标签:qos rule 介绍 agent policy port neutron
https://blog.csdn.net/bc_vnetwork/article/details/53221061
QOS的配置
使系统支持qos的配置:
1.修改neutron-server的neutron.conf配置
# vim /etc/neutron/neutron.conf
service_plugins = neutron.services.qos.qos_plugin.QoSPlugin
2.修改neutron-server的ml2_conf.ini配置
# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
extension_drivers=qos
3.修改ovs-agent配置
# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[agent]
extensions=qos
4.配置policy.json使所用用户都有使用qos策略的权利(以下配置均为默认,可不配置)
# vim /etc/neutron/policy.json
"get_policy": "rule:regular_user",
"create_policy": "rule:regular_user",
"update_policy": "rule:regular_user",
"delete_policy": "rule:regular_user",
"get_policy_bandwidth_limit_rule": "rule:regular_user",
//设置带宽限制的权限,默认只有管理员能够设置、删除带宽限速
"create_policy_bandwidth_limit_rule": "rule:admin_only",
"delete_policy_bandwidth_limit_rule": "rule:admin_only",
"update_policy_bandwidth_limit_rule": "rule:admin_only",
"get_rule_type": "rule:regular_user",
//设置dscp规则的权限,默认只有管理员能设置、删除dscp限速
"get_policy_dscp_marking_rule": "rule:regular_user",
"create_dscp_marking_rule": "rule:admin_only",
"delete_dscp_marking_rule": "rule:admin_only",
"update_dscp_marking_rule": "rule:admin_only",
"get_rule_type": "rule:regular_user",
5.重启neutron-server和ovs-agent
QOS使用
针对tcp
例1 为端口创建策略及带宽限速规则
# neutron qos-policy-create bw-limiter
Created a new policy:
+-----------------+--------------------------------------+
| Field | Value |
+-----------------+--------------------------------------+
| created_at | 2016-11-16T06:59:11Z |
| description | |
| id |7f951336-6ed8-4b1b-b93f-6491fbe855b0 |
| name | bw-limiter |
| revision_number | 1 |
| rules | |
| shared | False |
| tenant_id | f332909670c841abb78c2e30e8c50c68 |
| updated_at | 2016-11-16T06:59:11Z |
+-----------------+--------------------------------------+
# neutron qos-bandwidth-limit-rule-createbw-limiter --max-kbps 3000 --max-burst-kbps 300
Created a new bandwidth_limit_rule:
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| id |530f4a1c-6711-4ca5-a374-1b869ad14b4c |
| max_burst_kbps | 300 |
| max_kbps | 3000 |
+----------------+--------------------------------------+
将策略与端口绑定:
# neutron port-update88101e57-76fa-4d12-b0e0-4fc7634b874a --qos-policy bw-limiter
Updated port:88101e57-76fa-4d12-b0e0-4fc7634b874a
取消端口的QOS策略:
# neutron port-update88101e57-76fa-4d12-b0e0-4fc7634b874a --no-qos-policy
Updated port:88101e57-76fa-4d12-b0e0-4fc7634b874a
在端口创建时指定QOS:
# neutron port-create port-name--qos-policy-id bw-limiter
例2 为网络创建QOS策略
所有建立在网络上的虚机都会受网络的qos限制,dhcp和虚拟路由器的端口不受限制。
# neutron net-update013328fd-9001-4bef-9c97-f97c5efc22cc --qos-policy bw-limiter
Updated network:013328fd-9001-4bef-9c97-f97c5efc22cc
针对IP报文
例3 DSCP
# neutron qos-policy-create dscp-marking
Created a new policy:
+-----------------+--------------------------------------+
| Field | Value |
+-----------------+--------------------------------------+
| created_at | 2016-11-17T07:25:51Z |
| description | |
| id |d787d85d-9012-48fc-adcc-aaf9f57540ed |
| name | dscp-marking |
| revision_number | 1 |
| rules | |
| shared | False |
| tenant_id | f332909670c841abb78c2e30e8c50c68 |
| updated_at | 2016-11-17T07:25:51Z |
+-----------------+--------------------------------------+
# neutron qos-dscp-marking-rule-createdscp-marking --dscp-mark 26
Created a new dscp_marking_rule:
+-----------+--------------------------------------+
| Field | Value |
+-----------+--------------------------------------+
| dscp_mark | 26 |
| id | 334ce934-2f60-4ff4-93cb-d4aa3b707973 |
+-----------+--------------------------------------+
# neutron port-update750901a3-70b3-4907-a52a-0025fac9d6c1 --qos-policy dscp-marking
Updated port:750901a3-70b3-4907-a52a-0025fac9d6c1
注:一个端口只能有一个qos策略;一个qos策略可以同时包含带宽规则和dscp规则;qos策略被绑定到端口后不可以直接删除。
QOS的原理
本节只介绍以ovs作为qos实现的底层软件,使用ovs-agent实现的neutron qos功能。
Neutron定义的qos规则类型:
VALID_RULE_TYPES =[RULE_TYPE_BANDWIDTH_LIMIT,
RULE_TYPE_DSCP_MARKING,
RULE_TYPE_MINIMUM_BANDWIDTH,
]
N版Ovs-agent支持前两中规则,其中带宽限速只实现了虚机的出方向(egress)限速。使用neutron qos-available-rule-types可以查看当前系统支持的规则类型。
# neutronqos-available-rule-types
+-----------------+
|type |
+-----------------+
|dscp_marking |
|bandwidth_limit |
+-----------------+
端口Dscp的实现原理
Ovs-agent通过修改ovs中的相应端口的流表规则,改变IP报文的dscp值,具体代码如下:
neutron/plugins/ml2/drivers/openvswitch/agent/extension_drivers/qos_driver.py
def update_dscp_marking(self, port, rule):
…………….
…………….
else:
for flow in flows:
actions = str(flow).partition("actions=")[2]
acts = actions.split(',')
# mod_nw_tos = modify type of service header
# This is the second byte of the IPv4 packet header.
# DSCP makes up the upper 6 bits of this header field.
actions = "mod_nw_tos:" + mark + ","
actions += ','.join([act for act in acts if "mod_nw_tos:" not in act])
self.br_int.mod_flow(reg2=0, in_port=port, table=0,
actions=actions)
端口带宽限速的实现原理
通过修改ovs上的端口的ingress_policing_rate和ingress_policing_burst属性值来实现虚机出方向的限速,实现代码如下:
neutron/plugins/ml2/drivers/openvswitch/agent/extension_drivers/qos_driver.py
def update_bandwidth_limit(self, port, rule):
………
self.br_int.create_egress_bw_limit_for_port(vif_port.port_name,
max_kbps,
max_burst_kbps)
neutron/agent/common/ovs_lib.py
class OVSBridge(BaseOVS):
def create_egress_bw_limit_for_port(self, port_name, max_kbps,
max_burst_kbps):
self._set_egress_bw_limit_for_port(port_name, max_kbps, max_burst_kbps)
def _set_egress_bw_limit_for_port(self, port_name, max_kbps,
max_burst_kbps):
with self.ovsdb.transaction(check_error=True) as txn:
txn.add(self.ovsdb.db_set('Interface', port_name,
('ingress_policing_rate', max_kbps)))
txn.add(self.ovsdb.db_set('Interface', port_name,
('ingress_policing_burst',max_burst_kbps)))
网络限速的实现原理
在N版中,用户可以为一个网络绑定一个qos策略,虚机如果创建在该网络上,那么虚机端口的network_qos_policy_id属性值等于该qos策略的id,同时ovs-agent会操作ovs,在底层根据qos策略进行相应操作。虚机在创建的过程中会由nova创建ovs的端口,这一操作会被ovs-agent捕获,在ovs-agent的rpc_loop过程中,会使用process_network_ports方法处理新增的端口。下面通过源码分析,解析使用网络限速功能后,ovs端口是如何被设置了qos策略。
Neutron/plugins/ml2/drivers/openvswitch/agent/ovs_neutron_agent.py
Class OVSNeutronAgent:
def process_network_ports(self, port_info, ovs_restarted):
……
if devices_added_updated:
start = time.time()
(skipped_devices, need_binding_devices,
security_disabled_ports, failed_devices['added']) = (
self.treat_devices_added_or_updated(
devices_added_updated, ovs_restarted))
def treat_devices_added_or_updated(self, devices, ovs_restarted):
…… ……
for details in devices:
…… ……
if 'port_id' in details:
…… ……
self.ext_manager.handle_port(self.context, details)
这里的ext_manager负责管理ovs-agent的额外插件,第一节配置中的qos就是其中的一个extension。
neutron/agent/l2/l2_agent_extensions_manager.py
class L2AgentExtensionsManager:
def handle_port(self, context, data):
"""Notify all agent extensions to handle port."""
for extension in self:
if hasattr(extension.obj, 'handle_port'):
extension.obj.handle_port(context, data)
neutron/agent/l2/extensions/qos.py
class QosAgentExtension:
def handle_port(self, context, port):
"""Handle agent QoS extension for port.
This method applies a new policy to a port using the QoS driver.
Update events are handled in _handle_notification.
"""
…… ……
至此,又会根据qos策略中包含的规则(带宽限速或dscp),对ovs进行相应的操作,从而实现了针对网络的限速。
总结
本文从配置、使用、原理三个方面介绍了N版的qos功能。在使用ovs作为qos的实现软件时,N版ovs-agent只能实现出方向的带宽限速和dscp限速。目前限速功能还不支持浮动IP限速。
标签:qos,rule,介绍,agent,policy,port,neutron 来源: https://www.cnblogs.com/liuhongru/p/10999540.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。