BGP VPN: configure BaGPipe service for bagpipe driver
BaGPipe driver for BGP VPN relies on the use of the bagpipe-bgp
BGP VPN implementation on compute nodes and the MPLS implementation
in OpenVSwitch.
Change-Id: Iebadbafcace34e78001ed4d910a618de1e6ac90f
Related-Prod: PROD-17949
diff --git a/README.rst b/README.rst
index 17cc5b4..5532662 100644
--- a/README.rst
+++ b/README.rst
@@ -747,7 +747,7 @@
gateway:
vlan_aware_vms: true
-Neutron with BGP VPN
+Neutron with BGP VPN (BaGPipe driver)
---------------------------
.. code-block:: yaml
@@ -756,14 +756,19 @@
server:
version: pike
bgp_vpn:
- enabled: false
+ enabled: true
driver: bagpipe # Options: bagpipe/opencontrail/opendaylight
....
compute:
version: pike
bgp_vpn:
- enabled: false
+ enabled: true
driver: bagpipe # Options: bagpipe/opencontrail/opendaylight
+ bagpipe:
+ local_address: 192.168.20.20 # IP address for mpls/gre tunnels
+ peers: 192.168.20.30 # IP addresses of BGP peers
+ autonomous_system: 64512 # Autonomous System number
+ enable_rtc: True # Enable RT Constraint (RFC4684)
backend:
extension:
bagpipe_bgpvpn:
diff --git a/neutron/compute.sls b/neutron/compute.sls
index 770f2ba..418282d 100644
--- a/neutron/compute.sls
+++ b/neutron/compute.sls
@@ -6,12 +6,9 @@
pkg.installed:
- names: {{ compute.pkgs }}
-{% if compute.get('bgp_vpn', {}).get('enabled', False) %}
-{% if compute.bgp_vpn.driver == "bagpipe" %}
-bagpipe_packages:
- pkg.installed:
- - names: {{ compute.pkgs_bagpipe }}
-{% endif %}
+{% if compute.get('bgp_vpn', {}).get('enabled', False) and compute.bgp_vpn.driver == "bagpipe" %}
+include:
+ - .services._bagpipe
{% endif %}
/etc/neutron/neutron.conf:
diff --git a/neutron/files/pike/bagpipe-bgp.conf b/neutron/files/pike/bagpipe-bgp.conf
new file mode 100644
index 0000000..d4f8b5c
--- /dev/null
+++ b/neutron/files/pike/bagpipe-bgp.conf
@@ -0,0 +1,109 @@
+{%- from "neutron/map.jinja" import compute with context -%}
+[BGP]
+local_address = {{ compute.bgp_vpn.bagpipe.local_address }}
+peers = {{ compute.bgp_vpn.bagpipe.peers }}
+my_as = {{ compute.bgp_vpn.bagpipe.get('autonomous_system', 64512) }}
+enable_rtc = {{ compute.bgp_vpn.bagpipe.get('enable_rtc', True) }}
+
+[COMMON]
+# Root helper and root helper application
+# root_helper_daemon is designed to use oslo-rootwrap-daemon for commands
+# that need to be run as root.
+# If root_helper_daemon is unset, bagpipe-bgp will use 'root_help' to call
+# these commands, which defaults to 'sudo', and can be configured to use
+# oslo.rootwrap.
+#root_helper = sudo
+#root_helper = sudo /usr/local/bin/oslo-rootwrap /etc/bagpipe-bgp/rootwrap.conf
+root_helper_daemon = sudo /usr/bin/oslo-rootwrap-daemon /etc/bagpipe-bgp/rootwrap.conf
+
+# local IP address (that others will use to send us encapsulated packets, and that
+# we will use to send)
+# Note: does not need to be specified if different than the BGP local_address
+# Note: can be overwritten under each dataplane config
+# dataplane_local_address=eth1
+# dataplane_local_address=1.2.3.4
+
+[API]
+# BGP component API IP address and port
+host=localhost
+port=8082
+
+
+[DATAPLANE_DRIVER_IPVPN]
+
+# IP VPN dataplane driver class
+# Example values:
+#dataplane_driver = ovs
+#dataplane_driver = linux
+dataplane_driver = ovs
+
+# OVS bridge to use (defaults to br-int)
+ovs_bridge = br-mpls
+
+# MPLS outgoing interface (for linux and ovs drivers)
+#
+# (not specifying an mpls_interface or using the '*gre*' special value
+# means that the driver will instantiate a tunnel interface and use an
+# MPLS/GRE encapsulation)
+# mpls_interface=*gre*
+mpls_interface=*gre*
+
+# GRE tunnel to use (default to mpls_gre)
+#gre_tunnel=mpls_gre
+
+# Uncomment the following to allow the use of standard MPLS-o-GRE in OVS
+# (rather than MPLS-o-Eth-o-GRE).
+#
+# gre_tunnel_options="options:layer3=true"
+
+# Support VXLAN encapsulation of IP VPN traffic with the
+# ovs driver.
+#
+# Note well: this is non-standard and aimed at making it easier
+# to test IP VPN until OVS 2.4 is shipping
+#
+# WARNING: this option does *not* co-exist with the EVPN
+# linux (can't have both OVS and the linux
+# kernel native VXLAN stack process VXLAN)
+#
+#vxlan_encap=True
+
+# local IP address (that others will use to send us encapsulated packets, and that
+# we will use to send)
+# Note: does not need to be specified if different than the BGP local_address
+# dataplane_local_address=eth1
+# dataplane_local_address=1.2.3.4
+
+# (obsolete:)
+ovsbr_interfaces_mtu=4000
+
+# for ovs driver, control whether or not the VRF will
+# reply to all ARP requests on the subnet and impersonate the gateway
+# (defaults to True)
+proxy_arp=False
+
+[DATAPLANE_DRIVER_EVPN]
+
+# EVPN dataplane driver class
+# Example values:
+#dataplane_driver = linux
+dataplane_driver = dummy
+
+# (obsolete)
+ovsbr_interfaces_mtu=4000
+
+# The linux driver allows to force the VXLAN destination port IF iproute2 is
+# at version 3.14 or above (i.e. >= "ss140411" with "ip -V").
+#
+# to use standard IANA port for VXLAN:
+#vxlan_dst_port=4789
+#
+# to interoperate with switches or boxes not having the ability to
+# use another port than the linux kernel default 8472:
+#vxlan_dst_port=8472
+
+# local IP address (that others will use to send us encapsulated packets, and that
+# we will use to send)
+# Note: does not need to be specified if different than the BGP local_address
+# dataplane_local_address=eth1
+# dataplane_local_address=1.2.3.4
\ No newline at end of file
diff --git a/neutron/services/_bagpipe.sls b/neutron/services/_bagpipe.sls
new file mode 100644
index 0000000..76ed46b
--- /dev/null
+++ b/neutron/services/_bagpipe.sls
@@ -0,0 +1,28 @@
+{%- from "neutron/map.jinja" import compute with context %}
+
+bagpipe_packages:
+ pkg.installed:
+ - names: {{ compute.pkgs_bagpipe }}
+
+/etc/bagpipe-bgp/bgp.conf:
+ file.managed:
+ - source: salt://neutron/files/{{ compute.version }}/bagpipe-bgp.conf
+ - template: jinja
+ - require:
+ - pkg: bagpipe_packages
+
+mpls_interface:
+ cmd.run:
+ - name: "ovs-vsctl --may-exist add-br br-mpls -- set-fail-mode br-mpls secure"
+ - unless: "ovs-vsctl show | grep -w br-mpls"
+
+bagpipe-bgp:
+ service.running:
+ - enable: true
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
+ - require:
+ - cmd: mpls_interface
+ - watch:
+ - file: /etc/bagpipe-bgp/bgp.conf
\ No newline at end of file
diff --git a/tests/pillar/compute_bgpvpn.sls b/tests/pillar/compute_bgpvpn.sls
index b4aaaba..78b7801 100644
--- a/tests/pillar/compute_bgpvpn.sls
+++ b/tests/pillar/compute_bgpvpn.sls
@@ -7,6 +7,11 @@
bgp_vpn:
enabled: true
driver: bagpipe
+ bagpipe:
+ local_address: 192.168.20.20
+ peers: 192.168.20.30
+ autonomous_system: 64512
+ enable_rtc: True
backend:
extension:
bagpipe_bgpvpn: