xenapi - quantum: L2 agents for dom0 and domU
This patch makes it easier to support the all-in-one installation of
XenServer with Quantum:
- separate agents for domU and dom0 openvswitches. The domU agent's name
is "q-domua", and the dom0 agent is called "q-agt"
- create a physnet1 physical network to connect those openvswitches
Note: This patch depends on the quantum patch:
https://review.openstack.org/15022
For a diagram, see:
http://goo.gl/BuAdg
Change-Id: Iff851438553528b9051edd380ecbb2c0415cbf78
diff --git a/lib/nova b/lib/nova
index 9fc4ded..ea932a3 100644
--- a/lib/nova
+++ b/lib/nova
@@ -80,7 +80,10 @@
PUBLIC_INTERFACE_DEFAULT=eth3
GUEST_INTERFACE_DEFAULT=eth1
# Allow ``build_domU.sh`` to specify the flat network bridge via kernel args
- FLAT_NETWORK_BRIDGE_DEFAULT=$(grep -o 'flat_network_bridge=[[:alnum:]]*' /proc/cmdline | cut -d= -f 2 | sort -u)
+ FLAT_NETWORK_BRIDGE_DEFAULT=$(sed -e 's/.* flat_network_bridge=\([[:alnum:]]*\).*$/\1/g' /proc/cmdline)
+ if is_service_enabled quantum; then
+ XEN_INTEGRATION_BRIDGE=$(sed -e 's/.* xen_integration_bridge=\([[:alnum:]]*\).*$/\1/g' /proc/cmdline)
+ fi
elif [ "$VIRT_DRIVER" = 'baremetal' ]; then
NETWORK_MANAGER=${NETWORK_MANAGER:-FlatManager}
PUBLIC_INTERFACE_DEFAULT=eth0
diff --git a/lib/quantum b/lib/quantum
index c36a743..d85c648 100644
--- a/lib/quantum
+++ b/lib/quantum
@@ -386,6 +386,11 @@
screen_it q-l3 "cd $QUANTUM_DIR && python $AGENT_L3_BINARY --config-file $QUANTUM_CONF --config-file=$Q_L3_CONF_FILE"
screen_it q-meta "cd $QUANTUM_DIR && python $AGENT_META_BINARY --config-file $QUANTUM_CONF --config-file=$Q_META_CONF_FILE"
+ if [ "$VIRT_DRIVER" = 'xenserver' ]; then
+ # For XenServer, start an agent for the domU openvswitch
+ screen_it q-domua "cd $QUANTUM_DIR && python $AGENT_BINARY --config-file $QUANTUM_CONF --config-file /$Q_PLUGIN_CONF_FILE.domU"
+ fi
+
if is_service_enabled q-lbaas; then
screen_it q-lbaas "cd $QUANTUM_DIR && python $AGENT_LBAAS_BINARY --config-file $QUANTUM_CONF --config-file=$LBAAS_AGENT_CONF_FILENAME"
fi
diff --git a/lib/quantum_plugins/openvswitch b/lib/quantum_plugins/openvswitch
index 3741720..7b9835d 100644
--- a/lib/quantum_plugins/openvswitch
+++ b/lib/quantum_plugins/openvswitch
@@ -11,7 +11,9 @@
_quantum_ovs_base_configure_nova_vif_driver
if [ "$VIRT_DRIVER" = 'xenserver' ]; then
iniset $NOVA_CONF DEFAULT xenapi_vif_driver nova.virt.xenapi.vif.XenAPIOpenVswitchDriver
- iniset $NOVA_CONF DEFAULT xenapi_ovs_integration_bridge $FLAT_NETWORK_BRIDGE
+ iniset $NOVA_CONF DEFAULT xenapi_ovs_integration_bridge $XEN_INTEGRATION_BRIDGE
+ # Disable nova's firewall so that it does not conflict with quantum
+ iniset $NOVA_CONF DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
fi
}
@@ -71,6 +73,10 @@
AGENT_BINARY="$QUANTUM_DIR/bin/quantum-openvswitch-agent"
if [ "$VIRT_DRIVER" = 'xenserver' ]; then
+ # Make a copy of our config for domU
+ sudo cp /$Q_PLUGIN_CONF_FILE "/$Q_PLUGIN_CONF_FILE.domu"
+
+ # Deal with Dom0's L2 Agent:
Q_RR_DOM0_COMMAND="$QUANTUM_DIR/bin/quantum-rootwrap-xen-dom0 $Q_RR_CONF_FILE"
# For now, duplicate the xen configuration already found in nova.conf
@@ -83,29 +89,25 @@
# that executes commands on dom0 via a XenAPI plugin.
iniset /$Q_PLUGIN_CONF_FILE AGENT root_helper "$Q_RR_DOM0_COMMAND"
- # FLAT_NETWORK_BRIDGE is the dom0 integration bridge. To
- # ensure the bridge lacks direct connectivity, set
- # VM_VLAN=-1;VM_DEV=invalid in localrc
- iniset /$Q_PLUGIN_CONF_FILE OVS integration_bridge $FLAT_NETWORK_BRIDGE
+ # Set "physical" mapping
+ iniset /$Q_PLUGIN_CONF_FILE OVS bridge_mappings "physnet1:$FLAT_NETWORK_BRIDGE"
- # The ovs agent needs to ensure that the ports associated with
- # a given network share the same local vlan tag. On
- # single-node XS/XCP, this requires monitoring both the dom0
- # bridge, where VM's are attached, and the domU bridge, where
- # dhcp servers are attached.
- if is_service_enabled q-dhcp; then
- iniset /$Q_PLUGIN_CONF_FILE OVS domu_integration_bridge $OVS_BRIDGE
- # DomU will use the regular rootwrap
- iniset /$Q_PLUGIN_CONF_FILE AGENT domu_root_helper "$Q_RR_COMMAND"
- # Plug the vm interface into the domU integration bridge.
- sudo ip addr flush dev $GUEST_INTERFACE_DEFAULT
- sudo ip link set $OVS_BRIDGE up
- # Assign the VM IP only if it has been set explicitly
- if [[ "$VM_IP" != "" ]]; then
- sudo ip addr add $VM_IP dev $OVS_BRIDGE
- fi
- sudo ovs-vsctl add-port $OVS_BRIDGE $GUEST_INTERFACE_DEFAULT
- fi
+ # XEN_INTEGRATION_BRIDGE is the integration bridge in dom0
+ iniset /$Q_PLUGIN_CONF_FILE OVS integration_bridge $XEN_INTEGRATION_BRIDGE
+
+ # Set up domU's L2 agent:
+
+ # Create a bridge "br-$GUEST_INTERFACE_DEFAULT"
+ sudo ovs-vsctl --no-wait -- --may-exist add-br "br-$GUEST_INTERFACE_DEFAULT"
+ # Add $GUEST_INTERFACE_DEFAULT to that bridge
+ sudo ovs-vsctl add-port "br-$GUEST_INTERFACE_DEFAULT" $GUEST_INTERFACE_DEFAULT
+
+ # Set bridge mappings to "physnet1:br-$GUEST_INTERFACE_DEFAULT"
+ iniset "/$Q_PLUGIN_CONF_FILE.domU" OVS bridge_mappings "physnet1:br-$GUEST_INTERFACE_DEFAULT"
+ # Set integration bridge to domU's
+ iniset "/$Q_PLUGIN_CONF_FILE.domU" OVS integration_bridge $OVS_BRIDGE
+ # Set root wrap
+ iniset "/$Q_PLUGIN_CONF_FILE.domU" AGENT root_helper "$Q_RR_COMMAND"
fi
}