neutron

[RFE] rate-limit external connectivity traffic.

Bug #1557457 reported by Jun Wei Wang
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Opinion
Wishlist
Unassigned

Bug Description

I want to develop feature rate-limit based on contrail-openstack context.

My core requirement is controlling total rate of all the VMs accessing public/internet network in the one project or one tenant, which including inbound and outbound for accessing public/internet network traffic. If VM1 access VM2 in the same tenant in the same data center, the traffic is not limited.

The scene is as follows:

There are two or more nets in the project customer A. Let's say that only two nets now in the projects: Net1 and Net2 .There are VMs in the two Nets. VMs access public/internet by their FIPs Their FIPs are FIP1 and FIP2。 I want to limit total bandwidth of FIP1 and FIP2 to 10Mbits/s bidirectional.

In the contrail-openstack solution, there is one simple software gateway(VGW) which provide the ability to access the public/internet for the VM. I do my TC test in this context.

All the traffic accessing public/internet network is via the NIC of VGW Nodes.
So My core ides is to use tc tools to limit traffic according to FIPs.

My preliminary test is feasible. When I have done it, will update the script here.

See original description
Tags: qos rfe
Hirofumi Ichihara (ichihara-hirofumi)
summary: - [openstack] [neutron] [REF] rate-limit
+ [REF] rate-limit
tags: added: qos rfe
Reedip (reedip-banerjee-deactivatedaccount)
summary: - [REF] rate-limit
+ [RFE] rate-limit
Revision history for this message
jingting (jingting) wrote : Re: [RFE] rate-limit

You should have tc in vrouter namespace for fip qos, and in this case, it will cause performance problem due to single queue of vrouter vif. I think you should consider ovs qos.

Carl Baldwin (carl-baldwin)
summary: - [RFE] rate-limit
+ [RFE] bandwidth rate-limit
Changed in neutron:
importance: Undecided → Wishlist
status: New → Confirmed
Revision history for this message
Carl Baldwin (carl-baldwin) wrote : Re: [RFE] bandwidth rate-limit

I was hoping to make the title even more specific to what is requested here and then I realized that I'm not really sure what is being requested.

Changed in neutron:
status: Confirmed → New
Revision history for this message
Henry Gessau (gessau) wrote :

The submitter should get in touch with the qos sub-team. For example, there is https://bugs.launchpad.net/neutron/+bug/1560961

Changed in neutron:
status: New → Incomplete
Revision history for this message
Miguel Angel Ajo (mangelajo) wrote :

You can do this currently by targetting the router external and internal ports, setting a 10Mbps egress rate limit on both legs.

Revision history for this message
Henry Gessau (gessau) wrote :

Jun Wei Wang: can you verify that what Miguel suggested is sufficient for your needs? You can find him on IRC as ajo.

Revision history for this message
Jun Wei Wang (wjw7869) wrote :

Hi All,

    Thanks for your comments.

    I need to clear my requirements.

JunWei Wang

Jun Wei Wang (wjw7869)
description: updated
Revision history for this message
Miguel Angel Ajo (mangelajo) wrote :

Do your contrail solution make use of the l3 constructs in neutron? (routers, etc? )

If that's the case, do those routers have neutron ports? (external/internal legs?)

In that case you could attach policies to those legs of the routers.

The low level details are not important, now (how you will do it with tc), but we need to make a reasonable model for this if what I'm proposing above is not enough. I will correct the RFE topic to what I understood, but please fix it if my understanding is incorrect.

summary: - [RFE] bandwidth rate-limit
+ [RFE] rate-limit external connectivity traffic.
Revision history for this message
Jun Wei Wang (wjw7869) wrote :

yes, we will add one public/external traffic quotas property in Contrail Project Quotas. Public traffic quotas property at least include public traffic inbound and traffic outbound quotas. if we create new network, it will occupy some public traffic or all network share the total public/exteranl traffic quotas. we could also allocate the public traffic quotas based on some algorithms.

In contrail simple gateway solution, there may be several gateways for VMs in the project/tenant. One gateway is one host linux server. If there are two gateways ( A and B) for the tenant, some VM access the external network via the gateway A and the others access the external network via the gateway B. so we also add struct, gateway external quotas, in the computer node( gateways node) to record the external traffic for this project in this gateway.
So we also add some codes in the contraill controller to calculate the external project quotas for the every gateway in the same project. If the external traffic in the gateway changs distinctly, we need to update the external projects quotas in the gateway.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for neutron because there has been no activity for 60 days.]

Changed in neutron:
status: Incomplete → Expired
Revision history for this message
Slawek Kaplonski (slaweq) wrote :

I think that this can be now covered by FIP QoS which was introduced in Queens: https://review.openstack.org/#/q/topic:bp/floating-ip-rate-limit+(status:open+OR+status:merged)

Changed in neutron:
status: Expired → Opinion
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.