Open Stack

Hi Roberto,

yea then i guess ovn-interconnect sounds like the more correct solution.
We are also aming for that for similar reasons.

Our idea for now to handle the creation of the Transit Logical Switches outside of neutron (as otherwise one neutron would rule over other neutrons).
As the transit switches are then created in the individual ovn deployments we thought about treating them as provider networks.

So the creation flow would be:
1. Create a transit switch on the ic-northbound
2. Wait for it to replicate to all ovn deployments
3. Create the provider networks on the neutron sides with a new `provider-network-type` and `provider-phyiscal-network` set to the transit switch name

So we would probably only be interested in the provider-network-type and not in the handling of the transit switches themselves in netron.

--
Felix Huettner

> Hi Felix,
>
> Thanks for your feedback.
>
> The ovn-bgp-agent is a very powerful application to interconnect multi-tenancy networks using BGP evpn type 5. This application integrates the br-ext with FRR and provides the interconnect using the BGP session. That would be one way to do it, but the problem is that bgpvpn service plugin is only integrated with Neutron. Imagine in the future that we need to integrate the tenant network between different cloud solutions (e.g using OpenStack, Kubernetes, LXD, etc.)... this could be possible if everyone uses OVN as a network backend and ovn-ic to interconnect the LRPs between AZs.
>
> Maybe I'm missing some point and there's no community interest in something like that. But back to the OpenStack/Neutron case, it might be interesting to continue the work on Neutron interconnect (or something like that), but maybe this time with the service plugin for ovn-ic.
>
> Regards,
> Roberto
>
> > Em qui., 9 de mar. de 2023 às 05:24, Felix Hüttner <felix.huettner at mail.schwarz> escreveu:
> > Hi Roberto,
> >
> > We will face a similar issue in the future and have also looked at ovn-interconnect (but not yet tested it).
> > There is also ovn-bgp-agent [1] which has an evpn mode that might be relevant.
> >
> > Whatever you find I would definitely be interested in your results
> >
> > [1] https://opendev.org/x/ovn-bgp-agent
> >
> > --
> > Felix Huettner
> >
> > > From: Roberto Bartzen Acosta <roberto.acosta at luizalabs.com>
> > > Sent: Wednesday, March 8, 2023 9:49 PM
> > > To: openstack-discuss at lists.openstack.org
> > > Cc: Tiago Pires <tiago.pires at luizalabs.com>
> > > Subject: [neutron] Openstack Network Interconnection
> > >
> > > Hey folks.
> > >
> > > Does anyone have ideas on how to interconnect different Openstack deployments?
> > > Consider that we have multiple Datacenters and need to interconnect tenant networks. How could this be done in the context of OpenStack (without using VPN) ?
> > >
> > > We have some ideas about the usage of OVN-IC (OVN Interconnect). It looks like a great solution to create a network layer between DCs/AZs with the help of the OVN driver. However, Neutron does not support the Transit Switches (OVN-IC design) that are required for this application.
> > >
> > > We've seen references to abandoned projects like [1] [2] [3].
> > >
> > > Does anyone use something similar in production or have an idea about how to do it? Imagine that we need to put workloads on two different AZs that run different Openstack installations, and we want to communicate with the local networks without using a FIP.
> > > I believe that the most coherent way to maintain databases consistent in each Openstack would be an integration with Neutron, but I haven't seen any movement on that.
> > >
> > > Regards,
> > > Roberto
> > >
> > > [1] https://www.youtube.com/watch?v=GizLmSiH1Q0
> > > [2] https://specs.openstack.org/openstack/neutron-specs/specs/stein/neutron-interconnection.html
> > > [3] https://opendev.org/x/neutron-interconnection
Diese E Mail enthält möglicherweise vertrauliche Inhalte und ist nur für die Verwertung durch den vorgesehenen Empfänger bestimmt. Sollten Sie nicht der vorgesehene Empfänger sein, setzen Sie den Absender bitte unverzüglich in Kenntnis und löschen diese E Mail. Hinweise zum Datenschutz finden Sie hier<https://www.datenschutz.schwarz>.