On OVN compute node, only n-cpu service is enabled. Thus, some
library codes are not sourced and create_nova_conf_neutron could
not be found during nova setup. Source the neutron-legacy in
plugin.sh.
Change-Id: I776c34da11b4a9464076f712821f99276d9e3ea2
Closes-Bug: #1653835
When we write a grenade plugin, we need most of the functions
in plugin.sh. Hence moving the functions to a library, it will
enable both the plugin functionalities to operate on the same library.
Change-Id: Idf37e1561318dcf84e89b402c0be3ac4b3cfc266
When use origin/master, if we re-installed the
devstack with a RECLONE=True, an error will happen
with the error message:
[ERROR] /opt/stack/devstack/functions-common:560 origin/master is neither branch nor tag
Use the branch name without 'origin/' works the same.
Change-Id: I89008b92e0ec355c36c7ae969e3cb97cd0517d97
The /etc/neutron/dnsmasq.conf configuration file isn't needed to
set the MTU option. This is now done by the ML2 framework via
various MTU configuration options (e.g. max_header_size option
for geneve tenant networks).
Change-Id: I26c86f803d51758e1cbb4a7f12ae70ed742ef040
Related-Bug: #1588966
Update the OVN DevStack plugin to use the geneve tenant network
type. This includes related install documentation updates for
ml2_conf.ini.
This patch set also validates network creation precommit. The
validation will ensure a valid network type is used and that
a multi-provider network isn't created (they will be supported
with routed networks).
A follow-on patch set will support vlan tenant network type.
Depends-On: Id75651dfe57a07045a6932a0369668f33c7eef09
Change-Id: I3e25999b24c23413596f1a95f22f794712814ce8
Partial-Bug: #1588966
Add support for the ML2 enable_security_group option under [securitygroup]
in ml2_conf.ini. This option is set to True by default and will control
whether or not ACLs are applied to ports and the port binding value for
CAP_PORT_FILTER.
Also, update devstack plugin to set enable_security_group based on
Q_USE_SECGROUP and comment out firewall_driver since it isn't used by OVN.
And finally, add the security group options to the neutron-ovn-db-sync-util
command.
Change-Id: I73ca9a34ea34f781cbec5680b44e98da309365bb
Closes-Bug: #1588935
The conversion from core plugin to ML2 mechanism driver
resulted in the OVN configuration options moving from
/etc/neutron/plugins/networking-ovn/networking-ovn.ini to
/etc/neutron/neutron.conf. The OVN configuration options
should have been moved to the ML2 configuration file
(/etc/neutron/plugins/ml2/ml2_conf.ini) like is done for
the ML2 OVS options.
In addition, "tox -e genconfig" was updated to generate
an ML2 configuration file with OVN configuration options.
Change-Id: I4bcfc075a3805c8af4e845c89ba0fd81fb49474d
Closes-Bug: #1589205
The gate-tempest-dsvm-networking-ovn-native-l3-nv job is broken due
to changes made by [1]. DevStack now handles L3 network resource
setup (i.e. public network and router) based on the "router" and
"external-net" neutron extensions rather than relying on the q-l3
service being enabled. As a result, we can remove some of the code
copied from DevStack by [2].
[1] https://review.openstack.org/#/c/318145/
[2] https://review.openstack.org/#/c/304859/
Change-Id: I6a04cd206821348306fe375d23d460f963c617b4
Closes-Bug: #1590113
This patch does the following things:
1) Introduces a method to query chassis info(hostname, physnets)
from OVN_SouthBound DB.
2) Introduces an event to match Chassis record creating, deleting
and updating event.
3) Initialize the connection to ovn sb db at startup.
4) Renames the OvsdbOvnIdl class to OvsdbNbOvnIdl.
TODO(Will be in following patches):
Update the neutron DB when getting information.
Partially-implements: blueprint routed-networks
Change-Id: If372fd6a690f4bd4edfff77827f363472b57540a
Co-Authored-By: Hong Hui Xiao <xiaohhui@cn.ibm.com>
Co-Authored-By: Kyle Mestery <mestery@mestery.com>
This commit adds support to the networking-ovn Vagrant setup to run the
HW VTEP emulator on a separate Vagrant box. Note this new VM is not
started by default.
Change-Id: I5d74daa8b4345248c369e6a8ec7599968e50d2c8
This commit adds support to the networking-ovn devstack infrastructure to
run the HW VTEP emulator. A sample vtep-local.conf.sample is provided
showing how this is done.
Change-Id: Idb4bcdbd1286ff513a3b491e50ffe619cb6a9d6d
Signed-off-by: Kyle Mestery <mestery@mestery.com>
This patch set converts networking-ovn from a core
plugin to an ML2 mechanism driver.
This patch set completes the following conversion work:
- DevStack and Vagrant deployment updates for ML2
- Documentation and release note updates for ML2
- Removes core plugin code and refactors remaining code
over to ML2 mechanism driver
The conversion work remains:
- Resolve the ML2 unit test TODOs
- Resolve concerns about ML2 mechanism driver _ovn
property raised in [1].
[1] https://review.openstack.org/#/c/323460/
Co-Authored-By: Richard Theis <rtheis@us.ibm.com>
Co-Authored-By: John Kasperski <jckasper@us.ibm.com>
Change-Id: Iffa596baa5c7520c1ca5ecddaab790c52e761460
Closes-Bug: #1578198
Closes-Bug: #1550278
Add QoS support to the OVN ML2 mechanism driver. Since OVN does not
have an neutron L2 agent, the Qos agent extension driver framework can
not be used.
All of the QoS logic has been moved out of the mechanism driver and into
a separate module to make it easier to maintain.
Done/tested:
- Create port with qos policy
- Update port with qos policy
- Update network with qos policy
- Update qos policy
- Unit tests
Change-Id: I888d86f00a53ba6d204905fe69cbae7bc1d3f9da
Partial-Bug: #1578198
This patch set adds the initial ML2 mechanism driver
suport while maintaining the core plugin support.
Deployments will continue to use the core plugin
by default. However, the core plugin will be removed
as part of a follow-on patch set which will complete
the conversion to ML2. In the meantime, dual maintenance
will be required once this patch merges.
This patch set supports the following:
- ML2 create, update, delete network
- ML2 create, update, delete subnet
- ML2 create, update, bind, delete port
- ML2 segments
- OVN worker and logical port events
- Security group callbacks and OVN ACLs
- L3 create, update, delete router
- L3 add and remove router interface
- Basic unit tests for ML2 and ACLs
A follow-on patch set will complete the remaining
conversion work which includes the following:
- DevStack and Vagrant deployment updates for ML2
- Documentation and release note updates for ML2
- OVN DB sync support
- QoS support
- Additional unit tests
Co-Authored-By: Richard Theis <rtheis@us.ibm.com>
Co-Authored-By: John Kasperski <jckasper@us.ibm.com>
Change-Id: I6143be464d4897b9fb22837797347746d82c41b0
Partial-Bug: #1578198
Current codebas use setup_package installing networking-ovn to /usr/lib,
it is difficult to develop and unlike other openstack project(nova,
neutron).
Switch to use setup_develop, which create a link to
/opt/stack/networking-ovn insead of installing it:
/usr/lib/python2.7/site-packages/networking-ovn.egg-link
Change-Id: I19863b663e7b5af5e0d606c2d6489acceb23fe45
Closes-Bug: #1579453
When OVN is used for L3 routing in devstack, create the public
network, subnets, router, and also create the public bridge br-ex.
This is meant to be equivalent to what happens in devstack when the
L3 agent is enabled. I hoped to do this by creating a flag that
could be set by plugins that would trigger the devstack code that
already exists to do this, but that approach was rejected (see
https://review.openstack.org/#/c/304871/). So, the next best thing
is to copy that code from devstack into the networking-ovn devstack
plugin, which is what I did here.
Change-Id: I7e17b9f9f967a2625aa81b9dfb50739567cc223c
Closes-Bug: #1567068
Running stack.sh with OFFLINE=True will fail with the following
error: "openvswitch-switch: unrecognized service"
This patch set fixes this problem by allowing the OVN plugin
to skip the default OVS install done by DevStack. This was done
by ensuring the OVN plugin doesn't override its own defaults.
This patch set also ensures install_ovn is called when
OFFLINE=True because DevStack will honor OFFLINE within the
common install functions.
Change-Id: I3526d7e77e29da9221c16e5ae35b1a08cc8c3457
Closes-Bug: #1537981
There were several places in our plugin where we were specifying full
paths that were just the defaults. Trim things down to only specify
what we have to specify.
There's a couple other fixes and cleanups included here as well.
.bash_profile updating was broken because it used an old variable that
doesn't exist anymore. DB_.*_PORT values were also broken due to a
recent change in OVN.
Change-Id: I18d661ac46267bbd8d2bdedf439a9b0e7fd15b2c
Closes-bug: #1563707
Signed-off-by: Russell Bryant <rbryant@redhat.com>
A side-effect of separate ovsdb-server processors handling NB and SB
for default devstack (https://review.openstack.org/#/c/276364/) is
the use of ovn-ctl start_northd command to spawn the ovn-northd
process. The functionality of the devstack setup is correct, but in
the screen associated with the ovn-northd process, the output seen
is the following:
>> & echo $! >/opt/stack/status/stack/ovn-northd.pid; fg || \
echo "ovn-northd failed to start" | \
tee "/opt/stack/status/stack/ovn-northd.failure"
bash: syntax error near unexpected token `&'
>>
The ovn-northd process is actually spawned correctly and can be seen
in the output of ps. The start_northd creates ovn-northd as a daemon
and as a result the screen associated with ovn-northd doesn't have
a handle to the process.
This patch starts the ovn-northd as a foreground process in the
devstack screen. It also provides some simple command line options
associated with start_northd command in the documentation for a
non-devstack use case.
Change-Id: Ib5921fb7ba9efa0b5cf4cc8c99897473628dfae9
This change allow users to enable provider network when they use devstack.
A provider network will be created instead of the default private network.
In a multi node set up, user still need to add the physical interface to
provider bridge by hand.
Change-Id: I74bc673e99fcc18fa2ecdf903d80cb1b6e57250a
To help with scale issues, default devstack to use ovn-ctl to
spawn separate ovsdb-server processes for the ovn databases and
to spawn ovn-northd. As a side effect, there will be three
ovsdb-server processes running on an AIO node (the third process
serves the openvswitch configuration db)
Closes-Bug: 1542005
Change-Id: Iaa04cbe0dcf9661c9ee23f4f94e3db795b08c167
Signed-off-by: RYAN D. MOATS <rmoats@us.ibm.com>
I noticed in a tempest log that it thought security groups were
disabled. This is because our list of enabled API extensions for the
tempest config was not up to date. Sort the list in the plugin and
update the devstack plugin to always use the same list as the plugin.
Change-Id: I92ecb4b21a5581a925c164953df0710ead5eb402
Signed-off-by: Russell Bryant <rbryant@redhat.com>
Replace while loops in plugin.sh where devstack for ovn would
wait for a certain condition to be met. Using test_with_retry
from functions, we save a few lines and get a better sense of
how long the expected condition took to happen (via time_start)
as well as avoid the risk of waiting forever.
Change-Id: I213e7721c421b16093a7426c48c94e001ba745ff
The current invocation of ovn-northd in devstack/plugin.sh results
in double logging, so use the log-file default.
Change-Id: Ie6c72188985b2a5873eafe575b6ee5ff3eb7f355
Signed-off-by: RYAN D. MOATS <rmoats@us.ibm.com>
1) Support disabling all OVN services (ovn-controller and
ovn-northd) on nodes that do not require them.
2) Build the OVN plug-in on nodes that run the neutron server
(q-svc) service.
3) Set the OVN_NB_DB and OVN_SB_DB environment variables so
all nodes can run OVN commands.
Change-Id: Ideb30b96ecb3fad0dbe1df1d1bded1127825d196
Source lib/ovs from Neutron just before we need it. Previously, we were
sourcing it before Neutron may have been installed, causing our devstack
plugin to fail.
Change-Id: If42cd64bc3ebd3a5c851049818b8ae0ca301704a
Signed-off-by: Russell Bryant <rbryant@redhat.com>
As Neutron will compile OVS too, we can share the code between projects
and re-use it.
Change-Id: Ia37da1744707e00e570c4b772a25e537388e66e2
Depends-On: I60825c884e4d64aab2abc11d8da9bc1979baf0de
Add option to indicate MTU of native (underlying) physical
network infrastructure. Also include some temporary munge
to calculate MTU for instances on self-service/private
networks while accounting for GENEVE protocol overhead of
42 bytes.
Change-Id: If6e636f9b4185adb78514454fe8271750696853d
Now that ovn-northd logs to the console for screen, add the pattern
that sets the log timestamp resolution to include milliseconds.
Change-Id: I84be5147dca54905296fafe14c81b9a949e6e166
Signed-off-by: RYAN D. MOATS <rmoats@us.ibm.com>
Set up ovsdb-server to log to /opt/stack/logs under devstack.
Added various descriptive notes about why things are done
the way they currently are and possible future improvements.
Change-Id: Ic96fe6678370913cb7d96e1b1f50fef50ea3c186
Signed-off-by: RYAN D. MOATS <rmoats@us.ibm.com>
This is a fundamental change to the networking-ovn Vagrant configuration.
It does the following:
* Adds another Vagrant node to run ovn-northd and the central OVN DBs.
* Add swap space to each Vagrant node.
* Provisions another host only interface on each Vagrant node and sets
up a provider network to make use of this.
* Sets promiscuous mode on the third NIC of each Vagrant box. This is
required to get provider networks working.
* Configures devstack on each node to set OVN_REMOTE to the IP address
of the ovn-db node.
In addition, it makes some changes to OVN devstack:
* Enables OVN_L3 mode by default.
* Bumps the max FDs that ovs-vswitchd can have open to 32000.
This change allows for the succesful running of OVN tests found here [1],
which create 2400 networks, 2400 subnets, 4800 ports, and 1200 routers.
[1] https://github.com/mestery/openstack-scripts/tree/master/ovn
Change-Id: I787b387f4b23ad7311be02917d6875d3b9a9ff3a
Signed-off-by: Kyle Mestery <mestery@mestery.com>
Presently ./unstack.sh; ./stack.sh fails because the kernel module is
in use and can not be unloaded. This adds stop_ovs_dp function which
removes all Open vSwitch datapaths and unloads the kernel modules, so
the kernel modules can be reloaded.
Change-Id: Id89acedf747430617cf616e6f8d2789a05bb0ec7
Russell Bryant