Create ovs port in lb-mgmt-subnet for health manager
Manager state updated to create health manager port in ovs
with needed parameters. The state will also set proper MAC
for the link, call dhclient and add iptables rule.
Related prod: PROD-11938
Change-Id: I2a8037c51ed66f33053f100f45a160ecebec2e2d
diff --git a/metadata/service/manager/single.yml b/metadata/service/manager/single.yml
index fd05a15..a010f17 100644
--- a/metadata/service/manager/single.yml
+++ b/metadata/service/manager/single.yml
@@ -44,6 +44,8 @@
amp_image_tag: amphora
amp_secgroup_list: ${_param:amp_secgroup_list}
amp_ssh_key_name: octavia_ssh_key
+ amp_hm_port_id: ${_param:amp_hm_port_id}
+ amp_hm_port_mac: ${_param:amp_hm_port_mac}
loadbalancer_topology: 'SINGLE'
haproxy_amphora:
client_cert: '/etc/octavia/certs/client.pem'
diff --git a/octavia/manager.sls b/octavia/manager.sls
index d0b0e89..19aa9d8 100644
--- a/octavia/manager.sls
+++ b/octavia/manager.sls
@@ -19,13 +19,51 @@
- require:
- pkg: octavia_manager_packages
-/etc/octavia/dhcp/dhclient.conf:
+{% set dhclient_conf_path = '/etc/octavia/dhcp/dhclient.conf' %}
+
+{{ dhclient_conf_path }}:
file.managed:
- source: salt://octavia/files/{{ manager.version }}/dhcp/dhclient.conf
- require:
- pkg: octavia_manager_packages
{%- if not grains.get('noservices', False) %}
+
+health_manager_ovs_port:
+ cmd.run:
+ - name: "ovs-vsctl -- --may-exist add-port br-int o-hm0 -- set Interface
+ o-hm0 type=internal -- set Interface o-hm0 external-ids:iface-status=active
+ -- set Interface o-hm0 external-ids:attached-mac={{
+ manager.controller_worker.amp_hm_port_mac }} -- set Interface o-hm0
+ external-ids:iface-id={{ manager.controller_worker.amp_hm_port_id }} -- set
+ Interface o-hm0 external-ids:skip_cleanup=true"
+ - unless: ovs-vsctl show | grep o-hm0
+
+health_manager_port_set_mac:
+ cmd.run:
+ - name: "ip link set dev o-hm0 address {{
+ manager.controller_worker.amp_hm_port_mac }}"
+ - unless: "ip link show o-hm0 | grep {{
+ manager.controller_worker.amp_hm_port_mac }}"
+ - require:
+ - cmd: health_manager_ovs_port
+
+health_manager_port_dhclient:
+ cmd.run:
+ - name: dhclient -v o-hm0 -cf {{ dhclient_conf_path }}
+ - require:
+ - cmd: health_manager_port_set_mac
+
+health_manager_port_add_rule:
+ iptables.append:
+ - table: filter
+ - chain: INPUT
+ - jump: ACCEPT
+ - in-interface: o-hm0
+ - dport: 5555
+ - proto: udp
+ - save: True
+
octavia_manager_services:
service.running:
- names: {{ manager.services }}
diff --git a/tests/pillar/manager_single.sls b/tests/pillar/manager_single.sls
index f0cba83..2108fd9 100644
--- a/tests/pillar/manager_single.sls
+++ b/tests/pillar/manager_single.sls
@@ -35,6 +35,8 @@
amp_image_tag: amphora
amp_secgroup_list: '9fcd532e-5715-423a-8e3f-51abddbe7705'
amp_ssh_key_name: octavia_ssh_key
+ amp_hm_port_id: a52a982d-876d-414e-b8d3-4a0ce8c060c6
+ amp_hm_port_mac: fa:16:3e:c4:bf:b2
loadbalancer_topology: 'SINGLE'
haproxy_amphora:
client_cert: '/etc/octavia/certs/client.pem'