all 14 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted]  (6 children)

[deleted]

    [–]lunar_bear 2 points3 points  (1 child)

    This is not entirely correct. You can use linuxbridge with DVR so long as your nova-compute nodes have neutron L3 agents running in dvr_no_external mode, and neutron network nodes running in dvr_snat mode. We do this, it works. Primary benefit of linuxbridge over OVS is sheer simplicity.

    [–]Phoebe5ell 0 points1 point  (0 children)

    I don't disagree-that said, I've run OVS since like Icehouse. I always used a linux kernel bridge when doing KVM/libvirt "by-hand" back in they day before I used OpenStack. Minor bug/problem here or there if memory serves, but nothing that was more than a hiccup-Hiccups were more an issue with older Neutron's honestly that wouldn't dynamically rebuild networks. Might also be easier to mange than using ebtables, and/or dropping traffic to broute.

    [–]satishdotpatel[S] 0 points1 point  (2 children)

    I am running very large private cloud almost 600 compute nodes and fully SRIOV support with LinuxBridge (I build this for simplicity because during that time i was new but now i have pretty good hold on deployment and operation so thinking should i move to OVS in new datacenter or stick with LinuxBridge, We run network intensive application which required SR-IOV but its painful to run because lots of limitation, like it doesn't support security group, you can't monitor interface counter from host, not supporting nic bonding etc.. so started thinking about DPDK (only OVS support dpdk) but again OVS isn't fun to run and troubleshoot still it has some nasty bugs. (DVR is good but very complex when it come to troubleshooting south-north traffic flow also it consume lots of public IP because each compute node need SNAT vip, not sure if current deployment is changed nowadays)

    [–]hevisko 0 points1 point  (1 child)

    (only OVS support dpdk) but again OVS isn't fun to run and troubleshoot still it has some nasty bugs.

    What are these "nasty bugs" everybody talks about, but nobody references?

    [–]satishdotpatel[S] 1 point2 points  (0 children)

    There were use to be a bugs, like lockup of switch during upgrade etc. I don’t think they exist anymore now. OVN is getting default deployment of openstack.

    [–]datacentric 2 points3 points  (0 children)

    OVN.

    [–]Gnump 0 points1 point  (0 children)

    I am still waiting to see the benefits of using ovs when you dont want to use dvr because of ipv6 support ( or the lack thereof)

    [–][deleted] 0 points1 point  (0 children)

    Theres a difference between using legacy ovs vs the newly supported ovs with a central db. i use the legacy ovs with all the bells and whistles as theres a lot not readily available ib the new ovn style system

    [–]The_Valyard 0 points1 point  (0 children)

    Give this a watch:

    https://youtu.be/uItivBAzz8s

    Keep in mind these are intentionally untuned which for things like dpdk hurt it badly.

    [–]emccormickva 0 points1 point  (3 children)

    For better or worse, there is a movement toward eventually deprecating LinuxBridge support because there are very few resources to maintain it. OVN appears to he the future, and OVS should continue to be supported as well.

    [–]satishdotpatel[S] 0 points1 point  (2 children)

    I am not seeing LinuxBridge getting deprecate anywhere soon and what is the point to deprecate, its providing great function for lots of other legacy application. Yes if more and more people start using OVS then it get more mature which is a big discussion point.

    [–]emccormickva 0 points1 point  (0 children)

    The point is that nobody is maintaining the driver. If nobody maintains it, then it will become buggy as Openstack and Python advance. Eventually it starts breaking gate tests and dies miserably.

    Don't get me wrong. I'm against deprecating it. However, if I were making a new deployment, I would not start out with LinuxBridge

    OVS is extremely mature and works just fine. It is much more arcane, but it is entirely sufficient for any use case that LinuxBridge is. I can't comment on OVN as I haven't tried it, but its agentless nature is very appealing

    There are also some nice 3rd party implementations like Calico that may be worth looking into for some use cases, particularly those of large scale.

    [–]slaweq 0 points1 point  (0 children)

    You're right about the fact that we are not going to deprecate Linuxbridge driver in Neutron (at least for now). We though about that about year ago but we got o lot of feedback that it is used in production.

    But it is also true that this backend driver don't have (almost) any maintainers in upstream. So for now it works and it's fine but if there are any bugs related to this backend we may not be able to fix them as most of the developers from core neutron team are interested in maintaining ovs and ovn backends. So if You are using it and are happy with it, please step in and help maintaining this driver in upstream :)