From f401914ee341cc7a34c336287879c073a30a9226 Mon Sep 17 00:00:00 2001 From: Pedro Guimaraes Date: Thu, 2 Jul 2020 18:00:16 +0200 Subject: [PATCH] Add igmp_snooping_enable config This option is available on both OVS and OVN to allow virtual switch to snoop into multicast IGMP messages and learn which ports should be flooded. This change adds igmp snooping option on neutron.conf. Change-Id: I3a0e757e5afe6a77cc507ee01298961c16d41cb2 --- config.yaml | 6 + hooks/neutron_api_context.py | 5 + templates/ussuri/neutron.conf | 145 +++++++++++++++++++++++++ unit_tests/test_neutron_api_context.py | 8 ++ 4 files changed, 164 insertions(+) create mode 100644 templates/ussuri/neutron.conf diff --git a/config.yaml b/config.yaml index 67a4b2ad..6e117643 100755 --- a/config.yaml +++ b/config.yaml @@ -779,3 +779,9 @@ options: override YAML files in the service's policy.d directory. The resource file should be a ZIP file containing at least one yaml file with a .yaml or .yml extension. If False then remove the overrides. + enable-igmp-snooping: + type: boolean + default: False + description: | + If True, on Ussuri or later, igmp snooping will be set on OVS and OVN + control plane will learn about multicast traffic going on in the cluster. diff --git a/hooks/neutron_api_context.py b/hooks/neutron_api_context.py index 6d46e800..5ba66c7c 100644 --- a/hooks/neutron_api_context.py +++ b/hooks/neutron_api_context.py @@ -370,6 +370,10 @@ class NeutronCCContext(context.NeutronContext): def neutron_l3ha(self): return get_l3ha() + @property + def neutron_igmp_snoop(self): + return config('enable-igmp-snooping') + # Do not need the plugin agent installed on the api server def _ensure_packages(self): pass @@ -445,6 +449,7 @@ class NeutronCCContext(context.NeutronContext): ctxt['external_network'] = config('neutron-external-network') release = os_release('neutron-server') cmp_release = CompareOpenStackReleases(release) + ctxt['enable_igmp_snooping'] = self.neutron_igmp_snoop if config('neutron-plugin') == 'vsp' and cmp_release < 'newton': _config = config() for k, v in _config.items(): diff --git a/templates/ussuri/neutron.conf b/templates/ussuri/neutron.conf new file mode 100644 index 00000000..30e77477 --- /dev/null +++ b/templates/ussuri/neutron.conf @@ -0,0 +1,145 @@ +# ussuri +############################################################################### +# [ WARNING ] +# Configuration file maintained by Juju. Local changes may be overwritten. +# Restart trigger {{ restart_trigger }} +############################################################################### +[DEFAULT] +verbose = {{ verbose }} +debug = {{ debug }} +use_syslog = {{ use_syslog }} +state_path = /var/lib/neutron +bind_host = {{ bind_host }} +auth_strategy = keystone +api_workers = {{ workers }} +rpc_workers = {{ workers }} + +{% if transport_url %} +transport_url = {{ transport_url }} +{% endif %} + +router_distributed = {{ enable_dvr }} + +{% if dns_domain -%} +dns_domain = {{ dns_domain }} +{% endif -%} + +l3_ha = {{ l3_ha }} +{% if l3_ha -%} +max_l3_agents_per_router = {{ max_l3_agents_per_router }} +{% endif -%} + +allow_automatic_l3agent_failover = {{ allow_automatic_l3agent_failover }} +allow_automatic_dhcp_failover = {{ allow_automatic_dhcp_failover }} +{% if network_scheduler_driver -%} +network_scheduler_driver = {{ network_scheduler_driver }} +dhcp_load_type = {{ dhcp_load_type }} +{% endif -%} + +{% if neutron_bind_port -%} +bind_port = {{ neutron_bind_port }} +{% else -%} +bind_port = 9696 +{% endif -%} + +{% if core_plugin -%} +core_plugin = {{ core_plugin }} +{% if service_plugins -%} +service_plugins = {{ service_plugins }} +{% endif -%} +{% endif -%} + +{% if neutron_security_groups -%} +allow_overlapping_ips = True +{% endif -%} + +dhcp_agents_per_network = {{ dhcp_agents_per_network }} + +notify_nova_on_port_status_changes = True +notify_nova_on_port_data_changes = True + +{% if sections and 'DEFAULT' in sections -%} +{% for key, value in sections['DEFAULT'] -%} +{{ key }} = {{ value }} +{% endfor -%} +{% endif %} + +{% if user_config_flags -%} +{% for key, value in user_config_flags.items() -%} +{{ key }} = {{ value }} +{% endfor -%} +{% endif -%} + +{% if global_physnet_mtu -%} +global_physnet_mtu = {{ global_physnet_mtu }} +{% endif -%} + +{% if enable_designate -%} +external_dns_driver = designate +{% endif -%} + +{% include "section-zeromq" %} + +[quotas] +{% if quota_driver -%} +quota_driver = {{ quota_driver }} +{% else -%} +quota_driver = neutron.db.quota.driver.DbQuotaDriver +{% endif -%} +{% if neutron_security_groups -%} +quota_items = network,subnet,port,security_group,security_group_rule +quota_security_group = {{ quota_security_group }} +quota_security_group_rule = {{ quota_security_group_rule }} +{% else -%} +quota_items = network,subnet,port +{% endif -%} +quota_network = {{ quota_network }} +quota_subnet = {{ quota_subnet }} +quota_port = {{ quota_port }} +quota_vip = {{ quota_vip }} +quota_pool = {{ quota_pool }} +quota_member = {{ quota_member }} +quota_health_monitors = {{ quota_health_monitors }} +quota_router = {{ quota_router }} +quota_floatingip = {{ quota_floatingip }} + +[agent] +root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf + +{% include "section-keystone-authtoken-mitaka" %} + +{% include "parts/section-database" %} + +{% include "section-oslo-messaging-rabbit" %} + +{% include "section-oslo-notifications" %} + +[ovs] +igmp_snooping_enable = {{ enable_igmp_snooping }} + +[oslo_concurrency] +lock_path = $state_path/lock + +{% include "parts/section-nova" %} + +{% if enable_designate -%} +{% include "parts/section-designate" %} +{% endif -%} + +{% include "parts/section-placement" %} + +{% if firewall_v2 -%} +[service_providers] +service_provider = FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver:default +{% endif %} + +{% include "section-oslo-middleware" %} + +{% for section in sections -%} +{% if section != 'DEFAULT' -%} +[{{ section }}] +{% for key, value in sections[section] -%} +{{ key }} = {{ value }} +{% endfor %} +{% endif %} +{%- endfor %} diff --git a/unit_tests/test_neutron_api_context.py b/unit_tests/test_neutron_api_context.py index c1513715..51d1f336 100644 --- a/unit_tests/test_neutron_api_context.py +++ b/unit_tests/test_neutron_api_context.py @@ -428,6 +428,9 @@ class NeutronCCContextTest(CharmTestCase): self.test_config.set('mem-password', 'heslo') self.test_config.set('enable-ml2-port-security', True) self.test_config.set('dhcp-agents-per-network', 3) + # Although set as True for all tests, only Ussuri templates + # can apply this option. + self.test_config.set('enable-igmp-snooping', True) def tearDown(self): super(NeutronCCContextTest, self).tearDown() @@ -448,6 +451,7 @@ class NeutronCCContextTest(CharmTestCase): 'dhcp_agents_per_network': 3, 'enable_sriov': False, 'external_network': 'bob', + 'enable_igmp_snooping': True, 'neutron_bind_port': self.api_port, 'verbose': True, 'l2_population': True, @@ -497,6 +501,7 @@ class NeutronCCContextTest(CharmTestCase): 'enable_sriov': False, 'external_network': 'bob', 'global_physnet_mtu': 1500, + 'enable_igmp_snooping': True, 'neutron_bind_port': self.api_port, 'verbose': True, 'l2_population': True, @@ -602,6 +607,7 @@ class NeutronCCContextTest(CharmTestCase): 'dhcp_agents_per_network': 3, 'enable_sriov': False, 'external_network': 'bob', + 'enable_igmp_snooping': True, 'neutron_bind_port': self.api_port, 'verbose': True, 'l2_population': True, @@ -654,6 +660,7 @@ class NeutronCCContextTest(CharmTestCase): 'l3_ha': True, 'mechanism_drivers': 'openvswitch', 'external_network': 'bob', + 'enable_igmp_snooping': True, 'neutron_bind_port': self.api_port, 'verbose': True, 'l2_population': False, @@ -725,6 +732,7 @@ class NeutronCCContextTest(CharmTestCase): 'enable_sriov': True, 'supported_pci_vendor_devs': '1111:3333,2222:4444', 'external_network': 'bob', + 'enable_igmp_snooping': True, 'neutron_bind_port': self.api_port, 'verbose': True, 'l2_population': True,