Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Tipically you need 3 separate networks. One is the private network, in which openstack services communicate that is present on all nodes (compute, network,controller, storage etc.). The second is the tunneling network, that connects instances from the compute nodes to the network nodes(dor metadata, dhcp, etc.), through an encapsulation protocol (gre, vxlan, vlan). The third network is used for external connectivity in forms of floating ips that can be associated with an instance.

This is the basic set-up. In your case, you could use same eth for management and external network because they are in the same subnet. But it is recomanded that you separate them. So you can have eth0 that is on a public network to be used for external network, eth1 for tunneling and eth2 for management network, a private network.You will need internet connectivity for packages so you assign a static ip to eth0 and enable promiscuous mode on it. For the other two networks, assing different ip's from two different subnets with no gateway.

Neutron works like this. You create a project network and its subnet (the gre tunnel that links instances to the network node), a provider(external) network/subnet and a router.You set the router gateway to the external network and attach a port on the project network. You boot up an instance with a private ip from the project network. In this stage network node acts as a SNAT for the instance. You can reach the outside world from within the instance but not the other way around. For this you need to associate a floating ip to the instance. When you associate a FIP to the instace , neutron basicaly creates a NAT rule that binds external ip to the internal instance ip. Now network node acts as SNAT and DNAT for that instance.

I never used devstack, i installed manually so i can't tell you the config for it. But i see that you only have gre as a type driver. You need a driver for provider network(external) that connects to your phisical router and i don't think you use a gre tunnel for it. You either need vlan or flat. So the config should look like CONFIG_NEUTRON_ML2_TYPE_DRIVERS=flat,vlan,gre,vxlan

Also you need CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=physnet1:br-ex.

You should read the documentation on openstack site for more indeph knowlage.