Age | Commit message (Collapse) | Author | Files | Lines |
|
The patch adds an OVS extra parameter to delete controller for bridges
configured with standalone fail mode. By default, bridges are created
without having an openflow controllers. If node is restarted, the bridge
is set to standalone mode but if a service managing the bridge sets a
controller, it will remain in the ovsdb.
As ovs-vswitchd sets the bridge behavior to normal MAC learning switch
only if bridge in standalone mode can't communicate with its controller,
leaving controller defined can cause node outage when bridge is used as
management network. In such case controller service, like
neutron-openvswitch-agent, would need to communicate over management
network but given that bridge is in standalone mode but communicates
with controller, management network won't be reachable. This creates a
chicken-egg problem.
By removing controller by default, ovs-vswitchd implements a normal
action rule to the standalone bridge and service can use the bridge as
management network and eventually set the brdige to secure and set the
flows manually.
See opened Bugzilla for more information:
https://bugzilla.redhat.com/show_bug.cgi?id=1473763
Closes-bug: #1712517
Change-Id: Iad48312667834ea8f5c7145595ae89cb5159b36d
(cherry picked from commit f8d76d2cdebfa0d06233a59a8f6539207c5b5a4e)
|
|
Os-net-config was not using the user supplied mapping file to map
interface names for interfaces in bonds or bridges. Fix is to set
the mapping file info when creating interface objects in bonds/bridges.
Closes-Bug: 1695122
Change-Id: I063256b93c44c2e7a05d9820b0c1f6bf5b73d7a0
|
|
|
|
Currently os-net_config will map nics from a user-supplied mapping file
only if the nic is active (operstate = up). This can cause problems
if a nic is in a bond and one of the bond's nics has no carrier.
This fix will map the nic from the mapping file if the nic is defined
on the system, regardless of the operstate status.
The fix implements a new function to return a list of available nics
(no check of operstate) for use if a mapping file is supplied. The
list of active nics must still be used in the default case when
numbering nics (no mapping file supplied). There is also some
cleanup to check if a user-supplied mac is in the mapping file before
attempting to convert the mac to a nic.
Change-Id: Ia5d8c8b49b7ac0b51ee42a754f06e5e53587a5f6
Closes-Bug: 1679787
|
|
|
|
Vector Packet Processing (VPP) is a high performance packet processing
stack that runs in user space in Linux. VPP is used as an alternative to
kernel networking stack for accelerated network data path. VPP uses DPDK
poll-mode drivers to bind system interfaces rather than kernel drivers.
VPP bound interfacees are not visible to kernel networking stack and
therefore require different configuration steps in os-net-config.
VPP interface will be used in Openstack by either Neutron ML2 driver
networking-vpp as an alternative to OVS, or by Opendaylight SDN
controller with Honeycomb agent.
This patch adds interface configuration support to os-net-config.
The kernel nic specified to be VPP interface type will be bound to
VPP with a DPDK poll-mode driver. Note that os-net-config will only
configure those settings that affect interface binding, all other
configurations for VPP will be configured throught TripleO Heat
Templates.
Implements: blueprint fdio-integration-tripleo
Change-Id: Iebb40b7c5b252c51e86b6f44bcf36ed206101390
Signed-off-by: Feng Pan <fpan@redhat.com>
|
|
Fixes an issue where string values for nm_controlled were not converted
to the appropriate boolean values.
Closes-Bug: #1673878
Change-Id: I912ca2ef54d1d1f97e76b3922b7c2fecc77040ff
|
|
This change allows the commands in ovs_extra to be expressed
as a string or as a list. If a string is passed, it will be
treated as a list with a single element, and other ovs_extra
elements will be appended to the same list, such as fail_mode.
In order for more than one command to be passed as a string,
the commands will need to be separated with double-dashes,
similar to the format used by OVS command-line utilities.
Change-Id: I3f69e7ab96ff6e06953c3838b3e187b93545d623
|
|
|
|
This patch adds a check that ensures the ovs_extra option, if present,
is passed in as list and raises an InvalidConfigException if not.
It addresses the issue that a user may mistakingly pass the value as
string, which would cause an error later when appending the failure
mode or when formatting the ovs_extra parameter.
Note: Also fixes a sample file in which ovs_extra was passed as string.
Change-Id: I9e8e47390b63d284de10d27b1db2c2cc54c86924
Closes-Bug: #1654196
|
|
This patch improves Python 3 compatibility by replacing .iteritems()
with .items() for iterating over dicts and fixing two tests to use
portable string comparison.
Change-Id: I8e1acafe372f1696823561d6aa8aae5437d34025
Closes-Bug: #1654187
|
|
This patch adds support for enabling hotplugging on interfaces (disabled
by default). This is useful for configuring SR-IOV root devices so that
they "return" to the system when no longer used by a VM.
Note: also updates an invalid value in the interface and ib_interface
sample files.
Partial-Bug: #1639901
Change-Id: Idfc17d6f20bb306271838895bc53f4b109dd664d
|
|
This patch adds an option "ovs_fail_mode" with a default value of
'standalone'. This is written to the interface configuration data as
part of the ovs_extra options.
Closes-Bug: #1640812
Change-Id: I2f30e56ff9fbda7beac21d95d15dbde0b01ba451
|
|
While primarily to work around a heat issue that prevents intrinsic
functions from being used for parameters being passed to NetworkConfig
resources, this could be generally useful in other ways.
Partial-Bug: #1640812
Change-Id: Ie9001f1d41f514666a44c8d9295b78a13e2108dc
|
|
This patch add an optional option to specify
the ETHTOOL_OPTS for each interface.
ETHTOOL_OPTS option will be written to the ifcfg file.
Change-Id: I6b594e89ba6b4c17e8df79def997f6c9ea427a3a
|
|
route_options will append additional options
to route definitions.
Change-Id: I2b70efdd9c6df7ea252576e245fbc0e9c46ea4bd
|
|
Adding options to NFVSwitch type bridge will give flexibility and
avoid specific attributes like 'cpus' in the yaml file (which will now
be moved into the options)
Change-Id: I4d715b641c54de969b9195b1a4b16195b2d7e595
|
|
- refactor test_object unit-test for IVS to follow other object class tests
- add new CLI unit test for IVS
- cleanup comments from https://review.openstack.org/#/c/345599
Change-Id: I0c337b019ae90ee7b2f207ff9b5060ed67bf182f
|
|
Modified the sample code to use numbered nics instead of physical
device name and added test code for testing the numbered nic usecases.
Implements: blueprint tripleo-ovs-dpdk
Depends-On: If1c91402d2d393140dc1b4a678e68a1bcdbe81e4
Change-Id: Ifadb495be57fcef56a97250de0c52fd03f2dd817
|
|
Add functionality to os-net-config to allow DPDK bonding of
interfaces, and implement support for parameters to be passed
by TripleO Heat Templates.
Implements: blueprint tripleo-ovs-dpdk
Depends-On: Id4a23ced28b92a642c180a35c55080e5f4e2e05d
Change-Id: If1c91402d2d393140dc1b4a678e68a1bcdbe81e4
|
|
The original implementation supported a strictly numeric mapping scheme
(e.g. nic1, nic2) that could misbehave if an active NIC was not listed in the
user's mapping file. This change fixes the misbehavior, and enhances the
feature by not requiring NIC aliases follow the numeric mapping scheme. This
allows the user to choose meaningful names for the NIC aliases.
NIC mapping now happens in two steps:
1) Process any user supplied mappings
- NIC alias does not need to follow the numeric "nicN" scheme
- Existing validation rules apply: mappings for inactive NICs are ignored
(but logged), and duplicate mappings are rejected
2) Generate default mappings as needed
- Only applies to active NICs that aren't already mapped
- Follows the numeric scheme (nic1, nic2) using the NIC number based on
the list of active NICs
- No default mapping is assigned if another NIC is already using that
numeric alias
Change-Id: I6943623a51702349f6a7dcf2de8a8429078a3ab0
Closes-Bug: 1612723
|
|
These changes are to generate /etc/sysconf/network-scripts/ifcfg-* and
/etc/sysconfig/nfvswitch configuration files for nfvswitch and its interfaces.
NFVSwitch is a virtual switch implementation based on DPDK for datacenter
workloads with very high throughput needs.
Change-Id: If02edb9c4c54c014f67290fe0c34e2fc73cb95bd
|
|
This change adds support for Linux adapter teams using teamd to
manage the bonds instead of the kernel bonding module. Adapter
teams using teamd can act like bonds, but also support additional
features and possibly more robust fault tolerance.
This implementation is fairly straightforward, in order to maintain
backward compatibility with templates made for Linux bonds. The only
difference in the syntax between the two is type: team instead of
type: linux_bond, and the bonding_options format is different.
The configuration files for teams should contain the team options
as a JSON string. The options that can be used are documented in
the teamd.conf(5) man page.
If an interface is marked as primary, the priority will be changed
from default 0 to 100, making this interface the preferred one. In
addition, the MAC address of the Team and all member interfaces will
be set to that of the primary interface. At this time, there is no
way to set the priority of link members individually, only the
interface marked primary will have a non-default priority.
This change has been tested on bare metal and worked for a team
with two bonded interfaces using LACP. The team was part of an
OVS bridge, and there was a VLAN interface on the team. Everything
worked as expected. Unit tests are included and passing.
Change-Id: If1d516ce8f9ada76375c3a52c5557d3f7348981a
Implements: blueprint os-net-config-teaming
|
|
This patch adds support for Infiniband interfaces. The only difference
between Inifiniband and regular interfaces at this time is that an
interface with type "ib_interface" will have "TYPE=Infiniband" added
to the ifcfg file.
However, the Infiniband interface is implemented as a full new class,
so in the future we can add script functions or additional config
options to the Infiniband interface config if needed.
Unit tests for both the object and the ifcfg implementation are
included. This patch does not include an implementation for systems
that use /etc/network/interfaces (Debian-based systems).
Note that this change has not yet been tested on bare metal with
Infiniband hardware.
Fixes bug: https://bugzilla.redhat.com/show_bug.cgi?id=1326616
Change-Id: Iaeaca9cd71e2cea6147951d49aecc7458be4ca0b
|
|
OVS patch ports are used to connect two OVS bridges so traffic can flow
between them. This is generally useful for various cases.
Specifically it could be used to connect the bridges created by TripleO
networking configurations (br-ex, etc) to the bridge created by the
multinode networking setup in infra's nodepool (br_pub). This allows the
nodes in a multinode deployment to have connectivity across private
subnets where such traffic is typically firewalled off in public clouds.
Change-Id: I11404106cb3f53734f6fc9a35c22f905a0770245
|
|
|
|
Adds support for configuring OVS Tunnels via os-net-config. Tunnels are
configured as members of ovs_bridge's where the type is set to
ovs_tunnel. The object also supports setting OVS extra and options so
that additional tunnel data can be defined, such as remote_ip.
Change-Id: I31ac1cbe8a13247a1529c0f99a0aea5807888844
|
|
When there are no active nics, strange errors can happen later
in the process of applying the configuration, and it's often not
obvious what caused them. Logging a warning should make it
easier to track down such problems.
Note that this should never happen legitimately in a TripleO
environment since we always need to have at least one active nic
to even get configuration to the system. However, it is a valid
case for someone who might be applying a configuration with local
access to a system, so it should be handled sanely. It's also
helpful in case of future bugs in the active nic checking.
Change-Id: Iaf6d4b1b215b70d61e0857e093a834702829e1b9
Related-Bug: 1569403
|
|
Bumps the version of hacking to match that in global-requirements.txt.
Change-Id: I7bb98dc773ce821b025d534f537f1a1704a50f9e
Closes-bug: #1566463
|
|
|
|
This change generates /etc/sysconf/network-scripts/ifcfg-* for ivs.
It also generates /etc/sysconf/ivs configuration file for ivs.
It supports only RedHat at this point.
Indigo Virtual Switch (IVS, https://github.com/floodlight/ivs)
is a virtual switch for Linux. It is compatible with the KVM
hypervisor and leveraging the Open vSwitch kernel module for
packet forwarding. There are three major differences between
IVS and OVS:
1. Each node can have at most one ivs, name is not required.
2. Bond is not allowed to attach to an ivs. It is the SDN
controller's job to dynamically form bonds on ivs.
3. IP address can only be statically assigned.
Change-Id: I276d736794d123405de793c2a4eb2c1ee55a0fad
|
|
The usage of assertEqual(True/False, ***) should be changed
to a meaningful format of assertTrue/False(***).
Change-Id: Ic15b6ebff7f050c1d516d9d680f362609803da4c
Closes-Bug:#1512207
|
|
This patch adds support for Linux Bridges to os-net-config. This is
done completely with ifcfg files, brctl is not used directly.
Hierarchy is preserved, so a Linux Bridge may have a Linux Bond
as a member, which in turn may have multiple interfaces as members.
This changeset has been updated to include a more specific example
for Linux bridge configuration (that doesn't combine bridging and
bonding).
This change depends on the change to add support for Linux Bonds.
Change-Id: I1ddacd514b02af30139a868071d82cde19b1f946
|
|
This change adds support for Linux Bonding to the impl_ifcfg
in os-net-config. This change adds support for configuring Linux
Bonds using the Bonding module rather than Open vSwitch. Most of
the options for Linux Bonds are the same as OVS, with the exception
of bonding_options instead of ovs_options.
Change-Id: If8c6de1554234277843de9fac58536dd5b0a941b
|
|
Adds in the ability to optionally configure DNS
server settings via the ifcfg file formats.
The dns_servers JSON is an array which currently
supports either 1 or 2 DNS servers (per limitations
of the ifcfg format).
Change-Id: I9edecfdd4e1d0f39883b72be554cd92c5685881d
|
|
This patch adds an optional flag that can be used to
pass in args for dhclient when using DHCP.
This use case for this is to be able to control which
DHCP options dhclient listens for and we can thus
disable specific options (like routing) for some
network configurations.
Change-Id: Ic21de0615ea0ef304843c55cc5abe43cb1771169
|
|
When multiple interfaces are configured with DHCP, and more than
one interface receives a gateway from the DHCP server(s), the
resulting default gateway on the system is unpredictable. This
change adds the "defroute" boolean to the configuration syntax
for os-net-config. Any interface type may be marked so that the
gateway received from the DHCP server will not be eligible as a
default gateway for the system. This only works for ifcfg files,
/etc/network/interfaces lacks an equivalent option.
Change-Id: Id775f3506b2ec60c9a2833efd49fb8319151c00d
Closes-Bug: 1449288
|
|
Currently there's a fixed mapping between abstracted interface
names (nic1, nic2 etc) and the underlying biosdevname for the
device.
In many cases, this mapping based on system enumeration is
sufficient, but in some cases, particularly when you perform
detailed pre-deployment discovery of interfaces, you may wish
to alter the mapping independently of the config (e.g if the
config is in a heat template, and the discovery data is
provided at runtime).
So this adds a -m option to os-net-config, which enables a
mapping file to be provided, such that specific interfaces
may be mapped to their abstract names based on knowledge of
the devices or the networks they are connected to.
The mapping file has the following format, where em1 and em2 are
device names as detected by the OS (e.g biosdevname):
interface_mapping:
nic1: em2
nic2: em1
Or you can use the device MAC instead:
interface_mapping:
nic1: 12:34:56:78:9a:bc
nic2: 12:34:56:de:f0:12
Change-Id: I93e6d3ed733244834bb3c2126c91db705b4d9167
|
|
Implements a new active NIC abstraction and naming convention
that allows nic1, nic2, etc. to be translated to actual (active)
network device names like em1, em2 (or eth0, eth1).
This includes some logic to map ordered active nics to the
nic1, nic2 naming scheme. Embedded nics are always listed
first (in sort order) followed by any other active Nics
on the system.
With the new code:
{"type": "interface", "name": "nic1" }
is automatically translated (internally) to:
{"type": "interface", "name": "em1" }
This works for all top level "interface" devices, vlans, bonds, and
bridges alike. For vlans the 'device' name is translated instead
of the device name per vlan object conventions.
|
|
Adds support for a new 'primary' interface option exposed via the
object model and JSON parsers which can be used to force the
MAC address on a bridge. Only one interface on a given
bridge (or bond) may be set as the primary interface.
Also, update the ifcfg and eni providers so that they use
OVS_EXTRA (or ovs_extra) to pin the mac accordingly.
|
|
|
|
Adds a from_json static method to all objects.
Also adds a top level object_from_json function that
can be used for all the interface and bridge types.
(everything except addresses and routes). This should
be useful for wiring processing JSON from the CLI.
|
|
Ifcfg formatted persistence for interfaces and routes.
|