Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
systemsmanagement:Ardana:8:CentOS
ardana-extensions-apicaci
ardana-extensions-apicaci-8.0+git.1544036372.5d...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ardana-extensions-apicaci-8.0+git.1544036372.5d494a9.obscpio of Package ardana-extensions-apicaci
07070100000000000081A40000000000000000000000015C0820140000000C000000000000000000000000000000000000004600000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/.copyrightignore.gitreview 07070100000001000081A40000000000000000000000015C0820140000008D000000000000000000000000000000000000004000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/.gitreview[gerrit] host=gerrit.suse.provo.cloud port=29418 project=ardana/ardana-extensions-apicaci.git defaultremote=ardana defaultbranch=stable/pike 07070100000002000081A40000000000000000000000015C0820140000279F000000000000000000000000000000000000003D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/LICENSE Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. 07070100000003000081A40000000000000000000000015C0820140000018A000000000000000000000000000000000000003F00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/README.md(c) Copyright 2018 SUSE LLC THIRD-PARTY IMPORT TO INCORPORATE THE CISCO ACI DRIVER TO NEUTRON To deploy Cisco ACI into the Ardana cloud, perform the steps below on the deployer node: 1. $ mkdir ~/third-party/apicaci $ cp -R /usr/share/ardana/ansible/apicaci ~/third-party/apicaci/ansible 2. $ cd ~/openstack/ardana/ansible $ ansible-playbook -i hosts/localhost third-party-import.yml 07070100000004000041ED0000000000000000000000055C08201400000000000000000000000000000000000000000000003D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci07070100000005000041ED0000000000000000000000055C08201400000000000000000000000000000000000000000000004500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible07070100000006000081A40000000000000000000000015C08201400000766000000000000000000000000000000000000005800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/_aci-configure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: NEU-DHCP:CISCO-AGT-OVS roles: - apic-agent-common tasks: - include: roles/apic-agent-common/tasks/add_ovs_bridges.yml - hosts: CISCO-CFG-AGT roles: - neutron-common - cisco-asr1k-plugin - cisco-config-agent tasks: - include: roles/neutron-common/tasks/configure.yml - include: roles/cisco-asr1k-plugin/tasks/configure.yml - include: roles/cisco-config-agent/tasks/configure.yml - hosts: APIC*-AGT:OPFLEX-AGT roles: - neutron-common - apic-agent-common tasks: - include: roles/neutron-common/tasks/install.yml - include: roles/neutron-common/tasks/configure.yml - include: roles/apic-agent-common/tasks/configure.yml - hosts: CISCO-AGT-OVS roles: - neutron-common - cisco-agent-ovs tasks: - include: roles/cisco-agent-ovs/tasks/configure.yml - hosts: APICSVC-AGT roles: - neutron-common - cisco-apic-service-agent tasks: - include: roles/cisco-apic-service-agent/tasks/configure.yml - hosts: APICHOST-AGT roles: - neutron-common - cisco-apic-host-agent tasks: - include: roles/cisco-apic-host-agent/tasks/configure.yml - hosts: OPFLEX-AGT roles: - neutron-common - cisco-opflex-agent tasks: - include: roles/cisco-opflex-agent/tasks/configure.yml 07070100000007000081A40000000000000000000000015C08201400000A1F000000000000000000000000000000000000005400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/aci-deploy.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # This file runs right after neutron-deploy.yml --- - hosts: NEU-DHCP:CISCO-AGT-OVS roles: - apic-agent-common tasks: - include: roles/apic-agent-common/tasks/add_ovs_bridges.yml - hosts: CISCO-CFG-AGT roles: - neutron-common - cisco-asr1k-plugin - cisco-config-agent tasks: - include: roles/neutron-common/tasks/install.yml - include: roles/neutron-common/tasks/configure.yml - include: roles/cisco-asr1k-plugin/tasks/configure.yml - include: roles/cisco-config-agent/tasks/configure.yml - hosts: APIC*-AGT:OPFLEX-AGT roles: - neutron-common - apic-agent-common tasks: - include: roles/neutron-common/tasks/install.yml - include: roles/neutron-common/tasks/configure.yml - include: roles/apic-agent-common/tasks/configure.yml - include: roles/neutron-common/tasks/start.yml - hosts: CISCO-AGT-OVS roles: - cisco-agent-ovs tasks: - include: roles/cisco-agent-ovs/tasks/install.yml - hosts: OPFLEX-AGT roles: - neutron-common - cisco-opflex-agent tasks: - include: roles/cisco-opflex-agent/tasks/install.yml - hosts: APICSVC-AGT roles: - cisco-apic-service-agent tasks: - include: roles/cisco-apic-service-agent/tasks/install.yml - hosts: APICHOST-AGT roles: - cisco-apic-host-agent tasks: - include: roles/cisco-apic-host-agent/tasks/install.yml - hosts: CISCO-AGT-OVS roles: - neutron-common - cisco-agent-ovs tasks: - include: roles/cisco-agent-ovs/tasks/configure.yml - hosts: OPFLEX-AGT roles: - neutron-common - cisco-opflex-agent tasks: - include: roles/cisco-opflex-agent/tasks/configure.yml - hosts: APICSVC-AGT roles: - neutron-common - cisco-apic-service-agent tasks: - include: roles/cisco-apic-service-agent/tasks/configure.yml - hosts: APICHOST-AGT roles: - neutron-common - cisco-apic-host-agent tasks: - include: roles/cisco-apic-host-agent/tasks/configure.yml - include: aci-start.yml 07070100000008000081A40000000000000000000000015C082014000002BB000000000000000000000000000000000000005900000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/aci-reconfigure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: _aci-configure.yml - include: aci-start.yml 07070100000009000081A40000000000000000000000015C082014000004E1000000000000000000000000000000000000005300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/aci-start.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: CISCO-AGT-OVS roles: - cisco-agent-ovs tasks: - include: roles/cisco-agent-ovs/tasks/start.yml - hosts: APICSVC-AGT roles: - cisco-apic-service-agent tasks: - include: roles/cisco-apic-service-agent/tasks/start.yml - hosts: OPFLEX-AGT roles: - cisco-opflex-agent tasks: - include: roles/cisco-opflex-agent/tasks/start.yml - hosts: APICHOST-AGT roles: - cisco-apic-host-agent tasks: - include: roles/cisco-apic-host-agent/tasks/start.yml - hosts: CISCO-CFG-AGT roles: - cisco-config-agent tasks: - include: roles/cisco-config-agent/tasks/start.yml 0707010000000A000081A40000000000000000000000015C08201400000562000000000000000000000000000000000000005400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/aci-status.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: CISCO-AGT-OVS max_fail_percentage: 0 roles: - cisco-agent-ovs tasks: - include: roles/cisco-agent-ovs/tasks/status.yml - hosts: APICSVC-AGT max_fail_percentage: 0 roles: - cisco-apic-service-agent tasks: - include: roles/cisco-apic-service-agent/tasks/status.yml - hosts: APICHOST-AGT max_fail_percentage: 0 roles: - cisco-apic-host-agent tasks: - include: roles/cisco-apic-host-agent/tasks/status.yml - hosts: OPFLEX-AGT max_fail_percentage: 0 roles: - cisco-opflex-agent tasks: - include: roles/cisco-opflex-agent/tasks/status.yml - hosts: CISCO-CFG-AGT max_fail_percentage: 0 roles: - cisco-config-agent tasks: - include: roles/cisco-config-agent/tasks/status.yml 0707010000000B000081A40000000000000000000000015C082014000004DB000000000000000000000000000000000000005200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/aci-stop.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: APICSVC-AGT roles: - cisco-apic-service-agent tasks: - include: roles/cisco-apic-service-agent/tasks/stop.yml - hosts: APICHOST-AGT roles: - cisco-apic-host-agent tasks: - include: roles/cisco-apic-host-agent/tasks/stop.yml - hosts: OPFLEX-AGT roles: - cisco-opflex-agent tasks: - include: roles/cisco-opflex-agent/tasks/stop.yml - hosts: CISCO-AGT-OVS roles: - cisco-agent-ovs tasks: - include: roles/cisco-agent-ovs/tasks/stop.yml - hosts: CISCO-CFG-AGT roles: - cisco-config-agent tasks: - include: roles/cisco-config-agent/tasks/stop.yml 0707010000000C000081A40000000000000000000000015C08201400000304000000000000000000000000000000000000005E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/cisco-aci-setup-repo.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # This file runs right before any Cloud deployment steps --- - hosts: CISCO-AGT-OVS:APIC*:OPFLEX-* roles: - cisco-aci-repo tasks: - include: roles/cisco-aci-repo/tasks/setup-repo.yml 0707010000000D000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000004C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/config0707010000000E000081A40000000000000000000000015C082014000007A8000000000000000000000000000000000000006100000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/config/apicaci-symlinks.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # The following relative symlinks are created under the # my_cloud/config directory. --- symlinks: "apicaci/ml2_conf_snippet.ini.j2": "roles/cisco-aci-ml2/templates/ml2_conf_snippet.ini.j2" "apicaci/20-aci-renderer_vlan.conf.j2": "roles/cisco-agent-ovs/templates/20-aci-renderer_vlan.conf.j2" "apicaci/20-aci-renderer_vxlan.conf.j2": "roles/cisco-agent-ovs/templates/20-aci-renderer_vxlan.conf.j2" "apicaci/ml2_nexus.ini.j2": "roles/cisco-nexus-ml2/templates/ml2_nexus.ini.j2" "apicaci/10-opflex-connection.conf.j2": "roles/cisco-agent-ovs/templates/10-opflex-connection.conf.j2" "apicaci/opflex-agent-ovs.conf.j2": "roles/cisco-agent-ovs/templates/opflex-agent-ovs.conf.j2" "apicaci/neutron-opflex-agent.service.j2": "roles/cisco-opflex-agent/templates/neutron-opflex-agent.service.j2" "apicaci/suse-aci-rpm-repos.yml": "roles/cisco-aci-repo/vars/suse.yml" "apicaci/ml2_ucsm.ini.j2": "roles/cisco-ucsm-ml2/templates/ml2_ucsm.ini.j2" "apicaci/cisco_router_plugin.ini.j2": "roles/cisco-asr1k-plugin/templates/cisco_router_plugin.ini.j2" "apicaci/cisco_device_manager_plugin.ini.j2": "roles/cisco-asr1k-plugin/templates/cisco_device_manager_plugin.ini.j2" "apicaci/cisco_cfg_agent.ini.j2": "roles/cisco-config-agent/templates/cisco_cfg_agent.ini.j2" 0707010000000F000041ED0000000000000000000000035C08201400000000000000000000000000000000000000000000004D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d07070100000010000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000005500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d/apicaci07070100000011000081A40000000000000000000000015C082014000002B3000000000000000000000000000000000000006D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d/apicaci/post-neutron-deploy.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: "{{ playbook_dir }}/aci-deploy.yml" 07070100000012000081A40000000000000000000000015C082014000002B8000000000000000000000000000000000000007200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d/apicaci/post-neutron-reconfigure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: "{{ playbook_dir }}/aci-reconfigure.yml" 07070100000013000081A40000000000000000000000015C082014000002B2000000000000000000000000000000000000006C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d/apicaci/post-neutron-start.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: "{{ playbook_dir }}/aci-start.yml" 07070100000014000081A40000000000000000000000015C082014000002B1000000000000000000000000000000000000006B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d/apicaci/post-neutron-stop.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: "{{ playbook_dir }}/aci-stop.yml" 07070100000015000081A40000000000000000000000015C082014000002B3000000000000000000000000000000000000006500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d/apicaci/post-status.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: "{{ playbook_dir }}/aci-status.yml" 07070100000016000081A40000000000000000000000015C0820140000027E000000000000000000000000000000000000006400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d/apicaci/pre-deploy.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: "{{ playbook_dir }}/cisco-aci-setup-repo.yml" 07070100000017000081A40000000000000000000000015C082014000002C2000000000000000000000000000000000000006C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d/apicaci/pre-neutron-deploy.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: "{{ playbook_dir }}/neutron-aci-server-deploy.yml" 07070100000018000081A40000000000000000000000015C082014000002C7000000000000000000000000000000000000007100000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/hooks.d/apicaci/pre-neutron-reconfigure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: "{{ playbook_dir }}/neutron-aci-server-reconfigure.yml" 07070100000019000081A40000000000000000000000015C0820140000070D000000000000000000000000000000000000006300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/neutron-aci-server-deploy.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: localhost roles: - neutron-common tasks: - include: roles/neutron-common/tasks/_getkey.yml - hosts: NEU-SVR:&ACI-ML2 roles: - neutron-common - cisco-aci-ml2 tasks: - include: roles/neutron-common/tasks/install.yml - include: roles/cisco-aci-ml2/tasks/install.yml - include: roles/cisco-aci-ml2/tasks/configure.yml - include: roles/neutron-common/tasks/start.yml - hosts: NEU-SVR--first-member:&ACI-ML2 roles: - neutron-post-configure tasks: - include: roles/neutron-post-configure/tasks/db_configure.yml - hosts: NEU-SVR--first-member:&ACI-ML2 roles: - neutron-common - cisco-aci-ml2 tasks: - include: roles/cisco-aci-ml2/tasks/db_configure.yml - include: roles/cisco-aci-ml2/tasks/route-reflector-create.yml - hosts: NEU-SVR:&APIC-AIM roles: - neutron-common - cisco-apic-aim tasks: - include: roles/neutron-common/tasks/install.yml - include: roles/neutron-common/tasks/configure.yml - include: roles/neutron-common/tasks/start.yml - hosts: NEU-SVR--first-member:&APIC-AIM roles: - neutron-post-configure tasks: - include: roles/neutron-post-configure/tasks/db_configure.yml 0707010000001A000081A40000000000000000000000015C082014000005CC000000000000000000000000000000000000006800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/neutron-aci-server-reconfigure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - hosts: localhost roles: - neutron-common tasks: - include: roles/neutron-common/tasks/_getkey.yml - hosts: NEU-SVR:&ACI-ML2 roles: - neutron-common - cisco-aci-ml2 tasks: - include: roles/cisco-aci-ml2/tasks/configure.yml - hosts: NEU-SVR--first-member:&ACI-ML2 roles: - neutron-post-configure tasks: - include: roles/neutron-post-configure/tasks/db_configure.yml - hosts: NEU-SVR--first-member:&ACI-ML2 roles: - neutron-common - cisco-aci-ml2 tasks: - include: roles/cisco-aci-ml2/tasks/db_configure.yml - hosts: NEU-SVR:&APIC-AIM roles: - neutron-common - cisco-apic-aim tasks: - include: roles/neutron-common/tasks/configure.yml - hosts: NEU-SVR--first-member:&APIC-AIM roles: - neutron-post-configure tasks: - include: roles/neutron-post-configure/tasks/db_configure.yml 0707010000001B000041ED00000000000000000000000E5C08201400000000000000000000000000000000000000000000004B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles0707010000001C000041ED0000000000000000000000045C08201400000000000000000000000000000000000000000000005D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/apic-agent-common0707010000001D000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/apic-agent-common/tasks0707010000001E000081A40000000000000000000000015C082014000003AB000000000000000000000000000000000000007700000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/apic-agent-common/tasks/add_ovs_bridges.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: apic-agent-common | add_ovs_bridges | Add br-int OVS bridge become: yes shell: "ovs-vsctl --timeout=10 -- --may-exist add-br br-int -- set Bridge br-int datapath_type=system" register: add_br_int changed_when: add_br_int.stderr == "" failed_when: add_br_int.rc != 0 0707010000001F000081A40000000000000000000000015C0820140000045F000000000000000000000000000000000000007100000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/apic-agent-common/tasks/configure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: apic-agent-common | configure | make the rootwrap.d directory become: yes file: path: "{{ neutron_rootwrap_filters_dir }}" state: directory mode: 0755 group: "root" owner: "root" state: directory - name: apic-agent-common | configure | render cisco-apic.filters become: yes template: src: "cisco-apic.filters.j2" dest: "{{ neutron_rootwrap_filters_dir }}/cisco-apic.filters" owner: "root" group: "root" mode: 0644 07070100000020000081A40000000000000000000000015C08201400000283000000000000000000000000000000000000006C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/apic-agent-common/tasks/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- 07070100000021000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006700000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/apic-agent-common/templates07070100000022000081A40000000000000000000000015C082014000005FC000000000000000000000000000000000000007D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/apic-agent-common/templates/cisco-apic.filters.j2# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # neutron-rootwrap command filters for nodes on which neutron is # expected to control network # # This file should be owned by (and only-writeable by) the root user # format seems to be # cmd-name: filter-name, raw-command, user, args [Filters] # cisco-apic filters lldpctl: CommandFilter, lldpctl, root # ip_lib filters ip: IpFilter, ip, root ip_exec: IpNetnsExecFilter, ip, root ovsdb-client: CommandFilter, ovsdb-client, root # gbp-opflex filters supervisord: CommandFilter, supervisord, root supervisorctl: CommandFilter, supervisorctl, root ip: CommandFilter, ip, root ethtool: CommandFilter, ethtool, root mkdir: CommandFilter, mkdir, root chmod: CommandFilter, chmod, root chown: CommandFilter, chown, root rm: CommandFilter, rm, root ovs-vsctl: CommandFilter, ovs-vsctl, root ovs-ofctl: CommandFilter, ovs-ofctl, root 07070100000023000041ED0000000000000000000000065C08201400000000000000000000000000000000000000000000005900000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml207070100000024000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/defaults07070100000025000081A40000000000000000000000015C082014000003CA000000000000000000000000000000000000006B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/defaults/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- apic_hosts: "{{ config_data | item('ACI.apic_hosts', default=[]) }}" apic_username: "{{ config_data | item('ACI.apic_username', default='admin') }}" apic_password: "{{ config_data | item('ACI.apic_password', default='cisco123') }}" apic_encaps: "{{ config_data | item('ACI.opflex_encapsulation_mode', default='vxlan') }}" 07070100000026000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000005F00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/tasks07070100000027000081A40000000000000000000000015C08201400000614000000000000000000000000000000000000006D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/tasks/configure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: ../../neutron-common/tasks/_set_service_directories.yml - include: ../../neutron-common/tasks/_create_user_and_group.yml - include: ../../neutron-common/tasks/_create_neutron_common_dirs.yml - include: ../../neutron-common/tasks/_write_conf.yml src: "../../neutron-common/templates/neutron.conf.j2" dest: "neutron.conf" - name: cisco-aci-ml2 | configure | Notify all neutron components to restart if neutron.conf changed command: /bin/true register: ardana_notify_neutron_restart_required when: write_conf_result.changed == true - include: ../../neutron-common/tasks/_write_conf.yml src: "../../neutron-common/templates/ml2_conf.ini.j2" dest: "ml2_conf.ini" - name: cisco-aci-ml2 | configure | Notify all neutron components to restart if ml2_conf.ini changed command: /bin/true register: ardana_notify_neutron_restart_required when: write_conf_result.changed == true 07070100000028000081A40000000000000000000000015C08201400000383000000000000000000000000000000000000007000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/tasks/db_configure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-aci-ml2 | db_configure | run apic-ml2-db-manage become: yes command: "{{ neutron_bin_dir }}/apic-ml2-db-manage --config-file {{ neutron_conf_dir }}/neutron.conf --config-file {{ neutron_conf_dir }}/ml2_conf.ini upgrade head" 07070100000029000081A40000000000000000000000015C08201400000329000000000000000000000000000000000000006B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/tasks/install.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-aci-ml2 | install | Install required packages become: yes package: name: "{{ item }}" state: present with_items: required_packages | default([]) register: ardana_notify_neutron_restart_required 0707010000002A000081A40000000000000000000000015C082014000002E8000000000000000000000000000000000000006800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/tasks/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-aci-ml2 | main | Load variables include_vars: "{{ ansible_os_family | lower }}.yml" 0707010000002B000081A40000000000000000000000015C0820140000039B000000000000000000000000000000000000007A00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/tasks/route-reflector-create.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-aci-ml2 | route-reflector-create | run route-reflector-create become: yes command: "{{ neutron_bin_dir }}/apic route-reflector-create --no-secure --apic-ip {{ apic_hosts[0] }} --apic-username {{ apic_username }} --apic-password {{ apic_password }}" 0707010000002C000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/templates0707010000002D000081A40000000000000000000000015C08201400000E6D000000000000000000000000000000000000007B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/templates/ml2_conf_snippet.ini.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [DEFAULT] apic_system_id = "{{ config_data | item('ACI.apic_system_id', default='') }}" [opflex] networks = '*' [ml2_cisco_apic] apic_hosts = {{ config_data | item('ACI.apic_hosts', default=[]) | join(',') }} apic_username = "{{ config_data | item('ACI.apic_username', default='') }}" apic_password = "{{ config_data | item('ACI.apic_password', default='') }}" apic_use_ssl = True apic_name_mapping = use_name apic_sync_interval = 0 apic_agent_report_interval = 30 apic_agent_poll_interval = 2 enable_aci_routing = True enable_arp_flooding = True apic_provision_infra = True apic_provision_hostlinks = True enable_optimized_dhcp = True enable_optimized_metadata = True integrated_topology_service = True [ml2] type_drivers = local, flat, vlan, gre, vxlan, opflex tenant_network_types = opflex [ovs] enable_tunneling = False integration_bridge = br-int # Specify your network topology. # This section indicates how your compute nodes are connected to the fabric's # switches and ports. The format is as follows: # # [apic_switch:<swich_id_from_the_apic>] # <compute_host>,<compute_host> = <switchport_the_host(s)_are_connected_to> # # You can have multiple sections, one for each switch in your fabric that is # participating in Openstack. e.g. # # [apic_switch:17] # ubuntu,ubuntu1 = 1/10 # ubuntu2,ubuntu3 = 1/11 # # [apic_switch:18] # ubuntu5,ubuntu6 = 1/1 # ubuntu7,ubuntu8 = 1/2 # Describe external connectivity. # In this section you can specify the external network configuration in order # for the plugin to be able to teach the fabric how to route the internal # traffic to the outside world. The external connectivity configuration # format is as follows: # # [apic_external_network:<externalNetworkName>] # preexisting = True # external_epg = <Name of L3-Out EPG> # host_pool_cidr = 10.104.20.1/24 # Additional paramaters, only if using edge-nat # edge_nat = True # vlan_range = 1001:1999 # # The "ml2_type_vlan" section is to override the same section in ml2_conf.ini -- # when the opflex_encapsulation_mode is vxlan (i.e., not vlan). The reason # is that the default HOS setting for network_vlan_ranges is "physnet", and the # APIC ML2 mechanism driver errors out when the "network_vlan_ranges" does not # explicitly specify a vlan range. # {% set encaps_mode = config_data | item('ACI.opflex_encapsulation_mode', default='vxlan') %} {% set vlan_range_tokens = [] %} {% if encaps_mode == 'vlan' %} {%- set vlan_physnet = config_data | item('ACI.apic_ml2_vlan_physnet', default='physnet1') -%} {%- if vlan_range_tokens.append(vlan_physnet) -%} {%- endif -%} {%- set vlan_min = config_data | item('ACI.apic_ml2_vlan_lower', default='1000') -%} {%- if vlan_range_tokens.append(vlan_min) -%} {%- endif -%} {%- set vlan_max = config_data | item('ACI.apic_ml2_vlan_upper', default='2000') -%} {%- if vlan_range_tokens.append(vlan_max) -%} {%- endif -%} {%- endif -%} [ml2_type_vlan] network_vlan_ranges = {{ vlan_range_tokens | join(':') }} [agent] tunnel_types = {{ encaps_mode }} 0707010000002E000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000005E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/vars0707010000002F000081A40000000000000000000000015C08201400000316000000000000000000000000000000000000006700000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-ml2/vars/suse.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # Contains default values for neutron-server configured for Cisco ACI using # the APIC ml2 mechanism drivers. --- required_packages: - python-neutron-ml2-driver-apic - aci-integration-module - python-apicapi 07070100000030000041ED0000000000000000000000055C08201400000000000000000000000000000000000000000000005A00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-repo07070100000031000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-repo/defaults07070100000032000081A40000000000000000000000015C08201400000259000000000000000000000000000000000000006C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-repo/defaults/main.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- cisco_aci_repos: [] 07070100000033000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-repo/tasks07070100000034000081A40000000000000000000000015C082014000004D5000000000000000000000000000000000000007000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-repo/tasks/_setup-zypp.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-aci-repo | _setup-zypp | debug cisco-aci-repos debug: msg: "Repo description: {{ item.name }} ::: Repo uri: {{ item.repo }} " with_items: aci_pkg_repos | default([]) - name: cisco-aci-repo | _setup-zypp | Register Cisco ACI repos on SLES nodes become: yes zypper_repository: repo: "{{ item.repo }}" description: "{{ item.name }}" disable_gpg_check: "{{ item.disable_gpg_check }}" with_items: aci_pkg_repos | default([]) - name: cisco-aci-repo | _setup-zypp | Refresh repos become: yes command: "zypper --non-interactive refresh --force {{ item.alias }}" with_items: aci_pkg_repos | default([]) 07070100000035000081A40000000000000000000000015C082014000002AA000000000000000000000000000000000000006900000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-repo/tasks/main.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-aci-repo | main | Load variables include_vars: "{{ ansible_os_family | lower }}.yml" 07070100000036000081A40000000000000000000000015C08201400000284000000000000000000000000000000000000006F00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-repo/tasks/setup-repo.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: _setup-zypp.yml when: ansible_os_family == 'Suse' 07070100000037000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000005F00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-repo/vars07070100000038000081A40000000000000000000000015C0820140000035D000000000000000000000000000000000000006800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-aci-repo/vars/suse.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- aci_pkg_repos: - repo: 'https://download.opensuse.org/repositories/Cloud:/OpenStack:/Pike:/cisco-apic/SLE_12_SP3/Cloud:OpenStack:Pike:cisco-apic.repo' name: 'ACI Plugin and agents for OpenStack Pike' alias: 'Cloud_OpenStack_Pike_cisco-apic' disable_gpg_check: 'yes' 07070100000039000041ED0000000000000000000000065C08201400000000000000000000000000000000000000000000005B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs0707010000003A000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/defaults0707010000003B000081A40000000000000000000000015C0820140000062D000000000000000000000000000000000000006D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/defaults/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- neutron_component: 'agent-ovs' apic_system_id: "{{ config_data | item('ACI.apic_system_id', default='helion_openstack') }}" opflex_peer_ip: "{{ config_data | item('ACI.opflex_peer_ip', default='10.0.0.30') }}" opflex_peer_port: "{{ config_data | item('ACI.opflex_peer_port', default='8009') }}" apic_infra_mac: '02:03:04:05:06:07' apic_infra_mtu: "{{ config_data | item('ACI.apic_infra_mtu', default='1600') }}" apic_infra_nic: "{{ config_data | item('ACI.apic_infra_nic', default='eth0') }}" apic_infra_vlan: "{{ config_data | item('ACI.apic_infra_vlan', default='4093') }}" apic_vlan_dev: "vlan{{ apic_infra_vlan }}" apic_vxlan_remote_ip: "{{ config_data | item('ACI.apic_vxlan_remote_ip', default='10.0.0.32') }}" apic_vxlan_remote_port: "{{ config_data | item('ACI.apic_vxlan_remote_port', default='8472') }}" opflex_encapsulation_mode: "{{ config_data | item('ACI.opflex_encapsulation_mode', default='vxlan') }}" 0707010000003C000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006100000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/tasks0707010000003D000081A40000000000000000000000015C0820140000126C000000000000000000000000000000000000006F00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/tasks/configure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-agent-ovs | configure | Ensure that LLDP is enabled and running become: yes service: name: lldpd enabled: yes state: started - name: cisco-agent-ovs | configure | Get interface MAC address from /sys command: "cat /sys/class/net/{{ apic_infra_nic }}/address" register: opflex_intf_mac changed_when: False - name: cisco-agent-ovs | configure | Set apic_infra_mac set_fact: apic_infra_mac: "{{ opflex_intf_mac.stdout }}" when: "opflex_intf_mac.rc == 0" - name: cisco-agent-ovs | configure | Write OpFlex interface configuration become: yes template: src: "80-ciscoaci.j2" dest: "/etc/network/interfaces.d/80-ciscoaci" register: ardana_notify_agent_ovs_restart_required - name: cisco-agent-ovs | configure | Write DHCP configuration to /etc/dhcp/dhclient.conf become: yes lineinfile: dest: /etc/dhcp/dhclient.conf regexp: '^interface "{{ apic_infra_nic }}" ' state: present line: 'interface "{{ apic_vlan_dev }}" { send host-name "{{ ansible_hostname }}"; send dhcp-client-identifier 01:{{ apic_infra_mac }}; }' - name: cisco-agent-ovs | configure | Restart OpFlex interface become: yes shell: "ifdown {{ apic_vlan_dev }} && ifdown {{ apic_infra_nic }} && ifup {{ apic_infra_nic }} && ifup {{ apic_vlan_dev }}" - name: cisco-agent-ovs | configure | Render 10-opflex-connection.conf become: yes template: src: "10-opflex-connection.conf.j2" dest: "/etc/opflex-agent-ovs/conf.d/10-opflex-connection.conf" owner: "root" group: "root" mode: "0644" register: ardana_notify_agent_ovs_restart_required - name: cisco-agent-ovs | configure | Render 20-aci-renderer.conf become: yes template: src: "20-aci-renderer_{{ opflex_encapsulation_mode }}.conf.j2" dest: "/etc/opflex-agent-ovs/conf.d/20-aci-renderer.conf" owner: "root" group: "root" mode: "0644" register: ardana_notify_agent_ovs_restart_required - name: cisco-agent-ovs | configure | render opflex-agent-ovs.conf become: yes template: src: "opflex-agent-ovs.conf.j2" dest: "/etc/opflex-agent-ovs/opflex-agent-ovs.conf" owner: "root" group: "root" mode: "0644" register: ardana_notify_agent_ovs_restart_required - name: cisco-agent-ovs | configure | Delete VXLAN interface in Open vSwitch become: yes when: "opflex_encapsulation_mode == 'vxlan'" shell: "ovs-vsctl del-port br-int br-int_vxlan0" register: rm_ovs_vxlan changed_when: rm_ovs_vxlan.stderr == "" and rm_ovs_vxlan.stdout == "" failed_when: rm_ovs_vxlan.rc != 0 and rm_ovs_vxlan.stdout.find('no port named') != -1 - name: cisco-agent-ovs | configure | Delete VLAN interface in Open vSwitch become: yes shell: "ovs-vsctl del-port {{ apic_infra_nic }}" when: "opflex_encapsulation_mode == 'vlan'" register: rm_ovs_vlan changed_when: rm_ovs_vlan.stderr == "" and rm_ovs_vlan.stdout == "" - name: cisco-agent-ovs | configure | Create VXLAN interface in Open vSwitch become: yes shell: "ovs-vsctl --may-exist -- add-port br-int br-int_vxlan0 -- set Interface br-int_vxlan0 type=vxlan options:remote_ip=flow options:key=flow options:dst_port={{ apic_vxlan_remote_port }}" when: "opflex_encapsulation_mode == 'vxlan'" register: mk_ovs_vxlan changed_when: mk_ovs_vxlan.stderr == "" and mk_ovs_vxlan.stdout == "" failed_when: mk_ovs_vxlan.rc != 0 - name: cisco-agent-ovs | configure | Notify agent-ovs to restart if br-int_vxlan0 added command: /bin/true register: ardana_notify_agent_ovs_restart_required when: mk_ovs_vxlan.changed - name: cisco-agent-ovs | configure | Create VLAN interface in Open vSwitch become: yes shell: "ovs-vsctl --may-exist -- add-port br-int {{ apic_infra_nic }}" when: "opflex_encapsulation_mode == 'vlan'" register: mk_ovs_vlan changed_when: mk_ovs_vlan.stderr == "" and mk_ovs_vlan.stdout == "" - name: cisco-agent-ovs | configure | Notify agent-ovs to restart if port added to br-int command: /bin/true register: ardana_notify_agent_ovs_restart_required when: mk_ovs_vlan.changed 0707010000003E000081A40000000000000000000000015C0820140000032E000000000000000000000000000000000000006D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/tasks/install.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-agent-ovs | install | Install packages become: yes package: name: "{{ item }}" state: present with_items: required_packages | default([]) 0707010000003F000081A40000000000000000000000015C082014000002EC000000000000000000000000000000000000006A00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/tasks/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-agent-ovs | main | Install packages include_vars: "{{ ansible_os_family | lower }}.yml" 07070100000040000081A40000000000000000000000015C08201400000407000000000000000000000000000000000000006B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/tasks/start.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-agent-ovs | start | Restart the agent-ovs become: yes service: name: agent-ovs state: restarted when: ( ardana_notify_agent_ovs_restart_required is defined and ardana_notify_agent_ovs_restart_required.changed ) - name: cisco-agent-ovs | start | Restart the agent-ovs become: yes service: name: agent-ovs state: started enabled: yes 07070100000041000081A40000000000000000000000015C082014000002BE000000000000000000000000000000000000006C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/tasks/status.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: ../../neutron-common/tasks/_service_status.yml 07070100000042000081A40000000000000000000000015C082014000002F4000000000000000000000000000000000000006A00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/tasks/stop.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-agent-ovs | stop | Stop agent-ovs become: yes service: name: agent-ovs state: stopped 07070100000043000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/templates07070100000044000081A40000000000000000000000015C082014000003E0000000000000000000000000000000000000008200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/templates/10-opflex-connection.conf.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} { "opflex": { "domain": "comp/prov-OpenStack/ctrlr-[{{ apic_system_id }}]-{{ apic_system_id }}/sw-InsiemeLSOid", "name": "{{ ansible_hostname }}", "peers": [ {"hostname": "{{ opflex_peer_ip }}", "port": "{{ opflex_peer_port }}"} ], "ssl": { "mode": "encrypted" } } } 07070100000045000081A40000000000000000000000015C082014000003BD000000000000000000000000000000000000008200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/templates/20-aci-renderer_vlan.conf.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} { "renderers": { "stitched-mode": { "ovs-bridge-name": "br-int", "encap": { "vlan" : { "encap-iface": "{{ apic_infra_nic }}" } }, "flowid-cache-dir": "/var/lib/opflex-agent-ovs/ids" } } } 07070100000046000081A40000000000000000000000015C082014000004CB000000000000000000000000000000000000008300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/templates/20-aci-renderer_vxlan.conf.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} { "renderers": { "stitched-mode": { "ovs-bridge-name": "br-int", "encap": { "vxlan" : { "encap-iface": "br-int_vxlan0", "uplink-iface": "{{ apic_vlan_dev }}", "uplink-vlan": "{{ apic_infra_vlan }}", "remote-ip": "{{ apic_vxlan_remote_ip }}", "remote-port": "{{ apic_vxlan_remote_port }}" } }, "flowid-cache-dir": "/var/lib/opflex-agent-ovs/ids" } } } 07070100000047000081A40000000000000000000000015C0820140000045F000000000000000000000000000000000000007400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/templates/80-ciscoaci.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} auto {{ apic_infra_nic }} iface {{ apic_infra_nic }} inet manual pre-up /sbin/ip link set dev {{ apic_infra_nic }} mtu {{ apic_infra_mtu }} auto {{ apic_vlan_dev }} iface {{ apic_vlan_dev }} inet dhcp hwaddress ether {{ apic_infra_mac }} vlan-raw-device {{ apic_infra_nic }} pre-up ethtool -K {{ apic_infra_nic }} lro off || true post-up /sbin/ip link set dev {{ apic_vlan_dev }} mtu {{ apic_infra_mtu }} post-up /sbin/route -nv add -net 224.0.0.0/4 dev {{ apic_vlan_dev }} 07070100000048000081A40000000000000000000000015C0820140000243A000000000000000000000000000000000000007E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/templates/opflex-agent-ovs.conf.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} { // Logging configuration // "log": { // // Set the log level. // // Possible values in descending order of verbosity: // // "debug7"-"debug0", "debug" (synonym for "debug0"), // // "info", "warning", "error", "fatal" // // Default: "info" // "level": "info" // }, // Configuration related to the OpFlex protocol "opflex": { // The policy domain for this agent. "domain": "openstack", // The unique name in the policy domain for this agent. "name": "example-agent", // a list of peers to connect to, by hostname and port. One // peer, or an anycast pseudo-peer, is sufficient to bootstrap // the connection without needing an exhaustive list of all // peers. "peers": [ // EXAMPLE: // {"hostname": "10.0.0.30", "port": 8009} ], "ssl": { // SSL mode. Possible values: // disabled: communicate without encryption (default) // encrypted: encrypt but do not verify peers // secure: encrypt and verify peer certificates "mode": "encrypted", // The path to a directory containing trusted certificate // authority public certificates, or a file containing a // specific CA certificate. // Default: "/etc/ssl/certs" "ca-store": "/etc/ssl/certs" }, "inspector": { // Enable the MODB inspector service, which allows // inspecting the state of the managed object database. // Default: true "enabled": true, // Listen on the specified socket for the inspector // Default: "/var/run/opflex-agent-ovs-inspect.sock" "socket-name": "/var/run/opflex-agent-ovs-inspect.sock" }, "notif": { // Enable the agent notification service, which sends // notifications to interested listeners over a UNIX // socket. // Default: true "enabled": true, // Listen on the specified socket for the inspector // Default: "/var/run/opflex-agent-ovs-notif.sock" "socket-name": "/var/run/opflex-agent-ovs-notif.sock", // Set the socket owner user after binding if the user // exists // Default: do not set the owner // "socket-owner": "root", // Set the socket group after binding if the group name // exists // Default: do not set the group "socket-group": "opflexep", // Set the socket permissions after binding to the // specified octal permissions mask // Default: do not set the permissions "socket-permissions": "770" } }, // Endpoint sources provide metadata about local endpoints "endpoint-sources": { // Filesystem path to monitor for endpoint information // Default: no endpoint sources "filesystem": ["/var/lib/opflex-agent-ovs/endpoints"] }, // Service sources provide metadata about services that can // provide functionality for local endpoints "service-sources": { // Filesystem path to monitor for service information // Default: no service sources "filesystem": ["/var/lib/opflex-agent-ovs/services"] }, // Renderers enforce policy obtained via OpFlex. // Default: no renderers "renderers": { // Stitched-mode renderer for interoperating with a // hardware fabric such as ACI // EXAMPLE: // "stitched-mode": { // // "Integration" bridge used to enforce contracts and forward // // packets // "int-bridge-name": "br-int", // // // "Access" bridge used to enforce access control and enforce // // security groups. // "access-bridge-name": "br-access", // // // Set encapsulation type. Must set either vxlan or vlan. // "encap": { // // Encapsulate traffic with VXLAN. // "vxlan" : { // // The name of the tunnel interface in OVS // "encap-iface": "br0_vxlan0", // // // The name of the interface whose IP should be used // // as the source IP in encapsulated traffic. // "uplink-iface": "team0.4093", // // // The vlan tag, if any, used on the uplink interface. // // Set to zero or omit if the uplink is untagged. // "uplink-vlan": 4093, // // // The IP address used for the destination IP in // // the encapsulated traffic. This should be an // // anycast IP address understood by the upstream // // stiched-mode fabric. // "remote-ip": "10.0.0.32", // // // UDP port number of the encapsulated traffic. // "remote-port": 8472 // } // // // Encapsulate traffic with a locally-significant VLAN // // tag // // EXAMPLE: // // "vlan" : { // // // The name of the uplink interface in OVS // // "encap-iface": "team0" // // } // }, // // // Configure forwarding policy // "forwarding": { // // Configure the virtual distributed router // "virtual-router": { // // Enable virtual distributed router. Set to true // // to enable or false to disable. // // Default: true. // "enabled": true, // // // Override MAC address for virtual router. // // Default: "00:22:bd:f8:19:ff" // "mac": "00:22:bd:f8:19:ff", // // // Configure IPv6-related settings for the virtual // // router // "ipv6" : { // // Send router advertisement messages in // // response to router solicitation requests as // // well as unsolicited advertisements. This // // is not required in stitched mode since the // // hardware router will send them. // "router-advertisement": false // } // }, // // // Configure virtual distributed DHCP server // "virtual-dhcp": { // // Enable virtual distributed DHCP server. Set to // // true to enable or false to disable. // // Default: true // "enabled": true, // // // Override MAC address for virtual dhcp server. // // Default: "00:22:bd:f8:19:ff" // "mac": "00:22:bd:f8:19:ff" // }, // // "endpoint-advertisements": { // // Set mode for generation of periodic ARP/NDP // // advertisements for endpoints. Possible values: // // disabled: Do not send advertisements // // gratuitous-unicast: Send gratuitous endpoint // // advertisements as unicast packets to the router // // mac. // // gratuitous-broadcast: Send gratuitous endpoint // // advertisements as broadcast packets. // // router-request: Unicast a spoofed request/solicitation // // for the subnet's gateway router. // // Default: router-request. // "mode": "gratuitous-broadcast" // } // }, // // // Location to store cached IDs for managing flow state // // Default: "/var/lib/opflex-agent-ovs/ids" // "flowid-cache-dir": "/var/lib/opflex-agent-ovs/ids", // // // Location to write multicast groups for the mcast-daemon // // Default: "/var/lib/opflex-agent-ovs/mcast/opflex-groups.json" // "mcast-group-file": "/var/lib/opflex-agent-ovs/mcast/opflex-groups.json" // } } } 07070100000049000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/vars0707010000004A000081A40000000000000000000000015C082014000003FA000000000000000000000000000000000000006B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/vars/debian.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # Contains default values for neutron dhcp agent, specific to Debian Systems --- required_packages: - lldpd - openvswitch-lib - libuv1 - libboost-system1.55.0 - libboost-random1.55.0 - libboost-atomic1.55.0 - libboost-thread1.55.0 - libboost-chrono1.55.0 - libboost-filesystem1.55.0 - libboost-iostreams1.55.0 - libboost-program-options1.55.0 - agent-ovs 0707010000004B000081A40000000000000000000000015C082014000002A3000000000000000000000000000000000000006900000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-agent-ovs/vars/suse.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # Contains default values Cisco agent-ovs --- required_packages: - lldpd - boost - agent-ovs 0707010000004C000041ED0000000000000000000000065C08201400000000000000000000000000000000000000000000005A00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim0707010000004D000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/defaults0707010000004E000081A40000000000000000000000015C08201400000244000000000000000000000000000000000000006C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/defaults/main.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- 0707010000004F000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/tasks07070100000050000081A40000000000000000000000015C08201400000321000000000000000000000000000000000000006C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/tasks/install.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-apic-aim | install | Install packages become: yes package: name: "{{ item }}" state: present with_items: required_packages | default([]) register: ardana_notify_neutron_restart_required 07070100000051000081A40000000000000000000000015C082014000002AA000000000000000000000000000000000000006900000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/tasks/main.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-apic-aim | main | Load variables include_vars: "{{ ansible_os_family | lower }}.yml" 07070100000052000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/templates07070100000053000081A40000000000000000000000015C0820140000033B000000000000000000000000000000000000007C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/templates/ml2_conf_ini_snippet.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [ml2_type_vxlan] vxlan_group = 224.0.0.1 [apic_aim_auth] auth_plugin = v3password auth_url = {{ neutron_auth_uri }}/v3 username = {{ neutron_admin_user }} password = {{ neutron_admin_password }} user_domain_name = service project_name = admin 07070100000054000081A40000000000000000000000015C0820140000056C000000000000000000000000000000000000007C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/templates/neutron_conf_snippet.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [group_policy] policy_drivers = aim_mapping extension_drivers = aim_extension,proxy_group,apic_segmentation_label [servicechain] servicechain_drivers = simplechain_driver [quotas] default_quota = -1 quota_network = -1 quota_subnet = -1 quota_port = -1 quota_security_group = -1 quota_security_group_rule = -1 quota_router = -1 quota_floatingip = -1 [node_comosition_plugin] node_plumber = admin_owned_resources_apic_plumber node_drivers = nfp_node_driver [admin_owned_resources_apic_tscp] plumbing_resource_owner_user = neutron plumbing_resource_owner_password = {{ neutron_admin_user }} plumbing_resource_owner_tenant_name = service [group_policy_implicit_policy] default_external_segment_name = default [nfp_node_driver] is_service_admin_owned = False svc_management_ptg_name = svc_management_ptg 07070100000055000081A40000000000000000000000015C082014000043FE000000000000000000000000000000000000007700000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/templates/new_policy.json.j2# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} { "context_is_admin": "role:admin or role:neutron_admin", "owner": "tenant_id:%(tenant_id)s", "admin_or_owner": "rule:context_is_admin or rule:owner", "context_is_advsvc": "role:advsvc", "admin_or_network_owner": "rule:context_is_admin or tenant_id:%(network:tenant_id)s", "admin_owner_or_network_owner": "rule:owner or rule:admin_or_network_owner", "admin_only": "rule:context_is_admin", "regular_user": "", "admin_or_data_plane_int": "rule:context_is_admin or role:data_plane_integrator", "shared": "field:networks:shared=True", "shared_firewalls": "field:firewalls:shared=True", "shared_firewall_policies": "field:firewall_policies:shared=True", "shared_subnetpools": "field:subnetpools:shared=True", "shared_address_scopes": "field:address_scopes:shared=True", "external": "field:networks:router:external=True", "default": "rule:admin_or_owner", "create_subnet": "rule:admin_or_network_owner", "create_subnet:segment_id": "rule:admin_only", "create_subnet:service_types": "rule:admin_only", "get_subnet": "rule:admin_or_owner or rule:shared", "get_subnet:segment_id": "rule:admin_only", "update_subnet": "rule:admin_or_network_owner", "update_subnet:service_types": "rule:admin_only", "delete_subnet": "rule:admin_or_network_owner", "create_subnetpool": "", "create_subnetpool:shared": "rule:admin_only", "create_subnetpool:is_default": "rule:admin_only", "get_subnetpool": "rule:admin_or_owner or rule:shared_subnetpools", "update_subnetpool": "rule:admin_or_owner", "update_subnetpool:is_default": "rule:admin_only", "delete_subnetpool": "rule:admin_or_owner", "create_address_scope": "", "create_address_scope:shared": "rule:admin_only", "get_address_scope": "rule:admin_or_owner or rule:shared_address_scopes", "update_address_scope": "rule:admin_or_owner", "update_address_scope:shared": "rule:admin_only", "delete_address_scope": "rule:admin_or_owner", "create_network": "", "get_network": "rule:admin_or_owner or rule:shared or rule:external or rule:context_is_advsvc", "get_network:router:external": "rule:regular_user", "get_network:segments": "rule:admin_only", "get_network:provider:network_type": "rule:admin_only", "get_network:provider:physical_network": "rule:admin_only", "get_network:provider:segmentation_id": "rule:admin_only", "get_network:queue_id": "rule:admin_only", "get_network_ip_availabilities": "rule:admin_only", "get_network_ip_availability": "rule:admin_only", "get_network:apic:distinguished_names": "rule:admin_only", "get_network:apic:synchronization_state": "rule:admin_only", "create_network:shared": "rule:admin_only", "create_network:router:external": "rule:admin_only", "create_network:is_default": "rule:admin_only", "create_network:segments": "rule:admin_only", "create_network:provider:network_type": "rule:admin_only", "create_network:provider:physical_network": "rule:admin_only", "create_network:provider:segmentation_id": "rule:admin_only", "update_network": "rule:admin_or_owner", "update_network:segments": "rule:admin_only", "update_network:shared": "rule:admin_only", "update_network:provider:network_type": "rule:admin_only", "update_network:provider:physical_network": "rule:admin_only", "update_network:provider:segmentation_id": "rule:admin_only", "update_network:router:external": "rule:admin_only", "delete_network": "rule:admin_or_owner", "create_segment": "rule:admin_only", "get_segment": "rule:admin_only", "update_segment": "rule:admin_only", "delete_segment": "rule:admin_only", "network_device": "field:port:device_owner=~^network:", "create_port": "", "create_port:device_owner": "not rule:network_device or rule:context_is_advsvc or rule:admin_or_network_owner", "create_port:mac_address": "rule:context_is_advsvc or rule:admin_or_network_owner", "create_port:fixed_ips": "rule:context_is_advsvc or rule:admin_or_network_owner", "create_port:port_security_enabled": "rule:context_is_advsvc or rule:admin_or_network_owner", "create_port:binding:host_id": "rule:admin_only", "create_port:binding:profile": "rule:admin_only", "create_port:mac_learning_enabled": "rule:context_is_advsvc or rule:admin_or_network_owner", "create_port:allowed_address_pairs": "rule:admin_or_network_owner", "get_port": "rule:context_is_advsvc or rule:admin_owner_or_network_owner", "get_port:queue_id": "rule:admin_only", "get_port:binding:vif_type": "rule:admin_only", "get_port:binding:vif_details": "rule:admin_only", "get_port:binding:host_id": "rule:admin_only", "get_port:binding:profile": "rule:admin_only", "update_port": "rule:admin_or_owner or rule:context_is_advsvc", "update_port:device_owner": "not rule:network_device or rule:context_is_advsvc or rule:admin_or_network_owner", "update_port:mac_address": "rule:admin_only or rule:context_is_advsvc", "update_port:fixed_ips": "rule:context_is_advsvc or rule:admin_or_network_owner", "update_port:port_security_enabled": "rule:context_is_advsvc or rule:admin_or_network_owner", "update_port:binding:host_id": "rule:admin_only", "update_port:binding:profile": "rule:admin_only", "update_port:mac_learning_enabled": "rule:context_is_advsvc or rule:admin_or_network_owner", "update_port:allowed_address_pairs": "rule:admin_or_network_owner", "update_port:data_plane_status": "rule:admin_or_data_plane_int", "delete_port": "rule:context_is_advsvc or rule:admin_owner_or_network_owner", "get_router:ha": "rule:admin_only", "create_router": "rule:regular_user", "create_router:external_gateway_info:enable_snat": "rule:admin_only", "create_router:distributed": "rule:admin_only", "create_router:ha": "rule:admin_only", "get_router": "rule:admin_or_owner", "get_router:distributed": "rule:admin_only", "update_router": "rule:admin_or_owner", "update_router:external_gateway_info": "rule:admin_or_owner", "update_router:external_gateway_info:network_id": "rule:admin_or_owner", "update_router:external_gateway_info:enable_snat": "rule:admin_only", "update_router:distributed": "rule:admin_only", "update_router:ha": "rule:admin_only", "delete_router": "rule:admin_or_owner", "add_router_interface": "rule:admin_or_owner", "remove_router_interface": "rule:admin_or_owner", "create_router:external_gateway_info:external_fixed_ips": "rule:admin_only", "update_router:external_gateway_info:external_fixed_ips": "rule:admin_only", "create_firewall": "", "get_firewall": "rule:admin_or_owner", "create_firewall:shared": "rule:admin_only", "get_firewall:shared": "rule:admin_only", "update_firewall": "rule:admin_or_owner", "update_firewall:shared": "rule:admin_only", "delete_firewall": "rule:admin_or_owner", "create_firewall_policy": "", "get_firewall_policy": "rule:admin_or_owner or rule:shared_firewall_policies", "create_firewall_policy:shared": "rule:admin_or_owner", "update_firewall_policy": "rule:admin_or_owner", "delete_firewall_policy": "rule:admin_or_owner", "insert_rule": "rule:admin_or_owner", "remove_rule": "rule:admin_or_owner", "create_firewall_rule": "", "get_firewall_rule": "rule:admin_or_owner or rule:shared_firewalls", "update_firewall_rule": "rule:admin_or_owner", "delete_firewall_rule": "rule:admin_or_owner", "create_qos_queue": "rule:admin_only", "get_qos_queue": "rule:admin_only", "update_agent": "rule:admin_only", "delete_agent": "rule:admin_only", "get_agent": "rule:admin_only", "create_dhcp-network": "rule:admin_only", "delete_dhcp-network": "rule:admin_only", "get_dhcp-networks": "rule:admin_only", "create_l3-router": "rule:admin_only", "delete_l3-router": "rule:admin_only", "get_l3-routers": "rule:admin_only", "get_dhcp-agents": "rule:admin_only", "get_l3-agents": "rule:admin_only", "get_loadbalancer-agent": "rule:admin_only", "get_loadbalancer-pools": "rule:admin_only", "get_agent-loadbalancers": "rule:admin_only", "get_loadbalancer-hosting-agent": "rule:admin_only", "create_floatingip": "rule:regular_user", "create_floatingip:floating_ip_address": "rule:admin_only", "update_floatingip": "rule:admin_or_owner", "delete_floatingip": "rule:admin_or_owner", "get_floatingip": "rule:admin_or_owner", "create_network_profile": "rule:admin_only", "update_network_profile": "rule:admin_only", "delete_network_profile": "rule:admin_only", "get_network_profiles": "", "get_network_profile": "", "update_policy_profiles": "rule:admin_only", "get_policy_profiles": "", "get_policy_profile": "", "create_metering_label": "rule:admin_only", "delete_metering_label": "rule:admin_only", "get_metering_label": "rule:admin_only", "create_metering_label_rule": "rule:admin_only", "delete_metering_label_rule": "rule:admin_only", "get_metering_label_rule": "rule:admin_only", "get_service_provider": "rule:regular_user", "get_lsn": "rule:admin_only", "create_lsn": "rule:admin_only", "create_flavor": "rule:admin_only", "update_flavor": "rule:admin_only", "delete_flavor": "rule:admin_only", "get_flavors": "rule:regular_user", "get_flavor": "rule:regular_user", "create_service_profile": "rule:admin_only", "update_service_profile": "rule:admin_only", "delete_service_profile": "rule:admin_only", "get_service_profiles": "rule:admin_only", "get_service_profile": "rule:admin_only", "get_policy": "rule:regular_user", "create_policy": "rule:{{ qos_who }}", "update_policy": "rule:{{ qos_who }}", "delete_policy": "rule:{{ qos_who }}", "get_policy_bandwidth_limit_rule": "rule:regular_user", "create_policy_bandwidth_limit_rule": "rule:admin_only", "delete_policy_bandwidth_limit_rule": "rule:admin_only", "update_policy_bandwidth_limit_rule": "rule:admin_only", "get_policy_dscp_marking_rule": "rule:regular_user", "create_policy_dscp_marking_rule": "rule:admin_only", "delete_policy_dscp_marking_rule": "rule:admin_only", "update_policy_dscp_marking_rule": "rule:admin_only", "get_rule_type": "rule:regular_user", "get_policy_minimum_bandwidth_rule": "rule:regular_user", "create_policy_minimum_bandwidth_rule": "rule:admin_only", "delete_policy_minimum_bandwidth_rule": "rule:admin_only", "update_policy_minimum_bandwidth_rule": "rule:admin_only", "restrict_wildcard": "(not field:rbac_policy:target_tenant=*) or rule:admin_only", "create_rbac_policy": "", "create_rbac_policy:target_tenant": "rule:restrict_wildcard", "update_rbac_policy": "rule:admin_or_owner", "update_rbac_policy:target_tenant": "rule:restrict_wildcard and rule:admin_or_owner", "get_rbac_policy": "rule:admin_or_owner", "delete_rbac_policy": "rule:admin_or_owner", "create_flavor_service_profile": "rule:admin_only", "delete_flavor_service_profile": "rule:admin_only", "get_flavor_service_profile": "rule:regular_user", "get_auto_allocated_topology": "rule:admin_or_owner", "create_trunk": "rule:regular_user", "get_trunk": "rule:admin_or_owner", "delete_trunk": "rule:admin_or_owner", "get_subports": "", "add_subports": "rule:admin_or_owner", "remove_subports": "rule:admin_or_owner", "get_security_groups": "rule:admin_or_owner", "get_security_group": "rule:admin_or_owner", "create_security_group": "rule:admin_or_owner", "update_security_group": "rule:admin_or_owner", "delete_security_group": "rule:admin_or_owner", "get_security_group_rules": "rule:admin_or_owner", "get_security_group_rule": "rule:admin_or_owner", "create_security_group_rule": "rule:admin_or_owner", "delete_security_group_rule": "rule:admin_or_owner", "get_loggable_resources": "rule:admin_only", "create_log": "rule:admin_only", "update_log": "rule:admin_only", "delete_log": "rule:admin_only", "get_logs": "rule:admin_only", "get_log": "rule:admin_only" "shared_ptg": "field:policy_target_groups:shared=True", "shared_pt": "field:policy_targets:shared=True", "shared_prs": "field:policy_rule_sets:shared=True", "shared_l3p": "field:l3_policies:shared=True", "shared_l2p": "field:l2_policies:shared=True", "shared_es": "field:external_segments:shared=True", "shared_ep": "field:external_policies:shared=True", "shared_pc": "field:policy_classifiers:shared=True", "shared_pa": "field:policy_actions:shared=True", "shared_pr": "field:policy_rules:shared=True", "shared_np": "field:nat_pools:shared=True", "shared_nsp": "field:network_service_policies:shared=True", "shared_scn": "field:servicechain_nodes:shared=True", "shared_scs": "field:servicechain_specs:shared=True", "shared_sp": "field:service_profiles:shared=True", "auto_ptg": "field:policy_target_groups:is_auto_ptg=True", "non_auto_ptg_shared": "rule:admin_or_owner or rule:shared_ptg", "non_auto_ptg": "rule:non_auto_ptg_shared and not rule:auto_ptg", "admin_auto_ptg_shared": "rule:admin_only or rule:shared_ptg", "admin_auto_ptg": "rule:admin_auto_ptg_shared and rule:auto_ptg", "create_policy_target_group": "", "create_policy_target_group:shared": "rule:admin_only", "create_policy_target_group:service_management": "rule:admin_only", "create_policy_target_group:enforce_service_chains": "rule:admin_only", "get_policy_target_group": "rule:admin_auto_ptg or rule:non_auto_ptg", "update_policy_target_group": "rule:admin_auto_ptg or rule:non_auto_ptg", "update_policy_target_group:shared": "rule:admin_only", "create_l2_policy": "", "create_l2_policy:shared": "rule:admin_only", "get_l2_policy": "rule:admin_or_owner or rule:shared_l2p", "update_l2_policy:shared": "rule:admin_only", "create_l3_policy": "", "create_l3_policy:shared": "rule:admin_only", "get_l3_policy": "rule:admin_or_owner or rule:shared_l3p", "update_l3_policy:shared": "rule:admin_only", "create_policy_classifier": "", "create_policy_classifier:shared": "rule:admin_only", "get_policy_classifier": "rule:admin_or_owner or rule:shared_pc", "update_policy_classifier:shared": "rule:admin_only", "create_policy_action": "", "create_policy_action:shared": "rule:admin_only", "get_policy_action": "rule:admin_or_owner or rule:shared_pa", "update_policy_action:shared": "rule:admin_only", "create_policy_rule": "", "create_policy_rule:shared": "rule:admin_only", "get_policy_rule": "rule:admin_or_owner or rule:shared_pr", "update_policy_rule:shared": "rule:admin_only", "create_policy_rule_set": "", "create_policy_rule_set:shared": "rule:admin_only", "get_policy_rule_set": "rule:admin_or_owner or rule:shared_prs", "update_policy_rule_set:shared": "rule:admin_only", "create_network_service_policy": "", "create_network_service_policy:shared": "rule:admin_only", "get_network_service_policy": "rule:admin_or_owner or rule:shared_nsp", "update_network_service_policy:shared": "rule:admin_only", "create_external_segment": "", "create_external_segment:shared": "rule:admin_only", "get_external_segment": "rule:admin_or_owner or rule:shared_es", "update_external_segment:shared": "rule:admin_only", "create_external_policy": "", "create_external_policy:shared": "rule:admin_only", "get_external_policy": "rule:admin_or_owner or rule:shared_ep", "update_external_policy:shared": "rule:admin_only", "create_nat_pool": "", "create_nat_pool:shared": "rule:admin_only", "get_nat_pool": "rule:admin_or_owner or rule:shared_np", "update_nat_pool:shared": "rule:admin_only", "create_servicechain_node": "", "create_servicechain_node:shared": "rule:admin_only", "get_servicechain_node": "rule:admin_or_owner or rule:shared_scn", "update_servicechain_node:shared": "rule:admin_only", "create_servicechain_spec": "", "create_servicechain_spec:shared": "rule:admin_only", "get_servicechain_spec": "rule:admin_or_owner or rule:shared_scs", "update_servicechain_spec:shared": "rule:admin_only", "create_servicechain_instance": "", "get_servicechain_instance": "rule:admin_or_owner", "update_servicechain_instance:shared": "rule:admin_only", "create_service_profile": "", "create_service_profile:shared": "rule:admin_only", "get_service_profile": "rule:admin_or_owner or rule:shared_sp", "update_service_profile:shared": "rule:admin_only" } 07070100000056000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000005F00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/vars07070100000057000081A40000000000000000000000015C08201400000346000000000000000000000000000000000000006800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-aim/vars/suse.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # Contains default values for neutron-server configured for Cisco ACI using # the APIC ml2 mechanism drivers. --- required_packages: - python-apicapi - python-acitoolkit - openstack-neutron-gbp - aci-integration-module - openstack-neutron-opflex-agent 07070100000058000041ED0000000000000000000000055C08201400000000000000000000000000000000000000000000006100000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent07070100000059000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006A00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/defaults0707010000005A000081A40000000000000000000000015C082014000002F8000000000000000000000000000000000000007300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/defaults/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # This file will contain the default values for the neutron server --- neutron_component: neutron-cisco-apic-host-agent 0707010000005B000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006700000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/tasks0707010000005C000081A40000000000000000000000015C082014000003C5000000000000000000000000000000000000007500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/tasks/configure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: ../../neutron-common/tasks/create_systemd_service.yml neutron_service_cmd: "neutron-cisco-apic-host-agent" neutron_service_cmd_args: "--config-file={{ neutron_conf_dir }}/neutron.conf --config-file={{ neutron_conf_dir }}/ml2_conf.ini --log-file={{ neutron_log_dir }}/cisco-apic-host-agent.log" 0707010000005D000081A40000000000000000000000015C08201400000334000000000000000000000000000000000000007300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/tasks/install.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-apic-host-agent | install | Install packages become: yes package: name: "{{ item }}" state: present with_items: required_packages | default([]) 0707010000005E000081A40000000000000000000000015C082014000002F2000000000000000000000000000000000000007000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/tasks/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-apic-host-agent | main | Install packages include_vars: "{{ ansible_os_family | lower }}.yml" 0707010000005F000081A40000000000000000000000015C082014000004FE000000000000000000000000000000000000007100000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/tasks/start.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Start or restart neutron ovs agent --- - name: cisco-apic-host-agent | start | Restart the cisco-apic-host-agent become: yes service: name: neutron-cisco-apic-host-agent state: restarted when: ( ardana_notify_neutron_restart_required is defined and ardana_notify_neutron_restart_required.changed ) or ( ardana_notify_neutron_server_restart_required is defined and ardana_notify_neutron_server_restart_required.changed ) - name: cisco-apic-host-agent | start | Start the cisco-apic-host-agent become: yes service: name: neutron-cisco-apic-host-agent state: started enabled: yes 07070100000060000081A40000000000000000000000015C082014000002BE000000000000000000000000000000000000007200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/tasks/status.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: ../../neutron-common/tasks/_service_status.yml 07070100000061000081A40000000000000000000000015C0820140000031E000000000000000000000000000000000000007000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/tasks/stop.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-apic-host-agent | stop | Stop the cisco-apic-host-agent become: yes service: name: neutron-cisco-apic-host-agent state: stopped 07070100000062000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006600000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/vars07070100000063000081A40000000000000000000000015C082014000002AE000000000000000000000000000000000000007100000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/vars/debian.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- required_packages: - lldpd - supervisor 07070100000064000081A40000000000000000000000015C08201400000292000000000000000000000000000000000000006F00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-host-agent/vars/suse.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. --- required_packages: - lldpd - supervisor - openstack-neutron-opflex-agent 07070100000065000041ED0000000000000000000000045C08201400000000000000000000000000000000000000000000006400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-service-agent07070100000066000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-service-agent/defaults07070100000067000081A40000000000000000000000015C082014000002FB000000000000000000000000000000000000007600000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-service-agent/defaults/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # This file will contain the default values for the neutron server --- neutron_component: neutron-cisco-apic-service-agent 07070100000068000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006A00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-service-agent/tasks07070100000069000081A40000000000000000000000015C08201400000625000000000000000000000000000000000000007800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-service-agent/tasks/configure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-apic-service-agent | stop | Stop the neutron-dhcp-agent become: yes service: name: neutron-dhcp-agent state: stopped - name: cisco-apic-service-agent | configure | modify dhcp_agent.ini become: yes lineinfile: dest: "{{ neutron_conf_dir }}/dhcp_agent.ini" state: present regexp: '^dhcp_driver = (.*)$' line: 'dhcp_driver = apic_ml2.neutron.agent.linux.apic_dhcp.ApicDnsmasq' backrefs: yes - include: ../../neutron-common/tasks/create_systemd_service.yml neutron_service_cmd: "neutron-cisco-apic-service-agent" neutron_service_cmd_args: "--config-file={{ neutron_conf_dir }}/neutron.conf --config-file={{ neutron_conf_dir }}/ml2_conf.ini --log-file={{ neutron_log_dir }}/cisco-apic-service-agent.log" - name: cisco-apic-service-agent | configure | restart the dhcp-agent become: yes service: name: neutron-dhcp-agent state: started enabled: yes 0707010000006A000081A40000000000000000000000015C08201400000283000000000000000000000000000000000000007600000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-service-agent/tasks/install.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- 0707010000006B000081A40000000000000000000000015C08201400000510000000000000000000000000000000000000007400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-service-agent/tasks/start.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Start or restart neutron ovs agent --- - name: cisco-apic-service-agent | start | Restart the cisco-apic-service-agent become: yes service: name: neutron-cisco-apic-service-agent state: restarted when: ( ardana_notify_neutron_restart_required is defined and ardana_notify_neutron_restart_required.changed ) or ( ardana_notify_neutron_server_restart_required is defined and ardana_notify_neutron_server_restart_required.changed ) - name: cisco-apic-service-agent | start | Start the cisco-apic-service-agent become: yes service: name: neutron-cisco-apic-service-agent state: started enabled: yes 0707010000006C000081A40000000000000000000000015C082014000002BE000000000000000000000000000000000000007500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-service-agent/tasks/status.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: ../../neutron-common/tasks/_service_status.yml 0707010000006D000081A40000000000000000000000015C08201400000327000000000000000000000000000000000000007300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-apic-service-agent/tasks/stop.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-apic-service-agent | stop | Stop the cisco-apic-service-agent become: yes service: name: neutron-cisco-apic-service-agent state: stopped 0707010000006E000041ED0000000000000000000000045C08201400000000000000000000000000000000000000000000005E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-asr1k-plugin0707010000006F000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-asr1k-plugin/tasks07070100000070000081A40000000000000000000000015C0820140000057C000000000000000000000000000000000000007200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-asr1k-plugin/tasks/configure.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: ../../neutron-common/tasks/_write_conf.yml src: "../../cisco-asr1k-plugin/templates/cisco_router_plugin.ini.j2" dest: "cisco_router_plugin.ini" - name: cisco-config-agent | configure | Notify all neutron components to restart if cisco_router_plugin.ini changed command: /bin/true register: ardana_notify_cisco_asr1k_restart_required when: write_conf_result.changed == true - include: ../../neutron-common/tasks/_write_conf.yml src: "../../cisco-asr1k-plugin/templates/cisco_device_manager_plugin.ini.j2" dest: "cisco_device_manager_plugin.ini" - name: cisco-config-agent | configure | Notify all neutron components to restart if cisco_device_manager_plugin.ini changed command: /bin/true register: ardana_notify_cisco_asr1k_restart_required when: write_conf_result.changed == true 07070100000071000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-asr1k-plugin/templates07070100000072000081A40000000000000000000000015C082014000041D3000000000000000000000000000000000000008B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-asr1k-plugin/templates/cisco_device_manager_plugin.ini.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # # This file has the values that apply to neutron-server and networking-cisco # using the ASR1000 Device Manager Plugin (DMP). This template needs values from # the aci configuration-data file in the input model at path # ~/openstack/my_cloud/definition/data/apicaci/aci_config.yml # # product: # version: 2 # # configuration-data # - name: CISCOACI-CONFIG-CP1 # services: # - aci # data: # lsp: # ... # # dmp: # management_network: 'osn_mgmt_nw' # default_security_group: 'mgmt_sec_grp' # cfg_agent_monitoring_interval: 20 # cfg_agent_down_time: 30 # templates_path: path_to_template_hosting_devices # domain_name_server_1: <required DNS server IP> # domain_name_server_2: <optional DNS server IP #2> # # hosting_device_credentials: # - uuid: 1 # name: 'hosting-device-1-name' # description" 'Hosting device 1 description' # user_name: 'hosting-device-1-user' # password: 'encrypted hosting-device-1-user-password' # type: <optional> # # - uuid: 2 # name: 'hosting-device-2-name' # description" 'Hosting device 2 description' # user_name: 'hosting-device-2-user' # password: 'encrypted hosting-device-2-user-password' # ... # hosting_device_templates: # - uuid: 1 # name = 'hosting-device-templates-1' # enabled: True # protocol_port: 9999 # booting_time: ... # slot_capacity: ... # desired_slots_free: ... # tenant_bound: ... # device_driver: ... # plugging_driver: ... # - uuid: 2 # name = 'hosting-device-templates-2' # # hosting_devices: # - uuid: 1 # name: 'hosting_device-name' # description: 'Hosting Device 1 Description' # template_id: 1 # credentials_id: 1 # device_id = 1234 # admin_state_up: True # management_ip_address: 1.2.3.4 # protocol_port: ... # tenant_bound: ... # auto_delete: False # # ... [general] # Name of the L3 admin tenant l3_admin_tenant = {{ neutron_admin_user }} # Name of management network for hosting device configuration management_network = {{ config_data | item('ACI.dmp.management_network', default='osn_mgmt_nw') }} # Default security group applied on management port default_security_group = {{ config_data | item('ACI.dmp.default_security_group', default='mgmt_sec_grp') }} # Maximal time (in seconds) between checks of config agent status cfg_agent_monitoring_interval = {{ config_data | item('ACI.dmp.cfg_agent_monitoring_interval', default='20') }} # Seconds of no status update until a cfg agent is considered down cfg_agent_down_time = {{ config_data | item('ACI.dmp.cfg_agent_down_time', default='30') }} # Driver to use for scheduling hosting device to a Cisco configuration agent configuration_agent_scheduler_driver = networking_cisco.plugins.cisco.device_manager.scheduler.hosting_device_cfg_agent_scheduler.HostingDeviceCfgAgentScheduler # Path to templates for hosting devices {%- set templates_path = {{ config_data | item('ACI.dmp.templates_path') -%} {%- if templates_path|length > 0 -%} templates_path = {{ templates_path }} {%- endif -%} # Path to config drive files for service VM instances # service_vm_config_path = /opt/stack/data/neutron/cisco/config_drive {%- set service_vm_config_path = {{ config_data | item('ACI.dmp.service_vm_config_path') -%} {%- if service_vm_config_path|length > 0 -%} service_vm_config_path = {{ service_vm_config_path }} {%- endif -%} # Ensure that Nova is running before attempting to create any router VM ensure_nova_running = True # IP address of primary domain name server for hosting devices domain_name_server_1 = {{ config_data | item('ACI.dmp.domain_server_1') }} # IP address of secondary domain name server for hosting devices # domain_name_server_2 = 8.8.4.4 {%- set dns2 = {{ config_data | item('ACI.dmp.domain_name_server_2') -%} {%- if dns2|length > 0 -%} domain_name_server_2 = {{ dns2 }} {%- endif -%} [hosting_device_credentials] # Cisco hosting device credentials specifications. # Credentials for hosting devices must be defined here. # NOTE! All fields must be included (even if left empty). # Hosting device credential format. # [cisco_hosting_device_credential:<UUID of hosting device credential>] (1) # name=<name of credential> (2) # description=<description of credential> (3) # user_name=<username string> # password=<password string> # type=<type of credential> (4) # (1) The UUID can be specified as an integer. # (2),(3),(4): currently ignored. Can be left empty. # Example: # [cisco_hosting_device_credential:1] # name="Universal credential" # description="Credential used for all hosting devices" # user_name=device_administrator # password=fE#m%%92 # type= {%- set hosting_creds = config_data | item(ACI.dmp.hosting_device_credentials', default=[]) -%} {%- for hosting_cred in hosting_creds) -%} [hosting_device_credentials:{{ hosting_cred.uuid }}] name = {{ hosting_cred.name }} description = {{ hosting_cred.description }} user_name = {{ hosting_cred.username }} password = {{ hosting_cred.password }} type = {{ hosting_cred.type }} {%- endfor -%} [hosting_devices_templates] # Cisco hosting device template definitions. # In addition to defining templates using the neutron client, # templates can be defined here to be immediately available # when Neutron is started. # NOTE! All fields must be included (even if left empty). # Hosting device template format. # [cisco_hosting_device_template:<UUID of hosting device template>] (1) # name=<name given to hosting devices created using this template> # enabled=<template enabled if True> # host_category=<can be 'VM', 'Hardware', or 'Network_Node'> (2) # service_types=<list of service types this template supports> (3) # image=<the image name or UUID in Glance> (4) # flavor=<the VM flavor or UUID in Nova> (5) # default_credentials_id=<UUID of default credentials> (6) # configuration_mechanism=<indicates how configurations are made> (7) # protocol_port=<udp/tcp port of hosting device> # booting_time=<Typical booting time (in seconds)> # slot_capacity=<abstract metric specifying capacity to host logical resources> # desired_slots_free=<desired number of slots to keep available at all times> # tenant_bound=<list of tenant UUIDs to which template is available> (8) # device_driver=<module to be used as hosting device driver> # plugging_driver=<module to be used as plugging driver > # (1) The UUID can be specified as an integer. # (2) Specify 'VM' for virtual machine appliances, 'Hardware' for hardware # appliances, and 'Network_Node' for traditional Neutron network nodes. # (3) Write as string of ':' separated service type names. Can be left empty # for now. # (4) Leave empty for hardware appliances and network nodes. # (5) Leave empty for hardware appliances and network nodes. # (6) UUID of credential. Can be specified as an integer. # (7) Currently ignored. Can be left empty for now. # (8) A (possibly empty) string of ':'-separated tenant UUIDs representing the # only tenants allowed to own/place resources on hosting devices created # using this template. If string is empty all tenants are allowed. # Example: # [cisco_hosting_device_template:1] # name=NetworkNode # enabled=True # host_category=Network_Node # service_types=router:FW:VPN # image= # flavor= # default_credentials_id=1 # configuration_mechanism= # protocol_port=22 # booting_time=360 # slot_capacity=2000 # desired_slots_free=0 # tenant_bound= # device_driver=networking_cisco.plugins.cisco.device_manager.hosting_device_drivers.noop_hd_driver.NoopHostingDeviceDriver # plugging_driver=networking_cisco.plugins.cisco.device_manager.plugging_drivers.noop_plugging_driver.NoopPluggingDriver # [cisco_hosting_device_template:2] # name="ASR1kv template" # enabled=True # host_category=Hardware # service_types=router:FW:VPN # image= # flavor= # default_credentials_id=1 # configuration_mechanism= # protocol_port=22 # booting_time=360 # slot_capacity=2000 # desired_slots_free=0 # tenant_bound= # device_driver=networking_cisco.plugins.cisco.device_manager.hosting_device_drivers.noop_hd_driver.NoopHostingDeviceDriver # plugging_driver=networking_cisco.plugins.cisco.device_manager.plugging_drivers.hw_vlan_trunking_driver.HwVLANTrunkingPlugDriver {%- set devices_templates = config_data | item('ACI.dmp.hosting_devices_templates', default=[]) -%} {%- for device_template in devices_templates -%} name = {{ device_template.name }} enabled = {{ device_template.enabled | default('True') }} host_category = 'Network_Node' {%- if device_template.protocol_port is defined -%} protocol_port = {{ device_template.protocol_port }} {%- endif -%} {%- if device_template.booting_time is defined -%} booting_time = {{ device_template.booting_time }} {%- endif -%} {%- if device_template.slot_capacity is defined -%} slot_capacity = {{ device_template.slot_capacity }} {%- endif -%} {%- if device_template.desired_slots_free is defined -%} desired_slots_free = {{ device_template.desired_slots_free }} {%- endif -%} {%- if device_template.tenant_bound is defined -%} tenant_bound = {{ device_template.tenant_bound }} {%- endif -%} {%- if device_template.device_driver is defined -%} device_driver = {{ device_template.device_driver }} {%- endif -%} {%- if device_template.plugging_driver is defined -%} plugging_driver = {{ device_template.plugging_driver }} {%- endif -%} {%- endfor -%} [hosting_devices] # Cisco hosting device specifications. # In addition to specifying hosting devices using the neutron client, # devices can be specified here to be immediately available when Neutron is # started. # NOTE! All fields must be included (even if left empty). # Hosting device format. # [cisco_hosting_device:<UUID of hosting device>] (1) # template_id=<UUID of hosting device template for this hosting device> # credentials_id=<UUID of credentials for this hosting device> # name=<name of device, e.g., its name in DNS> # description=<arbitrary description of the device> # device_id=<manufacturer id of the device, e.g., its serial number> # admin_state_up=<True if device is active, False otherwise> # management_ip_address=<IP address of device's management network interface> # protocol_port=<udp/tcp port of hosting device's management process> # tenant_bound=<Tenant UUID or empty string> (2) # auto_delete=<True or False> (3) # (1) The UUID can be specified as an integer. # (2) UUID of the only tenant allowed to own/place resources on this hosting # device. If empty any tenant can place resources on it. # (3) If True, a VM-based hosting device is subject to deletion as part of # hosting device pool management and in case of VM failures. If set to # False, the hosting device must be manually unregistered in the device # manager and any corresponding VM must be deleted in Nova. # Example: # [cisco_hosting_device:2] # template_id=1 # credentials_id=1 # name=dragon # description=Main ASR1k serving region 1 # device_id=SN:abcd1234efgh # admin_state_up=True # management_ip_address=10.0.100.5 # protocol_port=22 # tenant_bound= # auto_delete=False [hosting_devices] # Cisco hosting device specifications. # In addition to specifying hosting devices using the neutron client, # devices can be specified here to be immediately available when Neutron is # started. # NOTE! All fields must be included (even if left empty). # Hosting device format. # [cisco_hosting_device:<UUID of hosting device>] (1) # template_id=<UUID of hosting device template for this hosting device> # credentials_id=<UUID of credentials for this hosting device> # name=<name of device, e.g., its name in DNS> # description=<arbitrary description of the device> # device_id=<manufacturer id of the device, e.g., its serial number> # admin_state_up=<True if device is active, False otherwise> # management_ip_address=<IP address of device's management network interface> # protocol_port=<udp/tcp port of hosting device's management process> # tenant_bound=<Tenant UUID or empty string> (2) # auto_delete=<True or False> (3) # (1) The UUID can be specified as an integer. # (2) UUID of the only tenant allowed to own/place resources on this hosting # device. If empty any tenant can place resources on it. # (3) If True, a VM-based hosting device is subject to deletion as part of # hosting device pool management and in case of VM failures. If set to # False, the hosting device must be manually unregistered in the device # manager and any corresponding VM must be deleted in Nova. # Example: # [cisco_hosting_device:2] # template_id=1 # credentials_id=1 # name=dragon # description=Main ASR1k serving region 1 # device_id=SN:abcd1234efgh # admin_state_up=True # management_ip_address=10.0.100.5 # protocol_port=22 # tenant_bound= # auto_delete=False {%- set hosting_devices = config_data | item('ACI.dmp.hosting_devices', default=[]) -%} {%- for hosting_device in hosting_devices -%} [cisco_hosting_device:{{ hosting_device.uuid }}] name = {{ hosting_device.name }} description = {{ hosting_device.description }} template_id = {{ hosting_device.template_id }} credentials_id = {{ hosting_device.credentials_id }} device_id = {{ hosting_device.device_id }} admin_state_up = {{ hosting_device.admin_state_up | default('True') }} management_ip_address = {{ hosting_device.management_ip_address }} protocol_port = {{ hosting_device.protocol_port }} tenant_bound = {{ hosting_device.tenant_bound | default('') }} {%- if hosting_device.auto_delete is defined -%} auto_delete = {{ hosting_device.auto_delete }} {%- endif -%} {%- endfor -%} [plugging_drivers] # Cisco plugging driver configurations. # Plugging driver specific settings are made here. # For the hw_vlan_trunking_driver.HwVLANTrunkingPlugDriver plugging driver # it is expected that for each hosting device the network interfaces to be used # to reach different Neutron networks are specified. # Specifically the format for this plugging driver is as follows # [HwVLANTrunkingPlugDriver:<UUID of hosting device>] (1) # internal_net_interface_<int number>=<network_uuid_spec>:<interface_name> (2) # external_net_interface_<int number>=<network_uuid_spec>:<interface_name> (3) # [zero or more additional internal or external specifications] ... # (1) The UUID can be specified as an integer. # (2),(3) <network_uuid_spec> can be '*' or a UUID, or a comma separated list # of UUIDs. # Example: # [HwVLANTrunkingPlugDriver:3] # internal_net_interface_1=*:GigabitEthernet1 # external_net_interface_1=*:GigabitEthernet2 # [HwVLANTrunkingPlugDriver:4] # internal_net_interface_1=*:GigabitEthernet1 # external_net_interface_1=d7b2eac2-1ade-444e-edc5-81fd4267f53a:GigabitEthernet2 # external_net_interface_2=a36b533a-fae6-b78c-fe11-34aa82b12e3a,45c624b-ebf5-c67b-df22-43bb73c21f4e:GigabitEthernet3 {%- set plugging_drivers = config_data | item('ACI.dmp.plugging_drivers', default=[]) -%} {%- for plugging_driver in plugging_drivers -%} [HWVLANTrunkingPlugDriver:{{ plugging_driver.uuid }}] {%- if plugging_driver.internal_net_interfaces is defined -%} {%- for int_intf in plugging_driver.internal_net_interfaces -%} {{ int_intf.name }} = {{ int_intf.value }} {%- endfor -%} {%- endif -%} {%- if plugging_driver.external_net_interfaces is defined -%} {%- for ext_intf in plugging_driver.external_net_interfaces -%} {{ ext_intf.name }} = {{ ext_intf.value }} {%- endfor -%} {%- endif -%} {%- endfor -%} 07070100000073000081A40000000000000000000000015C08201400001F95000000000000000000000000000000000000008300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-asr1k-plugin/templates/cisco_router_plugin.ini.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # # This file has the values that apply to neutron-server and networking-cisco # using the ASR1000 L3-service-plugin (LSP). This template needs values from # the aci configuration-data file in the input model at path # ~/openstack/my_cloud/definition/data/apicaci/aci_config.yml # # product: # version: 2 # # configuration-data # - name: CISCOACI-CONFIG-CP1 # services: # - aci # data: # lsp: # namespace_router_type_name: NetworkingNamespace # backlog_processing_interface: 10 # router_type_aware_schedule_driver: ... # auto_schedule: True # share_hosting_device: True # ha_support_enabled: True # default_ha_redundancy_level: 1 # default_ha_mechanism: HSRP # connectivity_probing_enabled_by_default: False # default_probe_target: '' # default_ping_interval: 5 # # router_types: # - uuid: 1 # name: Namespace_Neutron_Router # description: 'Neutron router implemented in Linux network namespace' # template_id: 1 # shared: True # slot_needed: 2 # scheduler: <optional> # driver: <optional> # cfg_agent_service_helper: <optional> # cfg_agent_driver: <optional> is defined -%} # # - uuid: 2 # name: Hardware_Neutron_Router # description: 'Neutron Router implemented in Cisco ASR1K device" # template_id: 2 # shared: True # # ... # # dmp: # ... [routing] # Name of default router type to create. Must be a unique name. default_router_type = ASR1k_router # Name of router type for Linux network namespace-based routers {%- set nspace_rtr_name = config_data | item('ACI.lsp.namespace_router_type_name', default='') -%} {%- if nspace_rtr_name|length > 0 -%} namespace_router_type_name = {{ nspace_rtr_name }} {%- endif -%} # Time in seconds between renewed scheduling attempts of non-scheduled routers backlog_processing_interval = {{ config_data | item('ACI.lsp.backlog_processing_interval', default='10') }} # Driver to use for routertype-aware scheduling of router to a default L3 agent {%- set sched_driver = config_data | item('ACI.lsp.router_type_aware_schedule_driver', default='') -%} {%- if sched_driver|length > 0 -%} router_type_aware_schedule_driver = {{ sched_driver }} {%- endif -%} # Set 'auto_schedule' to True if routers are to be automatically scheduled by default auto_schedule = {{ config_data | item('ACI.lsp.auto_schedule', default='True') }} # Set 'share_hosting_device' to True if routers can share hosts with routers owned by other tenants by default share_hosting_device = {{ config_data | item('ACI.lsp.share_hosting_device', default='True') }} [router_types] # Cisco router type definitions. # In addition to defining router types using the neutron client, # router types can be defined here to be immediately available # when Neutron is started. # NOTE! All fields must be included (even if left empty). # Cisco router type format. # [cisco_router_type:<UUID of router type>] # name=<router type name, should preferably be unique> # description=<description of router type> # template_id=<template to use to create hosting devices for this router type> # ha_enabled_by_default=<True if HA should be enabled by default> # shared=<True if if routertype is available to all tenants, False otherwise> # slot_need=<Number of slots this router type consume in hosting device> # scheduler=<module to be used as scheduler for router of this type> (1) # driver=<module to be used by router plugin as router type driver> (2) # cfg_agent_service_helper=<module to be used by configuration agent # as service helper driver (3) # cfg_agent_driver=<module to be used by configuration agent for # device configurations> (4) # (1) --(4): Leave empty for routers implemented in network nodes # Example: # [cisco_router_type:1] # name=Namespace_Neutron_router # description="Neutron router implemented in Linux network namespace" # template_id=1 # shared=True # slot_need=0 # scheduler= # driver= # cfg_agent_service_helper= # cfg_agent_driver= # [cisco_router_type:2] # name=Hardware_Neutron_router # description="Neutron router implemented in Cisco ASR1k device" # template_id=2 # ha_enabled_by_default=True # shared=True # slot_need=1 # scheduler=networking_cisco.plugins.cisco.l3.schedulers.l3_router_hosting_device_scheduler.L3RouterHostingDeviceHARandomScheduler # driver=networking_cisco.plugins.cisco.l3.drivers.asr1k.asr1k_routertype_driver.ASR1kL3RouterDriver # cfg_agent_service_helper=networking_cisco.plugins.cisco.cfg_agent.service_helpers.routing_svc_helper.RoutingServiceHelper # cfg_agent_driver=networking_cisco.plugins.cisco.cfg_agent.device_drivers.asr1k.asr1k_routing_driver.ASR1kRoutingDriver {%- set router_types = config_data | item('ACI.lsp.router_types', default=[]) -%} {%- for router_type in router_types -%} [cisco_router_type:{{ router_type.uuid }}] name = {{ router_type.name }} description = {{ router_type.description }} template_id = {{ router_type.template_id }} shared = {{ router_type.shared }} slot_needed = {{ router_type.slot_needed }} {%- if router_type.scheduler is defined -%} scheduler = {{ router_type.scheduler }} {%- endif -%} {%- if router_type.driver is defined -%} driver = {{ router_type.driver }} {%- endif -%} {%- if router_type.cfg_agent_service_helper is defined -%} cfg_agent_service_helper = {{ router_type.cfg_agent_service_helper }} {%- endif -%} {%- if router_type.cfg_agent_driver is defined -%} cfg_agent_driver = {{ router_type.cfg_agent_driver }} {%- endif -%} {%- endfor -%} [ha] # Enables high-availability support for routing service ha_support_enabled = {{ config_data | item('ACI.lsp.ha_support_enabled', default='True') }} # Default number of routers added for redundancy when high-availability # by VRRP, HSRP, or GLBP is used (maximum is 4) default_ha_redundancy_level = {{ config_data | item('ACI.lsp.default_ha_redundancy_level', default='1') }} # Default mechanism used to implement high-availability. Can be one of HSRP, # VRRP, or GLBP default_ha_mechanism = {{ config_data | item('ACI.lsp.default_ha_mechanism', default='HSRP') }} # List of administratively disabled high-availability mechanisms (one or # several of VRRP, HSRP, GBLP) {%- set disabled_ha_mechanisms = config_data | item('ACI.lsp.disabled_ha_mechanisms', default='') -%} {%- if disabled_ha_mechanisms|length > 0 -%} disabled_ha_mechanisms = {{ disabled_ha_mechanisms }} {%- endif -%} # Enables connectivity probing for high-availability even if (admin) user does # not explicitly request it connectivity_probing_enabled_by_default = {{ config_data | item('ACI.lsp.connectivity_probing_enabled_by_default', default='False') }} # Host that will be probe target for high-availability connectivity probing # if (admin) user does not specify it {%- set default_probe_target = config_data | item('ACI.lsp.default_probe_target', default='') -%} {%- if default_probe_target|length > 0 -%} default_probe_target = {{ default_probe_target }} {%- endif -%} # Time (in seconds) between probes for high-availability connectivity probing # if user does not specify it default_ping_interval = config_data | item('ACI.lsp.default_ping_interval', default='5') -%} 07070100000074000081A40000000000000000000000015C0820140000321B000000000000000000000000000000000000007B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-asr1k-plugin/templates/new_policy.json.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} { "context_is_admin": "role:admin", "owner": "tenant_id:%(tenant_id)s", "admin_or_owner": "rule:context_is_admin or rule:owner", "context_is_advsvc": "role:advsvc", "admin_or_network_owner": "rule:context_is_admin or tenant_id:%(network:tenant_id)s", "admin_owner_or_network_owner": "rule:admin_or_network_owner or rule:owner", "admin_only": "rule:context_is_admin", "regular_user": "", "shared": "field:networks:shared=True", "shared_firewalls": "field:firewalls:shared=True", "shared_routertypes": "field:routertypes:shared=True", "shared_firewall_policies": "field:firewall_policies:shared=True", "shared_subnetpools": "field:subnetpools:shared=True", "shared_address_scopes": "field:address_scopes:shared=True", "external": "field:networks:router:external=True", "default": "rule:admin_or_owner", "create_subnet": "rule:admin_or_network_owner", "get_subnet": "rule:admin_or_owner or rule:shared", "update_subnet": "rule:admin_or_network_owner", "delete_subnet": "rule:admin_or_network_owner", "create_subnetpool": "", "create_subnetpool:shared": "rule:admin_only", "get_subnetpool": "rule:admin_or_owner or rule:shared_subnetpools", "update_subnetpool": "rule:admin_or_owner", "delete_subnetpool": "rule:admin_or_owner", "create_address_scope": "", "create_address_scope:shared": "rule:admin_only", "get_address_scope": "rule:admin_or_owner or rule:shared_address_scopes", "update_address_scope": "rule:admin_or_owner", "update_address_scope:shared": "rule:admin_only", "delete_address_scope": "rule:admin_or_owner", "create_network": "", "get_network": "rule:admin_or_owner or rule:shared or rule:external or rule:context_is_advsvc", "get_network:router:external": "rule:regular_user", "get_network:segments": "rule:admin_only", "get_network:provider:network_type": "rule:admin_only", "get_network:provider:physical_network": "rule:admin_only", "get_network:provider:segmentation_id": "rule:admin_only", "get_network:queue_id": "rule:admin_only", "create_network:shared": "rule:admin_only", "create_network:router:external": "rule:admin_only", "create_network:segments": "rule:admin_only", "create_network:provider:network_type": "rule:admin_only", "create_network:provider:physical_network": "rule:admin_only", "create_network:provider:segmentation_id": "rule:admin_only", "update_network": "rule:admin_or_owner", "update_network:segments": "rule:admin_only", "update_network:shared": "rule:admin_only", "update_network:provider:network_type": "rule:admin_only", "update_network:provider:physical_network": "rule:admin_only", "update_network:provider:segmentation_id": "rule:admin_only", "update_network:router:external": "rule:admin_only", "delete_network": "rule:admin_or_owner", "network_device": "field:port:device_owner=~^network:", "create_port": "", "create_port:device_owner": "not rule:network_device or rule:admin_or_network_owner or rule:context_is_advsvc", "create_port:mac_address": "rule:admin_or_network_owner or rule:context_is_advsvc", "create_port:fixed_ips:ip_address": "rule:context_is_advsvc or rule:admin_or_network_owner", "create_port:fixed_ips:subnet_id": "rule:context_is_advsvc or rule:admin_or_network_owner or rule:shared", "create_port:port_security_enabled": "rule:admin_or_network_owner or rule:context_is_advsvc", "create_port:binding:host_id": "rule:admin_only", "create_port:binding:profile": "rule:admin_only", "create_port:mac_learning_enabled": "rule:admin_or_network_owner or rule:context_is_advsvc", "create_port:allowed_address_pairs": "rule:admin_or_network_owner", "get_port": "rule:admin_owner_or_network_owner or rule:context_is_advsvc", "get_port:queue_id": "rule:admin_only", "get_port:binding:vif_type": "rule:admin_only", "get_port:binding:vif_details": "rule:admin_only", "get_port:binding:host_id": "rule:admin_only", "get_port:binding:profile": "rule:admin_only", "update_port": "rule:admin_or_owner or rule:context_is_advsvc", "update_port:device_owner": "not rule:network_device or rule:admin_or_network_owner or rule:context_is_advsvc", "update_port:mac_address": "rule:admin_only or rule:context_is_advsvc", "update_port:fixed_ips": "rule:admin_or_network_owner or rule:context_is_advsvc", "update_port:port_security_enabled": "rule:admin_or_network_owner or rule:context_is_advsvc", "update_port:binding:host_id": "rule:admin_only", "update_port:binding:profile": "rule:admin_only", "update_port:mac_learning_enabled": "rule:admin_or_network_owner or rule:context_is_advsvc", "update_port:allowed_address_pairs": "rule:admin_or_network_owner", "delete_port": "rule:admin_owner_or_network_owner or rule:context_is_advsvc", "get_router:ha": "rule:admin_only", "get_router:cisco_ha:enabled": "rule:admin_or_owner", "get_router:cisco_ha:details": "rule:admin_only", "get_router:routerhost:hosting_device": "rule:admin_only", "get_router:routerrole:role": "rule:admin_only", "get_router:routertype-aware-scheduler:auto_schedule": "rule:admin_only", "get_router:routertype-aware-scheduler:share_hosting_device": "rule:admin_only", "create_router": "rule:regular_user", "create_router:external_gateway_info:enable_snat": "rule:admin_only", "create_router:distributed": "rule:admin_only", "create_router:ha": "rule:admin_only", "create_router:cisco_ha:enabled": "rule:admin_or_owner", "create_router:cisco_ha:details": "rule:admin_only", "create_router:routertype-aware-scheduler:auto_schedule": "rule:admin_only", "create_router:routertype-aware-scheduler:share_hosting_device": "rule:admin_only", "get_router": "rule:admin_or_owner", "get_router:distributed": "rule:admin_only", "update_router:external_gateway_info:enable_snat": "rule:admin_only", "update_router:distributed": "rule:admin_only", "update_router:ha": "rule:admin_only", "update_router:cisco_ha:enabled": "rule:admin_or_owner", "update_router:cisco_ha:details": "rule:admin_only", "update_router:routertype-aware-scheduler:auto_schedule": "rule:admin_only", "update_router:routertype-aware-scheduler:share_hosting_device": "rule:admin_only", "delete_router": "rule:admin_or_owner", "add_router_interface": "rule:admin_or_owner", "remove_router_interface": "rule:admin_or_owner", "create_router:external_gateway_info:external_fixed_ips": "rule:admin_only", "update_router:external_gateway_info:external_fixed_ips": "rule:admin_only", "create_firewall": "", "get_firewall": "rule:admin_or_owner", "create_firewall:shared": "rule:admin_only", "get_firewall:shared": "rule:admin_only", "update_firewall": "rule:admin_or_owner", "update_firewall:shared": "rule:admin_only", "delete_firewall": "rule:admin_or_owner", "create_firewall_policy": "", "get_firewall_policy": "rule:admin_or_owner or rule:shared_firewall_policies", "create_firewall_policy:shared": "rule:admin_or_owner", "update_firewall_policy": "rule:admin_or_owner", "delete_firewall_policy": "rule:admin_or_owner", "insert_rule": "rule:admin_or_owner", "remove_rule": "rule:admin_or_owner", "create_firewall_rule": "", "get_firewall_rule": "rule:admin_or_owner or rule:shared_firewalls", "update_firewall_rule": "rule:admin_or_owner", "delete_firewall_rule": "rule:admin_or_owner", "create_qos_queue": "rule:admin_only", "get_qos_queue": "rule:admin_only", "update_agent": "rule:admin_only", "delete_agent": "rule:admin_only", "get_agent": "rule:admin_only", "create_dhcp-network": "rule:admin_only", "delete_dhcp-network": "rule:admin_only", "get_dhcp-networks": "rule:admin_only", "create_l3-router": "rule:admin_only", "delete_l3-router": "rule:admin_only", "get_l3-routers": "rule:admin_only", "get_dhcp-agents": "rule:admin_only", "get_l3-agents": "rule:admin_only", "get_loadbalancer-agent": "rule:admin_only", "get_loadbalancer-pools": "rule:admin_only", "get_agent-loadbalancers": "rule:admin_only", "get_loadbalancer-hosting-agent": "rule:admin_only", "create_floatingip": "rule:regular_user", "create_floatingip:floating_ip_address": "rule:admin_only", "update_floatingip": "rule:admin_or_owner", "delete_floatingip": "rule:admin_or_owner", "get_floatingip": "rule:admin_or_owner", "create_network_profile": "rule:admin_only", "update_network_profile": "rule:admin_only", "delete_network_profile": "rule:admin_only", "get_network_profiles": "", "get_network_profile": "", "update_policy_profiles": "rule:admin_only", "get_policy_profiles": "", "get_policy_profile": "", "create_metering_label": "rule:admin_only", "delete_metering_label": "rule:admin_only", "get_metering_label": "rule:admin_only", "create_metering_label_rule": "rule:admin_only", "delete_metering_label_rule": "rule:admin_only", "get_metering_label_rule": "rule:admin_only", "get_service_provider": "rule:regular_user", "get_lsn": "rule:admin_only", "create_lsn": "rule:admin_only", "create_flavor": "rule:admin_only", "update_flavor": "rule:admin_only", "delete_flavor": "rule:admin_only", "get_flavors": "rule:regular_user", "get_flavor": "rule:regular_user", "create_service_profile": "rule:admin_only", "update_service_profile": "rule:admin_only", "delete_service_profile": "rule:admin_only", "get_service_profiles": "rule:admin_only", "get_service_profile": "rule:admin_only", "get_policy": "rule:regular_user", "create_policy": "rule:admin_only", "update_policy": "rule:admin_only", "delete_policy": "rule:admin_only", "get_policy_bandwidth_limit_rule": "rule:regular_user", "create_policy_bandwidth_limit_rule": "rule:admin_only", "delete_policy_bandwidth_limit_rule": "rule:admin_only", "update_policy_bandwidth_limit_rule": "rule:admin_only", "get_rule_type": "rule:regular_user", "restrict_wildcard": "(not field:rbac_policy:target_tenant=*) or rule:admin_only", "create_rbac_policy": "", "create_rbac_policy:target_tenant": "rule:restrict_wildcard", "update_rbac_policy": "rule:admin_or_owner", "update_rbac_policy:target_tenant": "rule:restrict_wildcard and rule:admin_or_owner", "get_rbac_policy": "rule:admin_or_owner", "delete_rbac_policy": "rule:admin_or_owner", "create_hosting_device": "rule:admin_only", "get_hosting_device": "rule:admin_only", "get_hosting_devices": "rule:admin_only", "update_hosting_device": "rule:admin_only", "delete_hosting_device": "rule:admin_only", "get_hosting_device_config": "rule:admin_or_owner", "create_hosting_device_template": "rule:admin_only", "get_hosting_device_template": "rule:admin_only", "get_hosting_device_templates": "rule:admin_only", "update_hosting_device_template": "rule:admin_only", "delete_hosting_device_template": "rule:admin_only", "create_routertype": "rule:admin_only", "get_routertype": "rule:admin_or_owner or rule:shared_routertypes", "get_routertype:template_id": "rule:admin_only", "get_routertype:shared": "rule:admin_only", "get_routertype:slot_need": "rule:admin_only", "get_routertype:scheduler": "rule:admin_only", "get_routertype:driver": "rule:admin_only", "get_routertype:cfg_agent_service_helper": "rule:admin_only", "get_routertype:cfg_agent_driver": "rule:admin_only", "update_routertype": "rule:admin_only", "delete_routertype": "rule:admin_only", "create_hosting-device-l3-router": "rule:admin_only", "delete_hosting-device-l3-router": "rule:admin_only", "get_hosting-device-l3-routers": "rule:admin_only", "get_l3-router-hosting-devices": "rule:admin_only", "create_cfg-agent-hosting-device": "rule:admin_only", "delete_cfg-agent-hosting-device": "rule:admin_only", "get_cfg-agent-hosting-devices": "rule:admin_only", "get_hosting-device-cfg-agents": "rule:admin_only" } 07070100000075000041ED0000000000000000000000055C08201400000000000000000000000000000000000000000000005E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent07070100000076000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006700000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent/defaults07070100000077000081A40000000000000000000000015C08201400000699000000000000000000000000000000000000007000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent/defaults/main.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- neutron-component: 'neutron-cisco-cfg-agent' cfga_routing_svc_helper_class: 'networking_cisco.plugins.cisco.cfg_agent.service_helpers.routing_svc_helper.RoutingServiceHelper' cfga_rpc_loop_interval: {{ config_data | item('ACI.cfg_agent.rpc_loop_interval', default=10) }} cfga_enable_heartbeat: {{ config_data | item('ACI.cfg_agent.enable_heartbeat', default=True) }} cfga_heartbeat_interval: {{ config_data | item('ACI.cfg_agent.heartbeat_interval', default=5) }} cfga_max_device_sync_attempts: {{ config_data | item('ACI.cfg_agent.max_device_sync_attempts', default=6) }} cfga_max_device_sync_batch_size: {{ config_data | item('ACI.cfg_agent.max_device_sync_batch_size', default=64) }} cfga_device_connection_timeout: {{ config_data | item('ACI.cfg_agent.device_connection_timeout', default=30) }} cfga_hosting_device_dead_timeout: {{ config_data | item('ACI.cfg_agent.hosting_device_dead_timeout', default=300) }} cfga_keepalive_interval: {{ config_data | item('ACI.cfg_agent.keepalive_interval', default=10) }} cfga_report_iteration: {{ config_data | item('ACI.cfg_agent.report_iteration', default=6) }} 07070100000078000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent/tasks07070100000079000081A40000000000000000000000015C082014000005B3000000000000000000000000000000000000007200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent/tasks/configure.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: ../../neutron-common/tasks/_write_conf.yml src: "../../cisco-config-agent/templates/cisco_cfg_agent.ini.j2" dest: "cisco_cfg_agent.ini" - name: cisco-config-agent | configure | Notify all neutron components to restart if cisco_cfg_agent.ini changed command: /bin/true register: ardana_notify_cisco_cfg_agt_restart_required when: write_conf_result.changed == true - name: cisco-config-agent | configure | Define neutron-cisco-cfg-agent systemd service become: yes template: src: "{{ neutron_component }}.service.j2" dest: "{{ systemd_service_dir }}/{{ neutron_component }}.service" owner: "root" group: "root" mode: "0644" register: service_file_result - name: cisco-config-agent | configure | add service to systemd become: yes command: /bin/systemctl daemon-reload when: service_file_result.changed==true 0707010000007A000081A40000000000000000000000015C08201400000534000000000000000000000000000000000000006E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent/tasks/start.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Start the neutron-cisco-cfg-agent. --- - name: cisco-config-agent | start | Restart the neutron-cisco-cfg-agent become: yes service: name: {{ neutron_component }} state: restarted when: ( ardana_notify_neutron_restart_required is defined and ardana_notify_neutron_restart_required.changed ) or ( ardana_notify_cisco_asr1k_restart_required is defined and ardana_notify_cisco_asr1k_restart_required.changed ) or ( ardana_notify_cisco_cfg_agt_restart_required is defined and ardana_notify_cisco_cfg_agt_restart_required.changed ) - name: cisco-config-agent | start | Start the neutron-cisco-cfg-agent become: yes service: name: {{ neutron_component }} state: started enabled: yes 0707010000007B000081A40000000000000000000000015C082014000002D9000000000000000000000000000000000000006D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent/tasks/stop.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-config-agent | stop | Stop the neutron-cisco-cfg-agent become: yes service: name: {{ neutron_component }} state: stopped 0707010000007C000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent/templates0707010000007D000081A40000000000000000000000015C08201400000D61000000000000000000000000000000000000007F00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent/templates/cisco_cfg_agent.ini.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # # This file has the values that apply to neutron-server and networking-cisco # using the ASR1000 Cisco Configuration Agent. This template needs values from # the aci configuration-data file in the input model at path # ~/openstack/my_cloud/definition/data/apicaci/aci_config.yml, under "cfg_agent". # Declare an option in the file when overriding its default value is necessary. # # This template is also available in ~ardana/openstack/my_cloud/config/apicaci/ # folder for customization. # # product: # version: 2 # # configuration-data # - name: CISCOACI-CONFIG-CP1 # services: # - aci # data: # lsp: # ... # dmp: # ... # cfg_agent: # rpc_loop_interval: 10 # enable_heartbeat: True # heartbeat_interval: 5 # max_device_sync_attempts: 6 # max_device_sync_batch_size: 64 # device_connection_timeout: 30 # hosting_device_dead_timeout: 300 # keepalive_interval: 10 # report_interval: 6 # [cfg_agent] # (IntOpt) Interval in seconds for processing of service updates. # That is when the config agent's process_services() loop executes # and it lets each service helper to process its service resources. rpc_loop_interval = {{ cfga_rpc_loop_interval }} # (BoolOpt) If enabled, the agent will maintain a heartbeat against # its hosting-devices. If a device dies and recovers, the agent will # then trigger a configuration resync. enable_heartbeat = {{ cfga_enable_heartbeat }} # (IntOpt) Interval in seconds when the config agent runs the # backlog / hosting-device heart beat task. heartbeat_interval = {{ cfga_heartbeat_interval }} # (IntOpt) Maximum number of attempts for a device sync. max_device_sync_attempts = {{ cfga_max_device_sync_attempts }} # (IntOpt) The largest number of routers to fetch in one RPC call. max_device_sync_batch_size = {{ cfga_max_device_sync_batch_size }} # (IntOpt) Timeout value in seconds for connecting to a hosting device. device_connection_timeout = {{ cfga_device_connection_timeout }} # (IntOpt) The time in seconds until a backlogged hosting device is # presumed dead or booted to an error state. hosting_device_dead_timeout = {{ cfga_hosting_device_dead_timeout }} # (IntOpt) Interval in seconds when the config agent sents a report to the # plugin. This is used to keep tab on the liveliness of the cfg agent. # This value should be more than 0, otherwise cfg agent will be considered # as dead. keepalive_interval = {{ cfga_keepalive_interval }} # (IntOpt)The iteration where the config agent sends a full status report to # the plugin. The default is every 6th iteration of the keep alive interval. # This means with default value of keepalive_interval (10sec), a full report # is sent once every 6*10 = 60 seconds. report_iteration = {{ cfga_report_iteration }} 0707010000007E000081A40000000000000000000000015C0820140000047C000000000000000000000000000000000000008B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-config-agent/templates/neutron-cisco-cfg-agent.service.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [Unit] Description=Neutron Cisco Configuration Agent After=syslog.target network.target Requires=network.target [Service] User=root PermissionsStartOnly=true ExecStart={{ neutron_bin_dir }}/{{ neutron-component }} --log-file={{ neutron_log_dir }}/{{ neutron-component }}.log --config-file={{ neutron_conf_dir }}/neutron.conf --config-file={{ neutron_conf_dir }}/cisco_cfg_agent.ini --config-file={{ neutron_conf_dir }}/cisco_router_plugin.ini --config-file={{ neutron_conf_dir }}/cisco_device_manager_plugin.ini Restart=always [Install] WantedBy=multi-user.target 0707010000007F000041ED0000000000000000000000035C08201400000000000000000000000000000000000000000000005B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-nexus-ml207070100000080000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-nexus-ml2/templates07070100000081000081A40000000000000000000000015C0820140000301A000000000000000000000000000000000000007600000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-nexus-ml2/templates/ml2_nexus.ini.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # # This file has the values that apply to neutron-server and networking-cisco # using the cisco_nexus ml2 mechanism driver. This template needs values from # the aci configuration-data file in the input model at path ~/openstack/my_cloud/definition/data/apicaci/aci_config.yml # # product: # version: 2 # # configuration-data # - name: CISCOACI-CONFIG-CP1 # services: # - aci # data: # nexus_managed_physical_network: '...' # nexus_provider_vlan_auto_create: true # nexus_provider_vlan_auto_trunk: true # nexus_switch_heartbeat_time: 30 # nexus_vxlan_global_config: false # nexus_switches: # - ip: 1.2.3.4 # username: 'admin' # password: 'password' # https_verity: true # https_local_ceritificate: /path/to/certificate # intcfg_portchannel: ... # nve_src_intf: ... # physnet: ... # vpc_pool: ... # host_ports_mapping: ... # - ip: 2.3.4.5 # ... # [DEFAULT] # Override the option values in ml2_conf.ini [ml2] {%- set net_types = ['vlan'] -%} {%- if 'vxlan' in neutron_tenant_network_types -%} {%- set net_types.append('nexus_vxlan') -%} {%- endif -%} type_drivers = {{ net_types | join(',') }} tenant_network_types = {{ net_types | join(',') }} [ml2_cisco] # # From networking_cisco.nexus # # When "managed_physical_network" is configured, it restricts the network # segment that the nexus driver supports. Setting it to a specific network name # will limit the actions taken by this driver to only that network. The network # name must match a name defined in the "network_vlan_ranges" configuration. # When "managed_physical_network" is not set, events for all network segments # will be processed by the driver. (string value) #managed_physical_network = <None> # A flag indicating whether the Nexus driver should manage the creation and # removal of VLANs for provider networks on the Nexus switches. When this flag # is False, the Nexus driver will not create or remove VLANs for provider # networks and the administrator needs to manage these interfaces manually or # by external orchestration. (boolean value) #provider_vlan_auto_create = true # A flag indicating whether Nexus driver should manage the adding and removing # of provider VLANs from trunk ports on the Nexus switches. When this flag is # False, the Nexus driver will not add or remove provider VLANs from trunk # ports and the administrator needs to manage these operations manually or by # external orchestration. (boolean value) #provider_vlan_auto_trunk = true # Configuration replay is enabled by default by defining the time interval to # 30 seconds. This is the amount of time to check the state of all known Nexus # device(s). To disable the replay feature, set this "switch_heartbeat_time" to # 0 seconds. (integer value) #switch_heartbeat_time = 30 # A flag indicating whether the Nexus driver should manage the creating and # removing of the Nexus switch VXLAN global settings of "feature nv overlay", # "feature vn-segment-vlan-based", "interface nve 1" and the NVE subcommand # "source-interface loopback #". When set to the default of False, the Nexus # driver will not add or remove these VXLAN settings and the administrator # needs to manage these operations manually or by external orchestration. # (boolean value) #vxlan_global_config = false {%- set mgd_phys_net = config_data | item('NEU.nexus_managed_physical_network', default='') -%} {%- if mgd_phys_net|length > 0 -%} managed_physical_network = {{ mgd_phys_net }} {%- endif -%} provider_vlan_auto_create = {{ config_data | item('NEU.nexus_provider_vlan_auto_create', default='True') }} provider_vlan_auto_trunk = {{ config_data | item('NEU.nexus_provider_vlan_auto_trunk', default='True') }} switch_heartbeat_time = {{ config_data | item('NEU.nexus_switch_heartbeat_time', default='30') }} vxlan_global_config = {{ config_data | item('NEU.nexus_vxlan_global_config', default='False') }} # [ml2_mech_cisco_nexus:<ip_address>] # # From networking_cisco.nexus # # This configuration option defaults to True.When https_verify is True, the # certification authority (CA) file must be in the Operating Systems repository # or is a locally defined file whose name is provided in # https_local_certificate. Set https_verify to False to skip https # certification checking thus making the connection insecure. When True, the # Nexus device must be configured with both certificate and key files and # enabled. Refer to the "nxapi certificate" commands defined in the "Nexus 9K # NXAPI Programmability Guide" for details. (boolean value) #https_verify = true # Configure a local certificate file to present in https requests. This is for # experimental purposes when an official certificate from a Trust Certificate # Authority is not yet available. The default configuration is None. An example # configuration would look like https_local_certificate=/path/to/cafile.crt. # (string value) #https_local_certificate = <None> # intfcfg_portchannel is a list of Nexus port-channel config CLI used when # baremetal port-channels are created by the Nexus driver. It is dependent on # "vpc_pool" being configured. Any number of Nexus port-channel commands # separated by ";" can be provided. When there are multiple interfaces in a # baremetal event, the nexus driver checks to determine whether a port-channel # is already applied to the interfaces; otherwise, it creates a port channel. # This optional configuration allows the administrator to custom configure the # port-channel. When not configured, the nexus driver defaults to configuring # "spanning-tree port type edge trunk;no lacp suspend-individual" beneath the # port-channel. An example of this configuration is "intfcfg_portchannel=no # lacp suspend-individual;spanning-tree port type edge trunk". (string value) #intfcfg_portchannel = <None> # Only valid if VXLAN overlay is configured and vxlan_global_config is set to # True. The NVE source interface is a loopback interface that is configured on # the switch with valid /32 IP address. This /32 IP address must be known by # the transient devices in the transport network and the remote VTEPs. This is # accomplished by advertising it through a dynamic routing protocol in the # transport network. If nve_src_intf is not defined, a default setting of 0 is # used to create "loopback0". This is configured for non-baremetal only. # (string value) #nve_src_intf = <None> # The password of the Nexus Switch Administrator is required to allow # configuration access to the Nexus switch. (string value) #password = <None> # This is required if Nexus VXLAN overlay feature is configured. It should be # the physical network name defined in "network_vlan_ranges" (defined beneath # the "ml2_type_vlan" section) that this switch is controlling. The configured # "physnet" is the physical network domain that is connected to this switch. # The vlan ranges defined in "network_vlan_ranges" for a physical network are # allocated dynamically and are unique per physical network. These dynamic # vlans may be reused across physical networks. This configuration applies to # non-baremetal only. (string value) #physnet = <None> # A list of key:value pairs describing which host is connected to which # physical port or portchannel on the Nexus switch. The format should look # like: # host_ports_mapping=<your-hostname>:[<intf_type><port>,<intf_type><port>], # <your-second-host>:[<intf_type><port>] # For example: # host_ports_mapping=host-1:[ethernet1/1, ethernet1/2], # host-2:[ethernet1/3], # host-3:[port-channel20] # Lines can be broken with indentation to ensure config files remain readable. # All compute nodes must be configured while controllers are optional depending # on your network configuration. Depending on the configuration of the host, # the hostname is expected to be the full hostname (hostname.domainname) which # can be derived by running "hostname -f" on the host itself. Valid intf_types # are "ethernet" or "port-channel". The default setting for <intf_type> is # "ethernet" and need not be added to this setting. This configuration applies # to VM deployments only. (dict value) #host_ports_mapping = <None> # The username of the Nexus Switch Administrator is required to allow # configuration access to the Nexus switch. (string value) #username = <None> # This is port-channel/VPC allocation pool of ids used with baremetal # deployments only. When there is a list of ethernet interfaces provided by # Ironic to neutron in a port event, these are assumed to be a port-channel # type configuration. Ironic only knows about ethernet interfaces so it is up # to the Nexus Driver to either learn the port channel if the user # preconfigured the channel-group on the ethernet interfaces; otherwise, the # driver will create a new port-channel and apply the channel-group to the # ethernet interfaces. This pool is the reserved port-channel IDs available # for allocation by the Nexus driver for each switch. The full format for # "vpc_pool" is vpc_pool=<start_vpc_no-end_vpc_no> | <vpc_no> {,<start_vpc_no- # end_vpc_no> | <vpc_no>}. The "-" in <start_vpc_no,end_vpc_no> allows you to # configure a range from start to end and <vpc_no> allows just individual # numbers. There can be any number of ranges and numbers separated by commas. # There is no default value. If not configured, the port-channel will only # handle learned cases and attempts to create port-channels will fail since # there is no id pool available from which to allocate an id. Once defined, it # can be redefined by changing "vpc_pool" and restarting neutron. Existing VPC # ids in the database are gathered and compared against the new "vpc_pool" # config. New configured vpcids not found in the database are added. Inactive # entries in the database not found in the new configured vpcids list are # removed. An example of this configuration is `vpc_pool=1001-1025,1028`. # (string value) #vpc_pool = <None> {%- set nexus_switches = config_data | item('NEU.nexus_switches', default=[]) -%} {%- for nexus_switch in nexus_switches -%} [ml2_nech_cisco_nexus:{{ nexus_switch.ip }}] username = {{ nexus_switch.username }} {%- if nexus_switch.password is defined -%} password = {{ nexus_switch.password }} {%- endif -%} {%- set hv_list = ['true'] -%} {%- if nexus_switch.https_verify is defined -%} {%- do hv_list.append(nexus_switch.https_verify | lower) -%} {%- endif -%} https_verify = {{ hv_list | last }} {%- if hv_list | last == 'true' -%} https_local_ceritificate = {{ nexus_switch.https_local_certificate }} {%- endif -%} {%- if nexus_switch.intcfg_portchannel is defined -%} intcfg_portchannel = {{ nexus_switch.intcfg_portchannel }} {%- endif -%} {%- if nexus_switch.nve_src_intf is defined -%} nve_src_intf = {{ nexus_switch.nve_src_intf }} {%- endif -%} {%- if nexus_switch.physnet is defined -%} physnet = {{ nexus_switch.physnet }} {%- endif -%} {%- if nexus_switch.vpc_pool is defined -%} vpc_pool = {{ nexus_switch.vpc_pool }} {%- endif -%} {%- if nexus_switch.host_ports_mapping is defined -%} host_ports_mapping = {{ nexus_switch.host_ports_mapping }} {%- endif -%} {%- endfor -%} [ml2_type_nexus_vxlan] vni_ranges = {{ neutron_vni_ranges|trim }} {%- set nexus_mcast_ranges = config_data | item('NEU.nexus_mcast_ranges', default=[]) -%} {%- if nexus_mcast_ranges|length > 0 -%} mcast_ranges = {{ nexus_mcast_ranges | unique | join(',') }} {%- endif -%} 07070100000082000041ED0000000000000000000000065C08201400000000000000000000000000000000000000000000005E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent07070100000083000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006700000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/defaults07070100000084000081A40000000000000000000000015C08201400000612000000000000000000000000000000000000007000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/defaults/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # This file will contain the default values for the neutron server --- neutron_component: neutron-opflex-agent agent_ovs_mtd_ip: "{%- if OPFLEX_AGT is defined -%} {%- if OPFLEX_AGT.consumes_NOV_MTD is defined -%} {{ OPFLEX_AGT.consumes_NOV_MTD.vips.private[0].ip_address }} {%- else -%} {{ NEU_SVR.consumes_NOV_API.vips.private[0].host }} {%- endif -%} {%- endif -%}" agent_ovs_mtd_port: "{%- if OPFLEX_AGT is defined -%} {%- if OPFLEX_AGT.consumes_NOV_MTD is defined -%} {{ OPFLEX_AGT.consumes_NOV_MTD.vips.private[0].port }} {%- else -%} 8775 {%- endif -%} {%- endif -%}" agent_ovs_mtd_protocol: "{%- if OPFLEX_AGT is defined -%} {%- if OPFLEX_AGT.consumes_NOV_MTD is defined -%} {{ OPFLEX_AGT.consumes_NOV_MTD.vips.private[0].protocol }} {%- else -%} http {%- endif -%} {%- endif -%}" 07070100000085000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/tasks07070100000086000081A40000000000000000000000015C08201400000CDE000000000000000000000000000000000000007200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/tasks/configure.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: ../../neutron-common/tasks/_set_service_directories.yml - include: modify_mda_ini.yml - name: cisco-opflex-agent | configure | Copy the cisco opflex rootwrap filters become: yes template: src: "gbp-opflex.filters.j2" dest: "{{ neutron_rootwrap_filters_dir }}/gbp-opflex.filters.j2" owner: "root" group: "root" mode: "0644" register: service_file_result - name: cisco-opflex-agent | configure | Define neutron-opflex-agent systemd service become: yes template: src: "{{ neutron_component }}.service.j2" dest: "{{ systemd_service_dir }}/{{ neutron_component }}.service" owner: "root" group: "root" mode: "0644" register: service_file_result - name: cisco-opflex-agent | configure | add service to systemd become: yes command: /bin/systemctl daemon-reload when: service_file_result.changed==true - name: cisco-opflex-agent | configure | Ensure that LLDP is enabled and running become: yes service: name: lldpd enabled: yes state: started - name: cisco-opflex-agent | configure | Disable and stop service neutron-metadata-agent become: yes service: name: neutron-metadata-agent state: stopped enabled: no - name: cisco-opflex-agent | configure | Create compatibility configuration directory become: yes file: path: "/etc/neutron/plugins/ml2" state: directory owner: root group: root - name: cisco-opflex-agent | configure | make symbolic link for opflex-ns-proxy become: yes file: path: "/var/lib/neutron/metadata_proxy" src: "/var/run/neutron/metadata_proxy" state: link force: yes - name: cisco-opflex-agent | configure | Create compatibility symlinks for OpFlex metadata proxy become: yes file: path: "{{ item.path }}" state: link src: "{{ item.src }}" with_items: - { path: "/usr/bin/neutron-metadata-agent", src: "/opt/stack/service/neutron/venv/bin/neutron-metadata-agent" } - { path: "/usr/bin/opflex-ep-watcher", src: "/opt/stack/service/neutron/venv/bin/opflex-ep-watcher" } - { path: "/usr/bin/opflex-state-watcher", src: "/opt/stack/service/neutron/venv/bin/opflex-state-watcher" } - { path: "/usr/bin/opflex-ns-proxy", src: "/opt/stack/service/neutron/venv/bin/opflex-ns-proxy" } - { path: "/etc/neutron/neutron.conf", src: "/opt/stack/service/neutron/etc/neutron.conf" } - { path: "/etc/neutron/metadata_agent.ini", src: "/opt/stack/service/neutron/etc/metadata_agent.ini" } - { path: "/etc/neutron/plugins/ml2/ml2_conf_cisco.ini", src: "/opt/stack/service/neutron/etc/ml2_conf.ini" } 07070100000087000081A40000000000000000000000015C0820140000035E000000000000000000000000000000000000007000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/tasks/install.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-opflex-agent | install | Install packages become: yes package: name: "{{ item }}" state: present with_items: nova_required_packages | default([]) register: ardana_opflex_agent_install 07070100000088000081A40000000000000000000000015C082014000002ED000000000000000000000000000000000000006D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/tasks/main.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-opflex-agent | main | Load variables include_vars: "{{ ansible_os_family | lower }}.yml" 07070100000089000081A40000000000000000000000015C082014000005DC000000000000000000000000000000000000007700000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/tasks/modify_mda_ini.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-agent-ovs | modify_mda_ini | Update metadata_ip become: yes lineinfile: dest: "{{ neutron_conf_dir}}/metadata_agent.ini" state: present regexp: '^nova_metadata_ip = (.*)$' line: 'nova_metadata_ip = {{ agent_ovs_mtd_ip }}' backrefs: yes - name: cisco-agent-ovs | modify_mda_ini | Update metadata_port become: yes lineinfile: dest: "{{ neutron_conf_dir}}/metadata_agent.ini" state: present regexp: '^nova_metadata_port = (.*)$' line: 'nova_metadata_port = {{ agent_ovs_mtd_port }}' backrefs: yes - name: cisco-agent-ovs | modify_mda_ini | Update metadata_protocol become: yes lineinfile: dest: "{{ neutron_conf_dir}}/metadata_agent.ini" state: present regexp: '^nova_metadata_protocol = (.*)$' line: 'nova_metadata_protocol = {{ agent_ovs_mtd_protocol }}' backrefs: yes 0707010000008A000081A40000000000000000000000015C0820140000054C000000000000000000000000000000000000006E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/tasks/start.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Start or restart neutron ovs agent --- - name: cisco-opflex-agent | start | Restart the neutron-opflex-agent become: yes service: name: neutron-opflex-agent state: restarted when: ( ardana_opflex_agent_install is defined and ardana_opflex_agent_install.changed ) or ( ardana_notify_neutron_restart_required is defined and ardana_notify_neutron_restart_required.changed ) or ( ardana_notify_neutron_server_restart_required is defined and ardana_notify_neutron_server_restart_required.changed ) - name: cisco-opflex-agent | start | Start the neutron-opflex-agent become: yes service: name: neutron-opflex-agent state: started enabled: yes 0707010000008B000081A40000000000000000000000015C082014000002BE000000000000000000000000000000000000006F00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/tasks/status.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - include: ../../neutron-common/tasks/_service_status.yml 0707010000008C000081A40000000000000000000000015C0820140000030F000000000000000000000000000000000000006D00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/tasks/stop.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- - name: cisco-opflex-agent | stop | Stop the cisco-opflex-agent become: yes service: name: neutron-opflex-agent state: stopped 0707010000008D000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/templates0707010000008E000081A40000000000000000000000015C08201400000533000000000000000000000000000000000000007E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/templates/gbp-opflex.filters.j2# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # neutron-rootwrap command filters for nodes on which opflex agent is # expected to run # # This file should be owned by (and only-writeable by) the root user # format is # cmd-name: filter-name, raw-command, user, args [Filters] # gbp-opflex filters supervisord: CommandFilter, supervisord, root supervisorctl: CommandFilter, supervisorctl, root ip: CommandFilter, ip, root ethtool: CommandFilter, ethtool, root mkdir: CommandFilter, mkdir, root chmod: CommandFilter, chmod, root chown: CommandFilter, chown, root rm: CommandFilter, rm, root ovs-vsctl: CommandFilter, ovs-vsctl, root ovs-ofctl: CommandFilter, ovs-ofctl, root 0707010000008F000081A40000000000000000000000015C082014000004A4000000000000000000000000000000000000008800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/templates/neutron-opflex-agent.service.j2{# # # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} [Unit] Description=Neutron Cisco OpFlex Plugin Agent After=syslog.target network.target Requires=network.target [Service] User=root PermissionsStartOnly=true ExecStartPre=/bin/mkdir -p /var/lib/opflex-agent-ovs ExecStartPre=/bin/chown -R neutron:neutron /var/lib/opflex-agent-ovs ExecStart={{ neutron_bin_dir }}/neutron-opflex-agent --log-file={{ neutron_log_dir }}/cisco-opflex-agent.log --config-file={{ neutron_conf_dir }}/neutron.conf --config-file={{ neutron_conf_dir }}/ml2_conf.ini Restart=always [Install] WantedBy=multi-user.target 07070100000090000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/vars07070100000091000081A40000000000000000000000015C082014000002FC000000000000000000000000000000000000006E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/vars/debian.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # Contains default values for neutron dhcp agent, specific to Debian Systems --- required_packages: - lldpd - supervisor 07070100000092000081A40000000000000000000000015C082014000002D0000000000000000000000000000000000000006C00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-opflex-agent/vars/suse.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # Contains default values for cisco apic opflex agent. --- required_packages: - lldpd - supervisor - openstack-neutron-cisco-opflex-agent 07070100000093000041ED0000000000000000000000035C08201400000000000000000000000000000000000000000000005A00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-ucsm-ml207070100000094000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000006400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-ucsm-ml2/templates07070100000095000081A40000000000000000000000015C08201400000D62000000000000000000000000000000000000007400000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/ansible/roles/cisco-ucsm-ml2/templates/ml2_ucsm.ini.j2{# # # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # #} # This template defines the contents of file ml2_ucsm.ini, configuration # file for the Cisco UCSM mechanism driver. This requires the option # values from the ACI configuration-data file in the input model at path # ~ardana/openstack/my_cloud/definition/data/apicaci/aci_config.yml: # # product: # version: 2 # # configuration-data # - name: CISCOACI-CONFIG-CP1 # services: # - aci # data: # ucs_mgr_list: # - ip: 1.2.3.4 # username: ucsm_admin # password: ucsm_password: # virtio_eth_ports: /ether-eth0,/ether-eth1 # host_list: host1,host2 # sriov_qos_policy: ... # - ip: 2.3.4.5 # username: ucsm_admin # password: ucsm_password: # virtio_eth_ports: /ether-eth0,/ether-eth1 # ... # # ucsm_sriov_vlans: # - name: test_network1 # range: 5,7-9 # - name: test_network2 # range: 90-99 # ... # [DEFAULT] {%- set ucsm_list = config_data | item('ACI.ucs_mgr_list', default=[]) -%} {%- for ucsm in ucsm_list -%} [ml2_cisco_icsm_ip: {{ ucsm.ip }}] ucsm_username = {{ ucsm.username }} ucsm_password = {{ ucsm_password }} {%- if ucsm.virtio_eth_ports is defined -%} ucsm_virtio_eth_ports = {{ ucsm.virtio_eth_ports }} {%- endif -%} {%- if ucsm.host_list is defined -%} ucsm_host_list = {{ ucsm.host_list }} {%- endif -%} {%- if ucsm.sriov_qos_policy is defined -%} sriov_qos_policy = {{ sriov_qos_policy }} {%- endif -%} {%- if ucsm.sp_template_list is defined -&} sp_template_list = {{ ucsm.sp_template_list }} {%- endif -%} {%- if ucsm.vnic_template_list is defined -%} vnic_template_list = {{ ucsm.vnic_template_list }} {%- endif -%} {%- endfor-%} [sriov_multivlan_trunk] # # From networking_cisco.ucsm # # SR-IOV Multi-VLAN trunk config section is an optional config section to # accomodate the scenario where an application using an SR-IOV port to # communicate would like to send traffic on multiple application specific VLANs # not known to OpenStack. This config section is applicable across all UCSMs # specified as part of the OpenStack cloud. The names of the neutron networks # on which the SR-IOV ports are going to be created have to be known ahead of # time and should be associated with a list or range of application VLANs using # the following format: # <neutron network name>=<comma separated list of VLAN-ids or VLAN-id ranges> # For example: # test_network1=5,7-9 (dict value) #network_vlans = <None> {%- set ucsm_sriov_vlans = config_data | item('ACI.ucsm_sriov_vlans', default=[]) -%} [%- if ucsm_sriov_vlans|length > 0 -%} {%- for ucsm_sriov_vlan in ucsm_sriov_vlans -%} {{ ucsm_sriov_vlan.name }} = {{ ucsm_sriov_vlan.range }} {%- endfor -%} [%- endif -%} 07070100000096000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000004500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/logging07070100000097000081A40000000000000000000000015C08201400000479000000000000000000000000000000000000006300000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/logging/cisco-apic-host-agent-clr.yml # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: APICHOST-AGT name: cisco-apic-host-agent service: aci monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/cisco-apic-host-agent.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - notifempty - copytruncate - maxsize 45M - rotate 7 - create 640 root root 07070100000098000081A40000000000000000000000015C0820140000047E000000000000000000000000000000000000006600000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/logging/cisco-apic-service-agent-clr.yml # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: APICSVC-AGT name: cisco-apic-service-agent service: aci monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/cisco-apic-service-agent.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - notifempty - copytruncate - maxsize 45M - rotate 7 - create 640 root root 07070100000099000081A40000000000000000000000015C08201400000537000000000000000000000000000000000000006000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/logging/cisco-opflex-agent-clr.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- sub_service: hosts: OPFLEX-AGT name: cisco-opflex-agent service: aci monitoring: enabled: true external_name: networking logging_dir: /var/log/neutron logging_options: - files: - /var/log/neutron/cisco-opflex-agent.log - /var/log/neutron/neutron-metadata-agent.log - /var/log/neutron/metadata-supervisor.log - /var/log/neutron/opflex-state-watcher.log - /var/log/neutron/opflex-ep-watcher.log centralized_logging: enabled: true format: json log_rotate: - daily - compress - missingok - notifempty - copytruncate - maxsize 45M - rotate 7 - create 640 root root 0707010000009A000041ED0000000000000000000000035C08201400000000000000000000000000000000000000000000004600000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services0707010000009B000041ED0000000000000000000000025C08201400000000000000000000000000000000000000000000004E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci0707010000009C000081A40000000000000000000000015C08201400000564000000000000000000000000000000000000005600000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/aci.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 services: - name: aci mnemonic: ACI network-tag-schema: - name: neutron.networks.vxlan unique: true schema: tenant-vxlan-id-range: optional : true type: range min: 0 max: 16777215 - name: neutron.networks.vlan schema: provider-physical-network: optional : false type: physnet tenant-vlan-id-range: optional : true type: range min: 1 max: 4094 - name: neutron.networks.opflex schema: provider-physical-network: optional: false type: physnet - name: neutron.l3_agent.external_network_bridge schema: {} 0707010000009D000081A40000000000000000000000015C082014000006FA000000000000000000000000000000000000006000000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-aci-ml2.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 service-components: - name: cisco-aci-ml2 mnemonic: ACI-ML2 service: aci provides-data: - to: - name: neutron-ml2-plugin data: - option: mechanism_drivers values: - cisco_apic_ml2 - option: l2_population values: - False - option: type_drivers values: opflex - option: tenant_network_types values: opflex - option: config_file_snippets values: - snippet: roles/cisco-aci-ml2/templates/ml2_conf_snippet.ini.j2 config_file: ml2_conf.ini - to: - name: neutron-server data: - option: service_plugins values: - cisco_apic_l3 - to: - name: neutron-dhcp-agent data: - option: dhcp_driver values: - apic_ml2.neutron.agent.linux.apic_dhcp.ApicDnsmasq # Note: the ovs_integration_bridge value of "br-int" is default # Note: the enable_isolated_metadata value of True is HOS4 default. 0707010000009E000081A40000000000000000000000015C0820140000061A000000000000000000000000000000000000006200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-agent-ovs.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 service-components: - name: cisco-agent-ovs mnemonic: CISCO-AGT-OVS service: aci # # Note: Currently this network-tag is not understood by neutron-ansible. # Hence it wont be added to the ML2.tenant_network_types parameter in # ML2 conf.ini. The "opflex" value whould be set to # ML2.tenant_network_types by overriding the parameter in # ml2_conf_snippet.ini.j2 of the cisco-aci-ml2 role. # network-tags: - name: neutron.networks.vxlan needs-value: false needs-bridge: false endpoints: - port: '4789' protocol: 'udp' roles: - vxlan - name: neutron.networks.vlan needs-value: true needs-bridge: true bridge-provider: ovs - name: neutron.networks.opflex needs-value: false needs-bridge: false bridge-provider: ovs 0707010000009F000081A40000000000000000000000015C082014000007FE000000000000000000000000000000000000006100000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-apic-aim.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 service-components: - name: cisco-apic-aim mnemonic: APIC-AIM service: aci provides-data: - to: - name: neutron-ml2-plugin data: - option: mechanism_drivers values: - apic_aim - option: l2_population values: - true - option: type_drivers values: - opflex - local - flat - vlan - gre - vxlan - option: tenant_network_types values: opflex - option: extension_drivers values: - apic_aim - port_security - qos - option: config_file_snippets values: - snippet: roles/cisco-apic-aim/templates/ml2_conf_ini_snippet.j2 config_file: ml2_conf.ini - to: - name: neutron-server data: - option: core_plugins values: - ml2plus - option: service_plugins values: - qos - apic_aim_l3 - option: config_file_snippets values: - snippet: roles/cisco-apic-aim/templates/neutron_conf_snippet.j2 config_file: neutron.conf - option: std_policy_json_j2 values: - roles/cisco-apic-aim/templates/new_policy.json.j2 070701000000A0000081A40000000000000000000000015C082014000002FC000000000000000000000000000000000000006800000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-apic-host-agent.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 service-components: - name: cisco-apic-host-agent mnemonic: APICHOST-AGT service: aci 070701000000A1000081A40000000000000000000000015C082014000002FE000000000000000000000000000000000000006B00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-apic-service-agent.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSC LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 service-components: - name: cisco-apic-service-agent mnemonic: APICSVC-AGT service: aci 070701000000A2000081A40000000000000000000000015C082014000009BD000000000000000000000000000000000000005E00000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-asr1k.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 service-components: - name: cisco-asr1k-plugin mnemonic: CISCO-ASR1K service: aci provides-data: - to: - name: neutron-server data: - option: notify_nova_on_port_status_changes values: - True - option: notify_nova_on_port_data_changes values: - True - option: service_plugins values: - networking_cisco.plugins.cisco.service_plugins.cisco_router_plugin:CiscoRouterPlugin - networking_cisco.plugins.cisco.service_plugins.cisco_device_manager_plugin:CiscoDeviceManagerPlugin - option: routing_default_router_type values: - ASR1k_router - option: std_policy_json_j2 values: - roles/cisco-asr1k/templates/new_policy.json.j2 - option: config_files values: - source: roles/cisco-asr1k-plugin/templates/cisco_router_plugin.ini.j2 dest: cisco_router_plugin.ini - source: roles/cisco-asr1k-plugin/templates/cisco_device_manager_plugin.ini.j2 dest: cisco_device_manager_plugin.ini - option: neutron_server_config_file_args values: - cisco_router_plugin.ini - cisco_device_manager_plugin.ini - to: - name: cisco-config-agent data: - option: config_files values: - source: roles/cisco-asr1k-plugin/templates/cisco_router_plugin.ini.j2 dest: cisco-router.ini - source: roles/cisco-asr1k-plugin/templates/cisco_device_manager_plugin.ini.j2 dest: cisco_device_manager_plugin.ini - option: neutron_server_config_file_args values: - cisco_router.ini - cisco_device_manager_plugin.ini 070701000000A3000081A40000000000000000000000015C082014000002BB000000000000000000000000000000000000006500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-config-agent.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 service-components: - name: cisco-config-agent mnemonic: CISCO-CFG-AGT service: aci 070701000000A4000081A40000000000000000000000015C08201400000664000000000000000000000000000000000000006200000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-nexus-ml2.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Service definition for the cisco-nexus-ml2 service. Adding this # service to the input model will configure the neutron-server # to use the cisco_nexus mechanism driver, the input model also # need to deploy the neutron-ml2-plugin and the neutron-openvswitch-agent # services. # # The neutron configuration-data should have the options described in the # ml2_nexus.ini.j2 file # --- product: version: 2 service-components: - name: cisco-nexus-ml2 mnemonic: CISCO-NEXUS-ML2 service: aci provides-data: - to: - name: neutron-ml2-plugin data: - option: mechanism_drivers values: - networking_cisco.ml2_drivers.nexus.mech_cisco_nexus:CiscoNexusMechanismDriver - to: - name: neutron-server data: - option config_files: values: - source: roles/cisco-ucsm-ml2/templates/ml2_nexus.ini.j2 dest: ml2_nexus.ini - option: neutron_server_config_file_args values: - ml2_nexus.ini 070701000000A5000081A40000000000000000000000015C0820140000032B000000000000000000000000000000000000006500000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-opflex-agent.yml# # (c) Copyright 2017 Hewlett Packard Enterprise Development LP # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # --- product: version: 2 service-components: - name: cisco-opflex-agent mnemonic: OPFLEX-AGT service: aci consumes-services: - service-name: NOV-MTD 070701000000A6000081A40000000000000000000000015C082014000006FF000000000000000000000000000000000000006100000000ardana-extensions-apicaci-8.0+git.1544036372.5d494a9/apicaci/services/apicaci/cisco-ucsm-ml2.yml# # (c) Copyright 2018 SUSE LLC # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # Service definition for the cisco-ucsm-ml2 service. Adding this # service to the input model will configure the neutron-server # to use the cisco_ucsm mechanism driver, the input model also # need to deploy the neutron-ml2-plugin and the neutron-openvswitch-agent # services. # # An ACI configuration-data in the input model at # # ~ardana/openstack/my_cloud/definition/data/aci/aci_config.yml # # should define the options described in the ml2_ucsm.ini.j2 file. # --- product: version: 2 service-components: - name: cisco-ucsm-ml2 mnemonic: CISCO-UCSM-ML2 service: aci provides-data: - to: - name: neutron-ml2-plugin data: - option: mechanism_drivers values: - networking_cisco.ml2_drivers.ucsm.mech_cisco_ucsm:CiscoUcsmMechanismDriver - option: l2_population values: - False - to: - name: neutron-server data: - option config_files: values: - source: roles/cisco-ucsm-ml2/templates/ml2_ucsm.ini.j2 dest: ml2_ucsm.ini - option: neutron_server_config_file_args values: - ml2_ucsm.ini 07070100000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000B00000000TRAILER!!!482 blocks
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor