答复: [DVR config] Can we use drv_snat agent_mode in every compute node?
Yi Yang (杨燚)-云服务集团
yangyi01 at inspur.com
Fri May 17 00:26:08 UTC 2019
Slawomir, thanks a lot.
发件人: Slawomir Kaplonski [mailto:skaplons at redhat.com]
发送时间: 2019年5月16日 18:01
收件人: Yi Yang (杨燚)-云服务集团 <yangyi01 at inspur.com>
抄送: openstack-discuss at lists.openstack.org
主题: Re: [DVR config] Can we use drv_snat agent_mode in every compute node?
According to documentation which You cited even "‘dvr_snat’ - this enables centralized SNAT support in conjunction with DVR”. So yes, dvr_snat will do both, SNAT mode as well as DVR for E-W traffic.
We are using it like that in some CI jobs for sure and it works.
But I’m not 100% sure that this is “production ready” solution.
> On 16 May 2019, at 05:47, Yi Yang (杨燚)-云服务集团 <yangyi01 at inspur.com> wrote:
> Hi, folks
> I saw somebody discussed distributed SNAT, but finally they didn’t make agreement on how to implement distributed SNAT, my question is can we use dvr_snat agent_mode in compute node? I understand dvr_snat only does snat but doesn’t do east west routing, right? Can we set dvr_snat and dvr in one compute node at the same time? It is equivalent to distributed SNAT if we can set drv_snat in every compute node, isn’t right? I know Opendaylight can do SNAT in compute node in distributed way, but one external router only can run in one compute node.
> I also see https://wiki.openstack.org/wiki/Dragonflow is trying to implement distributed SNAT, what are technical road blocks for distributed SNAT in openstack dvr? Do we have any good way to remove these road blocks?
> Thank you in advance and look forward to getting your replies and insights.
> Also attached official drv configuration guide for your reference.
> Valid Values
> dvr, dvr_snat, legacy, dvr_no_external
> The working mode for the agent. Allowed modes are: ‘legacy’ - this preserves the existing behavior where the L3 agent is deployed on a centralized networking node to provide L3 services like DNAT, and SNAT. Use this mode if you do not want to adopt DVR. ‘dvr’ - this mode enables DVR functionality and must be used for an L3 agent that runs on a compute host. ‘dvr_snat’ - this enables centralized SNAT support in conjunction with DVR. This mode must be used for an L3 agent running on a centralized node (or in single-host deployments, e.g. devstack). ‘dvr_no_external’ - this mode enables only East/West DVR routing functionality for a L3 agent that runs on a compute host, the North/South functionality such as DNAT and SNAT will be provided by the centralized network node that is running in ‘dvr_snat’ mode. This mode should be used when there is no external network connectivity on the compute host.
Senior software engineer
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3600 bytes
Desc: not available
More information about the openstack-discuss