Skip to content

Commit

Permalink
Add support for ipv6 deployment
Browse files Browse the repository at this point in the history
  • Loading branch information
asyedham committed Jan 13, 2021
1 parent 8635457 commit 60247ca
Show file tree
Hide file tree
Showing 8 changed files with 149 additions and 18 deletions.
7 changes: 7 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -184,3 +184,10 @@ For OSP deploy with Ceph using Composable Roles, After setting the above specifi

Note: User can customize [internal.yml.j2](templates/internal.yml.j2) template for Ceph deployment based on their
requirement if needed

## IPV6 based deployment
Requirements: Set the below params in group_vars/all.yml
#Enable ipv6 deployment
network_protocol: ipv6
ipv6_external_gateway: '2620:52:0:13b8::fe/64'
ipv6_external_network_vlan_id: 10
5 changes: 5 additions & 0 deletions ci/all_osp13.yml
Original file line number Diff line number Diff line change
Expand Up @@ -183,4 +183,9 @@ osd_objectstore: bluestore
#storage_node_disks: ['/dev/nvme0n1']
#osd_pool_default_pg_num:
#osd_pool_default_pgp_num:
new_nodes_instack: "{{ playbook_dir }}/newnodes.json"

#Enable ipv6 deployment
network_protocol: ipv4
##ipv6_external_gateway: '2620:52:0:13b8::fe/64'
##ipv6_external_network_vlan_id: 10
10 changes: 8 additions & 2 deletions composable_prepare_nic_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -121,13 +121,19 @@
- name: set nic-config path
set_fact:
nic_config_path: "{{ ansible_user_dir }}/virt/network/vlans{{ ((osp_release|int > 10) | ternary('', '/legacy')) }}"


- name: prepare network-environment.yaml.j2
template:
src: "network-environment.yaml.j2"
dest: "{{ ansible_user_dir }}/virt/network/network-environment.yaml.j2"
force: yes
when: network_protocol == "ipv4"

- name: prepare network-environment-v6.yaml.j2
template:
src: "network-environment-v6.yaml.j2"
dest: "{{ ansible_user_dir }}/virt/network/network-environment-v6.yaml.j2"
force: yes
when: network_protocol == "ipv6"

- name: set fact controller machine type
set_fact:
Expand Down
45 changes: 32 additions & 13 deletions external.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,40 +49,59 @@
# public_external_interface i.e 4th interface
- name: disable rp_filter
shell: |
for f in $(find /proc/sys/net/ipv4 -name rp_filter) ; do echo 0 > $f ; done
for f in $(find /proc/sys/net/ipv4 -name rp_filter) ; do echo 0 > $f ; done
become: true
ignore_errors: true
when: public_external_interface is defined

- name: create vlan interface on external interface
- name: create vlan interface on external interface (ipv4)
vars:
vlan_interface: "{{ ext_iface }}.{{ external_network_vlan_id }}"
shell: |
ip link add link {{ ext_iface }} name {{ vlan_interface }} type vlan id {{ external_network_vlan_id }}
ip link set dev {{ ext_iface }} up
ip link set dev {{ vlan_interface }} up
ip a a {{ external_gateway }} dev {{ vlan_interface }}
ip link add link {{ ext_iface }} name {{ vlan_interface }} type vlan id {{ external_network_vlan_id }}
ip link set dev {{ ext_iface }} up
ip link set dev {{ vlan_interface }} up
ip a a {{ external_gateway }} dev {{ vlan_interface }}
become: true
ignore_errors: true
when: external_network_vlan_id is defined
when: external_network_vlan_id is defined and network_protocol == "ipv4"

- name: add ip on when external interface is real public interface
shell: |
ip a a {{ external_gateway }} dev {{ ext_iface }}
ip a a {{ external_gateway }} dev {{ ext_iface }}
become: true
ignore_errors: true
when: external_network_vlan_id is not defined
when: external_network_vlan_id is not defined and network_protocol == "ipv4"

- name: create vlan interface on external interface (ipv6)
vars:
vlan_interface: "{{ ext_iface }}.{{ ipv6_external_network_vlan_id }}"
shell: |
ip link add link {{ ext_iface }} name {{ vlan_interface }} type vlan id {{ ipv6_external_network_vlan_id }}
ip link set dev {{ ext_iface }} up
ip link set dev {{ vlan_interface }} up
ip a a {{ ipv6_external_gateway }} dev {{ vlan_interface }}
become: true
ignore_errors: true
when: ipv6_external_network_vlan_id is defined and network_protocol == "ipv6"

- name: iptables rule to allow icmp
shell: |
iptables --ipv6 -I INPUT -p icmp -j ACCEPT
become: true
ignore_errors: true
when: network_protocol == "ipv6"

- name: get default route
shell: |
ip r | grep default | cut -d ' ' -f5
ip r | grep default | cut -d ' ' -f5
register: default_route
become: true
when: external_network_vlan_id is defined
when: external_network_vlan_id is defined or ipv6_external_network_vlan_id is defined

- name: masquerade on public interface
shell: |
iptables -t nat -A POSTROUTING -o {{ default_route.stdout }} -j MASQUERADE
iptables -t nat -A POSTROUTING -o {{ default_route.stdout }} -j MASQUERADE
become: true
when: external_network_vlan_id is defined
when: external_network_vlan_id is defined or ipv6_external_network_vlan_id is defined

7 changes: 5 additions & 2 deletions group_vars/all.yml
Original file line number Diff line number Diff line change
Expand Up @@ -214,14 +214,17 @@ composable_roles: false
#ceph_ifaces: []
#ceph_machine_type:


#Ceph deployment params
ceph_enabled: false
osd_scenario: lvm
osd_objectstore: bluestore

#Note:By default storage_node_disks can be detected automatically
#using introspection data
#storage_node_disks: ['/dev/nvme0n1']
#osd_pool_default_pg_num:
#osd_pool_default_pgp_num:

#Enable ipv6 deployment, set network_protocol to ipv6
network_protocol: ipv4
#ipv6_external_gateway: '2620:52:0:13b8::fe/64'
#ipv6_external_network_vlan_id: 10
2 changes: 1 addition & 1 deletion overcloud.yml
Original file line number Diff line number Diff line change
Expand Up @@ -268,6 +268,6 @@
- name: run tripleo-overcloud deploy
shell: |
source .venv/bin/activate
infrared tripleo-overcloud -vvv --version {{ osp_release }} --deployment-timeout {{ deployment_timeout | default(240) }} --build {{ osp_puddle }} --deployment-files {{ nic_configs }} --introspect no --tagging no --deploy yes --controller-nodes {{ controller_count }} --compute-nodes {{ compute_count }} --storage-nodes {{ ceph_node_count }} {{ oc_extra_templates | default('') }} --network-protocol ipv4 --network-backend {{ network_backend }} {{ network_type }} true {{ ceph_params | default('') }} --public-network false {{ oc_heat_configs | default('') }} {{ oc_config_resource | default('') }} > {{ log_directory }}/overcloud_deploy.log 2>&1
infrared tripleo-overcloud -vvv --version {{ osp_release }} --deployment-timeout {{ deployment_timeout | default(240) }} --build {{ osp_puddle }} --deployment-files {{ nic_configs }} --introspect no --tagging no --deploy yes --controller-nodes {{ controller_count }} --compute-nodes {{ compute_count }} --storage-nodes {{ ceph_node_count }} {{ oc_extra_templates | default('') }} --network-protocol {{ network_protocol | default('ipv4') }} --network-backend {{ network_backend }} {{ network_type }} true {{ ceph_params | default('') }} --public-network false {{ oc_heat_configs | default('') }} {{ oc_config_resource | default('') }} > {{ log_directory }}/overcloud_deploy.log 2>&1
args:
chdir: "{{ infrared_dir }}"
8 changes: 8 additions & 0 deletions prepare_nic_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,14 @@
src: "network-environment.yaml.j2"
dest: "{{ ansible_user_dir }}/virt/network/network-environment.yaml.j2"
force: yes
when: network_protocol == "ipv4"

- name: prepare network-environment-v6.yaml.j2
template:
src: "network-environment-v6.yaml.j2"
dest: "{{ ansible_user_dir }}/virt/network/network-environment-v6.yaml.j2"
force: yes
when: network_protocol == "ipv6"

- name: prepare controller.yaml.j2
template:
Expand Down
83 changes: 83 additions & 0 deletions templates/network-environment-v6.yaml.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
---
# This template configures each role to use Vlans on a single nic for
# each isolated network, but uses multiple nic's on each node:
#
# nic1 = pxe/management/ctlplane
# nic2 = VLAN trunk for network isolation
# nic3 = public/external access
#
# This template assumes use of network-isolation.yaml.
#
# FIXME: if/when we add functionality to heatclient to include heat
# environment files we should think about using it here to automatically
# include network-isolation.yaml.
resource_registry:
{% if composable_roles == true %}
{% for machine_type in machine_types %}
OS::TripleO::Compute{{ machine_type }}::Net::SoftwareConfig: vlans/{%raw%}{{ nics_subfolder }}{%endraw%}/compute_{{ machine_type }}.yaml
{% endfor %}
{% else %}
OS::TripleO::Compute::Net::SoftwareConfig: vlans/{%raw%}{{ nics_subfolder }}{%endraw%}/compute.yaml
{% endif %}
OS::TripleO::Controller::Net::SoftwareConfig: vlans/{%raw%}{{ nics_subfolder }}{%endraw%}/controller.yaml

parameter_defaults:
{%raw%}{% if not use_network_data|bool %}

ExternalNetCidr: '2620:52:0:13b8::/64'
ExternalAllocationPools: [{'start': '2620:52:0:13b8:5054:ff:fe3e:1', 'end': '2620:52:0:13b8:5054:ff:fe3e:aa'}]
ExternalInterfaceDefaultRoute: 2620:52:0:13b8::fe
ExternalNetworkVlanID: 10
InternalApiNetCidr: 'fd00:fd00:fd00:2000::/64'
InternalApiAllocationPools: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:aaaa:aaaa:ffff:fffe'}]
StorageNetCidr: 'fd00:fd00:fd00:3000::/64'
StorageAllocationPools: [{'start': 'fd00:fd00:fd00:3000::10', 'end': 'fd00:fd00:fd00:3000:aaaa:aaaa:ffff:fffe'}]
StorageMgmtNetCidr: 'fd00:fd00:fd00:4000::/64'
StorageMgmtAllocationPools: [{'start': 'fd00:fd00:fd00:4000::10', 'end': 'fd00:fd00:fd00:4000:aaaa:aaaa:ffff:fffe'}]
TenantNetCidr: '172.17.2.0/24'
TenantAllocationPools: [{'start': '172.17.2.10', 'end': '172.17.2.149'}]
TenantNetworkVlanID: 50
{% else %}{%endraw%}
# when using only network data, we use network-isolation (not
# network-isolation-v6) as per recommendation. But then those
# parameters are missing. Set it there.
# Enable IPv6 for Ceph.
CephIPv6: True
# Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster.
CorosyncIPv6: True
# Enable various IPv6 features in Nova.
NovaIPv6: True
# Enable IPv6 environment for RabbitMQ.
RabbitIPv6: True
# Enable IPv6 environment for Memcached.
MemcachedIPv6: True
# Enable IPv6 environment for MySQL.
MysqlIPv6: True
# Enable IPv6 environment for Manila
ManilaIPv6: True
# Enable IPv6 environment for Redis.
RedisIPv6: True
{%raw%}{% endif %}{%endraw%}

# DnsServers: ["2620:52:0:13b8::fe"]
DnsServers: ["10.0.0.1"]
EC2MetadataIp: 192.168.24.1
{%raw%}{% if install.splitstack|default(False) %}

ControlPlaneDefaultRoute: {{ ansible_host|default(ansible_ssh_host) }}
{% else %}{%endraw%}

ControlPlaneDefaultRoute: 192.168.24.1
{%raw%}{% endif %}{%endraw%}

{%raw%}{% if install.version|default(undercloud_version) | openstack_release == 14 %}{%endraw%}
ControlPlaneSubnetCidr: "24"
{%raw%}{% endif %}{%endraw%}

{%raw%}{% if install.network.dvr %}
NeutronExternalNetworkBridge: "br-ex"
{% else %}{%endraw%}
NeutronExternalNetworkBridge: ""
{%raw%}{% endif %}{%endraw%}
NeutronBridgeMappings: "datacentre:br-ex,tenant:br-isolated"
NeutronNetworkVLANRanges: "tenant:1000:2000"

0 comments on commit 60247ca

Please sign in to comment.