Commit Graph

39 Commits (72c7a90b55a3d233b32f133fcaf631a076e76e04)

Author SHA1 Message Date
Daniel Alvarez 512171e132 Rename OVN metadata agent configuration file
In order to avoid confusion with the metadata agent in ML2/OVS,
the configuration file for OVN metadata agent is renamed.

Change-Id: I1e47e421a629086ce14444aba9c6e8a8ff3a489f
2017-08-11 14:11:55 +02:00
Jenkins 9645ec045b Merge "Make Metadata agent independent from other config files" 2017-08-10 10:36:03 +00:00
Miguel Angel Ajo 2e8e248448 Make the metadata support work on multinode
The nova_metadata_ip config for the metadata daemon has to point
to the SERVICE_HOST (controller) instead of HOST_IP (the host
being deployed).

Also the service_metadata_proxy True has to be set along with
the n-api-metadata service (not n-cpu), so the nova-metadata server
will see the setting.

Change-Id: Ia7c6fd5921fdee7399b53ac823d172000d508644
2017-08-07 17:47:59 +02:00
Daniel Alvarez aa9431708d Make Metadata agent independent from other config files
Right now we're starting metadata agent passing in neutron and ml2
config files. In multinode environments we can't assume that those
files will be present in compute nodes so this patch is adding the
necessary parameters to metadata config file so that it doesn't
depend on any more files.

Change-Id: Ibc7cc750f26bbbbb0fc5f63c3863ef5b3705ddd8
2017-08-07 09:33:36 +00:00
Akihiro Motoki f0c3db805d Improve oslo-config-generator setting
* Use oslo-config-generator config file to generate ml2_conf.ini.
  This can be used by oslo_config sphinxext in a follow-up patch.
* Generate metadata_agent.ini sample automatically.
  Previously metadata_agent.ini was maintained manually.
* Update .gitignore not to ignore etc directory.
  I see no good reason not to maintain etc directory in the repo.
* Update devstack plugin to ensure the output directory
  where the ml2_conf sample file will be generated.

Preparation for auto-generated config reference
as part of doc-migration community-wide effort.

Change-Id: I64c6c66f9e14b558733254e9c9c2c64d647b70f8
2017-08-04 18:30:43 +00:00
Daniel Alvarez e99144b872 Configure ovn_metadata_enabled option in devstack
Depending on whether OVN metadata service is enabled or not,
devstack will now configure the plugin accordingly.

Change-Id: Ibf8c7b4eea58e105ae660dedff98aeb673f375a4
2017-07-14 12:19:51 +00:00
Daniel Alvarez ad1fea3e7b Metadata agent support in networking-ovn
Initial implementation

Changes in the mechanism driver:

    * Automatically create a port with device_owner=network:dhcp to
      serve metadata and eventually DHCP.
    * Auto-allocate an IP for the metadata port on subnet creation.
    * Push static route for in DHCP options.
    * Wait until metadata service is provisioned in the chassis where
      a port resides before sending the event to Nova.


    * Implementation of [0].

Devstack plugin:

    * Starts networking-ovn-agent with the proper config files.
    * Disables config drive in nova.conf for tempest against master
    * Enables TEMPEST_RUN_VALIDATION for tempest against master branch.

In order to test this patch out we need to make these changes to

    * [DEFAULT] section:
      force_config_drive = False
    * [neutron] section:
      service_metadata_proxy = True

This patch depends on [1] and [2] (already merged into OVS master).
NOTE: Metadata tests are only enabled for the non-voting tempest job
      which runs against OVS master branch. The release job runs against
      OVS 2.7 which doesn't include [1][2] so those tests are disabled
      until OVS 2.8 is released.


Change-Id: Ife2fd18f2f88050429e70c7e557fa41d2d54b034
2017-07-13 13:12:32 +00:00
Lucas Alvares Gomes eee42815ac DevStack: Support to install ovsdbapp from git master
This patch is extending the DevStack plugin to allow installing ovsdbapp
from git master branch. This will be used in the ovsdbapp gate to run
the latest code against networking-ovn to ensure that changes made to
the ovsdbapp library won't break the project.

Change-Id: I3ea1fb34c22685130153fd9edca1c1c89cd45291
2017-07-10 09:35:30 +01:00
Dong Jun b5d457d1f5 Fix gate failures
Networking-ovn gate failed for ovn-controller service error.
Use absolute path command and pass user as a parameter to run_process
Ralated commit:

Another problem is regarding the commit
d0c961a99f570ec1973bf5540ba9237b6720c848 from OVS that removed the
run, log, and db directories as part of the normal `make install`
process. These directories were expected to be in place, so this patch
is manually creating them before the DevStack module for networking-ovn
tries to set some permissions on them.

Co-Authored-By: Lucas Alvares Gomes <>
Change-Id: I0293c275f782d3f2fd3ea9d078a94c05b6a0b314
Closes-Bug: #1687568
2017-05-02 11:52:52 +01:00
Dong Jun 5be4e22723 Repair master CI unit test and python3.5 dsvm functional test
Adapt new QoS driver to fix devstack failure.
Override test_floatingip_update_subnet_gateway_disabled to fix unit
Change mapping_dict.keys() to list(mapping_dict.keys()) in
_get_chassis_physnets to fix python3.5 dsvm functional test

Closes-Bug: #1683722
Closes-Bug: #1659821
Change-Id: Ic51ca5e396a34197cdc60844a9eaaa605041ccc5
2017-04-19 12:41:20 +00:00
Jenkins a10075421c Merge "Remove DHCP and L3 agent remnants." 2017-04-12 05:29:26 +00:00
Russell Bryant ac226200ab Remove DHCP and L3 agent remnants.
Both the L3 and DHCP agents are no longer supported.  Remove many more
remnants from when they were supported.

Change-Id: If71489f9ac56c7c26746d0fbfb4640e570591f26
Signed-off-by: Russell Bryant <>
2017-04-06 16:01:52 -04:00
Dong Jun 21d9731b86 Add "sudo make distclean" to cleanup_ovn for devstack
After kernel updated, kernel devel-lib was updated as well, generated
makefile in OVS became stale, that using and then
can't re-compile new OVS kernel module.
Add "sudo make distclean" to cleanup_ovn to wipe generated makefile.

Change-Id: Id18b64f7a7fe92c484798e2a66b31bff14f2d39e
Signed-off-by: Dong Jun <>
2017-04-06 21:02:31 +08:00
Russell Bryant 92952f0165 Clarify that native L3 is always used.
Remove all remaining remnants of L3 agent support.

Change-Id: Ia9e97837e6eb1a23435f2def74060032ce0e5409
Closes-bug: 1626717
Signed-off-by: Russell Bryant <>
2017-02-16 02:31:55 -05:00
Dong Jun 06890430ce Support distributed NAT in networking-ovn native L3 routing
This is a patch for supporting distributed NAT with centralized NAT rules
in networking-ovn native L3 routing.

Remove transit network
Support scheduling gateway port by setting redirect-chassis
Support gateway sNAT
Support gateway default route
Support floating IP
Support full sync including sNAT, gateway route and floating IP

Unit tests of syncing sNAT and FIP
Gratuitous ARP for sNAT and FIP

Closes-Bug: #1658622
Change-Id: I217d6c391140fa4392ae1cea0bc21c9ea0521796
Signed-off-by: Dong Jun <>
Co-authored-by: Guoshuai Li <>
2017-02-14 13:13:14 +08:00
Dong Jun bede7178cb Devstack failed for OVS DB connection modification
Caused by this ovs commit:
To improve security, the NB and SB ovsdb daemons no longer
have open ptcp connections by default.  This is a change in
behavior from previous versions, users wishing to use TCP
connections to the NB/SB daemons can either request that
a passive TCP connection be used via ovn-ctl command-line
options (e.g. via OVN_CTL_OPTS/OVN_NORTHD_OPTS in startup

Thus add option to devstack:

Change-Id: Ic57b971c8f35235fcaf3a5200de3f18e5166cdc1
Signed-off-by: Dong Jun <>
2017-01-06 15:58:00 +08:00
Numan Siddique dc544185e5 Fix the CI failures after xenial uprade
These fixes are workaround for now.

Change-Id: If4692106dfd4e38a6a744c8ac8a161aad8d49228
Partial-bug: #1648670
2016-12-12 14:53:22 +05:30
Chandra S Vejendla b40f1dda47 NAT support (SNAT, FloatingIP)
This commit introduces the NAT support for networking-ovn. The proposal for
NAT support can be found @ [1]

1. Add functional test cases (To be followed up in a different patch)
2. Add sync code (Opened a bug to track this)
3. Add unit tests for the new ovsdb APIs (Opened a bug to track this)


Change-Id: I9b78ceb6b42e96c1ba58ed269e369b46113edd7e
Closes-Bug: 1514995
Closes-Bug: 1551717
2016-11-03 22:53:48 -05:00
Richard Theis 206d9ae831 Configure subnode for devstack multinode
The new multinode experimental gate job [1] requires the subnode to
be configured properly as a compute node running the OVN controller.


Change-Id: I38f9c243264c88f7f583bf9485edd5cfb81e90cf
Partial-Bug: 1621627
2016-09-28 12:17:48 -05:00
Jenkins 0df8200fed Merge "Revert "Workaround DHCP agent gate issues"" 2016-09-28 01:23:56 +00:00
Kevin Benton 8261203bfe Revert "Workaround DHCP agent gate issues"
This reverts commit 1a765d7afd
now that bug 1624079 is resolved.

Change-Id: I69645d93cae74d0327891ce1dc713461b6ab83ad
2016-09-27 15:37:41 +00:00
Jenkins 943246da2c Merge "Workaround DHCP agent gate issues" 2016-09-22 14:22:46 +00:00
Jenkins db30aa9d8b Merge "Configure vxlan encap on computes for vtep" 2016-09-22 02:15:12 +00:00
Richard Theis 4fed9d01ab Fix test waiting for ovn-northd to start
An incorrect environment variable is used while waiting for ovn-northd
to start. As a result, the test was successful even though ovn-northd
wasn't started. This may cause the subsequent ovs-appctl command to fail
and thus the DevStack deployment to fail. We've seen this periodically
in the gate.

Change-Id: I3c3fbaa57dfff0c1585d349f2746ee6b3d1c6faa
2016-09-21 13:40:28 -05:00
Richard Theis 1a765d7afd Workaround DHCP agent gate issues
The DHCP agent logs in the gate-tempest-dsvm-networking-ovn job
see numerous key errors as reported in bug 1624079. These errors
appear to be related to setting the DHCP agent force_metadata
or enable_isolated_metadata configuration options to True.

These key errors may be related to the recent instability of the
gate-tempest-dsvm-networking-ovn job. While bug 1624079 is being
fixed, we will only force the DHCP agent to handle metadata when
native OVN L3 is enabled.

Change-Id: Iaa13240150dcf7541e4b2adfb9112cf9d006442b
Related-Bug: 1624079
2016-09-21 12:38:47 -05:00
ramu.ramamurthy 551f81c6ec Configure vxlan encap on computes for vtep
The vtep-gw sets up vxlan tunnels to other chassis only if
the encapsulations they support includes vxlan.

For the vagrant vtep-gw testbed, configure vxlan as a
supported encap by default.

Change-Id: I2fa5f318587e0b3b2cea57ac2e345040927de744
2016-09-20 11:22:44 -07:00
Jenkins a831ddb5dd Merge "Fail deployment if q-dhcp and OVN_NATIVE_DHCP enabled" 2016-09-08 21:40:56 +00:00
Richard Theis 2ed6da5aa8 Deployment fixes for DHCP and metadata support
OVN native L3 and DHCP don't provide metadata support so config drive
must be used when both are enabled. However, if the conventional DHCP
agent is enabled it can be configured to provide metadata support.

This patch set provides the necessary DevStack and Vagrant deployment
fixes to properly configure DHCP and metadata support. In addition,
documentation and release notes have been updated accordingly. And
finally, the q-meta service was removed from devstackgatekuryrrc,
since the gate job is setup for OVN native services.

Co-Authored-By: Matt Kassawara <>
Change-Id: I9f6b23247df01c40c127b0e9daecd12f5721ff50
Related-Bug: #1514488
2016-08-30 16:16:27 -05:00
Richard Theis a950b3900b Fail deployment if q-dhcp and OVN_NATIVE_DHCP enabled
Fail deployment if both q-dhcp and OVN_NATIVE_DHCP are enabled. Such
deployments introduce unnecessary neutron DHCP provisioning blocks
and still don't provide DHCP metadata proxy support.

Depends-On: I9f6b23247df01c40c127b0e9daecd12f5721ff50
Change-Id: I0f0241c68b9cf83d8c83a9c9695075ad71ce51ca
Related-Bug: #1514488
2016-08-30 08:21:32 -05:00
Richard Theis 1ab5b175e5 Accept IPv6 RAs on the interface with the default route
Because the native services gate job sets ipv6 forwarding settings,
we stop accepting RAs from IPv6-only host environments. This leads
to a loss of external connectivity, which is bad for zuul running
tests and stuff.

Setting accept_ra to 2 will cause the RAs to be accepted.

This fix is based on [1].


Depends-On: I1f30b550287e2ae0d49accee81a7ce4bddd3e0a4
Change-Id: Iae1b92ec9de087b6786dee372add064c54a01369
2016-08-26 13:51:01 -05:00
Richard Theis aa56bcf806 Support installing ovs python module from ovs source
Support install the ovs python module from ovs source.  This can
be used to test and validate new ovs python features.  This should
only be used for development purposes since the ovs python version
is controlled by OpenStack requirements.

Co-Authored-By: Numan Siddique <>
Change-Id: Icced0f49d3522044356a03b86c7a39788da16ba3
2016-08-05 06:51:37 -05:00
Numan Siddique f4ab65d384 Support native OVN DHCPv4
OVN has added a new DHC_Options table in OVN NB DB to define
DHCP options. Logical Switch ports refer to this table if
DHCP is to be enabled.

This patch creates rows for DHCP_Options for each of the
subnets and adds the reference to the ports when created.

If extra DHCP options are defined for a port, a new
DHCP_Options row is created for the port.

Change-Id: Ia3e229f86bf66f5b9b0d867ff41f56ed4be2e8f4
Closes-bug: #1514488
2016-07-28 00:06:36 +05:30
Amitabha Biswas 2030c299df Add OVN L3 Router Scheduler
This patch provides the infrastructure for the OVN L3 to schedule
the router gateway port. The OVN hypervisor administrator can
set aside certain hypervisors to be used for scheduling router
gateway ports. This is the corresponding WIP patch at the moment:

For now it is assumed that any hypervisor/chassis can host a router
gateway port.

There are 2 types of schedulers defined at the moment
(1) RandomChoice
(2) LeastLoaded

The Chassis (add/delete/update) event is used to schedule router
gateway ports which have not been bound to any chassis.

A future patch will add functional tests.

Change-Id: I83fb561cee642b90c4de41bb8e472f47fa807191
Related-Bug: 1514995
2016-07-26 23:49:31 -07:00
Richard Theis ec6e004385 Fix provider network setup
A recent DevStack change [1] broke the networking-ovn gate. The
change is being reverted [2] to unbreak the gate. However, the
change found a weakness in the OVN provider network setup. In
particular when Q_USE_PROVIDERNET_FOR_PUBLIC=True, the
networking-ovn DevStack plugin should setup the bridge and
bridge mapping like it does when Q_USE_PROVIDER_NETWORKING=True.

The vagrant deployment broke in a different way because
PHYSICAL_NETWORK was not set (which is used to set the
flat networks supported). To fix this, the vagrant deployment
will now use the networking-ovn DevStack plugin for basic
provider network setup.


Related-Bug: #1605423
Change-Id: I63dd83b2374071703d341ec9e8d4d28c11174683
2016-07-22 14:51:23 -05:00
Richard Theis 69d87d8d65 Change tunnel MTU calculation to support IPv6
The tunnel overhead calculation now accounts for the IP overhead.
See [1] for details. As a result, the networking OVN ML2 driver's
geneve max_header_size default configuration is 20 bytes too large
since it included the IPv4 overhead. This patch set takes advantage
of [1] and allows the IP overhead to be calculated by ML2.


Change-Id: Id8ac05c166ebd02e4abf94777020bde34cce808f
Related-Bug: #1584940
2016-07-20 07:17:01 -05:00
Jenkins 12919d0d48 Merge "Grenade plugin for testing OVN migration from ML2/OVS" 2016-07-14 23:36:10 +00:00
Babu Shanmugam 28b2c55d06 Grenade plugin for testing OVN migration from ML2/OVS
A new CI job (non-voting) is created in the patchset

Change-Id: I76a6a7d8cae3a6b8857c6ba323f87565524647e2
2016-07-11 04:58:22 +00:00
Richard Theis e1fac0fa31 Update to neutron-ovs-cleanup gate failure fix
Rework previous fix for gate failures [1] based on review
comments. Instead of overriding the neutron-ovs-cleanup command,
this fix will copy the applicable OVS bridge setup functions
from DevStack with the neutron-ovs-cleanup command removed.


Change-Id: I438f1eea732f28826c0061b16ddaf3f82685a6f7
2016-07-01 12:26:54 -05:00
Babu Shanmugam 5d87c8acf6 Moving functions from devstack/ to a library file
When we write a grenade plugin, we need most of the functions
in Hence moving the functions to a library, it will
enable both the plugin functionalities to operate on the same library.

Change-Id: Idf37e1561318dcf84e89b402c0be3ac4b3cfc266
2016-06-29 08:01:45 +00:00