Ovn Central

By OpenStack Charmers
Cloud

Architecture:

Base version:

Channel	Revision	Published	Runs on
latest/edge	250	22 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	249	22 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	248	22 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	247	22 Jun 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	220	09 May 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	219	09 May 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	210	09 May 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	209	09 May 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	208	09 May 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	207	09 May 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	206	09 May 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	205	09 May 2024	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	155	13 Sep 2023	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	151	13 Sep 2023	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	148	13 Sep 2023	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	145	13 Sep 2023	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	106	20 Jul 2023	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	105	20 Jul 2023	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	104	20 Jul 2023	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	103	20 Jul 2023	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge	34	29 Jul 2022	Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
22.03/stable	245	13 Jun 2024	Ubuntu 22.04 Ubuntu 20.04
openstack-21.09/edge	19	22 Feb 2022	Ubuntu 20.04
openstack-20.12/edge	18	22 Feb 2022	Ubuntu 20.04
openstack-20.03/edge	17	22 Feb 2022	Ubuntu 20.04 Ubuntu 18.04
24.03/candidate	228	01 Jun 2024	Ubuntu 23.10 Ubuntu 22.04
24.03/candidate	227	31 May 2024	Ubuntu 23.10 Ubuntu 22.04
24.03/candidate	226	31 May 2024	Ubuntu 23.10 Ubuntu 22.04
24.03/candidate	225	31 May 2024	Ubuntu 23.10 Ubuntu 22.04
24.03/candidate	224	31 May 2024	Ubuntu 23.10 Ubuntu 22.04
24.03/candidate	223	31 May 2024	Ubuntu 23.10 Ubuntu 22.04
24.03/candidate	222	31 May 2024	Ubuntu 23.10 Ubuntu 22.04
24.03/candidate	221	31 May 2024	Ubuntu 23.10 Ubuntu 22.04
23.09/stable	244	12 Jun 2024	Ubuntu 23.10 Ubuntu 22.04
23.09/stable	239	12 Jun 2024	Ubuntu 23.10 Ubuntu 22.04
23.09/stable	238	12 Jun 2024	Ubuntu 23.10 Ubuntu 22.04
23.09/stable	237	12 Jun 2024	Ubuntu 23.10 Ubuntu 22.04
23.09/stable	236	12 Jun 2024	Ubuntu 23.10 Ubuntu 22.04
23.09/stable	235	12 Jun 2024	Ubuntu 23.10 Ubuntu 22.04
23.09/stable	234	12 Jun 2024	Ubuntu 23.10 Ubuntu 22.04
23.09/stable	230	12 Jun 2024	Ubuntu 23.10 Ubuntu 22.04
23.03/stable	240	12 Jun 2024	Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04
23.03/stable	243	12 Jun 2024	Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04
23.03/stable	242	12 Jun 2024	Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04
23.03/stable	241	12 Jun 2024	Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04
22.09/stable	233	12 Jun 2024	Ubuntu 22.10 Ubuntu 22.04
22.09/stable	232	12 Jun 2024	Ubuntu 22.10 Ubuntu 22.04
22.09/stable	231	12 Jun 2024	Ubuntu 22.10 Ubuntu 22.04
22.09/stable	229	12 Jun 2024	Ubuntu 22.10 Ubuntu 22.04
21.09/stable	24	05 Aug 2022	Ubuntu 20.04
20.12/stable	30	23 Jan 2023	Ubuntu 20.04
20.03/stable	35	23 Jan 2023	Ubuntu 20.04 Ubuntu 18.04

Learn to deploy on juju >

Platform:

24.04 23.10 23.04 22.10 22.04 20.04 18.04

Relevant links

Discuss this charm

Share your thoughts on this charm with the community on discourse.

Join the discussion

Overview

The ovn-central charm provides the Northbound and Southbound OVSDB Databases and the Open Virtual Network (OVN) central control daemon (ovn-northd). It is used in conjunction with either the ovn-chassis subordinate charm or the ovn-dedicated-chassis principle charm.

Note: The OVN charms are supported starting with OpenStack Train.

Usage

The OpenStack Base bundle gives an example of how you can deploy OpenStack and OVN with Vault to automate certificate lifecycle management.

OVN makes use of Public Key Infrastructure (PKI) to authenticate and authorize control plane communication. The charm therefore requires a Certificate Authority to be present in the model as represented by the certificates relation.

Refer to Open Virtual Network (OVN) in the OpenStack Charms Deployment Guide for details, including deployment steps.

Note: The ovn-central charm requires a minimum of three units to operate.

Network spaces

This charm supports the use of Juju network spaces.

By binding the ovsdb, ovsdb-cms and ovsdb-peer endpoints you can influence which interface will be used for communication with consumers of the Southbound DB, Cloud Management Systems (CMS) and cluster internal communication.

juju deploy -n 3 --series focal \
    --bind "''=oam-space ovsdb=data-space" \
    ovn-central

OVN RBAC and securing the OVN services

The charm enables RBAC in the OVN Southbound database by default. The RBAC feature enforces authorization of individual chassis connecting to the database, and also restricts database operations.

In the event of an individual chassis being compromised, RBAC will make it more difficult to leverage database access for compromising other parts of the network.

Note: Due to how RBAC is implemented in ovsdb-server the charm opens up a separate listener at port 16642 for connections from ovn-northd.

The charm automatically enables the firewall and will allow traffic from its cluster peers to port 6641, 6643, 6644 and 16642. CMS clients will be allowed to talk to port 6641.

Anyone will be allowed to connect to port 6642.

Deferred service events

Operational or maintenance procedures applied to a cloud often lead to the restarting of various OpenStack services and/or the calling of certain charm hooks. Although normal, such events can be undesirable due to the service interruptions they can cause.

The deferred service events feature provides the operator the choice of preventing these service restarts and hook calls from occurring, which can then be resolved at a more opportune time.

See the Deferred service events page in the OpenStack Charms Deployment Guide for an in-depth treatment of this feature.

Bugs

Please report bugs on Launchpad.

For general questions please refer to the OpenStack Charm Guide.

Help improve this document in the forum (guidelines). Last updated 11 months ago.