yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #95701
[Bug 2106460] [NEW] Ironic VTEP integration is broken
Public bug reported:
Ironic VTEP integration implemented as part of
https://bugs.launchpad.net/ironic/+bug/2034953 is broken by design. It
adds new `vtep-logical-switch` and `vtep-physical-switch` fields to the
port which are later passed to neutron (only when bug [0] is fixed).
The fields in neutron were added to integrate l2gtw [1] with OVN. The
workflow for l2gtw is completely different than with ironic. In general
it looks like:
Administrator need to stretch VXLAN network into VLAN on some switch (VTEP capable switch, called l2gtw)
1. L2GW creates [2] logical switch on the hardware switch (which is an abstraction of logical network from neturon)
2. Administraor create port with `vtep-logical-switch` and `vtep-physical-switch` fields which instruct neutron to create `vtep` port in OVN. This port does not have MAC (set to `unknown` needed by design so we even in theory can't provide DHCP for this port).
3. L2GW Plugs [3] required physical ports on the switch into logical switch and bind them with needed vlan.
This integration scheme is not suitable for Ironic because
1. We still need `baremetal` port in OVN to have ability provide DHCP. In ovn btw there is a bug that it will not create DHCP rules for `baremetal` ports in other network than VLAN (but may be workarounded by installing legacy dhcp agent)
2. Similar to l2gw we need to keep same logic that will:
2.1 Create logical switch on the switch (analog of VLAN) is 1 to 1 mapping of neutron logical network (which is in OVN is also created as logical switch)
2.2 Bind physical port from baremetal server with specific logical switch and vlan
The PoC is created in networking-generic switch [4] that is verified
agains ovs-vtep emulator [5]
For more details how vtep integration is implemented in OVN please check
[6] `Life Cycle of a VTEP gateway` section
[0] https://bugs.launchpad.net/ironic/+bug/2105492
[1] https://bugs.launchpad.net/networking-ovn/+bug/1457569
[2] https://opendev.org/x/networking-l2gw/src/commit/c3e7ebc6f55ba92cd9379bfbb160dd2d2da9da7e/networking_l2gw/services/l2gateway/ovsdb/data.py#L206
[3] https://opendev.org/x/networking-l2gw/src/commit/c3e7ebc6f55ba92cd9379bfbb160dd2d2da9da7e/networking_l2gw/services/l2gateway/ovsdb/data.py#L236
[4] https://review.opendev.org/c/openstack/networking-generic-switch/+/946558
[5] https://docs.openvswitch.org/en/latest/howto/vtep/
[6] https://man7.org/linux/man-pages/man7/ovn-architecture.7.html
** Affects: neutron
Importance: Undecided
Status: New
** Description changed:
Ironic VTEP integration implemented as part of
https://bugs.launchpad.net/ironic/+bug/2034953 is broken by design. It
adds new `vtep-logical-switch` and `vtep-physical-switch` fields to the
port which are later passed to neutron (only when bug [0] is fixed).
The fields in neutron were added to integrate l2gtw [1] with OVN. The
workflow for l2gtw is completely different than with ironic. In general
it looks like:
Administrator need to stretch VXLAN network into VLAN on some switch (VTEP capable switch, called l2gtw)
1. L2GW creates [2] logical switch on the hardware switch (which is an abstraction of logical network from neturon)
2. Administraor create port with `vtep-logical-switch` and `vtep-physical-switch` fields which instruct neutron to create `vtep` port in OVN. This port does not have MAC (set to `unknown` needed by design so we even in theory can't provide DHCP for this port).
3. L2GW Plugs [3] required physical ports on the switch into logical switch and bind them with needed vlan.
-
This integration scheme is not suitable for Ironic because
1. We still need `baremetal` port in OVN to have ability provide DHCP. In ovn btw there is a bug that it will not create DHCP rules for `baremetal` ports in other network than VLAN (but may be workarounded by installing legacy dhcp agent)
2. Similar to l2gw we need to keep same logic that will:
2.1 Create logical switch on the switch (analog of VLAN) is 1 to 1 mapping of neutron logical network (which is in OVN is also created as logical switch)
2.2 Bind physical port from baremetal server with specific logical switch and vlan
The PoC is created in networking-generic switch [4] that is verified
agains ovs-vtep emulator [5]
+ For more details how vtep integration is implemented in OVN please check
+ [6] `Life Cycle of a VTEP gateway` section
+
[0] https://bugs.launchpad.net/ironic/+bug/2105492
[1] https://bugs.launchpad.net/networking-ovn/+bug/1457569
[2] https://opendev.org/x/networking-l2gw/src/commit/c3e7ebc6f55ba92cd9379bfbb160dd2d2da9da7e/networking_l2gw/services/l2gateway/ovsdb/data.py#L206
[3] https://opendev.org/x/networking-l2gw/src/commit/c3e7ebc6f55ba92cd9379bfbb160dd2d2da9da7e/networking_l2gw/services/l2gateway/ovsdb/data.py#L236
[4] https://review.opendev.org/c/openstack/networking-generic-switch/+/946558
[5] https://docs.openvswitch.org/en/latest/howto/vtep/
+ [6] https://man7.org/linux/man-pages/man7/ovn-architecture.7.html
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2106460
Title:
Ironic VTEP integration is broken
Status in neutron:
New
Bug description:
Ironic VTEP integration implemented as part of
https://bugs.launchpad.net/ironic/+bug/2034953 is broken by design. It
adds new `vtep-logical-switch` and `vtep-physical-switch` fields to
the port which are later passed to neutron (only when bug [0] is
fixed). The fields in neutron were added to integrate l2gtw [1] with
OVN. The workflow for l2gtw is completely different than with ironic.
In general it looks like:
Administrator need to stretch VXLAN network into VLAN on some switch (VTEP capable switch, called l2gtw)
1. L2GW creates [2] logical switch on the hardware switch (which is an abstraction of logical network from neturon)
2. Administraor create port with `vtep-logical-switch` and `vtep-physical-switch` fields which instruct neutron to create `vtep` port in OVN. This port does not have MAC (set to `unknown` needed by design so we even in theory can't provide DHCP for this port).
3. L2GW Plugs [3] required physical ports on the switch into logical switch and bind them with needed vlan.
This integration scheme is not suitable for Ironic because
1. We still need `baremetal` port in OVN to have ability provide DHCP. In ovn btw there is a bug that it will not create DHCP rules for `baremetal` ports in other network than VLAN (but may be workarounded by installing legacy dhcp agent)
2. Similar to l2gw we need to keep same logic that will:
2.1 Create logical switch on the switch (analog of VLAN) is 1 to 1 mapping of neutron logical network (which is in OVN is also created as logical switch)
2.2 Bind physical port from baremetal server with specific logical switch and vlan
The PoC is created in networking-generic switch [4] that is verified
agains ovs-vtep emulator [5]
For more details how vtep integration is implemented in OVN please
check [6] `Life Cycle of a VTEP gateway` section
[0] https://bugs.launchpad.net/ironic/+bug/2105492
[1] https://bugs.launchpad.net/networking-ovn/+bug/1457569
[2] https://opendev.org/x/networking-l2gw/src/commit/c3e7ebc6f55ba92cd9379bfbb160dd2d2da9da7e/networking_l2gw/services/l2gateway/ovsdb/data.py#L206
[3] https://opendev.org/x/networking-l2gw/src/commit/c3e7ebc6f55ba92cd9379bfbb160dd2d2da9da7e/networking_l2gw/services/l2gateway/ovsdb/data.py#L236
[4] https://review.opendev.org/c/openstack/networking-generic-switch/+/946558
[5] https://docs.openvswitch.org/en/latest/howto/vtep/
[6] https://man7.org/linux/man-pages/man7/ovn-architecture.7.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2106460/+subscriptions
Follow ups
