diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 99386df044068f23cb34036fda7ee6387eccd390..10b29c889b486849b356d7e5005472be40791092 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -155,7 +155,7 @@ bifrost_network_interface: "{{ network_interface }}"
dns_interface: "{{ network_interface }}"
tunnel_interface_address: "{{ hostvars[inventory_hostname]['ansible_' + tunnel_interface]['ipv4']['address'] }}"
-# Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_dvs, opendaylight ]
+# Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_nsxv3, vmware_dvs, opendaylight ]
neutron_plugin_agent: "openvswitch"
# Valid options are [ internal, infoblox ]
diff --git a/ansible/roles/neutron/defaults/main.yml b/ansible/roles/neutron/defaults/main.yml
index e645cd57da9806e5314f7d6ef75052aeb3a30596..4418b6698e97c45b20733d1989a4fc77ab4ea96b 100644
--- a/ansible/roles/neutron/defaults/main.yml
+++ b/ansible/roles/neutron/defaults/main.yml
@@ -80,7 +80,7 @@ neutron_services:
container_name: "neutron_dhcp_agent"
image: "{{ neutron_dhcp_agent_image_full }}"
privileged: True
- enabled: "{{ neutron_plugin_agent != 'vmware_nsxv' }}"
+ enabled: "{{ neutron_plugin_agent not in [ 'vmware_nsxv', 'vmware_nsxv3' ] }}"
group: "neutron-dhcp-agent"
host_in_groups: "{{ inventory_hostname in groups['neutron-dhcp-agent'] }}"
volumes:
@@ -93,7 +93,7 @@ neutron_services:
container_name: "neutron_l3_agent"
image: "{{ neutron_l3_agent_image_full }}"
privileged: True
- enabled: "{{ neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] and not enable_opendaylight_l3 | bool }}"
+ enabled: "{{ neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] and not enable_opendaylight_l3 | bool }}"
host_in_groups: >-
{{
inventory_hostname in groups['neutron-l3-agent']
@@ -110,7 +110,7 @@ neutron_services:
container_name: "neutron_lbaas_agent"
image: "{{ neutron_lbaas_agent_image_full }}"
privileged: True
- enabled: "{{ enable_neutron_lbaas | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] }}"
+ enabled: "{{ enable_neutron_lbaas | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] }}"
group: "neutron-lbaas-agent"
host_in_groups: "{{ inventory_hostname in groups['neutron-lbaas-agent'] }}"
volumes:
@@ -122,7 +122,7 @@ neutron_services:
container_name: "neutron_sriov_agent"
image: "{{ neutron_sriov_agent_image_full }}"
privileged: True
- enabled: "{{ enable_neutron_sriov | bool and neutron_plugin_agent != 'vmware_nsxv' }}"
+ enabled: "{{ enable_neutron_sriov | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3' ] }}"
host_in_groups: "{{ inventory_hostname in groups['compute'] }}"
volumes:
- "{{ node_config_directory }}/neutron-sriov-agent/:{{ container_config_directory }}/:ro"
@@ -133,7 +133,7 @@ neutron_services:
container_name: "neutron_metadata_agent"
image: "{{ neutron_metadata_agent_image_full }}"
privileged: True
- enabled: "{{ neutron_plugin_agent != 'vmware_nsxv' }}"
+ enabled: "{{ neutron_plugin_agent not in [ 'vmware_nsxv', 'vmware_nsxv3' ] }}"
host_in_groups: >-
{{
inventory_hostname in groups['neutron-metadata-agent']
@@ -149,7 +149,7 @@ neutron_services:
container_name: "neutron_bgp_dragent"
image: "{{ neutron_bgp_dragent_image_full }}"
privileged: True
- enabled: "{{ enable_neutron_bgp_dragent | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs'] }}"
+ enabled: "{{ enable_neutron_bgp_dragent | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] }}"
group: "neutron-bgp-dragent"
host_in_groups: "{{ inventory_hostname in groups['neutron-bgp-dragent'] }}"
volumes:
@@ -336,6 +336,18 @@ vmware_nsxv_spoofguard_enabled: "false"
vmware_nsxv_metadata_initializer: "false"
vmware_nsxv_edge_ha: "false"
+####################
+# VMware NSXV3
+####################
+nsxv3_metadata_proxy: "metadata proxy uuid"
+nsxv3_dhcp_profile: "dhcp service uuid"
+nsxv3_native_dhcp_metadata: "true"
+nsxv3_api_user: "user"
+nsxv3_api_managers: "127.0.0.1"
+nsxv3_default_tier0_router: "tier0 router uuid"
+nsxv3_default_vlan_tz: "vlan TZ uuid"
+nsxv3_default_overlay_tz: "overlay TZ uuid"
+
####################
# VMware DVS
####################
diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml
index 45ad4f98a77e3cb9000b672bd9c029ede0426243..983a55ed9046fcf0a33cf897c53f2d3819102c32 100644
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@@ -341,7 +341,7 @@
when:
- neutron_server.enabled | bool
- neutron_server.host_in_groups | bool
- - neutron_plugin_agent in ['vmware_nsxv', 'vmware_dvs']
+ - neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs']
notify:
- "Restart {{ service_name }} container"
diff --git a/ansible/roles/neutron/templates/neutron-server.json.j2 b/ansible/roles/neutron/templates/neutron-server.json.j2
index dc6a7317ddb3efcc063f090a25f007701f8d4341..4c6627ca2add42f071579bc242513aed45fbb887 100644
--- a/ansible/roles/neutron/templates/neutron-server.json.j2
+++ b/ansible/roles/neutron/templates/neutron-server.json.j2
@@ -1,5 +1,5 @@
{
- "command": "neutron-server --config-file /etc/neutron/neutron.conf {% if neutron_plugin_agent in ['openvswitch', 'linuxbridge', 'opendaylight'] %} --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_lbaas.conf --config-file /etc/neutron/neutron_vpnaas.conf {% elif neutron_plugin_agent in ['vmware_nsxv', 'vmware_dvs'] %} --config-file /etc/neutron/plugins/vmware/nsx.ini {% endif %} --config-file /etc/neutron/fwaas_driver.ini",
+ "command": "neutron-server --config-file /etc/neutron/neutron.conf {% if neutron_plugin_agent in ['openvswitch', 'linuxbridge', 'opendaylight'] %} --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_lbaas.conf --config-file /etc/neutron/neutron_vpnaas.conf {% elif neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] %} --config-file /etc/neutron/plugins/vmware/nsx.ini {% endif %} --config-file /etc/neutron/fwaas_driver.ini",
"config_files": [
{
"source": "{{ container_config_directory }}/neutron.conf",
@@ -45,12 +45,12 @@
"owner": "neutron",
"perm": "0600",
"optional": true
- }{% if neutron_plugin_agent in ['vmware_nsxv', 'vmware_dvs'] -%},
+ }{% if neutron_plugin_agent in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs'] -%},
{
"source": "{{ container_config_directory }}/nsx.ini",
"dest": "/etc/neutron/plugins/vmware/nsx.ini",
"owner": "neutron",
- "optional": {{ (neutron_plugin_agent not in ['vmware_nsxv', 'vmware_dvs']) | string | lower }},
+ "optional": {{ (neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_dvs']) | string | lower }},
"perm": "0600"
}{% endif %}
],
diff --git a/ansible/roles/neutron/templates/neutron.conf.j2 b/ansible/roles/neutron/templates/neutron.conf.j2
index b87541dfcc8c2a264661e27c52f8be0cbf01b014..1e439f89fe91fa063bbb5432e8e139589a7c994a 100644
--- a/ansible/roles/neutron/templates/neutron.conf.j2
+++ b/ansible/roles/neutron/templates/neutron.conf.j2
@@ -39,6 +39,9 @@ allow_overlapping_ips = true
{% if neutron_plugin_agent == 'vmware_nsxv' %}
core_plugin = vmware_nsx.plugin.NsxVPlugin
+{% elif neutron_plugin_agent == 'vmware_nsxv3' %}
+core_plugin = vmware_nsx.plugin.NsxV3Plugin
+dhcp_agent_notification = False
{% elif neutron_plugin_agent == 'vmware_dvs' %}
core_plugin = vmware_nsx.plugin.NsxDvsPlugin
{% else %}
@@ -63,6 +66,8 @@ dns_domain = {{ designate_ns_record }}.
external_dns_driver = designate
{% if neutron_plugin_agent == 'vmware_nsxv' %}
nsx_extension_drivers = vmware_nsxv_dns
+{% elif neutron_plugin_agent == 'vmware_nsxv3' %}
+nsx_extension_drivers = vmware_nsxv3_dns
{% elif neutron_plugin_agent == 'vmware_dvs' %}
nsx_extension_drivers = vmware_dvs_dns
{% endif %}
diff --git a/ansible/roles/neutron/templates/nsx.ini.j2 b/ansible/roles/neutron/templates/nsx.ini.j2
index 2dda41d28a9faa6508db15f232eaa92a9f2409ae..1129de424b5b8fdcb9bca72472b03930a2916b01 100644
--- a/ansible/roles/neutron/templates/nsx.ini.j2
+++ b/ansible/roles/neutron/templates/nsx.ini.j2
@@ -15,6 +15,17 @@ backup_edge_pool = {{ vmware_nsxv_backup_edge_pool }}
spoofguard_enabled = {{ vmware_nsxv_spoofguard_enabled }}
metadata_initializer = {{ vmware_nsxv_metadata_initializer }}
edge_ha = {{ vmware_nsxv_edge_ha }}
+{% elif neutron_plugin_agent == 'vmware_nsxv3' %}
+[nsx_v3]
+metadata_proxy = {{ nsxv3_metadata_proxy }}
+dhcp_profile = {{ nsxv3_dhcp_profile }}
+native_dhcp_metadata = {{ nsxv3_native_dhcp_metadata }}
+nsx_api_password = {{ nsxv3_api_password }}
+nsx_api_user = {{ nsxv3_api_user }}
+nsx_api_managers = {{ nsxv3_api_managers }}
+default_tier0_router = {{ nsxv3_default_tier0_router }}
+default_vlan_tz = {{ nsxv3_default_vlan_tz }}
+default_overlay_tz = {{ nsxv3_default_overlay_tz }}
{% elif neutron_plugin_agent == 'vmware_dvs' %}
[dvs]
host_ip = {{ vmware_dvs_host_ip }}
diff --git a/ansible/roles/nova/defaults/main.yml b/ansible/roles/nova/defaults/main.yml
index 2f22ce8326d049525840a123aaa6e008dfbfb18a..4bdd3fe0d9d9084947baeff134cac347d010692e 100644
--- a/ansible/roles/nova/defaults/main.yml
+++ b/ansible/roles/nova/defaults/main.yml
@@ -260,3 +260,4 @@ nova_enabled_notification_topics: "{{ nova_notification_topics | selectattr('ena
# VMware
####################
vmware_vcenter_datastore_regex: ".*"
+ovs_bridge: "nsx-managed"
diff --git a/ansible/roles/nova/templates/nova.conf.j2 b/ansible/roles/nova/templates/nova.conf.j2
index da6ff2f3c962c8435754208b2574f810bcf46eab..68c504be56b1d30d739c43c41b59650d79970b31 100644
--- a/ansible/roles/nova/templates/nova.conf.j2
+++ b/ansible/roles/nova/templates/nova.conf.j2
@@ -142,7 +142,9 @@ os_region_name = {{ openstack_region_name }}
url = {{ internal_protocol }}://{{ kolla_internal_fqdn }}:{{ neutron_server_port }}
metadata_proxy_shared_secret = {{ metadata_secret }}
service_metadata_proxy = true
-
+{% if neutron_plugin_agent == 'vmware_nsxv3' %}
+ovs_bridge = {{ ovs_bridge }}
+{% endif %}
auth_url = {{ keystone_admin_url }}
auth_type = password
project_domain_name = {{ default_project_domain_name }}
diff --git a/etc/kolla/globals.yml b/etc/kolla/globals.yml
index 7ac8428700cfe3cbbdb3934234c1469142cb5625..3c03f7f6b5f0fc5d319eb1048669fabe4fc41179 100644
--- a/etc/kolla/globals.yml
+++ b/etc/kolla/globals.yml
@@ -99,7 +99,8 @@ kolla_internal_vip_address: "10.10.10.254"
# addresses for that reason.
#neutron_external_interface: "eth1"
-# Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_dvs, opendaylight ]
+# Valid options are [ openvswitch, linuxbridge, vmware_nsxv, vmware_nsxv3, vmware_dvs, opendaylight ]
+# if vmware_nsxv3 is selected, enable_openvswitch MUST be set to "no" (default is yes)
#neutron_plugin_agent: "openvswitch"
# Valid options are [ internal, infoblox ]
diff --git a/etc/kolla/passwords.yml b/etc/kolla/passwords.yml
index 954031eb0e731c2417bdcb4f42222e8195efafb0..8ded2388a9f48a2386830ed3f03ce20a9ce1b5fe 100644
--- a/etc/kolla/passwords.yml
+++ b/etc/kolla/passwords.yml
@@ -33,6 +33,7 @@ opendaylight_password:
vmware_dvs_host_password:
vmware_nsxv_password:
vmware_vcenter_host_password:
+nsxv3_api_password:
#####################
# Hitachi NAS support
diff --git a/releasenotes/notes/nsxv3-support-0bd45afcb7e71cc5.yaml b/releasenotes/notes/nsxv3-support-0bd45afcb7e71cc5.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..66931d59a33259456bfdd2478dc5b920d535edaf
--- /dev/null
+++ b/releasenotes/notes/nsxv3-support-0bd45afcb7e71cc5.yaml
@@ -0,0 +1,3 @@
+---
+features:
+ - Add support for the VMware NSX Transformers plugin