A Cisco Plugin Framework for Quantum Supporting L2 Networks Spanning Multiple Switches
Configuration for Quantum 2.0 - Folsom release to achieve Nova network parity with Cisco plugin framework. This requires use of the OpenVSwitch plugin as sub-plugin.
If you are using a Nexus switch in your topology, you'll need the following NX-OS version and packages to enable Nexus support:
- NX-OS 5.2.1 (Delhi) Build 69 or above.
- paramiko library - SSHv2 protocol library for python
- ncclient v0.3.1 - Python library for NETCONF clients
You need a version of ncclient modified by Cisco Systems. To get it, from your shell prompt do:
git clone firstname.lastname@example.org:CiscoSystems/ncclient.git cd ncclient sudo python setup.py install
For more information of ncclient, see: http://schmizz.net/ncclient/
Nexus switch configuration
The Nexus switch must have SSH access enabled. The switch must be connected to management network separate from the Openstack data network. The plugin communicates with the switch over this network to set up your data flows. Each compute (Nova) host should should be connected to a port on the Nexus switch over a dedicated interface just for Openstack data traffic.
Note: Due to bug1174852 (fixed in Havana) the Nexus Switch requires the following workaround: pre-configure the switch interfaces with the following
switchport trunk allowed vlan none
Note: Due to bug1174593 (fixed in Havana) vlan IDs 1006-4094 cannot be used when configuring the Cisco Nexus 3k switch. The switch rejects the VLAN configuration with the following error:
ERROR: Can't modify state for extended VLAN vlan-ID
This issue does not affect the Nexus 5K or 7K family of switches.
Plugin Installation Instructions
1. Make a backup copy of quantum/etc/quantum.conf.
2. Edit quantum/etc/quantum.conf and edit the "core_plugin" for v2 API:
core_plugin = quantum.plugins.cisco.network_plugin.PluginV2
Nexus switch sub-plugin configuration
To turn on support for Cisco Nexus switches:
1. Uncomment the nexus_plugin property in /etc/quantum/plugins/cisco/cisco_plugins.ini to read:
2. Enter the relevant configuration in the /etc/quantum/plugins/cisco/nexus.ini file. Example:
[SWITCH] # Change the following to reflect the Nexus switch details nexus_ip_address=<put_nexus_switch_ip_address_here> # Interfaces connected from the Nexus Switch to the compute hosts ports, e.g.: 1/10 and 1/11 ports=<put_interfaces_names_here_separated_by_commas> # Port number where the SSH will be running at the Nexus Switch, e.g.: 22 (Default) nexus_ssh_port=22 [DRIVER] name=quantum.plugins.cisco.nexus.cisco_nexus_network_driver_v2.CiscoNEXUSDriver
3. Update the database configuration info in the quantum/plugins/cisco/conf/db_conn.ini file:
[DATABASE] name = ovs_quantum user = <put_db_user_name_here> pass = <put_db_password_here> host = <put_quantum_mysql_host_here>
4. Make sure that SSH host key of the Nexus switch is known to the host on which you are running the Quantum service. You can do this simply by logging in to your Quantum host as the user that Quantum runs as and SSHing to the switch at least once. If the host key changes (e.g. due to replacement of the supervisor or clearing of the SSH config on the switch), you may need to repeat this step and remove the old hostkey from ~/.ssh/known_hosts.
5. Verify that you have the correct credentials for each IP address listed in quantum/plugins/cisco/conf/credentials.ini. Example:
# Provide the Nexus credentials, if you are using Nexus switches. IP address, username and password. # If not this will be ignored. [10.0.0.1] username=admin password=mySecretPasswordForNexus
In general, make sure that Nexus switch used in your system has a credential entry in the above file. This is required for the system to be able to communicate with those switches.
OpenVSwitch sub-plugin configuration
By using the OpenVSwitch plugin as a sub-plugin, parity with pre-Folsom Nova networking is achieved. VLAN mode must be enabled. To use it together with the Nexus device sub-plugin perform the following steps:
1. Update /etc/quantum/plugins/cisco/l2network_plugin.ini so that the [MODEL] and [SEGMENTATION] sections contain single items:
[MODEL] model_class=quantum.plugins.cisco.models.virt_phy_sw_v2.VirtualPhysicalSwitchModelV2 [SEGMENTATION] manager_class=quantum.plugins.cisco.segmentation.l2network_vlan_mgr_v2.L2NetworkVLANMgr
2. Update /etc/quantum/plugins/cisco/cisco_plugins.ini so that the [PLUGINS] section also specifies vswitch_plugin:
[PLUGINS] nexus_plugin=quantum.plugins.cisco.nexus.cisco_nexus_plugin_v2.NexusPlugin vswitch_plugin=quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2
3. Update the /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini file to set the "sql_connection"
sql_connection = mysql://<username>:<password>@<mysql_host>/ovs_quantum?charset=utf8
and additionally make the OpenVSwitch plugin operate in VLAN mode with the desired VLAN range for each network:
tenant_network_type = vlan enable_tunneling = False network_vlan_ranges = default:<vlan_min>:<vlan_max>
For more details about configuration of the OpenVSwitch plugin please consult the Quantum Admin Guide (http://docs.openstack.org/trunk/openstack-network/admin/content/index.html).