Puppet Class: neutron::agents::ovs
- Defined in:
- manifests/agents/ovs.pp
Overview
Class: neutron::agents::ovs
Setups OVS neutron agent.
Parameters
- firewall_driver
-
(optional) Firewall driver for realizing neutron security group function. Defaults to ‘neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver’.
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 |
# File 'manifests/agents/ovs.pp', line 11
class neutron::agents::ovs (
$package_ensure = 'present',
$manage_service = true,
$enabled = true,
$bridge_uplinks = [],
$bridge_mappings = [],
$integration_bridge = 'br-int',
$enable_tunneling = false,
$tunnel_types = [],
$local_ip = false,
$tunnel_bridge = 'br-tun',
$vxlan_udp_port = 4789,
$polling_interval = 2,
$firewall_driver = 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver',
$veth_mtu = undef
) {
include neutron::params
require vswitch::ovs
if $enable_tunneling and ! $local_ip {
fail('Local ip for ovs agent must be set when tunneling is enabled')
}
if $enabled {
Neutron_config<||> ~> Service['neutron-plugin-ovs-service']
Neutron_plugin_ovs<||> ~> Service['neutron-plugin-ovs-service']
Neutron::Plugins::Ovs::Bridge<||> -> Service['neutron-plugin-ovs-service']
Neutron::Plugins::Ovs::Port<||> -> Service['neutron-plugin-ovs-service']
Vs_bridge<||> -> Service['neutron-plugin-ovs-service']
}
if ($bridge_mappings != []) {
# bridge_mappings are used to describe external networks that are
# *directly* attached to this machine.
# (This has nothing to do with VM-VM comms over neutron virtual networks.)
# Typically, the network node - running L3 agent - will want one external
# network (often this is on the control node) and the other nodes (all the
# compute nodes) will want none at all. The only other reason you will
# want to add networks here is if you're using provider networks, in which
# case you will name the network with bridge_mappings and add the server's
# interfaces that are attached to that network with bridge_uplinks.
# (The bridge names can be nearly anything, they just have to match between
# mappings and uplinks; they're what the OVS switches will get named.)
# Set config for bridges that we're going to create
# The OVS neutron plugin will talk in terms of the networks in the bridge_mappings
$br_map_str = join($bridge_mappings, ',')
neutron_plugin_ovs {
'OVS/bridge_mappings': value => $br_map_str;
}
neutron::plugins::ovs::bridge{ $bridge_mappings: }
neutron::plugins::ovs::port{ $bridge_uplinks: }
}
neutron_plugin_ovs {
'AGENT/polling_interval': value => $polling_interval;
'OVS/integration_bridge': value => $integration_bridge;
}
if ($firewall_driver) {
neutron_plugin_ovs { 'SECURITYGROUP/firewall_driver':
value => $firewall_driver
}
} else {
neutron_plugin_ovs { 'SECURITYGROUP/firewall_driver': ensure => absent }
}
vs_bridge { $integration_bridge:
ensure => present,
}
if $enable_tunneling {
vs_bridge { $tunnel_bridge:
ensure => present,
before => Service['neutron-plugin-ovs-service'],
}
neutron_plugin_ovs {
'OVS/enable_tunneling': value => true;
'OVS/tunnel_bridge': value => $tunnel_bridge;
'OVS/local_ip': value => $local_ip;
}
if size($tunnel_types) > 0 {
neutron_plugin_ovs {
'agent/tunnel_types': value => join($tunnel_types, ',');
}
}
if 'vxlan' in $tunnel_types {
validate_vxlan_udp_port($vxlan_udp_port)
neutron_plugin_ovs {
'agent/vxlan_udp_port': value => $vxlan_udp_port;
}
}
} else {
neutron_plugin_ovs {
'OVS/enable_tunneling': value => false;
'OVS/tunnel_bridge': ensure => absent;
'OVS/local_ip': ensure => absent;
}
}
if $::neutron::params::ovs_agent_package {
Package['neutron-plugin-ovs-agent'] -> Neutron_plugin_ovs<||>
package { 'neutron-plugin-ovs-agent':
ensure => $package_ensure,
name => $::neutron::params::ovs_agent_package,
}
} else {
# Some platforms (RedHat) do not provide a separate
# neutron plugin ovs agent package. The configuration file for
# the ovs agent is provided by the neutron ovs plugin package.
Package['neutron-plugin-ovs'] -> Neutron_plugin_ovs<||>
Package['neutron-plugin-ovs'] -> Service['ovs-cleanup-service']
ensure_resource('package', 'neutron-plugin-ovs', {
ensure => $package_ensure,
name => $::neutron::params::ovs_server_package,
})
}
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
}
service { 'neutron-plugin-ovs-service':
ensure => $service_ensure,
name => $::neutron::params::ovs_agent_service,
enable => $enabled,
require => Class['neutron'],
}
if $::neutron::params::ovs_cleanup_service {
service {'ovs-cleanup-service':
name => $::neutron::params::ovs_cleanup_service,
enable => $enabled,
}
}
if $veth_mtu {
neutron_plugin_ovs { 'AGENT/veth_mtu': value => $veth_mtu }
} else {
neutron_plugin_ovs { 'AGENT/veth_mtu': ensure => absent }
}
}
|