<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Exchange Server">
<!-- converted from rtf -->
<style><!-- .EmailQuote { margin-left: 1pt; padding-left: 4pt; border-left: #800000 2px solid; } --></style>
</head>
<body>
<font face="Calibri" size="2"><span style="font-size:11pt;">
<div>Hi,</div>
<div> </div>
<div>Using OVS Quantum Plugin and agent, it is possible to configure OVS with</div>
<div> </div>
<ul style="margin:0;padding-left:36pt;">
<li>Openflow logical switches.</li><li>Tables</li><li>Ports to the logical switches (VLAN, VXLAN, GRE etc..)</li></ul>
<div> </div>
<div>OVS Agent in each compute node uses local ovs-vsctl command to configure above.</div>
<div> </div>
<div>But, there is no simple way for Openstack quantum to configure OVS in compute nodes with OF controller IP address, TCP Port, SSL Certificates etc..</div>
<div>Also, there is no mechanism today to get hold of DPID of the OVS logical switches by Openstack controller. </div>
<div> </div>
<div>Do you think that it is good to enhance Openstack OVS Quantum Plugin and agent to pass above information?</div>
<div> </div>
<div>At very high level, we are thinking to introduce following:</div>
<div> </div>
<div> </div>
<ul style="margin:0;padding-left:36pt;">
<li>Configuration of OF Controller reachability information</li></ul>
<ul style="margin:0;padding-left:72pt;">
<li>Quantum extension API though which is used to set following:</li></ul>
<ul style="margin:0;padding-left:108pt;">
<li>Set of Openflow controllers - For each OF controller</li></ul>
<ul style="margin:0;padding-left:144pt;">
<li>IP address, Port</li><li>SSL Enabled Yes/No.</li><li>If SSL enabled</li></ul>
<ul style="margin:0;padding-left:180pt;">
<li>CA certificate chain to validate OF controller identification by the OVS.</li></ul>
<ul style="margin:0;padding-left:144pt;">
<li>Zone/Cell for which this OF controller is applicable for.</li></ul>
<ul style="margin:0;padding-left:72pt;">
<li>Changes to QuantumClient to configure above.</li><li>OVS Quantum Plugin to store above information in the database.</li><li>OVS Quantum Agent to Plugin communication to get hold of OF controller information.</li><li>OVS Quantum Agent to add the information in OVS using ovs-vsctl.</li></ul>
<ul style="margin:0;padding-left:36pt;">
<li>Generation of logical switch certificates</li></ul>
<ul style="margin:0;padding-left:72pt;">
<li> OVS Quantum agent requests the plugin to generate local certificate and private key for each one of the logical switches </li></ul>
<ul style="margin:0;padding-left:108pt;">
<li>Agent to send DPID</li></ul>
<ul style="margin:0;padding-left:72pt;">
<li>Plugin to generate certificate & private key pair and sending them as response.</li><li>Plugin configuration file to have CA certificate to use to sign the logical switch certificates.</li></ul>
<div style="padding-left:36pt;"> </div>
<div> </div>
<div>Does that make sense? Is this work going on somewhere else?</div>
<div> </div>
<div>Thanks</div>
<div>Srini</div>
<div> </div>
<div style="padding-left:144pt;"> </div>
<div style="padding-left:144pt;"> </div>
</span></font>
</body>
</html>