Neutron OVS-DVR Update
Swaminathan Vasudevan/Rajeev Grover/Vivek Narasimhan
Neutron OVS DVR - Update
Icehouse Action Items
1. East-West - Desired by 50% of the audience
2. North-South - Desired by 50% of the audience
3. Services - FWaaS desired for Distributed Model and VPN as Centralized Service.
Prioritization:
1. East-West was prioritized since it would address the nova multi-host parity.
2. North-South was suggested to be included as an option if enough resources are there to investigate.
Concerns:
There were some concerns raised about the East-West proposal, since it had a dependency on the kernel module. The community was concerned about the time it would take to get this kernel module upstream so that it can be consumed by the OpenStack.
Neutron OVS DVR- Update
Changes from the Icehouse Summit:
1. No Kernel Module Dependency, just use the linux namespace for isolation.
2. Provide East-West Routing
3. Provide North-South Routing (Floating IP and SNAT)
4. Provide a Migration Path from Legacy L3 Network Node to the Distributed Router Model.
5. Provide East-West/North-South with out harming the existing services.
Things that have not changed from Icehouse:
1. DHCP still resides in the Service Node/Legacy Network Node
2. This blueprint is still targeted towards OVS
Neutron OVS DVR - Update
DVR Sub-team Meeting
Based on the Feedback that we received from the Icehouse summit, we continued our discussion with our Sub-team on our regular IRC Weekly Meetings.
DVR IRC Meeting
Meetings are held on Wednesdays 15.00UTC (7.00a.m to 8.00a.m PST)
Channel: #openstack-meeting-alt
https://wiki.openstack.org/wiki/Meetings/Distributed-Virtual-Router
DVR Etherpad
https://etherpad.openstack.org/p/Distributed-Virtual-Router
HowTo Wiki
https://wiki.openstack.org/wiki/Neutron/DVR/HowTo
Neutron OVS DVR- Juno Release Target to achieve Nova Parity
Phase I
1. Provide East-West Routing
2. Provide North-South Routing (Floating IP and SNAT)
Phase II
3. Provide a Migration Path from Legacy L3 Network Node to the Distributed Router Model.
4. Provide Service Node HA / VRRP.
Phase III
5. Distributed DHCP
6. Agent Consolidation/Hardening
Neutron OVS DVR - East-West Routing
Neutron OVS DVR - Compute Node Namespace for IR
Neutron OVS DVR - North-South with Floating IP
Neutron OVS DVR - Floating IP in Compute Node
Neutron OVS DVR - Compute Node Namespace for IR and FIPs
Neutron OVS DVR - North-South Central SNAT - Inbound flow
Neutron OVS DVR - North-South Central SNAT - Outbound flow
Neutron OVS DVR - Service Node Namespace
Neutron OVs DVR - L2/L3 Flow when router-interface-added
Neutron OVS DVR - L2/L3 Flow when router-interface-deleted
Neutron OVS DVR - FIP Flow
Neutron OVS DVR - SNAT Flow
Neutron OVS DVR - Admin Level API/CLI change for Migration
NOTE: Distributed Flag can be also set using the config file. The setting in the API or CLI will override the config file setting.
For Evacuating Router from Legacy Network Node. ( ADMIN Only command)
neutron router-update router1 –-distributed=true
For moving Router back to the Centralized Service Node/Legacy Network Node
neutron router-update router1 –-distributed=False
Default router create behavior when tenant creates
neutron router-create router1 ( In this case, if the API does not have the distributed flag, then the setting in the config file will be used).
Neutron OVS DVR - Admin Level API/CLI change for Migration
Neutron Router port list command.
neutron router-port-list
(No change in the API itself, but it would be reporting all the Router ports from all the Compute Nodes with the port binding information.
l3-agent-list-hosting-snat List L3 agents hosting a snat service.
This command will list the agent with the router-id and SNAT IP.
l3-agent-snat-add Add a snat association to an L3 agent.
This command will allow an admin to associate a SNAT service to a router.
l3-agent-snat-remove Remove snat association from an L3 agent.
Neutron Port Show with the port bindings. ( Port show will show the port bindings for the DVR port)
neutron port-show port-id
Back up