Neutron/TrunkPort
< Neutron
Revision as of 13:33, 10 November 2015 by Bence.romsics (talk | contribs) (→openvswitch vlan model)
Contents
Overview
Neutron extension to access lots of neutron networks over a single vNIC as tagged/encapsulated traffic.
API
FIXME attribute types
neutron trunk port
| attribute name | attribute type |
|---|---|
| admin_state_up | |
| binding:host_id | str |
| binding:vif_details | |
| binding:vif_type | |
| device_id | uuid |
| device_owner | |
| id | uuid |
| mac_address | |
| name | str |
| status | |
| tenant_id | uuid |
wishlist attributes:
- subport_count
neutron subport
Usage of pre-existing neutron port attributes:
| attribute name | attribute value |
|---|---|
| device_id | UUID OF PARENT TRUNK PORT |
| device_owner | trunk-port |
Additional neutron port attributes:
| attribute name | attribute type |
|---|---|
| trunk-port:segmentation-id | uint |
| trunk-port:segmentation-type | str |
Ignored and problematic neutron port attributes:
| attribute name | reason |
|---|---|
| mac_address | no mechanism to tell the guest os/app what mac to use |
| binding:* | FIXME |
nova
FIXME nova boot --nic trunk-port-id
CLI usage example
# Trunk ports are created independently of networks. neutron trunk-port-create --name trunk-port0 # Networks for later subports. neutron net-create net0 neutron net-create net1 # Optional subnets. neutron subnet-create net0 10.0.0.0/24 neutron subnet-create net1 10.0.1.0/24 # Ports having --device-owner 'network:trunk-port' are subports of the trunk port given by uuid. # The subport without --trunk-port:* options is the default subport. # The default subport's traffic will be seen as untagged inside the instance. # You likely want network connectivity during boot, so you should create at least the default subport before booting. neutron port-create net0 --name port0 --device-owner network:trunk-port --device-id TRUNK-PORT0-UUID # Other subports can be created at any time, including before boot. # The traffic of further subports has to be differentiated inside the instance by encapsulation, so you need to provide a segmentation type and id. neutron port-create net1 --name port1 --device-owner network:trunk-port --device-id TRUNK-PORT0-UUID --trunk-port:segmentation-type vlan --trunk-port:segmentation-id 101 # The only vNIC in your instance corresponds to the trunk port, so boot your instance with the trunk port given. Do not add subports as NICs to 'nova boot'. # Use an image with support for vlan interfaces. CirrOS will not cut it. eg: sudo ip link add ... type vlan ... nova boot ... --image VLAN-CAPABLE-IMAGE --nic trunk-port-id=TRUNK-PORT0-UUID --poll vm0 # The typical cloud image will auto-configure eth0 only and not the vlan interfaces (eth0.VLAN-ID). ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.101 type vlan id 101 # Other subports can be created at any time, including after boot. neutron net-create net2 neutron subnet-create net2 10.0.2.0/24 neutron port-create net2 --name port2 --device-owner network:trunk-port --device-id TRUNK-PORT0-UUID --trunk-port:segmentation-type vlan --trunk-port:segmentation-id 102 # Again you need to bring your subport vlan interfaces up. ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.102 type vlan id 102 # Subports can be deleted at runtime too. ssh VM0-ADDRESS sudo ip link delete dev eth0.102 neutron port-delete port1 # When you're all done, deleting the trunk port deletes all the subports too. nova delete vm0 neutron trunk-port-delete trunk-port0 neutron net-delete net2 neutron net-delete net1 neutron net-delete net0
openvswitch vlan model
FIXME draw picture of wiring of tap interfaces, trunk and integration bridges
# create trunk bridge ovs-vsctl --may-exist add-br TRUNK-BRIDGE ovs-ofctl del-flows TRUNK-BRIDGE # patch trunk bridge to integration bridge ovs-vsctl add-port TRUNK-BRIDGE PATCH-TRUNK-END-PORT -- set Interface PATCH-TRUNK-END-PORT type=patch options:peer=PATCH-INT-END-PORT ovs-vsctl add-port br-int PATCH-INT-END-PORT -- set Interface PATCH-INT-END-PORT type=patch options:peer=PATCH-TRUNK-END-PORT # install default drop flows on patch ports ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-TRUNK-END-OFPORT,actions=drop ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-INT-END-OFPORT,actions=drop # make the tap port pass all tags ovs-vsctl set Port TAP-PORT vlan_mode=trunk ## # install remap flows for untagged traffic (default subport) ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=strip_vlan,normal ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=0xffff,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal # install remap flows for tagged traffic (other subports) ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=mod_vlan_vid:INNER-VLAN-ID,normal ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=INNER-VLAN-ID,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal
Drawings
legacy model of attaching many networks
trunk port model of attaching many networks
legacy API
trunk port API
Links
- blueprints.launchpad.net
- neutron: bp/vlan-aware-vms
- nova: bp/trunk-port
- specs.openstack.org
- neutron: neutron-specs/liberty/vlan-aware-vms
-
nova: nova-specs/mitaka/trunk-port
- review.openstack.org
- neutron-spec: neutron-specs/vlan-aware-vms
- nova-spec: nova-specs/trunk-port
- neutron: project:openstack/neutron topic:bp/vlan-aware-vms
-
nova: project:openstack/nova topic:bp/trunk-port - python-neutronclient: project:openstack/python-neutronclient topic:bp/vlan-aware-vms
-
python-novaclient: project:openstack/python-novaclient topic:bp/trunk-port - tempest: project:openstack/tempest topic:bp/vlan-aware-vms
- Mitaka Summit, Tokyo, 2015-10
