diff --git a/doc/source/index.rst b/doc/source/index.rst index 196fc14..c6a6bc2 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -12,6 +12,7 @@ Juno specs: specs/juno/** specs/kilo/** + specs/liberty/** ================== Indices and tables diff --git a/specs/liberty/network/ip-address-movement-for-ovs-bridges.rst b/specs/liberty/network/ip-address-movement-for-ovs-bridges.rst new file mode 100644 index 0000000..0c68091 --- /dev/null +++ b/specs/liberty/network/ip-address-movement-for-ovs-bridges.rst @@ -0,0 +1,164 @@ +=================================== +IP address movement for ovs bridges +=================================== + +Include the URL of your launchpad blueprint: + +https://blueprints.launchpad.net/openstack-chef/+spec/ip-movement + +Problem description +=================== + +Neutron openvswitch plugin uses ovs bridges to manage network stream. Recipe +openvswitch, l3_agent, and vpn_agent use ovs commands to create those bridges +and will plug the corresponding NICs to each of them. But those recipes do not +move the NICs' IP addresses to the bridges, which will lead to the NIC IP address +can not be accessed once finish the bridges creation. + + +Proposed change +=============== + +Add recipes to move IP address from NIC to bridge. Make sure those IP addresses +can also be accessed after finish the bridge creation. + +Three attributes will be added, including: + +* ['openstack']['network']['ip_movement']['enable']: Boolean attribute to decide + whether IP movement should be enabled or not. Default to true. + +* ['openstack']['network']['ip-movement']['timeout']: Integer attribute to decide + the timeout of IP movement. IP movement uses 'service network restart' (for fedora + platform) and 'ifdown', 'ifup' (for ubuntu platform) commands to let network + configurations take effect. This attribute decides how long the node should wait + for the network to become operational again after executing the previous commands. + And it default to 180. + +* ['openstack']['network']['ip-movement']['validate-ip']: String of IP address pinged + by ip movement in the of its operations to check whether the ip movement is succeed. + Default to nil. Means this ip movement will use default gateway to check its status. + +Two libraries will be added, including: + +* ip-movement-fedora: This library includes the fedora platform IP movement configurations. + +* ip-movement-ubuntu: This library includes the ubuntu platform IP movement configurations. + +One resource will be added, including: + +* ovs_bridge: This resource will create the ovs bridge and move the ip address to the + corresponding bridge depend on the resource attributes. + +openvswitch and l3-agent recipes will changed to use this new resource create ovs bridge. + +Alternatives +------------ + +Like devstack, using ovs commands and ip commands to flush the ip address in NIC, +and add ip address to ovs bridge can also move the ip address to the bridges. But +this is a temporary move. After network restart or reboot the OS, the ip address +will go back to NIC. We need make sure this movement is persistent by write those +configurations to network configuration files. + +Data model impact +----------------- + +None + +REST API impact +--------------- + +None + +Security impact +--------------- + +None + +Notifications impact +-------------------- + +None + +Other end user impact +--------------------- + +None + +Performance Impact +------------------ + +None + +Other deployer impact +--------------------- + +None + + +Implementation +============== + +Assignee(s) +----------- + +Primary assignee: + - hwhu@cn.ibm.com + +Other contributors: + - jckasper@us.ibm.com + - lzklibj@cn.ibm.com + +Work Items +---------- + +* Add new attributes to openstack-network. + +* Add ovs_bridge resource and provider. + +* Add ip-movement-fedora library to handle fedora platform IP movement configurations. + +* Add ip-movement-ubuntu library to configure ubuntu platform IP movement configurations. + +* Add the unit tests. + +* Change openvswitch and l3-agent recipes use ovs_bridge resource to create ovs bridge. + +Dependencies +============ + +* IP movement use 'service network restart' , 'ifdown' and 'ifup' to let network + configurations take effect. Those scripts are contained in initscripts packege. + This cookbook will install it. + + +Testing +======= + +* Add unit tests for the new recipes. + +* For function tests and CI integration tests, at least an all-in-one openstack + configured with neutron openvswitch plugin and enabled l3 service is needed. + + +Documentation Impact +==================== + +* Configure attribute ['openstack']['network']['ip-movement']['enable'] = 'True' + to enable IP movement. + +* Using ['openstack']['network']['ip-movement']['timeout'] to configure the timeout + of IP movement. This attribute decides how long the node should wait for the network + to become operational again after executing the previous commands. + +* IP movement default to use default gateway to check its network connections in the + end of its operations. Assign an ip address to ['openstack']['network']['ip-movement'] + ['validate-ip'] attribute to use another ip address instead. + + +References +========== + +* `Red Hat network scripts integration `_ + +* `README.Debian for openvswitch-switch `_