Allow OVS bridges to connect directly to interface

Currently we require a Linux bridge to exist between OVS and the physical interface. This is necessary if you want to set an IP on the native VLAN of that interface, but that is not always the case. This change allows the physical interface (or any non-bridge interface) to be plugged into OVS. Change-Id: I2172a74f4719605f6ec81fadec46ce49f8310a96 Story: 2007364 Task: 38920
2020-01-30 14:55:42 +00:00 · 2020-01-30 14:55:42 +00:00 · 073499f322
commit 073499f322
parent e0932bd788
3 changed files with 29 additions and 13 deletions
--- a/ansible/kolla-ansible.yml
+++ b/ansible/kolla-ansible.yml
@ -71,7 +71,7 @@
    - name: Initialise facts containing the network host interfaces
      set_fact:
        # Initialise the following lists.
-        kolla_neutron_bridge_interfaces: []
+        kolla_neutron_interfaces: []
        kolla_neutron_bridge_names: []
        kolla_neutron_external_interfaces: []

@ -79,24 +79,29 @@
    # bridge interface rather than the untagged interface. We therefore
    # strip the .<vlan> suffix of the interface name. We use a union here
    # as a single tagged interface may be shared between these networks.
-    - name: Set a fact containing the bridges to be patched to the Neutron OVS bridges
+    - name: Set a fact containing the interfaces to be plugged to the Neutron OVS bridges
      set_fact:
-        kolla_neutron_bridge_interfaces: >
-          {{ kolla_neutron_bridge_interfaces |
+        kolla_neutron_interfaces: >
+          {{ kolla_neutron_interfaces |
             union([item | net_interface | replace('.' ~ item | net_vlan | default('!nomatch!'), '')]) |
             list }}
      with_items: "{{ [provision_wl_net_name, cleaning_net_name] + external_net_names | unique | list }}"
      when: item in network_interfaces

    - name: Set facts containing the Neutron bridge and interface names
+      vars:
+        is_bridge: "{{ item in (network_interfaces | net_select_bridges | map('net_interface')) }}"
+        # For a bridge, use a veth pair connected to the bridge. Otherwise use
+        # the interface directly.
+        external_interface: "{{ (network_patch_prefix ~ item ~ network_patch_suffix_ovs) if is_bridge else item }}"
      set_fact:
        kolla_neutron_bridge_names: >
          {{ kolla_neutron_bridge_names +
             [item ~ network_bridge_suffix_ovs] }}
        kolla_neutron_external_interfaces: >
          {{ kolla_neutron_external_interfaces +
-             [network_patch_prefix ~ item ~ network_patch_suffix_ovs] }}
-      with_items: "{{ kolla_neutron_bridge_interfaces }}"
+             [external_interface] }}
+      with_items: "{{ kolla_neutron_interfaces }}"

    - name: Validate overcloud host Kolla Ansible network configuration
      fail:
--- a/ansible/network.yml
+++ b/ansible/network.yml
@ -77,26 +77,28 @@
    - config
    - network
  vars:
-    veth_bridge_mtu_map: {}
+    veth_mtu_map: {}
    veth_interfaces: []
  pre_tasks:
    # When these networks are VLANs, we need to use the underlying tagged
-    # bridge interface rather than the untagged interface. We therefore strip
+    # interface rather than the untagged interface. We therefore strip
    # the .<vlan> suffix of the interface name. We use a union here as a single
    # tagged interface may be shared between these networks.
    - name: Update a fact containing bridges to be patched to the Neutron OVS bridge
      set_fact:
-        veth_bridge_mtu_map: >
-          {{ veth_bridge_mtu_map | combine({interface: mtu}) }}
+        veth_mtu_map: >
+          {{ veth_mtu_map | combine({interface: mtu}) }}
      with_items: "{{ [provision_wl_net_name, cleaning_net_name] + external_net_names | unique | list }}"
-      when: item in network_interfaces
+      when:
+        - item in network_interfaces
+        - item | net_is_bridge
      vars:
        interface: "{{ item | net_interface | replace('.' ~ item | net_vlan | default('!nomatch!'), '') }}"
        # Determine the MTU as the maximum of all subinterface MTUs. Only
        # interfaces with an explicit MTU set will be taken account of. If no
        # interface has an explicit MTU set, then the corresponding veth will
        # not either.
-        mtu_list: "{{ [veth_bridge_mtu_map.get(interface), item | net_mtu] | select | map('int') | list }}"
+        mtu_list: "{{ [veth_mtu_map.get(interface), item | net_mtu] | select | map('int') | list }}"
        mtu: "{{ mtu_list | max if mtu_list | length > 0 else None }}"

    - name: Update a fact containing veth interfaces
@ -111,6 +113,6 @@
               'peer_bootproto': 'static',
               'peer_mtu': item.value,
               'onboot': 'yes'}] }}
-      with_dict: "{{ veth_bridge_mtu_map }}"
+      with_dict: "{{ veth_mtu_map }}"
  roles:
    - role: veth
--- a/releasenotes/notes/plug-ovs-phy-f180d9bb9dd25dab.yaml
+++ b/releasenotes/notes/plug-ovs-phy-f180d9bb9dd25dab.yaml
@ -0,0 +1,9 @@
+---
+features:
+  - |
+    Adds support for plugging the Open vSwitch provider bridge directly into a
+    an Ethernet interface. Previously it was necessary to define a Linux
+    bridge, into which Kayobe would plug a virtual Ethernet pair. The use of a
+    direct connection may provide improved performance, or allow additional
+    hardware offloading. See `story 2007364
+    <https://storyboard.openstack.org/#!/story/2007364>`_ for details.