Browse Source

Merge "Documentation for Octavia's OVN Driver"

Zuul 3 months ago
parent
commit
cb2e6b2bf5
2 changed files with 210 additions and 0 deletions
  1. 1
    0
      doc/source/admin/index.rst
  2. 209
    0
      doc/source/admin/loadbalancer.rst

+ 1
- 0
doc/source/admin/index.rst View File

@@ -12,4 +12,5 @@ Administration Guide
12 12
    refarch/refarch
13 13
    dpdk
14 14
    containers
15
+   loadbalancer
15 16
    troubleshooting

+ 209
- 0
doc/source/admin/loadbalancer.rst View File

@@ -0,0 +1,209 @@
1
+OVN as Provider Driver for Octavia
2
+==================================
3
+
4
+Octavia has integrated support for provider drivers where any third party
5
+Load Balancer driver can be integrated with Octavia. Functionality related
6
+to this has been developed in OVN and now OVN can now be supported as a
7
+provider driver for Octavia.
8
+
9
+OVN Provider driver has few advantages when used a provider driver for Octavia
10
+over Amphora, like:
11
+
12
+* OVN can be deployed without VMs. So there is no additional overhead of VMs as
13
+  is required currently in Octavia when using the default Amphora driver.
14
+
15
+* OVN Load Balancers can be deployed faster than default Load Balancers in
16
+  Octavia (which use Amphora currently) because of no additional deployment
17
+  requirement.
18
+
19
+* Since OVN supports virtual networking for both VMs and containers, OVN as a
20
+  Load Balancer driver can be used succesfully with Kuryr Kubernetes[1].
21
+
22
+Limitations of OVN Provider Driver
23
+----------------------------------
24
+
25
+OVN has its own set of limitations when considered as an Load Balancer driver.
26
+These include:
27
+
28
+* OVN currently supports TCP and UDP. So Layer-7 based Load Balancing is not
29
+  possible with OVN. However, once Layer-7 support is integrated in OVN, this
30
+  issue can be resolved.
31
+
32
+* There are no *Health Monitors* currently in OVN's Driver for Load Balancer.
33
+  Therefore Health Checking is not possible with OVN.
34
+
35
+* Currently, OVN driver supports a 1:1 protocol mapping between Listeners
36
+  and associated Pools i.e. Listener which can handle TCP protocol can only be
37
+  associated with pools associated to TCP protocol. Pools handling UDP protocol
38
+  cannot be linked with TCP based Listeners. This limitation will be
39
+  handled in the upcoming core OVN release.
40
+
41
+Creating OVN based Load Balancer
42
+--------------------------------
43
+
44
+OVN provider driver can be tested out on DevStack using the configuration
45
+options in:
46
+
47
+.. literalinclude:: ../../../devstack/ovn-octavia-provider.conf.sample
48
+
49
+Kindly note that the configuration allows the user to create
50
+Load Balancers of both Amphora and OVN types.
51
+
52
+Once the DevStack run is complete, the user can create a load balancer
53
+in Openstack::
54
+
55
+    $ openstack loadbalancer create --vip-network-id public --provider ovn
56
+    +---------------------+--------------------------------------+
57
+    | Field               | Value                                |
58
+    +---------------------+--------------------------------------+
59
+    | admin_state_up      | True                                 |
60
+    | created_at          | 2018-12-13T09:08:14                  |
61
+    | description         |                                      |
62
+    | flavor              |                                      |
63
+    | id                  | 94e7c431-912b-496c-a247-d52875d44ac7 |
64
+    | listeners           |                                      |
65
+    | name                |                                      |
66
+    | operating_status    | OFFLINE                              |
67
+    | pools               |                                      |
68
+    | project_id          | af820b57868c4864957d523fb32ccfba     |
69
+    | provider            | ovn                                  |
70
+    | provisioning_status | PENDING_CREATE                       |
71
+    | updated_at          | None                                 |
72
+    | vip_address         | 172.24.4.9                           |
73
+    | vip_network_id      | ee97665d-69d0-4995-a275-27855359956a |
74
+    | vip_port_id         | c98e52d0-5965-4b22-8a17-a374f4399193 |
75
+    | vip_qos_policy_id   | None                                 |
76
+    | vip_subnet_id       | 3eed0c05-6527-400e-bb80-df6e59d248f1 |
77
+    +---------------------+--------------------------------------+
78
+
79
+The user can see the different types of loadbalancers with their associated
80
+providers as below::
81
+
82
+    +--------------------------------------+------+----------------------------------+-------------+---------------------+----------+
83
+    | id                                   | name | project_id                       | vip_address | provisioning_status | provider |
84
+    +--------------------------------------+------+----------------------------------+-------------+---------------------+----------+
85
+    | c5f2070c-d51d-46f0-bec6-dd05e7c19370 |      | af820b57868c4864957d523fb32ccfba | 172.24.4.10 | ACTIVE              | amphora  |
86
+    | 94e7c431-912b-496c-a247-d52875d44ac7 |      | af820b57868c4864957d523fb32ccfba | 172.24.4.9  | ACTIVE              | ovn      |
87
+    +--------------------------------------+------+----------------------------------+-------------+---------------------+----------+
88
+
89
+Now we can see that OVN will show the load balancer in its *loadbalancer*
90
+table::
91
+
92
+    $ ovn-nbctl list load_balancer
93
+    _uuid               : c72de15e-5c2e-4c1b-a21b-8e9a6721193c
94
+    external_ids        : {enabled=True,
95
+                           lr_ref="neutron-3d2a873b-b5b4-4d14-ac24-47a835fd47b2",
96
+                           ls_refs="{\"neutron-ee97665d-69d0-4995-a275-27855359956a\": 1}",
97
+                           "neutron:vip"="172.24.4.9",
98
+                           "neutron:vip_port_id"="c98e52d0-5965-4b22-8a17-a374f4399193"}
99
+    name                : "94e7c431-912b-496c-a247-d52875d44ac7"
100
+    protocol            : tcp
101
+    vips                : {}
102
+
103
+Next, a Listener can be created for the associated Load Balancer::
104
+
105
+    $ openstack loadbalancer listener create --protocol TCP --protocol-port /
106
+      64015 94e7c431-912b-496c-a247-d52875d44ac7
107
+    +---------------------------+--------------------------------------+
108
+    | Field                     | Value                                |
109
+    +---------------------------+--------------------------------------+
110
+    | admin_state_up            | True                                 |
111
+    | connection_limit          | -1                                   |
112
+    | created_at                | 2018-12-13T09:14:51                  |
113
+    | default_pool_id           | None                                 |
114
+    | default_tls_container_ref | None                                 |
115
+    | description               |                                      |
116
+    | id                        | 21e77cde-854f-4c3e-bd8c-9536ae0443bc |
117
+    | insert_headers            | None                                 |
118
+    | l7policies                |                                      |
119
+    | loadbalancers             | 94e7c431-912b-496c-a247-d52875d44ac7 |
120
+    | name                      |                                      |
121
+    | operating_status          | OFFLINE                              |
122
+    | project_id                | af820b57868c4864957d523fb32ccfba     |
123
+    | protocol                  | TCP                                  |
124
+    | protocol_port             | 64015                                |
125
+    | provisioning_status       | PENDING_CREATE                       |
126
+    | sni_container_refs        | []                                   |
127
+    | timeout_client_data       | 50000                                |
128
+    | timeout_member_connect    | 5000                                 |
129
+    | timeout_member_data       | 50000                                |
130
+    | timeout_tcp_inspect       | 0                                    |
131
+    | updated_at                | None                                 |
132
+    +---------------------------+--------------------------------------+
133
+
134
+OVN updates the Listener information in the Load Balancer table::
135
+
136
+    $ ovn-nbctl list load_balancer
137
+    _uuid               : c72de15e-5c2e-4c1b-a21b-8e9a6721193c
138
+    external_ids        : {enabled=True, "listener_21e77cde-854f-4c3e-bd8c-9536ae0443bc"="64015:", lr_ref="neutron-3d2a873b-b5b4-4d14-ac24-47a835fd47b2", ls_refs="{\"neutron-ee97665d-69d0-4995-a275-27855359956a\": 1}", "neutron:vip"="172.24.4.9", "neutron:vip_port_id"="c98e52d0-5965-4b22-8a17-a374f4399193"}
139
+    name                : "94e7c431-912b-496c-a247-d52875d44ac7"
140
+    protocol            : tcp
141
+    vips                : {}
142
+
143
+Next, a Pool is associated with the Listener::
144
+
145
+    $ openstack loadbalancer pool create --protocol TCP --lb-algorithm /
146
+    ROUND_ROBIN --listener 21e77cde-854f-4c3e-bd8c-9536ae0443bc
147
+    +---------------------+--------------------------------------+
148
+    | Field               | Value                                |
149
+    +---------------------+--------------------------------------+
150
+    | admin_state_up      | True                                 |
151
+    | created_at          | 2018-12-13T09:21:37                  |
152
+    | description         |                                      |
153
+    | healthmonitor_id    |                                      |
154
+    | id                  | 898be8a2-5185-4f3b-8658-a56457f595a9 |
155
+    | lb_algorithm        | ROUND_ROBIN                          |
156
+    | listeners           | 21e77cde-854f-4c3e-bd8c-9536ae0443bc |
157
+    | loadbalancers       | 94e7c431-912b-496c-a247-d52875d44ac7 |
158
+    | members             |                                      |
159
+    | name                |                                      |
160
+    | operating_status    | OFFLINE                              |
161
+    | project_id          | af820b57868c4864957d523fb32ccfba     |
162
+    | protocol            | TCP                                  |
163
+    | provisioning_status | PENDING_CREATE                       |
164
+    | session_persistence | None                                 |
165
+    | updated_at          | None                                 |
166
+    +---------------------+--------------------------------------+
167
+
168
+OVN's Load Balancer table is modified as below::
169
+
170
+    $ ovn-nbctl list load_balancer
171
+    _uuid               : c72de15e-5c2e-4c1b-a21b-8e9a6721193c
172
+    external_ids        : {enabled=True, "listener_21e77cde-854f-4c3e-bd8c-9536ae0443bc"="64015:", lr_ref="neutron-3d2a873b-b5b4-4d14-ac24-47a835fd47b2", ls_refs="{\"neutron-ee97665d-69d0-4995-a275-27855359956a\": 1}", "neutron:vip"="172.24.4.9", "neutron:vip_port_id"="c98e52d0-5965-4b22-8a17-a374f4399193", "pool_898be8a2-5185-4f3b-8658-a56457f595a9"=""}
173
+    name                : "94e7c431-912b-496c-a247-d52875d44ac7"
174
+    protocol            : tcp
175
+    vips                : {}
176
+
177
+Lastly, when a member is created, OVN's Load Balancer table is complete::
178
+
179
+    $ openstack loadbalancer member create --address 10.10.10.10 /
180
+    --protocol-port 63015 898be8a2-5185-4f3b-8658-a56457f595a9
181
+    +---------------------+--------------------------------------+
182
+    | Field               | Value                                |
183
+    +---------------------+--------------------------------------+
184
+    | address             | 10.10.10.10                          |
185
+    | admin_state_up      | True                                 |
186
+    | created_at          | 2018-12-13T09:26:05                  |
187
+    | id                  | adf55e70-3d50-4e62-99fd-dd77eababb1c |
188
+    | name                |                                      |
189
+    | operating_status    | NO_MONITOR                           |
190
+    | project_id          | af820b57868c4864957d523fb32ccfba     |
191
+    | protocol_port       | 63015                                |
192
+    | provisioning_status | PENDING_CREATE                       |
193
+    | subnet_id           | None                                 |
194
+    | updated_at          | None                                 |
195
+    | weight              | 1                                    |
196
+    | monitor_port        | None                                 |
197
+    | monitor_address     | None                                 |
198
+    | backup              | False                                |
199
+    +---------------------+--------------------------------------+
200
+    $ ovn-nbctl list load_balancer
201
+    _uuid               : c72de15e-5c2e-4c1b-a21b-8e9a6721193c
202
+    external_ids        : {enabled=True, "listener_21e77cde-854f-4c3e-bd8c-9536ae0443bc"="64015:pool_898be8a2-5185-4f3b-8658-a56457f595a9", lr_ref="neutron-3d2a873b-b5b4-4d14-ac24-47a835fd47b2", ls_refs="{\"neutron-ee97665d-69d0-4995-a275-27855359956a\": 1}", "neutron:vip"="172.24.4.9", "neutron:vip_port_id"="c98e52d0-5965-4b22-8a17-a374f4399193", "pool_898be8a2-5185-4f3b-8658-a56457f595a9"="member_adf55e70-3d50-4e62-99fd-dd77eababb1c_10.10.10.10:63015"}
203
+    name                : "94e7c431-912b-496c-a247-d52875d44ac7"
204
+    protocol            : tcp
205
+    vips                : {"172.24.4.9:64015"="10.10.10.10:63015"}
206
+
207
+
208
+[1]: https://docs.openstack.org/kuryr-kubernetes/rocky/installation/services.html
209
+

Loading…
Cancel
Save