<div dir="ltr">Hi Salvatore,<div><br></div><div>Thanks for the comments, added some more information.</div><div><br></div><div>Gal<br><div class="gmail_extra"><br><div class="gmail_quote">On Sun, Jun 14, 2015 at 7:58 PM, Salvatore Orlando <span dir="ltr"><<a href="mailto:sorlando@nicira.com" target="_blank">sorlando@nicira.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Gal,<div><br></div><div>thanks for this summery.</div><div>Some additional info inline.</div><div><br></div><div>Salvatore<br><div class="gmail_extra"><br><div class="gmail_quote"><span class="">On 12 June 2015 at 19:38, Gal Sagie <span dir="ltr"><<a href="mailto:gal.sagie@gmail.com" target="_blank">gal.sagie@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><span style="font-size:13px">Hello All,</span><div style="font-size:13px"><br></div><div style="font-size:13px">I wanted to share some of our next working items and hopefully get more people on board with the project.</div><div style="font-size:13px">I personally would mentor any new comer that wants to get familiar with the project and help</div><div style="font-size:13px">with any of these items.</div><div style="font-size:13px">You can also feel free to approach Russell Bryant (<span style="color:rgb(119,119,119);font-family:'normal arial',sans-serif;font-size:12px">rbryant</span><span style="color:rgb(119,119,119);font-family:'normal arial',sans-serif;font-size:12px">@<a href="http://redhat.com" target="_blank">redhat.com</a>) which is heading the OVN-Openstack integration.</span></div><div style="font-size:13px"><span style="color:rgb(119,119,119);font-family:'normal arial',sans-serif;font-size:12px"><br></span></div><div><font color="#777777" face="normal arial, sans-serif"><span style="font-size:12px">We both are usually active on IRC at #openstack-neutron-ovn (freenode) , you can drop us a visit if you have </span></font><span style="font-size:12px;color:rgb(119,119,119);font-family:'normal arial',sans-serif">any questions.</span></div><div style="font-size:13px"><br clear="all"><div>The Neutron sprint in Fort Collins [1] has a work item for OVN, hopefully some work can start</div><div>there on some of these items (or others).</div><div>Russell Bryant and myself unfortunately won't be there, but feel free to contact us online or in email.</div><div><br></div><div><u>1. Security Group Implementation</u></div><div>Currently security groups are not being configured to OVN, there is a document written</div><div>about how to model security groups to OVN northbound ACL's. [2]</div><div>I suspect getting this right is not going to be trivial, hopefully i might be able to also start tackling</div><div>this item next week.</div></div></div></blockquote><div><br></div></span><div>From what I recall Miguel was very interested in helping out on this front. Have you already reached out to him?</div></div></div></div></div></blockquote><div><br></div><div> [Gal] I will talk with him about it, thanks for letting me know.</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div class="gmail_extra"><div class="gmail_quote"><span class=""><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><br></div><div><u>2. Provider Network support</u></div><div>Russell sent a design proposal to the ovs-dev mailing list [3], need to follow on that </div><div>and implement in OVN</div></div></div></blockquote><div><br></div></span><div>I think I have replied to that proposal with a few comments, perhaps you might have a look at those.</div></div></div></div></div></blockquote><div><br></div><div> [Gal] haven't read it yet, will probably get to it day after tommorow</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div class="gmail_extra"><div class="gmail_quote"><span class=""><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><br></div><div><u>3. Tempest configuration</u></div><div>Russell has a patch for that [4] which needs additional help to make it work.</div></div></div></blockquote><div><br></div></span><div>That patch has merged now. So perhaps Russell does not need help anymore!</div></div></div></div></div></blockquote><div><br></div><div> [Gal] I synced with Russell before sending this list, the patch is not merged yet (it depends on another patch)</div><div> even that its reviewed, and i think the tempest job is still failing, so more tweaking needs to be done.</div><div> I am having a bit of crazy week, but will take it on my self next week if nothing magical will happen :)</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class=""><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><br></div><div><u>4. Unit Tests / Functional Tests </u></div><div>We want to start adding more testing to the project in all fronts</div><div><br></div><div><u>5. Integration with OVS-DPDK</u></div><div>OVS-DPDK has a ML2 mechanism driver [5] to enable userspace DPDK dataplane for OVS, </div><div>we want to try and see how this can combine with OVN mechanism driver together. (one idea is to</div><div>use hierarchical port binding for that)</div><div>Need to design and test it and provide additional working items for this integration</div></div></div></blockquote><div><br></div></span><div>I think this is a rare case where the OVN integration might leverage additional mechanism drivers as AFAICT the DPDK driver mainly interacts with VIF plugging (operating at the Neutron port bindings level), and does not interfere with logical network resource processing.</div><span class=""><div><br></div></span></div></div></div></blockquote><div> [Gal] I agree, the reason why i proposed it here is because DPDK has many benefits and require tweaking not only</div><div>in the VIF plugging but with the whole OVS-DPDK data plane bring up and huge pages allocations and installation and so on, so</div><div>i thought we could get this for free by reusing that mechanism driver.</div><div>Of course someone needs to check that this integration actually works and if not, what needs to be added to make it work.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class=""><div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><br></div><div><u>6. L2 Gateway Integration</u></div><div>OVN supports L2 gateway translation between virtual and physical networks.</div><div>We want to leverage the current L2-Gateway sub project in stack forge [6] and use it</div><div>to enable configuration of L2 gateways in OVN.</div><div>I have looked briefly at the project and it seems the API's are good, but currently the </div><div>implementation relay on RPC and agent implementation (where we would like to</div><div>configure it using OVSDB) , so this needs to be sorted and tested.</div></div></div></blockquote><div><br></div></span><div>Last time I checked the progress of this project, they were focusing on ToR VxLAN offload as a first use case. And, as far as I recall, this is what networking-l2gw provides nowaday (Armando and Sukdev might have more info).</div><div>Nevertheless, the API is generic enough that in my opinion it might be possible for OVN to leverage it. We shall implement a distinct l2gw service plugin like [1]; as I have some familiarity with this kind of APIs, let me know if I can be of any help.</div><div><br></div><div>[1] <a href="http://git.openstack.org/cgit/openstack/networking-l2gw/tree/networking_l2gw/services/l2gateway/plugin.py" target="_blank">http://git.openstack.org/cgit/openstack/networking-l2gw/tree/networking_l2gw/services/l2gateway/plugin.py</a></div></div></div></div></blockquote><div><br></div><div>[Gal] Would love if you could help with this, from what i briefly saw the API's seems generic enough, but as stated below we first need</div><div> to see what is the correct way to configure it to OVN and thats something that first needs to be resolved in OVN side i believe </div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class=""><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><br></div><div>Another issue is related to OVN it self which doesn't have L2 Gateway awareness</div><div>in the Northbound DB (which is the DB that neutron configure) but only has the API</div><div>in the Southbound DB</div></div></div></blockquote><div><br></div></span><div>Yeah, this could be some sort of a problem... I don't think Neutron should interact with SB DB. OVN architecture has not been conceived to work this way.</div><span class=""><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><br></div><div><u>7. QoS Support</u></div><div>We want to be able to support the new QoS API that is being implemented in Liberty [7]</div><div>Need to see how we can leverage the work that will implement this for OVS in the</div><div>reference implementation and what additions need to be made for OVN case.</div></div></div></blockquote><div><br></div></span><div>Do you already have anything in mind? </div></div></div></div></blockquote><div><br></div><div> [Gal] No, but i am participating in the QoS implementation effort in OVS (will attend the sprint in Israel), i will try to see how we can</div><div> implement this in such a way that OVN can leverage as well.</div><div> The main problem here is that this implementation relies on an agent :( , and even if we could do it all in OVSDB</div><div> Still its something the ovn-controller will need to be aware of, so thats another API support that is needed in OVN side.</div><div> In general i think that a more generic approach should be considered for the NB interface, since its basically in the end</div><div> a subset of the Neutron API (i understand that its done this way to support other CMS..)</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class=""><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><span style="font-size:small"> </span></div></div></div></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><br></div><div><u>8. L3 Implementation</u></div><div>L3 is not yet implemented in OVN, need to follow up on the design and add the L3 service plugin</div><div>and implementation.</div></div></div></blockquote><div><br></div></span><div>If I can be of any help on this front, I'd be glad to offer my assistance (which may of no use for you, but that's another story!)</div><div>By the way, is there a reason for which native OVN DHCP/metadata access support are not in this todo list? </div><span class=""><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><span style="font-size:small"></span></div></div></div></blockquote></span></div></div></div></blockquote><div><br></div><div> [Gal] I think everyone agrees that your help is always useful , and i appreciate any help.</div><div> The problem here is that i feel i have less visibility on the actual design decisions for the L3 implementation in OVN.</div><div> As such i have no real idea what and how they plan to implement it (and what will be the obvious scale problems).</div><div> (For example, i think the correct way to handle this is to share the thoughts in an email to the mailing list, or even in the scheduled</div><div> IRC meeting, so feedback can be given before the design is closed)</div><div><br></div><div> If you can internally help with this that would be great.</div><div> Once we know the design, we can implement it in the Neutron integration and you are more then welcome to work</div><div> on it, or we can work on this together that will be great as well.</div><div><br></div><div> Regarding the DHCP/metadata access, thats some good points, i will make sure to add these to the list</div><div> so we can track them (we currently track these with bugs in ovn launchpad)</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class=""><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><span style="font-size:small"> </span></div></div></div></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div style="font-size:13px"><div><br></div><div><u>9. VLAN Aware VM's</u></div><div>This is not directly related to OVN, but we need to see that OVN use case of configuring parent</div><div>ports (for the use case of Containers inside a VM) is being addressed, and if the implementation</div><div>is finished, to align the API for OVN as well.</div></div></div></blockquote><div><br></div></span><div>I reckon the proposed API (master/child ports) or the alternative concept of trunk ports both map fairly well on the data structures so far implemented in OVN NB Database.</div><div>From what I gather that mechanism, even if conceived for containers running in VMs, can also be used for NFV enabling through OVN, assuming that is even something OVN needs to care about.</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span class=""><div dir="ltr"><div style="font-size:13px"><div><br></div><div>As i mentioned above, if you are interested in working on any of these items please email me</div><div>or Russell back and we can get you started!</div><div><br></div><div>Thanks</div><div>Gal.</div><div><br></div><div>[1] <a href="https://etherpad.openstack.org/p/neutron-liberty-mid-cycle" target="_blank">https://etherpad.openstack.org/p/neutron-liberty-mid-cycle</a></div><div>[2] <a href="https://github.com/stackforge/networking-ovn/blob/master/doc/source/design/data_model.rst" target="_blank">https://github.com/stackforge/networking-ovn/blob/master/doc/source/design/data_model.rst</a></div><div>[3] <a href="http://openvswitch.org/pipermail/dev/2015-June/056212.html" target="_blank">http://openvswitch.org/pipermail/dev/2015-June/056212.html</a></div><div>[4] <a href="https://review.openstack.org/#/c/186894/" target="_blank">https://review.openstack.org/#/c/186894/</a></div><div>[5] <a href="https://github.com/stackforge/networking-ovs-dpdk" target="_blank">https://github.com/stackforge/networking-ovs-dpdk</a></div><div>[6] <a href="https://github.com/stackforge/networking-l2gw" target="_blank">https://github.com/stackforge/networking-l2gw</a></div><div>[7] <a href="https://review.openstack.org/#/c/182349/" target="_blank">https://review.openstack.org/#/c/182349/</a></div></div>
</div>
<br></span>__________________________________________________________________________<span class=""><br>
OpenStack Development Mailing List (not for usage questions)<br></span>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br></div></div>
<br>__________________________________________________________________________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature">Best Regards ,<br><br>The G. </div>
</div></div></div>