ipam: mapping docker address-spaces with neutron address-scopes

Registered by vikas choudhary

In docker, notion of namespaces is served by 'addressSpaces' which is similar to neutron address-scopes (non-overlapping cidrs). There should be two default address-scopes(one for each ip version) with default subnetpools associated to corresponding default address-scopes.

While creating subnet subnetpool-id should be passed using '--subnetpool' . If no address-Space is received from docker, subnet should be created with subnetpool id queried from docker using rest apis. While allocating requested ip address, subnet will be picked filtering with subnetpool-id and cidr.

But since many kuryr binding backends still need dont support address-scopes, making address-scopes support mandatory in Kuryr will not work for those backends. To handle this we can make address-scopes support enable/disable from config file (similar to tags).

Without address-scopes support, to tackle this bug [1] (multiple subnets with same cidr), this patch [2], should get accepted in docker for poolID info.

[1]https://bugs.launchpad.net/kuryr/+bug/1585572
[2]https://github.com/docker/docker/issues/23025

More details I will be mentioning in the spec soon.

Blueprint information

Status:
Not started
Approver:
Mohammad Banikazemi
Priority:
Medium
Drafter:
vikas choudhary
Direction:
Approved
Assignee:
vikas choudhary
Definition:
Discussion
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bug/1585572,n,z

Addressed by: https://review.openstack.org/322445
    [WIP] Map docker address-spaces to neutron address-scopes

Comment from Irena:
As far as I understand address scopes have additional intent of imposing that subnets that belong to the same address scope can be communicate without NAT. I am not sure how many plugins support this right now, since it requires L3 care. Do you intend to use address scopes to contain different subnet pools to provide the non overlapping pools or plan to leverage the whole scope of the address scope feature?

Vikas:
@Irena, You are correct Irena, just want to leverage provisioning of non overlapping address-pools only. As far as I understand, scope of docker address-spaces is till managing overlapping of addresses only. So to support this, want to use a subset of netron address-scopes features.

Gerrit topic: https://review.openstack.org/#q,topic:bp/address-scopes-spaces,n,z

Addressed by: https://review.openstack.org/326894
    Add devref for overlapping-cidrs

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.