Neutron/TrunkPort
< Neutron
This page is currently outdated. It still describes v2 of the spec proposal. It should be updated to v4.
Contents
Overview
Neutron extension to access lots of neutron networks over a single vNIC as tagged/encapsulated traffic.
API
neutron trunk
| attribute name | attribute type | default | updatable | meaning |
|---|---|---|---|---|
| uuid | str, uuid | auto-generated | no | unique identifier |
| name | str | empty string | yes | |
| tenant_id | str, uuid | id of creator tenant | no | owner |
| port_id | str, uuid | n/a | no | id of an existing legacy neutron port to be turned into a trunk port |
wishlist attributes:
- subport_count
neutron subport
subport is not a full resource, but a member of the trunk resource. As in using HTTP requests like:
PUT /v2.0/trunks/TRUNK-ID/add_subports PUT /v2.0/trunks/TRUNK-ID/delete_subports GET /v2.0/trunks/TRUNK-ID/subports
A subport is always a 3-tuple of (port_id, segmentation_type, segmentation_id) where:
| tuple member name | tuple member type | can be NULL | meaning |
|---|---|---|---|
| port_id | str, uuid | no | id of a legacy neutron port to be turned into a subport |
| segmentation_type | enum(str) | yes | segmentation/encapsulation to be used inside the instance |
| segmentation_id | unsigned int (for type=vlan the valid vlan id range) | yes | segmentation/encapsulation id to differentiate the nets inside the instance |
FIXME special values to legacy port attributes, eg. device_owner, device_id
Ignored and/or problematic neutron port attributes for subports:
| attribute name | reason |
|---|---|
| mac_address | no mechanism to tell the guest os/app what mac to use |
| binding:* | FIXME |
CLI usage example
# Legacy ports. neutron port-create net0 --name port0 neutron port-create net1 --name port1 # Turn port0 into a trunk port, add port1 as a subport to it. neutron trunk-create --port-id PORT0-UUID --subport PORT1-UUID,vlan,101 --name trunk0 # The only vNIC in your instance corresponds to the legacy port (turned into a trunk), # so boot your instance with the trunk port given. Do not add subports as NICs to 'nova boot'. # Use an image with support for vlan interfaces. CirrOS will not cut it. # eg: sudo ip link add ... type vlan ... nova boot ... --image VLAN-CAPABLE-IMAGE --nic trunk-port-id=PORT0-UUID --poll vm0 # The typical cloud image will auto-configure eth0 only and not the vlan interfaces (eth0.VLAN-ID). ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.101 type vlan id 101 # Further subports can be created at any time, including after boot. neutron port-create net2 --name port2 neutron trunk-subport-add TRUNK0-UUID PORT2-UUID,vlan,102 # Again you need to bring your subport vlan interfaces up. ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.102 type vlan id 102 # Subports can be deleted at runtime too. ssh VM0-ADDRESS sudo ip link delete dev eth0.102 neutron trunk-subport-delete PORT2-UUID neutron port-delete port2 # Delete stuff when you're all done. neutron trunk-delete TRUNK0-UUID nova delete vm0 neutron port-delete port1 neutron port-delete port0
openvswitch vlan model
FIXME draw picture of wiring of tap interfaces, trunk and integration bridges
# create trunk bridge ovs-vsctl --may-exist add-br TRUNK-BRIDGE ovs-ofctl del-flows TRUNK-BRIDGE # patch trunk bridge to integration bridge ovs-vsctl add-port TRUNK-BRIDGE PATCH-TRUNK-END-PORT -- set Interface PATCH-TRUNK-END-PORT type=patch options:peer=PATCH-INT-END-PORT ovs-vsctl add-port br-int PATCH-INT-END-PORT -- set Interface PATCH-INT-END-PORT type=patch options:peer=PATCH-TRUNK-END-PORT # install default drop flows on patch ports ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-TRUNK-END-OFPORT,actions=drop ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-INT-END-OFPORT,actions=drop # make the tap port pass all tags ovs-vsctl set Port TAP-PORT vlan_mode=trunk ## # install remap flows for untagged traffic (default subport) ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=strip_vlan,normal ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=0xffff,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal # install remap flows for tagged traffic (other subports) ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=mod_vlan_vid:INNER-VLAN-ID,normal ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=INNER-VLAN-ID,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal
Drawings
legacy model of attaching many networks
trunk port model of attaching many networks
legacy API
trunk port API
Links
- blueprints.launchpad.net
- neutron: bp/vlan-aware-vms
- nova: bp/trunk-port
- specs.openstack.org
- neutron: neutron-specs/liberty/vlan-aware-vms
-
nova: nova-specs/mitaka/trunk-port
- review.openstack.org
- neutron-spec
- v3, v4: neutron-specs/vlan-aware-vms
- v1, v2: neutron-specs/vlan-aware-vms
- nova-spec: nova-specs/trunk-port
- neutron: project:openstack/neutron topic:bp/vlan-aware-vms
-
nova: project:openstack/nova topic:bp/trunk-port - python-neutronclient: project:openstack/python-neutronclient topic:bp/vlan-aware-vms
-
python-novaclient: project:openstack/python-novaclient topic:bp/trunk-port - tempest: project:openstack/tempest topic:bp/vlan-aware-vms
- neutron-spec
- Mitaka Summit, Tokyo, 2015-10
- meeting etherpads
- irc meet @ 2015-11-18 00:00 (utc)
- etherpad of the trunk port contributors' meetup
