blueprint: vcenter-vlan-manager
Change-Id: I13816f8019924d9e5965bf5a83da53294efa91d1
This commit is contained in:
parent
07579933ee
commit
f60f7f13b7
193
specs/6.0/vcenter-vlan-manager.rst
Normal file
193
specs/6.0/vcenter-vlan-manager.rst
Normal file
@ -0,0 +1,193 @@
|
||||
==========================================
|
||||
VLAN manager support for vCenter
|
||||
==========================================
|
||||
|
||||
https://blueprints.launchpad.net/fuel/+spec/vcenter-vlan-manager
|
||||
|
||||
Now, in a 5.0 and 5.1 releases Fuel doesn't support Nova-Network in VLANmanager
|
||||
mode for vCenter as a hypervisor. We want to add this feature in Fuel 6.0.
|
||||
|
||||
|
||||
Problem description
|
||||
===================
|
||||
|
||||
Nova-network can run in several modes, but only FlatDHCPManager works properly
|
||||
with vCenter now. In this case all virtual machines (even used by different
|
||||
tenants) are contained in one L2 broadcast domain. Also only one pool of ip
|
||||
addresses is used for all tenants. It is a problem for security and
|
||||
scalability.
|
||||
|
||||
|
||||
Proposed change
|
||||
===============
|
||||
|
||||
We can avoid problems which were described in the previous point by using vlan
|
||||
technology. Thereafter fuel-clouds will meet the needs of huge enterprise
|
||||
deployment.
|
||||
|
||||
To fully support VlanManager the following changes must be implemented:
|
||||
|
||||
* Unlock 'VLAN Manager' --- element of UI on the Networks tab for choosing this
|
||||
variant of networking mode.
|
||||
|
||||
* Provide correct configuration to nova-network service for managing
|
||||
portgroups, vlans and networks as described in [1].
|
||||
|
||||
This is the principle scheme of deployment configuration:
|
||||
|
||||
::
|
||||
|
||||
+---------------------+
|
||||
| ESXi1 |
|
||||
| +-----+ |
|
||||
| | VM1 +--+ |
|
||||
| +-----+ | +------+ |vlan 100
|
||||
| +-+-br100+-+---------|
|
||||
| +-----+ | +------+ | |
|
||||
| | VM2 +--+ | |
|
||||
| +-----+ | |
|
||||
| | |
|
||||
| +-----+ | |
|
||||
| | VM5 +--+ | |
|
||||
| +-----+ | +------+ |vlan 103 |
|
||||
+---------------------+ +---------+ | +-+-br103+-+-------+ |
|
||||
| Controller node | | VMware | | +-----+ | +------+ | | |
|
||||
| | | vCenter | +------+ | VM6 +--+ | | |
|
||||
| +----------------+ | | | | | +-----+ | | |
|
||||
| |nova-compute | | | | | +---------------------+ | |
|
||||
| |services +----+ +-+ | |
|
||||
| |+-------------+ | | | | | +---------------------------------| |
|
||||
| ||nova-network + | | | | | | +---------------------+ | |
|
||||
| || + | | | | +--o---+ ESXi2 | | |
|
||||
| |+----+----+---+ | | | | | | +-----+ | | |
|
||||
| +-----|----|-----+ | +---------+ | | | VM7 +--+ | | |
|
||||
+--------|----|-------+ | | +-----+ | +------+ | | |
|
||||
| | | | +-+-br103+-+-------| |
|
||||
| +-------------------------+ | +-----+ | +------+ | |
|
||||
| | | VM8 +--+ | |
|
||||
| | +-----+ | |
|
||||
| | | |
|
||||
| | +-----+ | |
|
||||
| | | VM3 +--+ | |
|
||||
| | +-----+ | +------+ | |
|
||||
| | +-+-br100+-+---------+
|
||||
| | +-----+ | +------+ | |
|
||||
| | | VM4 +--+ | |
|
||||
| | +-----+ | |
|
||||
| +---------------------+ |
|
||||
| |
|
||||
+------------------------------------------------------------------+
|
||||
|
||||
|
||||
Alternatives
|
||||
------------
|
||||
|
||||
Using FlatDHCPManager mode of nova-network or neutron networking.
|
||||
|
||||
Data model impact
|
||||
-----------------
|
||||
|
||||
None
|
||||
|
||||
REST API impact
|
||||
---------------
|
||||
|
||||
None
|
||||
|
||||
Upgrade impact
|
||||
--------------
|
||||
|
||||
None
|
||||
|
||||
Security impact
|
||||
---------------
|
||||
|
||||
Because in this mode virtual machines from different tenants work in different
|
||||
L2 segments, security of environment will be increased by this changes.
|
||||
|
||||
Notifications impact
|
||||
--------------------
|
||||
|
||||
None
|
||||
|
||||
Other end user impact
|
||||
---------------------
|
||||
|
||||
None
|
||||
|
||||
Performance Impact
|
||||
------------------
|
||||
|
||||
Some network performance improvement is awaited due to segregating virtual
|
||||
machines into different broadcast domains. This effect will be increased with
|
||||
growth of cloud and amount of virtual machines.
|
||||
|
||||
Other deployer impact
|
||||
---------------------
|
||||
|
||||
Because this technology is based on vlan tagging before deploy you need to make
|
||||
sure, that your switch supports 802.1q standard.
|
||||
|
||||
Developer impact
|
||||
----------------
|
||||
|
||||
None
|
||||
|
||||
Implementation
|
||||
==============
|
||||
|
||||
Assignee(s)
|
||||
-----------
|
||||
|
||||
Primary assignee: igajsin (Igor Gajsin)
|
||||
|
||||
Feature Lead: gcon-monolake (Andrey Danin)
|
||||
|
||||
QA: tdubyk (Tatyana Dubyk)
|
||||
|
||||
Documentations: ipovolotskaya (Irina Povolotskaya)
|
||||
|
||||
Work Items
|
||||
----------
|
||||
|
||||
* Unlock UI element to enable 'VLAN Manager' option.
|
||||
|
||||
* Understand how it works.
|
||||
|
||||
* Make changes manually.
|
||||
|
||||
* Write puppet manifests.
|
||||
|
||||
|
||||
Dependencies
|
||||
============
|
||||
|
||||
None
|
||||
|
||||
|
||||
Testing
|
||||
=======
|
||||
|
||||
* Perform manual acceptance testing of this feature to verify that with Vlan
|
||||
Manager we can create environment that will pass network connectivity.
|
||||
|
||||
* Check that all ostf tests, which are linked with network connectivity will
|
||||
be passed.
|
||||
|
||||
Documentation Impact
|
||||
====================
|
||||
|
||||
Fuel documentation which describes networking in vCenter based deployment must
|
||||
be rewritten with taking into account new features:
|
||||
|
||||
* New work mode of nova-network.
|
||||
|
||||
* New UI with unlocked element.
|
||||
|
||||
* How to configure network interfaces on controller node according to
|
||||
configuration of vCenter and ESXi-hosts must have a detailed description.
|
||||
|
||||
References
|
||||
==========
|
||||
|
||||
[1] http://docs.openstack.org/grizzly/openstack-compute/admin/content/vmware.html#VMWare_networkin
|
Loading…
Reference in New Issue
Block a user