vmware-nsx/doc/source/devstack.rst
Adit Sarfaty e9b4d3484a TVD: Add VPNaaS wrapper driver
Change-Id: I39746cf7dc251ad8a6cc632e2c2627c80a41564a
2018-01-10 13:11:49 +02:00

9.4 KiB

NSX DevStack Configurations

Below are the options for configuring the NSX plugin with DevStack. Prior to doing this DevStack needs to be downloaded. After updating the relevant configuration file(s) run ./stack.sh

NSXv

LBaaS v2 Driver

Add lbaas repo as an external repository and configure following flags in local.conf:

[[local]|[localrc]]
enable_plugin neutron-lbaas https://git.openstack.org/openstack/neutron-lbaas
enable_service q-lbaasv2
Configure the service provider::

post-config [service_providers] service_provider = LOADBALANCERV2:VMWareEdge:neutron_lbaas.drivers.vmware.edge_driver_v2.EdgeLoadBalancerDriverV2:default

QoS Driver

Enable the qos in local.conf:

[[local|localrc]]
ENABLED_SERVICES=q-qos
Q_SERVICE_PLUGIN_CLASSES=vmware_nsxv_qos
NSXV_USE_DVS_FEATURES = True

Optional: Update the nsx qos_peak_bw_multiplier in nsx.ini (default value is 2.0):

[NSX]
qos_peak_bw_multiplier = <i.e 10.0>

L2GW Driver

Add networking-l2gw repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin networking-l2gw https://github.com/openstack/networking-l2gw
ENABLED_SERVICES+=l2gw-plugin
NETWORKING_L2GW_SERVICE_DRIVER=L2GW:vmware-nsx-l2gw:vmware_nsx.services.l2gateway.nsx_v.driver.NsxvL2GatewayDriver:default

IPAM Driver

Update the local.conf file:

[[post-config|$NEUTRON_CONF]]
[DEFAULT]
ipam_driver = vmware_nsxv_ipam

Flow Classifier

Update the local.conf file:

[[local|localrc]]
enable_plugin networking-sfc https://git.openstack.org/openstack/networking-sfc master
Q_SERVICE_PLUGIN_CLASSES=networking_sfc.services.flowclassifier.plugin.FlowClassifierPlugin

[[post-config|$NEUTRON_CONF]]
[flowclassifier]
drivers = vmware-nsxv-sfc

[nsxv]
service_insertion_profile_id = <service profile id. i.e. serviceprofile-1>

In order to prevent tenants from changing the flow classifier, please add the following lines to the policy.json file:

"create_flow_classifier": "rule:admin_only",
"update_flow_classifier": "rule:admin_only",
"delete_flow_classifier": "rule:admin_only",
"get_flow_classifier": "rule:admin_only"

FWaaS (V1) Driver

Add neutron-fwaas repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-fwaas https://git.openstack.org/openstack/neutron-fwaas
ENABLED_SERVICES+=,q-fwaas-v1
Q_SERVICE_PLUGIN_CLASSES=neutron_fwaas.services.firewall.fwaas_plugin.FirewallPlugin

[[post-config|$NEUTRON_CONF]]
[fwaas]
enabled = True
driver = vmware_nsxv_edge

Neutron dynamic routing plugin (bgp)

Add neutron-dynamic-routing repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-dynamic-routing https://git.openstack.org/openstack/neutron-dynamic-routing
DR_MODE=dr_plugin
BGP_PLUGIN=vmware_nsx.services.dynamic_routing.bgp_plugin.NSXvBgpPlugin

[[post-config|$NEUTRON_CONF]]
[DEFAULT]
api_extensions_path = $DEST/neutron-dynamic-routing/neutron_dynamic_routing/extensions

Neutron VPNaaS

Add neutron-vpnaas repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-vpnaas https://git.openstack.org/openstack/neutron-vpnaas
NEUTRON_VPNAAS_SERVICE_PROVIDER=VPN:vmware:vmware_nsx.services.vpnaas.nsxv.ipsec_driver.NSXvIPsecVpnDriver:default

NSXv3

QoS Driver

Enable the qos in local.conf:

[[local|localrc]]
ENABLED_SERVICES+=,q-qos
Q_SERVICE_PLUGIN_CLASSES=neutron.services.qos.qos_plugin.QoSPlugin

Optional: Update the nsx qos_peak_bw_multiplier in nsx.ini (default value is 2.0):

[NSX]
qos_peak_bw_multiplier = <i.e 10.0>

L2GW Driver

Add networking-l2gw repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin networking-l2gw https://github.com/openstack/networking-l2gw
ENABLED_SERVICES+=l2gw-plugin
NETWORKING_L2GW_SERVICE_DRIVER=L2GW:vmware-nsx-l2gw:vmware_nsx.services.l2gateway.nsx_v3.driver.NsxV3Driver:default
DEFAULT_BRIDGE_CLUSTER_UUID=

IPAM Driver

Update the local.conf file:

[[post-config|$NEUTRON_CONF]]
[DEFAULT]
ipam_driver = vmware_nsxv3_ipam

Trunk Driver

Enable trunk service and configure following flags in local.conf:

[[local]|[localrc]]
# Trunk plugin NSXv3 driver config
ENABLED_SERVICES+=,q-trunk
Q_SERVICE_PLUGIN_CLASSES=trunk

FWaaS (V1) Driver: ~~~~~~~~~~~~~

Add neutron-fwaas repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-fwaas https://git.openstack.org/openstack/neutron-fwaas
ENABLED_SERVICES+=,q-fwaas
Q_SERVICE_PLUGIN_CLASSES=neutron_fwaas.services.firewall.fwaas_plugin.FirewallPlugin

[[post-config|$NEUTRON_CONF]]
[fwaas]
enabled = True
driver = vmware_nsxv3_edge_v1

FWaaS (V2) Driver

Add neutron-fwaas repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-fwaas https://git.openstack.org/openstack/neutron-fwaas
ENABLED_SERVICES+=,q-fwaas-v2
Q_SERVICE_PLUGIN_CLASSES=neutron_fwaas.services.firewall.fwaas_plugin_v2.FirewallPluginV2

[[post-config|$NEUTRON_CONF]]
[fwaas]
enabled = True
driver = vmware_nsxv3_edge_v2

LBaaS v2 Driver

Add lbaas repo as an external repository and configure following flags in local.conf:

[[local]|[localrc]]
enable_plugin neutron-lbaas https://git.openstack.org/openstack/neutron-lbaas
enable_service q-lbaasv2
Configure the service provider::

post-config [service_providers] service_provider = LOADBALANCERV2:VMWareEdge:neutron_lbaas.drivers.vmware.edge_driver_v2.EdgeLoadBalancerDriverV2:default

Neutron VPNaaS

Add neutron-vpnaas repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-vpnaas https://git.openstack.org/openstack/neutron-vpnaas
NEUTRON_VPNAAS_SERVICE_PROVIDER=VPN:vmware:vmware_nsx.services.vpnaas.nsxv3.ipsec_driver.NSXv3IPsecVpnDriver:default

NSX-TVD

LBaaS v2 Driver

Add lbaas repo as an external repository and configure following flags in local.conf:

[[local]|[localrc]]
enable_plugin neutron-lbaas https://git.openstack.org/openstack/neutron-lbaas
enable_service q-lbaasv2
Configure the service provider::

post-config [service_providers] service_provider = LOADBALANCERV2:VMWareEdge:neutron_lbaas.drivers.vmware.edge_driver_v2.EdgeLoadBalancerDriverV2:default

FWaaS (V1) Driver: ~~~~~~~~~~~~~

Add neutron-fwaas repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-fwaas https://git.openstack.org/openstack/neutron-fwaas
ENABLED_SERVICES+=,q-fwaas
Q_SERVICE_PLUGIN_CLASSES=neutron_fwaas.services.firewall.fwaas_plugin.FirewallPlugin

[[post-config|$NEUTRON_CONF]]
[fwaas]
enabled = True
driver = vmware_nsxtvd_edge_v1

FWaaS (V2) Driver

Add neutron-fwaas repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-fwaas https://git.openstack.org/openstack/neutron-fwaas
ENABLED_SERVICES+=,q-fwaas-v2
Q_SERVICE_PLUGIN_CLASSES=neutron_fwaas.services.firewall.fwaas_plugin_v2.FirewallPluginV2

[[post-config|$NEUTRON_CONF]]
[fwaas]
enabled = True
driver = vmware_nsxtvd_edge_v2

L2GW Driver

Add networking-l2gw repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin networking-l2gw https://github.com/openstack/networking-l2gw
ENABLED_SERVICES+=l2gw-plugin
NETWORKING_L2GW_SERVICE_DRIVER=L2GW:vmware-nsx-l2gw:vmware_nsx.services.l2gateway.nsx_tvd.driver.NsxTvdL2GatewayDriver:default
DEFAULT_BRIDGE_CLUSTER_UUID=

QoS Driver

Enable the qos in local.conf:

[[local|localrc]]
ENABLED_SERVICES+=,q-qos
Q_SERVICE_PLUGIN_CLASSES=neutron.services.qos.qos_plugin.QoSPlugin

Neutron dynamic routing plugin (bgp)

Add neutron-dynamic-routing repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-dynamic-routing https://git.openstack.org/openstack/neutron-dynamic-routing
DR_MODE=dr_plugin
BGP_PLUGIN=vmware_nsx.services.dynamic_routing.bgp_plugin.NSXBgpPlugin

[[post-config|$NEUTRON_CONF]]
[DEFAULT]
api_extensions_path = $DEST/neutron-dynamic-routing/neutron_dynamic_routing/extensions

Neutron VPNaaS

Add neutron-vpnaas repo as an external repository and configure following flags in local.conf:

[[local|localrc]]
enable_plugin neutron-vpnaas https://git.openstack.org/openstack/neutron-vpnaas
NEUTRON_VPNAAS_SERVICE_PROVIDER=VPN:vmware:vmware_nsx.services.vpnaas.nsx_tvd.ipsec_driver.NSXIPsecVpnDriver:default