Commit a1e4361a by Czémán Arnold

Add user network setting-up on VM creation, add setting mtu enforcement

parent f5c42888
...@@ -32,6 +32,8 @@ if to_bool(getenv('LIBVIRT_KEEPALIVE', "False")): ...@@ -32,6 +32,8 @@ if to_bool(getenv('LIBVIRT_KEEPALIVE', "False")):
if to_bool(getenv('NATIVE_OVS', "False")): if to_bool(getenv('NATIVE_OVS', "False")):
native_ovs = True native_ovs = True
VXLAN_MTU = getenv('VXLAN_MTU', '1450')
celery = Celery('netcelery', celery = Celery('netcelery',
broker=AMQP_URI, broker=AMQP_URI,
include=['netdriver']) include=['netdriver'])
......
...@@ -6,6 +6,9 @@ from netcelery import celery ...@@ -6,6 +6,9 @@ from netcelery import celery
from os import getenv from os import getenv
from vm import VMNetwork from vm import VMNetwork
from vmcelery import native_ovs from vmcelery import native_ovs
from netcelery import VXLAN_MTU
driver = getenv("HYPERVISOR_TYPE", "test") driver = getenv("HYPERVISOR_TYPE", "test")
...@@ -236,13 +239,15 @@ def disable_all_not_allowed_trafic(network, port_number, remove=False): ...@@ -236,13 +239,15 @@ def disable_all_not_allowed_trafic(network, port_number, remove=False):
ofctl_command_execute(["del-flows", network.bridge, flow_cmd]) ofctl_command_execute(["del-flows", network.bridge, flow_cmd])
def bridge_create(bridge_name): def bridge_create(bridge_name, mtu=None):
""" Creates a bridge if it doesn't exist. """ """ Creates a bridge if it doesn't exist. """
# Check bridge's existing # Check bridge's existing
if ovs_command_execute(["br-exists", bridge_name]) != 0: if ovs_command_execute(["br-exists", bridge_name]) != 0:
ovs_command_execute(["add-br", bridge_name]) ovs_command_execute(["add-br", bridge_name])
if pull_up_interface(bridge_name) != 0: if pull_up_interface(bridge_name) != 0:
raise InterfaceException("Cannot create bridge: %s!" % bridge_name) raise InterfaceException("Cannot create bridge: %s!" % bridge_name)
if mtu is not None:
set_mtu(bridge_name, mtu)
def create_vxlan_interface(name, vni, target_name): def create_vxlan_interface(name, vni, target_name):
...@@ -268,8 +273,8 @@ def add_vxlan_gateway_to_bridge(src_bridge, vxlan, vlan, gw_bridge): ...@@ -268,8 +273,8 @@ def add_vxlan_gateway_to_bridge(src_bridge, vxlan, vlan, gw_bridge):
GW is the base interface of XGW. GW is the base interface of XGW.
Connects GW to the gw_bridge and XGW to the src_bridge. Connects GW to the gw_bridge and XGW to the src_bridge.
""" """
vlan_gw_name = "%s-gw" % src_bridge vlan_gw_name = "cloudgw-%s" % vlan
vxlan_gw_name = "%s-xgw" % src_bridge vxlan_gw_name = "cloudxgw-%s" % vxlan
# Add port to gateway bridge with proper vlan tag # Add port to gateway bridge with proper vlan tag
ovs_command_execute(["add-port", gw_bridge, vlan_gw_name, "tag=%s" % vlan, ovs_command_execute(["add-port", gw_bridge, vlan_gw_name, "tag=%s" % vlan,
"--", "set", "Interface", vlan_gw_name, "--", "set", "Interface", vlan_gw_name,
...@@ -289,7 +294,7 @@ def setup_user_network(network): ...@@ -289,7 +294,7 @@ def setup_user_network(network):
""" Creates a bridge for user network and connect """ Creates a bridge for user network and connect
to the main bridge with a 802.1Q tagged VXLAN interface. """ to the main bridge with a 802.1Q tagged VXLAN interface. """
MAIN_BRIDGE = "cloud" MAIN_BRIDGE = "cloud"
bridge_create(network.bridge) bridge_create(network.bridge, VXLAN_MTU)
add_vxlan_gateway_to_bridge(network.bridge, network.vxlan, add_vxlan_gateway_to_bridge(network.bridge, network.vxlan,
network.vlan, MAIN_BRIDGE) network.vlan, MAIN_BRIDGE)
...@@ -340,6 +345,8 @@ def port_create(network): ...@@ -340,6 +345,8 @@ def port_create(network):
# Explicit deny all other traffic # Explicit deny all other traffic
disable_all_not_allowed_trafic(network, port_number) disable_all_not_allowed_trafic(network, port_number)
pull_up_interface(network.name) pull_up_interface(network.name)
if is_user_net:
set_mtu(network.name, VXLAN_MTU)
def port_delete(network): def port_delete(network):
...@@ -389,3 +396,11 @@ def get_fport_for_network(network): ...@@ -389,3 +396,11 @@ def get_fport_for_network(network):
output = subprocess.check_output( output = subprocess.check_output(
['sudo', 'ovs-vsctl', 'get', 'Interface', network.name, 'ofport']) ['sudo', 'ovs-vsctl', 'get', 'Interface', network.name, 'ofport'])
return str(output).strip() return str(output).strip()
def set_mtu(name, mtu):
""" Set MTU on the specified interface. """
command = ['sudo', 'ip', 'link', 'set', 'mtu', VXLAN_MTU, name]
return_val = subprocess.call(command)
logging.info('IP command: %s executed.', command)
return return_val
import lxml.etree as ET import lxml.etree as ET
from vmcelery import native_ovs from vmcelery import native_ovs
from netcelery import VXLAN_MTU
# VM Instance class # VM Instance class
...@@ -322,7 +323,7 @@ class VMNetwork: ...@@ -322,7 +323,7 @@ class VMNetwork:
ET.SubElement(xml_top, 'virtualport', ET.SubElement(xml_top, 'virtualport',
attrib={'type': self.virtual_port}) attrib={'type': self.virtual_port})
if self.vxlan is not None: if self.vxlan is not None:
ET.SubElement(xml_top, 'mtu', attrib={'size': '1450'}) ET.SubElement(xml_top, 'mtu', attrib={'size': VXLAN_MTU})
ET.SubElement(xml_top, 'target', attrib={'dev': self.name}) ET.SubElement(xml_top, 'target', attrib={'dev': self.name})
ET.SubElement(xml_top, 'mac', attrib={'address': self.mac}) ET.SubElement(xml_top, 'mac', attrib={'address': self.mac})
ET.SubElement(xml_top, 'model', attrib={'type': self.model}) ET.SubElement(xml_top, 'model', attrib={'type': self.model})
......
...@@ -171,6 +171,10 @@ def create(vm_desc): ...@@ -171,6 +171,10 @@ def create(vm_desc):
""" """
vm = VMInstance.deserialize(vm_desc) vm = VMInstance.deserialize(vm_desc)
# Setup user networks
for net in vm.network_list:
if net.vxlan is not None:
setup_user_network(net)
# Setting proper hypervisor # Setting proper hypervisor
vm.vm_type = os.getenv("HYPERVISOR_TYPE", "test") vm.vm_type = os.getenv("HYPERVISOR_TYPE", "test")
if vm.vm_type == "test": if vm.vm_type == "test":
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment