Cloud Docs Home > F5 OpenStack Solutions Index

Manage Software-Defined Networks with Hierarchical Port Binding

Neutron hierarchical port binding allows you to use the F5 Integration for OpenStack Neutron LBaaS with software-defined networking (SDN). Once you tell the F5 Agent for OpenStack Neutron what top of rack (ToR) L3 switch and port (in other words, which network segment) the BIG-IP devices connect to, it can connect LBaaS services to the BIG-IP device(s) for dynamically-created VLANs in that segment.

Hierarchical port binding allows for the creation of disconnected services. The F5 agent polls the Neutron database looking for the VLANs requested for the disconnected services. When it discovers the VLANs, the F5 agent creates the requested objects on the BIG-IP device(s).

Prerequisites

Caveats

  • VLAN is the only ML2 network type supported for use with hierarchical port binding.
  • Each F5 agent instance managing a BIG-IP device service cluster must use the same f5_network_segment_physical_network. [1]
  • All F5 agent instances in a service environment group must use the same binding settings.

Set up the F5 Agent for OpenStack Neutron to use heirarchical port binding

  1. Edit the F5 agent configuration file:

    vi /etc/neutron/services/f5/f5-openstack-agent.ini
    
  2. Set the heirarchical port binding settings in the L2 Segmentation Mode Settings section as appropriate for your environment.

    Hierarchical Port Binding Example
    #
    f5_network_segment_physical_network = edgeswitch002ports0305
    #
    f5_network_segment_polling_interval = 10
    #
    f5_pending_services_timeout = 60
    

Learn more

Disconnected Services

Disconnected services are LBaaS objects for which the designated Neutron network isn’t bound to physical network segment yet. When the F5 agent discovers the designated Neutron network, the “disconnected services” connect to it automatically. The F5 agent polling frequency and “pending services timeout” allow for a degree of variation in the timing of the VLAN deployment and the request to create the LBaaS objects for it.

Use Case

Use heirarchical port binding if you want your undercloud physical BIG-IP device or cluster to control traffic for networks dynamically created via SDN. As noted in the OpenStack documentation, this can be useful if you need your Neutron deployment to scale beyond the 4K-VLANs-per-physical network limit. [2]

F5 LBaaSv2 Hierarchical Port Binding

F5 LBaaSv2 Hierarchical Port Binding

Footnotes

[1]See Agent Redundancy and Scale Out
[2]OpenStack ML2 Hierarchical Port Binding specs.