Support IGMP flood options

This introduces support for the IGMP flood options which were recently added to neutron. Depneds-on: https://review.opendev.org/901753 Change-Id: Ie96b879f350a5053d447a31cd258721343e20349
2023-12-18 23:29:58 +09:00 · 2023-12-18 23:29:58 +09:00 · 527c884c65
parent caadd595e3
commit 527c884c65
5 changed files with 98 additions and 18 deletions
--- a/manifests/agents/ml2/ovs.pp
+++ b/manifests/agents/ml2/ovs.pp
@ -192,15 +192,25 @@
 #   Defaults to $facts['os_service_default']
 #
 # [*igmp_snooping_enable*]
-#   (Optional) Enable IGMP snooping for integration bridge. If this
-#   option is set to True, support for Internet Group Management
-#   Protocol (IGMP) is enabled in integration bridge.
-#   Setting this option to True will also enable Open vSwitch
-#   mcast-snooping-disable-flood-unregistered flag. This option will
-#   disable flooding of unregistered multicast packets to all ports.
-#   The switch will send unregistered multicast packets only to ports
-#   connected to multicast routers. This option is used by the ML2/OVS
-#   mechanism driver for Neutron.
+#   (Optional) Enable IGMP snooping for integration bridge. If this option is
+#   set to True, support for Internet Group Management Protocol (IGMP) is
+#   enabled in integration bridge.
+#   Defaults to $facts['os_service_default']
+#
+# [*igmp_flood*]
+#   (Optional) Multicast packets (except reports) are unconditionally forwarded
+#   to the ports bridging a local network to a physical network.
+#   Defaults to $facts['os_service_default']
+#
+# [*igmp_flood_reports*]
+#   (Optional) Multicast reports are unconditionally forwarded to the ports
+#   bridging a logical network to a physical network.
+#   Defaults to $facts['os_service_default']
+#
+# [*igmp_flood_unregistered*]
+#   (Optional) This option enables or disables flooding of unregistered
+#   multicast packets to all ports. If False, the switch will send unregistered
+#   multicast packets only to ports connected to multicast routers.
 #   Defaults to $facts['os_service_default']
 #
 # [*resource_provider_bandwidths*]
@ -298,6 +308,9 @@ class neutron::agents::ml2::ovs (
  $tunnel_csum                          = $facts['os_service_default'],
  $bridge_mac_table_size                = $facts['os_service_default'],
  $igmp_snooping_enable                 = $facts['os_service_default'],
+  $igmp_flood                           = $facts['os_service_default'],
+  $igmp_flood_reports                   = $facts['os_service_default'],
+  $igmp_flood_unregistered              = $facts['os_service_default'],
  $resource_provider_bandwidths         = [],
  $resource_provider_packet_processing_without_direction
                                        = [],
@ -492,6 +505,9 @@ class neutron::agents::ml2::ovs (
    'securitygroup/permitted_ethertypes':   value => join(any2array($permitted_ethertypes), ',');
    'ovs/bridge_mac_table_size':            value => $bridge_mac_table_size;
    'ovs/igmp_snooping_enable':             value => $igmp_snooping_enable;
+    'ovs/igmp_flood':                       value => $igmp_flood;
+    'ovs/igmp_flood_reports':               value => $igmp_flood_reports;
+    'ovs/igmp_flood_unregistered':          value => $igmp_flood_unregistered;
    'network_log/rate_limit':               value => $network_log_rate_limit;
    'network_log/burst_limit':              value => $network_log_burst_limit;
    'network_log/local_output_log_base':    value => $network_log_local_output_log_base;
--- a/manifests/server.pp
+++ b/manifests/server.pp
@ -219,15 +219,25 @@
 #   Defaults to $facts['os_service_default']
 #
 # [*igmp_snooping_enable*]
-#   (Optional) Enable IGMP snooping for integration bridge. If this
-#   option is set to True, support for Internet Group Management
-#   Protocol (IGMP) is enabled in integration bridge.
-#   Setting this option to True will also enable Open vSwitch
-#   mcast-snooping-disable-flood-unregistered flag. This option will
-#   disable flooding of unregistered multicast packets to all ports.
-#   The switch will send unregistered multicast packets only to ports
-#   connected to multicast routers. This option is used by the ML2/OVN
-#   mechanism driver for Neutron.
+#   (Optional) Enable IGMP snooping for integration bridge. If this option is
+#   set to True, support for Internet Group Management Protocol (IGMP) is
+#   enabled in integration bridge.
+#   Defaults to $facts['os_service_default']
+#
+# [*igmp_flood*]
+#   (Optional) Multicast packets (except reports) are unconditionally forwarded
+#   to the ports bridging a local network to a physical network.
+#   Defaults to $facts['os_service_default']
+#
+# [*igmp_flood_reports*]
+#   (Optional) Multicast reports are unconditionally forwarded to the ports
+#   bridging a logical network to a physical network.
+#   Defaults to $facts['os_service_default']
+#
+# [*igmp_flood_unregistered*]
+#   (Optional) This option enables or disables flooding of unregistered
+#   multicast packets to all ports. If False, the switch will send unregistered
+#   multicast packets only to ports connected to multicast routers.
 #   Defaults to $facts['os_service_default']
 #
 # DEPRECATED PARAMETERS
@ -277,6 +287,9 @@ class neutron::server (
  $max_request_body_size            = $facts['os_service_default'],
  $ovs_integration_bridge           = $facts['os_service_default'],
  $igmp_snooping_enable             = $facts['os_service_default'],
+  $igmp_flood                       = $facts['os_service_default'],
+  $igmp_flood_reports               = $facts['os_service_default'],
+  $igmp_flood_unregistered          = $facts['os_service_default'],
  # DEPRECATED PARAMETERS
  Boolean $ensure_vpnaas_package    = false,
 ) inherits neutron::params {
@ -337,6 +350,9 @@ the neutron::services::vpnaas class.")
    'ovs/integration_bridge':                   value => $ovs_integration_bridge;
    'service_providers/service_provider':       value => $service_providers;
    'ovs/igmp_snooping_enable':                 value => $igmp_snooping_enable;
+    'ovs/igmp_flood':                           value => $igmp_flood;
+    'ovs/igmp_flood_reports':                   value => $igmp_flood_reports;
+    'ovs/igmp_flood_unregistered':              value => $igmp_flood_unregistered;
  }

  if $server_package {
--- a/releasenotes/notes/igmp_flood-opts-6e9c329b001fd33d.yaml
+++ b/releasenotes/notes/igmp_flood-opts-6e9c329b001fd33d.yaml
@ -0,0 +1,10 @@
+---
+features:
+  - |
+    The ``neutron::server`` class (for OVN mechansim driver) and
+    the ``neutron::agents::ml2::ovs`` class (for OVS mechanism driver) now
+    supports configuring the following igmp flood options.
+
+    - ``igmp_flood``
+    - ``igmp_flood_reports``
+    - ``igmp_flood_unregistered``
--- a/spec/classes/neutron_agents_ml2_ovs_spec.rb
+++ b/spec/classes/neutron_agents_ml2_ovs_spec.rb
@ -70,6 +70,9 @@ describe 'neutron::agents::ml2::ovs' do
      should contain_neutron_agent_ovs('agent/vxlan_udp_port').with_ensure('absent')
      should contain_neutron_agent_ovs('ovs/bridge_mac_table_size').with_value('<SERVICE DEFAULT>')
      should contain_neutron_agent_ovs('ovs/igmp_snooping_enable').with_value('<SERVICE DEFAULT>')
+      should contain_neutron_agent_ovs('ovs/igmp_flood').with_value('<SERVICE DEFAULT>')
+      should contain_neutron_agent_ovs('ovs/igmp_flood_reports').with_value('<SERVICE DEFAULT>')
+      should contain_neutron_agent_ovs('ovs/igmp_flood_unregistered').with_value('<SERVICE DEFAULT>')
      should contain_neutron_agent_ovs('ovs/resource_provider_bandwidths').\
        with_value('<SERVICE DEFAULT>')
      should contain_neutron_agent_ovs('ovs/resource_provider_hypervisors').\
@ -533,6 +536,22 @@ describe 'neutron::agents::ml2::ovs' do
      end
    end

+    context 'with IGMP flood enabled' do
+      before :each do
+        params.merge!({
+          :igmp_flood              => true,
+          :igmp_flood_reports      => true,
+          :igmp_flood_unregistered => true,
+        })
+      end
+
+      it 'configure neutron/plugins/ml2/ml2_conf.ini' do
+        should contain_neutron_agent_ovs('ovs/igmp_flood').with_value(true)
+        should contain_neutron_agent_ovs('ovs/igmp_flood_reports').with_value(true)
+        should contain_neutron_agent_ovs('ovs/igmp_flood_unregistered').with_value(true)
+      end
+    end
+
    context 'with direct output enabled for egress flows' do
      before :each do
        params.merge!(:explicitly_egress_direct => true)
--- a/spec/classes/neutron_server_spec.rb
+++ b/spec/classes/neutron_server_spec.rb
@ -90,6 +90,9 @@ describe 'neutron::server' do
      )
      should contain_neutron_config('ovs/integration_bridge').with_value('<SERVICE DEFAULT>')
      should contain_neutron_config('ovs/igmp_snooping_enable').with_value('<SERVICE DEFAULT>')
+      should contain_neutron_config('ovs/igmp_flood').with_value('<SERVICE DEFAULT>')
+      should contain_neutron_config('ovs/igmp_flood_reports').with_value('<SERVICE DEFAULT>')
+      should contain_neutron_config('ovs/igmp_flood_unregistered').with_value('<SERVICE DEFAULT>')
    end

    context 'with manage_service as false' do
@ -339,6 +342,22 @@ describe 'neutron::server' do
      end
    end

+    context 'with IGMP flood enabled' do
+      before :each do
+        params.merge!({
+          :igmp_flood              => true,
+          :igmp_flood_reports      => true,
+          :igmp_flood_unregistered => true,
+        })
+      end
+
+      it 'configure neutron.conf' do
+        should contain_neutron_config('ovs/igmp_flood').with_value(true)
+        should contain_neutron_config('ovs/igmp_flood_reports').with_value(true)
+        should contain_neutron_config('ovs/igmp_flood_unregistered').with_value(true)
+      end
+    end
+
    context 'with VPNaaS package installation' do
      before do
        params.merge!(