neutron

[RFE] Openflow pipeline modeling and API for OVS extensions

Bug #1577791 reported by Miguel Angel Ajo on 2016-05-03

This bug report is a duplicate of: Bug #1563967: [RFE] Extend l2-extensions-api for flow management . Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	In Progress	Wishlist	Miguel Angel Ajo

Bug Description

Problem statement
~~~~~~~~~~~~~~~~

OpenFlow can be really powerful for programming the dataplane, but when several features are hooked up into the same virtual switch they need knowledge of each other implementation (entry table, next table, used registers, conventions, etc).

Solution
~~~~~~~

Defining a model & extension api for features to describe their "OpenFlow functions", and their entry point in the processing pipeline (ingress prefiltering, ingress postfiltering, egress prefiltering, egress postfiltering), as well as the ability to allocate registers.

On a high level, each extension (and the Openvwitch firewall implementation) would expose a model of it's low level functions.

openvswitch_firewall would expose: ingress_filter & egress_filter.

tapas-a-service (as an example) could expose: taas_{ingress, egress}_{prefilter, postfilter}

Every extension would declare a set of "OFFunctions" which would be built of a number of "OFTables". Once all extensions are loaded, and order resolved, every function would get it's "next hop", and it's table numbers, dynamically.

We could have a predefine OFFunction priority table somewhere in neutron_lib, with spaces in between priorities for experimentation,
with the idea that extensions may request hook points into the pipeline,
and those hook points may be discussed upstream to allow interoperability.

If necessary, a configuration for admin defined ordering of OFFunctions
could be provided in a second step.

Diagram: http://paste.openstack.org/show/495967/

input tagging / output_stage / and ingress deflector would be shared common logic.

See original description

Tags:

Miguel Angel Ajo (mangelajo) on 2016-05-03

description:

updated

Miguel Angel Ajo (mangelajo) on 2016-05-03

description:

updated

Revision history for this message

Miguel Angel Ajo (mangelajo) wrote on 2016-05-03:

This is not an user facing feature, more internal design for allowing inter operability of OVS/OF features: vlan aware, openvswitch firewall, sfc, tap as a service, *...

tags:

added: ovs rfe

Ryan Moats (rmoats) on 2016-05-03

Changed in neutron:
importance:	Undecided → Wishlist
importance:	Wishlist → Undecided
importance:	Undecided → Wishlist

Revision history for this message

Slawek Kaplonski (slaweq) wrote on 2016-05-06:

Did You consider to order flows from different drivers by order drivers in config file? Like it is done in ML2 plugin with mechanism_drivers for example.

Revision history for this message

Miguel Angel Ajo (mangelajo) wrote on 2016-05-09:

@slawek, this needs an spec/devref to dig deeper into the details, I will start that right away (in a devref form for now).

Ideally, I believe that we should have community defined hook points for the features that request those hook points, so, in a per-feature evaluation we should pick the right spot in the pipeline.
We could put such thing into netronlib for example.

Another option could be, as you say, defining that order of hook points in a config file. So people could be able to introduce extra ones for out-of-community features, or for experimentation. I believe that should also be discussed and considered.

Revision history for this message

Slawek Kaplonski (slaweq) wrote on 2016-05-09:

ajo: ok, thx for answer. I only wanted to write my idea somewhere to not forget it :)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-05-09: Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/314106

Changed in neutron:
assignee:	nobody → Miguel Angel Ajo (mangelajo)
status:	New → In Progress

Armando Migliaccio (armando-migliaccio) on 2016-05-12

Changed in neutron:
status:	In Progress → Confirmed

Revision history for this message

cathy Hong Zhang (cathy-h-zhang) wrote on 2016-05-12:

In "solution" section of this bug description, you mentioned processing pipeline (ingress prefiltering, ingress postfiltering, egress prefiltering, egress postfiltering). But the spec uses another set of terminology. It will make it easy for people to understand the spec if the spec diagram and associated description match what is described in this "solution" section.

Revision history for this message

Armando Migliaccio (armando-migliaccio) wrote on 2016-05-12:

Any chance this can be consolidated with https://bugs.launchpad.net/neutron/+bug/1563967? Marking dup for now, decouple if I misunderstood.

Revision history for this message

Miguel Angel Ajo (mangelajo) wrote on 2016-05-13:

It certainly is a dupe. moving.

OpenStack Infra (hudson-openstack) on 2016-05-13

Changed in neutron:
status:	Confirmed → In Progress

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1563967 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.