diff options
| author | Lucas Alvares Gomes <lucasagomes@gmail.com> | 2019-04-18 14:39:09 +0100 |
|---|---|---|
| committer | Ben Pfaff <blp@ovn.org> | 2019-04-22 13:30:57 -0700 |
| commit | 3bb479d9aa52f0a25e941bb3156b5fc4ddca3c8c (patch) | |
| tree | b9654287d69728c49c3492d0264922b6ee2712f9 /NEWS | |
| parent | 879e8238dfdf20aa973ab8cca3958f85afff4686 (diff) | |
| download | openvswitch-3bb479d9aa52f0a25e941bb3156b5fc4ddca3c8c.tar.gz | |
OVN: Add support for Transport Zones
This patch is adding support for Transport Zones. Transport zones (a.k.a
TZs) is way to enable users of OVN to separate Chassis into different
logical groups that will only form tunnels between members of the same
groups. Each Chassis can belong to one or more Transport Zones. If
not set, the Chassis will be considered part of a default group.
Configuring Transport Zones is done by creating a key called
"ovn-transport-zones" in the external_ids column of the Open_vSwitch
table from the local OVS instance. The value is a string with the name
of the Transport Zone that this instance is part of. Multiple TZs can
be specified with a comma-separated list. For example:
$ sudo ovs-vsctl set open . external-ids:ovn-transport-zones=tz1
or
$ sudo ovs-vsctl set open . external-ids:ovn-transport-zones=tz1,tz2,tz3
This configuration is also exposed in the Chassis table of the OVN
Southbound Database in a new column called "transport_zones".
The use for Transport Zones includes but are not limited to:
* Edge computing: As a way to preventing edge sites from trying to create
tunnels with every node on every other edge site while still allowing
these sites to create tunnels with the central node.
* Extra security layer: Where users wants to create "trust zones"
and prevent computes in a more secure zone to communicate with a less
secure zone.
This patch is also backward compatible so the upgrade guide for OVN [0]
is still valid and the ovn-controller service can be upgraded before the
OVSDBs.
[0] http://docs.openvswitch.org/en/latest/intro/install/ovn-upgrades/
Reported-by: Daniel Alvarez Sanchez <dalvarez@redhat.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2019-February/048255.html
Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -35,6 +35,9 @@ Post-v2.11.0 * Added Policy-based routing(PBR) support to create permit/deny/reroute policies on the logical router. New table(Logical_Router_Policy) added in OVN-NB schema. New "ovn-nbctl" commands to add/delete/list PBR policies. + * Support for Transport Zones, a way to separate chassis into + logical groups which results in tunnels only been formed between + members of the same transport zone(s). - New QoS type "linux-netem" on Linux. - Added support for TLS Server Name Indication (SNI). |