From 544dc002ea3b91706ced3bb4e25eedb1cbf09360 Mon Sep 17 00:00:00 2001 From: Bin Hu Date: Thu, 15 Mar 2018 14:58:09 -0700 Subject: Documentation for Fraser Release Change-Id: I8b1e15af6702702f5b781c861d35d0d6499478bf Signed-off-by: Bin Hu --- docs/release/configguide/featureconfig.rst | 6 +- docs/release/configguide/index.rst | 2 +- docs/release/installation/index.rst | 2 +- .../installation/installation.instruction.rst | 11 +- docs/release/release-notes/release-notes.rst | 18 +-- docs/release/userguide/feature.usage.rst | 146 +++++++++++---------- docs/release/userguide/gap-odl-carbon.rst | 73 ----------- docs/release/userguide/gap-odl-nitrogen.rst | 74 +++++++++++ docs/release/userguide/gap-os-ocata.rst | 142 -------------------- docs/release/userguide/gap-os-pike.rst | 142 ++++++++++++++++++++ docs/release/userguide/index.rst | 12 +- 11 files changed, 315 insertions(+), 313 deletions(-) delete mode 100644 docs/release/userguide/gap-odl-carbon.rst create mode 100644 docs/release/userguide/gap-odl-nitrogen.rst delete mode 100644 docs/release/userguide/gap-os-ocata.rst create mode 100644 docs/release/userguide/gap-os-pike.rst (limited to 'docs/release') diff --git a/docs/release/configguide/featureconfig.rst b/docs/release/configguide/featureconfig.rst index 3e3d99b..692a205 100644 --- a/docs/release/configguide/featureconfig.rst +++ b/docs/release/configguide/featureconfig.rst @@ -6,7 +6,7 @@ IPv6 Configuration - Setting Up a Service VM as an IPv6 vRouter =============================================================== -This section provides instructions to set up a service VM as an IPv6 vRouter using OPNFV Euphrates Release +This section provides instructions to set up a service VM as an IPv6 vRouter using OPNFV Fraser Release installers. Because Open Daylight no longer supports L2-only option, and there is only limited support of IPv6 in L3 option of Open Daylight, setup of service VM as an IPv6 vRouter is only available under pure/native OpenStack environment. The deployment model may be HA or non-HA. The infrastructure may be @@ -28,7 +28,7 @@ Setup Manual in OpenStack-Only Environment ****************************************** If you intend to set up a service VM as an IPv6 vRouter in OpenStack-only environment of -OPNFV Euphrates Release, please **NOTE** that: +OPNFV Fraser Release, please **NOTE** that: * Because the anti-spoofing rules of Security Group feature in OpenStack prevents a VM from forwarding packets, we need to disable Security Group feature in the @@ -42,7 +42,7 @@ OPNFV Euphrates Release, please **NOTE** that: Install OPNFV and Preparation ----------------------------- -**OPNFV-NATIVE-INSTALL-1**: To install OpenStack-only environment of OPNFV Euphrates Release: +**OPNFV-NATIVE-INSTALL-1**: To install OpenStack-only environment of OPNFV Fraser Release: **Apex Installer**: diff --git a/docs/release/configguide/index.rst b/docs/release/configguide/index.rst index 974d49f..42c2da6 100644 --- a/docs/release/configguide/index.rst +++ b/docs/release/configguide/index.rst @@ -11,7 +11,7 @@ IPv6 Configuration Guide :Abstract: This document provides the users with the Configuration Guide to set up a -service VM as an IPv6 vRouter using OPNFV Euphrates Release. +service VM as an IPv6 vRouter using OPNFV Fraser Release. .. toctree:: :numbered: diff --git a/docs/release/installation/index.rst b/docs/release/installation/index.rst index cf7e46e..4560fb4 100644 --- a/docs/release/installation/index.rst +++ b/docs/release/installation/index.rst @@ -11,7 +11,7 @@ IPv6 Installation Procedure :Abstract: This document provides the users with the Installation Procedure to install -OPNFV Euphrates Release on IPv6-only Infrastructure. +OPNFV Fraser Release on IPv6-only Infrastructure. .. toctree:: :numbered: diff --git a/docs/release/installation/installation.instruction.rst b/docs/release/installation/installation.instruction.rst index 8438840..888ee89 100644 --- a/docs/release/installation/installation.instruction.rst +++ b/docs/release/installation/installation.instruction.rst @@ -10,8 +10,12 @@ This section provides instructions to install OPNFV on IPv6-only Infrastructure. All underlay networks and API endpoints will be IPv6-only except: -1. "admin" network in underlay/undercloud still has to be IPv4, due to lack of - support of IPMI over IPv6 or PXE over IPv6. +1. "admin" network in underlay/undercloud still has to be IPv4. + * It was due to lack of support of IPMI over IPv6 or PXE over IPv6. + * iPXE does support IPv6 now. Ironic has added support for booting + nodes with IPv6. + * We are starting to work on enabling IPv6-only environment for all + networks. For TripleO, this work is still ongoing. 2. Metadata server is still IPv4 only. Except the limitations above, the use case scenario of the IPv6-only @@ -25,7 +29,8 @@ infrastructure includes: 5. Inter VM communication (East-West routing) when VMs are spread across two compute nodes. 6. VNC access into a VM using IPv6 addresses. -7. IPv6 support in OVS VxLAN (and/or GRE) tunnel endpoints with OVS 2.6+ (**NEW**) +7. IPv6 support in OVS VxLAN (and/or GRE) tunnel endpoints with OVS 2.6+. +8. IPv6 support in iPXE, and booting nodes with IPv6 (**NEW**). ------------------------------------------- Install OPNFV in OpenStack-Only Environment diff --git a/docs/release/release-notes/release-notes.rst b/docs/release/release-notes/release-notes.rst index 4383b68..0eb4f14 100644 --- a/docs/release/release-notes/release-notes.rst +++ b/docs/release/release-notes/release-notes.rst @@ -6,7 +6,7 @@ OPNFV IPv6 Project Release Notes ================================ -This document provides the release notes for Euphrates of IPv6 Project. +This document provides the release notes for Fraser of IPv6 Project. .. contents:: :depth: 3 @@ -20,13 +20,7 @@ Version History | **Date** | **Version** | **Author** | **Comment** | | | | | | +--------------------+--------------------+--------------------+--------------------+ -| 2017-09-10 | 0.1.0 | Bin Hu | First draft | -+--------------------+--------------------+--------------------+--------------------+ -| 2017-09-30 | 0.5.0 | Bin Hu | Baseline draft | -+--------------------+--------------------+--------------------+--------------------+ -| 2017-10-16 | 5.0.0 | Bin Hu | Release Ready | -+--------------------+--------------------+--------------------+--------------------+ -| 2017-12-13 | 5.1.0 | Bin Hu | Euhprates 5.1 Ready| +| 2018-03-15 | 0.5.0 | Bin Hu | Baseline draft | +--------------------+--------------------+--------------------+--------------------+ Important Notes @@ -47,13 +41,13 @@ For details, please refer to our `User Guide <../userguide/index.html>`_. Summary ------- -This is the Euphrates release of the IPv6 feature as part of OPNFV, including: +This is the Fraser release of the IPv6 feature as part of OPNFV, including: * Installation of OPNFV on IPv6-Only Infrastructure by Apex Installer * Configuration of setting up a Service VM as an IPv6 vRouter in OpenStack-Only environment -* User Guide, which analyzes the gap of IPv6 support in OpenStack Ocata - and OpenDaylight Carbon. +* User Guide, which analyzes the gap of IPv6 support in OpenStack Pike + and OpenDaylight Nitrogen. Please refer to our: @@ -87,7 +81,7 @@ Please refer to `Testing Methodology <../installation/index.html#testing-methodo References ---------- -For more information on the OPNFV Euphrates release, please see: +For more information on the OPNFV Fraser release, please see: http://www.opnfv.org/software diff --git a/docs/release/userguide/feature.usage.rst b/docs/release/userguide/feature.usage.rst index db47ea3..4352231 100644 --- a/docs/release/userguide/feature.usage.rst +++ b/docs/release/userguide/feature.usage.rst @@ -2,34 +2,34 @@ .. http://creativecommons.org/licenses/by/4.0 .. (c) Bin Hu (AT&T) and Sridhar Gaddam (RedHat) -======================================= -Using IPv6 Feature of Euphrates Release -======================================= +==================================== +Using IPv6 Feature of Fraser Release +==================================== This section provides the users with gap analysis regarding IPv6 feature requirements with -OpenStack Ocata Official Release and Open Daylight Carbon Official Release. The gap analysis +OpenStack Pike Official Release and Open Daylight Nitrogen Official Release. The gap analysis serves as feature specific user guides and references when as a user you may leverage the IPv6 feature in the platform and need to perform some IPv6 related operations. -For more information, please find Neutron's IPv6 document for Ocata Release [1]_. +For more information, please find Neutron's IPv6 document for Pike Release [1]_. -************************************** -IPv6 Gap Analysis with OpenStack Ocata -************************************** +************************************* +IPv6 Gap Analysis with OpenStack Pike +************************************* This section provides users with IPv6 gap analysis regarding feature requirement with -OpenStack Neutron in Ocata Official Release. The following table lists the use cases / feature +OpenStack Neutron in Pike Official Release. The following table lists the use cases / feature requirements of VIM-agnostic IPv6 functionality, including infrastructure layer and VNF -(VM) layer, and its gap analysis with OpenStack Neutron in Ocata Official Release. +(VM) layer, and its gap analysis with OpenStack Neutron in Pike Official Release. Please **NOTE** that in terms of IPv6 support in OpenStack Neutron, there is no difference -between **Ocata** release and **Newton** release. +between **Pike** release and **Ocata** release. .. table:: :class: longtable +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Use Case / Requirement |Supported in Ocata |Notes | + |Use Case / Requirement |Supported in Pike |Notes | +===========================================================+===================+====================================================================+ |All topologies work in a multi-tenant environment |Yes |The IPv6 design is following the Neutron tenant networks model; | | | |dnsmasq is being used inside DHCP network namespaces, while radvd | @@ -125,9 +125,9 @@ between **Ocata** release and **Newton** release. +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ |IPv6 Support in "Allowed Address Pairs" Extension |Yes | | +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Support for IPv6 Prefix Delegation. |Yes |Partial support in Ocata | + |Support for IPv6 Prefix Delegation. |Yes |Partial support in Pike | +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Distributed Virtual Routing (DVR) support for IPv6 |**No** |In Ocata DVR implementation, IPv6 works. But all the IPv6 ingress/ | + |Distributed Virtual Routing (DVR) support for IPv6 |**No** |In Pike DVR implementation, IPv6 works. But all the IPv6 ingress/ | | | |egress traffic is routed via the centralized controller node, i.e. | | | |similar to SNAT traffic. | | | |A fully distributed IPv6 router is not yet supported in Neutron. | @@ -149,78 +149,80 @@ between **Ocata** release and **Newton** release. |(keepalived+VRRP). | | | +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ -******************************************* -IPv6 Gap Analysis with Open Daylight Carbon -******************************************* +********************************************* +IPv6 Gap Analysis with Open Daylight Nitrogen +********************************************* This section provides users with IPv6 gap analysis regarding feature requirement with -Open Daylight Carbon Official Release. The following table lists the use cases / feature +Open Daylight Nitrogen Official Release. The following table lists the use cases / feature requirements of VIM-agnostic IPv6 functionality, including infrastructure layer and VNF -(VM) layer, and its gap analysis with Open Daylight Carbon Official Release. +(VM) layer, and its gap analysis with Open Daylight Nitrogen Official Release. -**Open Daylight Carbon Status** +**Open Daylight Nitrogen Status** -In Open Daylight Carbon official release, the legacy ``Old Netvirt`` identified by feature +In Open Daylight Nitrogen official release, the legacy ``Old Netvirt`` identified by feature ``odl-ovsdb-openstack`` is deprecated and no longer supported. The ``New Netvirt`` identified by feature ``odl-netvirt-openstack`` is used. .. table:: :class: longtable - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |Use Case / Requirement |Supported in ODL Carbon|Notes | - +==================================================+=======================+==============================================================+ - |REST API support for IPv6 subnet creation in ODL |Yes |Yes, it is possible to create IPv6 subnets in ODL using | - | | |Neutron REST API. | - | | | | - | | |For a network which has both IPv4 and IPv6 subnets, ODL | - | | |mechanism driver will send the port information which | - | | |includes IPv4/v6 addresses to ODL Neutron northbound API. | - | | |When port information is queried, it displays IPv4 and IPv6 | - | | |addresses. | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPv6 Router support in ODL: |Yes | | - | | | | - |1. Communication between VMs on same network | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPv6 Router support in ODL: |Yes | | - | | | | - |2. Communication between VMs on different | | | - | networks connected to the same router | | | - | (east-west) | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPv6 Router support in ODL: |**Work in Progress** |Work in progress. | - | | | | - |3. External routing (north-south) | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPAM: Support for IPv6 Address assignment modes. |Yes |ODL IPv6 Router supports all the IPv6 Address assignment | - | | |modes along with Neutron DHCP Agent. | - |1. SLAAC | | | - |2. DHCPv6 Stateless | | | - |3. DHCPv6 Stateful | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |When using ODL for L2 forwarding/tunneling, it is |Yes | | - |compatible with IPv6. | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |Full support for IPv6 matching (i.e. IPv6, ICMPv6,|Yes | | - |TCP, UDP) in security groups. Ability to control | | | - |and manage all IPv6 security group capabilities | | | - |via Neutron/Nova API (REST and CLI) as well as | | | - |via Horizon | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |Shared Networks support |Yes | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPv6 external L2 VLAN directly attached to a VM. |**ToDo** | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |ODL on an IPv6 only Infrastructure. |**Work in Progress** |Deploying OpenStack with ODL on an IPv6 only infrastructure | - | | |where the API endpoints are all IPv6 addresses. | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |VxLAN Tunnels with IPv6 Endpoints |Yes | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |Use Case / Requirement |Supported in ODL Nitrogen|Notes | + +==================================================+=========================+==============================================================+ + |REST API support for IPv6 subnet creation in ODL |Yes |Yes, it is possible to create IPv6 subnets in ODL using | + | | |Neutron REST API. | + | | | | + | | |For a network which has both IPv4 and IPv6 subnets, ODL | + | | |mechanism driver will send the port information which | + | | |includes IPv4/v6 addresses to ODL Neutron northbound API. | + | | |When port information is queried, it displays IPv4 and IPv6 | + | | |addresses. | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPv6 Router support in ODL: |Yes | | + | | | | + |1. Communication between VMs on same network | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPv6 Router support in ODL: |Yes | | + | | | | + |2. Communication between VMs on different | | | + | networks connected to the same router | | | + | (east-west) | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPv6 Router support in ODL: |Yes |In ODL Nitrogen Release, RFE "IPv6 Inter-DC L3 North-South | + | | |Connectivity Using L3VPN Provider Network Types" [1]_ is | + |3. External routing (north-south) | |merged. | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPAM: Support for IPv6 Address assignment modes. |Yes |ODL IPv6 Router supports all the IPv6 Address assignment | + | | |modes along with Neutron DHCP Agent. | + |1. SLAAC | | | + |2. DHCPv6 Stateless | | | + |3. DHCPv6 Stateful | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |When using ODL for L2 forwarding/tunneling, it is |Yes | | + |compatible with IPv6. | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |Full support for IPv6 matching (i.e. IPv6, ICMPv6,|Yes | | + |TCP, UDP) in security groups. Ability to control | | | + |and manage all IPv6 security group capabilities | | | + |via Neutron/Nova API (REST and CLI) as well as | | | + |via Horizon | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |Shared Networks support |Yes | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPv6 external L2 VLAN directly attached to a VM. |**ToDo** | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |ODL on an IPv6 only Infrastructure. |**Work in Progress** |Deploying OpenStack with ODL on an IPv6 only infrastructure | + | | |where the API endpoints are all IPv6 addresses. | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |VxLAN Tunnels with IPv6 Endpoints |Yes | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ References -.. [1] Neutron IPv6 Documentation for Ocata Release: http://docs.openstack.org/ocata/networking-guide/config-ipv6.html +.. [1] Neutron IPv6 Documentation for Pike Release: http://docs.openstack.org/neutron/pike/admin/config-ipv6.html .. [2] How to Use Config-Drive for Metadata with IPv6 Network: http://superuser.openstack.org/articles/deploying-ipv6-only-tenants-with-openstack/ +.. [3] http://docs.opendaylight.org/en/latest/submodules/netvirt/docs/specs/ipv6-interdc-l3vpn.html + diff --git a/docs/release/userguide/gap-odl-carbon.rst b/docs/release/userguide/gap-odl-carbon.rst deleted file mode 100644 index 273a8db..0000000 --- a/docs/release/userguide/gap-odl-carbon.rst +++ /dev/null @@ -1,73 +0,0 @@ -.. This work is licensed under a Creative Commons Attribution 4.0 International License. -.. http://creativecommons.org/licenses/by/4.0 -.. (c) Bin Hu (AT&T) and Sridhar Gaddam (RedHat) - -=========================================== -IPv6 Gap Analysis with Open Daylight Carbon -=========================================== - -This section provides users with IPv6 gap analysis regarding feature requirement with -Open Daylight Carbon Official Release. The following table lists the use cases / feature -requirements of VIM-agnostic IPv6 functionality, including infrastructure layer and VNF -(VM) layer, and its gap analysis with Open Daylight Carbon Official Release. - -**Open Daylight Carbon Status** - -In Open Daylight Carbon official release, the legacy ``Old Netvirt`` identified by feature -``odl-ovsdb-openstack`` is deprecated and no longer supported. The ``New Netvirt`` -identified by feature ``odl-netvirt-openstack`` is used. - -.. table:: - :class: longtable - - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |Use Case / Requirement |Supported in ODL Carbon|Notes | - +==================================================+=======================+==============================================================+ - |REST API support for IPv6 subnet creation in ODL |Yes |Yes, it is possible to create IPv6 subnets in ODL using | - | | |Neutron REST API. | - | | | | - | | |For a network which has both IPv4 and IPv6 subnets, ODL | - | | |mechanism driver will send the port information which | - | | |includes IPv4/v6 addresses to ODL Neutron northbound API. | - | | |When port information is queried, it displays IPv4 and IPv6 | - | | |addresses. | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPv6 Router support in ODL: |Yes | | - | | | | - |1. Communication between VMs on same network | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPv6 Router support in ODL: |Yes | | - | | | | - |2. Communication between VMs on different | | | - | networks connected to the same router | | | - | (east-west) | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPv6 Router support in ODL: |**Work in Progress** |Work in progress. | - | | | | - |3. External routing (north-south) | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPAM: Support for IPv6 Address assignment modes. |Yes |ODL IPv6 Router supports all the IPv6 Address assignment | - | | |modes along with Neutron DHCP Agent. | - |1. SLAAC | | | - |2. DHCPv6 Stateless | | | - |3. DHCPv6 Stateful | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |When using ODL for L2 forwarding/tunneling, it is |Yes | | - |compatible with IPv6. | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |Full support for IPv6 matching (i.e. IPv6, ICMPv6,|Yes | | - |TCP, UDP) in security groups. Ability to control | | | - |and manage all IPv6 security group capabilities | | | - |via Neutron/Nova API (REST and CLI) as well as | | | - |via Horizon | | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |Shared Networks support |Yes | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |IPv6 external L2 VLAN directly attached to a VM. |**ToDo** | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |ODL on an IPv6 only Infrastructure. |**Work in Progress** |Deploying OpenStack with ODL on an IPv6 only infrastructure | - | | |where the API endpoints are all IPv6 addresses. | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - |VxLAN Tunnels with IPv6 Endpoints |Yes | | - +--------------------------------------------------+-----------------------+--------------------------------------------------------------+ - diff --git a/docs/release/userguide/gap-odl-nitrogen.rst b/docs/release/userguide/gap-odl-nitrogen.rst new file mode 100644 index 0000000..54156c7 --- /dev/null +++ b/docs/release/userguide/gap-odl-nitrogen.rst @@ -0,0 +1,74 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) Bin Hu (AT&T) and Sridhar Gaddam (RedHat) + +============================================= +IPv6 Gap Analysis with Open Daylight Nitrogen +============================================= + +This section provides users with IPv6 gap analysis regarding feature requirement with +Open Daylight Nitrogen Official Release. The following table lists the use cases / feature +requirements of VIM-agnostic IPv6 functionality, including infrastructure layer and VNF +(VM) layer, and its gap analysis with Open Daylight Nitrogen Official Release. + +**Open Daylight Nitrogen Status** + +In Open Daylight Nitrogen official release, the legacy ``Old Netvirt`` identified by feature +``odl-ovsdb-openstack`` is deprecated and no longer supported. The ``New Netvirt`` +identified by feature ``odl-netvirt-openstack`` is used. + +.. table:: + :class: longtable + + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |Use Case / Requirement |Supported in ODL Nitrogen|Notes | + +==================================================+=========================+==============================================================+ + |REST API support for IPv6 subnet creation in ODL |Yes |Yes, it is possible to create IPv6 subnets in ODL using | + | | |Neutron REST API. | + | | | | + | | |For a network which has both IPv4 and IPv6 subnets, ODL | + | | |mechanism driver will send the port information which | + | | |includes IPv4/v6 addresses to ODL Neutron northbound API. | + | | |When port information is queried, it displays IPv4 and IPv6 | + | | |addresses. | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPv6 Router support in ODL: |Yes | | + | | | | + |1. Communication between VMs on same network | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPv6 Router support in ODL: |Yes | | + | | | | + |2. Communication between VMs on different | | | + | networks connected to the same router | | | + | (east-west) | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPv6 Router support in ODL: |Yes |In ODL Nitrogen Release, RFE "IPv6 Inter-DC L3 North-South | + | | |Connectivity Using L3VPN Provider Network Types" [1]_ is | + |3. External routing (north-south) | |merged. | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPAM: Support for IPv6 Address assignment modes. |Yes |ODL IPv6 Router supports all the IPv6 Address assignment | + | | |modes along with Neutron DHCP Agent. | + |1. SLAAC | | | + |2. DHCPv6 Stateless | | | + |3. DHCPv6 Stateful | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |When using ODL for L2 forwarding/tunneling, it is |Yes | | + |compatible with IPv6. | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |Full support for IPv6 matching (i.e. IPv6, ICMPv6,|Yes | | + |TCP, UDP) in security groups. Ability to control | | | + |and manage all IPv6 security group capabilities | | | + |via Neutron/Nova API (REST and CLI) as well as | | | + |via Horizon | | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |Shared Networks support |Yes | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |IPv6 external L2 VLAN directly attached to a VM. |**ToDo** | | + +--------------------------------------------------+---------------------==--+--------------------------------------------------------------+ + |ODL on an IPv6 only Infrastructure. |**Work in Progress** |Deploying OpenStack with ODL on an IPv6 only infrastructure | + | | |where the API endpoints are all IPv6 addresses. | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + |VxLAN Tunnels with IPv6 Endpoints |Yes | | + +--------------------------------------------------+-------------------------+--------------------------------------------------------------+ + +.. [1] http://docs.opendaylight.org/en/latest/submodules/netvirt/docs/specs/ipv6-interdc-l3vpn.html diff --git a/docs/release/userguide/gap-os-ocata.rst b/docs/release/userguide/gap-os-ocata.rst deleted file mode 100644 index fa2f5b7..0000000 --- a/docs/release/userguide/gap-os-ocata.rst +++ /dev/null @@ -1,142 +0,0 @@ -.. This work is licensed under a Creative Commons Attribution 4.0 International License. -.. http://creativecommons.org/licenses/by/4.0 -.. (c) Bin Hu (AT&T) and Sridhar Gaddam (RedHat) - -====================================== -IPv6 Gap Analysis with OpenStack Ocata -====================================== - -This section provides users with IPv6 gap analysis regarding feature requirement with -OpenStack Neutron in Ocata Official Release. The following table lists the use cases / feature -requirements of VIM-agnostic IPv6 functionality, including infrastructure layer and VNF -(VM) layer, and its gap analysis with OpenStack Neutron in Ocata Official Release. - -Please **NOTE** that in terms of IPv6 support in OpenStack Neutron, there is no difference -between **Ocata** release and **Newton** release. - -.. table:: - :class: longtable - - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Use Case / Requirement |Supported in Ocata |Notes | - +===========================================================+===================+====================================================================+ - |All topologies work in a multi-tenant environment |Yes |The IPv6 design is following the Neutron tenant networks model; | - | | |dnsmasq is being used inside DHCP network namespaces, while radvd | - | | |is being used inside Neutron routers namespaces to provide full | - | | |isolation between tenants. Tenant isolation can be based on VLANs, | - | | |GRE, or VXLAN encapsulation. In case of overlays, the transport | - | | |network (and VTEPs) must be IPv4 based as of today. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |IPv6 VM to VM only |Yes |It is possible to assign IPv6-only addresses to VMs. Both switching | - | | |(within VMs on the same tenant network) as well as east/west routing| - | | |(between different networks of the same tenant) are supported. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |IPv6 external L2 VLAN directly attached to a VM |Yes |IPv6 provider network model; RA messages from upstream (external) | - | | |router are forwarded into the VMs | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |IPv6 subnet routed via L3 agent to an external IPv6 network| |Configuration is enhanced since Kilo to allow easier setup of the | - | |1. Yes |upstream gateway, without the user being forced to create an IPv6 | - |1. Both VLAN and overlay (e.g. GRE, VXLAN) subnet attached | |subnet for the external network. | - | to VMs; | | | - |2. Must be able to support multiple L3 agents for a given |2. Yes | | - | external network to support scaling (neutron scheduler | | | - | to assign vRouters to the L3 agents) | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Ability for a NIC to support both IPv4 and IPv6 (dual | |Dual-stack is supported in Neutron with the addition of | - |stack) address. | |``Multiple IPv6 Prefixes`` Blueprint | - | | | | - |1. VM with a single interface associated with a network, |1. Yes | | - | which is then associated with two subnets. | | | - |2. VM with two different interfaces associated with two |2. Yes | | - | different networks and two different subnets. | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Support IPv6 Address assignment modes. |1. Yes | | - | | | | - |1. SLAAC |2. Yes | | - |2. DHCPv6 Stateless | | | - |3. DHCPv6 Stateful |3. Yes | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Ability to create a port on an IPv6 DHCPv6 Stateful subnet |Yes | | - |and assign a specific IPv6 address to the port and have it | | | - |taken out of the DHCP address pool. | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Ability to create a port with fixed_ip for a |**No** |The following patch disables this operation: | - |SLAAC/DHCPv6-Stateless Subnet. | |https://review.openstack.org/#/c/129144/ | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Support for private IPv6 to external IPv6 floating IP; |**Rejected** |Blueprint proposed in upstream and got rejected. General expectation| - |Ability to specify floating IPs via Neutron API (REST and | |is to avoid NAT with IPv6 by assigning GUA to tenant VMs. See | - |CLI) as well as via Horizon, including combination of | |https://review.openstack.org/#/c/139731/ for discussion. | - |IPv6/IPv4 and IPv4/IPv6 floating IPs if implemented. | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Provide IPv6/IPv4 feature parity in support for |**To-Do** |The L3 configuration should be transparent for the SR-IOV | - |pass-through capabilities (e.g., SR-IOV). | |implementation. SR-IOV networking support introduced in Juno based | - | | |on the ``sriovnicswitch`` ML2 driver is expected to work with IPv4 | - | | |and IPv6 enabled VMs. We need to verify if it works or not. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Additional IPv6 extensions, for example: IPSEC, IPv6 |**No** |It does not appear to be considered yet (lack of clear requirements)| - |Anycast, Multicast | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |VM access to the meta-data server to obtain user data, SSH |**No** |This is currently not supported. Config-drive or dual-stack IPv4 / | - |keys, etc. using cloud-init with IPv6 only interfaces. | |IPv6 can be used as a workaround (so that the IPv4 network is used | - | | |to obtain connectivity with the metadata service). The following | - | | |blog `How to Use Config-Drive for Metadata with IPv6 Network | - | | |`_ provides a neat summary on how to use | - | | |config-drive for metadata with IPv6 network. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Full support for IPv6 matching (i.e., IPv6, ICMPv6, TCP, |Yes |Both IPTables firewall driver and OVS firewall driver support IPv6 | - |UDP) in security groups. Ability to control and manage all | |Security Group API. | - |IPv6 security group capabilities via Neutron/Nova API (REST| | | - |and CLI) as well as via Horizon. | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |During network/subnet/router create, there should be an |Yes |Two new Subnet attributes were introduced to control IPv6 address | - |option to allow user to specify the type of address | |assignment options: | - |management they would like. This includes all options | | | - |including those low priority if implemented (e.g., toggle | |* ``ipv6-ra-mode``: to determine who sends Router Advertisements; | - |on/off router and address prefix advertisements); It must | | | - |be supported via Neutron API (REST and CLI) as well as via | |* ``ipv6-address-mode``: to determine how VM obtains IPv6 address, | - |Horizon | | default gateway, and/or optional information. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Security groups anti-spoofing: Prevent VM from using a |Yes | | - |source IPv6/MAC address which is not assigned to the VM | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Protect tenant and provider network from rogue RAs |Yes |When using a tenant network, Neutron is going to automatically | - | | |handle the filter rules to allow connectivity of RAs to the VMs only| - | | |from the Neutron router port; with provider networks, users are | - | | |required to specify the LLA of the upstream router during the subnet| - | | |creation, or otherwise manually edit the security-groups rules to | - | | |allow incoming traffic from this specific address. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Support the ability to assign multiple IPv6 addresses to |Yes | | - |an interface; both for Neutron router interfaces and VM | | | - |interfaces. | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Ability for a VM to support a mix of multiple IPv4 and IPv6|Yes | | - |networks, including multiples of the same type. | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |IPv6 Support in "Allowed Address Pairs" Extension |Yes | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Support for IPv6 Prefix Delegation. |Yes |Partial support in Ocata | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |Distributed Virtual Routing (DVR) support for IPv6 |**No** |In Ocata DVR implementation, IPv6 works. But all the IPv6 ingress/ | - | | |egress traffic is routed via the centralized controller node, i.e. | - | | |similar to SNAT traffic. | - | | |A fully distributed IPv6 router is not yet supported in Neutron. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |VPNaaS |Yes |VPNaaS supports IPv6. But this feature is not extensively tested. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |FWaaS |Yes | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |BGP Dynamic Routing Support for IPv6 Prefixes |Yes |BGP Dynamic Routing supports peering via IPv6 and advertising IPv6 | - | | |prefixes. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |VxLAN Tunnels with IPv6 endpoints. |Yes |Neutron ML2/OVS supports configuring local_ip with IPv6 address so | - | | |that VxLAN tunnels are established with IPv6 addresses. This | - | | |feature requires OVS 2.6 or higher version. | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |IPv6 First-Hop Security, IPv6 ND spoofing |Yes | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - |IPv6 support in Neutron Layer3 High Availability |Yes | | - |(keepalived+VRRP). | | | - +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ - diff --git a/docs/release/userguide/gap-os-pike.rst b/docs/release/userguide/gap-os-pike.rst new file mode 100644 index 0000000..7acefb0 --- /dev/null +++ b/docs/release/userguide/gap-os-pike.rst @@ -0,0 +1,142 @@ +.. This work is licensed under a Creative Commons Attribution 4.0 International License. +.. http://creativecommons.org/licenses/by/4.0 +.. (c) Bin Hu (AT&T) and Sridhar Gaddam (RedHat) + +===================================== +IPv6 Gap Analysis with OpenStack Pike +===================================== + +This section provides users with IPv6 gap analysis regarding feature requirement with +OpenStack Neutron in Pike Official Release. The following table lists the use cases / feature +requirements of VIM-agnostic IPv6 functionality, including infrastructure layer and VNF +(VM) layer, and its gap analysis with OpenStack Neutron in Pike Official Release. + +Please **NOTE** that in terms of IPv6 support in OpenStack Neutron, there is no difference +between **Pike** release and **Ocata** release. + +.. table:: + :class: longtable + + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Use Case / Requirement |Supported in Pike |Notes | + +===========================================================+===================+====================================================================+ + |All topologies work in a multi-tenant environment |Yes |The IPv6 design is following the Neutron tenant networks model; | + | | |dnsmasq is being used inside DHCP network namespaces, while radvd | + | | |is being used inside Neutron routers namespaces to provide full | + | | |isolation between tenants. Tenant isolation can be based on VLANs, | + | | |GRE, or VXLAN encapsulation. In case of overlays, the transport | + | | |network (and VTEPs) must be IPv4 based as of today. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |IPv6 VM to VM only |Yes |It is possible to assign IPv6-only addresses to VMs. Both switching | + | | |(within VMs on the same tenant network) as well as east/west routing| + | | |(between different networks of the same tenant) are supported. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |IPv6 external L2 VLAN directly attached to a VM |Yes |IPv6 provider network model; RA messages from upstream (external) | + | | |router are forwarded into the VMs | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |IPv6 subnet routed via L3 agent to an external IPv6 network| |Configuration is enhanced since Kilo to allow easier setup of the | + | |1. Yes |upstream gateway, without the user being forced to create an IPv6 | + |1. Both VLAN and overlay (e.g. GRE, VXLAN) subnet attached | |subnet for the external network. | + | to VMs; | | | + |2. Must be able to support multiple L3 agents for a given |2. Yes | | + | external network to support scaling (neutron scheduler | | | + | to assign vRouters to the L3 agents) | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Ability for a NIC to support both IPv4 and IPv6 (dual | |Dual-stack is supported in Neutron with the addition of | + |stack) address. | |``Multiple IPv6 Prefixes`` Blueprint | + | | | | + |1. VM with a single interface associated with a network, |1. Yes | | + | which is then associated with two subnets. | | | + |2. VM with two different interfaces associated with two |2. Yes | | + | different networks and two different subnets. | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Support IPv6 Address assignment modes. |1. Yes | | + | | | | + |1. SLAAC |2. Yes | | + |2. DHCPv6 Stateless | | | + |3. DHCPv6 Stateful |3. Yes | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Ability to create a port on an IPv6 DHCPv6 Stateful subnet |Yes | | + |and assign a specific IPv6 address to the port and have it | | | + |taken out of the DHCP address pool. | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Ability to create a port with fixed_ip for a |**No** |The following patch disables this operation: | + |SLAAC/DHCPv6-Stateless Subnet. | |https://review.openstack.org/#/c/129144/ | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Support for private IPv6 to external IPv6 floating IP; |**Rejected** |Blueprint proposed in upstream and got rejected. General expectation| + |Ability to specify floating IPs via Neutron API (REST and | |is to avoid NAT with IPv6 by assigning GUA to tenant VMs. See | + |CLI) as well as via Horizon, including combination of | |https://review.openstack.org/#/c/139731/ for discussion. | + |IPv6/IPv4 and IPv4/IPv6 floating IPs if implemented. | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Provide IPv6/IPv4 feature parity in support for |**To-Do** |The L3 configuration should be transparent for the SR-IOV | + |pass-through capabilities (e.g., SR-IOV). | |implementation. SR-IOV networking support introduced in Juno based | + | | |on the ``sriovnicswitch`` ML2 driver is expected to work with IPv4 | + | | |and IPv6 enabled VMs. We need to verify if it works or not. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Additional IPv6 extensions, for example: IPSEC, IPv6 |**No** |It does not appear to be considered yet (lack of clear requirements)| + |Anycast, Multicast | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |VM access to the meta-data server to obtain user data, SSH |**No** |This is currently not supported. Config-drive or dual-stack IPv4 / | + |keys, etc. using cloud-init with IPv6 only interfaces. | |IPv6 can be used as a workaround (so that the IPv4 network is used | + | | |to obtain connectivity with the metadata service). The following | + | | |blog `How to Use Config-Drive for Metadata with IPv6 Network | + | | |`_ provides a neat summary on how to use | + | | |config-drive for metadata with IPv6 network. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Full support for IPv6 matching (i.e., IPv6, ICMPv6, TCP, |Yes |Both IPTables firewall driver and OVS firewall driver support IPv6 | + |UDP) in security groups. Ability to control and manage all | |Security Group API. | + |IPv6 security group capabilities via Neutron/Nova API (REST| | | + |and CLI) as well as via Horizon. | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |During network/subnet/router create, there should be an |Yes |Two new Subnet attributes were introduced to control IPv6 address | + |option to allow user to specify the type of address | |assignment options: | + |management they would like. This includes all options | | | + |including those low priority if implemented (e.g., toggle | |* ``ipv6-ra-mode``: to determine who sends Router Advertisements; | + |on/off router and address prefix advertisements); It must | | | + |be supported via Neutron API (REST and CLI) as well as via | |* ``ipv6-address-mode``: to determine how VM obtains IPv6 address, | + |Horizon | | default gateway, and/or optional information. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Security groups anti-spoofing: Prevent VM from using a |Yes | | + |source IPv6/MAC address which is not assigned to the VM | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Protect tenant and provider network from rogue RAs |Yes |When using a tenant network, Neutron is going to automatically | + | | |handle the filter rules to allow connectivity of RAs to the VMs only| + | | |from the Neutron router port; with provider networks, users are | + | | |required to specify the LLA of the upstream router during the subnet| + | | |creation, or otherwise manually edit the security-groups rules to | + | | |allow incoming traffic from this specific address. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Support the ability to assign multiple IPv6 addresses to |Yes | | + |an interface; both for Neutron router interfaces and VM | | | + |interfaces. | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Ability for a VM to support a mix of multiple IPv4 and IPv6|Yes | | + |networks, including multiples of the same type. | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |IPv6 Support in "Allowed Address Pairs" Extension |Yes | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Support for IPv6 Prefix Delegation. |Yes |Partial support in Pike | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |Distributed Virtual Routing (DVR) support for IPv6 |**No** |In Pike DVR implementation, IPv6 works. But all the IPv6 ingress/ | + | | |egress traffic is routed via the centralized controller node, i.e. | + | | |similar to SNAT traffic. | + | | |A fully distributed IPv6 router is not yet supported in Neutron. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |VPNaaS |Yes |VPNaaS supports IPv6. But this feature is not extensively tested. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |FWaaS |Yes | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |BGP Dynamic Routing Support for IPv6 Prefixes |Yes |BGP Dynamic Routing supports peering via IPv6 and advertising IPv6 | + | | |prefixes. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |VxLAN Tunnels with IPv6 endpoints. |Yes |Neutron ML2/OVS supports configuring local_ip with IPv6 address so | + | | |that VxLAN tunnels are established with IPv6 addresses. This | + | | |feature requires OVS 2.6 or higher version. | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |IPv6 First-Hop Security, IPv6 ND spoofing |Yes | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + |IPv6 support in Neutron Layer3 High Availability |Yes | | + |(keepalived+VRRP). | | | + +-----------------------------------------------------------+-------------------+--------------------------------------------------------------------+ + diff --git a/docs/release/userguide/index.rst b/docs/release/userguide/index.rst index 3e2f4c1..2910f2e 100644 --- a/docs/release/userguide/index.rst +++ b/docs/release/userguide/index.rst @@ -4,19 +4,19 @@ .. http://creativecommons.org/licenses/by/4.0 .. (c) Bin Hu (AT&T) and Sridhar Gaddam (RedHat) -======================================= -Using IPv6 Feature of Euphrates Release -======================================= +==================================== +Using IPv6 Feature of Fraser Release +==================================== :Abstract: This section provides the users with gap analysis regarding IPv6 feature requirements with -OpenStack Ocata Official Release and Open Daylight Carbon Official Release. The gap analysis +OpenStack Pike Official Release and Open Daylight Nitrogen Official Release. The gap analysis serves as feature specific user guides and references when as a user you may leverage the IPv6 feature in the platform and need to perform some IPv6 related operations. -For more information, please find `Neutron's IPv6 document for Ocata Release -`_. +For more information, please find `Neutron's IPv6 document for Pike Release +`_. .. toctree:: :numbered: -- cgit 1.2.3-korg