Neutron/APIForServiceChaining
Contents
Neutron API for Service Chaining
Blueprint
Introduction
Currently Neutron does not support service chaining. To support service chaining, Service VMs must be attached at points in the network and then traffic must be steered between these attachment points. Please also refer to the Neutron Service Chain BP associated with this specification and the Service Chain Bug.
Overview
All Neutron network services and VMs are connected to a Neutron network via Neutron ports. This makes it possible to create a traffic steering model for service chaining that uses only Neutron ports. This traffic steering model has no notion of the actual services attached to these Neutron ports.
The service VM hosting the service functions is instantiated and configured, then VNICs are added to the VM and then these VNICs are attached to the network by Neutron ports. Once the service function is attached to Neutron ports, the ports may be included in a "port chain" to allow the service function to provide treatment to the user's traffic.
A Port Chain (Service Function Path) consists of:
- a set of Neutron ports, to define the sequence of service functions
- a set of flow classifiers, to specify the classified traffic flow to enter the chain
Model
+-------+ +--------+
| Port |--------| Neutron|
| Chain |* *| Ports |
+-------+ +--------+
|1 |1
| --------------
|* |1
+--------------+ +----------+
| Flow | | Chain |
| Classifiers | |Parameters|
+--------------+ +----------+
The model includes the following objects.
Port Chain
* id - Port chain id. * tenant_id - Tenant id. * name - Readable name. * description - Description. * ports - List of lists of service function (Neutron) port pairs. * classifier - List of flow-classifiers. * parameters - Id of optional Chain parameters.
Flow Classifier
* id - Flow classifier id. * tenant_id - Tenant id. * name - Readable name. * description - Description. * protocol - IP protocol. * src_port_range_min - Minimum source protocol port. * src_port_range_max - Maximum source protocol port. * dst_port_range_min - Minimum destination protocol port. * dst_port_range_max - Maximum destination protocol port. * src_ip_prefix - Source IP address or prefix. * dst_ip_prefix - Destination IP address or prefix. * src_port_id - Source Neutron port Id. * dst_port_id - Destination Neutron port Id. * l7_parameter - Dict. of L7 parameters.
Chain Parameters
* id - Chain parameters id. * tenant_id - Tenant id. * name - Readable name. * description - Description. * parameters - Dict of optional Chain parameters.
API
Port Chain
Operations
| Operation | URI | Description |
| POST | /v2.0/port_chains | Create a Port-chain |
| PUT | /v2.0/port_chains/{chain_id} | Update a specific Port-chain |
| DEL | /v2.0/port_chains/{chain_id} | Delete a specific Port-chain |
| GET | /v2.0/port_chains | List all Port-chains for specified tenant. |
| GET | /v2.0/port_chains/{chain_id} | Show information for a specified Port-chain |
Flow Classifier
Operations
| Operation | URI | Description |
| POST | /v2.0/flow_classifiers | Create a Flow-classifier |
| PUT | /v2.0/flow_classifiers/{flow_id} | Update a specific Flow-classifier |
| DEL | /v2.0/flow_classifiers/{flow_id} | Delete a specific Flow-classifier |
| GET | /v2.0/flow_classifiers | List all Flow-classifiers for specified tenant. |
| GET | /v2.0/flow_classifiers/{flow_id} | Show information for a specified Flow-classifier |
CLI Commands
port-chain-create
Create a Port Chain.
neutron port-chain-create [-h]
[-–description <description>]
--port-group [--ingress <port-id>] [--egress <port-id>] ] ]
[--flows [--filter <flow-id>]] PORTCHAIN-NAME
port-chain-delete
Delete a port Chain.
neutron port-chain-delete [-h] PORTCHAIN_NAME
port-chain-list
List all Port Chains.
neutron port-chain-list [-h]
port-chain-show
Show a Port Chain.
neutron port-chain-show PORTCHAIN-NAME
port-chain-update
Update a Port Chain.
neutron port-chain-update [-h]
[-–description <description>]
[-–ports [--ingress <port-id>] [--egress <port-id>]]
[--flows [--filter <flow-id>]] PORTCHAIN-NAME
