Neutron/ML2/MechCiscoNexus

= Neutron ML2 Driver For Cisco Nexus Devices = --

Overview
The Cisco Nexus ML2 mechanism driver implements the ML2 Plugin Mechanism Driver API. The Cisco Nexus ML2 mechanism driver manages multiple types of Cisco Nexus switches.

Note: This driver supports the VLAN network type for Cisco Nexus models 3000 – 9000 and the VXLAN overlay network type for the Cisco Nexus 3100 and 9000 switches only. Refer to http://docwiki.cisco.com/wiki/OpenStack/ML2NexusMechanismDriver for VxLAN overlay configuration details.

Prerequisites
Nexus switch support requires the following OS versions and packages:


 * Cisco NX-OS 5.2.1 (Delhi) Build 69 or later.
 * paramiko library, the SSHv2 protocol library for python
 * One of two supported OSes:
 * RHEL 6.1 or above
 * Ubuntu 11.10 or above
 * Package: python-configobj-4.6.0-3.el6.noarch (or later)
 * Package: python-routes-1.12.3-2.el6.noarch (or later)
 * Package: pip install mysql-python
 * The ncclient v0.4.2 Python library for NETCONF clients. See the following for instructions on how to download the modified library. For more information on ncclient, see http://ncclient.grnet.gr/.

Get the ncclient library by using the pip package manager at your shell prompt:

pip install ncclient == 0.4.2

Your Nexus switch must be configured as described in the next section, Nexus Switch Setup.

Nexus Switch Setup

 * Your Nexus switch must be connected to a management network separate from the OpenStack data network. The plugin communicates with the switch over this network to set up your data flows.
 * The switch must have  login enabled.
 * Each compute host on the cloud must be connected to the switch using an interface dedicated solely to OpenStack data traffic.
 * The switch must be a known host on the controller node before the ML2 Nexus mechanism driver tries to configure the switch. To ensure the switch is a known host, manually log in to the switch from the controller node (using ) before creating instances.
 * All other switch configuration not listed in this section, for example configuring interfaces with  and , must be performed by the switch administrator.

Directory Structure
The Cisco Nexus mechanism driver code is located in the following directory:

/neutron/neutron/plugins/ml2/drivers/cisco/nexus

The Cisco Nexus mechanism configuration template is located at:

/neutron/etc/neutron/plugins/ml2/ml2_conf_cisco.ini

In both cases,  is the directory where the Neutron project is installed. This is often the home directory of the username assigned to Neutron.

VLAN Configuration
To configure the Cisco Nexus ML2 mechanism driver, do the following:

Create a configuration file using the syntax template.

Add the Nexus switch information to a configuration file. Include the following information (see the example below):
 * The IP address of the switch
 * The hostname and port of the node that is connected to the switch
 * The switch port that host is connected to
 * The Nexus switch credential username and password

Include the configuration file on the command line when the neutron-server is started. You can configure multiple switches as well as multiple hosts per switch.

[ml2_mech_cisco_nexus:1.1.1.1] compute-1=1/2 username=admin password=mySecretPasswordForNexus
 * 1) Use section header 'ml2_mech_cisco_nexus:' followed by the IP address of the Nexus switch.
 * 1) Hostname and port used on the switch for this compute host.
 * 2) Where 1/2 indicates the "interface ethernet 1/2" port on the switch.
 * 1) Port number where the SSH will be running at the Nexus Switch. Default is 22 so this variable
 * 2) only needs to be configured if different.
 * 3) ssh_port=22
 * 4) Provide the Nexus log in information

Virtual Port Channel (vPC) Configuration
The Cisco mechanism plugin supports multi-homes hosts in a vPC setup. A typical vPC setup is illustrated in the following diagram:

Prerequisites

 * The vPC interconnect must be set up as described in this document: NXOS vPC configuration. The Cisco plugin will not set up vPC interconnect channels between switches.
 * The data interfaces on the host must be bonded. This bonded interface must be attached to the external bridge.

Plugin Configuration
Configure vPC in the plugin with multiple connections per host. For example, if host 1 is connected to two nexus switches 1.1.1.1 and 2.2.2.2 over portchannel2:

[ml2_mech_cisco_nexus:1.1.1.1] host1=port-channel:2 ssh_port=22 username=admin password=mySecretPasswordForNexus
 * 1) Hostname and port used of the node
 * 1) Port number where the SSH will be running at the Nexus Switch, e.g.: 22 (Default)
 * 1) Provide the Nexus credentials, if you are using Nexus switches. If not this will be ignored.

[ml2_mech_cisco_nexus:2.2.2.2] host1=port-channel:2 ssh_port=22 username=admin password=mySecretPasswordForNexus
 * 1) Hostname and port used of the node
 * 1) Port number where the SSH will be running at the Nexus Switch, e.g.: 22 (Default)
 * 1) Provide the Nexus credentials, if you are using Nexus switches. If not this will be ignored.

Specify the etherytype (portchannel, etherchannel, etc.) for the vPC setup.

Note: If you do not specify the ethertype, the plugin assumes an ethertype of Ethernet.

No configuration change is required for non-vPC configurations. Non-vpc setups are not affected by this feature.

VLAN Configuration
For general Devstack configuration, see the ML2 main page at https://wiki.openstack.org/wiki/Neutron/ML2#ML2_Configuration.

As described in the ML2 main page, set the devstack localrc variable Q_ML2_PLUGIN_MECHANISM_DRIVERS to the required mechanism drivers. For the Cisco Nexus MD the required drivers are:

Q_ML2_PLUGIN_MECHANISM_DRIVERS=openvswitch,cisco_nexus

Make the nexus switch configuration accessible by adding the following to the devstack  file:

Q_PLUGIN_EXTRA_CONF_PATH=(/home/openstack) Q_PLUGIN_EXTRA_CONF_FILES=(ml2_conf_cisco.ini)
 * 1) CONF_PATH can be any valid directory path on the devstack system.

Create the file  and add the nexus switch information. The configuration file syntax is described in the section above.