Merge "Enable support for telegraf"
diff --git a/.kitchen.travis.yml b/.kitchen.travis.yml
new file mode 100644
index 0000000..f847543
--- /dev/null
+++ b/.kitchen.travis.yml
@@ -0,0 +1,6 @@
+suites:
+
+ - name: <%= ENV['SUITE'] %>
+ provisioner:
+ pillars-from-files:
+ neutron.sls: tests/pillar/<%= ENV['SUITE'] %>.sls
diff --git a/.kitchen.yml b/.kitchen.yml
index d144018..b762e23 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -78,6 +78,17 @@
pillars-from-files:
neutron.sls: tests/pillar/compute_sriov.sls
+ - name: compute_qos_sriov
+ provisioner:
+ pillars-from-files:
+ neutron.sls: tests/pillar/compute_qos_sriov.sls
+
+ - name: compute_qos
+ provisioner:
+ pillars-from-files:
+ neutron.sls: tests/pillar/compute_qos.sls
+
+
- name: control_cluster
provisioner:
pillars-from-files:
@@ -93,11 +104,21 @@
pillars-from-files:
neutron.sls: tests/pillar/control_nodvr.sls
+ - name: control_lbaas_octavia.sls
+ provisioner:
+ pillars-from-files:
+ neutron.sls: tests/pillar/control_lbaas_octavia.sls
+
- name: control_single
provisioner:
pillars-from-files:
neutron.sls: tests/pillar/control_single.sls
+ - name: control_qos
+ provisioner:
+ pillars-from-files:
+ neutron.sls: tests/pillar/control_qos.sls
+
- name: gateway_dvr
provisioner:
pillars-from-files:
@@ -107,4 +128,10 @@
provisioner:
pillars-from-files:
neutron.sls: tests/pillar/gateway_legacy.sls
+
+ - name: gateway_qos
+ provisioner:
+ pillars-from-files:
+ neutron.sls: tests/pillar/gateway_qos.sls
+
# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/.travis.yml b/.travis.yml
index 7a77247..3925301 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -17,15 +17,35 @@
- bundle install
env:
- - PLATFORM=trevorj/salty-whales:trusty
- - PLATFORM=trevorj/salty-whales:xenial
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=compute_dpdk
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=compute_dpdk
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=compute_dvr
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=compute_dvr
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=compute_legacy
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=compute_legacy
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=compute_nonexternal_dvr
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=compute_nonexternal_dvr
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=compute_sriov
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=compute_sriov
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=control_cluster
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=control_cluster
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=control_dvr
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=control_dvr
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=control_nodvr
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=control_nodvr
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=control_single
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=control_single
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=gateway_dvr
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=gateway_dvr
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=gateway_legacy
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=gateway_legacy
before_script:
- set -o pipefail
- make test | tail
script:
- - test ! -e .kitchen.yml || bundle exec kitchen test -t tests/integration
+ - KITCHEN_LOCAL_YAML=.kitchen.travis.yml bundle exec kitchen test -t tests/integration
notifications:
webhooks:
diff --git a/README.rst b/README.rst
index c01b822..66b2299 100644
--- a/README.rst
+++ b/README.rst
@@ -73,7 +73,8 @@
# Add key without value to remove line from policy.json
'create_network:shared':
-Neutron lbaas provides on the controller node
+Neutron LBaaSv2 enablement
+--------------------------
.. code-block:: yaml
@@ -82,9 +83,13 @@
lbaas:
enabled: true
providers:
+ octavia:
+ engine: octavia
+ driver_path: 'neutron_lbaas.drivers.octavia.driver.OctaviaDriver'
+ base_url: 'http://127.0.0.1:9876'
avi_adc:
- enabled: true
engine: avinetworks
+ driver_path: 'avi_lbaasv2.avi_driver.AviDriver'
controller_address: 10.182.129.239
controller_user: admin
controller_password: Cloudlab2016
@@ -93,15 +98,15 @@
engine: avinetworks
...
-Note: If you want contrail lbaas then backend is only required. Lbaas in
-pillar should be define only if it should be disabled.
+Note: If the Contrail backend is set, Opencontrail loadbalancer would be enabled
+automatically. In this case lbaas should disabled in pillar:
.. code-block:: yaml
neutron:
server:
lbaas:
- enabled: disabled
+ enabled: false
Enable CORS parameters
@@ -514,6 +519,22 @@
use_ovs_ports:
- float-to-ex
+Additonal VXLAN tenant network settings
+---------------------------------------
+
+The default multicast group of 224.0.0.1 only multicasts to a single subnet.
+Allow overriding it to allow larger underlay network topologies.
+
+Neutron Server
+
+.. code-block:: yaml
+
+ neutron:
+ server:
+ vxlan:
+ group: 239.0.0.0/8
+ vni_ranges: "2:65535"
+
Neutron VLAN tenant networks with Network Nodes
-----------------------------------------------
@@ -620,6 +641,20 @@
ovs:
driver: openvswitch
+Neutron with VLAN-aware-VMs
+
+.. code-block:: yaml
+
+ neutron:
+ server:
+ vlan_aware_vms: true
+ ....
+ compute:
+ vlan_aware_vms: true
+ ....
+ gateway:
+ vlan_aware_vms: true
+
Neutron Server
--------------
diff --git a/metadata/service/compute/single.yml b/metadata/service/compute/single.yml
index 3422e39..377ff39 100644
--- a/metadata/service/compute/single.yml
+++ b/metadata/service/compute/single.yml
@@ -18,6 +18,8 @@
dvr: false
external_access: false
security_groups_enabled: true
+ qos: false
+ vlan_aware_vms: false
metadata:
host: ${_param:cluster_vip_address}
password: ${_param:metadata_password}
diff --git a/metadata/service/control/cluster.yml b/metadata/service/control/cluster.yml
index eaa8707..c69a8f8 100644
--- a/metadata/service/control/cluster.yml
+++ b/metadata/service/control/cluster.yml
@@ -9,6 +9,7 @@
server:
enabled: true
dns_domain: novalocal
+ vlan_aware_vms: false
version: ${_param:neutron_version}
bind:
address: ${_param:cluster_local_address}
diff --git a/metadata/service/control/container.yml b/metadata/service/control/container.yml
index bca3d9e..367167b 100644
--- a/metadata/service/control/container.yml
+++ b/metadata/service/control/container.yml
@@ -12,6 +12,7 @@
server:
enabled: true
dns_domain: novalocal
+ vlan_aware_vms: false
version: ${_param:neutron_version}
bind:
address: 0.0.0.0
diff --git a/metadata/service/control/single.yml b/metadata/service/control/single.yml
index 24b5a2f..12a603c 100644
--- a/metadata/service/control/single.yml
+++ b/metadata/service/control/single.yml
@@ -13,6 +13,8 @@
dns_domain: novalocal
tunnel_type: vxlan
security_groups_enabled: true
+ qos: false
+ vlan_aware_vms: false
version: ${_param:neutron_version}
bind:
address: ${_param:single_address}
diff --git a/metadata/service/gateway/single.yml b/metadata/service/gateway/single.yml
index a9628f0..1af2525 100644
--- a/metadata/service/gateway/single.yml
+++ b/metadata/service/gateway/single.yml
@@ -18,6 +18,8 @@
dvr: false
external_access: True
security_groups_enabled: true
+ qos: false
+ vlan_aware_vms: false
metadata:
host: ${_param:cluster_vip_address}
password: ${_param:metadata_password}
diff --git a/neutron/compute.sls b/neutron/compute.sls
index bfefb53..cb02136 100644
--- a/neutron/compute.sls
+++ b/neutron/compute.sls
@@ -32,13 +32,15 @@
service.running:
- name: neutron-sriov-agent
- enable: true
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- watch_in:
- service: neutron_compute_services
- watch:
- file: /etc/neutron/neutron.conf
- file: /etc/neutron/plugins/ml2/openvswitch_agent.ini
- file: /etc/neutron/plugins/ml2/sriov_agent.ini
- - unless: grains.get('noservices', False)
{% endif %}
diff --git a/neutron/files/mitaka/dhcp_agent.ini b/neutron/files/mitaka/dhcp_agent.ini
index 908086d..17a01ce 100644
--- a/neutron/files/mitaka/dhcp_agent.ini
+++ b/neutron/files/mitaka/dhcp_agent.ini
@@ -19,7 +19,7 @@
# The driver used to manage the virtual interface. (string value)
#interface_driver = <None>
-interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+interface_driver = openvswitch
# Timeout in seconds for ovs-vsctl commands. If the timeout expires, ovs commands will fail with ALARMCLOCK error. (integer value)
#ovs_vsctl_timeout = 10
diff --git a/neutron/files/mitaka/l3_agent.ini b/neutron/files/mitaka/l3_agent.ini
index 0095ab7..ad79623 100644
--- a/neutron/files/mitaka/l3_agent.ini
+++ b/neutron/files/mitaka/l3_agent.ini
@@ -25,7 +25,7 @@
# The driver used to manage the virtual interface. (string value)
#interface_driver = <None>
-interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+interface_driver = openvswitch
# Timeout in seconds for ovs-vsctl commands. If the timeout expires, ovs commands will fail with ALARMCLOCK error. (integer value)
#ovs_vsctl_timeout = 10
diff --git a/neutron/files/mitaka/ml2_conf.ini b/neutron/files/mitaka/ml2_conf.ini
index 67841f2..9a8e79c 100644
--- a/neutron/files/mitaka/ml2_conf.ini
+++ b/neutron/files/mitaka/ml2_conf.ini
@@ -180,12 +180,12 @@
# Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation
# (list value)
#vni_ranges =
-vni_ranges =2:65535
+vni_ranges = {{ server.get('vxlan', {}).vni_ranges|default('2:65535') }}
# Multicast group for VXLAN. When configured, will enable sending all broadcast traffic to this multicast group. When left unconfigured,
# will disable multicast VXLAN mode. (string value)
#vxlan_group = <None>
-vxlan_group = 224.0.0.1
+vxlan_group = {{ server.get('vxlan', {}).group|default('224.0.0.1') }}
[securitygroup]
@@ -199,7 +199,7 @@
{%- if server.dpdk %}
firewall_driver = openvswitch
{%- else %}
-firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+firewall_driver = iptables_hybrid
{%- endif %}
# Controls whether the neutron security group API is enabled in the server. It should be false when using no security groups or using the
diff --git a/neutron/files/mitaka/openvswitch_agent.ini b/neutron/files/mitaka/openvswitch_agent.ini
index ed5231b..01162a0 100644
--- a/neutron/files/mitaka/openvswitch_agent.ini
+++ b/neutron/files/mitaka/openvswitch_agent.ini
@@ -250,7 +250,7 @@
{%- if neutron.dpdk %}
firewall_driver = openvswitch
{%- else %}
-firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+firewall_driver = iptables_hybrid
{%- endif %}
# Controls whether the neutron security group API is enabled in the server. It should be false when using no security groups or using the
diff --git a/neutron/files/newton/dhcp_agent.ini b/neutron/files/newton/dhcp_agent.ini
index 908086d..17a01ce 100644
--- a/neutron/files/newton/dhcp_agent.ini
+++ b/neutron/files/newton/dhcp_agent.ini
@@ -19,7 +19,7 @@
# The driver used to manage the virtual interface. (string value)
#interface_driver = <None>
-interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+interface_driver = openvswitch
# Timeout in seconds for ovs-vsctl commands. If the timeout expires, ovs commands will fail with ALARMCLOCK error. (integer value)
#ovs_vsctl_timeout = 10
diff --git a/neutron/files/newton/l3_agent.ini b/neutron/files/newton/l3_agent.ini
index 0095ab7..56bf297 100644
--- a/neutron/files/newton/l3_agent.ini
+++ b/neutron/files/newton/l3_agent.ini
@@ -25,7 +25,7 @@
# The driver used to manage the virtual interface. (string value)
#interface_driver = <None>
-interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+interface_driver = openvswitch
# Timeout in seconds for ovs-vsctl commands. If the timeout expires, ovs commands will fail with ALARMCLOCK error. (integer value)
#ovs_vsctl_timeout = 10
@@ -90,10 +90,12 @@
# be used. (string value)
#external_ingress_mark = 0x2
-# Name of bridge used for external network traffic. This should be set to an empty value for the Linux Bridge. When this parameter is set,
-# each L3 agent can be associated with no more than one external network. (string value)
-#external_network_bridge = br-ex
-external_network_bridge =
+# DEPRECATED: Name of bridge used for external network traffic. When this parameter is set, the L3 agent will plug an interface directly
+# into an external bridge which will not allow any wiring by the L2 agent. Using this will result in incorrect port statuses. This option is
+# deprecated and will be removed in Ocata. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#external_network_bridge =
# Seconds between running periodic tasks (integer value)
#periodic_interval = 40
diff --git a/neutron/files/newton/ml2_conf.ini b/neutron/files/newton/ml2_conf.ini
index 67841f2..9a8e79c 100644
--- a/neutron/files/newton/ml2_conf.ini
+++ b/neutron/files/newton/ml2_conf.ini
@@ -180,12 +180,12 @@
# Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation
# (list value)
#vni_ranges =
-vni_ranges =2:65535
+vni_ranges = {{ server.get('vxlan', {}).vni_ranges|default('2:65535') }}
# Multicast group for VXLAN. When configured, will enable sending all broadcast traffic to this multicast group. When left unconfigured,
# will disable multicast VXLAN mode. (string value)
#vxlan_group = <None>
-vxlan_group = 224.0.0.1
+vxlan_group = {{ server.get('vxlan', {}).group|default('224.0.0.1') }}
[securitygroup]
@@ -199,7 +199,7 @@
{%- if server.dpdk %}
firewall_driver = openvswitch
{%- else %}
-firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+firewall_driver = iptables_hybrid
{%- endif %}
# Controls whether the neutron security group API is enabled in the server. It should be false when using no security groups or using the
diff --git a/neutron/files/newton/neutron-generic.conf.Debian b/neutron/files/newton/neutron-generic.conf.Debian
index 2f4b89e..f521546 100644
--- a/neutron/files/newton/neutron-generic.conf.Debian
+++ b/neutron/files/newton/neutron-generic.conf.Debian
@@ -537,7 +537,6 @@
# The messaging driver to use, defaults to rabbit. Other drivers include amqp
# and zmq. (string value)
#rpc_backend = rabbit
-rpc_backend = rabbit
# The default exchange under which topics are scoped. May be overridden by an
# exchange name specified in the transport_url option. (string value)
@@ -1316,7 +1315,6 @@
# count). (integer value)
# Deprecated group/name - [DEFAULT]/rabbit_max_retries
#rabbit_max_retries = 0
-rabbit_max_retries = 0
# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change this
# option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, queue mirroring
diff --git a/neutron/files/newton/neutron-server.conf.Debian b/neutron/files/newton/neutron-server.conf.Debian
index 1ae886b..34aaa06 100644
--- a/neutron/files/newton/neutron-server.conf.Debian
+++ b/neutron/files/newton/neutron-server.conf.Debian
@@ -547,12 +547,6 @@
# not set, we fall back to the rpc_backend option and driver specific
# configuration. (string value)
#transport_url = <None>
-
-# The messaging driver to use, defaults to rabbit. Other drivers include amqp
-# and zmq. (string value)
-#rpc_backend = rabbit
-rpc_backend = rabbit
-
{%- if server.message_queue.members is defined %}
transport_url = rabbit://{% for member in server.message_queue.members -%}
{{ server.message_queue.user }}:{{ server.message_queue.password }}@{{ member.host }}:{{ member.get('port', 5672) }}
@@ -563,6 +557,11 @@
transport_url = rabbit://{{ server.message_queue.user }}:{{ server.message_queue.password }}@{{ server.message_queue.host }}:{{ server.message_queue.port }}/{{ server.message_queue.virtual_host }}
{%- endif %}
+# The messaging driver to use, defaults to rabbit. Other drivers include amqp
+# and zmq. (string value)
+#rpc_backend = rabbit
+
+
# The default exchange under which topics are scoped. May be overridden by an
# exchange name specified in the transport_url option. (string value)
#control_exchange = neutron
@@ -1398,7 +1397,6 @@
# count). (integer value)
# Deprecated group/name - [DEFAULT]/rabbit_max_retries
#rabbit_max_retries = 0
-rabbit_max_retries = 0
# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change this
# option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, queue mirroring
diff --git a/neutron/files/newton/openvswitch_agent.ini b/neutron/files/newton/openvswitch_agent.ini
index ed5231b..01162a0 100644
--- a/neutron/files/newton/openvswitch_agent.ini
+++ b/neutron/files/newton/openvswitch_agent.ini
@@ -250,7 +250,7 @@
{%- if neutron.dpdk %}
firewall_driver = openvswitch
{%- else %}
-firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+firewall_driver = iptables_hybrid
{%- endif %}
# Controls whether the neutron security group API is enabled in the server. It should be false when using no security groups or using the
diff --git a/neutron/files/ocata/dhcp_agent.ini b/neutron/files/ocata/dhcp_agent.ini
index 293b968..d327e64 100644
--- a/neutron/files/ocata/dhcp_agent.ini
+++ b/neutron/files/ocata/dhcp_agent.ini
@@ -19,7 +19,7 @@
# The driver used to manage the virtual interface. (string value)
#interface_driver = <None>
-interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+interface_driver = openvswitch
# Timeout in seconds for ovs-vsctl commands. If the timeout expires, ovs commands will fail with ALARMCLOCK error. (integer value)
#ovs_vsctl_timeout = 10
diff --git a/neutron/files/ocata/l3_agent.ini b/neutron/files/ocata/l3_agent.ini
index 44b27ff..41b87e6 100644
--- a/neutron/files/ocata/l3_agent.ini
+++ b/neutron/files/ocata/l3_agent.ini
@@ -20,7 +20,7 @@
# The driver used to manage the virtual interface. (string value)
#interface_driver = <None>
-interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+interface_driver = openvswitch
# Timeout in seconds for ovs-vsctl commands. If the timeout expires, ovs
# commands will fail with ALARMCLOCK error. (integer value)
@@ -106,7 +106,6 @@
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#external_network_bridge =
-external_network_bridge =
# Seconds between running periodic tasks. (integer value)
#periodic_interval = 40
diff --git a/neutron/files/ocata/ml2_conf.ini b/neutron/files/ocata/ml2_conf.ini
index ad4e100..0d48951 100644
--- a/neutron/files/ocata/ml2_conf.ini
+++ b/neutron/files/ocata/ml2_conf.ini
@@ -137,7 +137,7 @@
# neutron.ml2.extension_drivers namespace. For example: extension_drivers =
# port_security,qos (list value)
#extension_drivers =
-extension_drivers = port_security
+extension_drivers = port_security{% if server.get('qos', 'True') %},qos{% endif %}
# Maximum size of an IP packet (MTU) that can traverse the underlying physical
# network infrastructure without fragmentation when using an overlay/tunnel
@@ -232,13 +232,13 @@
# Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of
# VXLAN VNI IDs that are available for tenant network allocation (list value)
#vni_ranges =
-vni_ranges =2:65535
+vni_ranges = {{ server.get('vxlan', {}).vni_ranges|default('2:65535') }}
# Multicast group for VXLAN. When configured, will enable sending all broadcast
# traffic to this multicast group. When left unconfigured, will disable
# multicast VXLAN mode. (string value)
#vxlan_group = <None>
-vxlan_group = 224.0.0.1
+vxlan_group = {{ server.get('vxlan', {}).group|default('224.0.0.1') }}
[securitygroup]
@@ -258,7 +258,7 @@
{%- if not server.get('security_groups_enabled', True) %}
firewall_driver = neutron.agent.firewall.NoopFirewallDriver
enable_security_group = False
-{%- elif server.dpdk %}
+{%- elif server.dpdk or server.get('vlan_aware_vms', False) %}
firewall_driver = openvswitch
enable_security_group = True
{%- else %}
diff --git a/neutron/files/ocata/neutron-generic.conf.Debian b/neutron/files/ocata/neutron-generic.conf.Debian
index 6275974..5b7058d 100644
--- a/neutron/files/ocata/neutron-generic.conf.Debian
+++ b/neutron/files/ocata/neutron-generic.conf.Debian
@@ -605,7 +605,6 @@
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#rpc_backend = rabbit
-rpc_backend = rabbit
# The default exchange under which topics are scoped. May be overridden by an
# exchange name specified in the transport_url option. (string value)
@@ -1646,7 +1645,6 @@
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#rabbit_max_retries = 0
-rabbit_max_retries = 0
# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change this
# option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, queue mirroring
diff --git a/neutron/files/ocata/neutron-server.conf.Debian b/neutron/files/ocata/neutron-server.conf.Debian
index 0047550..e320ca4 100644
--- a/neutron/files/ocata/neutron-server.conf.Debian
+++ b/neutron/files/ocata/neutron-server.conf.Debian
@@ -43,9 +43,10 @@
core_plugin = neutron.plugins.ml2.plugin.Ml2Plugin
-service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.metering.metering_plugin.MeteringPlugin,trunk{%- if server.lbaas is defined -%}
-,neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2
-{%- endif -%}
+service_plugins =neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.metering.metering_plugin.MeteringPlugin
+{%- if server.lbaas is defined -%},lbaasv2{%- endif -%}
+{%- if server.get('qos', 'True') -%},neutron.services.qos.qos_plugin.QoSPlugin{%- endif -%}
+{%- if server.get('vlan_aware_vms', False) -%},trunk{%- endif -%}
{% endif %}
@@ -624,7 +625,6 @@
# Its value may be silently ignored in the future.
# Reason: Replaced by [DEFAULT]/transport_url
#rpc_backend = rabbit
-rpc_backend = rabbit
# The default exchange under which topics are scoped. May be overridden by an
# exchange name specified in the transport_url option. (string value)
@@ -1721,7 +1721,6 @@
# This option is deprecated for removal.
# Its value may be silently ignored in the future.
#rabbit_max_retries = 0
-rabbit_max_retries = 0
# Try to use HA queues in RabbitMQ (x-ha-policy: all). If you change this
# option, you must wipe the RabbitMQ database. In RabbitMQ 3.0, queue mirroring
@@ -2160,10 +2159,24 @@
{%- for lbaas_name, lbaas in server.lbaas.providers.iteritems() %}
-{%- if lbaas.engine == "avinetworks" -%}
service_provider=LOADBALANCERV2:{{ lbaas_name }}:{{ lbaas.get('driver_path', 'avi_lbaasv2.avi_driver.AviDriver') }}:default
[{{ lbaas_name }}]
+
+{% if lbaas.engine == "octavia" %}
+
+base_url = {{ lbaas.base_url }}
+request_poll_timeout = 3000
+
+[service_auth]
+auth_version = 2
+admin_password = {{ server.identity.password }}
+admin_user = {{ server.identity.user }}
+admin_tenant_name = {{ server.identity.tenant }}
+auth_url = http://{{ server.identity.host }}:35357/v2.0
+{%- endif -%}
+
+{% if lbaas.engine == "avinetworks" %}
address={{ lbaas.controller_address }}
user={{ lbaas.controller_user }}
password={{ lbaas.controller_password }}
diff --git a/neutron/files/ocata/openvswitch_agent.ini b/neutron/files/ocata/openvswitch_agent.ini
index 2de0352..00c33b4 100644
--- a/neutron/files/ocata/openvswitch_agent.ini
+++ b/neutron/files/ocata/openvswitch_agent.ini
@@ -195,8 +195,9 @@
#agent_type = Open vSwitch agent
# Extensions list to use (list value)
-#extensions =
-
+{% if neutron.get('qos', 'True') %}
+extensions = qos
+{% endif %}
[ovs]
@@ -316,7 +317,7 @@
{%- if not neutron.get('security_groups_enabled', True) %}
firewall_driver = neutron.agent.firewall.NoopFirewallDriver
enable_security_group = False
-{%- elif neutron.dpdk %}
+{%- elif neutron.dpdk or neutron.get('vlan_aware_vms', False) %}
firewall_driver = openvswitch
enable_security_group = True
{%- else %}
diff --git a/neutron/files/ocata/sriov_agent.ini b/neutron/files/ocata/sriov_agent.ini
index 5f78a0e..eebd662 100644
--- a/neutron/files/ocata/sriov_agent.ini
+++ b/neutron/files/ocata/sriov_agent.ini
@@ -122,7 +122,9 @@
#
# Extensions list to use (list value)
-#extensions =
+{% if neutron.get('qos', 'True') %}
+extensions = qos
+{% endif %}
[sriov_nic]
diff --git a/neutron/meta/telegraf.yml b/neutron/meta/telegraf.yml
new file mode 100644
index 0000000..d152967
--- /dev/null
+++ b/neutron/meta/telegraf.yml
@@ -0,0 +1,8 @@
+{%- from "neutron/map.jinja" import server with context %}
+{%- if server.get('enabled', False) %}
+agent:
+ input:
+ http_response:
+ neutron-api:
+ address: "http://{{ server.bind.address|replace('0.0.0.0', '127.0.0.1') }}:{{ server.bind.port }}/"
+{%- endif %}
diff --git a/neutron/server.sls b/neutron/server.sls
index 5bf73e3..0b3a6be 100644
--- a/neutron/server.sls
+++ b/neutron/server.sls
@@ -1,6 +1,31 @@
{%- from "neutron/map.jinja" import server with context %}
{%- if server.get('enabled', False) %}
+{% if grains.os_family == 'Debian' %}
+# This is here to avoid starting up wrongly configured service and to avoid
+# issue with restart limits on systemd.
+
+policy_rcd_present:
+ file.managed:
+ - name: /usr/sbin/policy-rc.d
+ - mode: 0775
+ - contents: "exit 101"
+ - require_in:
+ - pkg: neutron_server_packages
+
+policy_rcd_absent_ok:
+ file.absent:
+ - name: /usr/sbin/policy-rc.d
+ - require:
+ - pkg: neutron_server_packages
+
+policy_rcd_absent_onfail:
+ file.absent:
+ - name: /usr/sbin/policy-rc.d
+ - onfail:
+ - pkg: neutron_server_packages
+{% endif %}
+
neutron_server_packages:
pkg.installed:
- names: {{ server.pkgs }}
@@ -27,14 +52,15 @@
pkg.installed:
- name: neutron-plugin-contrail
-{%- if not grains.get('noservices', False) %}
neutron_server_service:
service.running:
- name: neutron-server
- enable: true
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- watch:
- file: /etc/neutron/neutron.conf
-{%- endif %}
{%- endif %}
@@ -55,14 +81,15 @@
- require:
- file: /etc/neutron/plugins/ml2/ml2_conf.ini
-{%- if not grains.get('noservices', False) %}
neutron_db_manage:
cmd.run:
- name: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- require:
- file: /etc/neutron/neutron.conf
- file: /etc/neutron/plugins/ml2/ml2_conf.ini
-{%- endif %}
{%- endif %}
@@ -112,14 +139,11 @@
- template: jinja
- require:
- pkg: neutron_server_packages
-{%- if not grains.get('noservices', False) %}
- watch_in:
- service: neutron_server_services
{%- endif %}
-{%- endif %}
-
{%- if server.backend.engine == "midonet" %}
/etc/neutron/plugins/midonet/midonet.ini:
@@ -132,14 +156,15 @@
- dir_mode: 755
- template: jinja
-{%- if not grains.get('noservices', False) %}
neutron_db_manage:
cmd.run:
- name: neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/midonet/midonet.ini upgrade head
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- require:
- file: /etc/neutron/neutron.conf
- file: /etc/neutron/plugins/midonet/midonet.ini
-{%- endif %}
{%- if server.version == "kilo" %}
@@ -162,29 +187,29 @@
- python-neutron-lbaas
- python-neutron-fwaas
-{%- if not grains.get('noservices', False) %}
neutron_db_manage:
cmd.run:
- name: neutron-db-manage --subproject networking-midonet upgrade head
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- require:
- file: /etc/neutron/neutron.conf
- file: /etc/neutron/plugins/midonet/midonet.ini
-{%- endif %}
{%- endif %}
{%- endif %}
-{%- if not grains.get('noservices', False) %}
-
neutron_server_services:
service.running:
- names: {{ server.services }}
- enable: true
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
- watch:
- file: /etc/neutron/neutron.conf
-{%- endif %}
-
{%- if grains.get('virtual_subtype', None) == "Docker" %}
neutron_entrypoint:
diff --git a/tests/pillar/compute_qos.sls b/tests/pillar/compute_qos.sls
new file mode 100644
index 0000000..2122e00
--- /dev/null
+++ b/tests/pillar/compute_qos.sls
@@ -0,0 +1,25 @@
+neutron:
+ compute:
+ agent_mode: legacy
+ backend:
+ engine: ml2
+ tenant_network_types: "flat,vxlan"
+ mechanism:
+ ovs:
+ driver: openvswitch
+ dvr: false
+ enabled: true
+ qos: true
+ external_access: false
+ local_ip: 10.1.0.105
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ password: workshop
+ port: 5672
+ user: openstack
+ virtual_host: /openstack
+ metadata:
+ host: 127.0.0.1
+ password: password
+ version: ocata
\ No newline at end of file
diff --git a/tests/pillar/compute_qos_sriov.sls b/tests/pillar/compute_qos_sriov.sls
new file mode 100644
index 0000000..7d4d4ab
--- /dev/null
+++ b/tests/pillar/compute_qos_sriov.sls
@@ -0,0 +1,29 @@
+neutron:
+ compute:
+ agent_mode: legacy
+ backend:
+ engine: ml2
+ tenant_network_types: "flat,vxlan"
+ sriov:
+ nic_one:
+ devname: eth1
+ physical_network: physnet3
+ mechanism:
+ ovs:
+ driver: openvswitch
+ dvr: false
+ enabled: true
+ qos: true
+ external_access: false
+ local_ip: 10.1.0.105
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ password: workshop
+ port: 5672
+ user: openstack
+ virtual_host: /openstack
+ metadata:
+ host: 127.0.0.1
+ password: password
+ version: ocata
diff --git a/tests/pillar/control_lbaas_octavia.sls b/tests/pillar/control_lbaas_octavia.sls
new file mode 100644
index 0000000..5209b2d
--- /dev/null
+++ b/tests/pillar/control_lbaas_octavia.sls
@@ -0,0 +1,59 @@
+neutron:
+ server:
+ backend:
+ engine: ml2
+ external_mtu: 1500
+ mechanism:
+ ovs:
+ driver: openvswitch
+ tenant_network_types: flat,vxlan
+ bind:
+ address: 172.16.10.101
+ port: 9696
+ compute:
+ host: 127.0.0.1
+ password: workshop
+ region: RegionOne
+ tenant: service
+ user: nova
+ database:
+ engine: mysql
+ host: 127.0.0.1
+ name: neutron
+ password: workshop
+ port: 3306
+ user: neutron
+ version: ocata
+ dns_domain: novalocal
+ dvr: false
+ enabled: true
+ global_physnet_mtu: 1500
+ lbaas:
+ enabled: true
+ providers:
+ octavia:
+ engine: octavia
+ driver_path: 'neutron_lbaas.drivers.octavia.driver.OctaviaDriver'
+ base_url: 'http://127.0.0.1:9876'
+ identity:
+ engine: keystone
+ host: 127.0.0.1
+ password: workshop
+ port: 35357
+ region: RegionOne
+ tenant: service
+ user: neutron
+ endpoint_type: internal
+ l3_ha: false
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ password: workshop
+ port: 5672
+ user: openstack
+ virtual_host: /openstack
+ plugin: ml2
+ policy:
+ create_subnet: 'rule:admin_or_network_owner'
+ 'get_network:queue_id': 'rule:admin_only'
+ 'create_network:shared':
diff --git a/tests/pillar/control_qos.sls b/tests/pillar/control_qos.sls
new file mode 100644
index 0000000..3c24ccf
--- /dev/null
+++ b/tests/pillar/control_qos.sls
@@ -0,0 +1,53 @@
+neutron:
+ server:
+ backend:
+ engine: ml2
+ external_mtu: 1500
+ mechanism:
+ ovs:
+ driver: openvswitch
+ tenant_network_types: flat,vxlan
+ bind:
+ address: 172.16.10.101
+ port: 9696
+ compute:
+ host: 127.0.0.1
+ password: workshop
+ region: RegionOne
+ tenant: service
+ user: nova
+ database:
+ engine: mysql
+ host: 127.0.0.1
+ name: neutron
+ password: workshop
+ port: 3306
+ user: neutron
+ dns_domain: novalocal
+ dvr: false
+ enabled: true
+ qos: true
+ global_physnet_mtu: 1500
+ identity:
+ engine: keystone
+ host: 127.0.0.1
+ password: workshop
+ port: 35357
+ region: RegionOne
+ tenant: service
+ user: neutron
+ endpoint_type: internal
+ l3_ha: False
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ password: workshop
+ port: 5672
+ user: openstack
+ virtual_host: /openstack
+ plugin: ml2
+ version: ocata
+ policy:
+ create_subnet: 'rule:admin_or_network_owner'
+ 'get_network:queue_id': 'rule:admin_only'
+ 'create_network:shared':
diff --git a/tests/pillar/gateway_qos.sls b/tests/pillar/gateway_qos.sls
new file mode 100644
index 0000000..fea882e
--- /dev/null
+++ b/tests/pillar/gateway_qos.sls
@@ -0,0 +1,25 @@
+neutron:
+ gateway:
+ agent_mode: legacy
+ backend:
+ engine: ml2
+ tenant_network_types: "flat,vxlan"
+ mechanism:
+ ovs:
+ driver: openvswitch
+ dvr: false
+ enabled: true
+ qos: true
+ external_access: True
+ local_ip: 10.1.0.110
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ password: workshop
+ port: 5672
+ user: openstack
+ virtual_host: /openstack
+ metadata:
+ host: 127.0.0.1
+ password: password
+ version: ocata