-
Mark Goddard authored
We have agreed to remove support for Oracle Linux. http://lists.openstack.org/pipermail/openstack-discuss/2019-June/006896.html Change-Id: If11b4ff37af936a0cfd34443e8babb952307882b
Mark Goddard authoredWe have agreed to remove support for Oracle Linux. http://lists.openstack.org/pipermail/openstack-discuss/2019-June/006896.html Change-Id: If11b4ff37af936a0cfd34443e8babb952307882b
Neutron Extensions
Networking-SFC
Preparation and deployment
Modify the /etc/kolla/globals.yml file as the following example shows:
enable_neutron_sfc: "yes"Verification
For setting up a testbed environment and creating a port chain, please refer to :networking-sfc-doc:`networking-sfc documentation <contributor/system_design_and_workflow.html>`.
Neutron VPNaaS (VPN-as-a-Service)
Preparation and deployment
Modify the /etc/kolla/globals.yml file as the following example shows:
enable_neutron_vpnaas: "yes"Verification
VPNaaS is a complex subject, hence this document provides directions for a simple smoke test to verify the service is up and running.
On the network node(s), the neutron_vpnaas_agent should be up (image naming
and versioning may differ depending on deploy configuration):
# docker ps --filter name=neutron_vpnaas_agent
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
97d25657d55e operator:5000/kolla/centos-source-neutron-vpnaas-agent:4.0.0 "kolla_start" 44 minutes ago Up 44 minutes neutron_vpnaas_agentKolla-Ansible includes a small script that can be used in tandem with
tools/init-runonce to verify the VPN using two routers and two Nova VMs:
tools/init-runonce
tools/init-vpnVerify both VPN services are active:
# neutron vpn-service-list
+--------------------------------------+----------+--------------------------------------+--------+
| id | name | router_id | status |
+--------------------------------------+----------+--------------------------------------+--------+
| ad941ec4-5f3d-4a30-aae2-1ab3f4347eb1 | vpn_west | 051f7ce3-4301-43cc-bfbd-7ffd59af539e | ACTIVE |
| edce15db-696f-46d8-9bad-03d087f1f682 | vpn_east | 058842e0-1d01-4230-af8d-0ba6d0da8b1f | ACTIVE |
+--------------------------------------+----------+--------------------------------------+--------+Two VMs can now be booted, one on vpn_east, the other on vpn_west, and encrypted ping packets observed being sent from one to the other.
For more information on this and VPNaaS in Neutron refer to the :neutron-vpnaas-doc:`Neutron VPNaaS Testing <contributor/index.html#testing>` and the OpenStack wiki.