Ask Your Question

Network changes in Ocata?

asked 2017-03-07 23:50:30 -0500

robetus gravatar image

I installed Ocata packstack on CentOS 7 and I'm doing everything I've been doing with Newton but I can't even get the router's external gateway to ping. I also noticed that in Ocata the external gateway no longer has a status of Build the status now shows Active. Did something change with Ocata? I can't even setup a simple network with router.

edit retag flag offensive close merge delete


I have just set up an Ocata cloud using Packstack. Yes, the gateway port is ACTIVE. No, I have no problem reaching the gateway, or pinging external addresses from instances. This deployment uses OVS and the centralized router.

Bernd Bausch gravatar imageBernd Bausch ( 2017-03-08 00:07:46 -0500 )edit

Interesting, I didn't do anything different from my Newton install and can't ping anything. The router of floating IPs. I'm also using OVS and the centralized router.

robetus gravatar imagerobetus ( 2017-03-08 01:57:21 -0500 )edit

I just installed Newton again to make sure and it works basically right out of the box with packstack with OVS. Very little setup. So something has definitely changed in Ocata. Guess I'll just wait until all the bugs get worked out to start using Ocata.

robetus gravatar imagerobetus ( 2017-03-08 22:59:45 -0500 )edit

Hey Bernd, if you wouldn't mind including your Ocata configuration along with maybe some screenshots that would be awesome.

robetus gravatar imagerobetus ( 2017-03-09 00:48:00 -0500 )edit

I don't have a working cloud right now, but I will certainly create one again in the next days. Watch this space.

Bernd Bausch gravatar imageBernd Bausch ( 2017-03-09 16:33:45 -0500 )edit

Okay great I'm looking forward to it.

robetus gravatar imagerobetus ( 2017-03-09 18:36:24 -0500 )edit

I have an Ocata cloud created with packstack --allinone, plus I added a compute node. That is, I have tenant networks, and my floating IPs are in the range. Still, to my surprise instances can ping

Bernd Bausch gravatar imageBernd Bausch ( 2017-03-13 23:21:16 -0500 )edit

I also tried flat networking to make instances reachable from outside the cloud, but that failed so far. Perhaps because my controller and compute hosts are Virtualbox VMs, and I need to tweak the Virtualbox config.

Bernd Bausch gravatar imageBernd Bausch ( 2017-03-13 23:21:21 -0500 )edit

Now the question is how to share the configuration. I can tar /etc/neutron. only accepts text, though. Also, what screenshots would you like? You could befriend me on LinkedIn (I am the only Bernd Bausch in Tokyo), then we use email.

Bernd Bausch gravatar imageBernd Bausch ( 2017-03-13 23:21:29 -0500 )edit

I didn't use --allinone. Here are the parameters I set for packstack: Is there something I left out that I need in Ocata? I don't create the cinder volume because I create a VG myself, and the host address is set to my real severs address. Works with Newton!

robetus gravatar imagerobetus ( 2017-03-13 23:42:58 -0500 )edit

1 answer

Sort by ยป oldest newest most voted

answered 2017-06-01 20:32:38 -0500

I had the same issue - Ocata Packstack 3 node build out-of-the-box could not ping router. All of the network configs looked good other than the fact that it appears it is now normal for qg/qr to be binded to br-int rather than br-ex. I started looking around at ovs-ofctl commands and randomly figured out what was wrong with my build.

[root@ocata-network ~]# ovs-ofctl dump-flows br-ex

NXST_FLOW reply (xid=0x4): cookie=0x95261656b155cdec, duration=81687.613s, table=0, n_packets=1123, n_bytes=47922, idle_age=3, hard_age=65534, priority=2,in_port=2 actions=drop cookie=0x95261656b155cdec, duration=81687.629s, table=0, n_packets=1645829, n_bytes=161202000, idle_age=0, hard_age=65534, priority=0 actions=NORMAL

Looking at the flows of br-ex and br-int, i saw that the "action" was set to drop. I set them all to "all" and I can now ping the router.

ovs-ofctl mod-flows br-ex action=all
ovs-ofctl mod-flows br-int action=all

I am pretty new to OpenVSwitch and I do not really know what the repercussions are of doing this (if there are any), but I can ping the router and the router can ping the gateway so for now I am happy. If anyone wants to jump in and tell me if this is bad practice or if there are possible implications this may have please let me know.


edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2017-03-07 23:50:30 -0500

Seen: 493 times

Last updated: Mar 07 '17