Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 8339df03993daed2334c7086241d8fdc935b05f6 / . / lib / neutron
blob: e7719d4ebc6cecaf075384de59350bf100212d9e [file] [log] [blame]
#!/bin/bash
#
# lib/neutron
# Install and start **Neutron** network services
# Dependencies:
#
# ``functions`` file
# ``DEST`` must be defined
# ``stack.sh`` calls the entry points in this order:
#
# - is_XXXX_enabled
# - install_XXXX
# - configure_XXXX
# - init_XXXX
# - start_XXXX
# - stop_XXXX
# - cleanup_XXXX
# Save trace setting
XTRACE=$(set +o | grep xtrace)
set +o xtrace
# Defaults
# --------
# Set up default directories
GITDIR["python-neutronclient"]=$DEST/python-neutronclient
# NEUTRON_DEPLOY_MOD_WSGI defines how neutron is deployed, allowed values:
# - False (default) : Run neutron under Eventlet
# - True : Run neutron under uwsgi
# TODO(annp): Switching to uwsgi in next cycle if things turn out to be stable
# enough
NEUTRON_DEPLOY_MOD_WSGI=$(trueorfalse False NEUTRON_DEPLOY_MOD_WSGI)
NEUTRON_AGENT=${NEUTRON_AGENT:-openvswitch}
NEUTRON_DIR=$DEST/neutron
# If NEUTRON_ENFORCE_SCOPE == True, it will set "enforce_scope"
# and "enforce_new_defaults" to True in the Neutron's config to enforce usage
# of the new RBAC policies and scopes.
NEUTRON_ENFORCE_SCOPE=$(trueorfalse False NEUTRON_ENFORCE_SCOPE)
NEUTRON_DISTRIBUTED_ROUTING=$(trueorfalse False NEUTRON_DISTRIBUTED_ROUTING)
# Distributed Virtual Router (DVR) configuration
# Can be:
# - ``legacy`` - No DVR functionality
# - ``dvr_snat`` - Controller or single node DVR
# - ``dvr`` - Compute node in multi-node DVR
# - ``dvr_no_external`` - Compute node in multi-node DVR, no external network
#
# Default is 'dvr_snat' since it can handle both DVR and legacy routers
NEUTRON_DVR_MODE=${NEUTRON_DVR_MODE:-dvr_snat}
NEUTRON_BIN_DIR=$(get_python_exec_prefix)
NEUTRON_DHCP_BINARY="neutron-dhcp-agent"
NEUTRON_CONF_DIR=/etc/neutron
NEUTRON_CONF=$NEUTRON_CONF_DIR/neutron.conf
NEUTRON_META_CONF=$NEUTRON_CONF_DIR/metadata_agent.ini
NEUTRON_META_DATA_HOST=${NEUTRON_META_DATA_HOST:-$(ipv6_unquote $SERVICE_HOST)}
NEUTRON_DHCP_CONF=$NEUTRON_CONF_DIR/dhcp_agent.ini
NEUTRON_L3_CONF=$NEUTRON_CONF_DIR/l3_agent.ini
NEUTRON_AGENT_CONF=$NEUTRON_CONF_DIR/
NEUTRON_CREATE_INITIAL_NETWORKS=${NEUTRON_CREATE_INITIAL_NETWORKS:-True}
NEUTRON_STATE_PATH=${NEUTRON_STATE_PATH:=$DATA_DIR/neutron}
NEUTRON_UWSGI_CONF=$NEUTRON_CONF_DIR/neutron-api-uwsgi.ini
# By default, use the ML2 plugin
NEUTRON_CORE_PLUGIN=${NEUTRON_CORE_PLUGIN:-ml2}
NEUTRON_CORE_PLUGIN_CONF_FILENAME=${NEUTRON_CORE_PLUGIN_CONF_FILENAME:-ml2_conf.ini}
NEUTRON_CORE_PLUGIN_CONF_PATH=$NEUTRON_CONF_DIR/plugins/$NEUTRON_CORE_PLUGIN
NEUTRON_CORE_PLUGIN_CONF=$NEUTRON_CORE_PLUGIN_CONF_PATH/$NEUTRON_CORE_PLUGIN_CONF_FILENAME
NEUTRON_METERING_AGENT_CONF_FILENAME=${NEUTRON_METERING_AGENT_CONF_FILENAME:-metering_agent.ini}
NEUTRON_METERING_AGENT_CONF=$NEUTRON_CONF_DIR/$NEUTRON_METERING_AGENT_CONF_FILENAME
NEUTRON_AGENT_BINARY=${NEUTRON_AGENT_BINARY:-neutron-$NEUTRON_AGENT-agent}
NEUTRON_L3_BINARY=${NEUTRON_L3_BINARY:-neutron-l3-agent}
NEUTRON_META_BINARY=${NEUTRON_META_BINARY:-neutron-metadata-agent}
NEUTRON_METERING_BINARY=${NEUTRON_METERING_BINARY:-neutron-metering-agent}
# Public facing bits
if is_service_enabled tls-proxy; then
NEUTRON_SERVICE_PROTOCOL="https"
fi
NEUTRON_SERVICE_HOST=${NEUTRON_SERVICE_HOST:-$SERVICE_HOST}
NEUTRON_SERVICE_PORT=${NEUTRON_SERVICE_PORT:-9696}
NEUTRON_SERVICE_PORT_INT=${NEUTRON_SERVICE_PORT_INT:-19696}
NEUTRON_SERVICE_PROTOCOL=${NEUTRON_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
NEUTRON_AUTH_STRATEGY=${NEUTRON_AUTH_STRATEGY:-keystone}
NEUTRON_ROOTWRAP=$(get_rootwrap_location neutron)
NEUTRON_ROOTWRAP_CONF_FILE=$NEUTRON_CONF_DIR/rootwrap.conf
NEUTRON_ROOTWRAP_CMD="$NEUTRON_ROOTWRAP $NEUTRON_ROOTWRAP_CONF_FILE"
NEUTRON_ROOTWRAP_DAEMON_CMD="$NEUTRON_ROOTWRAP-daemon $NEUTRON_ROOTWRAP_CONF_FILE"
# This is needed because _neutron_ovs_base_configure_l3_agent uses it to create
# an external network bridge
PUBLIC_BRIDGE=${PUBLIC_BRIDGE:-br-ex}
PUBLIC_BRIDGE_MTU=${PUBLIC_BRIDGE_MTU:-1500}
# Network type - default vxlan, however enables vlan based jobs to override
# using the legacy environment variable as well as a new variable in greater
# alignment with the naming scheme of this plugin.
NEUTRON_TENANT_NETWORK_TYPE=${NEUTRON_TENANT_NETWORK_TYPE:-vxlan}
NEUTRON_TENANT_VLAN_RANGE=${NEUTRON_TENANT_VLAN_RANGE:-${TENANT_VLAN_RANGE:-100:150}}
# Physical network for VLAN network usage.
NEUTRON_PHYSICAL_NETWORK=${NEUTRON_PHYSICAL_NETWORK:-}
# Additional neutron api config files
declare -a -g _NEUTRON_SERVER_EXTRA_CONF_FILES_ABS
# Functions
# ---------
# Test if any Neutron services are enabled
# is_neutron_enabled
function is_neutron_enabled {
[[ ,${DISABLED_SERVICES} =~ ,"neutron" ]] && return 1
[[ ,${ENABLED_SERVICES} =~ ,"neutron-" || ,${ENABLED_SERVICES} =~ ,"q-" ]] && return 0
return 1
}
# Test if any Neutron services are enabled
# is_neutron_enabled
function is_neutron_legacy_enabled {
# first we need to remove all "neutron-" from DISABLED_SERVICES list
disabled_services_copy=$(echo $DISABLED_SERVICES | sed 's/neutron-//g')
[[ ,${disabled_services_copy} =~ ,"neutron" ]] && return 1
[[ ,${ENABLED_SERVICES} =~ ,"q-" ]] && return 0
return 1
}
if is_neutron_legacy_enabled; then
source $TOP_DIR/lib/neutron-legacy
fi
# cleanup_neutron() - Remove residual data files, anything left over from previous
# runs that a clean run would need to clean up
function cleanup_neutron_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
source $TOP_DIR/lib/neutron_plugins/${NEUTRON_AGENT}_agent
if is_neutron_ovs_base_plugin; then
neutron_ovs_base_cleanup
fi
if [[ $NEUTRON_AGENT == "linuxbridge" ]]; then
neutron_lb_cleanup
fi
# delete all namespaces created by neutron
for ns in $(sudo ip netns list | grep -o -E '(qdhcp|qrouter|qlbaas|fip|snat)-[0-9a-f-]*'); do
sudo ip netns delete ${ns}
done
}
# configure_root_helper_options() - Configure agent rootwrap helper options
function configure_root_helper_options {
local conffile=$1
iniset $conffile agent root_helper "sudo $NEUTRON_ROOTWRAP_CMD"
iniset $conffile agent root_helper_daemon "sudo $NEUTRON_ROOTWRAP_DAEMON_CMD"
}
# configure_neutron() - Set config files, create data dirs, etc
function configure_neutron_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
sudo install -d -o $STACK_USER $NEUTRON_CONF_DIR
(cd $NEUTRON_DIR && exec ./tools/generate_config_file_samples.sh)
cp $NEUTRON_DIR/etc/neutron.conf.sample $NEUTRON_CONF
configure_neutron_rootwrap
mkdir -p $NEUTRON_CORE_PLUGIN_CONF_PATH
# NOTE(yamamoto): A decomposed plugin should prepare the config file in
# its devstack plugin.
if [ -f $NEUTRON_DIR/etc/neutron/plugins/$NEUTRON_CORE_PLUGIN/$NEUTRON_CORE_PLUGIN_CONF_FILENAME.sample ]; then
cp $NEUTRON_DIR/etc/neutron/plugins/$NEUTRON_CORE_PLUGIN/$NEUTRON_CORE_PLUGIN_CONF_FILENAME.sample $NEUTRON_CORE_PLUGIN_CONF
fi
iniset $NEUTRON_CONF database connection `database_connection_url neutron`
iniset $NEUTRON_CONF DEFAULT state_path $NEUTRON_STATE_PATH
iniset $NEUTRON_CONF oslo_concurrency lock_path $NEUTRON_STATE_PATH/lock
iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG
iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
iniset_rpc_backend neutron $NEUTRON_CONF
# Neutron API server & Neutron plugin
if is_service_enabled neutron-api; then
local policy_file=$NEUTRON_CONF_DIR/policy.json
# Allow neutron user to administer neutron to match neutron account
# NOTE(amotoki): This is required for nova works correctly with neutron.
if [ -f $NEUTRON_DIR/etc/policy.json ]; then
cp $NEUTRON_DIR/etc/policy.json $policy_file
sed -i 's/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $policy_file
else
echo '{"context_is_admin": "role:admin or user_name:neutron"}' > $policy_file
fi
cp $NEUTRON_DIR/etc/api-paste.ini $NEUTRON_CONF_DIR/api-paste.ini
iniset $NEUTRON_CONF DEFAULT core_plugin $NEUTRON_CORE_PLUGIN
iniset $NEUTRON_CONF DEFAULT policy_file $policy_file
iniset $NEUTRON_CONF DEFAULT allow_overlapping_ips True
iniset $NEUTRON_CONF DEFAULT router_distributed $NEUTRON_DISTRIBUTED_ROUTING
iniset $NEUTRON_CONF DEFAULT auth_strategy $NEUTRON_AUTH_STRATEGY
configure_keystone_authtoken_middleware $NEUTRON_CONF neutron
configure_keystone_authtoken_middleware $NEUTRON_CONF nova nova
# Configure tenant network type
iniset $NEUTRON_CORE_PLUGIN_CONF ml2 tenant_network_types $NEUTRON_TENANT_NETWORK_TYPE
local mech_drivers="openvswitch"
if [[ "$NEUTRON_DISTRIBUTED_ROUTING" = "True" ]]; then
mech_drivers+=",l2population"
else
mech_drivers+=",linuxbridge"
fi
iniset $NEUTRON_CORE_PLUGIN_CONF ml2 mechanism_drivers $mech_drivers
iniset $NEUTRON_CORE_PLUGIN_CONF ml2_type_vxlan vni_ranges 1001:2000
iniset $NEUTRON_CORE_PLUGIN_CONF ml2_type_flat flat_networks $PUBLIC_NETWORK_NAME
if [[ "$NEUTRON_TENANT_NETWORK_TYPE" =~ "vlan" ]] && [[ "$NEUTRON_PHYSICAL_NETWORK" != "" ]]; then
iniset $NEUTRON_CORE_PLUGIN_CONF ml2_type_vlan network_vlan_ranges ${NEUTRON_PHYSICAL_NETWORK}:${NEUTRON_TENANT_VLAN_RANGE}
fi
if [[ "$NEUTRON_PORT_SECURITY" = "True" ]]; then
neutron_ml2_extension_driver_add port_security
fi
configure_rbac_policies
fi
# Neutron OVS or LB agent
if is_service_enabled neutron-agent; then
iniset $NEUTRON_CORE_PLUGIN_CONF agent tunnel_types vxlan
iniset $NEUTRON_CORE_PLUGIN_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
configure_root_helper_options $NEUTRON_CORE_PLUGIN_CONF
# Configure the neutron agent
if [[ $NEUTRON_AGENT == "linuxbridge" ]]; then
iniset $NEUTRON_CORE_PLUGIN_CONF securitygroup firewall_driver iptables
iniset $NEUTRON_CORE_PLUGIN_CONF vxlan local_ip $HOST_IP
elif [[ $NEUTRON_AGENT == "openvswitch" ]]; then
iniset $NEUTRON_CORE_PLUGIN_CONF securitygroup firewall_driver openvswitch
iniset $NEUTRON_CORE_PLUGIN_CONF ovs local_ip $HOST_IP
if [[ "$NEUTRON_DISTRIBUTED_ROUTING" = "True" ]]; then
iniset $NEUTRON_CORE_PLUGIN_CONF agent l2_population True
iniset $NEUTRON_CORE_PLUGIN_CONF agent enable_distributed_routing True
iniset $NEUTRON_CORE_PLUGIN_CONF agent arp_responder True
fi
fi
if ! running_in_container; then
enable_kernel_bridge_firewall
fi
fi
# DHCP Agent
if is_service_enabled neutron-dhcp; then
cp $NEUTRON_DIR/etc/dhcp_agent.ini.sample $NEUTRON_DHCP_CONF
iniset $NEUTRON_DHCP_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
# make it so we have working DNS from guests
iniset $NEUTRON_DHCP_CONF DEFAULT dnsmasq_local_resolv True
configure_root_helper_options $NEUTRON_DHCP_CONF
iniset $NEUTRON_DHCP_CONF DEFAULT interface_driver $NEUTRON_AGENT
neutron_plugin_configure_dhcp_agent $NEUTRON_DHCP_CONF
fi
if is_service_enabled neutron-l3; then
cp $NEUTRON_DIR/etc/l3_agent.ini.sample $NEUTRON_L3_CONF
iniset $NEUTRON_L3_CONF DEFAULT interface_driver $NEUTRON_AGENT
neutron_service_plugin_class_add router
configure_root_helper_options $NEUTRON_L3_CONF
iniset $NEUTRON_L3_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
neutron_plugin_configure_l3_agent $NEUTRON_L3_CONF
# Configure the neutron agent to serve external network ports
if [[ $NEUTRON_AGENT == "linuxbridge" ]]; then
iniset $NEUTRON_CORE_PLUGIN_CONF linux_bridge bridge_mappings "$PUBLIC_NETWORK_NAME:$PUBLIC_BRIDGE"
else
iniset $NEUTRON_CORE_PLUGIN_CONF ovs bridge_mappings "$PUBLIC_NETWORK_NAME:$PUBLIC_BRIDGE"
fi
if [[ "$NEUTRON_DISTRIBUTED_ROUTING" = "True" ]]; then
iniset $NEUTRON_L3_CONF DEFAULT agent_mode $NEUTRON_DVR_MODE
fi
fi
# Metadata
if is_service_enabled neutron-metadata-agent; then
cp $NEUTRON_DIR/etc/metadata_agent.ini.sample $NEUTRON_META_CONF
iniset $NEUTRON_META_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
iniset $NEUTRON_META_CONF DEFAULT nova_metadata_host $NEUTRON_META_DATA_HOST
iniset $NEUTRON_META_CONF DEFAULT metadata_workers $API_WORKERS
# TODO(ihrachys) do we really need to set rootwrap for metadata agent?
configure_root_helper_options $NEUTRON_META_CONF
# TODO(dtroyer): remove the v2.0 hard code below
iniset $NEUTRON_META_CONF DEFAULT auth_url $KEYSTONE_SERVICE_URI
configure_keystone_authtoken_middleware $NEUTRON_META_CONF neutron DEFAULT
fi
# Format logging
setup_logging $NEUTRON_CONF
if is_service_enabled tls-proxy && [ "$NEUTRON_DEPLOY_MOD_WSGI" == "False" ]; then
# Set the service port for a proxy to take the original
iniset $NEUTRON_CONF DEFAULT bind_port "$NEUTRON_SERVICE_PORT_INT"
iniset $NEUTRON_CONF oslo_middleware enable_proxy_headers_parsing True
fi
# Metering
if is_service_enabled neutron-metering; then
cp $NEUTRON_DIR/etc/metering_agent.ini.sample $NEUTRON_METERING_AGENT_CONF
neutron_service_plugin_class_add metering
fi
}
# configure_neutron_rootwrap() - configure Neutron's rootwrap
function configure_neutron_rootwrap {
# Deploy new rootwrap filters files (owned by root).
# Wipe any existing rootwrap.d files first
if [[ -d $NEUTRON_CONF_DIR/rootwrap.d ]]; then
sudo rm -rf $NEUTRON_CONF_DIR/rootwrap.d
fi
# Deploy filters to /etc/neutron/rootwrap.d
sudo install -d -o root -g root -m 755 $NEUTRON_CONF_DIR/rootwrap.d
sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/neutron/rootwrap.d/*.filters $NEUTRON_CONF_DIR/rootwrap.d
# Set up ``rootwrap.conf``, pointing to ``$NEUTRON_CONF_DIR/rootwrap.d``
sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/rootwrap.conf $NEUTRON_CONF_DIR
sudo sed -e "s:^filters_path=.*$:filters_path=$NEUTRON_CONF_DIR/rootwrap.d:" -i $NEUTRON_CONF_DIR/rootwrap.conf
# Set up the rootwrap sudoers for Neutron
tempfile=`mktemp`
echo "$STACK_USER ALL=(root) NOPASSWD: $NEUTRON_ROOTWRAP_CMD *" >$tempfile
echo "$STACK_USER ALL=(root) NOPASSWD: $NEUTRON_ROOTWRAP_DAEMON_CMD" >>$tempfile
chmod 0440 $tempfile
sudo chown root:root $tempfile
sudo mv $tempfile /etc/sudoers.d/neutron-rootwrap
}
# Make Neutron-required changes to nova.conf
# Takes a single optional argument which is the config file to update,
# if not passed $NOVA_CONF is used.
function configure_neutron_nova_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
local conf=${1:-$NOVA_CONF}
iniset $conf neutron auth_type "password"
iniset $conf neutron auth_url "$KEYSTONE_SERVICE_URI"
iniset $conf neutron username neutron
iniset $conf neutron password "$SERVICE_PASSWORD"
iniset $conf neutron user_domain_name "Default"
iniset $conf neutron project_name "$SERVICE_TENANT_NAME"
iniset $conf neutron project_domain_name "Default"
iniset $conf neutron auth_strategy $NEUTRON_AUTH_STRATEGY
iniset $conf neutron region_name "$REGION_NAME"
# optionally set options in nova_conf
neutron_plugin_create_nova_conf $conf
if is_service_enabled neutron-metadata-agent; then
iniset $conf neutron service_metadata_proxy "True"
fi
}
# Tenant User Roles
# ------------------------------------------------------------------
# service neutron admin # if enabled
# create_neutron_accounts() - Create required service accounts
function create_neutron_accounts_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
local neutron_url
if [ "$NEUTRON_DEPLOY_MOD_WSGI" == "True" ]; then
neutron_url=$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST/networking/
else
neutron_url=$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST:$NEUTRON_SERVICE_PORT/
fi
if [[ "$ENABLED_SERVICES" =~ "neutron-api" ]]; then
create_service_user "neutron"
neutron_service=$(get_or_create_service "neutron" \
"network" "Neutron Service")
get_or_create_endpoint $neutron_service \
"$REGION_NAME" "$neutron_url"
fi
}
# init_neutron() - Initialize databases, etc.
function init_neutron_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
recreate_database neutron
time_start "dbsync"
# Run Neutron db migrations
$NEUTRON_BIN_DIR/neutron-db-manage upgrade heads
time_stop "dbsync"
}
# install_neutron() - Collect source and prepare
function install_neutron_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
git_clone $NEUTRON_REPO $NEUTRON_DIR $NEUTRON_BRANCH
setup_develop $NEUTRON_DIR
# Install neutron-lib from git so we make sure we're testing
# the latest code.
if use_library_from_git "neutron-lib"; then
git_clone_by_name "neutron-lib"
setup_dev_lib "neutron-lib"
fi
# L3 service requires radvd
if is_service_enabled neutron-l3; then
install_package radvd
fi
if is_service_enabled neutron-agent neutron-dhcp neutron-l3; then
#TODO(sc68cal) - kind of ugly
source $TOP_DIR/lib/neutron_plugins/${NEUTRON_AGENT}_agent
neutron_plugin_install_agent_packages
fi
}
# install_neutronclient() - Collect source and prepare
function install_neutronclient {
if use_library_from_git "python-neutronclient"; then
git_clone_by_name "python-neutronclient"
setup_dev_lib "python-neutronclient"
sudo install -D -m 0644 -o $STACK_USER {${GITDIR["python-neutronclient"]}/tools/,/etc/bash_completion.d/}neutron.bash_completion
fi
}
# start_neutron_api() - Start the API process ahead of other things
function start_neutron_api {
local service_port=$NEUTRON_SERVICE_PORT
local service_protocol=$NEUTRON_SERVICE_PROTOCOL
local neutron_url
if is_service_enabled tls-proxy; then
service_port=$NEUTRON_SERVICE_PORT_INT
service_protocol="http"
fi
local opts=""
opts+=" --config-file $NEUTRON_CONF"
opts+=" --config-file $NEUTRON_CORE_PLUGIN_CONF"
local cfg_file
for cfg_file in ${_NEUTRON_SERVER_EXTRA_CONF_FILES_ABS[@]}; do
opts+=" --config-file $cfg_file"
done
if [ "$NEUTRON_DEPLOY_MOD_WSGI" == "True" ]; then
run_process neutron-api "$(which uwsgi) --procname-prefix neutron-api --ini $NEUTRON_UWSGI_CONF"
neutron_url=$service_protocol://$NEUTRON_SERVICE_HOST/networking/
enable_service neutron-rpc-server
run_process neutron-rpc-server "$NEUTRON_BIN_DIR/neutron-rpc-server $opts"
else
# Start the Neutron service
# TODO(sc68cal) Stop hard coding this
run_process neutron-api "$NEUTRON_BIN_DIR/neutron-server $opts"
neutron_url=$service_protocol://$NEUTRON_SERVICE_HOST:$service_port
# Start proxy if enabled
if is_service_enabled tls-proxy; then
start_tls_proxy neutron '*' $NEUTRON_SERVICE_PORT $NEUTRON_SERVICE_HOST $NEUTRON_SERVICE_PORT_INT
fi
fi
if ! wait_for_service $SERVICE_TIMEOUT $neutron_url; then
die $LINENO "neutron-api did not start"
fi
}
# start_neutron() - Start running processes
function start_neutron_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
# Start up the neutron agents if enabled
# TODO(sc68cal) Make this pluggable so different DevStack plugins for different Neutron plugins
# can resolve the $NEUTRON_AGENT_BINARY
if is_service_enabled neutron-agent; then
# TODO(ihrachys) stop loading ml2_conf.ini into agents, instead load agent specific files
run_process neutron-agent "$NEUTRON_BIN_DIR/$NEUTRON_AGENT_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_CORE_PLUGIN_CONF"
fi
if is_service_enabled neutron-dhcp; then
neutron_plugin_configure_dhcp_agent $NEUTRON_DHCP_CONF
run_process neutron-dhcp "$NEUTRON_BIN_DIR/$NEUTRON_DHCP_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_DHCP_CONF"
fi
if is_service_enabled neutron-l3; then
run_process neutron-l3 "$NEUTRON_BIN_DIR/$NEUTRON_L3_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_L3_CONF"
fi
if is_service_enabled neutron-api && [[ "$NEUTRON_CREATE_INITIAL_NETWORKS" == "True" ]]; then
# XXX(sc68cal) - Here's where plugins can wire up their own networks instead
# of the code in lib/neutron_plugins/services/l3
if type -p neutron_plugin_create_initial_networks > /dev/null; then
neutron_plugin_create_initial_networks
else
# XXX(sc68cal) Load up the built in Neutron networking code and build a topology
source $TOP_DIR/lib/neutron_plugins/services/l3
# Create the networks using servic
create_neutron_initial_network
fi
fi
if is_service_enabled neutron-metadata-agent; then
run_process neutron-metadata-agent "$NEUTRON_BIN_DIR/$NEUTRON_META_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_META_CONF"
fi
if is_service_enabled neutron-metering; then
run_process neutron-metering "$NEUTRON_BIN_DIR/$NEUTRON_METERING_BINARY --config-file $NEUTRON_CONF --config-file $NEUTRON_METERING_AGENT_CONF"
fi
}
# stop_neutron() - Stop running processes
function stop_neutron_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
for serv in neutron-api neutron-agent neutron-l3; do
stop_process $serv
done
if is_service_enabled neutron-rpc-server; then
stop_process neutron-rpc-server
fi
if is_service_enabled neutron-dhcp; then
stop_process neutron-dhcp
pid=$(ps aux | awk '/[d]nsmasq.+interface=(tap|ns-)/ { print $2 }')
[ ! -z "$pid" ] && sudo kill -9 $pid
fi
if is_service_enabled neutron-metadata-agent; then
sudo pkill -9 -f neutron-ns-metadata-proxy || :
stop_process neutron-metadata-agent
fi
}
# neutron_service_plugin_class_add() - add service plugin class
function neutron_service_plugin_class_add_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
local service_plugin_class=$1
local plugins=""
plugins=$(iniget $NEUTRON_CONF DEFAULT service_plugins)
if [ $plugins ]; then
plugins+=","
fi
plugins+="${service_plugin_class}"
iniset $NEUTRON_CONF DEFAULT service_plugins $plugins
}
function _neutron_ml2_extension_driver_add {
local driver=$1
local drivers=""
drivers=$(iniget $NEUTRON_CORE_PLUGIN_CONF ml2 extension_drivers)
if [ $drivers ]; then
drivers+=","
fi
drivers+="${driver}"
iniset $NEUTRON_CORE_PLUGIN_CONF ml2 extension_drivers $drivers
}
function neutron_server_config_add_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
_NEUTRON_SERVER_EXTRA_CONF_FILES_ABS+=($1)
}
# neutron_deploy_rootwrap_filters() - deploy rootwrap filters
function neutron_deploy_rootwrap_filters_new {
deprecated "Using lib/neutron is deprecated, and it will be removed in AA release!"
local srcdir=$1
sudo install -d -o root -g root -m 755 $NEUTRON_CONF_DIR/rootwrap.d
sudo install -o root -g root -m 644 $srcdir/etc/neutron/rootwrap.d/*.filters $NEUTRON_CONF_DIR/rootwrap.d
}
# Dispatch functions
# These are needed for compatibility between the old and new implementations
# where there are function name overlaps. These will be removed when
# neutron-legacy is removed.
# TODO(sc68cal) Remove when neutron-legacy is no more.
function cleanup_neutron {
if [ "$NEUTRON_DEPLOY_MOD_WSGI" == "True" ]; then
stop_process neutron-api
stop_process neutron-rpc-server
remove_uwsgi_config "$NEUTRON_UWSGI_CONF" "$NEUTRON_BIN_DIR/neutron-api"
sudo rm -f $(apache_site_config_for neutron-api)
fi
if is_neutron_legacy_enabled; then
# Call back to old function
cleanup_mutnauq "$@"
else
cleanup_neutron_new "$@"
fi
}
function configure_neutron {
if is_neutron_legacy_enabled; then
# Call back to old function
configure_mutnauq "$@"
else
configure_neutron_new "$@"
fi
if [ "$NEUTRON_DEPLOY_MOD_WSGI" == "True" ]; then
write_uwsgi_config "$NEUTRON_UWSGI_CONF" "$NEUTRON_BIN_DIR/neutron-api" "/networking"
fi
}
# configure_rbac_policies() - Configure Neutron to enforce new RBAC
# policies and scopes if NEUTRON_ENFORCE_SCOPE == True
function configure_rbac_policies {
if [ "$NEUTRON_ENFORCE_SCOPE" == "True" ]; then
iniset $NEUTRON_CONF oslo_policy enforce_new_defaults True
iniset $NEUTRON_CONF oslo_policy enforce_scope True
else
iniset $NEUTRON_CONF oslo_policy enforce_new_defaults False
iniset $NEUTRON_CONF oslo_policy enforce_scope False
fi
}
function configure_neutron_nova {
if is_neutron_legacy_enabled; then
# Call back to old function
create_nova_conf_neutron $NOVA_CONF
if [[ "${CELLSV2_SETUP}" == "superconductor" ]]; then
for i in $(seq 1 $NOVA_NUM_CELLS); do
local conf
conf=$(conductor_conf $i)
create_nova_conf_neutron $conf
done
fi
else
configure_neutron_nova_new $NOVA_CONF
if [[ "${CELLSV2_SETUP}" == "superconductor" ]]; then
for i in $(seq 1 $NOVA_NUM_CELLS); do
local conf
conf=$(conductor_conf $i)
configure_neutron_nova_new $conf
done
fi
fi
}
function create_neutron_accounts {
if is_neutron_legacy_enabled; then
# Call back to old function
create_mutnauq_accounts "$@"
else
create_neutron_accounts_new "$@"
fi
}
function init_neutron {
if is_neutron_legacy_enabled; then
# Call back to old function
init_mutnauq "$@"
else
init_neutron_new "$@"
fi
}
function install_neutron {
if is_neutron_legacy_enabled; then
# Call back to old function
install_mutnauq "$@"
else
install_neutron_new "$@"
fi
}
function neutron_service_plugin_class_add {
if is_neutron_legacy_enabled; then
# Call back to old function
_neutron_service_plugin_class_add "$@"
else
neutron_service_plugin_class_add_new "$@"
fi
}
function neutron_ml2_extension_driver_add {
if is_neutron_legacy_enabled; then
# Call back to old function
_neutron_ml2_extension_driver_add_old "$@"
else
_neutron_ml2_extension_driver_add "$@"
fi
}
function install_neutron_agent_packages {
if is_neutron_legacy_enabled; then
# Call back to old function
install_neutron_agent_packages_mutnauq "$@"
else
:
fi
}
function neutron_server_config_add {
if is_neutron_legacy_enabled; then
# Call back to old function
mutnauq_server_config_add "$@"
else
neutron_server_config_add_new "$@"
fi
}
function start_neutron {
if is_neutron_legacy_enabled; then
# Call back to old function
start_mutnauq_l2_agent "$@"
start_mutnauq_other_agents "$@"
else
start_neutron_new "$@"
fi
}
function stop_neutron {
if is_neutron_legacy_enabled; then
# Call back to old function
stop_mutnauq "$@"
else
stop_neutron_new "$@"
fi
}
function neutron_deploy_rootwrap_filters {
if is_neutron_legacy_enabled; then
# Call back to old function
_neutron_deploy_rootwrap_filters "$@"
else
neutron_deploy_rootwrap_filters_new "$@"
fi
}
# Restore xtrace
$XTRACE