Neutron/ML2/ALE-Omniswitch
Contents
- 1 OmniSwitch Plug-in for OpenStack Liberty Installation
- 1.1 OmniSwitch OpenStack Networking Plug-in Architecture
- 1.2 VLAN Based Tenant Networks
- 1.3 Additional Supported Features
- 1.4 OmniSwitch OpenStack Networking Plug-in (OONP) Installation Overview
- 1.5 OmniSwitch OpenStack Networking Plug-in Installation
- 1.6 OmniSwitch OpenStack Networking Plug-in Configuration
- 1.7 OpenStack Networking (Neutron) Configuration
OmniSwitch Plug-in for OpenStack Liberty Installation
The OmniSwitch OpenStack Networking Plug-in (OONP) for OpenStack Liberty offers infrastructure services for OpenStack logical networks by coordinating the orchestration of Alcatel-Lucent OmniSwitches as the underlying physical network. When used in conjunction with the OpenVSwitch plug-in, end-to-end multi-tenant network provisioning through OpenStack Networking (Quantum/ Neutron) is achieved.
The plug-in is intended to be installed in existing OpenStack Liberty environments to configure the underly- ing physical network for its cloud networking operations.
- Note. This OONP release for Liberty supports only the base plug-in features such as link aggregation, Virtual Chassis, VPA-based networking, and driver support for Telnet and REST. Advanced features such as UNP, MVRP, SPB, and QoS are not currently supported.
OmniSwitch OpenStack Networking Plug-in Architecture
The OpenStack Networking ML2 plug-in provides an extensible architecture that supports a variety of mechanism drivers for configuring physical networks. The architecture provides an environment where multiple independent drivers can be used to configure different network devices from different vendors. Each driver uses its own internal mechanism to communicate with their respective network elements. From the OpenStack Neutron-server perspective a single interface is provided through which the required networking services are provided to the OpenStack cloud applications. This allows OpenStack Network- ing to configure the physical network as well as the virtual switch instances running on the hypervisors. In addition, the OpenStack Networking L3-agent and DHCP-agent are fully supported.
The OmniSwitch Openstack Networking Plug-in work with the OVS ML2 driver
The OmniSwitch ML2 Mechanism Driver supports the following hardware platforms with its respective AOS software releases.
- OS6900 and OS10K with AOS 732-R01 SW release and above
- OS685X and OS9000 with AOS 645-R02 SW release and above
- OS6250 and OS6450 with AOS 664-R01 and above, limited to the features supported on this platform
- OS6860 and OS6860E with AOS 811-R01.
In this deployment scenario, the OmniSwitch ML2 Mechanism Driver uses configuration elements from the OpenVSwitch database to ensure configuration consistency and consistent VLAN ID assignment between it and the OVSNeutronPluginV2 plug-in.
VLAN Based Tenant Networks
The plug-in supports the VLAN network type. This means that logical networks (also referred to as “tenant networks”) are realized using VLANs in the OmniSwitch; thus, any operation related to tenant networks performed in OpenStack Networking is translated and configured in the OmniSwitch using VLANs. The VLAN id is obtained from the reserved VLAN range defined in the plug-in configuration file.
VLAN ID assignment is efficiently and intelligently used on switch ports by provisioning and de-provisioning VLANs across switches as virtual machines connected to tenant networks are created and destroyed.
Moreover, connectivity from the compute hosts to the physical network is trunked to allow traffic only from the VLANs configured on the host by the virtual switch.
The compute host VLAN trunk configuration on the OmniSwitch is automated through the use of the Alcatel-Lucent VNP mechanism. VNP classification is performed on the basis of either: the MAC address of the virtual machine; or the VLAN tag. While both methods are supported, only one can be used within an OpenStack installation instance. Network node connectivity (DHCP and L3 services) are automatically managed using VLAN-Port-Assignment.
Additional Supported Features
The following additional features are also supported in this release.
Device specific switch_access_method
The feature allows a different access method to be used per individual device in the topology (TELNET or REST) . If an AOS 6.X device is mistakenly configured to use REST interface, an ALERT message will be logged and TELNET will be used automatically on those devices.
OmniSwitch Plug-in for OpenStack Liberty Installation OmniSwitch OpenStack Networking Plug-in (OONP) Installation Overview
- Note. This parameter is added as an additional entry in the existing device configuration. Please refer to the .ini file for the proper format.
VPA based host classification method
In addition to supporting UNP profiles on the edge switches for the interfaces connected to the Compute nodes, static 802.1q tagged plain Vlan-Port-Association (VPA) method is also supported. This is useful mainly for supporting an OS6450 as an edge switch.
Switch save config interval
The range of time interval to save the switch configuration periodically is defined to be 600 - 1800 seconds. If any value is configured out of this range, an ALERT message is logged and the minimum value (600 seconds) is used automatically.
OmniSwitch OpenStack Networking Plug-in (OONP) Installation Overview
OmniSwitch OpenStack Networking Plug-in (OONP) provides OpenStack Networking (Neutron) with the ability to manage the Layer-2 configuration of OmniSwitch devices. The OONP plug-in supports the following features:
- 802.1q VLAN based tenant networks.
- Multiple physical topologies - ranging from a single switch to multi-switch based core-edge and spine- leaf topologies.
- Edge port (Host VM connections) automatic configuration based on VLAN Port Assignment (VPA). The following product matrix shows which features are supported/used for physical OmniSwitch configuration:
| Feature Mode/Product | OS10K/OS6900 | OS6860/6860E | OS6850E/OS6850 | OS6450 |
| Switch Access Method | ReST/Telnet | ReST/Telnet | Telnet | Telnet |
| Edge Port Configuration | VPA | VPA | VPA | VPA |
| Uplink Port Configuration | VPA | VPA | VPA | VPA |
While a mix of switch features is supported by the plug-in, only one Port Configuration method can be used in the OpenStack configuration. For example if you choose to use MVRP to configure Uplink Ports, all switches MUST support the MVRP feature. This is the case for BOTH the Edge Port Configuration and Uplink Port Configuration parameters.
OmniSwitch OpenStack Networking Plug-in Installation
TBD: Add the guideline to get and install OONP package
Neutron must be configured to use the OONP at this point. The typical installation will use a combination of the OONP along with the OVS plug-in. The plug-in configuration is defined in two (2) files in the Ubuntu environment on the controller node:
1. /etc/default/neutron-server - the configuration files are specified using the following entries:
# defaults for neutron-server
# path to config file corresponding to the core_plugin specified in neutron.conf
NEUTRON_PLUGIN_CONFIG=/etc/neutron/plugins/ml2/ml2_conf.ini
# Edits for OONP plugin conf file inclusion
OONP_CONFIG="--config_file /etc/neutron/plugins/ml2/omniswitch_network_plugin.ini"
NEUTRON_PLUGIN_CONFIG="${NEUTRON_PLUGIN_CONFIG} ${OONP_CONFIG}"
2. /etc/neutron/neutron.conf - the plug-in configuration is specified using the following entries:
core_plugin = ml2
Manual Changes Required for Neutron Configuration
After the successful installation of OONP plug-in, manual changes are required for the Neutron’s configu- ration. The required manual changes are marked in red below:
1. In ‘/etc/neutron/plugins/ml2/ml2_conf.ini’, update the following line to include omniswitch as below.
mechanism_drivers = openvswitch,ale_omniswitch
2. Update the OONP’s configuration file with the topology details and configuration options that you want to use.
/etc/neutron/plugins/ml2/omniswitch_network_plugin.ini
3. Restart the neutron-server.
> service neutron-server restart
After running the above steps, you are now ready to use Openstack Neutron APIs and/or Horizon web UI or CLI to manage the cloud network.
OONP Installation Notes
1. The omniswitch_topology_utils has additional options that can be used with the OmniSwitch in addition to the Neutron APIs, CLIs or Horizon UI.
To remove the dynamic tenant configurations created by the Openstack plug-in on the OmniSwitch, use the following option (useful in a test environment):
> python omniswitch_topology_utils.py clear_tenant
To save the modifications made on the OmniSwitch, use the following option:
> python omniswitch_topology_utils.py save
2. The logs of the OONP (plug-in and driver operations) can be viewed at:/var/log/neutron/server.log.
OmniSwitch OpenStack Networking Plug-in Configuration
The plug-in requires configuration data about the plug-in operational details, details of the devices, the physical network topology, and the mechanisms to be used to provide the end-to-end connectivity across core and edge network switches.
When the plug-in is installed, the configuration file will have “default” values in it. These values must modified by the user before using the plug-in.
Any changes made in the configuration file during run-time require the Neutron-server to be restarted for the changes to take effect.
Below is an example omniswitch_network_plugin.ini file. Additionally refer to the “OmniSwitch OONP Installation and Multi-Switch Edge-Core Topology Example” chapter for example topologies and their associated configuration parameters.
[DEVICE] # This is used to define the edge switches and which ports the compute/network # nodes are attached to. The entry may contain 1 or more device definitions. # The definition is: # <switch-ip>:<switch-type>:<user-name>:<password>:<command-prompt>:<access_method> # <node-interaces>:<core-interfaces>, with blank entries for user-name, password, # or command-prompt specifying default values. A blank value for access_method will # result in using the global switch_access_method omni_edge_devices = 192.168.222.33:OS6900: : : : :1/19, 192.168.222.35:OS6900: : : : :1/16:1/20 # Used to define 0, or more, core switch configurations; the entry follows the same # format as that of the omni_edge_device. omni_core_devices = 192.168.222.34:OS6900: : : : :1/19 1/20 # This is used to specify which switch and port the DHCP server (network node) is # connected. dhcp_server_interface = 192.168.222.33: : : : :1/18 # The default global method to access devices if not overridden by the # switch_access_method # parameter of the omni_edge_devices, omni_core_devices, and/or # dhcp_server_interface. # <TELNET|REST> switch_access_method = TELNET # SWITCH_SAVE_CONFIG_INTERVAL: # This is used to specify how often (in seconds) the config changes in the switches # are to be saved. # The valid range is 600 - 1800 seconds. If value is out of range, it will default # to 600 seconds. switch_save_config_interval = 600
OpenStack Networking (Neutron) Configuration
Please refer to the ML2 plug-in documentation for more details and other parameters that may be used by the ML2 plug-in and OVS agent.
[OVS] bridge_mappings = physnet1:br-eth1 network_vlan_ranges = physnet1:3001:3010 integration_bridge = br-int tenant_network_type = vlan #tenant_network_type = gre #tunnel_id_ranges = 100:110 #enable_tunneling = True #tunnel_bridge = br-tun [SECURITYGROUP] firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewall-Driver root_helper = sudo /usr/bin/quantum-rootwrap /etc/quantum/rootwrap.conf
