[openstack-dev] [Neutron] initial OVN testing
Miguel Ángel Ajo
majopela at redhat.com
Tue Mar 31 07:48:06 UTC 2015
That’s super nice ;) !!! :D
I’m prototyping over here [1] to gather some benchmarks for the summit presentation
about “Taking Security Groups To Ludicrous Speed with Open vSwitch” with Ivar, Justin
and Thomas.
I know Justin and Joe have been doing good advances on it ;) [3] lately.
[1] https://review.openstack.org/#/c/167671/
[2] https://github.com/justinpettit/ovs/tree/conntrack
[3] https://github.com/justinpettit/ovs/commits/conntrack
Miguel Ángel Ajo
On Tuesday, 31 de March de 2015 at 9:34, Kevin Benton wrote:
> Very cool. What's the latest status on data-plane support for the conntrack based things like firewall rules and conntrack integration?
>
> On Mon, Mar 30, 2015 at 7:19 PM, Russell Bryant <rbryant at redhat.com (mailto:rbryant at redhat.com)> wrote:
> > On 03/26/2015 07:54 PM, Russell Bryant wrote:
> > > Gary and Kyle, I saw in my IRC backlog that you guys were briefly
> > > talking about testing the Neutron ovn ml2 driver. I suppose it's time
> > > to add some more code to the devstack integration to install the current
> > > ovn branch and set up ovsdb-server to serve up the right database for
> > > this. I'll try to work on that tomorrow. Of course, note that all we
> > > can set up right now is the northbound database. None of the code that
> > > reacts to updates to that database is merged yet. We can still go ahead
> > > and test our code and make sure the expected data makes it there, though.
> >
> > With help from Kyle Mestery, Gary Kotton, and Gal Sagie, some great
> > progress has been made over the last few days. Devstack support has
> > merged and the ML2 driver seems to be doing the right thing.
> >
> > After devstack runs, you can see that the default networks created by
> > devstack are in the OVN db:
> >
> > > $ neutron net-list
> > > +--------------------------------------+---------+--------------------------------------------------+
> > > | id | name | subnets |
> > > +--------------------------------------+---------+--------------------------------------------------+
> > > | 1c4c9a38-afae-40aa-a890-17cd460b314b | private | 115f27d1-5330-489e-b81f-e7f7da123a31 10.0.0.0/24 (http://10.0.0.0/24) |
> > > | 69fc7d7c-6906-43e7-b5e2-77c059cf4143 | public | 6b5c1597-4af8-4ad3-b28b-a4e83a07121b |
> > > +--------------------------------------+---------+--------------------------------------------------+
> >
> > > $ ovn-nbctl lswitch-list
> > > 47135494-6b36-4db9-8ced-3bdc9b711ca9 (neutron-1c4c9a38-afae-40aa-a890-17cd460b314b)
> > > 03494923-48cf-4af5-a391-ed48fe180c0b (neutron-69fc7d7c-6906-43e7-b5e2-77c059cf4143)
> >
> > > $ ovn-nbctl lswitch-get-external-id neutron-1c4c9a38-afae-40aa-a890-17cd460b314b
> > > neutron:network_id=1c4c9a38-afae-40aa-a890-17cd460b314b
> > > neutron:network_name=private
> >
> > > $ ovn-nbctl lswitch-get-external-id neutron-69fc7d7c-6906-43e7-b5e2-77c059cf4143
> > > neutron:network_id=69fc7d7c-6906-43e7-b5e2-77c059cf4143
> > > neutron:network_name=public
> >
> > You can also create ports and see those reflected in the OVN db:
> >
> > > $ neutron port-create 1c4c9a38-afae-40aa-a890-17cd460b314b
> > > Created a new port:
> > > +-----------------------+---------------------------------------------------------------------------------+
> > > | Field | Value |
> > > +-----------------------+---------------------------------------------------------------------------------+
> > > | admin_state_up | True |
> > > | allowed_address_pairs | |
> > > | binding:vnic_type | normal |
> > > | device_id | |
> > > | device_owner | |
> > > | fixed_ips | {"subnet_id": "115f27d1-5330-489e-b81f-e7f7da123a31", "ip_address": "10.0.0.3"} |
> > > | id | e7c080ad-213d-4839-aa02-1af217a6548c |
> > > | mac_address | fa:16:3e:07:9e:68 |
> > > | name | |
> > > | network_id | 1c4c9a38-afae-40aa-a890-17cd460b314b |
> > > | security_groups | be68fd4e-48d8-46f2-8204-8a916ea6f348 |
> > > | status | DOWN |
> > > | tenant_id | ed782253a54c4e0a8b46e275480896c9 |
> > > +-----------------------+---------------------------------------------------------------------------------+
> >
> > List ports on the logical switch named neutron-1c4c9a38...:
> >
> > > $ ovn-nbctl lport-list neutron-1c4c9a38-afae-40aa-a890-17cd460b314b
> > > ...
> > > 96432697-df3c-472a-b48a-9f844764d4bf (neutron-e7c080ad-213d-4839-aa02-1af217a6548c)
> >
> > We can also see that the proper MAC address was set on that port:
> >
> > > $ ovn-nbctl lport-get-macs neutron-e7c080ad-213d-4839-aa02-1af217a6548c
> > > fa:16:3e:07:9e:68
> >
> > --
> > Russell Bryant
> >
> > __________________________________________________________________________
> > OpenStack Development Mailing List (not for usage questions)
> > Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe (http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe)
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
>
> --
> Kevin Benton
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe (mailto:OpenStack-dev-request at lists.openstack.org?subject:unsubscribe)
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150331/b4a94dc4/attachment.html>
More information about the OpenStack-dev
mailing list