How do tenant network works for vxlan and gre tunnel

asked 2019-02-14 03:22:34 -0500

I have a 2 node openstack setup with a single controller. All is working right now. The 2 hosts use GRE tunnels on an interface labelled as "tenant" which came from the TripleO installation guide. When I run "ovs-vsctl show" I can see:

Bridge br-tun
        Controller "tcp:"
            is_connected: true
        fail_mode: secure
        Port "gre-c0a80c68"
            Interface "gre-c0a80c68"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="", out_key=flow, remote_ip=""}
        Port "gre-c0a80c6c"
            Interface "gre-c0a80c6c"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="", out_key=flow, remote_ip=""}

The "br-tun" interface is what maps to the physical interface which is labelled as the "tenant". As I understand this, by default it connects all the hosts together via vxlan so that the VMs running on the hosts can have access to oher VMs in the same tenant (openstack network) which is separate from the real underlying network of the host. For example, openstack project has VMs running in network VM1 runs on host 1 and VM2 runs on host 2. The 2 VMs can communicate on their own network IP addresses between them, say and and the underlying host does not know anything about network as it uses (for example)

Now what I would like to do is install a 3rd host in another site. I would need the hosts to establish vxlan (or gre) between them.

But here is the problem I forsee: The hosts use this network as a flat network There is no default route on this network interface, it's on another interface. So how would the hosts connect the gre/vxlan here?

I havent tried to install a 3rd host in another location yet. Do I need another overlay network on top of this to stretch the layer 2 to all hosts? Or can the openstack hosts use their default gateway to route to the remote host? OR does the installtion script set up static host routes on the hosts via the br-tun interface so they can set up the gre/vxlan tunnel?

Bit confused how it would work.


