This page documents features of the Openstack Modular Layer 2 (ML2) Cisco Nexus mechanism driver. The code for this driver can be obtained from two repositories. The first is the Cisco OpenStack Neutron Technical Preview repository. This repository contains all the neutron code plus changes to the Cisco Nexus mechanism driver that supports the features listed below. The second repository contains just the Cisco mechanism driver code. Neutron code must also be downloaded from the upstream community repository.
Note: This software is provided "as is," and in no event does Cisco warrant that the software is error free or that customer will be able to operate the software without problems or interruptions.
A version of the Neutron project containing the Technical Preview plugin is available at: https://github.com/cisco-openstack/neutron.git.
The upstream plugin is supplied with the core OpenStack distribution at https://github.com/openstack/neutron. The Cisco mechanism driver repository is at https://git.openstack.org/openstack/networking-cisco.
Documentation for the upstream plugin is available at https://wiki.openstack.org/wiki/Neutron/ML2/MechCiscoNexus.
Note: This driver supports only the NEXUS_VXLAN and VLAN network types. The list of Cisco Nexus switches that support these features is listed at http://wikicentral.cisco.com/display/OPENSTACK/Cisco+OpenStack+Nexus+Plug-ins
VXLAN Overlay Configuration
The Cisco Nexus ML2 driver will not configure those features described in the “Considerations for the Transport Network” section of http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/vxlan/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_VXLAN_Configuration_Guide.pdf. You must perform such configuration yourself before configuring the plugin for VXLAN. Do all of the following that are relevant to your installation:
- Configure a loopback IP address
- Configure IP multicast, PIM, and rendezvous point (RP) in the core
- Configure the default gateway for VXLAN VLANs on external routing devices
- Configure VXLAN related feature commands: "feature nv overlay" and "feature vn-segment-vlan-based"
- Configure NVE interface and assign loopback address
To support VXLAN configuration on a top-of-rack Nexus switch, add the following configuration settings:
- Configure an additional setting named
ml2_mech_cisco_nexussection header, as shown in the following example.
[ml2_mech_cisco_nexus:192.168.1.1] # Where physnet1 is a physical network name listed in the ML2 VLAN section header [ml2_type_vlan]. physnet=physnet1
- Configure the VLAN range in the
ml2_type_vlansection as shown in the following example. The
ml2_type_vlansection header format is defined in the
[ml2_type_vlan] network_vlan_ranges = physnet1:100:109
- Configure the network VNI ranges and multicast ranges in the
ml2_type_nexus_vlansection, as shown in the following example.
The section header [ml2_type_nexus_vxlan] is defined in the
neutron/etc/neutron/plugins/ml2/ml2_conf.ini file to provide VXLAN information required by the Nexus switch.
[ml2_type_nexus_vxlan] # Comma-separated list of <vni_min>:<vni_max> tuples enumerating # ranges of VXLAN VNI IDs that are available for tenant network allocation. vni_ranges=50000:55000 # Multicast groups for the VXLAN interface. When configured, will # enable sending all broadcast traffic to this multicast group. Comma separated # list of min:max ranges of multicast IP's # NOTE: must be a valid multicast IP, invalid IP's will be discarded mcast_ranges=184.108.40.206:220.127.116.11
VXLAN Overlay Configuration in DevStack
The instructions at https://wiki.openstack.org/wiki/Sandbox/CML2MP#Configuring_Devstack_for_the_Cisco_Nexus_Mechanism_Driver describe how to configure DevStack with the Cisco Nexus mechanism driver. To use VXLAN with the DevStack configuration, do the following additional configuration step:
In addition to the standard
local.conf settings, use the following
local.conf file example to configure the Nexus switch for VXLAN Terminal End Point (VTEP) support.
[[local|localrc]] Q_PLUGIN=ml2 Q_ML2_PLUGIN_MECHANISM_DRIVERS=openvswitch,cisco_nexus Q_ML2_PLUGIN_TYPE_DRIVERS=nexus_vxlan,vlan Q_ML2_TENANT_NETWORK_TYPE=nexus_vxlan ML2_VLAN_RANGES=physnet1:100:109 ENABLE_TENANT_TUNNELS=False ENABLE_TENANT_VLANS=True PHYSICAL_NETWORK=physnet1 OVS_PHYSICAL_BRIDGE=br-eth1 [[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]] [agent] minimize_polling=True tunnel_types= [ml2_mech_cisco_nexus:18.104.22.168] ComputeNodeA=1/10 username=admin password=secretPassword ssh_port=22 physnet=physnet1 [ml2_mech_cisco_nexus:22.214.171.124] ComputeNodeB=1/10 NetworkNode=1/11 username=admin password=secretPassword ssh_port=22 physnet=physnet1 [ml2_type_nexus_vxlan] vni_ranges=50000:55000 mcast_ranges=126.96.36.199:188.8.131.52 [ml2_type_vlan] network_vlan_ranges = physnet1:100:109
If the devstack deployment is using Neutron code from the upstream repository, to download the Cisco mechanism driver code from the stackforge repository add these two settings to the local.conf file.
enable_service net-cisco enable_plugin networking-cisco https://github.com/stackforge/networking-cisco
Configuration for Non-DHCP Agent Enabled Network Node Topologies
If a DHCP Agent is not running on the network node then the network node physical connection to the nexus switch must be added to all compute hosts that require access to the network node. As an example if the network node is physically connected to nexus switch 192.168.1.1 port 1/10 then the following configuration is required.
[ml2_mech_cisco_nexus:192.168.1.1] ComputeHostA=1/8,1/10 ComputeHostB=1/9,1/10 username=admin password=secretPassword ssh_port=22 physnet=physnet1 [ml2_mech_cisco_nexus:192.168.1.2] ComputeHostC=1/10 username=admin password=secretPassword ssh_port=22 physnet=physnet1
Provider Segment Limited Operations
The Openstack/network administrator may want to control how the Openstack create/update/delete port events program the Nexus switch for provider networks. Three configuration variables have been introduced to address limiting the actions taken for provider networks during port events. The variables are defined in the [ml2_cisco] section of ml2_conf_cisco.ini.
[ml2_cisco] # VLAN Name prefix for provider vlans. provider_vlan_name_prefix=<prefix name> # Provider VLANs are automatically created as needed on the Nexus switch. provider_vlan_auto_create=[True|False] # Provider VLANs are automatically trunked as needed on the ports of the Nexus switch. provider_vlan_auto_trunk=[True|False]