Add igmp_snooping_enable config

This option is available on both OVS and OVN to allow virtual switch to snoop into multicast IGMP messages and learn which ports should be flooded. This change adds igmp snooping option on neutron.conf. Change-Id: I3a0e757e5afe6a77cc507ee01298961c16d41cb2
2020-07-02 18:00:16 +02:00 · 2020-07-02 18:00:16 +02:00 · f401914ee3
parent 6ec56a29b6
commit f401914ee3
4 changed files with 164 additions and 0 deletions
--- a/config.yaml
+++ b/config.yaml
@ -779,3 +779,9 @@ options:
      override YAML files in the service's policy.d directory.  The resource
      file should be a ZIP file containing at least one yaml file with a .yaml
      or .yml extension.  If False then remove the overrides.
+  enable-igmp-snooping:
+    type: boolean
+    default: False
+    description: |
+      If True, on Ussuri or later, igmp snooping will be set on OVS and OVN
+      control plane will learn about multicast traffic going on in the cluster.
--- a/hooks/neutron_api_context.py
+++ b/hooks/neutron_api_context.py
@ -370,6 +370,10 @@ class NeutronCCContext(context.NeutronContext):
    def neutron_l3ha(self):
        return get_l3ha()

+    @property
+    def neutron_igmp_snoop(self):
+        return config('enable-igmp-snooping')
+
    # Do not need the plugin agent installed on the api server
    def _ensure_packages(self):
        pass
@ -445,6 +449,7 @@ class NeutronCCContext(context.NeutronContext):
        ctxt['external_network'] = config('neutron-external-network')
        release = os_release('neutron-server')
        cmp_release = CompareOpenStackReleases(release)
+        ctxt['enable_igmp_snooping'] = self.neutron_igmp_snoop
        if config('neutron-plugin') == 'vsp' and cmp_release < 'newton':
            _config = config()
            for k, v in _config.items():
--- a/templates/ussuri/neutron.conf
+++ b/templates/ussuri/neutron.conf
@ -0,0 +1,145 @@
+# ussuri
+###############################################################################
+# [ WARNING ]
+# Configuration file maintained by Juju. Local changes may be overwritten.
+# Restart trigger {{ restart_trigger }}
+###############################################################################
+[DEFAULT]
+verbose = {{ verbose }}
+debug = {{ debug }}
+use_syslog = {{ use_syslog }}
+state_path = /var/lib/neutron
+bind_host = {{ bind_host }}
+auth_strategy = keystone
+api_workers = {{ workers }}
+rpc_workers = {{ workers }}
+
+{% if transport_url %}
+transport_url = {{ transport_url }}
+{% endif %}
+
+router_distributed = {{ enable_dvr }}
+
+{% if dns_domain -%}
+dns_domain = {{ dns_domain }}
+{% endif -%}
+
+l3_ha = {{ l3_ha }}
+{% if l3_ha -%}
+max_l3_agents_per_router = {{ max_l3_agents_per_router }}
+{% endif -%}
+
+allow_automatic_l3agent_failover = {{ allow_automatic_l3agent_failover }}
+allow_automatic_dhcp_failover = {{ allow_automatic_dhcp_failover }}
+{% if network_scheduler_driver -%}
+network_scheduler_driver = {{ network_scheduler_driver }}
+dhcp_load_type = {{ dhcp_load_type }}
+{% endif -%}
+
+{% if neutron_bind_port -%}
+bind_port = {{ neutron_bind_port }}
+{% else -%}
+bind_port = 9696
+{% endif -%}
+
+{% if core_plugin -%}
+core_plugin = {{ core_plugin }}
+{% if service_plugins -%}
+service_plugins = {{ service_plugins }}
+{% endif -%}
+{% endif -%}
+
+{% if neutron_security_groups -%}
+allow_overlapping_ips = True
+{% endif -%}
+
+dhcp_agents_per_network = {{ dhcp_agents_per_network }}
+
+notify_nova_on_port_status_changes = True
+notify_nova_on_port_data_changes = True
+
+{% if sections and 'DEFAULT' in sections -%}
+{% for key, value in sections['DEFAULT'] -%}
+{{ key }} = {{ value }}
+{% endfor -%}
+{% endif %}
+
+{% if user_config_flags -%}
+{% for key, value in user_config_flags.items() -%}
+{{ key }} = {{ value }}
+{% endfor -%}
+{% endif -%}
+
+{% if global_physnet_mtu -%}
+global_physnet_mtu = {{ global_physnet_mtu }}
+{% endif -%}
+
+{% if enable_designate -%}
+external_dns_driver = designate
+{% endif -%}
+
+{% include "section-zeromq" %}
+
+[quotas]
+{% if quota_driver -%}
+quota_driver = {{ quota_driver }}
+{% else -%}
+quota_driver = neutron.db.quota.driver.DbQuotaDriver
+{% endif -%}
+{% if neutron_security_groups -%}
+quota_items = network,subnet,port,security_group,security_group_rule
+quota_security_group = {{ quota_security_group }}
+quota_security_group_rule = {{ quota_security_group_rule }}
+{% else -%}
+quota_items = network,subnet,port
+{% endif -%}
+quota_network = {{ quota_network }}
+quota_subnet = {{ quota_subnet }}
+quota_port = {{ quota_port }}
+quota_vip = {{ quota_vip }}
+quota_pool = {{ quota_pool }}
+quota_member = {{ quota_member }}
+quota_health_monitors = {{ quota_health_monitors }}
+quota_router = {{ quota_router }}
+quota_floatingip = {{ quota_floatingip }}
+
+[agent]
+root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
+
+{% include "section-keystone-authtoken-mitaka" %}
+
+{% include "parts/section-database" %}
+
+{% include "section-oslo-messaging-rabbit" %}
+
+{% include "section-oslo-notifications" %}
+
+[ovs]
+igmp_snooping_enable = {{ enable_igmp_snooping }}
+
+[oslo_concurrency]
+lock_path = $state_path/lock
+
+{% include "parts/section-nova" %}
+
+{% if enable_designate -%}
+{% include "parts/section-designate" %}
+{% endif -%}
+
+{% include "parts/section-placement" %}
+
+{% if firewall_v2 -%}
+[service_providers]
+service_provider = FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver:default
+{% endif %}
+
+{% include "section-oslo-middleware" %}
+
+{% for section in sections -%}
+{% if section != 'DEFAULT' -%}
+[{{ section }}]
+{% for key, value in sections[section] -%}
+{{ key }} = {{ value }}
+{% endfor %}
+{% endif %}
+{%- endfor %}
--- a/unit_tests/test_neutron_api_context.py
+++ b/unit_tests/test_neutron_api_context.py
@ -428,6 +428,9 @@ class NeutronCCContextTest(CharmTestCase):
        self.test_config.set('mem-password', 'heslo')
        self.test_config.set('enable-ml2-port-security', True)
        self.test_config.set('dhcp-agents-per-network', 3)
+        # Although set as True for all tests, only Ussuri templates
+        # can apply this option.
+        self.test_config.set('enable-igmp-snooping', True)

    def tearDown(self):
        super(NeutronCCContextTest, self).tearDown()
@ -448,6 +451,7 @@ class NeutronCCContextTest(CharmTestCase):
            'dhcp_agents_per_network': 3,
            'enable_sriov': False,
            'external_network': 'bob',
+            'enable_igmp_snooping': True,
            'neutron_bind_port': self.api_port,
            'verbose': True,
            'l2_population': True,
@ -497,6 +501,7 @@ class NeutronCCContextTest(CharmTestCase):
            'enable_sriov': False,
            'external_network': 'bob',
            'global_physnet_mtu': 1500,
+            'enable_igmp_snooping': True,
            'neutron_bind_port': self.api_port,
            'verbose': True,
            'l2_population': True,
@ -602,6 +607,7 @@ class NeutronCCContextTest(CharmTestCase):
            'dhcp_agents_per_network': 3,
            'enable_sriov': False,
            'external_network': 'bob',
+            'enable_igmp_snooping': True,
            'neutron_bind_port': self.api_port,
            'verbose': True,
            'l2_population': True,
@ -654,6 +660,7 @@ class NeutronCCContextTest(CharmTestCase):
            'l3_ha': True,
            'mechanism_drivers': 'openvswitch',
            'external_network': 'bob',
+            'enable_igmp_snooping': True,
            'neutron_bind_port': self.api_port,
            'verbose': True,
            'l2_population': False,
@ -725,6 +732,7 @@ class NeutronCCContextTest(CharmTestCase):
            'enable_sriov': True,
            'supported_pci_vendor_devs': '1111:3333,2222:4444',
            'external_network': 'bob',
+            'enable_igmp_snooping': True,
            'neutron_bind_port': self.api_port,
            'verbose': True,
            'l2_population': True,