neutron api plugin ovn #39

Supports: bionic focal groovy hirsute
Add to new model

Description

Subordinate charm that deploys the networking-ovn component on neutron-api units and augments Neutron's configuration for use with the OVN ML2 plugin.

Overview

OVN provides open source network virtualization for Open vSwitch (OVS).

The neutron-api-plugin-ovn charm is a subordinate charm that augments Neutron's configuration for use with the OVN ML2 driver. On OpenStack Ussuri and onwards the OVN ML2 driver is maintained as an in-tree driver in Neutron. On OpenStack Train it is maintained separately as the networking-ovn plugin.

Usage

OVN makes use of Public Key Infrastructure (PKI) to authenticate and authorize control plane communication. The charm requires a Certificate Authority to be present in the model as represented by the certificates relation.

The OpenStack Base bundle gives an example of how you can deploy OpenStack and OVN with Vault to automate certificate lifecycle management.

Please refer to the OVN Appendix in the OpenStack Charms Deployment Guide for details.

To deploy (partial deployment of linked charms only):

juju config neutron-api manage-neutron-plugin-legacy-mode=false

juju deploy neutron-api-plugin-ovn
juju deploy ovn-central -n 3 --config source=cloud:bionic-train
juju deploy ovn-chassis

juju add-relation neutron-api-plugin-ovn:certificates vault:certificates
juju add-relation neutron-api-plugin-ovn:neutron-plugin \
    neutron-api:neutron-plugin-api-subordinate
juju add-relation ovn-central:certificates vault:certificates
juju add-relation ovn-chassis:ovsdb ovn-central:ovsdb
juju add-relation ovn-chassis:certificates vault:certificates
juju add-relation ovn-chassis:nova-compute nova-compute:neutron-plugin

Bugs

Please report bugs on Launchpad.

For general questions please refer to the OpenStack Charm Guide.

Configuration

dhcp-default-lease-time
(int) Default lease time (in seconds) to use with OVN's native DHCP service.
43200
dns-servers
(string) Space-delimited list of DNS servers to use as forwarders if a subnets ``dns_nameservers`` field is empty.
enable-distributed-floating-ip
(boolean) This is for specifc use cases only, not generally recommended, see note below. Perform NAT action for floating IPs locally on each chassis. Enabling this requires making external Layer3 connectivity available globally and configuring bridge mappings on all chassis in the deployment. Note: OVN gives you distributed East/West and highly available North/South routing by default. You do not need to enable this option to get that. This is for very specific use cases only. Enabling it will create a scaling problem at the physical network layer that needs to be resolved with globally shared Layer2 (does not scale) or tunneling at the top-of-rack switch layer (adds complexity) and is generally not a recommended configuration.
geneve-vni-ranges
(string) Space-delimited list of <vni_min>:<vni_max> tuples enumerating ranges of Geneve VNI IDs that are available for tenant network allocation.
1001:2000
ovn-dhcp4-global-options
(string) Dictionary of global DHCPv4 options which will be automatically set on each subnet upon creation and on all existing subnets when Neutron starts. An empty value for a DHCP option will cause that option to be unset globally. EXAMPLES: - ntp_server:1.2.3.4,wpad:1.2.3.5 - Set ntp_server and wpad - ntp_server:,wpad:1.2.3.5 - Unset ntp_server and set wpad See the ovn-nb(5) man page for available options.
ovn-dhcp6-global-options
(string) Dictionary of global DHCPv4 options which will be automatically set on each subnet upon creation and on all existing subnets when Neutron starts. An empty value for a DHCP option will cause that option to be unset globally. EXAMPLES: - ntp_server:1.2.3.4,wpad:1.2.3.5 - Set ntp_server and wpad - ntp_server:,wpad:1.2.3.5 - Unset ntp_server and set wpad See the ovn-nb(5) man page for available options.
ovn-l3-scheduler
(string) The OVN L3 Scheduler type to use when scheduling router gateway ports. Available schedulers: - leastloaded - chassis with fewest gateway ports selected (default) - chance - chassis randomly selected
leastloaded
ovn-metadata-enabled
(boolean) Whether to use the metadata service. Note: The ``ovn-chassis:nova-compute - nova-compute:neutron-plugin`` subordinate relation is a prerequisite for this to work.
True