194 lines
6.4 KiB
ReStructuredText
194 lines
6.4 KiB
ReStructuredText
==========================================
|
|
VLAN manager support for vCenter
|
|
==========================================
|
|
|
|
https://blueprints.launchpad.net/fuel/+spec/vcenter-vlan-manager
|
|
|
|
Now, in a 5.0 and 5.1 releases Fuel doesn't support Nova-Network in VLANmanager
|
|
mode for vCenter as a hypervisor. We want to add this feature in Fuel 6.0.
|
|
|
|
|
|
Problem description
|
|
===================
|
|
|
|
Nova-network can run in several modes, but only FlatDHCPManager works properly
|
|
with vCenter now. In this case all virtual machines (even used by different
|
|
tenants) are contained in one L2 broadcast domain. Also only one pool of ip
|
|
addresses is used for all tenants. It is a problem for security and
|
|
scalability.
|
|
|
|
|
|
Proposed change
|
|
===============
|
|
|
|
We can avoid problems which were described in the previous point by using vlan
|
|
technology. Thereafter fuel-clouds will meet the needs of huge enterprise
|
|
deployment.
|
|
|
|
To fully support VlanManager the following changes must be implemented:
|
|
|
|
* Unlock 'VLAN Manager' --- element of UI on the Networks tab for choosing this
|
|
variant of networking mode.
|
|
|
|
* Provide correct configuration to nova-network service for managing
|
|
portgroups, vlans and networks as described in [1].
|
|
|
|
This is the principle scheme of deployment configuration:
|
|
|
|
::
|
|
|
|
+---------------------+
|
|
| ESXi1 |
|
|
| +-----+ |
|
|
| | VM1 +--+ |
|
|
| +-----+ | +------+ |vlan 100
|
|
| +-+-br100+-+---------|
|
|
| +-----+ | +------+ | |
|
|
| | VM2 +--+ | |
|
|
| +-----+ | |
|
|
| | |
|
|
| +-----+ | |
|
|
| | VM5 +--+ | |
|
|
| +-----+ | +------+ |vlan 103 |
|
|
+---------------------+ +---------+ | +-+-br103+-+-------+ |
|
|
| Controller node | | VMware | | +-----+ | +------+ | | |
|
|
| | | vCenter | +------+ | VM6 +--+ | | |
|
|
| +----------------+ | | | | | +-----+ | | |
|
|
| |nova-compute | | | | | +---------------------+ | |
|
|
| |services +----+ +-+ | |
|
|
| |+-------------+ | | | | | +---------------------------------| |
|
|
| ||nova-network + | | | | | | +---------------------+ | |
|
|
| || + | | | | +--o---+ ESXi2 | | |
|
|
| |+----+----+---+ | | | | | | +-----+ | | |
|
|
| +-----|----|-----+ | +---------+ | | | VM7 +--+ | | |
|
|
+--------|----|-------+ | | +-----+ | +------+ | | |
|
|
| | | | +-+-br103+-+-------| |
|
|
| +-------------------------+ | +-----+ | +------+ | |
|
|
| | | VM8 +--+ | |
|
|
| | +-----+ | |
|
|
| | | |
|
|
| | +-----+ | |
|
|
| | | VM3 +--+ | |
|
|
| | +-----+ | +------+ | |
|
|
| | +-+-br100+-+---------+
|
|
| | +-----+ | +------+ | |
|
|
| | | VM4 +--+ | |
|
|
| | +-----+ | |
|
|
| +---------------------+ |
|
|
| |
|
|
+------------------------------------------------------------------+
|
|
|
|
|
|
Alternatives
|
|
------------
|
|
|
|
Using FlatDHCPManager mode of nova-network or neutron networking.
|
|
|
|
Data model impact
|
|
-----------------
|
|
|
|
None
|
|
|
|
REST API impact
|
|
---------------
|
|
|
|
None
|
|
|
|
Upgrade impact
|
|
--------------
|
|
|
|
None
|
|
|
|
Security impact
|
|
---------------
|
|
|
|
Because in this mode virtual machines from different tenants work in different
|
|
L2 segments, security of environment will be increased by this changes.
|
|
|
|
Notifications impact
|
|
--------------------
|
|
|
|
None
|
|
|
|
Other end user impact
|
|
---------------------
|
|
|
|
None
|
|
|
|
Performance Impact
|
|
------------------
|
|
|
|
Some network performance improvement is awaited due to segregating virtual
|
|
machines into different broadcast domains. This effect will be increased with
|
|
growth of cloud and amount of virtual machines.
|
|
|
|
Other deployer impact
|
|
---------------------
|
|
|
|
Because this technology is based on vlan tagging before deploy you need to make
|
|
sure, that your switch supports 802.1q standard.
|
|
|
|
Developer impact
|
|
----------------
|
|
|
|
None
|
|
|
|
Implementation
|
|
==============
|
|
|
|
Assignee(s)
|
|
-----------
|
|
|
|
Primary assignee: igajsin (Igor Gajsin)
|
|
|
|
Feature Lead: gcon-monolake (Andrey Danin)
|
|
|
|
QA: tdubyk (Tatyana Dubyk)
|
|
|
|
Documentations: ipovolotskaya (Irina Povolotskaya)
|
|
|
|
Work Items
|
|
----------
|
|
|
|
* Unlock UI element to enable 'VLAN Manager' option.
|
|
|
|
* Understand how it works.
|
|
|
|
* Make changes manually.
|
|
|
|
* Write puppet manifests.
|
|
|
|
|
|
Dependencies
|
|
============
|
|
|
|
None
|
|
|
|
|
|
Testing
|
|
=======
|
|
|
|
* Perform manual acceptance testing of this feature to verify that with Vlan
|
|
Manager we can create environment that will pass network connectivity.
|
|
|
|
* Check that all ostf tests, which are linked with network connectivity will
|
|
be passed.
|
|
|
|
Documentation Impact
|
|
====================
|
|
|
|
Fuel documentation which describes networking in vCenter based deployment must
|
|
be rewritten with taking into account new features:
|
|
|
|
* New work mode of nova-network.
|
|
|
|
* New UI with unlocked element.
|
|
|
|
* How to configure network interfaces on controller node according to
|
|
configuration of vCenter and ESXi-hosts must have a detailed description.
|
|
|
|
References
|
|
==========
|
|
|
|
[1] http://docs.openstack.org/grizzly/openstack-compute/admin/content/vmware.html#VMWare_networkin
|