For NSX-T deployments, you can create networks and ports backed by a transport zone supporting N-VDS enhanced data path mode.
This feature is offered in VMware Integrated OpenStack Carrier Edition only. For more information, see VMware Integrated OpenStack Licensing.
An NSX-managed virtual distributed switch (N-VDS) can operate in enhanced data path mode to provide network performance improvements needed by NFV workflows. For more information, see Enhanced Data Path in the NSX-T Installation Guide.
Create a separate availability zone for the N-VDS in enhanced data path mode. See Create a Neutron Availability Zone for an NSX-T Deployment.
- Log in to the OpenStack Management Server as
- If your deployment is not using a custom.yml file, copy the template custom.yml file to the /opt/vmware/vio/custom directory.
sudo mkdir -p /opt/vmware/vio/custom sudo cp /var/lib/vio/ansible/custom/custom.yml.sample /opt/vmware/vio/custom/custom.yml
- Open the /opt/vmware/vio/custom/custom.yml file in a text editor.
- Uncomment the nsxv3_disable_port_security_for_ens parameter and set its value to true.
Port security is not supported with N-VDS enhanced data path mode.
- Deploy the updated configuration.
sudo viocli deployment configure --limit controller
Deploying the configuration briefly interrupts OpenStack services.
What to do next
When you create networks that consume N-VDS enhanced data path, specify the availability zone created for it.