Jump to: navigation, search

Difference between revisions of "Neutron/TrunkPort"

(Overview)
(Overview)
Line 9: Line 9:
 
* since Newton: Linux Bridge [https://github.com/openstack/neutron/tree/9.1.1/neutron/services/trunk/drivers/linuxbridge (src)],
 
* since Newton: Linux Bridge [https://github.com/openstack/neutron/tree/9.1.1/neutron/services/trunk/drivers/linuxbridge (src)],
 
* since Newton: OVN [https://github.com/openstack/networking-ovn/blob/1.0.0/networking_ovn/ml2/trunk_driver.py (src)],
 
* since Newton: OVN [https://github.com/openstack/networking-ovn/blob/1.0.0/networking_ovn/ml2/trunk_driver.py (src)],
* since Ocata: OpenDaylight [https://review.openstack.org/421895 (src)], and
+
* since Ocata: OpenDaylight (neutron side is complete, odl side is work in progress) [https://review.openstack.org/421895 (src)], and
 
* since Ocata: VMWare NSX [https://github.com/openstack/vmware-nsx/tree/master/vmware_nsx/services/trunk (src)].
 
* since Ocata: VMWare NSX [https://github.com/openstack/vmware-nsx/tree/master/vmware_nsx/services/trunk (src)].
  

Revision as of 19:14, 21 February 2017

This page is about the implementation as it was released in newton, based on v4 of the trunk port spec.

Overview

Neutron extension to access lots of neutron networks over a single vNIC as tagged/encapsulated traffic.

Implementations exist for

  • since Newton: Open vSwitch (src),
  • since Newton: Linux Bridge (src),
  • since Newton: OVN (src),
  • since Ocata: OpenDaylight (neutron side is complete, odl side is work in progress) (src), and
  • since Ocata: VMWare NSX (src).

Work is ongoing for

Networking Guide

API

Reference

Network dump

Dump of the API:

API-CLI mapping

CLI verb (openstack client) HTTP method URL CLI verb (as in the spec, obsolete)
network trunk create POST /v2.0/trunks trunk-create
network trunk delete DELETE /v2.0/trunks/$trunk_id trunk-delete
network trunk list GET /v2.0/trunks trunk-list
network trunk show GET /v2.0/trunks/$trunk_id trunk-show
network trunk set PUT /v2.0/trunks/$trunk_id/add_subports trunk-subport-add
network trunk unset PUT /v2.0/trunks/$trunk_id/remove_subports trunk-subport-delete
network subport list GET /v2.0/trunks/$trunk_id/get_subports trunk-subport-list

CLI usage example

# Business as usual.
openstack network create net0
openstack network create net1
openstack network create net2
openstack subnet create --network net0 --subnet-range 10.0.4.0/24 subnet0
openstack subnet create --network net1 --subnet-range 10.0.5.0/24 subnet1
openstack subnet create --network net2 --subnet-range 10.0.6.0/24 subnet2

openstack port create --network net0 port0 # will become a parent port

# As of newton there's no automation to tell the guest OS the MAC addresses of child ports. So
#
#     # (a) either create child ports having the same MAC address as the parent port
#     # (remember, they are on different networks),
#     # NOTE This approach is affected by a bug of the openvswitch firewall driver:
#     # https://bugs.launchpad.net/neutron/+bug/1626010
#            openstack port create --network ... parent-port
#            parent_mac="$( openstack port show parent-port | awk '/ mac_address / { print $4 }' )"
#            openstack port create --mac-address "$parent_mac" --network ... child-port
#            openstack network trunk create --parent-port parent-port trunk0
#            openstack network trunk set --subport port=child-port,segmentation-type=vlan,segmentation-id=101 trunk0
#            openstack server-create --nic port-id=parent-port ... --wait vm0
#            ssh vm0 sudo ip link add link eth0 name eth0.101 type vlan id 101
#            # eth0 and eth0.101 have the same MAC address
#
#     # (b) or create the VLAN subinterfaces with MAC addresses as random-assigned by neutron.
#            openstack port create --network ... parent-port
#            openstack port create --network ... child-port
#            child_mac="$( openstack port show child-port | awk '/ mac_address / { print $4 }' )"
#            openstack network trunk create --parent-port parent-port trunk0
#            openstack network trunk set --subport port=child-port,segmentation-type=vlan,segmentation-id=101 trunk0
#            openstack server-create --nic port-id=parent-port ... --wait vm0
#            ssh vm0 sudo ip link add link eth0 name eth0.101 address "$child_mac" type vlan id 101
#            # eth0 and eth0.101 have different MAC addresses
#
# We follow option (a) here:
parent_mac="$( openstack port show port0 | awk '/ mac_address / { print $4 }' )"

openstack port create --network net1 --mac-address "$parent_mac" port1 # will become a child port: at trunk create time
openstack port create --network net2 --mac-address "$parent_mac" port2 # will become a child port: later

# Create a trunk using port0 as parent port (ie. turn port0 into a trunk port).
openstack network trunk create --parent-port port0 trunk0
# A port can be part of one trunk only.
# Error expected: Port UUID is currently in use and is not eligible for use as a parent port.
openstack network trunk create --parent-port port0 trunk1

openstack network trunk list
openstack network trunk show trunk0

openstack network trunk delete trunk0

# A trunk can be created with subports too.
openstack network trunk create --parent-port port0 --subport port=port1,segmentation-type=vlan,segmentation-id=101 trunk0
openstack network trunk list
openstack network trunk show trunk0
openstack network subport list --trunk trunk0

# Use an image with support for vlan interfaces. CirrOS will not cut it.
# But see also: https://etherpad.openstack.org/p/cirros-respin
# eg: sudo ip link add ... type vlan ...
wget --timestamping --tries=1 https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img
openstack image create --disk-format qcow2 --public --file trusty-server-cloudimg-amd64-disk1.img vlan-capable-image

# The only vNIC in your instance corresponds to the parent port, so boot your instance with the parent port given.
# Do not add child ports as NICs to 'nova boot / openstack server create'.
openstack server create --flavor ds512M --image vlan-capable-image --nic port-id=port0 --wait vm0

# The typical cloud image will auto-configure the first NIC (eg. eth0) only and not the vlan interfaces (eg. eth0.VLAN-ID).
ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.101 type vlan id 101

# Error expected: Failed to add subports to trunk 'trunk0': Port UUID is in use by another trunk.
openstack network trunk set --subport port=port1,segmentation-type=vlan,segmentation-id=999 trunk0
# Error expected: Failed to add subports to trunk 'trunk0': segmentation_type vlan and segmentation_id 101 already in use on trunk UUID.
openstack network trunk set --subport port=port2,segmentation-type=vlan,segmentation-id=101 trunk0
# Add subports to a running instance.
openstack network trunk set --subport port=port2,segmentation-type=vlan,segmentation-id=102 trunk0
openstack network trunk show trunk0

# Again you need to bring your subport vlan interfaces up.
ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.102 type vlan id 102

# Delete subports from a running instance.
ssh VM0-ADDRESS sudo ip link delete dev eth0.102
openstack network trunk unset --subport port2 trunk0

# Cannot delete ports used as parent or subports. Delete the trunk first.
# Error expected: FIXME HttpException: Conflict
openstack port delete port0
# Error expected: FIXME HttpException: Conflict
openstack port delete port1

# Clean up.
openstack server delete vm0
openstack network trunk delete trunk0
openstack port delete port2 port1 port0
openstack network delete net2 net1 net0

Drawings

Performance / Scaling

Links

  • tests (all in repo openstack/neutron)
    • neutron/tests/unit/services/trunk/
    • neutron/tests/functional/services/trunk/
    • neutron/tests/fullstack/test_trunk.py
    • neutron/tests/tempest/scenario/test_trunk.py
    • neutron/tests/tempest/api/test_trunk.py
    • neutron/tests/tempest/api/test_trunk_negative.py
    • neutron/tests/tempest/api/test_trunk_details.py
    • rally-jobs/plugins/trunk_scenario.py