DVR: VMware NSX plugins do not need centralized snat interfaces

Bug #1433550 reported by Salvatore Orlando on 2015-03-18
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
neutron
Juno
Undecided
Salvatore Orlando
vmware-nsx
Undecided
Salvatore Orlando

Bug Description

When creating a distributed router, a centralized SNAT port is created.

However since the NSX backend does not need it to implement distributed routing, this is just a waste of resources (port and IP address). Also, it might confuse users with admin privileges as they won't know what these ports are doing.

So even if they do no harm they should be removed.

tags: added: nsx-mh
removed: mh

Fix proposed to branch: master
Review: https://review.openstack.org/165387

Changed in vmware-nsx:
status: New → In Progress

Reviewed: https://review.openstack.org/165387
Committed: https://git.openstack.org/cgit/stackforge/vmware-nsx/commit/?id=e248f87867a74722df243598d6a6d707170ca5ce
Submitter: Jenkins
Branch: master

commit e248f87867a74722df243598d6a6d707170ca5ce
Author: Salvatore Orlando <email address hidden>
Date: Wed Mar 18 04:58:25 2015 -0700

    Fix DVR for NSX-mh

    The switch to the community management layer mixin introduced
    several bugs in the NSX-mh plugins.

    This patch:
    1) Stops creating centralized SNAT interfaces for NSX distributed
       routers. The NSX backend does not need those and they therefore
       only waste IPs and create confusion. This is done by providing
       an empty implementation for the relevant methods.
    2) Does not query l3-agents when removing router interface. This
       is causing errors during interface removal and preventing router
       removal, as the NSX plugin does not use l3 agents at all.
       This patch provides an empty implementation for the relevant
       method thus preventing the DVR mixin from doing any sort of
       operations pertaining l3 agents.
    3) It ensures DVR router interfaces are taken into account in the
       management of metadata network for routers.

    Change-Id: I149307ff67e464e78ae393bb57c25bbee607ee4b
    Closes-Bug: #1433550
    Closes-Bug: #1433553
    Closes-Bug: #1433554

Changed in vmware-nsx:
status: In Progress → Fix Committed

Addressed for stable/juno by: https://review.openstack.org/167295

Change abandoned by Salvatore Orlando (<email address hidden>) on branch: stable/juno
Review: https://review.openstack.org/167295
Reason: new change-id meant new change

Reviewed: https://review.openstack.org/174020
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=fc0ae03e2198d826f8861e2d427864708fda9136
Submitter: Jenkins
Branch: stable/juno

commit fc0ae03e2198d826f8861e2d427864708fda9136
Author: Salvatore Orlando <email address hidden>
Date: Wed Mar 18 13:18:25 2015 -0700

    VMware NSX: Fix DVR operations

    The switch to the community management layer mixin introduced
    several bugs in the NSX-mh plugins.
    This patch:
    1) Stops creating centralized SNAT interfaces for NSX distributed
       routers. The NSX backend does not need those and they therefore
       only waste IPs and create confusion. This is done by providing
       an empty implementation for the relevant methods.
    2) Does not query l3-agents when removing router interface. This
       is causing errors during interface removal and preventing router
       removal, as the NSX plugin does not use l3 agents at all.
       This patch provides an empty implementation for the relevant
       method thus preventing the DVR mixin from doing any sort of
       operations pertaining l3 agents.
    3) It ensures DVR router interfaces are taken into account in the
       management of metadata network for routers.

    Applied for stackforge/vmware-nsx commit id:
    e248f87867a74722df243598d6a6d707170ca5ce

    Change-Id: I149307ff67e464e78ae393bb57c25bbee607ee4b
    Closes-Bug: #1433550
    Closes-Bug: #1433553
    Closes-Bug: #1433554

no longer affects: neutron
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers