Commit Graph

12 Commits

Author SHA1 Message Date
Luis Tomas Bolivar
5d760e41bb Ensure OVN LB on provider are only exposed in the right node
We need to wait to expose the ovn lb with VIP on the provider
network for them to have members (and therefore have an entry
on the Load_Balancer table at the SB DB) so that it gets
associated to one specific cr-lrp (the one that will reply to
ARPs)

This patch partly reverts/adapt what was done in [1] to fix the
problem of exposing the VIPs in all the nodes with cr-lrp connected
to the same provider network

[1] https://review.opendev.org/c/x/ovn-bgp-agent/+/873073

Change-Id: Idc1022bc0593c21e272d138757391800f12415f1
2023-02-20 15:28:16 +01:00
Luis Tomas Bolivar
9dfaefde44 Ensure ovn loadbalancers are properly managed
After change [1] in ovn-octavia, there is no information at the
Load_Balancer table on OVN SB DB related to the provider network.
This means the logic to managed the OVN loadbalancer with VIPs on
the provider networks needed to be updated to account for it.

[1] https://review.opendev.org/c/openstack/ovn-octavia-provider/+/871263

Change-Id: I6fbfb3eeb115c3a528d580561868e45ac72e8318
2023-02-09 10:35:26 +01:00
Luca Czesla
d59c61caa5 Add new driver ovn_stretched_l2_bgp_driver
This driver allows to announce tenant networks with
an address scope via the virtual router IP.

For this to work, all routers in the respective L2
network must be reachable to each other and the
ovn-bgp-agent/frr needs an IP in this network to
talk to its BGP peer.

The following changes have been made:
- To filter which networks are announced via which
  agent/BGP session, we added a filter on the
  OpenStack address scope
- Networks are announced instead of VM IPs
- Add SubnetRouterUpdateEvent to handle updates of
  lrp ports

Depends-on: https://review.opendev.org/c/openstack/neutron/+/861719

Change-Id: I6e48c7e056ba2101ad670ab54c96e072459c5e65
2023-01-10 11:19:41 +00:00
Luca Czesla
7f058d8c99 Allow the user to set the VRF settings
Allow the user to configure the VRF settings to e.g. run
multiple agents per host.

The constants OVN_BGP_NIC, OVN_BGP_VRF and OVN_BGP_VRF_TABLE
have been replaced by configurable config options:

- OVN_BGP_NIC renamed to bgp_nic (default: "bgp-nic")
- OVN_BGP_VRF renamed to bgp_vrf (default: "bgp-vrf")
- OVN_BGP_VRF_TABLE renamed to bgp_vrf_table_id (default: 10)

Change-Id: I863e7bb140cd85a4ecefe6ccaad8adc5eae0cbd9
2022-10-20 12:53:38 +00:00
Luis Tomas Bolivar
cf61dfeeab Ensure ovn-lb VIPs on tenant networks are exposed
When the expose_tenant_network flag is enabled, the ovn-lb VIP
should also be exposed. This patch ensures the VIP port create/delete
event is detected

The ovn-lb VIP port is a bit special and it gets created upon
loadbalancer creation. The differentiate information for it is:
- It has no mac
- It has no chassis
- It is of type ""
- It is not up

When one port with those features is being created/deleted, it is
checked if the neutron:cidr information is at the external_ids. If
that so, that information is used to expose the relevant IP, only on the
node where the ovn gateway chassis for the VIP subnet is located.

Change-Id: I4015448951e06a112e4fcf7b06f1efd4d815d77e
2022-09-28 10:54:07 +02:00
Luis Tomas Bolivar
2619f98e49 Add support for specifying ovsdbconnection string
Change-Id: I66e18198f68517ecffbacfbcd9b729b1300d4bcf
2022-03-09 11:08:48 +01:00
Luis Tomas Bolivar
5ba2f40262 [EVPN] Connect VRF to OVS through veth or vlan
Linux kernel forbids to add VRF (layer 3) devices into OVS bridges
(layer 2). This patch changes the approach to link EVPN/VRF to OVS
bridges by using a veth-pair instead, or a vlan device for the
provider vlan networks use case.

It also fixes the next:
- typo on function definition "disconnect_evpn_to_ovn", changed by
  "disconnect_evpn_from_ovn"
- avoid code duplication to expose subnets, by making an auxiliar
  function that can be reused by the reconciliation loop too.

Change-Id: Iccd1b01014bf026c07e39f48e8aa234a9a303877
2021-09-27 14:32:07 +02:00
Lucas Alvares Gomes
d81e742168 Refactor parts of ovs.py and add unittests
* Fix import order

* Add 'patch-provnet-' prefix as a constant

* Simplify the logic in ensure_evpn_ovs_flow()

* Simplify the logic in add_device_to_ovs_bridge()

* Simplify the logic in del_device_from_ovs_bridge()

* Refactor get_bridge_flows_by_cookie() into get_bridge_flows() to
  make it more generic and allowing it to be reused everywhere 'ovs-ofctl
  dump-flows' was being invoked

Story: 2009165
Task: 43360

Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
Change-Id: I4fe79bd46a4a9476e6fd71b0dea6115f79814559
2021-09-17 16:32:48 +01:00
Lucas Alvares Gomes
7b0fccfb5a Refactor some methods from OvsdbSbOvnIdl + unittests
This patch also refactor a few things in the OvsdbSbOvnIdl class:

*  is_provider_network() now returns a boolean, as expected by is_*
   methods.

* The methods get_ports_on_datapath() and _get_ports_by_datapath() were
  merged since they were the same thing.

* The methods get_evpn_info_from_port() and get_evpn_info() are now
  merged since they were the same thing.

* The methods get_evpn_info_from_crlrp_port_name() and
  get_evpn_info_from_lrp_port_name() were merged into
  get_evpn_info_from_port_name()

* get_ip_from_port_peer() now can raise PortNotFound

This patch also adds unittests for the methods in the OvsdbSbOvnIdl class.

Story: 2009165
Task: 43262

Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
Change-Id: I3d1e3b20727227f32d094deedc897d034ab6f7f6
2021-09-10 12:08:00 +01:00
Luis Tomas Bolivar
e3afbb0aba Add initial support for EVPN
Change-Id: I8c6ffc192158b96ea3186501ae6579bd2934d37b
2021-09-03 10:15:49 +02:00
Lucas Alvares Gomes
8aed020eee Enable basic gate jobs
This patch enables the basic pep8 and unittests jobs.

Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
Change-Id: Ibce2e868bdd194d84cf9f75555a9fdf9af905bc9
2021-09-02 11:07:44 +01:00
Luis Tomas Bolivar
f5ef3c8f31 Initial support for BGP
Change-Id: Ieed45b80e2860c94a42a8d5d16f5dfe7b515bf2c
2021-09-01 11:29:04 +02:00