diff options
| author | Daniel Alvarez <dalvarez@redhat.com> | 2017-05-26 12:08:43 +0000 |
|---|---|---|
| committer | Ben Pfaff <blp@ovn.org> | 2017-05-30 09:56:16 -0700 |
| commit | 2a38ef4520f646df2ad6e879aa7825e1cec48bac (patch) | |
| tree | 2e5e026834758331186f6e23c757ef98471004e1 /ovn/ovn-nb.xml | |
| parent | a129fe8c9f97c3e6e8b73ac15a23d2203d60509f (diff) | |
| download | openvswitch-2a38ef4520f646df2ad6e879aa7825e1cec48bac.tar.gz | |
ovn: Add support for new logical port type "localport".
This patch introduces a new type of OVN ports called "localport".
These ports will be present in every hypervisor and may have the
same IP/MAC addresses. They are not bound to any chassis and traffic
to these ports will never go through a tunnel.
Its main use case is the OpenStack metadata API support which relies
on a local agent running on every hypervisor and serving metadata to
VM's locally. This service is described in detail at [0].
An example to illustrate the purpose of this patch:
- One logical switch sw0 with 2 ports (p1, p2) and 1 localport (lp)
- Two hypervisors: HV1 and HV2
- p1 in HV1 (OVS port with external-id:iface-id="p1")
- p2 in HV2 (OVS port with external-id:iface-id="p2")
- lp in both hypevisors (OVS port with external-id:iface-id="lp")
- p1 should be able to reach p2 and viceversa
- lp on HV1 should be able to reach p1 but not p2
- lp on HV2 should be able to reach p2 but not p1
Explicit drop rules are inserted in table 32 with priority 150
in order to prevent traffic originated at a localport to go over
a tunnel.
[0]
https://docs.openstack.org/developer/networking-ovn/design/metadata_api.html
Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Diffstat (limited to 'ovn/ovn-nb.xml')
| -rw-r--r-- | ovn/ovn-nb.xml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/ovn/ovn-nb.xml b/ovn/ovn-nb.xml index f5be9e24b..eb348fe59 100644 --- a/ovn/ovn-nb.xml +++ b/ovn/ovn-nb.xml @@ -283,6 +283,15 @@ to model direct connectivity to an existing network. </dd> + <dt><code>localport</code></dt> + <dd> + A connection to a local VIF. Traffic that arrives on a + <code>localport</code> is never forwarded over a tunnel to another + chassis. These ports are present on every chassis and have the same + address in all of them. This is used to model connectivity to local + services that run on every hypervisor. + </dd> + <dt><code>l2gateway</code></dt> <dd> A connection to a physical network. |