docs/opendaylight-with-openstack/openstack-with-gbp-vpp.rst

   1 Using Groupbasedpolicy's Neutron VPP Mapper
   2 ===========================================
   3
   4 Overview
   5 --------
   6 Neutron VPP Mapper implements features for support policy-based routing for OpenStack Neutron interface involving VPP devices.
   7 It allows using of policy-based schemes defined in GBP controller in a network consisting of OpenStack-provided nodes routed by a VPP node.
   8
   9 Architecture
  10 ------------
  11 Neutron VPP Mapper listens to Neutron data store change events, as well as being able to access directly the store.
  12 If the data changed match certain criteria (see `Processing Neutron Configuration`_),
  13 Neutron VPP Mapper converts Neutron data specifically required to render a VPP node configuration with a given End Point,
  14 e.g., the virtual host interface name assigned to a ``vhostuser`` socket.
  15 Then the mapped data is stored in the VPP info data store.
  16
  17 Administering Neutron VPP Mapper
  18 --------------------------------
  19 To use the Neutron VPP Mapper in Karaf, at least the following Karaf features must be installed:
  20
  21 * odl-groupbasedpolicy-neutron-vpp-mapper
  22 * odl-vbd-ui
  23
  24 Initial pre-requisites
  25 ----------------------
  26 A topology should exist in config datastore, it is necessary to define a node with a particular ``node-id``.
  27 Later, ``node-id`` will be used as a physical location reference in VPP renderer's bridge domain::
  28
  29    GET http://localhost:8181/restconf/config/network-topology:network-topology/
  30
  31    {
  32        "network-topology":{
  33           "topology":[
  34                {
  35                    "topology-id":"datacentre",
  36                    "node":[
  37                        {
  38                           "node-id":"dut2",
  39                           "vlan-tunnel:super-interface":"GigabitEthernet0/9/0",
  40                           "termination-point":[
  41                                {
  42                                    "tp-id":"GigabitEthernet0/9/0",
  43                                    "neutron-provider-topology:physical-interface":{
  44                                        "interface-name":"GigabitEthernet0/9/0"
  45                                    }
  46                                }
  47                            ]
  48                        }
  49                    ]
  50                }
  51            ]
  52        }
  53    }
  54
  55
  56 Processing Neutron Configuration
  57 --------------------------------
  58 ``NeutronListener`` listens to the changes in Neutron datatree in config datastore. It filters the changes, processing only ``network`` and ``port`` entities.
  59
  60 For a ``network`` entity it is checked that it has ``physical-network`` parameter set (i.e., it is backed-up by a physical network),
  61 and that ``network-type`` is ``vlan-network`` or ``"flat"``, and if this check has passed, a related bridge domain is created
  62 in VPP Renderer config datastore
  63 (``http://{{controller}}:{{port}}/restconf/config/vpp-renderer:config``), referenced to network by ``vlan`` field.
  64
  65 In case of ``"vlan-network"``, the ``vlan`` field contains the same value as ``neutron-provider-ext:segmentation-id`` of network created by Neutron.
  66
  67 In case of ``"flat"``, the VLAN specific parameters are not filled out.
  68
  69 .. note:: In case of VXLAN network (i.e. ``network-type`` is ``"vxlan-network"``), no information is actually written
  70    into VPP Renderer datastore, as VXLAN is used for tenant-network (so no packets are going outside). Instead, VPP Renderer looks up GBP flood domains corresponding to existing VPP bridge domains trying to establish a VXLAN tunnel between them.
  71
  72 For a ``port`` entity it is checked that ``vif-type`` contains ``"vhostuser"`` substring, and that ``device-owner`` contains a specific substring, namely ``"compute"``, ``"router"`` or ``"dhcp"``.
  73
  74 In case of ``"compute"`` substring, a ``vhost-user`` is written to VPP Renderer config datastore.
  75
  76 In case of ``"dhcp"`` or ``"router"``, a ``tap`` is written to VPP Renderer config datastore.
  77
  78 Input/output examples
  79 ---------------------
  80
  81 OpenStack is creating network, and these data are being put into the data store::
  82
  83    PUT http://{{controller}}:{{port}}/restconf/config/neutron:neutron/networks
  84
  85    {
  86        "networks": {
  87            "network": [
  88                {
  89                    "uuid": "43282482-a677-4102-87d6-90708f30a115",
  90                    "tenant-id": "94836b88-0e56-4150-aaa7-60f1c2b67faa",
  91                    "neutron-provider-ext:segmentation-id": "2016",
  92                    "neutron-provider-ext:network-type": "neutron-networks:network-type-vlan",
  93                    "neutron-provider-ext:physical-network": "datacentre",
  94                    "neutron-L3-ext:external": true,
  95                    "name": "drexternal",
  96                    "shared": false,
  97                    "admin-state-up": true,
  98                    "status": "ACTIVE"
  99                }
 100            ]
 101        }
 102    }
 103
 104 Checking bridge domain in VPP Renderer config data store.
 105 Note that ``physical-location-ref`` is referring to ``"dut2"``, paired by ``neutron-provider-ext:physical-network`` -> ``topology-id``::
 106
 107    GET http://{{controller}}:{{port}}/restconf/config/vpp-renderer:config
 108
 109    {
 110      "config": {
 111        "bridge-domain": [
 112          {
 113            "id": "43282482-a677-4102-87d6-90708f30a115",
 114            "type": "vpp-renderer:vlan-network",
 115            "description": "drexternal",
 116            "vlan": 2016,
 117            "physical-location-ref": [
 118              {
 119                "node-id": "dut2",
 120                "interface": [
 121                  "GigabitEthernet0/9/0"
 122                ]
 123              }
 124            ]
 125          }
 126        ]
 127      }
 128    }
 129
 130 Port (compute)::
 131
 132    PUT http://{{controller}}:{{port}}/restconf/config/neutron:neutron/ports
 133
 134    {
 135        "ports": {
 136            "port": [
 137                {
 138                    "uuid": "3d5dff96-25f5-4d4b-aa11-dc03f7f8d8e0",
 139                    "tenant-id": "94836b88-0e56-4150-aaa7-60f1c2b67faa",
 140                    "device-id": "dhcp58155ae3-f2e7-51ca-9978-71c513ab02ee-a91437c0-8492-47e2-b9d0-25c44aef6cda",
 141                    "neutron-binding:vif-details": [
 142                        {
 143                            "details-key": "somekey"
 144                        }
 145                    ],
 146                    "neutron-binding:host-id": "devstack-control",
 147                    "neutron-binding:vif-type": "vhostuser",
 148                    "neutron-binding:vnic-type": "normal",
 149                    "mac-address": "fa:16:3e:4a:9f:c0",
 150                    "name": "",
 151                    "network-id": "a91437c0-8492-47e2-b9d0-25c44aef6cda",
 152                    "neutron-portsecurity:port-security-enabled": false,
 153                    "device-owner": "network:compute",
 154                    "fixed-ips": [
 155                        {
 156                            "subnet-id": "0a5834ed-ed31-4425-832d-e273cac26325",
 157                            "ip-address": "10.1.1.3"
 158                        }
 159                    ],
 160                    "admin-state-up": true
 161                }
 162            ]
 163        }
 164    }
 165
 166    GET http://{{controller}}:{{port}}/restconf/config/vpp-renderer:config
 167
 168    {
 169      "config": {
 170        "vpp-endpoint": [
 171          {
 172            "context-type": "l2-l3-forwarding:l2-bridge-domain",
 173            "context-id": "a91437c0-8492-47e2-b9d0-25c44aef6cda",
 174            "address-type": "l2-l3-forwarding:mac-address-type",
 175            "address": "fa:16:3e:4a:9f:c0",
 176            "vpp-node-path": "/network-topology:network-topology/network-topology:topology[network-topology:topology-id='topology-netconf']/network-topology:node[network-topology:node-id='devstack-control']",
 177            "vpp-interface-name": "neutron_port_3d5dff96-25f5-4d4b-aa11-dc03f7f8d8e0",
 178            "socket": "/tmp/socket_3d5dff96-25f5-4d4b-aa11-dc03f7f8d8e0",
 179            "description": "neutron port"
 180          }
 181        ]
 182      }
 183    }
 184
 185 Port (dhcp)::
 186
 187    PUT http://{{controller}}:{{port}}/restconf/config/neutron:neutron/ports
 188
 189    {
 190        "ports": {
 191            "port": [
 192                {
 193                    "uuid": "3d5dff96-25f5-4d4b-aa11-dc03f7f8d8e0",
 194                    "tenant-id": "94836b88-0e56-4150-aaa7-60f1c2b67faa",
 195                    "device-id": "dhcp58155ae3-f2e7-51ca-9978-71c513ab02ee-a91437c0-8492-47e2-b9d0-25c44aef6cda",
 196                    "neutron-binding:vif-details": [
 197                        {
 198                            "details-key": "somekey"
 199                        }
 200                    ],
 201                    "neutron-binding:host-id": "devstack-control",
 202                    "neutron-binding:vif-type": "vhostuser",
 203                    "neutron-binding:vnic-type": "normal",
 204                    "mac-address": "fa:16:3e:4a:9f:c0",
 205                    "name": "",
 206                    "network-id": "a91437c0-8492-47e2-b9d0-25c44aef6cda",
 207                    "neutron-portsecurity:port-security-enabled": false,
 208                    "device-owner": "network:dhcp",
 209                    "fixed-ips": [
 210                        {
 211                            "subnet-id": "0a5834ed-ed31-4425-832d-e273cac26325",
 212                            "ip-address": "10.1.1.3"
 213                        }
 214                    ],
 215                    "admin-state-up": true
 216                }
 217            ]
 218        }
 219    }
 220
 221    GET http://{{controller}}:{{port}}/restconf/config/vpp-renderer:config
 222
 223    {
 224      "config": {
 225        "vpp-endpoint": [
 226          {
 227            "context-type": "l2-l3-forwarding:l2-bridge-domain",
 228            "context-id": "a91437c0-8492-47e2-b9d0-25c44aef6cda",
 229            "address-type": "l2-l3-forwarding:mac-address-type",
 230            "address": "fa:16:3e:4a:9f:c0",
 231            "vpp-node-path": "/network-topology:network-topology/network-topology:topology[network-topology:topology-id='topology-netconf']/network-topology:node[network-topology:node-id='devstack-control']",
 232            "vpp-interface-name": "neutron_port_3d5dff96-25f5-4d4b-aa11-dc03f7f8d8e0",
 233            "physical-address": "fa:16:3e:4a:9f:c0",
 234            "name": "tap3d5dff96-25",
 235            "description": "neutron port"
 236          }
 237        ]
 238      }
 239    }