From 7714645bf3c30b2b771e7257c494289430d73f55 Mon Sep 17 00:00:00 2001 From: Nobuhiro MIKI Date: Tue, 22 Nov 2022 03:41:41 +0000 Subject: [PATCH] support ovs in compute containers * disable dstat which requires /var/lib/pcp/pmns/root * fix versions of systemd & ebtables * enable ipv6 * add HOST_IP environment variable * fix local.conf to use neutron's one [1] [1] https://github.com/openstack/neutron/tree/master/devstack Signed-off-by: Nobuhiro MIKI --- ...patch => 0001-devstack-disable-dstat.patch | 41 +++++++ compute/Dockerfile | 7 +- compute/local.conf | 77 ++++++++++--- controller/Dockerfile | 7 +- controller/local.conf | 102 +++++++++++++++--- docker-compose.yaml | 21 ++++ 6 files changed, 221 insertions(+), 34 deletions(-) rename 0001-devstack-disable-ovs.patch => 0001-devstack-disable-dstat.patch (56%) diff --git a/0001-devstack-disable-ovs.patch b/0001-devstack-disable-dstat.patch similarity index 56% rename from 0001-devstack-disable-ovs.patch rename to 0001-devstack-disable-dstat.patch index 1fba26a..50fc7ae 100644 --- a/0001-devstack-disable-ovs.patch +++ b/0001-devstack-disable-dstat.patch @@ -11,6 +11,47 @@ index b292da25..8514dd22 100644 # service is not started by default start_service $MYSQL_SERVICE_NAME elif is_ubuntu; then +diff --git a/lib/dstat b/lib/dstat +index eb03ae0f..4e2f609e 100644 +--- a/lib/dstat ++++ b/lib/dstat +@@ -19,33 +19,17 @@ set +o xtrace + + # install_dstat() - Install prerequisites for dstat services + function install_dstat { +- if is_service_enabled memory_tracker; then +- # Install python libraries required by tools/mlock_report.py +- pip_install_gr psutil +- fi ++ true + } + + # start_dstat() - Start running processes + function start_dstat { +- # A better kind of sysstat, with the top process per time slice +- run_process dstat "$TOP_DIR/tools/dstat.sh $LOGDIR" +- +- # To enable memory_tracker add: +- # enable_service memory_tracker +- # to your localrc +- run_process memory_tracker "$TOP_DIR/tools/memory_tracker.sh" "" "root" +- +- # TODO(jh): Fail when using the old service name otherwise consumers might +- # never notice that is has been removed. +- if is_service_enabled peakmem_tracker; then +- die $LINENO "The peakmem_tracker service has been removed, use memory_tracker instead" +- fi ++ true + } + + # stop_dstat() stop dstat process + function stop_dstat { +- stop_process dstat +- stop_process memory_tracker ++ true + } + + # Restore xtrace diff --git a/lib/neutron_plugins/ovs_base b/lib/neutron_plugins/ovs_base index cc41a8cd..c64861d3 100644 --- a/lib/neutron_plugins/ovs_base diff --git a/compute/Dockerfile b/compute/Dockerfile index 365a1b0..0fd0cb3 100644 --- a/compute/Dockerfile +++ b/compute/Dockerfile @@ -8,13 +8,14 @@ RUN apt-get update \ && apt-get install -y --no-install-recommends \ ca-certificates=20211016~20.04.1 \ patch=2.7.6-6 \ - systemd=245.4-4ubuntu3.18 \ + systemd=245.4-4ubuntu3.19 \ sudo=1.8.31-1ubuntu1.2 \ iproute2=5.5.0-1ubuntu1 \ lsb=11.1.0ubuntu2 \ git=1:2.25.1-1ubuntu3.6 \ curl=7.68.0-1ubuntu2.14 \ init=1.57 \ + ebtables=2.0.11-3build1 \ && apt-get -y clean \ && rm -rf /var/lib/apt/lists/* \ && curl https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh > /bin/wait-for-it.sh \ @@ -30,9 +31,9 @@ RUN git clone https://github.com/openstack/devstack.git \ COPY compute/local.conf /opt/stack/devstack/ COPY compute/devstack.service /etc/systemd/system/ -COPY 0001-devstack-disable-ovs.patch /opt/stack/ +COPY 0001-devstack-disable-dstat.patch /opt/stack/ -RUN patch -d ./devstack -p1 < 0001-devstack-disable-ovs.patch \ +RUN patch -d ./devstack -p1 < 0001-devstack-disable-dstat.patch \ && systemctl enable devstack STOPSIGNAL SIGRTMIN+3 diff --git a/compute/local.conf b/compute/local.conf index a984a4f..c82400a 100644 --- a/compute/local.conf +++ b/compute/local.conf @@ -1,21 +1,72 @@ +# +# Sample DevStack local.conf for Neutron ML2 OVS in compute node. +# +# This sample file is intended to be used for your typical DevStack environment +# that's running all of OpenStack on a single host. This can also be used as +# the first host of a multi-host test environment. +# + [[local|localrc]] -ADMIN_PASSWORD=nomoresecret -DATABASE_PASSWORD=stackdb -RABBIT_PASSWORD=stackqueue -SERVICE_PASSWORD=$ADMIN_PASSWORD -LOGFILE=$DEST/logs/stack.sh.log -LOGDAYS=2 -SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5 -SWIFT_REPLICAS=1 -SWIFT_DATA_DIR=$DEST/data - -ENABLED_SERVICES=n-cpu,placement-client +GIT_BASE=https://github.com + +DATABASE_PASSWORD=password +RABBIT_PASSWORD=password +SERVICE_PASSWORD=password +SERVICE_TOKEN=password +ADMIN_PASSWORD=password + +Q_AGENT=openvswitch +NEUTRON_AGENT=$Q_AGENT + +# If your stack get failed with error: "Could not determine host ip address. +# See local.conf for suggestions on setting HOST_IP." Try to uncomment +# this line to set the proper host IP. +#HOST_IP= + +# Set the controller's IP SERVICE_HOST=172.28.0.2 MYSQL_HOST=$SERVICE_HOST RABBIT_HOST=$SERVICE_HOST +Q_HOST=$SERVICE_HOST GLANCE_HOSTPORT=$SERVICE_HOST:9292 -GIT_BASE=https://github.com +VNCSERVER_PROXYCLIENT_ADDRESS=$HOST_IP +VNCSERVER_LISTEN=0.0.0.0 + +NOVNCPROXY_URL=${NOVNCPROXY_URL:-"http://$HOST_IP:6080/vnc_auto.html"} +XVPVNCPROXY_URL=${XVPVNCPROXY_URL:-"http://$HOST_IP:6081/console"} + +# Enable Compute and network services +ENABLED_SERVICES=n-cpu,n-novnc,neutron,q-agt,q-l3,q-meta,q-dhcp +# Enable network services only for network node +#ENABLED_SERVICES=neutron,q-agt,q-l3,q-meta,q-dhcp + +[[post-config|/$Q_PLUGIN_CONF_FILE]] +[ovs] +local_ip=$HOST_IP + +[agent] +tunnel_types=vxlan,gre +# You can add more config options here for neutron-openvswith-agent, for instance +# you can uncomment the followings settings to enable related functions. +#l2_population=True +#arp_responder=True +#enable_distributed_routing=True +# Uncomment the following to enable distributed DHCP for openvswitch agent +# for your compute node. +#extensions = dhcp + +[[post-config|$Q_L3_CONF_FILE]] +[DEFAULT] +debug = False +verbose = True + +# You can add more config options here for neutron-l3-agent, for instance +# you can uncomment the followings to enable dvr L3 agent mode. +# You can also set agent mode to legacy or dvr_snat for your network node. +#agent_mode=dvr -[[post-config|$NOVA_CONF]] +# Uncomment the followings to anable fip_qos agent extension for L3 agent. +#[agent] +#extensions = fip_qos diff --git a/controller/Dockerfile b/controller/Dockerfile index 06b370a..5996d1e 100644 --- a/controller/Dockerfile +++ b/controller/Dockerfile @@ -8,13 +8,14 @@ RUN apt-get update \ && apt-get install -y --no-install-recommends \ ca-certificates=20211016~20.04.1 \ patch=2.7.6-6 \ - systemd=245.4-4ubuntu3.18 \ + systemd=245.4-4ubuntu3.19 \ sudo=1.8.31-1ubuntu1.2 \ iproute2=5.5.0-1ubuntu1 \ lsb=11.1.0ubuntu2 \ git=1:2.25.1-1ubuntu3.6 \ curl=7.68.0-1ubuntu2.14 \ init=1.57 \ + ebtables=2.0.11-3build1 \ && apt-get -y clean \ && rm -rf /var/lib/apt/lists/* \ && curl https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh > /bin/wait-for-it.sh \ @@ -30,9 +31,9 @@ RUN git clone https://github.com/openstack/devstack.git \ COPY controller/local.conf /opt/stack/devstack/ COPY controller/devstack.service /etc/systemd/system/ -COPY 0001-devstack-disable-ovs.patch /opt/stack/ +COPY 0001-devstack-disable-dstat.patch /opt/stack/ -RUN patch -d ./devstack -p1 < 0001-devstack-disable-ovs.patch \ +RUN patch -d ./devstack -p1 < 0001-devstack-disable-dstat.patch \ && systemctl enable devstack STOPSIGNAL SIGRTMIN+3 diff --git a/controller/local.conf b/controller/local.conf index cebdae6..3902298 100644 --- a/controller/local.conf +++ b/controller/local.conf @@ -1,19 +1,91 @@ +# +# Sample DevStack local.conf for Neutron ML2 OVS. +# +# This sample file is intended to be used for your typical DevStack environment +# that's running all of OpenStack on a single host. This can also be used as +# the first host of a multi-host test environment. +# + [[local|localrc]] -ADMIN_PASSWORD=nomoresecret -DATABASE_PASSWORD=stackdb -RABBIT_PASSWORD=stackqueue -SERVICE_PASSWORD=$ADMIN_PASSWORD -LOGFILE=$DEST/logs/stack.sh.log -LOGDAYS=2 -SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5 -SWIFT_REPLICAS=1 -SWIFT_DATA_DIR=$DEST/data - -ENABLED_SERVICES=rabbit,mysql,key -ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cond,n-sch,placement-api,placement-client -ENABLED_SERVICES+=,g-api,g-reg -ENABLED_SERVICES+=,horizon GIT_BASE=https://github.com -[[post-config|$NOVA_CONF]] +DATABASE_PASSWORD=password +RABBIT_PASSWORD=password +SERVICE_PASSWORD=password +SERVICE_TOKEN=password +ADMIN_PASSWORD=password + +# If your stack get failed with error: "Could not determine host ip address. +# See local.conf for suggestions on setting HOST_IP." Try to uncomment +# this line to set the proper host IP. +#HOST_IP= + +# Horizon (the web UI) is enabled by default. You may want to disable +# it here to speed up DevStack a bit. +enable_service horizon +#disable_service horizon + +# Cinder (OpenStack Block Storage) is disabled by default to speed up +# DevStack a bit. You may enable it here if you would like to use it. +disable_service cinder c-sch c-api c-vol + +# Disable Tempest - The OpenStack Integration Test Suite. +disable_service tempest + +# Disable OpenStack Swift - the object/blob store service. +disable_service swift + +# Disable ML2 OVN plugin, driver and services +disable_service ovn +disable_service ovn-controller +disable_service ovn-northd +disable_service q-ovn-metadata-agent + +# Use openvswitch as the ml2 plugin driver +Q_AGENT=openvswitch + +# Enable Neutron services neutron-server, neutron-openvswitch-agent, +# neutron-dhcp-agent, neutron-l3-agent and neutron-metadata-agent +enable_service q-svc +enable_service q-agt +enable_service q-dhcp +enable_service q-l3 +enable_service q-meta + +[[post-config|$NEUTRON_CONF]] +[DEFAULT] +debug = True +verbose = True + +# Features available for ML2 OVS, uncomment to enforce DVR and L3 HA +#router_distributed=True +#l3_ha = True + +# You can add more config options here for neutron.conf +# to achive more precise control of the functions for neutron server. + +[[post-config|/$Q_PLUGIN_CONF_FILE]] +[ml2] +type_drivers=flat,gre,vlan,vxlan +tenant_network_types=vxlan +mechanism_drivers=openvswitch,l2population + +[agent] +tunnel_types=vxlan,gre + +# You can add more config options here for ml2_conf.ini, for instance +# you can uncomment the followings to set the segment ID ranges for +# various tenant network types. + +#[ml2_type_vxlan] +#vni_ranges=1:10000 + +#[ml2_type_flat] +#flat_networks = * + +#[ml2_type_gre] +#tunnel_id_ranges = 1:10000 + +#[ml2_type_vlan] +#network_vlan_ranges = tenant:1:1000 diff --git a/docker-compose.yaml b/docker-compose.yaml index e361273..382e3eb 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -8,6 +8,13 @@ services: dockerfile: controller/Dockerfile privileged: true tty: true + volumes: + - '/lib/modules:/lib/modules' + sysctls: + net.ipv6.conf.all.disable_ipv6: 0 + net.ipv6.conf.default.disable_ipv6: 0 + environment: + - HOST_IP=172.28.0.2 networks: management_network: ipv4_address: 172.28.0.2 @@ -19,6 +26,13 @@ services: dockerfile: compute/Dockerfile privileged: true tty: true + volumes: + - '/lib/modules:/lib/modules' + sysctls: + net.ipv6.conf.all.disable_ipv6: 0 + net.ipv6.conf.default.disable_ipv6: 0 + environment: + - HOST_IP=172.28.0.3 networks: management_network: ipv4_address: 172.28.0.3 @@ -30,6 +44,13 @@ services: dockerfile: compute/Dockerfile privileged: true tty: true + volumes: + - '/lib/modules:/lib/modules' + sysctls: + net.ipv6.conf.all.disable_ipv6: 0 + net.ipv6.conf.default.disable_ipv6: 0 + environment: + - HOST_IP=172.28.0.4 networks: management_network: ipv4_address: 172.28.0.4