From d73d74f4be1c994ed45afb32b253faf4a2d16d74 Mon Sep 17 00:00:00 2001 From: Dan Sneddon Date: Thu, 28 Jan 2016 18:14:30 -0800 Subject: Add TripleO Heat Template Parameters for Neutron Tenant MTU This change adds the TripleO Heat Parameters and Puppet hieradata to support setting the MTU for Neutron tenant networks. A new parameter, NeutronTenantMtu is introduced, and this gets used for the NeutronDnsmasqOptions and in Puppet hieradata. NeutronTenantMtu is also used in the Puppet hieradata for both the compute and control nodes. Two values are set: nova::compute::network_device_mtu which sets /etc/nova/nova.conf: network_device_mtu = neutron::network_device_mtu which sets in /etc/neutron/neutron.conf: network_device_mtu = finally, the NeutronDnsmasqOptions parameter becomes a str_format that maps the NeutronTenantMtu onto the DHCP options, so a default of 'dhcp-option-force=26,%MTU%' would be formatted to 'dhcp-option-force=26,1300' if NeutronTenantMtu were 1300. This will set dnsmasq to serve an MTU via DHCP that matches the NeutronTenantMtu: /etc/neutron/dnsmasq-neutron.conf:dhcp-option-force=26,1300 Typically, you would change all three of these settings to use small or jumbo frames in VMs. When using tunneling, NeutronTenantMtu should be set at least 50 bytes smaller than the physical network MTU in order to make room for tunneling overhead. Note that this change does not support setting the MTU on veth interfaces if veth patches are used to br-int instead of OVS patches. Change-Id: I38840e082ee01dc3b6fc78e1dd97f53fa4e63039 --- overcloud.yaml | 24 +++++++++++++++++++++--- puppet/compute.yaml | 12 ++++++++++++ puppet/controller.yaml | 12 ++++++++++++ 3 files changed, 45 insertions(+), 3 deletions(-) diff --git a/overcloud.yaml b/overcloud.yaml index 673bf506..a71fb2fe 100644 --- a/overcloud.yaml +++ b/overcloud.yaml @@ -168,6 +168,15 @@ parameters: description: Shared secret to prevent spoofing type: string hidden: true + NeutronTenantMtu: + description: > + The default MTU for tenant networks. For VXLAN/GRE tunneling, this should + be at least 50 bytes smaller than the MTU on the physical network. This + value will be used to set the MTU on the virtual Ethernet device. + This value will be used to construct the NeutronDnsmasqOptions, since that + will determine the MTU that is assigned to the VM host through DHCP. + default: "1400" + type: string NeutronTunnelTypes: default: 'vxlan' description: | @@ -498,8 +507,11 @@ parameters: type: number default: 4096 NeutronDnsmasqOptions: - default: 'dhcp-option-force=26,1400' - description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead. + default: 'dhcp-option-force=26,%MTU%' + description: > + Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU + to be set to the value of NeutronTenantMtu, which should be set to account + for tunnel overhead. type: string NeutronPublicInterfaceDefaultRoute: default: '' @@ -898,6 +910,7 @@ resources: NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP} NeutronFlatNetworks: {get_param: NeutronFlatNetworks} NeutronBridgeMappings: {get_param: NeutronBridgeMappings} + NeutronTenantMtu: {get_param: NeutronTenantMtu} NeutronExternalNetworkBridge: {get_param: NeutronExternalNetworkBridge} NeutronEnableIsolatedMetadata: {get_param: NeutronEnableIsolatedMetadata} NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} @@ -907,7 +920,11 @@ resources: NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute} NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice} NeutronPassword: {get_param: NeutronPassword} - NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions} + NeutronDnsmasqOptions: + str_replace: + template: {get_param: NeutronDnsmasqOptions} + params: + '%MTU%': {get_param: NeutronTenantMtu} NeutronDVR: {get_param: NeutronDVR} NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} NeutronAgentMode: {get_param: NeutronAgentMode} @@ -996,6 +1013,7 @@ resources: KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} NeutronBridgeMappings: {get_param: NeutronBridgeMappings} + NeutronTenantMtu: {get_param: NeutronTenantMtu} NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} NeutronEnableL2Pop : {get_param: NeutronEnableL2Pop} NeutronFlatNetworks: {get_param: NeutronFlatNetworks} diff --git a/puppet/compute.yaml b/puppet/compute.yaml index 8b2bcd33..e56c3766 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -118,6 +118,15 @@ parameters: default: nic1 description: A port to add to the NeutronPhysicalBridge. type: string + NeutronTenantMtu: + description: > + The default MTU for tenant networks. For VXLAN/GRE tunneling, this should + be at least 50 bytes smaller than the MTU on the physical network. This + value will be used to set the MTU on the virtual Ethernet device. + This number is related to the value of NeutronDnsmasqOptions, since that + will determine the MTU that is assigned to the VM host through DHCP. + default: 1400 + type: number NeutronTunnelTypes: type: comma_delimited_list description: | @@ -463,6 +472,7 @@ resources: nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend} rbd_persistent_storage: {get_input: cinder_enable_rbd_backend} nova_password: {get_input: nova_password} + nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu} nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge} nova::network::neutron::security_group_api: {get_input: nova_security_group_api} @@ -487,6 +497,7 @@ resources: neutron_host: {get_input: neutron_host} neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip} + neutron::network_device_mtu: {get_input: neutron_tenant_mtu} neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types} neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types} neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions} @@ -581,6 +592,7 @@ resources: template: MAPPINGS params: MAPPINGS: {get_param: NeutronBridgeMappings} + neutron_tenant_mtu: {get_param: NeutronTenantMtu} neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} neutron_enable_l2pop: {get_param: NeutronEnableL2Pop} neutron_physical_bridge: {get_param: NeutronPhysicalBridge} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index ea19c711..15dbf598 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -492,6 +492,15 @@ parameters: default: '' description: If set, the public interface is a vlan with this device as the raw device. type: string + NeutronTenantMtu: + description: > + The default MTU for tenant networks. For VXLAN/GRE tunneling, this should + be at least 50 bytes smaller than the MTU on the physical network. This + value will be used to set the MTU on the virtual Ethernet device. + This number is related to the value of NeutronDnsmasqOptions, since that + will determine the MTU that is assigned to the VM host through DHCP. + default: 1400 + type: number NeutronTunnelTypes: default: 'vxlan' description: | @@ -1061,6 +1070,7 @@ resources: params: AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions} neutron_password: {get_param: NeutronPassword} + neutron_tenant_mtu: {get_param: NeutronTenantMtu} neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions} neutron_dsn: list_join: @@ -1381,6 +1391,7 @@ resources: neutron::server::database_connection: {get_input: neutron_dsn} neutron::server::api_workers: {get_input: neutron_workers} neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge} + neutron::network_device_mtu: {get_input: neutron_tenant_mtu} neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling} neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop} neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata} @@ -1465,6 +1476,7 @@ resources: nova::api::osapi_compute_workers: {get_input: nova_workers} nova::api::ec2_workers: {get_input: nova_workers} nova::api::metadata_workers: {get_input: nova_workers} + nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu} nova::database_connection: {get_input: nova_dsn} nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} -- cgit 1.2.3-korg