Sync implementation details
Change-Id: Id9ccd4d63ae2c1f26433ddab8e306ccbe45817d5 Implements: blueprint admin-network-on-bond
This commit is contained in:
parent
c8e5386015
commit
e5550b2193
@ -20,7 +20,7 @@ In some cases user wants to bond admin interface. It is not possible
|
|||||||
for FUEL 6.0 and earlier release using UI. It is possible to bond admin
|
for FUEL 6.0 and earlier release using UI. It is possible to bond admin
|
||||||
interface via API and CLI, but in this case there is a problem with
|
interface via API and CLI, but in this case there is a problem with
|
||||||
determining admin interface mac address during the provisioning stage.
|
determining admin interface mac address during the provisioning stage.
|
||||||
This is nailgun provisioning serializer issue. If admin interface was
|
This is Nailgun provisioning serializer issue. If admin interface was
|
||||||
bonded, serializer returns mac of the bond interface(empty value) and
|
bonded, serializer returns mac of the bond interface(empty value) and
|
||||||
it breaks provisioning process.
|
it breaks provisioning process.
|
||||||
|
|
||||||
@ -30,7 +30,26 @@ Proposed change
|
|||||||
Nailgun provisioning serializer should be fixed to handle case when
|
Nailgun provisioning serializer should be fixed to handle case when
|
||||||
admin interface is bonded. Serializer may return first bonded slave
|
admin interface is bonded. Serializer may return first bonded slave
|
||||||
interface mac address instead bond mac address. Lacp modes should
|
interface mac address instead bond mac address. Lacp modes should
|
||||||
be denied for admin interface via nailgun API(add validation rules).
|
be denied for admin interface via Nailgun API(add validation rules).
|
||||||
|
|
||||||
|
Additional `pxe` db field should be added into the nic interfaces db model
|
||||||
|
to properly track initial admin interface(node's interface what was used for
|
||||||
|
node's registering in Nailgun API). It necessary for identifying pxe
|
||||||
|
interface if user decide to disassemble bond which includes admin interface.
|
||||||
|
This property will be sent in registration request from Nailgun agent.
|
||||||
|
Nailgun agent will identify `pxe` interface by:
|
||||||
|
|
||||||
|
* ip address ( if some of node's interfaces IPs belong to the same network
|
||||||
|
as IP for Nailgun API which is taken from configuration file
|
||||||
|
"/etc/nailgun-agent/config.yaml")
|
||||||
|
* mac address ( Nailgun agent does already have an ability to identify
|
||||||
|
interface which belongs to network with default gateway; it helps to
|
||||||
|
identify admin interface during the bootstrap stage ) in case if we are
|
||||||
|
using multiple node groups
|
||||||
|
|
||||||
|
This property will be automatically calculated in the Nailgun(on the data from
|
||||||
|
Nailgun agent) and user will not be able to change it.
|
||||||
|
|
||||||
Possibility to bond admin interface via UI should be added. Available
|
Possibility to bond admin interface via UI should be added. Available
|
||||||
bond modes for admin interface in UI should be limited(only non-lacp modes).
|
bond modes for admin interface in UI should be limited(only non-lacp modes).
|
||||||
This limitation will be described in metadata which describes bonding
|
This limitation will be described in metadata which describes bonding
|
||||||
@ -39,17 +58,17 @@ settings in following way::
|
|||||||
bonding:
|
bonding:
|
||||||
linux:
|
linux:
|
||||||
mode:
|
mode:
|
||||||
- values: ["balance-rr", "active-backup", "802.3ad"]
|
- values: ["balance-rr", "active-backup"]
|
||||||
- values: ["802.3ad"]
|
- values: ["802.3ad"]
|
||||||
condition: "'experimental' in version:feature_groups or
|
condition: "'experimental' in version:feature_groups or
|
||||||
network:meta.unmovable == false"
|
interface:pxe == false"
|
||||||
- values: ["balance-xor", "broadcast", "balance-tlb",
|
- values: ["balance-xor", "broadcast", "balance-tlb",
|
||||||
"balance-alb"]
|
"balance-alb"]
|
||||||
condition: "'experimental' in version:feature_groups"
|
condition: "'experimental' in version:feature_groups"
|
||||||
|
|
||||||
"network:meta.unmovable == false" condition indicates network what is not
|
"interface:pxe == false" condition indicates interfaces which are able to be
|
||||||
able to be bonded. This flag calculation will be based on network's
|
bonded using lacp mode. This flag calculation will be based on interfaces's
|
||||||
property : 'unmovable'.
|
property : `pxe`.
|
||||||
|
|
||||||
It is proposed to use only non-lacp bond modes for admin interface
|
It is proposed to use only non-lacp bond modes for admin interface
|
||||||
due to complex and unclear implementation in regarding to following reasons:
|
due to complex and unclear implementation in regarding to following reasons:
|
||||||
@ -75,18 +94,41 @@ None
|
|||||||
Data model impact
|
Data model impact
|
||||||
-----------------
|
-----------------
|
||||||
|
|
||||||
None
|
Additional `pxe` boolean db field should be added into the node_nic_interfaces
|
||||||
|
DB model.
|
||||||
|
|
||||||
REST API impact
|
REST API impact
|
||||||
---------------
|
---------------
|
||||||
|
|
||||||
Additional API validation rules should be added to prevent passing
|
Additional API validation rules should be added to prevent passing of lacp
|
||||||
of lacp bond mode for admin interface.
|
bond mode for admin interface. Also API will be extended with rules preventing
|
||||||
|
assignment of admin network to non-pxe interface.
|
||||||
|
|
||||||
Upgrade impact
|
Upgrade impact
|
||||||
--------------
|
--------------
|
||||||
|
|
||||||
None
|
Additional `pxe` field will be injected into nic interfaces db model and set
|
||||||
|
to True for interfaces which belong to admin network during the database
|
||||||
|
migration procedure.
|
||||||
|
Also Nailgun server code will be fixed to properly calculate pxe interface
|
||||||
|
in case if we have no `pxe` property set for any interface (to support old
|
||||||
|
Nailgun agent versions). Calculation will be based on 'node.mac' property
|
||||||
|
which is present in old agent's versions.
|
||||||
|
Admin interface's bonding is not allowed for old releases, so metadata for
|
||||||
|
old releases will be updated to not allow any bonding mode for `pxe`
|
||||||
|
interface.
|
||||||
|
|
||||||
|
Updated metadata example::
|
||||||
|
|
||||||
|
bonding:
|
||||||
|
linux:
|
||||||
|
mode:
|
||||||
|
- values: ["balance-rr", "active-backup", "802.3ad"]
|
||||||
|
condition: "interface:pxe == false"
|
||||||
|
- values: ["balance-xor", "broadcast", "balance-tlb",
|
||||||
|
"balance-alb"]
|
||||||
|
condition: "interface:pxe == false and "
|
||||||
|
"'experimental' in version:feature_groups and "
|
||||||
|
|
||||||
Security impact
|
Security impact
|
||||||
---------------
|
---------------
|
||||||
@ -138,9 +180,13 @@ Work Items
|
|||||||
|
|
||||||
* Fix provisioning serializer to proper handle case when admin interface is
|
* Fix provisioning serializer to proper handle case when admin interface is
|
||||||
bonded
|
bonded
|
||||||
* Deny lacp modes for admin interface via nailgun API
|
* Deny lacp modes for admin interface via Nailgun API
|
||||||
|
* Deny to reassign admin network on non `pxe` interface via Nailgun API
|
||||||
* Add possibility to bond admin interface via UI
|
* Add possibility to bond admin interface via UI
|
||||||
* Limit bond modes for admin interface via UI
|
* Limit bond modes for admin interface via UI
|
||||||
|
* Fix Nailgun to stick `pxe` property to admin interface during the bootstrap
|
||||||
|
stage
|
||||||
|
* Fix Nailgun agent to calculate `pxe` property for interfaces
|
||||||
|
|
||||||
Acceptance criteria
|
Acceptance criteria
|
||||||
-------------------
|
-------------------
|
||||||
|
Loading…
Reference in New Issue
Block a user