Newer
Older
Quentin MACHU
committed
class iaas::profile::neutron::router (
$public_interface = hiera('iaas::public_interface', undef),
$public_gateway = hiera('iaas::public_gateway', undef),
Quentin MACHU
committed
$external_device1 = undef,
$external_network1 = hiera('iaas::profile::neutron::external_network1', undef),
$external_gateway1 = hiera('iaas::profile::neutron::external_gateway1', undef),
$external_device2 = undef,
$external_network2 = hiera('iaas::profile::neutron::external_network2', undef),
$external_gateway2 = hiera('iaas::profile::neutron::external_gateway2', undef),
Quentin MACHU
committed
$neutron_password = hiera('iaas::profile::neutron::password', undef),
$neutron_secret = hiera('iaas::profile::neutron::secret', undef),
$region = hiera('iaas::region', undef),
$endpoint = hiera('iaas::role::endpoint::main_address', undef),
Quentin MACHU
committed
$mtu = 1438,
Alessandro Costantini
committed
Quentin MACHU
committed
) {
sysctl::value { "net.ipv4.ip_forward": value => "1" }
sysctl::value { "net.ipv4.conf.all.rp_filter": value => "0" }
sysctl::value { "net.ipv4.conf.default.rp_filter": value => "0" }
sysctl::value { "net.ipv4.conf.all.accept_redirects": value => "0" }
sysctl::value { "net.ipv4.conf.default.accept_redirects": value => "0" }
sysctl::value { "net.ipv4.conf.all.send_redirects": value => "0" }
sysctl::value { "net.ipv4.conf.default.send_redirects": value => "0" }
Quentin MACHU
committed
package { 'ifupdown-extra': }
Quentin MACHU
committed
include iaas::profile::neutron::common
Quentin MACHU
committed
include iaas::resources::connectors
class { '::neutron::server':
auth_host => $endpoint,
auth_uri => "http://${endpoint}:5000/v2.0",
##identity_uri set to be added in next OS release
# identity_uri => "http://${endpoint}:35357",
auth_password => $neutron_password,
database_connection => $iaas::resources::connectors::neutron,
package_ensure => 'absent',
enabled => false,
sync_db => false,
mysql_module => '2.3',
database_idle_timeout => 3600,
l3_ha => false,
}
Quentin MACHU
committed
class { '::neutron::agents::l3':
#double_external_network
# external_network_bridge => 'br-ex',
external_network_bridge => ' ',
Quentin MACHU
committed
use_namespaces => true,
router_delete_namespaces => true,
ha_enabled => true,
Quentin MACHU
committed
enabled => false,
Alessandro Costantini
committed
package_ensure => 'absent',
Quentin MACHU
committed
}
class { '::neutron::agents::dhcp':
dhcp_delete_namespaces => true,
enable_isolated_metadata => true,
enable_metadata_network => true,
Quentin MACHU
committed
dnsmasq_config_file => "/etc/neutron/dnsmasq-neutron.conf",
}
file { '/etc/neutron/dnsmasq-neutron.conf':
owner => root,
group => root,
mode => 644,
content => "dhcp-option-force=26,${mtu}"
Quentin MACHU
committed
}
Quentin MACHU
committed
class { '::neutron::agents::vpnaas':
#double_external_network
# external_network_bridge => "br-ex",
external_network_bridge => ' ',
Quentin MACHU
committed
}
class { '::neutron::agents::lbaas': }
class { '::neutron::agents::metering': }
class { '::neutron::services::fwaas':
vpnaas_agent_package => true
}
Quentin MACHU
committed
class { '::neutron::agents::metadata':
auth_password => $neutron_password,
shared_secret => $neutron_secret,
auth_url => "http://${endpoint}:5000/v2.0",
Quentin MACHU
committed
auth_region => $region,
metadata_ip => $endpoint,
Quentin MACHU
committed
enabled => true,
}
if $ipaddress_br_ex1 == '' {
$local_ip = $::facts["ipaddress_${public_interface}"]
} else {
$local_ip = $::ipaddress_br_ex1
}
if $external_device2 {
$bridge_mappings1="physnet1:br-ex1"
$bridge_mappings2="physnet2:br-ex2"
} else {
$bridge_mappings1='physnet1:br-ex1'
class { '::neutron::agents::ml2::ovs':
enable_tunneling => true,
local_ip => $local_ip,
enabled => true,
tunnel_types => ['gre'],
#double_external_network, variable modified
#ori bridge_mappings => ['external:br-ex'],
# bridge_mappings => [$bridge_mappings],
bridge_mappings => [$bridge_mappings1,$bridge_mappings2],
require => File['etc_default_neutron-server'],
}
# $_external_device1 = device_for_network($external_network1)
Alessandro Costantini
committed
notify { "br-ex1: $::brex1_eval":
Alessandro Costantini
committed
loglevel => alert,
}
notify { "br-ex2: $::brex2_eval":
Alessandro Costantini
committed
loglevel => alert,
}
Alessandro Costantini
committed
#notify { "external device1: $_external_device1 -- external network: $external_network1":
# loglevel => alert,
#}
# Set public network if public_interface != $external_device1
if $public_gateway {
network_config { $public_interface:
ensure => 'present',
family => 'inet',
method => 'dhcp',
} ->
network_route { 'route_default':
ensure => 'present',
gateway => $public_gateway,
interface => $public_interface,
netmask => '0.0.0.0',
network => 'default',
require => Package['ifupdown-extra']
}
# Set loopback interface
network_config { 'lo':
ensure => 'present',
family => 'inet',
method => 'loopback',
onboot => 'true',
# if $_external_device1 != 'br_ex1' {
# Evaluate br-ex1, if present set it
if $::brex1_eval != 'br-ex1' {
Alessandro Costantini
committed
## Store initial configuration from the public interface (assigned by DHCP) to restore on br-ex
$public_ipaddress1 = $::facts["ipaddress_${external_device1}"]
$public_netmask1 = $::facts["netmask_${external_device1}"]
$public_macaddr1 = $::facts["macaddress_${external_device1}"]
if $public_ipaddress1 {
network_config { $external_device1:
ensure => 'present',
family => 'inet',
method => 'manual',
options => {
'up' => "ifconfig ${external_device1} 0.0.0.0 promisc up",
'down' => "ifconfig ${external_device1} promisc down",
},
} ->
network_config { 'br-ex1':
ensure => 'present',
family => 'inet',
method => 'static',
ipaddress => $public_ipaddress1,
netmask => $public_netmask1,
} ->
vs_port { $external_device1:
ensure => present,
bridge => 'br-ex1',
require => Class['::neutron::agents::ml2::ovs'],
} ->
network_route { 'route_ext1':
ensure => 'present',
gateway => $external_gateway1,
interface => 'br-ex1',
netmask => '0.0.0.0',
network => $external_network1,
require => Package['ifupdown-extra']
} ->
exec { "set_br-ex1_hwaddr":
command => "ovs-vsctl set bridge br-ex1 other-config:hwaddr=$public_macaddr1",
path => "/usr/local/bin/:/bin/:/usr/bin:/sbin/:/usr/sbin/",
} ->
exec { "restart_external1":
command => "ifconfig $external_device1 0.0.0.0 promisc",
path => "/usr/local/bin/:/bin/:/sbin/:/usr/sbin/",
} ->
exec { "restart_br-ex1":
command => "ifdown br-ex1 && ifup br-ex1",
path => "/usr/local/bin/:/bin/:/sbin/:/usr/sbin/",
}
} else
network_config { $external_device1:
ensure => 'present',
family => 'inet',
method => 'manual',
options => {
'up' => "ifconfig ${external_device1} 0.0.0.0 promisc up",
'down' => "ifconfig ${external_device1} promisc down",
},
} ->
vs_port { $external_device1:
ensure => present,
bridge => 'br-ex1',
require => Class['::neutron::agents::ml2::ovs'],
} ->
exec { "set_br-ex1_hwaddr":
command => "ovs-vsctl set bridge br-ex1 other-config:hwaddr=$public_macaddr1",
path => "/usr/local/bin/:/bin/:/usr/bin:/sbin/:/usr/sbin/",
}
Quentin MACHU
committed
}
}
if $external_device2 {
# $_external_device2 = device_for_network($external_network2)
#notify { "external device2: $_external_device2 -- external network: $external_network2":
# loglevel => alert,
#}
# if $_external_device2 != 'br_ex2' {
# Evaluate br-ex2, if presetn set it
if $::brex2_eval != 'br-ex2' {
## Store initial configuration from the public interface (assigned by DHCP) to restore on br-ex
$public_ipaddress2 = $::facts["ipaddress_${external_device2}"]
$public_netmask2 = $::facts["netmask_${external_device2}"]
$public_macaddr2 = $::facts["macaddress_${external_device2}"]
if $public_ipaddress2 {
network_config { $external_device2:
ensure => 'present',
family => 'inet',
method => 'manual',
options => {
'up' => "ifconfig ${external_device2} 0.0.0.0 promisc up",
'down' => "ifconfig ${external_device2} promisc down",
},
} ->
network_config { 'br-ex2':
ensure => 'present',
family => 'inet',
method => 'static',
ipaddress => $public_ipaddress2,
netmask => $public_netmask2,
} ->
vs_port { $external_device2:
ensure => present,
bridge => 'br-ex2',
require => Class['::neutron::agents::ml2::ovs'],
} ->
network_route { 'route_ext2':
ensure => 'present',
gateway => $external_gateway2,
interface => 'br-ex2',
netmask => '0.0.0.0',
network => $external_network2,
require => Package['ifupdown-extra']
} ->
exec { "set_br-ex2_hwaddr":
command => "ovs-vsctl set bridge br-ex2 other-config:hwaddr=$public_macaddr2",
path => "/usr/local/bin/:/bin/:/usr/bin:/sbin/:/usr/sbin/",
} ->
exec { "restart_external2":
command => "ifconfig $external_device2 promisc",
path => "/usr/local/bin/:/bin/:/sbin/:/usr/sbin/",
} ->
exec { "restart_br-ex2":
command => "ifdown br-ex2 && ifup br-ex2",
path => "/usr/local/bin/:/bin/:/sbin/:/usr/sbin/",
}
} else {
network_config { $external_device2:
ensure => 'present',
family => 'inet',
method => 'manual',
options => {
'up' => "ifconfig ${external_device2} 0.0.0.0 promisc up",
'down' => "ifconfig ${external_device2} promisc down",
},
} ->
vs_port { $external_device2:
ensure => present,
bridge => 'br-ex2',
require => Class['::neutron::agents::ml2::ovs'],
} ->
exec { "set_br-ex2_hwaddr":
command => "ovs-vsctl set bridge br-ex2 other-config:hwaddr=$public_macaddr2",
path => "/usr/local/bin/:/bin/:/usr/bin:/sbin/:/usr/sbin/",
}
Quentin MACHU
committed
}
Alessandro Costantini
committed
##Public/private network configuration for tenant - added
#class { '::iaas::setup::sharednetwork': }