Difference between revisions of "Neutron/DVR/HowTo"
m (→L3 Agent.ini) |
m |
||
(45 intermediate revisions by 6 users not shown) | |||
Line 3: | Line 3: | ||
Full link: https://www.youtube.com/watch?v=p4BwAjLHd0M | Full link: https://www.youtube.com/watch?v=p4BwAjLHd0M | ||
− | + | <br/> <br/> | |
− | + | See also https://docs.google.com/document/d/1iXMAyVMf42FTahExmGdYNGOBFyeA4e74sAO3pvr_RjA/edit | |
− | + | == DVR Backlog == | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | * [https://bugs.launchpad.net/neutron/+bugs?field.tag=l3-dvr-backlog Full DVR backlog] | |
+ | * [https://bugs.launchpad.net/neutron/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&assignee_option=any&field.assignee=&field.bug_reporter=&field.bug_commenter=&field.subscriber=&field.structural_subscriber=&field.tag=l3-dvr-backlog&field.tags_combinator=ANY&field.has_cve.used=&field.omit_dupes.used=&field.omit_dupes=on&field.affects_me.used=&field.has_patch.used=&field.has_branches.used=&field.has_branches=on&field.has_no_branches.used=&field.has_no_branches=on&field.has_blueprints.used=&field.has_blueprints=on&field.has_no_blueprints.used=&field.has_no_blueprints=on DVR backlog excluding fix committed] | ||
− | + | '''Fixes that are ready and need code reviews''' | |
+ | * https://review.openstack.org/#/c/105855 (implements migration of legacy router to distributed) | ||
+ | |||
+ | <br/> <br/> | ||
+ | |||
+ | == Infrastructure Changes == | ||
+ | |||
+ | There is an experimental job which runs tempest tests with DVR enabled by default. As a developer/committer you can use the experimental pipeline to trigger a single-host DVR-backed OpenStack deployment to run Tempest tests (by posting comment 'check experimental'). | ||
+ | |||
+ | We would like to convert this soon to non-voting. | ||
== Enabling Distributed Virtual Routing Functionality in OpenStack Neutron == | == Enabling Distributed Virtual Routing Functionality in OpenStack Neutron == | ||
Line 23: | Line 27: | ||
=== Configuration === | === Configuration === | ||
− | |||
− | |||
− | + | DevStack supports DVR (thanks to this review https://review.openstack.org/#/c/103180/). To kick the tires with DVR on a single node DevStack instance, just set Q_DVR_MODE to 'dvr_snat' and go get a coffee while stack.sh does its magic. If you want to tune things yourself, bear in mind the following: | |
+ | |||
+ | * Be sure that your database is at the correct version. There are a number of migration scripts that need to be run using the neutron-db-manage script. | ||
+ | * Be sure that your firewall or security groups allows UDP traffic over the vxlan port to pass between the hosts | ||
+ | |||
+ | * Q_PLUGIN=ml2 | ||
+ | * Q_ML2_TENANT_NETWORK_TYPE=vxlan | ||
+ | * Q_DVR_MODE=dvr_snat | ||
+ | |||
+ | The values for Q_DVR_MODE are disabled, dvr_snat (controller or single node), or dvr (compute node in multi-node). | ||
+ | |||
+ | <br/><br/> | ||
+ | |||
+ | For reference, here are the settings done... | ||
===== Dependencies ===== | ===== Dependencies ===== | ||
* In its initial form, DVR will depend on ml2/ovs and vxlan. | * In its initial form, DVR will depend on ml2/ovs and vxlan. | ||
− | * l2pop | + | ** Q_PLUGIN=ml2 |
+ | ** Q_ML2_TENANT_NETWORK_TYPE=vxlan | ||
+ | * l2pop (see below) | ||
===== Neutron.conf ===== | ===== Neutron.conf ===== | ||
− | * router_distributed | + | * router_distributed = True |
− | ** | + | ** This sets the default for new router creation to be DVR. |
− | ** The admin user can convert existing routers to distributed without setting this option. | + | ** The admin user can convert existing routers to distributed without setting this option to True. |
===== L3 Agent.ini ===== | ===== L3 Agent.ini ===== | ||
− | + | '''These options have changed in recent patch set versions''' | |
− | * Network host | + | * Network host (or single node deployment) |
− | ** | + | ** agent_mode = dvr_snat |
− | |||
− | |||
* Compute host | * Compute host | ||
− | ** | + | ** agent_mode = dvr |
− | |||
− | |||
===== L2 Agent.ini (ml2_conf.ini) ===== | ===== L2 Agent.ini (ml2_conf.ini) ===== | ||
+ | |||
+ | '''The following options must be configured on all nodes running neutron services.''' | ||
* ml2_conf.ini | * ml2_conf.ini | ||
** ml2 section | ** ml2 section | ||
*** append ",l2population" to mechanism_drivers | *** append ",l2population" to mechanism_drivers | ||
− | |||
** agent section | ** agent section | ||
*** l2_population = True | *** l2_population = True | ||
*** tunnel_types = vxlan | *** tunnel_types = vxlan | ||
− | * | + | *** enable_distributed_routing = True |
− | ** enable_distributed_routing = True | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | ==== | + | == Services' Integration == |
+ | [https://wiki.openstack.org/wiki/Neutron/FWaaS/FWaaS-DVR FWaaS and DVR] |
Latest revision as of 00:46, 1 June 2015
Full link: https://www.youtube.com/watch?v=p4BwAjLHd0M
See also https://docs.google.com/document/d/1iXMAyVMf42FTahExmGdYNGOBFyeA4e74sAO3pvr_RjA/edit
Contents
DVR Backlog
Fixes that are ready and need code reviews
- https://review.openstack.org/#/c/105855 (implements migration of legacy router to distributed)
Infrastructure Changes
There is an experimental job which runs tempest tests with DVR enabled by default. As a developer/committer you can use the experimental pipeline to trigger a single-host DVR-backed OpenStack deployment to run Tempest tests (by posting comment 'check experimental').
We would like to convert this soon to non-voting.
Enabling Distributed Virtual Routing Functionality in OpenStack Neutron
This wiki provides information on HowTo Configure and deploy the Distributed Virtual Router functionality in the current OpenStack Neutron implementations.
Configuration
DevStack supports DVR (thanks to this review https://review.openstack.org/#/c/103180/). To kick the tires with DVR on a single node DevStack instance, just set Q_DVR_MODE to 'dvr_snat' and go get a coffee while stack.sh does its magic. If you want to tune things yourself, bear in mind the following:
- Be sure that your database is at the correct version. There are a number of migration scripts that need to be run using the neutron-db-manage script.
- Be sure that your firewall or security groups allows UDP traffic over the vxlan port to pass between the hosts
- Q_PLUGIN=ml2
- Q_ML2_TENANT_NETWORK_TYPE=vxlan
- Q_DVR_MODE=dvr_snat
The values for Q_DVR_MODE are disabled, dvr_snat (controller or single node), or dvr (compute node in multi-node).
For reference, here are the settings done...
Dependencies
- In its initial form, DVR will depend on ml2/ovs and vxlan.
- Q_PLUGIN=ml2
- Q_ML2_TENANT_NETWORK_TYPE=vxlan
- l2pop (see below)
Neutron.conf
- router_distributed = True
- This sets the default for new router creation to be DVR.
- The admin user can convert existing routers to distributed without setting this option to True.
L3 Agent.ini
These options have changed in recent patch set versions
- Network host (or single node deployment)
- agent_mode = dvr_snat
- Compute host
- agent_mode = dvr
L2 Agent.ini (ml2_conf.ini)
The following options must be configured on all nodes running neutron services.
- ml2_conf.ini
- ml2 section
- append ",l2population" to mechanism_drivers
- agent section
- l2_population = True
- tunnel_types = vxlan
- enable_distributed_routing = True
- ml2 section