Merge "Bring in opendaylight support"
diff --git a/.kitchen.yml b/.kitchen.yml
index 6cfa3ef..60bc140 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -98,6 +98,11 @@
pillars-from-files:
neutron.sls: tests/pillar/compute_ovn.sls
+ - name: compute_bgpvpn
+ provisioner:
+ pillars-from-files:
+ neutron.sls: tests/pillar/compute_bgpvpn.sls
+
- name: control_cluster
provisioner:
pillars-from-files:
@@ -148,6 +153,11 @@
pillars-from-files:
neutron.sls: tests/pillar/control_ovn.sls
+ - name: control_bgpvpn
+ provisioner:
+ pillars-from-files:
+ neutron.sls: tests/pillar/control_bgpvpn.sls
+
- name: gateway_dvr
provisioner:
pillars-from-files:
diff --git a/README.rst b/README.rst
index 7f48637..17cc5b4 100644
--- a/README.rst
+++ b/README.rst
@@ -747,6 +747,28 @@
gateway:
vlan_aware_vms: true
+Neutron with BGP VPN
+---------------------------
+
+.. code-block:: yaml
+
+ neutron:
+ server:
+ version: pike
+ bgp_vpn:
+ enabled: false
+ driver: bagpipe # Options: bagpipe/opencontrail/opendaylight
+ ....
+ compute:
+ version: pike
+ bgp_vpn:
+ enabled: false
+ driver: bagpipe # Options: bagpipe/opencontrail/opendaylight
+ backend:
+ extension:
+ bagpipe_bgpvpn:
+ enabled: True
+
Neutron with DHCP agent on compute node
---------------------------------------
diff --git a/metadata/service/compute/single.yml b/metadata/service/compute/single.yml
index 3c14765..96f4268 100644
--- a/metadata/service/compute/single.yml
+++ b/metadata/service/compute/single.yml
@@ -26,6 +26,9 @@
security_groups_enabled: true
qos: false
vlan_aware_vms: false
+ bgp_vpn:
+ enabled: false
+ driver: bagpipe
metadata:
host: ${_param:cluster_vip_address}
password: ${_param:metadata_password}
diff --git a/metadata/service/control/cluster.yml b/metadata/service/control/cluster.yml
index 7f024c1..33ddaa2 100644
--- a/metadata/service/control/cluster.yml
+++ b/metadata/service/control/cluster.yml
@@ -13,6 +13,9 @@
enabled: true
dns_domain: novalocal
vlan_aware_vms: false
+ bgp_vpn:
+ enabled: false
+ driver: bagpipe
version: ${_param:neutron_version}
controller_vip: ${_param:cluster_vip_address}
bind:
diff --git a/metadata/service/control/single.yml b/metadata/service/control/single.yml
index d0ee1c5..939856c 100644
--- a/metadata/service/control/single.yml
+++ b/metadata/service/control/single.yml
@@ -17,6 +17,9 @@
security_groups_enabled: true
qos: false
vlan_aware_vms: false
+ bgp_vpn:
+ enabled: false
+ driver: bagpipe
version: ${_param:neutron_version}
controller_vip: ${_param:single_address}
bind:
diff --git a/neutron/compute.sls b/neutron/compute.sls
index 2935a27..770f2ba 100644
--- a/neutron/compute.sls
+++ b/neutron/compute.sls
@@ -6,6 +6,14 @@
pkg.installed:
- names: {{ compute.pkgs }}
+{% if compute.get('bgp_vpn', {}).get('enabled', False) %}
+{% if compute.bgp_vpn.driver == "bagpipe" %}
+bagpipe_packages:
+ pkg.installed:
+ - names: {{ compute.pkgs_bagpipe }}
+{% endif %}
+{% endif %}
+
/etc/neutron/neutron.conf:
file.managed:
- source: salt://neutron/files/{{ compute.version }}/neutron-generic.conf.{{ grains.os_family }}
diff --git a/neutron/files/newton/sriov_agent.ini b/neutron/files/newton/sriov_agent.ini
index d4ac823..971f52f 100644
--- a/neutron/files/newton/sriov_agent.ini
+++ b/neutron/files/newton/sriov_agent.ini
@@ -43,3 +43,8 @@
# functions that should not be used for virtual networking. vfs_to_exclude is a semicolon-separated list of virtual functions to exclude
# from network_device. The network_device in the mapping should appear in the physical_device_mappings list. (list value)
#exclude_devices =
+
+{%- if pillar.neutron.compute is defined %}
+[securitygroup]
+firewall_driver = neutron.agent.firewall.NoopFirewallDriver
+{%- endif %}
diff --git a/neutron/files/ocata/sriov_agent.ini b/neutron/files/ocata/sriov_agent.ini
index 3a2cb1d..3947dec 100644
--- a/neutron/files/ocata/sriov_agent.ini
+++ b/neutron/files/ocata/sriov_agent.ini
@@ -153,3 +153,8 @@
# network_device in the mapping should appear in the physical_device_mappings
# list. (list value)
#exclude_devices =
+
+{%- if pillar.neutron.compute is defined %}
+[securitygroup]
+firewall_driver = neutron.agent.firewall.NoopFirewallDriver
+{%- endif %}
diff --git a/neutron/files/pike/neutron-server.conf.Debian b/neutron/files/pike/neutron-server.conf.Debian
index ebcd6af..2daaebf 100644
--- a/neutron/files/pike/neutron-server.conf.Debian
+++ b/neutron/files/pike/neutron-server.conf.Debian
@@ -56,6 +56,7 @@
{%- if server.get('qos', 'True') -%},neutron.services.qos.qos_plugin.QoSPlugin{%- endif -%}
{%- if server.get('vlan_aware_vms', False) -%},trunk{%- endif -%}
{%- if server.l2gw is defined and server.l2gw.get('enabled', False) -%},networking_l2gw.services.l2gateway.plugin.L2GatewayPlugin{%- endif -%}
+{%- if server.get('bgp_vpn', {}).get('enabled', False) -%},bgpvpn{%- endif -%}
{% endif %}
@@ -2202,6 +2203,23 @@
#ciphers = <None>
[service_providers]
+{% if server.get('bgp_vpn', {}).get('enabled', False) -%}
+
+{%- if server.bgp_vpn.driver == "bagpipe" -%}
+
+service_provider = BGPVPN:BaGPipe:networking_bgpvpn.neutron.services.service_drivers.bagpipe.bagpipe.BaGPipeBGPVPNDriver:default
+
+{%- elif server.bgp_vpn.driver == "opencontrail" -%}
+
+service_provider = BGPVPN:OpenContrail:networking_bgpvpn.neutron.services.service_drivers.opencontrail.opencontrail.OpenContrailBGPVPNDriver:default
+
+{%- elif server.bgp_vpn.driver == "opendaylight" -%}
+
+service_provider = BGPVPN:OpenDaylight:networking_bgpvpn.neutron.services.service_drivers.opendaylight.odl.OpenDaylightBgpvpnDriver:default
+
+{%- endif -%}
+{%- endif -%}
+
{% if server.lbaas is defined -%}
{%- if server.lbaas.enabled -%}
diff --git a/neutron/files/pike/sriov_agent.ini b/neutron/files/pike/sriov_agent.ini
index 3a2cb1d..3947dec 100644
--- a/neutron/files/pike/sriov_agent.ini
+++ b/neutron/files/pike/sriov_agent.ini
@@ -153,3 +153,8 @@
# network_device in the mapping should appear in the physical_device_mappings
# list. (list value)
#exclude_devices =
+
+{%- if pillar.neutron.compute is defined %}
+[securitygroup]
+firewall_driver = neutron.agent.firewall.NoopFirewallDriver
+{%- endif %}
diff --git a/neutron/map.jinja b/neutron/map.jinja
index 980015d..c509b31 100644
--- a/neutron/map.jinja
+++ b/neutron/map.jinja
@@ -10,6 +10,7 @@
'Debian': {
'pkgs': ['neutron-openvswitch-agent', 'openvswitch-switch', 'python-pycadf'],
'pkgs_ovn': ['ovn-common', 'ovn-host'],
+ 'pkgs_bagpipe': ['python-networking-bagpipe'],
'services': ['neutron-openvswitch-agent'],
'services_ovn': ['ovn-host'],
'dpdk': false,
@@ -28,6 +29,7 @@
'RedHat': {
'pkgs': ['openstack-neutron-openvswitch', 'openvswitch', 'python-pycadf'],
'pkgs_ovn': ['openvswitch-ovn'],
+ 'pkgs_bagpipe': ['python-networking-bagpipe'],
'services': ['neutron-openvswitch-agent'],
'services_ovn': ['ovn-host'],
'dpdk': false,
@@ -92,6 +94,8 @@
'pkgs_ovn': ['python-networking-ovn', 'ovn-common', 'ovn-central'],
'pkgs_ml2': ['neutron-plugin-ml2'],
'pkgs_l2gw': ['python-networking-l2gw'],
+ 'pkgs_bgpvpn': ['python-networking-bgpvpn'],
+ 'pkgs_bagpipe': ['python-networking-bagpipe'],
'services': ['neutron-server'],
'services_ovn': ['ovn-central'],
'notification': False,
@@ -114,6 +118,8 @@
'pkgs': ['openstack-neutron'],
'pkgs_ovn': ['openvswitch-ovn', 'python-networking-ovn'],
'pkgs_l2gw': ['python2-networking-l2gw'],
+ 'pkgs_bgpvpn': ['python-networking-bgpvpn'],
+ 'pkgs_bagpipe': ['python-networking-bagpipe'],
'services': ['neutron-server'],
'services_ovn': ['ovn-central'],
'notification': False,
diff --git a/neutron/server.sls b/neutron/server.sls
index b345822..7c13131 100644
--- a/neutron/server.sls
+++ b/neutron/server.sls
@@ -326,6 +326,29 @@
{%- endif %}
{%- endif %}
+{% if server.get('bgp_vpn', {}).get('enabled', False) %}
+
+bgpvpn_packages:
+ pkg.installed:
+ - names: {{ server.pkgs_bgpvpn }}
+
+bgpvpn_db_manage:
+ cmd.run:
+ - name: neutron-db-manage --config-file /etc/neutron/neutron.conf --subproject networking-bgpvpn upgrade head
+ - require:
+ - file: /etc/neutron/neutron.conf
+ - pkg: bgpvpn_packages
+
+{% if server.bgp_vpn.driver == "bagpipe" %}
+
+bagpipe_packages:
+ pkg.installed:
+ - names: {{ server.pkgs_bagpipe }}
+
+{% endif %}
+
+{% endif %}
+
neutron_server_services:
service.running:
- names: {{ server.services }}
diff --git a/tests/pillar/compute_bgpvpn.sls b/tests/pillar/compute_bgpvpn.sls
new file mode 100644
index 0000000..b4aaaba
--- /dev/null
+++ b/tests/pillar/compute_bgpvpn.sls
@@ -0,0 +1,21 @@
+include:
+ - .compute_legacy
+
+neutron:
+ compute:
+ version: pike
+ bgp_vpn:
+ enabled: true
+ driver: bagpipe
+ backend:
+ extension:
+ bagpipe_bgpvpn:
+ enabled: True
+linux:
+ system:
+ enabled: true
+ repo:
+ mirantis_openstack_pike:
+ source: "deb http://mirror.fuel-infra.org/mcp-repos/pike/xenial pike main"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/pike/xenial/archive-mcppike.key"
\ No newline at end of file
diff --git a/tests/pillar/control_bgpvpn.sls b/tests/pillar/control_bgpvpn.sls
new file mode 100644
index 0000000..d7b4d16
--- /dev/null
+++ b/tests/pillar/control_bgpvpn.sls
@@ -0,0 +1,17 @@
+include:
+ - .control_nodvr
+
+neutron:
+ server:
+ version: pike
+ bgp_vpn:
+ enabled: true
+ driver: bagpipe
+linux:
+ system:
+ enabled: true
+ repo:
+ mirantis_openstack_pike:
+ source: "deb http://mirror.fuel-infra.org/mcp-repos/pike/xenial pike main"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/pike/xenial/archive-mcppike.key"
\ No newline at end of file