Change to neutron by default.
nova-net is deprecated, and it's long time to switch to neutron by
default. This patch does that, and has an auto configuration mode that
mostly just works for the basic case.
It does this by assuming that unless the user specifies an interface
for it to manage, that it will not automatically have access to a
physical interface. The floating range is put on br-ex (per normal),
fixed ranges stay on their OVS interfaces.
Because there is no dedicated interface managed by neutron, we add an
iptables rule which allows guests to route out. While somewhat
synthetic, it does provide a working out of the box developer
experience, and is not hugely more synthetic then all the other
interface / route setup we have to do for the system.
You should be able to run this with a local.conf of just
[[local|localrc]]
ADMIN_PASSWORD=pass
DATABASE_PASSWORD=pass
RABBIT_PASSWORD=pass
SERVICE_PASSWORD=pass
And get a working neutron on a single interface box
Documentation will come in subsequent patches, however getting the
code out there and getting feedback is going to help shape this
direction.
Change-Id: I185325a684372e8a2ff25eae974a9a2a2d6277e0
Sean Dague authored on 2016/08/04 04:09:01Showing 3 changed files
| ... | ... |
@@ -102,10 +102,20 @@ function _configure_neutron_l3_agent {
|
| 102 | 102 |
|
| 103 | 103 |
neutron_plugin_configure_l3_agent $Q_L3_CONF_FILE |
| 104 | 104 |
|
| 105 |
- _move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" True False "inet" |
|
| 106 |
- |
|
| 107 |
- if [[ $(ip -f inet6 a s dev "$PUBLIC_INTERFACE" | grep -c 'global') != 0 ]]; then |
|
| 108 |
- _move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" False False "inet6" |
|
| 105 |
+ # If we've given a PUBLIC_INTERFACE to take over, then we assume |
|
| 106 |
+ # that we can own the whole thing, and privot it into the OVS |
|
| 107 |
+ # bridge. If we are not, we're probably on a single interface |
|
| 108 |
+ # machine, and we just setup NAT so that fixed guests can get out. |
|
| 109 |
+ if [[ -n "$PUBLIC_INTERFACE" ]]; then |
|
| 110 |
+ _move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" True False "inet" |
|
| 111 |
+ |
|
| 112 |
+ if [[ $(ip -f inet6 a s dev "$PUBLIC_INTERFACE" | grep -c 'global') != 0 ]]; then |
|
| 113 |
+ _move_neutron_addresses_route "$PUBLIC_INTERFACE" "$OVS_PHYSICAL_BRIDGE" False False "inet6" |
|
| 114 |
+ fi |
|
| 115 |
+ else |
|
| 116 |
+ local default_dev="" |
|
| 117 |
+ default_dev=$(ip route | grep ^default | awk '{print $5}')
|
|
| 118 |
+ sudo iptables -t nat -A POSTROUTING -o $default_dev -s $FLOATING_RANGE -j MASQUERADE |
|
| 109 | 119 |
fi |
| 110 | 120 |
} |
| 111 | 121 |
|
| ... | ... |
@@ -128,7 +128,7 @@ fi |
| 128 | 128 |
# -------------------------- |
| 129 | 129 |
|
| 130 | 130 |
NETWORK_MANAGER=${NETWORK_MANAGER:-${NET_MAN:-FlatDHCPManager}}
|
| 131 |
-PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-$PUBLIC_INTERFACE_DEFAULT}
|
|
| 131 |
+ |
|
| 132 | 132 |
VLAN_INTERFACE=${VLAN_INTERFACE:-$GUEST_INTERFACE_DEFAULT}
|
| 133 | 133 |
FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-$FLAT_NETWORK_BRIDGE_DEFAULT}
|
| 134 | 134 |
|
| ... | ... |
@@ -659,8 +659,9 @@ function create_nova_cache_dir {
|
| 659 | 659 |
} |
| 660 | 660 |
|
| 661 | 661 |
function create_nova_conf_nova_network {
|
| 662 |
+ local public_interface=${PUBLIC_INTERFACE:-$PUBLIC_INTERFACE_DEFAULT}
|
|
| 662 | 663 |
iniset $NOVA_CONF DEFAULT network_manager "nova.network.manager.$NETWORK_MANAGER" |
| 663 |
- iniset $NOVA_CONF DEFAULT public_interface "$PUBLIC_INTERFACE" |
|
| 664 |
+ iniset $NOVA_CONF DEFAULT public_interface "$public_interface" |
|
| 664 | 665 |
iniset $NOVA_CONF DEFAULT vlan_interface "$VLAN_INTERFACE" |
| 665 | 666 |
iniset $NOVA_CONF DEFAULT flat_network_bridge "$FLAT_NETWORK_BRIDGE" |
| 666 | 667 |
if [ -n "$FLAT_INTERFACE" ]; then |
| ... | ... |
@@ -70,11 +70,13 @@ if ! isset ENABLED_SERVICES ; then |
| 70 | 70 |
# Keystone - nothing works without keystone |
| 71 | 71 |
ENABLED_SERVICES=key |
| 72 | 72 |
# Nova - services to support libvirt based openstack clouds |
| 73 |
- ENABLED_SERVICES+=,n-api,n-cpu,n-net,n-cond,n-sch,n-novnc,n-cauth |
|
| 73 |
+ ENABLED_SERVICES+=,n-api,n-cpu,n-cond,n-sch,n-novnc,n-cauth |
|
| 74 | 74 |
# Glance services needed for Nova |
| 75 | 75 |
ENABLED_SERVICES+=,g-api,g-reg |
| 76 | 76 |
# Cinder |
| 77 | 77 |
ENABLED_SERVICES+=,c-sch,c-api,c-vol |
| 78 |
+ # Neutron |
|
| 79 |
+ ENABLED_SERVICES+=,q-svc,q-dhcp,q-meta,q-agt,q-l3 |
|
| 78 | 80 |
# Dashboard |
| 79 | 81 |
ENABLED_SERVICES+=,horizon |
| 80 | 82 |
# Additional services |
| ... | ... |
@@ -710,6 +712,8 @@ S3_SERVICE_PORT=${S3_SERVICE_PORT:-3333}
|
| 710 | 710 |
PRIVATE_NETWORK_NAME=${PRIVATE_NETWORK_NAME:-"private"}
|
| 711 | 711 |
PUBLIC_NETWORK_NAME=${PUBLIC_NETWORK_NAME:-"public"}
|
| 712 | 712 |
|
| 713 |
+PUBLIC_INTERFACE="" |
|
| 714 |
+ |
|
| 713 | 715 |
# Set default screen name |
| 714 | 716 |
SCREEN_NAME=${SCREEN_NAME:-stack}
|
| 715 | 717 |
|