Jump to: navigation, search

Difference between revisions of "Neutron/DVR/HowTo"

< Neutron‎ | DVR
(DVR Backlog)
m
 
(6 intermediate revisions by 3 users not shown)
Line 4: Line 4:
  
 
<br/> <br/>
 
<br/> <br/>
 +
 +
See also https://docs.google.com/document/d/1iXMAyVMf42FTahExmGdYNGOBFyeA4e74sAO3pvr_RjA/edit
  
 
== DVR Backlog ==
 
== DVR Backlog ==
  
 
* [https://bugs.launchpad.net/neutron/+bugs?field.tag=l3-dvr-backlog Full DVR backlog]
 
* [https://bugs.launchpad.net/neutron/+bugs?field.tag=l3-dvr-backlog Full DVR backlog]
* [https://bugs.launchpad.net/neutron/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&assignee_option=any&field.assignee=&field.bug_reporter=&field.bug_commenter=&field.subscriber=&field.structural_subscriber=&field.tag=l3-dvr-backlog&field.tags_combinator=ANY&field.has_cve.used=&field.omit_dupes.used=&field.omit_dupes=on&field.affects_me.used=&field.has_patch.used=&field.has_branches.used=&field.has_branches=on&field.has_no_branches.used=&field.has_no_branches=on&field.has_blueprints.used=&field.has_blueprints=on&field.has_no_blueprints.used=&field.has_no_blueprints=on DVR backlog excluding fix committed]
+
* [https://bugs.launchpad.net/neutron/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&assignee_option=any&field.assignee=&field.bug_reporter=&field.bug_commenter=&field.subscriber=&field.structural_subscriber=&field.tag=l3-dvr-backlog&field.tags_combinator=ANY&field.has_cve.used=&field.omit_dupes.used=&field.omit_dupes=on&field.affects_me.used=&field.has_patch.used=&field.has_branches.used=&field.has_branches=on&field.has_no_branches.used=&field.has_no_branches=on&field.has_blueprints.used=&field.has_blueprints=on&field.has_no_blueprints.used=&field.has_no_blueprints=on DVR backlog excluding fix committed]
  
 
'''Fixes that are ready and need code reviews'''
 
'''Fixes that are ready and need code reviews'''
 
* https://review.openstack.org/#/c/112984 (fixes an l2pop regression)
 
* https://review.openstack.org/#/c/109486 (fixes an L3 agent restart issue)
 
 
* https://review.openstack.org/#/c/105855 (implements migration of legacy router to distributed)
 
* https://review.openstack.org/#/c/105855 (implements migration of legacy router to distributed)
  
Line 23: Line 22:
  
 
We would like to convert this soon to non-voting.
 
We would like to convert this soon to non-voting.
 
== Reviewing DVR Code ==
 
 
All (merged/open) of the DVR code can be found on the [https://review.openstack.org/#/q/topic:bp/neutron-ovs-dvr,n,z bp/neutron-ovs-dvr] gerrit topic. The bulk of the functionality is handled by these patches:
 
 
* [https://review.openstack.org/#/c/84223/ API Extension] (Merged)
 
** [https://review.openstack.org/#/c/102101/ DB Models] (Merged)
 
*** [https://review.openstack.org/#/c/102332/ RPC Interfaces] (Merged)
 
**** [https://review.openstack.org/#/c/87730/ L2 Agent] (Merged)
 
**** [https://review.openstack.org/#/c/102398/ ML2 Plugin] (Merged)
 
***** [https://review.openstack.org/#/c/89694/ L3 Scheduler] (Merged)
 
** [https://review.openstack.org/#/c/89413/ L3 Agent] (Merged)
 
 
(carl_baldwin)  I am maintaining a branch in github where I merge the latest version of all of the patches to openstack.  The result can be found on the master branch here:  [https://github.com/ecbaldwin/neutron-dvr.git].  I use a forced push (git push -f) to update this branch so you'll need to use fetch/reset instead of merge or pull to get updates.
 
  
 
== Enabling Distributed Virtual Routing Functionality in OpenStack Neutron ==
 
== Enabling Distributed Virtual Routing Functionality in OpenStack Neutron ==
Line 45: Line 30:
 
DevStack supports DVR (thanks to this review https://review.openstack.org/#/c/103180/). To kick the tires with DVR on a single node DevStack instance, just set Q_DVR_MODE to 'dvr_snat' and go get a coffee while stack.sh does its magic. If you want to tune things yourself, bear in mind the following:
 
DevStack supports DVR (thanks to this review https://review.openstack.org/#/c/103180/). To kick the tires with DVR on a single node DevStack instance, just set Q_DVR_MODE to 'dvr_snat' and go get a coffee while stack.sh does its magic. If you want to tune things yourself, bear in mind the following:
  
First, be sure that your database is at the correct version.  There are a number of migration scripts that need to be run using the neutron-db-manage script.
+
* Be sure that your database is at the correct version.  There are a number of migration scripts that need to be run using the neutron-db-manage script.
 
+
* Be sure that your firewall or security groups allows UDP traffic over the vxlan port to pass between the hosts
The configuration section will provide information on all the config parameters that need to be set before deploying the Distributed Virtual Router.
 
There are Global Configurations that need to be set and as well as the Agent specific configurations that need to be set.
 
 
 
Note:  Be sure that your firewall or security groups allows UDP traffic over the vxlan port to pass between the hosts
 
 
 
If you pull the devstack patch for review (https://review.openstack.org/#/c/107157/), the needed configuration for single node deployment will be set up. You only need to add these items to localrc:
 
  
 
* Q_PLUGIN=ml2
 
* Q_PLUGIN=ml2
Line 59: Line 38:
  
 
The values for Q_DVR_MODE are disabled, dvr_snat (controller or single node), or dvr (compute node in multi-node).
 
The values for Q_DVR_MODE are disabled, dvr_snat (controller or single node), or dvr (compute node in multi-node).
 +
 +
<br/><br/>
  
 
For reference, here are the settings done...
 
For reference, here are the settings done...
Line 68: Line 49:
 
** Q_ML2_TENANT_NETWORK_TYPE=vxlan
 
** Q_ML2_TENANT_NETWORK_TYPE=vxlan
 
* l2pop (see below)
 
* l2pop (see below)
* https://review.openstack.org/#/c/77578/ (ignore this for now)
 
  
 
===== Neutron.conf =====
 
===== Neutron.conf =====
Line 86: Line 66:
  
 
===== L2 Agent.ini (ml2_conf.ini) =====
 
===== L2 Agent.ini (ml2_conf.ini) =====
 +
 +
'''The following options must be configured on all nodes running neutron services.'''
  
 
* ml2_conf.ini
 
* ml2_conf.ini
Line 94: Line 76:
 
*** tunnel_types = vxlan
 
*** tunnel_types = vxlan
 
*** enable_distributed_routing = True
 
*** enable_distributed_routing = True
 +
 +
== Services' Integration ==
 +
[https://wiki.openstack.org/wiki/Neutron/FWaaS/FWaaS-DVR FWaaS and DVR]

Latest revision as of 00:46, 1 June 2015

Full link: https://www.youtube.com/watch?v=p4BwAjLHd0M



See also https://docs.google.com/document/d/1iXMAyVMf42FTahExmGdYNGOBFyeA4e74sAO3pvr_RjA/edit

DVR Backlog

Fixes that are ready and need code reviews



Infrastructure Changes

There is an experimental job which runs tempest tests with DVR enabled by default. As a developer/committer you can use the experimental pipeline to trigger a single-host DVR-backed OpenStack deployment to run Tempest tests (by posting comment 'check experimental').

We would like to convert this soon to non-voting.

Enabling Distributed Virtual Routing Functionality in OpenStack Neutron

This wiki provides information on HowTo Configure and deploy the Distributed Virtual Router functionality in the current OpenStack Neutron implementations.

Configuration

DevStack supports DVR (thanks to this review https://review.openstack.org/#/c/103180/). To kick the tires with DVR on a single node DevStack instance, just set Q_DVR_MODE to 'dvr_snat' and go get a coffee while stack.sh does its magic. If you want to tune things yourself, bear in mind the following:

  • Be sure that your database is at the correct version. There are a number of migration scripts that need to be run using the neutron-db-manage script.
  • Be sure that your firewall or security groups allows UDP traffic over the vxlan port to pass between the hosts
  • Q_PLUGIN=ml2
  • Q_ML2_TENANT_NETWORK_TYPE=vxlan
  • Q_DVR_MODE=dvr_snat

The values for Q_DVR_MODE are disabled, dvr_snat (controller or single node), or dvr (compute node in multi-node).



For reference, here are the settings done...

Dependencies
  • In its initial form, DVR will depend on ml2/ovs and vxlan.
    • Q_PLUGIN=ml2
    • Q_ML2_TENANT_NETWORK_TYPE=vxlan
  • l2pop (see below)
Neutron.conf
  • router_distributed = True
    • This sets the default for new router creation to be DVR.
    • The admin user can convert existing routers to distributed without setting this option to True.
L3 Agent.ini

These options have changed in recent patch set versions

  • Network host (or single node deployment)
    • agent_mode = dvr_snat
  • Compute host
    • agent_mode = dvr
L2 Agent.ini (ml2_conf.ini)

The following options must be configured on all nodes running neutron services.

  • ml2_conf.ini
    • ml2 section
      • append ",l2population" to mechanism_drivers
    • agent section
      • l2_population = True
      • tunnel_types = vxlan
      • enable_distributed_routing = True

Services' Integration

FWaaS and DVR