From 5d0b3ad33f2de4dbfff56524d3d9a087fb39435e Mon Sep 17 00:00:00 2001
From: Varadhan Veerapuram <veerapuram.varadhan@suse.com>
Date: Thu, 1 Feb 2018 18:15:30 +0530
Subject: [PATCH] [neutron][Cisco ACI] Multi-VMM domain support (SOC - 10471)

A Single ACI fabric can support multiple VMM domains. Each VMM domain
can be governed by a different controller (Eg: VMWare vCenter or
OpenStack or MicroSoft SCVMM). Several production data centers tend
to use multiple VMM domains and expect to be able to monitor and
control network policies from a single ACI fabric. Integration of
OpenStack with such a setup requires crowbar to provide parameters
specific to each VMM domain. This commit adds the additional
parameters and logic to validate and send these to the correct
config location. The changes now allow to provide "Vmware" or
"OpenStack" as the VMM type. Multiple entries of either types
are possible.

(cherry picked from commit 303d98612bbb7f37f27d861cc2efe7c9c5ee3b1d)
---
 .../neutron/recipes/cisco_apic_support.rb      | 18 +++++++++++++++++-
 .../default/ml2_conf_cisco_apic.ini.erb        | 15 ++++++++++++---
 .../neutron/126_add_apic_multi_vmm_domains.rb  | 15 +++++++++++++++
 chef/data_bags/crowbar/template-neutron.json   | 14 ++++++++++++--
 chef/data_bags/crowbar/template-neutron.schema |  9 ++++++++-
 5 files changed, 64 insertions(+), 7 deletions(-)
 create mode 100644 chef/data_bags/crowbar/migrate/neutron/126_add_apic_multi_vmm_domains.rb

diff --git a/chef/cookbooks/neutron/recipes/cisco_apic_support.rb b/chef/cookbooks/neutron/recipes/cisco_apic_support.rb
index f08d9e50c4..5b97d7606e 100644
--- a/chef/cookbooks/neutron/recipes/cisco_apic_support.rb
+++ b/chef/cookbooks/neutron/recipes/cisco_apic_support.rb
@@ -21,7 +21,20 @@
 end
 
 aciswitches = node[:neutron][:apic][:apic_switches].to_hash
-template "/etc/neutron/neutron-server.conf.d/100-ml2_conf_cisco_apic.ini.conf" do
+acivmms = node[:neutron][:apic][:apic_vmms]
+
+# If using VMWare vcenter as one of the compute hosts.
+# distributed dhcp and metadata cannot work since these
+# functions conflict with vcenter functionality.
+if acivmms.find { |vmm| vmm[:vmm_type].downcase == "vmware"}
+  apic_optimized_dhcp = false 
+  apic_optimized_metadata = false
+else
+  apic_optimized_dhcp = node[:neutron][:apic][:optimized_dhcp]
+  apic_optimized_metadata = node[:neutron][:apic][:optimized_metadata]
+end
+
+template node[:neutron][:ml2_cisco_apic_config_file] do
   cookbook "neutron"
   source "ml2_conf_cisco_apic.ini.erb"
   mode "0640"
@@ -30,6 +43,9 @@
   variables(
     vpc_pairs: node[:neutron][:apic][:vpc_pairs],
     apic_switches: aciswitches,
+    optimized_dhcp: apic_optimized_dhcp,
+    optimized_metadata: apic_optimized_metadata,
+    apic_vmms: acivmms,
     ml2_mechanism_drivers: node[:neutron][:ml2_mechanism_drivers],
     policy_drivers: "implicit_policy,apic",
     default_ip_pool: "192.168.0.0/16"
diff --git a/chef/cookbooks/neutron/templates/default/ml2_conf_cisco_apic.ini.erb b/chef/cookbooks/neutron/templates/default/ml2_conf_cisco_apic.ini.erb
index 30e24dc022..8051200845 100644
--- a/chef/cookbooks/neutron/templates/default/ml2_conf_cisco_apic.ini.erb
+++ b/chef/cookbooks/neutron/templates/default/ml2_conf_cisco_apic.ini.erb
@@ -2,7 +2,7 @@
 apic_system_id=<%= node[:neutron][:apic][:system_id] %>
 [opflex]
 networks = *
-[ml2_cisco_apic]
+[apic]
 apic_hosts=<%= node[:neutron][:apic][:hosts] %>
 apic_username=<%= node[:neutron][:apic][:username] %>
 apic_password=<%= node[:neutron][:apic][:password] %>
@@ -11,8 +11,8 @@ apic_name_mapping = use_name
 apic_clear_node_profiles = True
 enable_aci_routing = True
 apic_arp_flooding = True
-enable_optimized_metadata = <%= node[:neutron][:apic][:optimized_metadata] %>
-enable_optimized_dhcp = <%= node[:neutron][:apic][:optimized_dhcp] %>
+enable_optimized_metadata = <%= @optimized_metadata %>
+enable_optimized_dhcp = <%= @optimized_dhcp] %>
 apic_provision_infra = True
 apic_provision_hostlinks = True
 <%  unless @vpc_pairs.nil? -%>
@@ -41,3 +41,12 @@ enable_nat = <%= node[:neutron][:apic][:ext_net][:nat_enabled] %>
 <% end -%>
 external_epg = <%= node[:neutron][:apic][:ext_net][:ext_epg] %>
 host_pool_cidr = <%= node[:neutron][:apic][:ext_net][:host_pool_cidr] %>
+
+<% @apic_vmms.each do |vmm_domain| -%>
+[apic_vmdom:<%= vmm_domain[:vmm_name]%>]
+vmm_type = <%= vmm_domain[:vmm_type]%>
+<%   if vmm_domain[:vlan_ranges] -%>
+vlan_ranges = <%= vmm_domain[:vlan_ranges] %> 
+<%   end -%>
+<% end -%>
+
diff --git a/chef/data_bags/crowbar/migrate/neutron/126_add_apic_multi_vmm_domains.rb b/chef/data_bags/crowbar/migrate/neutron/126_add_apic_multi_vmm_domains.rb
new file mode 100644
index 0000000000..ac15244d9d
--- /dev/null
+++ b/chef/data_bags/crowbar/migrate/neutron/126_add_apic_multi_vmm_domains.rb
@@ -0,0 +1,15 @@
+def upgrade(tattr, tdep, attr, dep)
+  unless attr["apic"].key?("apic_vmms")
+    attr["apic"]["apic_vmms"] = tattr["apic"]["apic_vmms"]
+  end
+
+  return attr, dep
+end
+
+def downgrade(tattr, tdep, attr, dep)
+  unless tattr["apic"].key?("apic_vmms")
+    attr["apic"].delete("apic_vmms") if attr.key?("apic_vmms")
+  end
+
+  return attr, dep
+end
diff --git a/chef/data_bags/crowbar/template-neutron.json b/chef/data_bags/crowbar/template-neutron.json
index 76a425b27d..2483a752ea 100644
--- a/chef/data_bags/crowbar/template-neutron.json
+++ b/chef/data_bags/crowbar/template-neutron.json
@@ -99,7 +99,17 @@
               }
             }
           }
-        }
+        },
+        "apic_vmms": [{
+          "vmm_name": "soc_kvm_domain",
+          "vmm_type": "openstack",
+          "vlan_ranges": ""
+        },
+        {
+          "vmm_name": "soc_vm_domain",
+          "vmm_type": "vmware",
+          "vlan_ranges": ""
+        }]
       },
       "allow_overlapping_ips": true,
       "use_syslog": false,
@@ -197,7 +207,7 @@
     "neutron": {
       "crowbar-revision": 0,
       "crowbar-applied": false,
-      "schema-revision": 125,
+      "schema-revision": 126,
       "element_states": {
         "neutron-server": [ "readying", "ready", "applying" ],
         "neutron-network": [ "readying", "ready", "applying" ],
diff --git a/chef/data_bags/crowbar/template-neutron.schema b/chef/data_bags/crowbar/template-neutron.schema
index 1897bce036..0ffaca635f 100644
--- a/chef/data_bags/crowbar/template-neutron.schema
+++ b/chef/data_bags/crowbar/template-neutron.schema
@@ -95,7 +95,14 @@
                             }}
                           }}
                         }}
-                      }
+                      },
+                      "apic_vmms": { "type" : "seq", "required" : true, "sequence" : [ {
+                        "type" : "map", "required" : true, "mapping" : {
+                          "vmm_name": { "type": "str", "required": true },
+                          "vmm_type": { "type": "str", "required": true },
+                          "vlan_ranges": { "type": "str", "required": true }
+                        }
+                      } ] }
                     }},
                     "allow_overlapping_ips": { "type": "bool", "required": true },
                     "cisco_switches": {