Add support for ipv6 deployment

README.md

@@ -184,3 +184,10 @@ For OSP deploy with Ceph using Composable Roles, After setting the above specifi
 
 Note: User can customize [internal.yml.j2](templates/internal.yml.j2) template for Ceph deployment based on their
       requirement if needed
+
+## IPV6 based deployment
+Requirements: Set the below params in group_vars/all.yml
+#Enable ipv6 deployment
+network_protocol: ipv6
+ipv6_external_gateway: '2620:52:0:13b8::fe/64'
+ipv6_external_network_vlan_id: 10

ci/all_osp13.yml

@@ -183,4 +183,9 @@ osd_objectstore: bluestore
 #storage_node_disks: ['/dev/nvme0n1']
 #osd_pool_default_pg_num:
 #osd_pool_default_pgp_num:
+new_nodes_instack: "{{ playbook_dir }}/newnodes.json"
 
+#Enable ipv6 deployment
+network_protocol: ipv4
+##ipv6_external_gateway: '2620:52:0:13b8::fe/64'
+##ipv6_external_network_vlan_id: 10

composable_prepare_nic_configs.yml

@@ -121,13 +121,19 @@
       - name: set nic-config path
         set_fact:
           nic_config_path: "{{ ansible_user_dir }}/virt/network/vlans{{ ((osp_release|int > 10) | ternary('', '/legacy')) }}"
-
-
       - name: prepare network-environment.yaml.j2
         template:
             src: "network-environment.yaml.j2"
             dest: "{{ ansible_user_dir }}/virt/network/network-environment.yaml.j2"
             force: yes
+        when: network_protocol == "ipv4"
+
+      - name: prepare network-environment-v6.yaml.j2
+        template:
+            src: "network-environment-v6.yaml.j2"
+            dest: "{{ ansible_user_dir }}/virt/network/network-environment-v6.yaml.j2"
+            force: yes
+        when: network_protocol == "ipv6"
 
       - name: set fact controller machine type
         set_fact:

external.yml

@@ -49,40 +49,59 @@
       # public_external_interface i.e 4th interface
       - name: disable rp_filter
         shell: |
-            for f in $(find /proc/sys/net/ipv4 -name rp_filter) ; do echo 0 > $f ; done
+          for f in $(find /proc/sys/net/ipv4 -name rp_filter) ; do echo 0 > $f ; done
         become: true
         ignore_errors: true
         when: public_external_interface is defined
 
-      - name: create vlan interface on external interface
+      - name: create vlan interface on external interface (ipv4)
         vars:
             vlan_interface: "{{ ext_iface }}.{{ external_network_vlan_id }}"
         shell: |
-            ip link add link {{ ext_iface }} name {{ vlan_interface }} type vlan id {{ external_network_vlan_id }}
-            ip link set dev {{ ext_iface }} up
-            ip link set dev {{ vlan_interface }} up
-            ip a a {{ external_gateway }} dev {{ vlan_interface }}
+          ip link add link {{ ext_iface }} name {{ vlan_interface }} type vlan id {{ external_network_vlan_id }}
+          ip link set dev {{ ext_iface }} up
+          ip link set dev {{ vlan_interface }} up
+          ip a a {{ external_gateway }} dev {{ vlan_interface }}
         become: true
         ignore_errors: true
-        when: external_network_vlan_id is defined
+        when: external_network_vlan_id is defined and network_protocol == "ipv4"
 
       - name: add ip on when external interface is real public interface
         shell: |
-            ip a a {{ external_gateway }} dev {{ ext_iface }}
+          ip a a {{ external_gateway }} dev {{ ext_iface }}
         become: true
         ignore_errors: true
-        when: external_network_vlan_id is not defined
+        when: external_network_vlan_id is not defined and network_protocol == "ipv4"
+
+      - name: create vlan interface on external interface (ipv6)
+        vars:
+            vlan_interface: "{{ ext_iface }}.{{ ipv6_external_network_vlan_id }}"
+        shell: |
+          ip link add link {{ ext_iface }} name {{ vlan_interface }} type vlan id {{ ipv6_external_network_vlan_id }}
+          ip link set dev {{ ext_iface }} up
+          ip link set dev {{ vlan_interface }} up
+          ip a a {{ ipv6_external_gateway }} dev {{ vlan_interface }}
+        become: true
+        ignore_errors: true
+        when: ipv6_external_network_vlan_id is defined and network_protocol == "ipv6"
+
+      - name: iptables rule to allow icmp
+        shell: |
+          iptables --ipv6 -I INPUT -p icmp -j ACCEPT
+        become: true
+        ignore_errors: true
+        when: network_protocol == "ipv6"
 
       - name: get default route
         shell: |
-            ip r | grep default | cut -d ' ' -f5
+          ip r | grep default | cut -d ' ' -f5
         register: default_route
         become: true
-        when: external_network_vlan_id is defined
+        when: external_network_vlan_id is defined or ipv6_external_network_vlan_id is defined
 
       - name: masquerade on public interface
         shell: |
-            iptables -t nat -A POSTROUTING -o {{ default_route.stdout }} -j MASQUERADE
+          iptables -t nat -A POSTROUTING -o {{ default_route.stdout }} -j MASQUERADE
         become: true
-        when: external_network_vlan_id is defined
+        when: external_network_vlan_id is defined or ipv6_external_network_vlan_id is defined
 

group_vars/all.yml

@@ -214,14 +214,17 @@ composable_roles: false
 #ceph_ifaces: []
 #ceph_machine_type:
 
-
 #Ceph deployment params
 ceph_enabled: false
 osd_scenario: lvm
 osd_objectstore: bluestore
-
 #Note:By default storage_node_disks can be detected automatically
 #using introspection data
 #storage_node_disks: ['/dev/nvme0n1']
 #osd_pool_default_pg_num:
 #osd_pool_default_pgp_num:
+
+#Enable ipv6 deployment, set network_protocol to ipv6
+network_protocol: ipv4
+#ipv6_external_gateway: '2620:52:0:13b8::fe/64'
+#ipv6_external_network_vlan_id: 10

overcloud.yml

@@ -268,6 +268,6 @@
       - name: run tripleo-overcloud deploy
         shell: |
             source .venv/bin/activate
-            infrared tripleo-overcloud -vvv --version {{ osp_release }} --deployment-timeout {{ deployment_timeout | default(240) }} --build {{ osp_puddle }}  --deployment-files {{ nic_configs }} --introspect no --tagging no --deploy yes --controller-nodes {{ controller_count }} --compute-nodes {{ compute_count }} --storage-nodes {{ ceph_node_count }} {{ oc_extra_templates | default('') }} --network-protocol ipv4 --network-backend {{ network_backend }} {{ network_type }} true {{ ceph_params | default('') }} --public-network false {{ oc_heat_configs | default('') }} {{ oc_config_resource | default('') }} > {{ log_directory }}/overcloud_deploy.log 2>&1
+            infrared tripleo-overcloud -vvv --version {{ osp_release }} --deployment-timeout {{ deployment_timeout | default(240) }} --build {{ osp_puddle }}  --deployment-files {{ nic_configs }} --introspect no --tagging no --deploy yes --controller-nodes {{ controller_count }} --compute-nodes {{ compute_count }} --storage-nodes {{ ceph_node_count }} {{ oc_extra_templates | default('') }} --network-protocol {{ network_protocol | default('ipv4') }} --network-backend {{ network_backend }} {{ network_type }} true {{ ceph_params | default('') }} --public-network false {{ oc_heat_configs | default('') }} {{ oc_config_resource | default('') }} > {{ log_directory }}/overcloud_deploy.log 2>&1
         args:
             chdir: "{{ infrared_dir }}"

prepare_nic_configs.yml

@@ -98,6 +98,14 @@
             src: "network-environment.yaml.j2"
             dest: "{{ ansible_user_dir }}/virt/network/network-environment.yaml.j2"
             force: yes
+        when: network_protocol == "ipv4"
+
+      - name: prepare network-environment-v6.yaml.j2
+        template:
+            src: "network-environment-v6.yaml.j2"
+            dest: "{{ ansible_user_dir }}/virt/network/network-environment-v6.yaml.j2"
+            force: yes
+        when: network_protocol == "ipv6"
 
       - name: prepare controller.yaml.j2
         template:

templates/network-environment-v6.yaml.j2

@@ -0,0 +1,83 @@
+---
+# This template configures each role to use Vlans on a single nic for
+# each isolated network, but uses multiple nic's on each node:
+#
+# nic1 = pxe/management/ctlplane
+# nic2 = VLAN trunk for network isolation
+# nic3 = public/external access
+#
+# This template assumes use of network-isolation.yaml.
+#
+# FIXME: if/when we add functionality to heatclient to include heat
+# environment files we should think about using it here to automatically
+# include network-isolation.yaml.
+resource_registry:
+{% if composable_roles == true %}
+{% for machine_type in machine_types %}
+  OS::TripleO::Compute{{ machine_type }}::Net::SoftwareConfig: vlans/{%raw%}{{ nics_subfolder }}{%endraw%}/compute_{{ machine_type }}.yaml
+{% endfor %}
+{% else %}
+  OS::TripleO::Compute::Net::SoftwareConfig: vlans/{%raw%}{{ nics_subfolder }}{%endraw%}/compute.yaml
+{% endif %}
+  OS::TripleO::Controller::Net::SoftwareConfig: vlans/{%raw%}{{ nics_subfolder }}{%endraw%}/controller.yaml
+
+parameter_defaults:
+{%raw%}{% if not use_network_data|bool %}
+
+    ExternalNetCidr: '2620:52:0:13b8::/64'
+    ExternalAllocationPools: [{'start': '2620:52:0:13b8:5054:ff:fe3e:1', 'end': '2620:52:0:13b8:5054:ff:fe3e:aa'}]
+    ExternalInterfaceDefaultRoute: 2620:52:0:13b8::fe
+    ExternalNetworkVlanID: 10
+    InternalApiNetCidr: 'fd00:fd00:fd00:2000::/64'
+    InternalApiAllocationPools: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:aaaa:aaaa:ffff:fffe'}]
+    StorageNetCidr: 'fd00:fd00:fd00:3000::/64'
+    StorageAllocationPools: [{'start': 'fd00:fd00:fd00:3000::10', 'end': 'fd00:fd00:fd00:3000:aaaa:aaaa:ffff:fffe'}]
+    StorageMgmtNetCidr: 'fd00:fd00:fd00:4000::/64'
+    StorageMgmtAllocationPools: [{'start': 'fd00:fd00:fd00:4000::10', 'end': 'fd00:fd00:fd00:4000:aaaa:aaaa:ffff:fffe'}]
+    TenantNetCidr: '172.17.2.0/24'
+    TenantAllocationPools: [{'start': '172.17.2.10', 'end': '172.17.2.149'}]
+    TenantNetworkVlanID: 50
+{% else %}{%endraw%}
+# when using only network data, we use network-isolation (not
+# network-isolation-v6) as per recommendation. But then those
+# parameters are missing. Set it there.
+    # Enable IPv6 for Ceph.
+    CephIPv6: True
+    # Enable IPv6 for Corosync. This is required when Corosync is using an IPv6 IP in the cluster.
+    CorosyncIPv6: True
+    # Enable various IPv6 features in Nova.
+    NovaIPv6: True
+    # Enable IPv6 environment for RabbitMQ.
+    RabbitIPv6: True
+    # Enable IPv6 environment for Memcached.
+    MemcachedIPv6: True
+    # Enable IPv6 environment for MySQL.
+    MysqlIPv6: True
+    # Enable IPv6 environment for Manila
+    ManilaIPv6: True
+    # Enable IPv6 environment for Redis.
+    RedisIPv6: True
+{%raw%}{% endif %}{%endraw%}
+
+#    DnsServers: ["2620:52:0:13b8::fe"]
+    DnsServers: ["10.0.0.1"]
+    EC2MetadataIp: 192.168.24.1
+{%raw%}{% if install.splitstack|default(False) %}
+
+    ControlPlaneDefaultRoute: {{ ansible_host|default(ansible_ssh_host) }}
+{% else %}{%endraw%}
+
+    ControlPlaneDefaultRoute: 192.168.24.1
+{%raw%}{% endif %}{%endraw%}
+
+{%raw%}{% if install.version|default(undercloud_version) | openstack_release == 14 %}{%endraw%}
+    ControlPlaneSubnetCidr: "24"
+{%raw%}{% endif %}{%endraw%}
+
+{%raw%}{% if install.network.dvr %}
+    NeutronExternalNetworkBridge: "br-ex"
+{% else %}{%endraw%}
+    NeutronExternalNetworkBridge: ""
+{%raw%}{% endif %}{%endraw%}
+    NeutronBridgeMappings: "datacentre:br-ex,tenant:br-isolated"
+    NeutronNetworkVLANRanges: "tenant:1000:2000"