feature: allow 'dvr_snat' l3 agent mode to be used instead of just 'dvr' to allow for neutron-gateway-less deployments
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Neutron Open vSwitch Charm |
Fix Released
|
High
|
Dmitrii Shcherbakov |
Bug Description
Currently it is a requirement to have a network node with an l3 agent running in the dvr_snat mode even for DVR deployments that do not use SNAT or have a very limited usage of SNAT.
It is not possible to disable snat completely: https:/
Neutron creates a network:
Functionality relevant to dvr_snat:
* nodes that host l3 agents in dvr_snat mode are used for network:
* l3 agents in dvr_snat mode create snat-<router-uuid> namespaces that have rules perform port address translation functionality;
* l3 agents in dvr_snat mode are placeholders for parts of an L3HA router.
The documentation says that dvr_snat should be used on network nodes:
https:/
However, there is nothing restricting a DVR deployment from using dvr_snat l3 agents on every compute node and not having dedicated network nodes.
https:/
Rationale: for deployments that only need FIPs with DVR or are known to have low SNAT traffic usage requirements it makes sense not to have network nodes. Therefore, neutron-openvswitch can be extended to optionally use dvr_snat mode.
Changed in charm-neutron-openvswitch: | |
status: | New → In Progress |
importance: | Undecided → High |
Changed in charm-neutron-openvswitch: | |
status: | Fix Committed → Fix Released |
Fix proposed to branch: master /review. openstack. org/624495
Review: https:/