feat: Dynamic network segments for each VLAN Group #771
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stevekeay
changed the title
stevekeay
force-pushed
the
dynamic-network-segments
branch
6 times, most recently
from
9a809bc to
db6c164
Compare
cardoe
reviewed
Mar 17, 2025
python/neutron-understack/neutron_understack/vlan_group_name_convention.py
Outdated
Show resolved
Hide resolved
python/neutron-understack/neutron_understack/neutron_understack_mech.py
Outdated
Show resolved
Hide resolved
cardoe
reviewed
Mar 17, 2025
python/neutron-understack/neutron_understack/neutron_understack_mech.py
Outdated
Show resolved
Hide resolved
cardoe
reviewed
Mar 17, 2025
| "-3f": "storage-appliance", | ||
| "-4f": "storage-appliance", | ||
| "-1d": "bmc", | ||
| } |
There was a problem hiding this comment.
Reading through now, we won't need this code because we just need to create the correct network segment ranges for the "network" vlan groups which will match up with Nautobot.
There was a problem hiding this comment.
It seems like we would need to find the baremetal port, perhaps by MAC address, and then look up its physical_network. This complicates things, so leaving it as a task to clean up later once we get this all working.
cardoe
reviewed
Mar 18, 2025
stevekeay
force-pushed
the
dynamic-network-segments
branch
7 times, most recently
from
d15a22a to
2118f7c
Compare
stevekeay
force-pushed
the
dynamic-network-segments
branch
6 times, most recently
from
71a7222 to
6f7aecb
Compare
|
Will you include a detailed description in the PR? |
stevekeay
force-pushed
the
dynamic-network-segments
branch
3 times, most recently
from
3a39404 to
d292b12
Compare
There was a problem hiding this comment.
Copilot reviewed 9 out of 9 changed files in this pull request and generated 3 comments.
Comments suppressed due to low confidence (1)
python/neutron-understack/neutron_understack/tests/test_trunk.py:1
- [nitpick] The removal of the entire trunk tests may lead to a gap in test coverage for trunk-related functionality. Please ensure that either this functionality is no longer needed or that its behavior is covered by alternative tests.
Entire file removed
python/neutron-understack/neutron_understack/vlan_group_name_convention.py
Outdated
Show resolved
Hide resolved
added 3 commits
April 14, 2025 09:12
This was added to keep vlan numbers globally unique to experiment with OVN integration but we don't need it any more.
stevekeay
force-pushed
the
dynamic-network-segments
branch
from
7347385 to
9bb17b8
Compare
The old scheme used a Nautobot plugin to assign a VLAN number outside of Openstack, and this is what was configured on the switch. This caused issues because Neutron had no knowledge of these VLANs, which make it difficult to have Neutron drive any layer 3 services or even trunk ports. Now we have Neutron allocate "Dynamic" network segments instead, and these are pushed to Nautobot, to keep Nautobot's VLANs in sync with Neutron's Network Segments. To facilitate we are using the "physical network" of each Ironic baremetal port to identify the vlan group where that switch port lives. For every vlan group we have created a Network Segment Range with the same name. Dynamic network segments of type "VLAN" are assigned from those ranges. We implement some new API calls to replace the "prep switch interface" and "detach port" Nautobot jobs which were previously making interface updates in addition to assigning VLAN numbers. Specifically, we now update the vlans on the switch port and we toggle it's "provisioning" state. Undersync is invoked with a VLAN Group parameter. We now identify the VLAN Group by name instead of UUID. The name is directly discoverable from Neutron whereas the UUID would have to be looked up in Nautobot. (Undersync was already updated to accept either type of parameter.) In Neutron we now exclusively use type "VXLAN" and so all support for type "VLAN" Networks has been removed. This also includes the "provisioning" network which has been recreated as type VXLAN in our environment. There is an opportunity to remove our special "vlan 4010" case handling of the provisioning network and have this created by Neutron using the same mechanisms as for as any other tenant network, but that has not happened yet. Trunk ports have first-class support in Neutron but they are handled by a separate model, disjoint from "normal" ports, and using trunk ports exercises totally different ml2 driver callbacks. Trunk port support is coming in a separate future PR.
stevekeay
force-pushed
the
dynamic-network-segments
branch
from
9bb17b8 to
3cc4a53
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This was opened to address PUC-787
The old scheme used a Nautobot plugin to assign a VLAN number outside of
Openstack, and this is what was configured on the switch. This caused
issues because Neutron had no knowledge of these VLANs, which make it
difficult to have Neutron drive any layer 3 services or even trunk ports.
Now we have Neutron allocate "Dynamic" network segments instead, and
these are pushed to Nautobot, to keep Nautobot's VLANs in sync with
Neutron's Network Segments.
To facilitate we are using the "physical network" of each Ironic
baremetal port to identify the vlan group where that switch port lives.
For every vlan group we have created a Network Segment Range with the
same name. Dynamic network segments of type "VLAN" are assigned from
those ranges.
We implement some new API calls to replace the "prep switch interface"
and "detach port" Nautobot jobs which were previously making interface
updates in addition to assigning VLAN numbers. Specifically, we now
update the vlans on the switch port and we toggle it's "provisioning"
state.
Undersync is invoked with a VLAN Group parameter. We now identify the
VLAN Group by name instead of UUID. The name is directly discoverable
from Neutron whereas the UUID would have to be looked up in Nautobot.
(Undersync was already updated to accept either type of parameter.)
In Neutron we now exclusively use type "VXLAN" and so all support for
type "VLAN" Networks has been removed. This also includes the
"provisioning" network which has been recreated as type VXLAN in our
environment.
There is an opportunity to remove our special "vlan 4010" case handling
of the provisioning network and have this created by Neutron using the
same mechanisms as for as any other tenant network, but that has not
happened yet.
Trunk ports have first-class support in Neutron but they are handled by
a separate model, disjoint from "normal" ports, and using trunk ports
exercises totally different ml2 driver callbacks. Trunk port support
is coming in a separate future PR.