Commit Graph

1743 Commits

Author SHA1 Message Date
Miguel Lavalle 8ff8203fd7 Enable HA for OVN router flavors
In this change, we add the ability to create high availability
user defined router flavors under the ML2/OVN L3 service
plugin.

Closes-Bug: #2020823

Change-Id: I0d26f672d6239d840d3cf817a2553a06ef00a854
2024-03-26 20:07:52 -05:00
Zuul b23bd63c2a Merge "Add documentation for aa-l3-gw-multihoming" 2024-03-26 14:24:42 +00:00
Frode Nordahl 0199a8457b
Add documentation for aa-l3-gw-multihoming
Closes-Bug: #2002687
Depends-On: I4e69bdf2ac9da1154d3847f3191b110f09130e02
Signed-off-by: Frode Nordahl <fnordahl@ubuntu.com>
Change-Id: I717ca97164eb9a34bb1095c6222f9879017af5ca
2024-03-13 07:47:14 +01:00
Rodolfo Alonso Hernandez 4275aebe68 [OVN] Add documentation about the OVN agent
Related-Bug: #2017871
Change-Id: Iba24a034edf03da0a6e8c03264d5d1134cf45e56
2024-03-06 06:39:21 +00:00
Zuul afe001cf63 Merge "[OVN] Remove OVN_GATEWAY_INVALID_CHASSIS artifact" 2024-03-01 20:38:48 +00:00
Rodolfo Alonso Hernandez fa3223bb9d [OVN] Remove OVN_GATEWAY_INVALID_CHASSIS artifact
This artifact is no longer used in the "Logical_Router" registers (in
the "options" field) to mark this "Logical_Router" as unhosted. A
"Logical_Router" is considered as unhosted if the gateway
"Logical_Router_Ports" have no "chassis" set.

This artifact is also used to create a "Gateway_Chassis" register
pointing to a inexisting invalid chassis called
"neutron-ovn-invalid-chassis". Any "Logical_Router_Port" not bound
to a chassis will have no value in "gateway_chassis" (NOTE1).

NOTE1: this is valid now with the current two OVN L3 schedulers that
use "gateway_chassis" to schedule the "Logical_Router_Port" of a
router. In a future, we can consider using "ha_chassis_group" for
scheduling.

Partial-Bug: #2052821
Related-Bug: #2019217
Change-Id: I12717936fe2bc188545309bacb8a260981f14c88
2024-03-01 07:03:26 +00:00
Frode Nordahl 12ed429e7b
[ovn] Document the OVN L3 scheduler: Anti-Affinity
Document the ``OVNGatewayLeastLoadedScheduler`` behavior when
there are multiple gateway ports.

Partial-Bug: #2002687
Change-Id: I99cf269e35619a2e1fb680d8decbc613267ca62e
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
2024-02-28 07:03:58 +01:00
Brian Haley 352de7c42c Update some examples to use openstackclient
The DNS ordering and OVN DHCP documents were out-of-date
and using the old neutronclient, updated.

Noticed while fixing an openstackclient bug related to
dns_nameservers ordering.

TrivialFix

Related-bug: #2053201
Change-Id: Iab15750a4adc8dc78d839f0a1b952f9d87bdab8a
2024-02-14 17:31:13 -05:00
Zuul 2d74a93d68 Merge "Disallow subnet cidr of :: without PD" 2024-02-13 21:48:00 +00:00
Zuul 558fc96bdd Merge "Completely disable rpc workers when rpc_workers=0" 2024-02-12 21:03:08 +00:00
Zuul b0f624749d Merge "[Docs] Add info about incompatible PF configuration in ML2/OVN gaps" 2024-02-12 13:10:02 +00:00
Takashi Kajinami b38f72b212 Completely disable rpc workers when rpc_workers=0
Currently at least 1 rpc worker is launched even when a user requests
zero workers by setting rpc_workers=0. The setting of rpc_workers=0 is
used when ml2-ovn plugin is used without any additional agent, and in
this deployment pattern the single rpc worker is not at all used.

This change ensures no rpc worker is launched when rpc_workers options
is explicitly set to 0. This may be classified as a breaking change,
but is consistent with the earlier change[1] for rpc_workers=0.

[1] 3e1e2d63b3

Closes-Bug: #2052484
Change-Id: I878e50c3192ecd3b145ded0ab8394845a089696e
2024-02-12 06:28:07 +00:00
Slawek Kaplonski cce872ead3 [Docs] Add info about incompatible PF configuration in ML2/OVN gaps
This patch adds info about the fact that FIP PFs aren't working when
in the ML2/OVN backend distributed routing is enabled and provider
networks are added to the router as internal networks.

Related-Bug: #2028846
Change-Id: I3a0ab43c52a3090257a1accaee00f33abff54e74
2024-02-09 15:46:06 +00:00
Zuul d6f3b86aea Merge "[OVN] Document the OVN L3 scheduler: AZs distribution" 2024-02-09 11:26:35 +00:00
Zuul 2b7b357601 Merge "[OVN] Document the OVN L3 scheduler" 2024-02-09 11:16:26 +00:00
Rodolfo Alonso Hernandez df24fbeb48 [OVN] Document the OVN L3 scheduler: AZs distribution
This new section describes how the OVN L3 schedulers distribute
the ``Chassis`` candidate list among the Available Zones, in
order to provide more resilience to the L3 HA: if the active
LRP binding fails, the next in the list will belong to another
AZ.

Related-Bug: #2030741
Change-Id: I20aaeefb33c424dc1a9c13f94f2912d0fa973166
2024-02-09 10:59:20 +00:00
Rodolfo Alonso Hernandez 188fe6c953 [OVN] Document the OVN L3 scheduler
This new document adds:
* A definition of the OVN L3 scheduler
* A description of the different OVN L3 schedulers
* How the LRP are re-scheduled if the gateway chassis list
  changes.

Related-Bug: #2023993
Change-Id: Idcc0e34227e47df53a1f395c8fd163723d54b933
2024-02-08 20:09:29 +00:00
Zuul 2072bb4269 Merge "[ovn] AZs distribution in L3 port scheduler" 2024-01-29 21:23:25 +00:00
Yann Morice a29ea3724e [ovn] AZs distribution in L3 port scheduler
Update l3 ovn schedulers (chance, leastloaded) to ensure that LRP gateways are distributed over chassis in the different eligible AZs.

Previous version already ensure that LRP gateways were scheduled over chassis in eligible AZs. But, depending on the deployment characteristics, all these chassis could be in the same AZ. In some use-cases, it could be needed to have LRP gateways in different AZs to be resilient on failures.

This patch re-order the list of eligible chassis to add a priority on selecting chassis in different AZs.

This should provide a solution for users who need to have their router gateways scheduled on chassis from different AZs.

Closes-Bug: #2030741
Change-Id: I72973abbb8b0f9cc5848fd3b4f6463c38c6595f8
2024-01-26 15:22:34 +01:00
Bence Romsics 27601f8eea Set trunk parent port as access port in ovs to avoid loop
A non-vlan-transparent trunk parent port (tpt) should only forward
untagged frames. Earlier it was configured to forward anything (trunk
mode in ovs). This patch changes the trunk mode to access mode and
sets the trunk parent's tag explicitly to 0.

Change-Id: I4bcfe53fe87d7c9218dd0db9d7224bb323709a21
Closes-Bug: #2048785
2024-01-24 14:42:13 +01:00
Miguel Lavalle 49366ecada Router flavors and service type for OVN
Support is added to the OVN L3 service plugin for the router
flavors and service type framework

Partial-Bug: #2020823
Change-Id: If40d7b39e7b59a39ff7622bd823dbdb14bfc69d2
2024-01-17 09:33:07 -06:00
Zuul 1c074df05a Merge "Add info about metering agent gap in the ML2/OVN backend" 2024-01-11 12:47:51 +00:00
Slawek Kaplonski 3eeb5d3e6a Add info about metering agent gap in the ML2/OVN backend
Metering agent don't supports ML2/OVN backend currently and this should
be documented in the feature parity gaps document.

Related-bug: #2048773
Change-Id: I2b8c37f33e3ae4b17cc88bffde014d7d730e59d3
2024-01-11 11:42:05 +00:00
Brian Haley 2f00111940 Disallow subnet cidr of :: without PD
Do not allow the subnet cidr of :: to be used when
creating a subnet, except in the case IPv6 prefix
delegation has been specified in the request.

Closes-bug: #2028159
Change-Id: I480e9a117513996f3c070acd4ba39c2b9fe9c0f1
2024-01-08 17:06:49 -05:00
Zuul 90ad995fa2 Merge "doc: Drop description about old translation method" 2024-01-08 20:57:12 +00:00
Takashi Kajinami ff94b49ce5 doc: Drop description about old translation method
Current translation no longer use babel[1] or these setup.cfg
entries[2].

[1] 4e907ed2f39329eaa12d1712d49ca8903db15124
[2] 22df2f6395c1426485a7cb97166601823f8a2a28

Change-Id: Ic866a41b00c37c549a83274e33ac18d0aba846bb
2023-12-21 02:36:09 +09:00
Zuul ef3089547b Merge "Fix IGMP inconsistency across drivers" 2023-12-18 13:19:07 +00:00
Zuul cf1d5ea35c Merge "[ovn] Add support for IPv6 metadata" 2023-12-15 13:10:13 +00:00
Lucas Alvares Gomes 114ca0f1be Fix IGMP inconsistency across drivers
Prior to this patch, ML2/OVS and ML2/OVN had inconsistent IGMP
configurations. Neutron only exposed one configuration option for IGMP:
igmp_snooping_enabled.

Other features such as IGMP flood, IGMP flood reports and IGMP flood
unregistered were hardcoded differently on each driver (see LP#2044272
for a more details).

These hardcoded values has led to many changes over the years tweaking
them to work on different scenarios but they were never final because
the fix for one case would break the other.

This patch introduces 3 new configuration options for these other IGMP
features that can be enabled or disabled on both backends. Operators
can now fine tune their deployments in the way that will work for them.

As a consequence of the hardcoded values for each driver we had to break
some defaults and, in the case of ML2/OVS, if operators want to keep
things as they were before this patch they will need to enable the new
mcast_flood and mcast_flood_unregistered configuration options.

That said, the for ML2/OVS there was also an inconsistency with the help
string of igmp_snooping_enabled configuration option as it mentioned
that enabling snooping would disable flooding to unregistered ports but
that was not true anymore after the fix [0].

[0] https://bugs.launchpad.net/neutron/+bug/1884723

Closes-Bug: #2044272
Change-Id: Ic4dde46aa0ea2b03362329c87341c83b24d32176
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
2023-12-15 09:05:19 +00:00
Zuul 0bb22b355e Merge "[OVN] Add baremetal support without Neutron DHCP agent for IPv6" 2023-12-12 03:32:18 +00:00
Daniel Alvarez Sanchez d9c8731af3 [ovn] Add support for IPv6 metadata
This patch adds support for IPv6 metadata service in ML2/OVN.
The changes include:

- Add the 'fe80::a9fe:a9fe/128' address to the interface of the
  ovnmeta- namespace so that it's reachable from the guests

- Identify the port of the VM by looking up the source MAC address
  of the metadata request

- Restarts the haproxy instances to honor the configuration changes
  upon start of the metadata agent. In particular, haproxy now also
  binds on the 'fe80::a9fe:a9fe' address

When the VM requests metadata from its LLA, the traffic will reach
the ovnmeta namespace associated to its network.

The IPv6 metadata tests are passing and enabled in Tempest by
this patch:
https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/894027

Besides, this patch ensures that the link-local address of the
metadata interface is present so that the metadata IPv6 endpoint
is reachable. It also fixes a bug that was causing the wrong LLA
to be present as the interface was set `up` first prior to changing
the MAC address. Now this order is inverted so that the proper LLA
is configured.

Change-Id: Idcef6de33ed2a73cb3c426db1c55fa9cd06de63f
Signed-off-by: Daniel Alvarez Sanchez <dalvarez@redhat.com>
2023-12-08 17:15:42 -05:00
Zuul 3de5f57135 Merge "Remove some invalid text from the network component doc" 2023-12-08 15:36:38 +00:00
Zuul 919572d191 Merge "ovn: Document fragmentation / pmtud gaps" 2023-12-08 15:36:25 +00:00
Slawek Kaplonski 034fcb0f6d [OVN] Add baremetal support without Neutron DHCP agent for IPv6
Support for the required DHCPv6 options was recently added in core
OVN with [1].
This patch adds support for that in ML2/OVN backend also and by that
closing one of the gaps between ML2/OVN and ML2/OVS backends.

This patch also adds upgrade check to check used ovn version and warn
operators if native OVN DHCP is used for BM provisioning and OVN version
is older than 23.06.0.
Unfortunately there is no easy way to check used version of OVN so check
relies on the ovnnb schema version.

[1] c5fd51bd15

Closes-Bug: #2030520
Change-Id: Iaa3ff8e97021e44f352e5a9a370714bf5f1d77b8
2023-11-29 09:36:27 +01:00
Lucas Alvares Gomes cd8816acd1 [OVN] Update the External Ports documentation
This patch is part of the solution for LP #2037294 and updates the
documentation to explain the new "enable-chassis-as-extport-host"
configuration as well as enhancing the documentation in general
to better explain each configuration, database information and
high availability for external ports.

Change-Id: Iad048a71653dc791fc27585b509c02470e5d08a2
Related-Bug: #2037294
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
2023-11-14 08:55:01 +00:00
Dr. Jens Harbott e4542bca80 ovn: Document fragmentation / pmtud gaps
OVN does not correctly fragment packets or send ICMP
"packet too big" responses that would allow pmtud to work.

Related-Bug: #2032817
Change-Id: Ibc19ec6a9625124fb19e33c3bd6af40266aa5003
2023-11-03 14:54:56 -04:00
Zuul fbca7f0104 Merge "[OVN] Populate the "router.distributed" flag in ML2/OVN" 2023-10-30 15:05:09 +00:00
Slawek Kaplonski 842f2f8e6c [Docs] Fix info about provider bridge name in the bridge_mappings
Previously in all our install guides there were info that name of the
physical interface should be put in the bridge_mappings config option in
ths OVS agent's config. This wasn't correct as bridge_mappings expects
there bridge name instead.

Change-Id: I0698aa4621a15c1927ad2c352501cea02e6ee70c
2023-10-27 17:57:41 +02:00
Zuul 53f4fd6b9f Merge "doc: Fix wrong sections of ovs-agent config options" 2023-10-26 18:36:56 +00:00
Takashi Kajinami 34f7a5805e doc: Fix wrong sections of ovs-agent config options
The sections described in the documentation does not match the actual
section names in current neutron.

 * local_ip now belongs to the [ovs] section
 * tunnel_types now belongs to the [agent] section
 * l2_population now belongs to the [agent] section

Also the tunnel_types option is not explained in the example snippet.

Change-Id: Ic2bde217a03a884855d299f3142394a4229745bc
2023-10-26 09:00:56 +09:00
Zuul 389bc155f8 Merge "doc: Stop configuring authtoken middleware in compute" 2023-10-25 23:58:36 +00:00
Takashi Kajinami 2bcad25d34 doc: Stop configuring authtoken middleware in compute
... because the middleware is used only by neutron-server.

This also removes the metadata shared secret from compute, because
metadata-agent runs only in controller nodes according to the guide.

Change-Id: I0e5ed7453384d24581bcd8c3a85c8fc36fab910f
2023-10-25 11:26:51 +09:00
Takashi Kajinami 2a637820eb doc: Remove remaining description about allow_overlapping_ips
The option was already removed.

Change-Id: Ic1bcec77e3ef1bac5dc59d5f492348ee9ac9993e
2023-10-25 11:24:51 +09:00
Alexey Stupnikov 3fc8d32383 Don't set port capabilities for OVS HW offloading
Nova will automatically translate VF capabilities to Neutron
port binding profiles after patch [1] will be merged. Existing
recommendations in "admin/config-ovs-offload.html" should be
updated: there is no need to define capabilities in port
binding profiles for new ports anymore.

[1] https://review.opendev.org/c/openstack/nova/+/884439

Related-bug: #2020813
Depends-on: https://review.opendev.org/c/openstack/nova/+/884439
Change-Id: I63b0641f6b7ef0e1190f421a90619bb2971d0d44
2023-10-17 19:34:51 +00:00
Rodolfo Alonso Hernandez 1f1824397d [OVN] Populate the "router.distributed" flag in ML2/OVN
In ML2/OVN there is a static common configuration parameter to define
if the routers (more in particular the floating IPs) can be distributed
or centralized:
  [ovn] enable_distributed_floating_ip

This patch writes this value on each new router created. It also
implements a maintenance method to populate this flag when the
Neutron API is restarted and the value changed.

Closes-Bug: #2022058
Change-Id: Ib109b09fde4db8738c1d0b3e394c201492d210c6
2023-10-16 08:04:31 +00:00
Zuul 4a6eae9a84 Merge "Alphabetize some of the admin and contrib docs" 2023-09-28 03:24:09 +00:00
Zuul 61ac046cf7 Merge "contributor docs: Architectural overview for metadata" 2023-09-27 08:06:19 +00:00
Brian Haley e63cdd216b Alphabetize some of the admin and contrib docs
Over time docs were added or updated such that they were
no longer in alphabetical order based on the index order
or their title strings. Tried to fix it up a bit along
with some capitalization.

Trivialfix

Change-Id: I948b2a1c86faaffed07adcf0198a3fba72401abe
2023-09-18 13:12:31 -04:00
Bence Romsics 2ec273cdc7 contributor docs: Architectural overview for metadata
I found some old graphs I have drawn about the workings of the
traditional metadata service. I don't know why I haven't contributed
this earlier to Neutron docs. But anyway, better late than never.

Change-Id: I7a412883c8c0d673d1617a3b212598b35e9e698f
2023-09-18 10:32:32 +02:00
Brian Haley 0611735715 Remove ovn.ini example file
The ovn.ini file is a hold-over from the networking-ovn
tree. The docs all reference configuring OVN (and OVS)
options in ml2_conf.ini, so remove the old file and add
the neutron.ml2.ovn namespace to
etc/oslo-config-generator/ml2_conf.ini.

Trivialfix

Change-Id: I26dedc80e07aedffb1713560d4431b7a334b70b5
2023-09-06 15:19:30 -04:00