TripleO DVR enablement
Outline for means to add the ability to configure enablement of neutron distributed routers in the overcloud. Added 'kilo' folder for this spec. Change-Id: I52f213c794bc008c9b0a0fbcb4464cba9f309801
This commit is contained in:
Erik Colnick
parent
1ba75b7ab6
commit
88831224ff
@ -11,6 +11,7 @@ Juno approved specs:
|
||||
:maxdepth: 1
|
||||
|
||||
specs/juno/*
|
||||
specs/kilo/*
|
||||
|
||||
==================
|
||||
Indices and tables
|
||||
|
||||
166
specs/kilo/tripleo-enable-dvr.rst
Normal file
166
specs/kilo/tripleo-enable-dvr.rst
Normal file
@ -0,0 +1,166 @@
|
||||
..
|
||||
This work is licensed under a Creative Commons Attribution 3.0 Unported
|
||||
License.
|
||||
|
||||
http://creativecommons.org/licenses/by/3.0/legalcode
|
||||
|
||||
==========================================
|
||||
Enable Neutron DVR on overcloud in TripleO
|
||||
==========================================
|
||||
|
||||
https://blueprints.launchpad.net/tripleo/+spec/support-neutron-dvr
|
||||
|
||||
Neutron distributed virtual routing should be able to be configured in TripleO.
|
||||
|
||||
|
||||
Problem Description
|
||||
===================
|
||||
|
||||
To be able to enable distributed virtual routing in Neutron there needs to be
|
||||
several changes to the current TripleO overcloud deployment. The overcloud
|
||||
compute node(s) are constructed with the ``neutron-openvswitch-agent`` image
|
||||
element, which provides the ``neutron-openvswitch-agent`` on the compute node.
|
||||
In order to support distributed virtual routing, the compute node(s) must also
|
||||
have the ``neutron-metadata-agent`` and ``neutron-l3-agent`` installed. The
|
||||
installation of the ``neutron-l3-agent`` and ``neutron-dhcp-agent`` will need
|
||||
also to be decoupled.
|
||||
|
||||
Additionally, for distributed virtual routing to be enabled, the
|
||||
``neutron.conf``, ``l3_agent.ini`` and ``ml2_conf.ini`` all need to have
|
||||
additional settings.
|
||||
|
||||
Proposed Change
|
||||
===============
|
||||
|
||||
In the tripleo-image-elements, move the current ``neutron-network-node`` element
|
||||
to an element named ``neutron-router``, which will be responsible for doing the
|
||||
installation and configuration work required to install the ``neutron-l3-agent``
|
||||
and the ``neutron-metadata-agent``. This ``neutron-router`` element will list
|
||||
the ``neutron-openvswitch-agent`` in its element-deps. The ``neutron-network
|
||||
-node`` element will then become simply a 'wrapper' whose sole purpose is to list
|
||||
the dependencies required for a network node (neutron, ``neutron-dhcp-agent``,
|
||||
``neutron-router``, os-refresh-config).
|
||||
|
||||
Additionally, in the tripleo-image-elements/neutron element, the
|
||||
``neutron.conf``, ``l3_agent.ini`` and ``plugins/ml2/ml2_conf.ini`` will be
|
||||
modified to add the configuration variables required in each to support
|
||||
distributed virtual routing (the required configuration variables are listed at
|
||||
https://wiki.openstack.org/wiki/Neutron/DVR/HowTo#Configuration).
|
||||
|
||||
In the tripleo-heat-templates, the ``nova-compute-config.yaml``
|
||||
``nova-compute-instance.yaml`` and ``overcloud-source.yaml`` files will be
|
||||
modified to provide the correct settings for the new distributed virtual routing
|
||||
variables. The enablement of distributed virtual routing will be determined by
|
||||
a 'NeutronDVR' variable which will be 'False' by default (distributed virtual
|
||||
routing not enabled) for backward compatibility, but can be set to 'True' if
|
||||
distributed virtual routing is desired.
|
||||
|
||||
Lastly, the tripleo-incubator script ``devtest_overcloud.sh`` will be modified
|
||||
to: a) build the overcloud-compute disk-image with ``neutron-router`` rather
|
||||
than with ``neutron-openvswitch-agent``, and b) configure the appropriate
|
||||
parameter values to be passed in to the heat stack create for the overcloud so
|
||||
that distributed routing is either enabled or disabled.
|
||||
|
||||
Alternatives
|
||||
------------
|
||||
|
||||
We could choose to make no change to the ``neutron-router`` image-element and
|
||||
it can be included as well in the list of elements arguments to the disk image
|
||||
build for compute nodes. This has the undesired effect of also
|
||||
including/configuring and starting the ``neutron-dhcp-agent`` on each compute
|
||||
node. Alternatively, it is possible to keep the ``neutron-network-node``
|
||||
element as it is and create a ``neutron-router`` element which is a copy of
|
||||
most of the element contents of the ``neutron-network-node`` element but without
|
||||
the dependency on the ``neutron-dhcp-agent`` element. This approach would
|
||||
introduce a significant amount of code duplication.
|
||||
|
||||
Security Impact
|
||||
---------------
|
||||
|
||||
Although TripleO installation does not use FWaaS, enablement of DVR currently
|
||||
is known to break FWaaS.
|
||||
See https://blueprints.launchpad.net/neutron/+spec/neutron-dvr-fwaas
|
||||
|
||||
Other End User Impact
|
||||
---------------------
|
||||
|
||||
The user will have the ability to set an environment variable during install
|
||||
which will determine whether distributed virtual routing is enabled or not.
|
||||
|
||||
Performance Impact
|
||||
------------------
|
||||
|
||||
None identified
|
||||
|
||||
Other Deployer Impact
|
||||
---------------------
|
||||
|
||||
The option to enable or disable distributed virtual routing at install time will
|
||||
be added. By default distributed virtual routing will be disabled.
|
||||
|
||||
Developer Impact
|
||||
----------------
|
||||
|
||||
None identified
|
||||
|
||||
Implementation
|
||||
==============
|
||||
|
||||
Assignee(s)
|
||||
-----------
|
||||
|
||||
Primary assignee:
|
||||
Erik Colnick (erikcolnick on Launchpad)
|
||||
Other contributors:
|
||||
None
|
||||
|
||||
Work Items
|
||||
----------
|
||||
|
||||
* Create ``neutron-router`` element in tripleo-image-elements and move related
|
||||
contents from ``neutron-network-node`` element. Remove the
|
||||
``neutron-dhcp-agent`` dependency from the element-deps of the
|
||||
``neutron-router`` element.
|
||||
|
||||
* Add the ``neutron-router`` element as a dependency in the
|
||||
``neutron-network-node`` ``element-deps`` file. The ``element-deps``
|
||||
file becomes the only content in the ``neutron-network-node`` element.
|
||||
|
||||
* Add the configuration values indicated in
|
||||
https://wiki.openstack.org/wiki/Neutron/DVR/HowTo#Configuration to the
|
||||
``neutron.conf``, ``l3_agent.ini`` and ``ml2_conf.ini`` files in the
|
||||
``neutron`` image element.
|
||||
|
||||
* Add the necessary reference variables to the ``nova-compute-config.yaml`` and
|
||||
``nova-compute-instance.yaml`` tripleo-heat-templates files in order to be
|
||||
able to set the new variables in the config files (from above item). Add
|
||||
definitions and default values in ``overcloud-source.yaml``.
|
||||
|
||||
* Modify tripleo-incubator ``devtest_overcloud.sh`` script to set the
|
||||
appropriate environment variables which will drive the configuration of
|
||||
neutron on the overcloud to either enable distributed virtual routers or
|
||||
disable distributed virtual routers (with disable as the default).
|
||||
|
||||
Dependencies
|
||||
============
|
||||
|
||||
None
|
||||
|
||||
Testing
|
||||
=======
|
||||
|
||||
Existing TripleO CI will help ensure that as this is implemented, the current
|
||||
feature set is not impacted and that the default behavior of disabled
|
||||
distributed virtual routers is maintained.
|
||||
|
||||
Additional CI tests which test the installation with distributed virtual
|
||||
routers should be added as this implementation is completed.
|
||||
|
||||
Documentation Impact
|
||||
====================
|
||||
|
||||
Documentation of the new configuration option will be needed.
|
||||
|
||||
References
|
||||
==========
|
||||
|
||||
Loading…
Reference in New Issue
Block a user