[neutron][Cisco ACI]: Multiple VMM domain support (SOC - 10471) #2227
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![hound[bot]](https://avatars.githubusercontent.com/in/3598?s=60&v=4){kind=small}
| @@ -0,0 +1,15 @@ | |||
| def upgrade(tattr, tdep, attr, dep) | |||
| unless attr["apic"].key?("apic_vmms") | |||
There was a problem hiding this comment.
Style/IfUnlessModifier: Favor modifier unless usage when having a single-line body. Another good alternative is the usage of control flow &&/||. (https://github.com/bbatsov/ruby-style-guide#if-as-a-modifier)
| # distributed dhcp and metadata cannot work since these | ||
| # functions conflict with vcenter functionality. | ||
| if acivmms.find { |vmm| vmm[:vmm_type].downcase == "vmware"} | ||
| apic_optimized_dhcp = false |
There was a problem hiding this comment.
Layout/TrailingWhitespace: Trailing whitespace detected. (https://github.com/bbatsov/ruby-style-guide#no-trailing-whitespace)
| # If using VMWare vcenter as one of the compute hosts. | ||
| # distributed dhcp and metadata cannot work since these | ||
| # functions conflict with vcenter functionality. | ||
| if acivmms.find { |vmm| vmm[:vmm_type].downcase == "vmware"} |
There was a problem hiding this comment.
Performance/Casecmp: Use casecmp instead of downcase ==. (https://github.com/JuanitoFatas/fast-ruby#stringcasecmp-vs-stringdowncase---code)
Layout/SpaceInsideBlockBraces: Space missing inside }.
mmnelemane
changed the title
Added public FQDN for all nodes running dns-server. This follows PR 1887 in crowbar-core which when designate is enabled will made the dns servers listen on the public network.
This commit provides changes in plugin packages and config files needed for integration of SOC with ACI 4.1 and higher versions. ACI 4.1 uses a slightly different set of plugin packages and configs for integration with OpenStack. This includes: - python-gbpclient renamed to python-group-based-policy-client - ovs-bridge-name in opflex-agent-ovs.conf removed - addition of int-bridge-name and access-bridge-name in opflex-agent-ovs.conf - Renaming of agent-ovs to opflex-agent For uniformity, the template for opflex-agent-ovs.conf is now renamed from 10-opflex-agent-ovs.conf.erb to opflex-agent-ovs.conf.erb - The neutron template schema and json templates are updated to provide integration_bridge and access_bridge details with default values. The corresponding migration scripts are also updated.
mmnelemane
force-pushed
the
aci_4.1_multivmm
branch
from
5dcedf9
to
eb23fb3
Compare
A Single ACI fabric can support multiple VMM domains. Each VMM domain can be governed by a different controller (Eg: VMWare vCenter or OpenStack or MicroSoft SCVMM). Several production data centers tend to use multiple VMM domains and expect to be able to monitor and control network policies from a single ACI fabric. Integration of OpenStack with such a setup requires crowbar to provide parameters specific to each VMM domain. This commit adds the additional parameters and logic to validate and send these to the correct config location. The changes now allow to provide "Vmware" or "OpenStack" as the VMM type. Multiple entries of either types are possible. - Also added "ssl_mode" as a configurable parameter which is needed to be in "encrypted" mode if ESXi is used as compute. Other use-cases may need to change it as required and hence included it as a configurable parameter within the opflex node structure.
mmnelemane
force-pushed
the
aci_4.1_multivmm
branch
from
eb23fb3
to
1f16436
Compare
| @@ -0,0 +1,15 @@ | |||
| def upgrade(tattr, tdep, attr, dep) | |||
| unless attr["apic"].key?("apic_vmms") | |||
There was a problem hiding this comment.
Style/IfUnlessModifier: Favor modifier unless usage when having a single-line body. Another good alternative is the usage of control flow &&/||. (https://github.com/bbatsov/ruby-style-guide#if-as-a-modifier)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR enables the following feature for Cisco ACI:
Allows Crowbar configuration for enabling multiple VMM domain features for ACI. It was painful for the customer to change in the config file manually and avoid the chef-client from overriding the config. Both KVM and VMWare based VMM domains can be configured using this feature.
Each [apic_vmdom:<vmm_domain_name>] corresponds to a VMM configuration. In these sections, [apic] configurations can be overridden for more granular infrastructure sharing.
What is configured in the [apic] sharing will be the default used in case a more specific configuration is missing for the domain.
For example:
[apic_vmdom:soc_kvm_domain]
vlan_ranges=1000:2000
[apic_vmdom:soc_vmware_domain]
apic_vmm_type=vmware
In case of a VMWare based VMM domain, the respective VMM domain MUST be created in APIC prior to configuring in neutron. For KVM, neutron will create the VMM domain if not already created.
Note: The intended target of this PR is Cloud 7 and is updated here due to the standard process being followed for all PRs (master-update followed by cloud 7 backport). The tests were only done for Cloud 7 based deployments.