Difference between revisions of "Neutron/TrunkPort"

Revision as of 08:38, 20 July 2016

This page mostly describes v4 of the trunk port spec, however it is slightly out-of-date.

Overview

Neutron extension to access lots of neutron networks over a single vNIC as tagged/encapsulated traffic.

API

read-write: http://git.openstack.org/cgit/openstack/neutron/tree/neutron/extensions/trunk.py
read-only convenience: http://git.openstack.org/cgit/openstack/neutron/tree/neutron/extensions/trunk_details.py

API-CLI mapping

CLI verb	HTTP method	URL
trunk-create	POST	/v2.0/trunks
trunk-delete	DELETE	/v2.0/trunks/$trunk_id
trunk-list	GET	/v2.0/trunks
trunk-show	GET	/v2.0/trunks/$trunk_id
trunk-subport-add	PUT	/v2.0/trunks/$trunk_id/add_subports
trunk-subport-delete	PUT	/v2.0/trunks/$trunk_id/remove_subports
trunk-subport-list	GET	/v2.0/trunks/$trunk_id/get_subports

other

FIXME Special values to legacy port attributes, eg: device_owner, device_id

FIXME Ignored and/or problematic neutron port attributes for subports:

attribute name	reason
mac_address	no mechanism to tell the guest os/app what mac to use
binding:*	FIXME

CLI usage example

# Legacy ports.
neutron port-create net0 --name port0
neutron port-create net1 --name port1

# Turn port0 into a trunk port, add port1 as a subport to it.
neutron trunk-create --port-id PORT0-UUID --subport PORT1-UUID,vlan,101 --name trunk0

# The only vNIC in your instance corresponds to the legacy port (turned into a trunk),
# so boot your instance with the trunk port given. Do not add subports as NICs to 'nova boot'.
# Use an image with support for vlan interfaces. CirrOS will not cut it.
# eg: sudo ip link add ... type vlan ...
nova boot ... --image VLAN-CAPABLE-IMAGE --nic port-id=PORT0-UUID --poll vm0

# The typical cloud image will auto-configure eth0 only and not the vlan interfaces (eth0.VLAN-ID).
ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.101 type vlan id 101

# Further subports can be created at any time, including after boot.
neutron port-create net2 --name port2
neutron trunk-subport-add TRUNK0-UUID PORT2-UUID,vlan,102

# Again you need to bring your subport vlan interfaces up.
ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.102 type vlan id 102

# Subports can be deleted at runtime too.
ssh VM0-ADDRESS sudo ip link delete dev eth0.102
neutron trunk-subport-delete PORT2-UUID
neutron port-delete port2

# Delete stuff when you're all done.
neutron trunk-delete TRUNK0-UUID
nova delete vm0
neutron port-delete port1
neutron port-delete port0

openvswitch vlan model

FIXME draw picture of wiring of tap interfaces, trunk and integration bridges

# create trunk bridge
ovs-vsctl --may-exist add-br TRUNK-BRIDGE
ovs-ofctl del-flows TRUNK-BRIDGE

# patch trunk bridge to integration bridge
ovs-vsctl add-port TRUNK-BRIDGE PATCH-TRUNK-END-PORT -- set Interface PATCH-TRUNK-END-PORT type=patch options:peer=PATCH-INT-END-PORT
ovs-vsctl add-port br-int PATCH-INT-END-PORT -- set Interface PATCH-INT-END-PORT type=patch options:peer=PATCH-TRUNK-END-PORT

# install default drop flows on patch ports
ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-TRUNK-END-OFPORT,actions=drop
ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-INT-END-OFPORT,actions=drop

# make the tap port pass all tags
ovs-vsctl set Port TAP-PORT vlan_mode=trunk

##

# install remap flows for untagged traffic (default subport)
ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=strip_vlan,normal
ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=0xffff,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal

# install remap flows for tagged traffic (other subports)
ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=mod_vlan_vid:INNER-VLAN-ID,normal
ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=INNER-VLAN-ID,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal

Drawings

legacy model of attaching many networks
trunk port model of attaching many networks

legacy API
trunk port API

Links

blueprints.launchpad.net
- neutron: bp/vlan-aware-vms
- nova: bp/neutron-ovs-bridge-name
specs.openstack.org
- neutron: neutron-specs/mitaka/vlan-aware-vms
review.openstack.org
- neutron-spec
  - v3, v4: neutron-specs/vlan-aware-vms
  - v1, v2: neutron-specs/vlan-aware-vms
- neutron: project:openstack/neutron topic:bp/vlan-aware-vms
- nova: topic:bp/neutron-ovs-bridge-name
- python-neutronclient: project:openstack/python-neutronclient topic:bp/vlan-aware-vms
- tempest: project:openstack/tempest topic:bp/vlan-aware-vms

obsolete blueprints/specs/code/etc.

Mitaka Summit, Tokyo, 2015-10
- etherpad of the trunk port contributors' meetup
- vBrownBag session
  - slides (slideshare.net)
  - video (youtube.com)

meeting etherpads
- irc meet @ 2015-11-18 00:00 (utc)
  - agenda
  - meeting log
- etherpad of the trunk port contributors' meetup

unsorted etherpads

@@ Line 7: / Line 7: @@
 === API ===
-==== neutron trunk ====
+* read-write: http://git.openstack.org/cgit/openstack/neutron/tree/neutron/extensions/trunk.py
+* read-only convenience: http://git.openstack.org/cgit/openstack/neutron/tree/neutron/extensions/trunk_details.py
+==== API-CLI mapping ====
 {| class="wikitable sortable"
-! attribute name
+! CLI verb
-! attribute type
+! HTTP method
-! default
+! URL
-! updatable
-! meaning
 |-
-| uuid
+| trunk-create
-| str, uuid
+| POST
-| auto-generated
+| /v2.0/trunks
-| no
-| unique identifier
 |-
-| name
+| trunk-delete
-| str
+| DELETE
-| empty string
+| /v2.0/trunks/$trunk_id
-| yes
-|
 |-
-| tenant_id
+| trunk-list
-| str, uuid
+| GET
-| id of creator tenant
+| /v2.0/trunks
-| no
-| owner
 |-
-| port_id
+| trunk-show
-| str, uuid
+| GET
-| n/a
+| /v2.0/trunks/$trunk_id
-| no
-| id of an existing legacy neutron port to be turned into a trunk port
-|}
-wishlist attributes:
-* subport_count
-==== neutron subport ====
-subport is not a full resource, but a member of the trunk resource. As in using HTTP requests like:
- PUT /v2.0/trunks/TRUNK-ID/add_subports
- PUT /v2.0/trunks/TRUNK-ID/delete_subports
- GET /v2.0/trunks/TRUNK-ID/subports
-A subport is always a 3-tuple of (port_id, segmentation_type, segmentation_id) where:
-{| class="wikitable sortable"
-! tuple member name
-! tuple member type
-! can be NULL
-! meaning
 |-
-| port_id
+| trunk-subport-add
-| str, uuid
+| PUT
-| no
+| /v2.0/trunks/$trunk_id/add_subports
-| id of a legacy neutron port to be turned into a subport
 |-
-| segmentation_type
+| trunk-subport-delete
-| enum(str)
+| PUT
-| yes
+| /v2.0/trunks/$trunk_id/remove_subports
-| segmentation/encapsulation to be used inside the instance
 |-
-| segmentation_id
+| trunk-subport-list
-| unsigned int (for type=vlan the valid vlan id range)
+| GET
-| yes
+| /v2.0/trunks/$trunk_id/get_subports
-| segmentation/encapsulation id to differentiate the nets inside the instance
 |}