Difference between revisions of "Neutron/TrunkPort"
< Neutron
(→Links) |
|||
Line 7: | Line 7: | ||
* [https://etherpad.openstack.org/p/trunkport-design open design questions (etherpad.openstack.org)] | * [https://etherpad.openstack.org/p/trunkport-design open design questions (etherpad.openstack.org)] | ||
* [https://etherpad.openstack.org/p/trunk-port-design-log log of design decisions (etherpad.openstack.org)] | * [https://etherpad.openstack.org/p/trunk-port-design-log log of design decisions (etherpad.openstack.org)] | ||
+ | |||
+ | === CLI usage example === | ||
+ | |||
+ | <pre> | ||
+ | # Trunk ports are created independently of networks. | ||
+ | neutron trunk-port-create --name trunk-port0 | ||
+ | |||
+ | # Networks for later subports. | ||
+ | neutron net-create net0 | ||
+ | neutron net-create net1 | ||
+ | |||
+ | # Optional subnets. | ||
+ | neutron subnet-create net0 10.0.0.0/24 | ||
+ | neutron subnet-create net1 10.0.1.0/24 | ||
+ | |||
+ | # Ports having --device-owner 'network:trunk-port' are subports of the trunk port given by uuid. | ||
+ | # The subport without --trunk-port:* options is the default subport. | ||
+ | # The default subport's traffic will be seen as untagged inside the instance. | ||
+ | # You likely want network connectivity during boot, so you should create at least the default subport before booting. | ||
+ | neutron port-create net0 --name port0 --device-owner network:trunk-port --device-id TRUNK-PORT0-UUID | ||
+ | |||
+ | # Other subports can be created at any time, including before boot. | ||
+ | # The traffic of further subports has to be differentiated inside the instance by encapsulation, so you need to provide a segmentation type and id. | ||
+ | neutron port-create net1 --name port1 --device-owner network:trunk-port --device-id TRUNK-PORT0-UUID --trunk-port:segmentation-type vlan --trunk-port:segmentation-id 101 | ||
+ | |||
+ | # The only vNIC in your instance corresponds to the trunk port, so boot your instance with the trunk port given. Do not add subports as NICs to 'nova boot'. | ||
+ | # Use an image with support for vlan interfaces. CirrOS will not cut it. eg: sudo ip link add ... type vlan ... | ||
+ | nova boot ... --image VLAN-CAPABLE-IMAGE --nic trunk-port-id=TRUNK-PORT0-UUID --poll vm0 | ||
+ | |||
+ | # The typical cloud image will auto-configure eth0 only and not the vlan interfaces (eth0.VLAN-ID). | ||
+ | ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.101 type vlan id 101 | ||
+ | |||
+ | # Other subports can be created at any time, including after boot. | ||
+ | neutron net-create net2 | ||
+ | neutron subnet-create net2 10.0.2.0/24 | ||
+ | neutron port-create net2 --name port2 --device-owner network:trunk-port --device-id TRUNK-PORT0-UUID --trunk-port:segmentation-type vlan --trunk-port:segmentation-id 102 | ||
+ | |||
+ | # Again you need to bring your subport vlan interfaces up. | ||
+ | ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.102 type vlan id 102 | ||
+ | |||
+ | # Subports can be deleted at runtime too. | ||
+ | ssh VM0-ADDRESS sudo ip link delete dev eth0.102 | ||
+ | neutron port-delete port1 | ||
+ | |||
+ | # When you're all done, deleting the trunk port deletes all the subports too. | ||
+ | nova delete vm0 | ||
+ | neutron trunk-port-delete trunk-port0 | ||
+ | neutron net-delete net2 | ||
+ | neutron net-delete net1 | ||
+ | neutron net-delete net0 | ||
+ | </pre> | ||
=== openvswitch vlan model === | === openvswitch vlan model === |
Revision as of 02:51, 29 October 2015
Overview
Neutron extension to access lots of neutron networks over a single vNIC as encapsulated traffic.
Design
CLI usage example
# Trunk ports are created independently of networks. neutron trunk-port-create --name trunk-port0 # Networks for later subports. neutron net-create net0 neutron net-create net1 # Optional subnets. neutron subnet-create net0 10.0.0.0/24 neutron subnet-create net1 10.0.1.0/24 # Ports having --device-owner 'network:trunk-port' are subports of the trunk port given by uuid. # The subport without --trunk-port:* options is the default subport. # The default subport's traffic will be seen as untagged inside the instance. # You likely want network connectivity during boot, so you should create at least the default subport before booting. neutron port-create net0 --name port0 --device-owner network:trunk-port --device-id TRUNK-PORT0-UUID # Other subports can be created at any time, including before boot. # The traffic of further subports has to be differentiated inside the instance by encapsulation, so you need to provide a segmentation type and id. neutron port-create net1 --name port1 --device-owner network:trunk-port --device-id TRUNK-PORT0-UUID --trunk-port:segmentation-type vlan --trunk-port:segmentation-id 101 # The only vNIC in your instance corresponds to the trunk port, so boot your instance with the trunk port given. Do not add subports as NICs to 'nova boot'. # Use an image with support for vlan interfaces. CirrOS will not cut it. eg: sudo ip link add ... type vlan ... nova boot ... --image VLAN-CAPABLE-IMAGE --nic trunk-port-id=TRUNK-PORT0-UUID --poll vm0 # The typical cloud image will auto-configure eth0 only and not the vlan interfaces (eth0.VLAN-ID). ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.101 type vlan id 101 # Other subports can be created at any time, including after boot. neutron net-create net2 neutron subnet-create net2 10.0.2.0/24 neutron port-create net2 --name port2 --device-owner network:trunk-port --device-id TRUNK-PORT0-UUID --trunk-port:segmentation-type vlan --trunk-port:segmentation-id 102 # Again you need to bring your subport vlan interfaces up. ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.102 type vlan id 102 # Subports can be deleted at runtime too. ssh VM0-ADDRESS sudo ip link delete dev eth0.102 neutron port-delete port1 # When you're all done, deleting the trunk port deletes all the subports too. nova delete vm0 neutron trunk-port-delete trunk-port0 neutron net-delete net2 neutron net-delete net1 neutron net-delete net0
openvswitch vlan model
# create trunk bridge ovs-vsctl --may-exist add-br TRUNK-BRIDGE ovs-ofctl del-flows TRUNK-BRIDGE # patch trunk bridge to integration bridge ovs-vsctl add-port TRUNK-BRIDGE PATCH-TRUNK-END-PORT -- set Interface PATCH-TRUNK-END-PORT type=patch options:peer=PATCH-INT-END-PORT ovs-vsctl add-port br-int PATCH-INT-END-PORT -- set Interface PATCH-INT-END-PORT type=patch options:peer=PATCH-TRUNK-END-PORT # install default drop flows on patch ports ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-TRUNK-END-OFPORT,actions=drop ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-INT-END-OFPORT,actions=drop # install remap flows for untagged traffic (default subport) ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=strip_vlan,normal ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=0xffff,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal # install remap flows for tagged traffic (other subports) ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=mod_vlan_vid:INNER-VLAN-ID,normal ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=INNER-VLAN-ID,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal # make the tap port pass all tags ovs-vsctl set Port TAP-PORT vlan_mode=trunk
Work Items
Links
- vBrownBag session at Tokyo Summit
- blueprints.launchpad.net
- neutron: bp/vlan-aware-vms
- nova: bp/trunk-port
- specs.openstack.org
- neutron: neutron-specs/liberty/vlan-aware-vms
-
nova: nova-specs/mitaka/trunk-port
- review.openstack.org
- neutron-spec: neutron-specs/vlan-aware-vms
- nova-spec: nova-specs/trunk-port
- neutron: project:openstack/neutron topic:bp/vlan-aware-vms
-
nova: project:openstack/nova topic:bp/trunk-port - python-neutronclient: project:openstack/python-neutronclient topic:bp/vlan-aware-vms
-
python-novaclient: project:openstack/python-novaclient topic:bp/trunk-port - tempest: project:openstack/tempest topic:bp/vlan-aware-vms