Revision as of 17:01, 28 August 2012

Configuring the Quantum openvwitch Plugin

Support for provider networks being added via https://review.openstack.org/#/c/11388/ significantly changes the configuration of the Quantum openvswitch plugin. In addition to supporting the provider extension (see https://blueprints.launchpad.net/quantum/+spec/provider-networks), the openvswitch plugin now also can use multiple physical networks for VLAN tenant networks. This page is intended to provide guidance for testing and using this plugin until the admin guide and content on openvswitch.org has been updated.

Terminology

A number of terms will be used with very specific meanings:

• virtual network - A Quantum L2 network (identified by a UUID and optional name) whose ports can be attached as vNICS to Nova instances and to various Quantum agents. The openvswitch plugin supports several different mechanisms to realize virtual networks.
• physical network - A network connecting virtualization hosts (Nova compute nodes) and other network resources. Each physical network may support multiple virtual networks. The provider extension and the openvswitch plugin configuration identify physical networks using names.
• tenant network - A "normal" virtual network created by/for a tenant. The tenant is not aware of how that network is physically realized.
• provider network - A virtual network administratively created to map to a specific physical network in the data center, typically to enable direct access to non-OpenStack resources on that network. Tenants can be given access to provider networks.
• VLAN network - A virtual network realized as packets on a specific physical network containing IEEE 802.1Q headers with a specific VID field value. VLAN networks sharing the same physical network are isolated from each other at L2, and can even have overlapping IP address spaces. Each distinct physical network is assumed to be a separate VLAN trunk, with a distinct space of VID values. Valid VID values are 1 through 4094.
• flat network - A virtual network realized as packets on a specific physical network containing no IEEE 802.1Q header.
• GRE tunnel - A virtual network realized as packets encapsulated using GRE. GRE tunnel packets are routed by the compute node hosts, so GRE tunnels are not associated by the openvswitch plugin with specific physical networks.

Provider Extension

The openvswitch plugin now supports the provider extension. This means users of the quantum client with administrative privileges will see additional provider attributes on all virtual networks, and will be able to specify these attributes in order to create provider networks.

Provider Attributes

• provider:network_type - Specifies the physical mechanism by which the virtual network is realized. Possible values for the openvswitch plugin are "flat", "vlan", and "gre", corresponding to flat networks, VLAN networks, and GRE tunnels as defined above. Note that "flat" and "vlan" type provider networks can be created with administrative privileges, while tenant networks can be realized as either "vlan" or "gre" network types.
• provider:physical_network - Specifies the name of the physical network over which the virtual network is realized for flat and VLAN networks. It is not applicable to the "gre" network type because GRE tunnels are routed according the the host's routing table rather than over a specific physical network.
• provider:vlan_id - For VLAN networks, specifies the VLAN VID on the physical network that realizes the virtual network. Note that each physical network has a separate independent space of VIDs, so more than 4094 VLAN virtual networks can be supported by using multiple physical networks.

Provider CLI Examples

TBD

Openvswitch Plugin Configuration

Using Devstack