Ask Your Question
1

Configuration Neutron self service with linuxbridge + vxlan

asked 2017-04-01 07:18:28 -0500

Kelvin Soares gravatar image

Hey all,

I have some questions about neutron implementation. So,

Versions:

  • OS: CentOS 7

  • OpenStack: Mitaka

Nodes:

  • controller: keystone, nova, neutron, horizon

  • computer: nova, neutron

Configuration:

I started the implementation following the official documentation, but I'm kind of lost regarding the network settings of the interfaces. I started by following the following links:

  • controller: https://docs.openstack.org/mitaka/install-guide-rdo/neutron-controller-install.html (controller node) + https://docs.openstack.org/mitaka/install-guide-rdo/neutron-controller-install-option2.html (Self-service networks) + VXLAN.
  • computer: https://docs.openstack.org/mitaka/install-guide-rdo/neutron-compute-install.html (computer node) + https://docs.openstack.org/mitaka/install-guide-rdo/neutron-compute-install-option2.html (Self-service networks) + VXLAN.

NIC's:

  • controller: eth0 (private IP) - eth0:1 (public IP) - eth1 (??)
  • computer: eth0 (private IP) - eth0:1 (public IP) - eth1 (??)

My question is: how should I configure the network interfaces to work with the scenario I mentioned above? And what is the recommended configuration for using two interfaces with OVS? Or don't need to use OVS? I do not know how to configure the eth1 interface and I do not know the configuration that I should use in OVS. In the documentation does not say very well how to do this.

I found this https://fosskb.in/2014/06/10/managing-openstack-internaldataexternal-network-in-one-interface/ (link) but I do not know if this can help with my doubts. If you need me to clarify some other point or post some configuration files, I am at disposal.

Thank you very much for your help. Thank you from the heart!

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
1

answered 2017-04-03 01:13:28 -0500

updated 2017-04-05 08:03:31 -0500

The installation tutorial uses Linuxbridge, not OVS. If you want the OVS configuration, read the Networking Guide.

For self-service networking, the installation tutorial expects two networks, a provider network that connects instances to the outside world, and a management network that is used for everything else, such as internal messaging using RabbitMQ, public and internal access to APIs, and for virtual networks (the tutorial uses VXLAN to create virtual networks on top of the management network).

Thus, your network configuration is not quite as expected by the tutorial. It's not clear what your interfaces are connected to; I assume for now that eth0 is used for internal API, message queue traffic and virtual networks; eth0:1 is used for external API; eth1 accesses the provider network.

On the controller configuration page, the lines that map your OpenStack configuration to your physical network are

physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME

and

local_ip = OVERLAY_INTERFACE_IP_ADDRESS

The first line tells Neutron which interface connects the host to the provider network. Under my assumption, this is eth1. The second line is the IP address of the management network interface; eth0 if I assume correctly. The compute host configuration is analogous.

By the way, Mitaka is two cycles back. Ocata is the current release. Why Mitaka?

EDIT:

Just to rule out stupid mistakes, I hope you use different IP addresses on the two nodes for the local_ip parameter:

local_ip = 10.0.0.2

How to troubleshoot this: If you use the default central router, the floating IP is implemented in the router's namespace on the controller. Ping the floating IP, and use tcpdump to trace the traffic at several places, and see where the traffic disappears. Unfortunately I don't know how Linuxbridge traffic is routed. It's something I have wanted to find out, but haven't taken the time to do so far.

You can use the network troubleshooting guide in the operations manual. It assumes OVS, but it should be good inspiration. I guess Linuxbridge is actually easier. Also use the Components and Connectivity diagram in the networking guide.

edit flag offensive delete link more

Comments

Hi Bernd, can you see my last reply above? Thank you mate!

Kelvin Soares gravatar imageKelvin Soares ( 2017-04-05 07:18:25 -0500 )edit
0

answered 2017-04-05 07:17:25 -0500

Kelvin Soares gravatar image

Hi Bernd Bausch, thank you for the great response.

Your assumption is correct:

eth0   -  Internal API;
eth0:1 -  External API;
eth1   -  Internet access.

Configuration:

[root@controller ~]# grep physical_interface_mappings /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = provider:eth1
[root@controller ~]#
[root@controller ~]# grep local_ip /etc/neutron/plugins/ml2/linuxbridge_agent.ini
local_ip = 10.0.0.2
[root@controller ~]#

This configuration was performed on both nodes (computer and controller) and the eth1 interface is connected directly to the router that gives me access to the internet.

The connection is normally performed:

[root@controller ~]# ping google.com -I eth1
PING google.com (172.217.29.238) from MY-PUBLIC-IP-HERE eth1: 56(84) bytes of data.
64 bytes from gru06s28-in-f14.1e100.net (172.217.29.238): icmp_seq=1 ttl=55 time=55.8 ms
64 bytes from gru06s28-in-f14.1e100.net (172.217.29.238): icmp_seq=2 ttl=55 time=55.9 ms
64 bytes from gru06s28-in-f14.1e100.net (172.217.29.238): icmp_seq=3 ttl=55 time=55.7 ms
^C
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 55.782/55.881/55.979/0.080 ms
[root@controller ~]# 

I have created two instances and I can ping between the two, for example:

Instance 1 - 192.168.1.11
Instance 2 - 192.168.1.12

I can ping normally between the two internally, but when I assign a public IP, I can't ping to it nor can I ping from within the instance to the internet.

Do you think it would be some problem with my router that frees public IP or some problem with my configuration? Any tests I can carry out? Or any log I can check?

[root@controller ~]# neutron agent-list
+--------------------------------------+--------------------+--------------------------------+-------------------+-------+----------------+---------------------------+
| id                                   | agent_type         | host                           | availability_zone | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+--------------------------------+-------------------+-------+----------------+---------------------------+
| 0f625580-9dcc-4dff-a531-3c09f70c3016 | Linux bridge agent | computer.hostname.com |                   | :-)   | True           | neutron-linuxbridge-agent |
| 11cdc8e8-b45a-4cba-aeb2-bbb7c7fc8670 | L3 agent           | controller.hostname.com    | nova              | :-)   | True           | neutron-l3-agent          |
| 73266726-3c62-4cd5-8e15-159d87afb613 | Linux bridge agent | controller.hostname.com    |                   | :-)   | True           | neutron-linuxbridge-agent |
| 8eea7cce-48ca-442b-b961-da2b9cc76886 | Metadata agent     | controller.hostname.com    |                   | :-)   | True           | neutron-metadata-agent    |
| b8b0e6b2-55d2-45b6-8d11-eb8283e83ddb | DHCP agent         | controller.hostname.com    | nova              | :-)   | True           | neutron-dhcp-agent        |
+--------------------------------------+--------------------+--------------------------------+-------------------+-------+----------------+---------------------------+
[root@controller ~]# 

All services work normally: https://pastebin.com/raw/VkNThXzT

Thanks again for your help.

edit flag offensive delete link more

Comments

1

I edited my reply and added thoughts after reading your additional info.

Bernd Bausch gravatar imageBernd Bausch ( 2017-04-05 08:00:26 -0500 )edit

Hi Bernd, I'm using different IPs in 'local_ip' yes, thank you. Unfortunately, I can't figure out where the problem is. From what I see, everything is correctly configured, I think the problem is router or the release of IPs from my public switch.

Kelvin Soares gravatar imageKelvin Soares ( 2017-04-05 09:40:34 -0500 )edit
1

@Kelvin Soares Were you able to troubleshoot the issue? I am facing the exact issue. However i am not able to debug it further. Any updates from you?

sanjana gravatar imagesanjana ( 2017-04-25 05:38:32 -0500 )edit

Hi sanjana, not yet. And you? @sanjana

Kelvin Soares gravatar imageKelvin Soares ( 2017-05-18 13:46:46 -0500 )edit

I was able to install it. I have 2 interfaces each on compute (eth0, eth1) and controller node(eth0, eth1). Create linuxbridge on the nodes and attach an interface to it ( br0 with eth0). Create another ad-hoc connection between the 2 machines with a cable. (eth1 of compute to eth1 of controller)

sanjana gravatar imagesanjana ( 2017-05-21 22:30:49 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2017-04-01 07:18:28 -0500

Seen: 934 times

Last updated: Apr 05 '17