awk '{print $2}'); do |
|
786 |
+ sudo ip addr del $IP dev $OVS_PHYSICAL_BRIDGE |
|
787 |
+ sudo ip addr add $IP dev $PUBLIC_INTERFACE |
|
788 |
+ done |
|
789 |
+ sudo route del -net $FIXED_RANGE gw $NETWORK_GATEWAY dev $OVS_PHYSICAL_BRIDGE |
|
790 |
+ fi |
|
791 |
+ |
|
792 |
+ if is_neutron_ovs_base_plugin; then |
|
793 |
+ neutron_ovs_base_cleanup |
|
794 |
+ fi |
|
795 |
+ |
|
796 |
+ # delete all namespaces created by neutron |
|
797 |
+ for ns in $(sudo ip netns list | grep -o -E '(qdhcp|qrouter|qlbaas|fip|snat)-[0-9a-f-]*'); do |
|
798 |
+ sudo ip netns delete ${ns} |
|
799 |
+ done |
|
800 |
+} |
|
801 |
+ |
|
802 |
+ |
|
803 |
+function _create_neutron_conf_dir { |
|
804 |
+ # Put config files in ``NEUTRON_CONF_DIR`` for everyone to find |
|
805 |
+ sudo install -d -o $STACK_USER $NEUTRON_CONF_DIR |
|
806 |
+} |
|
807 |
+ |
|
808 |
+# _configure_neutron_common() |
|
809 |
+# Set common config for all neutron server and agents. |
|
810 |
+# This MUST be called before other ``_configure_neutron_*`` functions. |
|
811 |
+function _configure_neutron_common { |
|
812 |
+ _create_neutron_conf_dir |
|
813 |
+ |
|
814 |
+ cp $NEUTRON_DIR/etc/neutron.conf $NEUTRON_CONF |
|
815 |
+ |
|
816 |
+ # Set plugin-specific variables ``Q_DB_NAME``, ``Q_PLUGIN_CLASS``. |
|
817 |
+ # For main plugin config file, set ``Q_PLUGIN_CONF_PATH``, ``Q_PLUGIN_CONF_FILENAME``. |
|
818 |
+ # For addition plugin config files, set ``Q_PLUGIN_EXTRA_CONF_PATH``, |
|
819 |
+ # ``Q_PLUGIN_EXTRA_CONF_FILES``. For example: |
|
820 |
+ # |
|
821 |
+ # ``Q_PLUGIN_EXTRA_CONF_FILES=(file1, file2)`` |
|
822 |
+ neutron_plugin_configure_common |
|
823 |
+ |
|
824 |
+ if [[ "$Q_PLUGIN_CONF_PATH" == '' || "$Q_PLUGIN_CONF_FILENAME" == '' || "$Q_PLUGIN_CLASS" == '' ]]; then |
|
825 |
+ die $LINENO "Neutron plugin not set.. exiting" |
|
826 |
+ fi |
|
827 |
+ |
|
828 |
+ # If needed, move config file from ``$NEUTRON_DIR/etc/neutron`` to ``NEUTRON_CONF_DIR`` |
|
829 |
+ mkdir -p /$Q_PLUGIN_CONF_PATH |
|
830 |
+ Q_PLUGIN_CONF_FILE=$Q_PLUGIN_CONF_PATH/$Q_PLUGIN_CONF_FILENAME |
|
831 |
+ cp $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE /$Q_PLUGIN_CONF_FILE |
|
832 |
+ |
|
833 |
+ iniset $NEUTRON_CONF database connection `database_connection_url $Q_DB_NAME` |
|
834 |
+ iniset $NEUTRON_CONF DEFAULT state_path $DATA_DIR/neutron |
|
835 |
+ iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG |
|
836 |
+ # If addition config files are set, make sure their path name is set as well |
|
837 |
+ if [[ ${#Q_PLUGIN_EXTRA_CONF_FILES[@]} > 0 && $Q_PLUGIN_EXTRA_CONF_PATH == '' ]]; then |
|
838 |
+ die $LINENO "Neutron additional plugin config not set.. exiting" |
|
839 |
+ fi |
|
840 |
+ |
|
841 |
+ # If additional config files exist, copy them over to neutron configuration |
|
842 |
+ # directory |
|
843 |
+ if [[ $Q_PLUGIN_EXTRA_CONF_PATH != '' ]]; then |
|
844 |
+ local f |
|
845 |
+ for (( f=0; $f < ${#Q_PLUGIN_EXTRA_CONF_FILES[@]}; f+=1 )); do |
|
846 |
+ Q_PLUGIN_EXTRA_CONF_FILES[$f]=$Q_PLUGIN_EXTRA_CONF_PATH/${Q_PLUGIN_EXTRA_CONF_FILES[$f]} |
|
847 |
+ done |
|
848 |
+ fi |
|
849 |
+ |
|
850 |
+ if [ "$VIRT_DRIVER" = 'fake' ]; then |
|
851 |
+ # Disable arbitrary limits |
|
852 |
+ iniset $NEUTRON_CONF quotas quota_network -1 |
|
853 |
+ iniset $NEUTRON_CONF quotas quota_subnet -1 |
|
854 |
+ iniset $NEUTRON_CONF quotas quota_port -1 |
|
855 |
+ iniset $NEUTRON_CONF quotas quota_security_group -1 |
|
856 |
+ iniset $NEUTRON_CONF quotas quota_security_group_rule -1 |
|
857 |
+ fi |
|
858 |
+ |
|
859 |
+ # Format logging |
|
860 |
+ if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then |
|
861 |
+ setup_colorized_logging $NEUTRON_CONF DEFAULT project_id |
|
862 |
+ else |
|
863 |
+ # Show user_name and project_name by default like in nova |
|
864 |
+ iniset $NEUTRON_CONF DEFAULT logging_context_format_string "%(asctime)s.%(msecs)03d %(levelname)s %(name)s [%(request_id)s %(user_name)s %(project_name)s] %(instance)s%(message)s" |
|
865 |
+ fi |
|
866 |
+ |
|
867 |
+ if is_service_enabled tls-proxy; then |
|
868 |
+ # Set the service port for a proxy to take the original |
|
869 |
+ iniset $NEUTRON_CONF DEFAULT bind_port "$Q_PORT_INT" |
|
870 |
+ fi |
|
871 |
+ |
|
872 |
+ if is_ssl_enabled_service "nova"; then |
|
873 |
+ iniset $NEUTRON_CONF nova cafile $SSL_BUNDLE_FILE |
|
874 |
+ fi |
|
875 |
+ |
|
876 |
+ if is_ssl_enabled_service "neutron"; then |
|
877 |
+ ensure_certificates NEUTRON |
|
878 |
+ |
|
879 |
+ iniset $NEUTRON_CONF DEFAULT use_ssl True |
|
880 |
+ iniset $NEUTRON_CONF DEFAULT ssl_cert_file "$NEUTRON_SSL_CERT" |
|
881 |
+ iniset $NEUTRON_CONF DEFAULT ssl_key_file "$NEUTRON_SSL_KEY" |
|
882 |
+ fi |
|
883 |
+ |
|
884 |
+ _neutron_setup_rootwrap |
|
885 |
+} |
|
886 |
+ |
|
887 |
+function _configure_neutron_debug_command { |
|
888 |
+ if [[ "$Q_USE_DEBUG_COMMAND" != "True" ]]; then |
|
889 |
+ return |
|
890 |
+ fi |
|
891 |
+ |
|
892 |
+ cp $NEUTRON_DIR/etc/l3_agent.ini $NEUTRON_TEST_CONFIG_FILE |
|
893 |
+ |
|
894 |
+ iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT verbose False |
|
895 |
+ iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT debug False |
|
896 |
+ iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE |
|
897 |
+ iniset $NEUTRON_TEST_CONFIG_FILE agent root_helper "$Q_RR_COMMAND" |
|
898 |
+ if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
899 |
+ iniset $NEUTRON_TEST_CONFIG_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
900 |
+ fi |
|
901 |
+ |
|
902 |
+ _neutron_setup_interface_driver $NEUTRON_TEST_CONFIG_FILE |
|
903 |
+ |
|
904 |
+ neutron_plugin_configure_debug_command |
|
905 |
+} |
|
906 |
+ |
|
907 |
+function _configure_neutron_dhcp_agent { |
|
908 |
+ |
|
909 |
+ cp $NEUTRON_DIR/etc/dhcp_agent.ini $Q_DHCP_CONF_FILE |
|
910 |
+ |
|
911 |
+ iniset $Q_DHCP_CONF_FILE DEFAULT verbose True |
|
912 |
+ iniset $Q_DHCP_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
913 |
+ iniset $Q_DHCP_CONF_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE |
|
914 |
+ iniset $Q_DHCP_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND" |
|
915 |
+ if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
916 |
+ iniset $NEUTRON_TEST_CONFIG_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
917 |
+ fi |
|
918 |
+ |
|
919 |
+ if ! is_service_enabled q-l3; then |
|
920 |
+ if [[ "$ENABLE_ISOLATED_METADATA" = "True" ]]; then |
|
921 |
+ iniset $Q_DHCP_CONF_FILE DEFAULT enable_isolated_metadata $ENABLE_ISOLATED_METADATA |
|
922 |
+ iniset $Q_DHCP_CONF_FILE DEFAULT enable_metadata_network $ENABLE_METADATA_NETWORK |
|
923 |
+ else |
|
924 |
+ if [[ "$ENABLE_METADATA_NETWORK" = "True" ]]; then |
|
925 |
+ die "$LINENO" "Enable isolated metadata is a must for metadata network" |
|
926 |
+ fi |
|
927 |
+ fi |
|
928 |
+ fi |
|
929 |
+ |
|
930 |
+ _neutron_setup_interface_driver $Q_DHCP_CONF_FILE |
|
931 |
+ |
|
932 |
+ neutron_plugin_configure_dhcp_agent |
|
933 |
+} |
|
934 |
+ |
|
935 |
+function _configure_neutron_l3_agent { |
|
936 |
+ local cfg_file |
|
937 |
+ Q_L3_ENABLED=True |
|
938 |
+ # for l3-agent, only use per tenant router if we have namespaces |
|
939 |
+ Q_L3_ROUTER_PER_TENANT=$Q_USE_NAMESPACE |
|
940 |
+ |
|
941 |
+ if is_service_enabled q-vpn; then |
|
942 |
+ neutron_vpn_configure_agent |
|
943 |
+ fi |
|
944 |
+ |
|
945 |
+ cp $NEUTRON_DIR/etc/l3_agent.ini $Q_L3_CONF_FILE |
|
946 |
+ |
|
947 |
+ iniset $Q_L3_CONF_FILE DEFAULT verbose True |
|
948 |
+ iniset $Q_L3_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
949 |
+ iniset $Q_L3_CONF_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE |
|
950 |
+ iniset $Q_L3_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND" |
|
951 |
+ if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
952 |
+ iniset $Q_L3_CONF_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
953 |
+ fi |
|
954 |
+ |
|
955 |
+ _neutron_setup_interface_driver $Q_L3_CONF_FILE |
|
956 |
+ |
|
957 |
+ neutron_plugin_configure_l3_agent |
|
958 |
+} |
|
959 |
+ |
|
960 |
+function _configure_neutron_metadata_agent { |
|
961 |
+ cp $NEUTRON_DIR/etc/metadata_agent.ini $Q_META_CONF_FILE |
|
962 |
+ |
|
963 |
+ iniset $Q_META_CONF_FILE DEFAULT verbose True |
|
964 |
+ iniset $Q_META_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
965 |
+ iniset $Q_META_CONF_FILE DEFAULT nova_metadata_ip $Q_META_DATA_IP |
|
966 |
+ iniset $Q_META_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND" |
|
967 |
+ if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
968 |
+ iniset $Q_META_CONF_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
969 |
+ fi |
|
970 |
+ |
|
971 |
+ # Configures keystone for metadata_agent |
|
972 |
+ # The third argument "True" sets auth_url needed to communicate with keystone |
|
973 |
+ _neutron_setup_keystone $Q_META_CONF_FILE DEFAULT True |
|
974 |
+ |
|
975 |
+} |
|
976 |
+ |
|
977 |
+function _configure_neutron_ceilometer_notifications { |
|
978 |
+ iniset $NEUTRON_CONF DEFAULT notification_driver messaging |
|
979 |
+} |
|
980 |
+ |
|
981 |
+function _configure_neutron_lbaas { |
|
982 |
+ if [ -f $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf ]; then |
|
983 |
+ cp $NEUTRON_LBAAS_DIR/etc/neutron_lbaas.conf $NEUTRON_CONF_DIR |
|
984 |
+ fi |
|
985 |
+ neutron_agent_lbaas_configure_common |
|
986 |
+ neutron_agent_lbaas_configure_agent |
|
987 |
+} |
|
988 |
+ |
|
989 |
+function _configure_neutron_metering { |
|
990 |
+ neutron_agent_metering_configure_common |
|
991 |
+ neutron_agent_metering_configure_agent |
|
992 |
+} |
|
993 |
+ |
|
994 |
+function _configure_neutron_fwaas { |
|
995 |
+ if [ -f $NEUTRON_FWAAS_DIR/etc/neutron_fwaas.conf ]; then |
|
996 |
+ cp $NEUTRON_FWAAS_DIR/etc/neutron_fwaas.conf $NEUTRON_CONF_DIR |
|
997 |
+ fi |
|
998 |
+ neutron_fwaas_configure_common |
|
999 |
+ neutron_fwaas_configure_driver |
|
1000 |
+} |
|
1001 |
+ |
|
1002 |
+function _configure_neutron_vpn { |
|
1003 |
+ if [ -f $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf ]; then |
|
1004 |
+ cp $NEUTRON_VPNAAS_DIR/etc/neutron_vpnaas.conf $NEUTRON_CONF_DIR |
|
1005 |
+ fi |
|
1006 |
+ neutron_vpn_install_agent_packages |
|
1007 |
+ neutron_vpn_configure_common |
|
1008 |
+} |
|
1009 |
+ |
|
1010 |
+function _configure_dvr { |
|
1011 |
+ iniset $NEUTRON_CONF DEFAULT router_distributed True |
|
1012 |
+ iniset $Q_L3_CONF_FILE DEFAULT agent_mode $Q_DVR_MODE |
|
1013 |
+} |
|
1014 |
+ |
|
1015 |
+ |
|
1016 |
+# _configure_neutron_plugin_agent() - Set config files for neutron plugin agent |
|
1017 |
+# It is called when q-agt is enabled. |
|
1018 |
+function _configure_neutron_plugin_agent { |
|
1019 |
+ # Specify the default root helper prior to agent configuration to |
|
1020 |
+ # ensure that an agent's configuration can override the default |
|
1021 |
+ iniset /$Q_PLUGIN_CONF_FILE agent root_helper "$Q_RR_COMMAND" |
|
1022 |
+ if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
1023 |
+ iniset /$Q_PLUGIN_CONF_FILE agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
1024 |
+ fi |
|
1025 |
+ iniset $NEUTRON_CONF DEFAULT verbose True |
|
1026 |
+ iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
1027 |
+ |
|
1028 |
+ # Configure agent for plugin |
|
1029 |
+ neutron_plugin_configure_plugin_agent |
|
1030 |
+} |
|
1031 |
+ |
|
1032 |
+# _configure_neutron_service() - Set config files for neutron service |
|
1033 |
+# It is called when q-svc is enabled. |
|
1034 |
+function _configure_neutron_service { |
|
1035 |
+ Q_API_PASTE_FILE=$NEUTRON_CONF_DIR/api-paste.ini |
|
1036 |
+ Q_POLICY_FILE=$NEUTRON_CONF_DIR/policy.json |
|
1037 |
+ |
|
1038 |
+ cp $NEUTRON_DIR/etc/api-paste.ini $Q_API_PASTE_FILE |
|
1039 |
+ cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE |
|
1040 |
+ |
|
1041 |
+ # allow neutron user to administer neutron to match neutron account |
|
1042 |
+ sed -i 's/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $Q_POLICY_FILE |
|
1043 |
+ |
|
1044 |
+ # Update either configuration file with plugin |
|
1045 |
+ iniset $NEUTRON_CONF DEFAULT core_plugin $Q_PLUGIN_CLASS |
|
1046 |
+ |
|
1047 |
+ if [[ $Q_SERVICE_PLUGIN_CLASSES != '' ]]; then |
|
1048 |
+ iniset $NEUTRON_CONF DEFAULT service_plugins $Q_SERVICE_PLUGIN_CLASSES |
|
1049 |
+ fi |
|
1050 |
+ |
|
1051 |
+ iniset $NEUTRON_CONF DEFAULT verbose True |
|
1052 |
+ iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL |
|
1053 |
+ iniset $NEUTRON_CONF DEFAULT policy_file $Q_POLICY_FILE |
|
1054 |
+ iniset $NEUTRON_CONF DEFAULT allow_overlapping_ips $Q_ALLOW_OVERLAPPING_IP |
|
1055 |
+ |
|
1056 |
+ iniset $NEUTRON_CONF DEFAULT auth_strategy $Q_AUTH_STRATEGY |
|
1057 |
+ _neutron_setup_keystone $NEUTRON_CONF keystone_authtoken |
|
1058 |
+ |
|
1059 |
+ # Configuration for neutron notifations to nova. |
|
1060 |
+ iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_status_changes $Q_NOTIFY_NOVA_PORT_STATUS_CHANGES |
|
1061 |
+ iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_data_changes $Q_NOTIFY_NOVA_PORT_DATA_CHANGES |
|
1062 |
+ |
|
1063 |
+ iniset $NEUTRON_CONF nova auth_plugin password |
|
1064 |
+ iniset $NEUTRON_CONF nova auth_url $KEYSTONE_AUTH_URI |
|
1065 |
+ iniset $NEUTRON_CONF nova username nova |
|
1066 |
+ iniset $NEUTRON_CONF nova password $SERVICE_PASSWORD |
|
1067 |
+ iniset $NEUTRON_CONF nova user_domain_id default |
|
1068 |
+ iniset $NEUTRON_CONF nova project_name $SERVICE_TENANT_NAME |
|
1069 |
+ iniset $NEUTRON_CONF nova project_domain_id default |
|
1070 |
+ iniset $NEUTRON_CONF nova region_name $REGION_NAME |
|
1071 |
+ |
|
1072 |
+ # Configure plugin |
|
1073 |
+ neutron_plugin_configure_service |
|
1074 |
+} |
|
1075 |
+ |
|
1076 |
+# Utility Functions |
|
1077 |
+#------------------ |
|
1078 |
+ |
|
1079 |
+# _neutron_service_plugin_class_add() - add service plugin class |
|
1080 |
+function _neutron_service_plugin_class_add { |
|
1081 |
+ local service_plugin_class=$1 |
|
1082 |
+ if [[ $Q_SERVICE_PLUGIN_CLASSES == '' ]]; then |
|
1083 |
+ Q_SERVICE_PLUGIN_CLASSES=$service_plugin_class |
|
1084 |
+ elif [[ ! ,${Q_SERVICE_PLUGIN_CLASSES}, =~ ,${service_plugin_class}, ]]; then |
|
1085 |
+ Q_SERVICE_PLUGIN_CLASSES="$Q_SERVICE_PLUGIN_CLASSES,$service_plugin_class" |
|
1086 |
+ fi |
|
1087 |
+} |
|
1088 |
+ |
|
1089 |
+# _neutron_deploy_rootwrap_filters() - deploy rootwrap filters to $Q_CONF_ROOTWRAP_D (owned by root). |
|
1090 |
+function _neutron_deploy_rootwrap_filters { |
|
1091 |
+ local srcdir=$1 |
|
1092 |
+ sudo install -d -o root -m 755 $Q_CONF_ROOTWRAP_D |
|
1093 |
+ sudo install -o root -m 644 $srcdir/etc/neutron/rootwrap.d/* $Q_CONF_ROOTWRAP_D/ |
|
1094 |
+} |
|
1095 |
+ |
|
1096 |
+# _neutron_setup_rootwrap() - configure Neutron's rootwrap |
|
1097 |
+function _neutron_setup_rootwrap { |
|
1098 |
+ if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then |
|
1099 |
+ return |
|
1100 |
+ fi |
|
1101 |
+ # Wipe any existing ``rootwrap.d`` files first |
|
1102 |
+ Q_CONF_ROOTWRAP_D=$NEUTRON_CONF_DIR/rootwrap.d |
|
1103 |
+ if [[ -d $Q_CONF_ROOTWRAP_D ]]; then |
|
1104 |
+ sudo rm -rf $Q_CONF_ROOTWRAP_D |
|
1105 |
+ fi |
|
1106 |
+ |
|
1107 |
+ _neutron_deploy_rootwrap_filters $NEUTRON_DIR |
|
1108 |
+ |
|
1109 |
+ # Set up ``rootwrap.conf``, pointing to ``$NEUTRON_CONF_DIR/rootwrap.d`` |
|
1110 |
+ # location moved in newer versions, prefer new location |
|
1111 |
+ if test -r $NEUTRON_DIR/etc/neutron/rootwrap.conf; then |
|
1112 |
+ sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/neutron/rootwrap.conf $Q_RR_CONF_FILE |
|
1113 |
+ else |
|
1114 |
+ sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/rootwrap.conf $Q_RR_CONF_FILE |
|
1115 |
+ fi |
|
1116 |
+ sudo sed -e "s:^filters_path=.*$:filters_path=$Q_CONF_ROOTWRAP_D:" -i $Q_RR_CONF_FILE |
|
1117 |
+ # Specify ``rootwrap.conf`` as first parameter to neutron-rootwrap |
|
1118 |
+ ROOTWRAP_SUDOER_CMD="$NEUTRON_ROOTWRAP $Q_RR_CONF_FILE *" |
|
1119 |
+ ROOTWRAP_DAEMON_SUDOER_CMD="$NEUTRON_ROOTWRAP-daemon $Q_RR_CONF_FILE" |
|
1120 |
+ |
|
1121 |
+ # Set up the rootwrap sudoers for neutron |
|
1122 |
+ TEMPFILE=`mktemp` |
|
1123 |
+ echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_SUDOER_CMD" >$TEMPFILE |
|
1124 |
+ echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_DAEMON_SUDOER_CMD" >>$TEMPFILE |
|
1125 |
+ chmod 0440 $TEMPFILE |
|
1126 |
+ sudo chown root:root $TEMPFILE |
|
1127 |
+ sudo mv $TEMPFILE /etc/sudoers.d/neutron-rootwrap |
|
1128 |
+ |
|
1129 |
+ # Update the root_helper |
|
1130 |
+ iniset $NEUTRON_CONF agent root_helper "$Q_RR_COMMAND" |
|
1131 |
+ if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then |
|
1132 |
+ iniset $NEUTRON_CONF agent root_helper_daemon "$Q_RR_DAEMON_COMMAND" |
|
1133 |
+ fi |
|
1134 |
+} |
|
1135 |
+ |
|
1136 |
+# Configures keystone integration for neutron service and agents |
|
1137 |
+function _neutron_setup_keystone { |
|
1138 |
+ local conf_file=$1 |
|
1139 |
+ local section=$2 |
|
1140 |
+ local use_auth_url=$3 |
|
1141 |
+ |
|
1142 |
+ # Configures keystone for metadata_agent |
|
1143 |
+ # metadata_agent needs auth_url to communicate with keystone |
|
1144 |
+ if [[ "$use_auth_url" == "True" ]]; then |
|
1145 |
+ iniset $conf_file $section auth_url $KEYSTONE_SERVICE_URI/v2.0 |
|
1146 |
+ fi |
|
1147 |
+ |
|
1148 |
+ create_neutron_cache_dir |
|
1149 |
+ configure_auth_token_middleware $conf_file $Q_ADMIN_USERNAME $NEUTRON_AUTH_CACHE_DIR $section |
|
1150 |
+} |
|
1151 |
+ |
|
1152 |
+function _neutron_setup_interface_driver { |
|
1153 |
+ |
|
1154 |
+ # ovs_use_veth needs to be set before the plugin configuration |
|
1155 |
+ # occurs to allow plugins to override the setting. |
|
1156 |
+ iniset $1 DEFAULT ovs_use_veth $Q_OVS_USE_VETH |
|
1157 |
+ |
|
1158 |
+ neutron_plugin_setup_interface_driver $1 |
|
1159 |
+} |
|
1160 |
+ |
|
1161 |
+# Create private IPv4 subnet |
|
1162 |
+function _neutron_create_private_subnet_v4 { |
|
1163 |
+ local subnet_params="--tenant-id $TENANT_ID " |
|
1164 |
+ subnet_params+="--ip_version 4 " |
|
1165 |
+ subnet_params+="--gateway $NETWORK_GATEWAY " |
|
1166 |
+ subnet_params+="--name $PRIVATE_SUBNET_NAME " |
|
1167 |
+ subnet_params+="$NET_ID $FIXED_RANGE" |
|
1168 |
+ local subnet_id=$(neutron subnet-create $subnet_params | grep ' id ' | get_field 2) |
|
1169 |
+ die_if_not_set $LINENO subnet_id "Failure creating private IPv4 subnet for $TENANT_ID" |
|
1170 |
+ echo $subnet_id |
|
1171 |
+} |
|
1172 |
+ |
|
1173 |
+# Create private IPv6 subnet |
|
1174 |
+function _neutron_create_private_subnet_v6 { |
|
1175 |
+ die_if_not_set $LINENO IPV6_RA_MODE "IPV6 RA Mode not set" |
|
1176 |
+ die_if_not_set $LINENO IPV6_ADDRESS_MODE "IPV6 Address Mode not set" |
|
1177 |
+ local ipv6_modes="--ipv6-ra-mode $IPV6_RA_MODE --ipv6-address-mode $IPV6_ADDRESS_MODE" |
|
1178 |
+ local subnet_params="--tenant-id $TENANT_ID " |
|
1179 |
+ subnet_params+="--ip_version 6 " |
|
1180 |
+ subnet_params+="--gateway $IPV6_PRIVATE_NETWORK_GATEWAY " |
|
1181 |
+ subnet_params+="--name $IPV6_PRIVATE_SUBNET_NAME " |
|
1182 |
+ subnet_params+="$NET_ID $FIXED_RANGE_V6 $ipv6_modes" |
|
1183 |
+ local ipv6_subnet_id=$(neutron subnet-create $subnet_params | grep ' id ' | get_field 2) |
|
1184 |
+ die_if_not_set $LINENO ipv6_subnet_id "Failure creating private IPv6 subnet for $TENANT_ID" |
|
1185 |
+ echo $ipv6_subnet_id |
|
1186 |
+} |
|
1187 |
+ |
|
1188 |
+# Create public IPv4 subnet |
|
1189 |
+function _neutron_create_public_subnet_v4 { |
|
1190 |
+ local subnet_params+="--ip_version 4 " |
|
1191 |
+ subnet_params+="${Q_FLOATING_ALLOCATION_POOL:+--allocation-pool $Q_FLOATING_ALLOCATION_POOL} " |
|
1192 |
+ subnet_params+="--gateway $PUBLIC_NETWORK_GATEWAY " |
|
1193 |
+ subnet_params+="--name $PUBLIC_SUBNET_NAME " |
|
1194 |
+ subnet_params+="$EXT_NET_ID $FLOATING_RANGE " |
|
1195 |
+ subnet_params+="-- --enable_dhcp=False" |
|
1196 |
+ local id_and_ext_gw_ip=$(neutron subnet-create $subnet_params | grep -e 'gateway_ip' -e ' id ') |
|
1197 |
+ die_if_not_set $LINENO id_and_ext_gw_ip "Failure creating public IPv4 subnet" |
|
1198 |
+ echo $id_and_ext_gw_ip |
|
1199 |
+} |
|
1200 |
+ |
|
1201 |
+# Create public IPv6 subnet |
|
1202 |
+function _neutron_create_public_subnet_v6 { |
|
1203 |
+ local subnet_params="--ip_version 6 " |
|
1204 |
+ subnet_params+="--gateway $IPV6_PUBLIC_NETWORK_GATEWAY " |
|
1205 |
+ subnet_params+="--name $IPV6_PUBLIC_SUBNET_NAME " |
|
1206 |
+ subnet_params+="$EXT_NET_ID $IPV6_PUBLIC_RANGE " |
|
1207 |
+ subnet_params+="-- --enable_dhcp=False" |
|
1208 |
+ local ipv6_id_and_ext_gw_ip=$(neutron subnet-create $subnet_params | grep -e 'gateway_ip' -e ' id ') |
|
1209 |
+ die_if_not_set $LINENO ipv6_id_and_ext_gw_ip "Failure creating an IPv6 public subnet" |
|
1210 |
+ echo $ipv6_id_and_ext_gw_ip |
|
1211 |
+} |
|
1212 |
+ |
|
1213 |
+# Configure neutron router for IPv4 public access |
|
1214 |
+function _neutron_configure_router_v4 { |
|
1215 |
+ neutron router-interface-add $ROUTER_ID $SUBNET_ID |
|
1216 |
+ # Create a public subnet on the external network |
|
1217 |
+ local id_and_ext_gw_ip=$(_neutron_create_public_subnet_v4 $EXT_NET_ID) |
|
1218 |
+ local ext_gw_ip=$(echo $id_and_ext_gw_ip | get_field 2) |
|
1219 |
+ PUB_SUBNET_ID=$(echo $id_and_ext_gw_ip | get_field 5) |
|
1220 |
+ # Configure the external network as the default router gateway |
|
1221 |
+ neutron router-gateway-set $ROUTER_ID $EXT_NET_ID |
|
1222 |
+ |
|
1223 |
+ # This logic is specific to using the l3-agent for layer 3 |
|
1224 |
+ if is_service_enabled q-l3; then |
|
1225 |
+ # Configure and enable public bridge |
|
1226 |
+ if is_neutron_ovs_base_plugin && [[ "$Q_USE_NAMESPACE" = "True" ]]; then |
|
1227 |
+ local ext_gw_interface=$(_neutron_get_ext_gw_interface) |
|
1228 |
+ local cidr_len=${FLOATING_RANGE#*/} |
|
1229 |
+ sudo ip addr add $ext_gw_ip/$cidr_len dev $ext_gw_interface |
|
1230 |
+ sudo ip link set $ext_gw_interface up |
|
1231 |
+ ROUTER_GW_IP=`neutron port-list -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' -v subnet_id=$PUB_SUBNET_ID '$4 == subnet_id { print $8; }'` |
|
1232 |
+ die_if_not_set $LINENO ROUTER_GW_IP "Failure retrieving ROUTER_GW_IP" |
|
1233 |
+ sudo route add -net $FIXED_RANGE gw $ROUTER_GW_IP |
|
1234 |
+ fi |
|
1235 |
+ _neutron_set_router_id |
|
1236 |
+ fi |
|
1237 |
+} |
|
1238 |
+ |
|
1239 |
+# Configure neutron router for IPv6 public access |
|
1240 |
+function _neutron_configure_router_v6 { |
|
1241 |
+ neutron router-interface-add $ROUTER_ID $IPV6_SUBNET_ID |
|
1242 |
+ # Create a public subnet on the external network |
|
1243 |
+ local ipv6_id_and_ext_gw_ip=$(_neutron_create_public_subnet_v6 $EXT_NET_ID) |
|
1244 |
+ local ipv6_ext_gw_ip=$(echo $ipv6_id_and_ext_gw_ip | get_field 2) |
|
1245 |
+ local ipv6_pub_subnet_id=$(echo $ipv6_id_and_ext_gw_ip | get_field 5) |
|
1246 |
+ |
|
1247 |
+ # If the external network has not already been set as the default router |
|
1248 |
+ # gateway when configuring an IPv4 public subnet, do so now |
|
1249 |
+ if [[ "$IP_VERSION" == "6" ]]; then |
|
1250 |
+ neutron router-gateway-set $ROUTER_ID $EXT_NET_ID |
|
1251 |
+ fi |
|
1252 |
+ |
|
1253 |
+ # This logic is specific to using the l3-agent for layer 3 |
|
1254 |
+ if is_service_enabled q-l3; then |
|
1255 |
+ local ipv6_router_gw_port |
|
1256 |
+ # Ensure IPv6 forwarding is enabled on the host |
|
1257 |
+ sudo sysctl -w net.ipv6.conf.all.forwarding=1 |
|
1258 |
+ # Configure and enable public bridge |
|
1259 |
+ if [[ "$IP_VERSION" = "6" ]]; then |
|
1260 |
+ # Override global IPV6_ROUTER_GW_IP with the true value from neutron |
|
1261 |
+ IPV6_ROUTER_GW_IP=`neutron port-list -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' -v subnet_id=$ipv6_pub_subnet_id '$4 == subnet_id { print $8; }'` |
|
1262 |
+ die_if_not_set $LINENO IPV6_ROUTER_GW_IP "Failure retrieving IPV6_ROUTER_GW_IP" |
|
1263 |
+ ipv6_router_gw_port=`neutron port-list -c id -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' -v subnet_id=$ipv6_pub_subnet_id '$4 == subnet_id { print $1; }' | awk -F ' | ' '{ print $2; }'` |
|
1264 |
+ die_if_not_set $LINENO ipv6_router_gw_port "Failure retrieving ipv6_router_gw_port" |
|
1265 |
+ else |
|
1266 |
+ ipv6_router_gw_port=`neutron port-list -c id -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' -v subnet_id=$PUB_SUBNET_ID '$4 == subnet_id { print $1; }' | awk -F ' | ' '{ print $2; }'` |
|
1267 |
+ die_if_not_set $LINENO ipv6_router_gw_port "Failure retrieving ipv6_router_gw_port" |
|
1268 |
+ fi |
|
1269 |
+ |
|
1270 |
+ # The ovs_base_configure_l3_agent function flushes the public |
|
1271 |
+ # bridge's ip addresses, so turn IPv6 support in the host off |
|
1272 |
+ # and then on to recover the public bridge's link local address |
|
1273 |
+ sudo sysctl -w net.ipv6.conf.${PUBLIC_BRIDGE}.disable_ipv6=1 |
|
1274 |
+ sudo sysctl -w net.ipv6.conf.${PUBLIC_BRIDGE}.disable_ipv6=0 |
|
1275 |
+ if ! ip -6 addr show dev $PUBLIC_BRIDGE | grep 'scope global'; then |
|
1276 |
+ # Create an IPv6 ULA address for PUBLIC_BRIDGE if one is not present |
|
1277 |
+ IPV6_BRIDGE_ULA=`uuidgen | sed s/-//g | cut -c 23- | sed -e "s/\(..\)\(....\)\(....\)/\1:\2:\3/"` |
|
1278 |
+ sudo ip -6 addr add fd$IPV6_BRIDGE_ULA::1 dev $PUBLIC_BRIDGE |
|
1279 |
+ fi |
|
1280 |
+ |
|
1281 |
+ if is_neutron_ovs_base_plugin && [[ "$Q_USE_NAMESPACE" = "True" ]]; then |
|
1282 |
+ local ext_gw_interface=$(_neutron_get_ext_gw_interface) |
|
1283 |
+ local ipv6_cidr_len=${IPV6_PUBLIC_RANGE#*/} |
|
1284 |
+ |
|
1285 |
+ # Define router_ns based on whether DVR is enabled |
|
1286 |
+ local router_ns=qrouter |
|
1287 |
+ if [[ "$Q_DVR_MODE" == "dvr_snat" ]]; then |
|
1288 |
+ router_ns=snat |
|
1289 |
+ fi |
|
1290 |
+ |
|
1291 |
+ # Configure interface for public bridge |
|
1292 |
+ sudo ip -6 addr add $ipv6_ext_gw_ip/$ipv6_cidr_len dev $ext_gw_interface |
|
1293 |
+ |
|
1294 |
+ # Wait until layer 3 agent has configured the gateway port on |
|
1295 |
+ # the public bridge, then add gateway address to the interface |
|
1296 |
+ # TODO (john-davidge) Remove once l3-agent supports dual-stack |
|
1297 |
+ if [[ "$IP_VERSION" == "4+6" ]]; then |
|
1298 |
+ if ! timeout $GATEWAY_TIMEOUT sh -c "until sudo ip netns exec $router_ns-$ROUTER_ID ip addr show qg-${ipv6_router_gw_port:0:11} | grep $ROUTER_GW_IP; do sleep 1; done"; then |
|
1299 |
+ die $LINENO "Timeout retrieving ROUTER_GW_IP" |
|
1300 |
+ fi |
|
1301 |
+ # Configure the gateway port with the public IPv6 adress |
|
1302 |
+ sudo ip netns exec $router_ns-$ROUTER_ID ip -6 addr add $IPV6_ROUTER_GW_IP/$ipv6_cidr_len dev qg-${ipv6_router_gw_port:0:11} |
|
1303 |
+ # Add a default IPv6 route to the neutron router as the |
|
1304 |
+ # l3-agent does not add one in the dual-stack case |
|
1305 |
+ sudo ip netns exec $router_ns-$ROUTER_ID ip -6 route replace default via $ipv6_ext_gw_ip dev qg-${ipv6_router_gw_port:0:11} |
|
1306 |
+ fi |
|
1307 |
+ sudo ip -6 route add $FIXED_RANGE_V6 via $IPV6_ROUTER_GW_IP dev $ext_gw_interface |
|
1308 |
+ fi |
|
1309 |
+ _neutron_set_router_id |
|
1310 |
+ fi |
|
1311 |
+} |
|
1312 |
+ |
|
1313 |
+# Explicitly set router id in l3 agent configuration |
|
1314 |
+function _neutron_set_router_id { |
|
1315 |
+ if [[ "$Q_USE_NAMESPACE" == "False" ]]; then |
|
1316 |
+ iniset $Q_L3_CONF_FILE DEFAULT router_id $ROUTER_ID |
|
1317 |
+ fi |
|
1318 |
+} |
|
1319 |
+ |
|
1320 |
+# Get ext_gw_interface depending on value of Q_USE_PUBLIC_VETH |
|
1321 |
+function _neutron_get_ext_gw_interface { |
|
1322 |
+ if [[ "$Q_USE_PUBLIC_VETH" == "True" ]]; then |
|
1323 |
+ echo $Q_PUBLIC_VETH_EX |
|
1324 |
+ else |
|
1325 |
+ # Disable in-band as we are going to use local port |
|
1326 |
+ # to communicate with VMs |
|
1327 |
+ sudo ovs-vsctl set Bridge $PUBLIC_BRIDGE \ |
|
1328 |
+ other_config:disable-in-band=true |
|
1329 |
+ echo $PUBLIC_BRIDGE |
|
1330 |
+ fi |
|
1331 |
+} |
|
1332 |
+ |
|
1333 |
+# Functions for Neutron Exercises |
|
1334 |
+#-------------------------------- |
|
1335 |
+ |
|
1336 |
+function delete_probe { |
|
1337 |
+ local from_net="$1" |
|
1338 |
+ net_id=`_get_net_id $from_net` |
|
1339 |
+ probe_id=`neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}'` |
|
1340 |
+ neutron-debug --os-tenant-name admin --os-username admin probe-delete $probe_id |
|
1341 |
+} |
|
1342 |
+ |
|
1343 |
+function setup_neutron_debug { |
|
1344 |
+ if [[ "$Q_USE_DEBUG_COMMAND" == "True" ]]; then |
|
1345 |
+ public_net_id=`_get_net_id $PUBLIC_NETWORK_NAME` |
|
1346 |
+ neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create --device-owner compute $public_net_id |
|
1347 |
+ private_net_id=`_get_net_id $PRIVATE_NETWORK_NAME` |
|
1348 |
+ neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create --device-owner compute $private_net_id |
|
1349 |
+ fi |
|
1350 |
+} |
|
1351 |
+ |
|
1352 |
+function teardown_neutron_debug { |
|
1353 |
+ delete_probe $PUBLIC_NETWORK_NAME |
|
1354 |
+ delete_probe $PRIVATE_NETWORK_NAME |
|
1355 |
+} |
|
1356 |
+ |
|
1357 |
+function _get_net_id { |
|
1358 |
+ neutron --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD net-list | grep $1 | awk '{print $2}' |
|
1359 |
+} |
|
1360 |
+ |
|
1361 |
+function _get_probe_cmd_prefix { |
|
1362 |
+ local from_net="$1" |
|
1363 |
+ net_id=`_get_net_id $from_net` |
|
1364 |
+ probe_id=`neutron-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}' | head -n 1` |
|
1365 |
+ echo "$Q_RR_COMMAND ip netns exec qprobe-$probe_id" |
|
1366 |
+} |
|
1367 |
+ |
|
1368 |
+function _ping_check_neutron { |
|
1369 |
+ local from_net=$1 |
|
1370 |
+ local ip=$2 |
|
1371 |
+ local timeout_sec=$3 |
|
1372 |
+ local expected=${4:-"True"} |
|
1373 |
+ local check_command="" |
|
1374 |
+ probe_cmd=`_get_probe_cmd_prefix $from_net` |
|
1375 |
+ if [[ "$expected" = "True" ]]; then |
|
1376 |
+ check_command="while ! $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done" |
|
1377 |
+ else |
|
1378 |
+ check_command="while $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done" |
|
1379 |
+ fi |
|
1380 |
+ if ! timeout $timeout_sec sh -c "$check_command"; then |
|
1381 |
+ if [[ "$expected" = "True" ]]; then |
|
1382 |
+ die $LINENO "[Fail] Couldn't ping server" |
|
1383 |
+ else |
|
1384 |
+ die $LINENO "[Fail] Could ping server" |
|
1385 |
+ fi |
|
1386 |
+ fi |
|
1387 |
+} |
|
1388 |
+ |
|
1389 |
+# ssh check |
|
1390 |
+function _ssh_check_neutron { |
|
1391 |
+ local from_net=$1 |
|
1392 |
+ local key_file=$2 |
|
1393 |
+ local ip=$3 |
|
1394 |
+ local user=$4 |
|
1395 |
+ local timeout_sec=$5 |
|
1396 |
+ local probe_cmd = "" |
|
1397 |
+ probe_cmd=`_get_probe_cmd_prefix $from_net` |
|
1398 |
+ if ! timeout $timeout_sec sh -c "while ! $probe_cmd ssh -o StrictHostKeyChecking=no -i $key_file ${user}@$ip echo success; do sleep 1; done"; then |
|
1399 |
+ die $LINENO "server didn't become ssh-able!" |
|
1400 |
+ fi |
|
1401 |
+} |
|
1402 |
+ |
|
1403 |
+# Neutron 3rd party programs |
|
1404 |
+#--------------------------- |
|
1405 |
+ |
|
1406 |
+# please refer to ``lib/neutron_thirdparty/README.md`` for details |
|
1407 |
+NEUTRON_THIRD_PARTIES="" |
|
1408 |
+for f in $TOP_DIR/lib/neutron_thirdparty/*; do |
|
1409 |
+ third_party=$(basename $f) |
|
1410 |
+ if is_service_enabled $third_party; then |
|
1411 |
+ source $TOP_DIR/lib/neutron_thirdparty/$third_party |
|
1412 |
+ NEUTRON_THIRD_PARTIES="$NEUTRON_THIRD_PARTIES,$third_party" |
|
1413 |
+ fi |
|
1414 |
+done |
|
1415 |
+ |
|
1416 |
+function _neutron_third_party_do { |
|
1417 |
+ for third_party in ${NEUTRON_THIRD_PARTIES//,/ }; do |
|
1418 |
+ ${1}_${third_party} |
|
1419 |
+ done |
|
1420 |
+} |
|
1421 |
+ |
|
1422 |
+# configure_neutron_third_party() - Set config files, create data dirs, etc |
|
1423 |
+function configure_neutron_third_party { |
|
1424 |
+ _neutron_third_party_do configure |
|
1425 |
+} |
|
1426 |
+ |
|
1427 |
+# init_neutron_third_party() - Initialize databases, etc. |
|
1428 |
+function init_neutron_third_party { |
|
1429 |
+ _neutron_third_party_do init |
|
1430 |
+} |
|
1431 |
+ |
|
1432 |
+# install_neutron_third_party() - Collect source and prepare |
|
1433 |
+function install_neutron_third_party { |
|
1434 |
+ _neutron_third_party_do install |
|
1435 |
+} |
|
1436 |
+ |
|
1437 |
+# start_neutron_third_party() - Start running processes, including screen |
|
1438 |
+function start_neutron_third_party { |
|
1439 |
+ _neutron_third_party_do start |
|
1440 |
+} |
|
1441 |
+ |
|
1442 |
+# stop_neutron_third_party - Stop running processes (non-screen) |
|
1443 |
+function stop_neutron_third_party { |
|
1444 |
+ _neutron_third_party_do stop |
|
1445 |
+} |
|
1446 |
+ |
|
1447 |
+# check_neutron_third_party_integration() - Check that third party integration is sane |
|
1448 |
+function check_neutron_third_party_integration { |
|
1449 |
+ _neutron_third_party_do check |
|
1450 |
+} |
|
1451 |
+ |
|
1452 |
+function is_provider_network { |
|
1453 |
+ if [ "$Q_USE_PROVIDER_NETWORKING" == "True" ] && [ "$Q_L3_ENABLED" == "False" ]; then |
|
1454 |
+ return 0 |
|
1455 |
+ fi |
|
1456 |
+ return 1 |
|
1457 |
+} |
|
1458 |
+ |
|
1459 |
+ |
|
1460 |
+# Restore xtrace |
|
1461 |
+$XTRACE |
|
1462 |
+ |
|
1463 |
+# Tell emacs to use shell-script-mode |
|
1464 |
+## Local variables: |
|
1465 |
+## mode: shell-script |
|
1466 |
+## End: |
... | ... |
@@ -13,7 +13,7 @@ Plugin specific configuration variables should be in this file. |
13 | 13 |
|
14 | 14 |
functions |
15 | 15 |
--------- |
16 |
-``lib/neutron`` calls the following functions when the ``$Q_PLUGIN`` is enabled |
|
16 |
+``lib/neutron-legacy`` calls the following functions when the ``$Q_PLUGIN`` is enabled |
|
17 | 17 |
|
18 | 18 |
* ``neutron_plugin_create_nova_conf`` : |
19 | 19 |
set ``NOVA_VIF_DRIVER`` and optionally set options in nova_conf |
... | ... |
@@ -10,7 +10,7 @@ Third party program specific configuration variables should be in this file. |
10 | 10 |
|
11 | 11 |
functions |
12 | 12 |
--------- |
13 |
-``lib/neutron`` calls the following functions when the ``<third_party>`` is enabled |
|
13 |
+``lib/neutron-legacy`` calls the following functions when the ``<third_party>`` is enabled |
|
14 | 14 |
|
15 | 15 |
functions to be implemented |
16 | 16 |
* ``configure_<third_party>``: |
... | ... |
@@ -525,7 +525,7 @@ source $TOP_DIR/lib/cinder |
525 | 525 |
source $TOP_DIR/lib/swift |
526 | 526 |
source $TOP_DIR/lib/ceilometer |
527 | 527 |
source $TOP_DIR/lib/heat |
528 |
-source $TOP_DIR/lib/neutron |
|
528 |
+source $TOP_DIR/lib/neutron-legacy |
|
529 | 529 |
source $TOP_DIR/lib/ldap |
530 | 530 |
source $TOP_DIR/lib/dstat |
531 | 531 |
|