Merge "Remove unused compat variable SCREEN_DEV"
diff --git a/doc/source/guides/neutron.rst b/doc/source/guides/neutron.rst
index 5891f68..ee29087 100644
--- a/doc/source/guides/neutron.rst
+++ b/doc/source/guides/neutron.rst
@@ -35,7 +35,7 @@
network hardware_network {
address = "172.18.161.0/24"
router [ address = "172.18.161.1" ];
- devstack_laptop [ address = "172.18.161.6" ];
+ devstack-1 [ address = "172.18.161.6" ];
}
}
@@ -43,9 +43,13 @@
DevStack Configuration
----------------------
+The following is a complete `local.conf` for the host named
+`devstack-1`. It will run all the API and services, as well as
+serving as a hypervisor for guest instances.
::
+ [[local|localrc]]
HOST_IP=172.18.161.6
SERVICE_HOST=172.18.161.6
MYSQL_HOST=172.18.161.6
@@ -57,6 +61,12 @@
SERVICE_PASSWORD=secrete
SERVICE_TOKEN=secrete
+ # Do not use Nova-Network
+ disable_service n-net
+ # Enable Neutron
+ ENABLED_SERVICES+=,q-svc,q-dhcp,q-meta,q-agt,q-l3
+
+
## Neutron options
Q_USE_SECGROUP=True
FLOATING_RANGE="172.18.161.0/24"
@@ -71,6 +81,166 @@
OVS_BRIDGE_MAPPINGS=public:br-ex
+Adding Additional Compute Nodes
+-------------------------------
+
+Let's suppose that after installing DevStack on the first host, you
+also want to do multinode testing and networking.
+
+Physical Network Setup
+~~~~~~~~~~~~~~~~~~~~~~
+
+.. nwdiag::
+
+ nwdiag {
+ inet [ shape = cloud ];
+ router;
+ inet -- router;
+
+ network hardware_network {
+ address = "172.18.161.0/24"
+ router [ address = "172.18.161.1" ];
+ devstack-1 [ address = "172.18.161.6" ];
+ devstack-2 [ address = "172.18.161.7" ];
+ }
+ }
+
+
+After DevStack installs and configures Neutron, traffic from guest VMs
+flows out of `devstack-2` (the compute node) and is encapsulated in a
+VXLAN tunnel back to `devstack-1` (the control node) where the L3
+agent is running.
+
+::
+
+ stack@devstack-2:~/devstack$ sudo ovs-vsctl show
+ 8992d965-0ba0-42fd-90e9-20ecc528bc29
+ Bridge br-int
+ fail_mode: secure
+ Port br-int
+ Interface br-int
+ type: internal
+ Port patch-tun
+ Interface patch-tun
+ type: patch
+ options: {peer=patch-int}
+ Bridge br-tun
+ fail_mode: secure
+ Port "vxlan-c0a801f6"
+ Interface "vxlan-c0a801f6"
+ type: vxlan
+ options: {df_default="true", in_key=flow, local_ip="172.18.161.7", out_key=flow, remote_ip="172.18.161.6"}
+ Port patch-int
+ Interface patch-int
+ type: patch
+ options: {peer=patch-tun}
+ Port br-tun
+ Interface br-tun
+ type: internal
+ ovs_version: "2.0.2"
+
+Open vSwitch on the control node, where the L3 agent runs, is
+configured to de-encapsulate traffic from compute nodes, then forward
+it over the `br-ex` bridge, where `eth0` is attached.
+
+::
+
+ stack@devstack-1:~/devstack$ sudo ovs-vsctl show
+ 422adeea-48d1-4a1f-98b1-8e7239077964
+ Bridge br-tun
+ fail_mode: secure
+ Port br-tun
+ Interface br-tun
+ type: internal
+ Port patch-int
+ Interface patch-int
+ type: patch
+ options: {peer=patch-tun}
+ Port "vxlan-c0a801d8"
+ Interface "vxlan-c0a801d8"
+ type: vxlan
+ options: {df_default="true", in_key=flow, local_ip="172.18.161.6", out_key=flow, remote_ip="172.18.161.7"}
+ Bridge br-ex
+ Port phy-br-ex
+ Interface phy-br-ex
+ type: patch
+ options: {peer=int-br-ex}
+ Port "eth0"
+ Interface "eth0"
+ Port br-ex
+ Interface br-ex
+ type: internal
+ Bridge br-int
+ fail_mode: secure
+ Port "tapce66332d-ea"
+ tag: 1
+ Interface "tapce66332d-ea"
+ type: internal
+ Port "qg-65e5a4b9-15"
+ tag: 2
+ Interface "qg-65e5a4b9-15"
+ type: internal
+ Port "qr-33e5e471-88"
+ tag: 1
+ Interface "qr-33e5e471-88"
+ type: internal
+ Port "qr-acbe9951-70"
+ tag: 1
+ Interface "qr-acbe9951-70"
+ type: internal
+ Port br-int
+ Interface br-int
+ type: internal
+ Port patch-tun
+ Interface patch-tun
+ type: patch
+ options: {peer=patch-int}
+ Port int-br-ex
+ Interface int-br-ex
+ type: patch
+ options: {peer=phy-br-ex}
+ ovs_version: "2.0.2"
+
+`br-int` is a bridge that the Open vSwitch mechanism driver creates,
+which is used as the "integration bridge" where ports are created, and
+plugged into the virtual switching fabric. `br-ex` is an OVS bridge
+that is used to connect physical ports (like `eth0`), so that floating
+IP traffic for tenants can be received from the physical network
+infrastructure (and the internet), and routed to tenant network ports.
+`br-tun` is a tunnel bridge that is used to connect OpenStack nodes
+(like `devstack-2`) together. This bridge is used so that tenant
+network traffic, using the VXLAN tunneling protocol, flows between
+each compute node where tenant instances run.
+
+
+
+DevStack Compute Configuration
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The host `devstack-2` has a very minimal `local.conf`.
+
+::
+
+ [[local|localrc]]
+ HOST_IP=172.18.161.7
+ SERVICE_HOST=172.18.161.6
+ MYSQL_HOST=172.18.161.6
+ RABBIT_HOST=172.18.161.6
+ GLANCE_HOSTPORT=172.18.161.6:9292
+ ADMIN_PASSWORD=secrete
+ MYSQL_PASSWORD=secrete
+ RABBIT_PASSWORD=secrete
+ SERVICE_PASSWORD=secrete
+ SERVICE_TOKEN=secrete
+
+ ## Neutron options
+ PUBLIC_INTERFACE=eth0
+ ENABLED_SERVICES=n-cpu,rabbit,q-agt
+
+Network traffic from `eth0` on the compute nodes is then NAT'd by the
+controller node that runs Neutron's `neutron-l3-agent` and provides L3
+connectivity.
+
Neutron Networking with Open vSwitch and Provider Networks
==========================================================
diff --git a/files/debs/general b/files/debs/general
index 9b27156..1215147 100644
--- a/files/debs/general
+++ b/files/debs/general
@@ -8,6 +8,7 @@
graphviz # needed for docs
iputils-ping
libffi-dev # for pyOpenSSL
+libjpeg-dev # Pillow 3.0.0
libmysqlclient-dev # MySQL-python
libpq-dev # psycopg2
libssl-dev # for pyOpenSSL
diff --git a/files/rpms-suse/general b/files/rpms-suse/general
index 651243d..34a2955 100644
--- a/files/rpms-suse/general
+++ b/files/rpms-suse/general
@@ -9,6 +9,7 @@
graphviz # docs
iputils
libffi-devel # pyOpenSSL
+libjpeg8-devel # Pillow 3.0.0
libmysqlclient-devel # MySQL-python
libopenssl-devel # to rebuild pyOpenSSL if needed
libxslt-devel # lxml
@@ -26,3 +27,4 @@
tcpdump
unzip
wget
+zlib-devel
diff --git a/files/rpms/general b/files/rpms/general
index cfd9479..40b06f4 100644
--- a/files/rpms/general
+++ b/files/rpms/general
@@ -12,6 +12,7 @@
java-1.7.0-openjdk-headless # NOPRIME rhel7
java-1.8.0-openjdk-headless # NOPRIME f21,f22
libffi-devel
+libjpeg-turbo-devel # Pillow 3.0.0
libxml2-devel # lxml
libxslt-devel # lxml
libyaml-devel
diff --git a/files/rpms/nova b/files/rpms/nova
index e70f138..00e7596 100644
--- a/files/rpms/nova
+++ b/files/rpms/nova
@@ -7,6 +7,7 @@
genisoimage # required for config_drive
iptables
iputils
+kernel-modules # dist:f21,f22,f23
kpartx
kvm # NOPRIME
libvirt-bin # NOPRIME
diff --git a/lib/ironic b/lib/ironic
index d786870..016e639 100644
--- a/lib/ironic
+++ b/lib/ironic
@@ -672,6 +672,8 @@
# enable tftp natting for allowing connections to HOST_IP's tftp server
sudo modprobe nf_conntrack_tftp
sudo modprobe nf_nat_tftp
+ # explicitly allow DHCP - packets are occassionally being dropped here
+ sudo iptables -I INPUT -p udp --dport 67:68 --sport 67:68 -j ACCEPT || true
# nodes boot from TFTP and callback to the API server listening on $HOST_IP
sudo iptables -I INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true
sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true
diff --git a/lib/neutron_plugins/ibm b/lib/neutron_plugins/ibm
deleted file mode 100644
index dd5cfa6..0000000
--- a/lib/neutron_plugins/ibm
+++ /dev/null
@@ -1,133 +0,0 @@
-#!/bin/bash
-#
-# Neutron IBM SDN-VE plugin
-# ---------------------------
-
-# Save trace setting
-IBM_XTRACE=$(set +o | grep xtrace)
-set +o xtrace
-
-source $TOP_DIR/lib/neutron_plugins/ovs_base
-
-function neutron_plugin_install_agent_packages {
- _neutron_ovs_base_install_agent_packages
-}
-
-function _neutron_interface_setup {
- # Setup one interface on the integration bridge if needed
- # The plugin agent to be used if more than one interface is used
- local bridge=$1
- local interface=$2
- sudo ovs-vsctl --no-wait -- --may-exist add-port $bridge $interface
-}
-
-function neutron_setup_integration_bridge {
- # Setup integration bridge if needed
- if [[ "$SDNVE_INTEGRATION_BRIDGE" != "" ]]; then
- neutron_ovs_base_cleanup
- _neutron_ovs_base_setup_bridge $SDNVE_INTEGRATION_BRIDGE
- if [[ "$SDNVE_INTERFACE_MAPPINGS" != "" ]]; then
- interfaces=(${SDNVE_INTERFACE_MAPPINGS//[,:]/ })
- _neutron_interface_setup $SDNVE_INTEGRATION_BRIDGE ${interfaces[1]}
- fi
- fi
-
- # Set controller to SDNVE controller (1st of list) if exists
- if [[ "$SDNVE_CONTROLLER_IPS" != "" ]]; then
- # Get the first controller
- controllers=(${SDNVE_CONTROLLER_IPS//[\[,\]]/ })
- SDNVE_IP=${controllers[0]}
- sudo ovs-vsctl set-controller $SDNVE_INTEGRATION_BRIDGE tcp:$SDNVE_IP
- fi
-}
-
-function neutron_plugin_create_nova_conf {
- # if n-cpu is enabled, then setup integration bridge
- if is_service_enabled n-cpu; then
- neutron_setup_integration_bridge
- fi
-}
-
-function is_neutron_ovs_base_plugin {
- if [[ "$SDNVE_INTEGRATION_BRIDGE" != "" ]]; then
- # Yes, we use OVS.
- return 0
- else
- # No, we do not use OVS.
- return 1
- fi
-}
-
-function neutron_plugin_configure_common {
- Q_PLUGIN_CONF_PATH=etc/neutron/plugins/ibm
- Q_PLUGIN_CONF_FILENAME=sdnve_neutron_plugin.ini
- Q_PLUGIN_CLASS="neutron.plugins.ibm.sdnve_neutron_plugin.SdnvePluginV2"
-}
-
-function neutron_plugin_configure_service {
- # Define extra "SDNVE" configuration options when q-svc is configured
-
- iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver
-
- if [[ "$SDNVE_CONTROLLER_IPS" != "" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE sdnve controller_ips $SDNVE_CONTROLLER_IPS
- fi
-
- if [[ "$SDNVE_INTEGRATION_BRIDGE" != "" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE sdnve integration_bridge $SDNVE_INTEGRATION_BRIDGE
- fi
-
- if [[ "$SDNVE_RESET_BRIDGE" != "" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE sdnve reset_bridge $SDNVE_RESET_BRIDGE
- fi
-
- if [[ "$SDNVE_OUT_OF_BAND" != "" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE sdnve out_of_band $SDNVE_OUT_OF_BAND
- fi
-
- if [[ "$SDNVE_INTERFACE_MAPPINGS" != "" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE sdnve interface_mappings $SDNVE_INTERFACE_MAPPINGS
- fi
-
- if [[ "$SDNVE_FAKE_CONTROLLER" != "" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE sdnve use_fake_controller $SDNVE_FAKE_CONTROLLER
- fi
-
-
- iniset $NEUTRON_CONF DEFAULT notification_driver neutron.openstack.common.notifier.no_op_notifier
-
-}
-
-function neutron_plugin_configure_plugin_agent {
- AGENT_BINARY="$NEUTRON_BIN_DIR/neutron-ibm-agent"
-}
-
-function neutron_plugin_configure_debug_command {
- :
-}
-
-function neutron_plugin_setup_interface_driver {
- return 0
-}
-
-function has_neutron_plugin_security_group {
- # Does not support Security Groups
- return 1
-}
-
-function neutron_ovs_base_cleanup {
- if [[ "$SDNVE_RESET_BRIDGE" != False ]]; then
- # remove all OVS ports that look like Neutron created ports
- for port in $(sudo ovs-vsctl list port | grep -o -e tap[0-9a-f\-]* -e q[rg]-[0-9a-f\-]*); do
- sudo ovs-vsctl del-port ${port}
- done
-
- # remove integration bridge created by Neutron
- for bridge in $(sudo ovs-vsctl list-br | grep -o -e ${SDNVE_INTEGRATION_BRIDGE}); do
- sudo ovs-vsctl del-br ${bridge}
- done
- fi
-}
-
-# Restore xtrace
-$IBM_XTRACE
diff --git a/tools/install_pip.sh b/tools/install_pip.sh
index 13c1786..ab5efb2 100755
--- a/tools/install_pip.sh
+++ b/tools/install_pip.sh
@@ -110,7 +110,11 @@
# Do pip
# Eradicate any and all system packages
-uninstall_package python-pip
+
+# python in f23 depends on the python-pip package
+if ! { is_fedora && [[ $DISTRO == "f23" ]]; }; then
+ uninstall_package python-pip
+fi
install_get_pip