[RFE] Add OneView ML2 driver to Neutron
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
..
This work is licensed under a Creative Commons Attribution 3.0 Unported
License.
http://
=======
HP OneView Mechanism Driver for Neutron ML2 plugin
=======
Launchpad blueprint:
https:/
This blueprint specifies the ML2 mechanism driver for HP OneView integration
to OpenStack Neutron.
Problem description
===================
One of the most important initiatives in OpenStack currently focus in solve
communication restrictions existent in Ironic. Ironic nodes have severe
restrictions on how they can interact with other nodes because they demand a
networking environment composed only by flat networks, not allowing tenants
networks to be correctly isolated as already happens when using Virtual
Machines.
This initiative integrates Ironic and Neutron making possible the creation of
isolated networks in Neutron to be used by Ironic Baremetal nodes. With this
integration a better control of nodes communication is expected, improving
system operation.
To take advantage of this new interaction between OpenStack components, the
integration of HP OneView and OpenStack might be extended to improve the
management it offers considering these new functionalities and be more
aligned to the evolution of OpenStack Platform.
Currently, OpenStack only supports integration with OneView in operations for
provisioning Ironic baremetal instances. Initially, Ironic/OneView driver
only worked with 'pre-allocated' machines. It means that a Ironic node needed
to have a Server Profile already applicated to the Server Hardware registered
in OneView. A new version of the driver is being implemented to dynamically
allocate Ironic nodes, avoiding that nodes already available in Ironic but not
released in OneView could not be used by other OneView users.
However, operations related with the OneView's communication infrastructure
remains unsupported since there is no integration with current Openstack
Neutron actions. This limitation restricts Openstack/OneView interaction since
it demands all the configurations of communication infrastructure to be
manually replicated in both sides to ensure servers correct communication.
The mechanism driver proposed here will interact with Neutron and OneView to
dynamically reflect networking operations made by OpenStack on OneView. With
these operations it's possible to a OneView administrator to know what is
happening in OpenStack System which is running in the Data Center and also
automatizes some operations previously required to be manual.
Proposed change
===============
The diagram below provides an overview of how Neutron and OneView will
interact using the Neutron-OneView Mechanism Driver. OneView Mechanism
Driver uses the python-
Neutron and OneView through OneView's Rest API.
Flows:
::
| |
| Neutron Server |
| (with ML2 plugin) |
| |
| +------
| | OneView | Ironic API +----------------+
| | Mechanism +--------------+ Ironic |
| | Driver | +----------------+
Openstack Neutron based networks and ports information is demanded by
OneView service to manage virtual networks. In order to send this
information from neutron service, a new ML2 mechanism driver is required to
post the precommit data to the OneView service. The OneView mechanism
driver updates the OneView with port and network changes from Neutron.
The OneView mechanism driver implements the following Neutron events:
- Port create/
- Network create/
When new networks are created in Neutron, OneView might also create this
network to allow system managed elements to be connected to it. It's also
necessary allowing these networks to access external systems, which is
provided by adding this network to one or more existent uplinks in the system.
If networks are updated or deleted in OpenStack, the same operation should be
done in OneView to keep the information consistent on both systems.
In the same way, when ports are created in Neutron, they might be
represented in OneView. Primary Connections already existent in Server
Profiles are then updated to allow attached Server Hardware to be connected
to the network specified in Neutron's port. In the same way of networks,
update and delete operation for ports will also be replicated in OneView to
keep it consistent with Neutron.
In order to obtain the information of the Server Profile which need to be
used on OneView, the OneView mechanism driver will use the information stored
applied_
in Ironic. To access this information, OneView mechanism driver will use
Ironic API calls.
Initial version of this driver supports only VLAN network type. Future
versions will be worked to support other network types.
Sequence flow of events for create_network is as follows:
::
create_network
{
Neutron -> ML2_plugin
ML2_plugin -> OneView_MD
OneView_MD -> OneView
OneView_MD <-- OneView
Neutron <-- OneView_MD
}
Alternatives
------------
None.
Data model impact
-----------------
None.
REST API impact
---------------
None.
Security impact
---------------
None.
Notifications impact
-------
None.
Other end user impact
-------
None.
Performance Impact
------------------
The performance of ML2 when configured with the OneView driver will be
dependent on the performance of the communication environment between Neutron
and OneView and on the OneView capacity itself since it might validate and
proceed the requested operations.
Other deployer impact
-------
The deployer must configure the installation to use the Neutron-OneView with
the following configuration:
The following parameters are required in the newly created [oneview] section
on neutron.conf:
* manager_url: OneView Manager url
* username: User account with admin/server-
* password: User account password in OneView
* allow_insecure_
certificate signed by a trusted CA. Its default value is False.
* tls_cacert_file: The path to the certificate of a trusted CA to be used
to verify the OneView certificate when insecure connections are not allowed
* max_polling_
* uplink_set_uuids: Uplink Sets to be used in Oneview for the new Networks
created
Developer impact
----------------
None.
Implementation
==============
Assignee(s)
-----------
Andre Aranha <afaranha>
Fellype Cavalcante <fellypefca>
Petrônio Carlos <petroniocg>
Saulo Ayslan <Saulo-Aislan>
Reinaldo Gomes <reinaldogomes>
Work Items
----------
* Implement new mech_oneview mechanism driver
* Implement unit-test cases for mech_oneview driver.
* Implement third party CI to provide a suitable test
environment for tests involving an OneView appliance.
* Write configuration documents
Dependencies
============
* The driver requires python-
Testing
=======
Tempest Tests
-------------
Third party testing will be provided. The OneView CI will report on all
changes affecting this mechanism driver.
Functional Tests
----------------
New functional tests will be added by mocking the python-
responses.
API Tests
---------
None.
Documentation Impact
=======
The required parameters on the node and [oneview] section of neutron.conf will
be included in the documentation to instruct operators how to use Neutron with
OneView.
References
==========
OneView Page:
http://
OneView 2.0 REST API Reference
http://
OneView Drivers for Ironic
http://
python-
https:/
Ironic Neutron Integration
http://
Driver in Ironic for OneView
https:/
| Doug Wiegley (dougwig) wrote | #1 |
| Changed in neutron: | |
| status: | New → Invalid |
This looks great, but vendor mech drivers are not in the neutron project itself, so they don't need a neutron RFE approval.