Jump to: navigation, search

Difference between revisions of "Obsolete:ConfigureOpenvswitch"

Line 35: Line 35:
 
* '''OVS.local_ip''' - default: "10.0.0.3" - Specifies the IP address for the local endpoint on which GRE tunnel packets are received by the agent.
 
* '''OVS.local_ip''' - default: "10.0.0.3" - Specifies the IP address for the local endpoint on which GRE tunnel packets are received by the agent.
 
* '''OVS.bridge_mappings''' - default: "default:br-eth1" - List of <physical_network>:<bridge> tuples, each specifying the OVS bridge used by the agent for a physical network to which it is connected.
 
* '''OVS.bridge_mappings''' - default: "default:br-eth1" - List of <physical_network>:<bridge> tuples, each specifying the OVS bridge used by the agent for a physical network to which it is connected.
* '''OVS.network_vlan_ranges''' - default: "default:2000:3999" - List of <physical_network>:<vlan_min>:<vlan_max> or <physical_network> tuples, each specifying the name of an available physical network and, optionally, a range of VIDs on that network available for allocation to tenant networks. All physical networks available for provider network creation must be listed at least once, even if no tenant networks will be allocated on that physical network. A physical network can be listed multiple times to make multiple ranges of VIDs on that physical network available for tenant network creation.
+
* '''OVS.network_vlan_ranges''' - default: "default:2000:3999" - List of <physical_network>:<vlan_min>:<vlan_max> or <physical_network> tuples on the server, each specifying the name of an available physical network and, optionally, a range of VIDs on that network available for allocation to tenant networks. All physical networks available for provider network creation must be listed at least once, even if no tenant networks will be allocated on that physical network. A physical network can be listed multiple times to make multiple ranges of VIDs on that physical network available for tenant network creation.
* '''OVS.tunnel_id_ranges''' - default: "" - List of <tun_min>:<tun_max> tuples, each specifying a range of tunnel IDs available for tenant network creation.
+
* '''OVS.tunnel_id_ranges''' - default: "" - List of <tun_min>:<tun_max> tuples on the server, each specifying a range of tunnel IDs available for tenant network creation.
 
* '''DATABASE.sql_connection''' - default: "sqlite://" - URL for database connection used by the plugin, and if AGENT.rpc is false, also by the agent.
 
* '''DATABASE.sql_connection''' - default: "sqlite://" - URL for database connection used by the plugin, and if AGENT.rpc is false, also by the agent.
 
* '''DATABASE.sql_max_retries''' - default: -1 -
 
* '''DATABASE.sql_max_retries''' - default: -1 -
Line 45: Line 45:
 
* '''AGENT.rpc''' - default: True - Specifies whether the agent uses the RPC mechanism to communicate with the plugin. If False, the agent connects via the database instead.
 
* '''AGENT.rpc''' - default: True - Specifies whether the agent uses the RPC mechanism to communicate with the plugin. If False, the agent connects via the database instead.
  
The RPC, logging, and notification configuration variables defined in openstack-common also apply to the plugin, and the RPC and logging variables apply to the agent.
+
The RPC, logging, and notification configuration variables defined in /etc/quantum/quantum.conf also apply to the plugin, and the RPC and logging variables apply to the agent.
 +
 
 +
The physical_network names and bridge names in the above variable should not contain embedded spaces.
 +
 
 +
=== Tenant Network Pool Configuration ===
 +
 
 +
The openvswitch plugin supports realizing tenant networks as either VLAN networks or GRE tunnels. Each mechanism allows configuration in the server of a pool of physical resources available for allocation to tenant networks. If pools for both mechanisms are configured, when a new tenant network is created, a VLAN network will be used if one is available, and if not, a GRE tunnel will be used. If no pools are configured, or if the supply is exhausted, no new tenant networks can be created, but it still may be possible to create provider networks.
 +
 
 +
To configure a pool of VLANs that can be allocated as tenant networks, use the OVS.network_vlan_ranges configuration variable in the server to specify the ranges of VIDs available for allocation:
 +
 
 +
 
 +
<pre><nowiki>
 +
[OVS]
 +
network_vlan_ranges = physnet1:1:4094,physnet2:1000:1999,physnet2:3000:3999
 +
</nowiki></pre>
 +
 
 +
 
 +
The above example makes VIDs 1 through 4094 on the physical network named "physnet1" available for tenant networks, along with VIDs 1000 through 1999 and 3000 through 3999 on the physical network named "physnet2".
 +
 
 +
To configure a pool of GRE tunnels that can be allocated as tenant networks, use the OVS.tunnel_id_ranges configuration variable in the server to specify the ranges of tunnel IDs available for allocation:
 +
 
 +
 
 +
<pre><nowiki>
 +
[OVS]
 +
tunnel_id_ranges = 0:999,2000:2999
 +
</nowiki></pre>
 +
 
 +
 
 +
This example makes tunnel IDs 0 through 999 and 2000 through 2999 available for allocation. Note that, unlike VIDs, tunnel IDs are not specific to a physical network.
 +
 
 +
The allocation states of the items in each pool are kept in the openvswitch plugin's database. Each time the quantum server starts, it synchronizes the contents of the database with the current values for the configuration variables. Items may be added to each pool, and unused items may be removed. If a VLAN or tunnel currently in use is no longer in the specified range, it will continue to be used until the network is deleted, but will not be returned to the pool on deletion.
 +
 
 +
=== Physical Network Configuration ===
 +
 
 +
If provider networks are to be used, or if tenant networks are to realized as VLANs, ...
  
=== Physical Networks ===
 
=== Tenant Networks ===
 
 
=== OVS Bridge Configuration ===
 
=== OVS Bridge Configuration ===
 
=== Configuration Examples ===
 
=== Configuration Examples ===
 
== Using Devstack ==
 
== Using Devstack ==

Revision as of 19:54, 28 August 2012

Configuring the Quantum openvswitch Plugin

Support for provider networks being added via https://review.openstack.org/#/c/11388/ significantly changes the configuration of the Quantum openvswitch plugin. In addition to supporting the provider extension (see https://blueprints.launchpad.net/quantum/+spec/provider-networks), the openvswitch plugin now also can use multiple physical networks for VLAN tenant networks. This page is intended to provide guidance for testing and using this plugin until the admin guide and content on openvswitch.org has been updated.

Terminology

A number of terms will be used with very specific meanings:

  • virtual network - A Quantum L2 network (identified by a UUID and optional name) whose ports can be attached as vNICS to Nova instances and to various Quantum agents. The openvswitch plugin supports several different mechanisms to realize virtual networks.
  • physical network - A network connecting virtualization hosts (Nova compute nodes) and other network resources. Each physical network may support multiple virtual networks. The provider extension and the openvswitch plugin configuration identify physical networks using names.
  • tenant network - A "normal" virtual network created by/for a tenant. The tenant is not aware of how that network is physically realized.
  • provider network - A virtual network administratively created to map to a specific physical network in the data center, typically to enable direct access to non-OpenStack resources on that network. Tenants can be given access to provider networks.
  • VLAN network - A virtual network realized as packets on a specific physical network containing IEEE 802.1Q headers with a specific VID field value. VLAN networks sharing the same physical network are isolated from each other at L2, and can even have overlapping IP address spaces. Each distinct physical network is assumed to be a separate VLAN trunk, with a distinct space of VID values. Valid VID values are 1 through 4094.
  • flat network - A virtual network realized as packets on a specific physical network containing no IEEE 802.1Q header.
  • GRE tunnel - A virtual network realized as packets encapsulated using GRE. GRE tunnel packets are routed by the compute node hosts, so GRE tunnels are not associated by the openvswitch plugin with specific physical networks.

Provider Extension

The openvswitch plugin supports the provider extension. This means users of the quantum client with administrative privileges will see additional provider attributes on all virtual networks, and will be able to specify these attributes in order to create provider networks.

Provider Attributes

  • provider:network_type - Specifies the physical mechanism by which the virtual network is realized. Possible values with the openvswitch plugin are "flat", "vlan", and "gre", corresponding to flat networks, VLAN networks, and GRE tunnels as defined above. Note that "flat" and "vlan" type provider networks can be created with administrative privileges, while tenant networks can be realized as either "vlan" or "gre" network types.
  • provider:physical_network - Specifies the name of the physical network over which the virtual network is realized for flat and VLAN networks. It is not applicable to the "gre" network type because GRE tunnels are routed according the the host's routing table rather than over a specific physical network.
  • provider:vlan_id - For VLAN networks, specifies the VLAN VID on the physical network that realizes the virtual network. Note that each physical network has a separate independent space of VIDs, so more than 4094 VLAN virtual networks can be supported by using multiple physical networks.

Provider CLI Examples

TBD

Openvswitch Plugin and Agent Configuration

Configuring the openvswitch plugin and agent involves setting configuration variables used by the plugin on the Quantum server node and by the openvswitch agent on all the nodes on which it runs, as well as configuring OVS bridges on the nodes where the openvswitch agent runs.

Configuration Variables

The openvswitch plugin and agent are configured by editing the file typically installed as /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini. The following configuration variables are relevant:

  • OVS.integration_bridge - default: "br-int" - Specifies the name of the OVS integration bridge used by the agent for all virtual networks.
  • OVS.tunnel_bridge - default: "br-tun" - Specifies the name of the OVS tunnel bridge used by the agent for GRE tunnels.
  • OVS.local_ip - default: "10.0.0.3" - Specifies the IP address for the local endpoint on which GRE tunnel packets are received by the agent.
  • OVS.bridge_mappings - default: "default:br-eth1" - List of <physical_network>:<bridge> tuples, each specifying the OVS bridge used by the agent for a physical network to which it is connected.
  • OVS.network_vlan_ranges - default: "default:2000:3999" - List of <physical_network>:<vlan_min>:<vlan_max> or <physical_network> tuples on the server, each specifying the name of an available physical network and, optionally, a range of VIDs on that network available for allocation to tenant networks. All physical networks available for provider network creation must be listed at least once, even if no tenant networks will be allocated on that physical network. A physical network can be listed multiple times to make multiple ranges of VIDs on that physical network available for tenant network creation.
  • OVS.tunnel_id_ranges - default: "" - List of <tun_min>:<tun_max> tuples on the server, each specifying a range of tunnel IDs available for tenant network creation.
  • DATABASE.sql_connection - default: "sqlite://" - URL for database connection used by the plugin, and if AGENT.rpc is false, also by the agent.
  • DATABASE.sql_max_retries - default: -1 -
  • DATABASE.reconnect_interval - default: 2 -
  • AGENT.polling_interval - default: 2 -
  • AGENT.root_helper - default: "sudo" -
  • AGENT.log_file - default: None -
  • AGENT.rpc - default: True - Specifies whether the agent uses the RPC mechanism to communicate with the plugin. If False, the agent connects via the database instead.

The RPC, logging, and notification configuration variables defined in /etc/quantum/quantum.conf also apply to the plugin, and the RPC and logging variables apply to the agent.

The physical_network names and bridge names in the above variable should not contain embedded spaces.

Tenant Network Pool Configuration

The openvswitch plugin supports realizing tenant networks as either VLAN networks or GRE tunnels. Each mechanism allows configuration in the server of a pool of physical resources available for allocation to tenant networks. If pools for both mechanisms are configured, when a new tenant network is created, a VLAN network will be used if one is available, and if not, a GRE tunnel will be used. If no pools are configured, or if the supply is exhausted, no new tenant networks can be created, but it still may be possible to create provider networks.

To configure a pool of VLANs that can be allocated as tenant networks, use the OVS.network_vlan_ranges configuration variable in the server to specify the ranges of VIDs available for allocation:


[OVS]
network_vlan_ranges = physnet1:1:4094,physnet2:1000:1999,physnet2:3000:3999


The above example makes VIDs 1 through 4094 on the physical network named "physnet1" available for tenant networks, along with VIDs 1000 through 1999 and 3000 through 3999 on the physical network named "physnet2".

To configure a pool of GRE tunnels that can be allocated as tenant networks, use the OVS.tunnel_id_ranges configuration variable in the server to specify the ranges of tunnel IDs available for allocation:


[OVS]
tunnel_id_ranges = 0:999,2000:2999


This example makes tunnel IDs 0 through 999 and 2000 through 2999 available for allocation. Note that, unlike VIDs, tunnel IDs are not specific to a physical network.

The allocation states of the items in each pool are kept in the openvswitch plugin's database. Each time the quantum server starts, it synchronizes the contents of the database with the current values for the configuration variables. Items may be added to each pool, and unused items may be removed. If a VLAN or tunnel currently in use is no longer in the specified range, it will continue to be used until the network is deleted, but will not be returned to the pool on deletion.

Physical Network Configuration

If provider networks are to be used, or if tenant networks are to realized as VLANs, ...

OVS Bridge Configuration

Configuration Examples

Using Devstack