Ask Your Question
0

Why does OVS agent creates three "qbr..." interfaces every time that a VM is created?

asked 2013-01-23 17:13:06 -0500

emagana gravatar image

Every time that I create a VM using current Quantum trunk code, OVS seems to creste three "qbr.." interfaces besides the required tap interface. What is the main reason about this?

edit retag flag offensive close merge delete

4 answers

Sort by ยป oldest newest most voted
0

answered 2013-01-28 07:34:31 -0500

amotoki gravatar image

Nova's LibvirtHybridOVSBridgeDriver (which is recommended to use by default) creates an additional bridge and related interfacces per tap interface.

The reason to create the bridge is to make Nova'security group work. Security group implementation is based on iptables, but iptables rules are not applied when packets are forwarded on OVS bridges. Thus we prepare an extra bridge per VIF to apply iptables rules and ensure security group works.

edit flag offensive delete link more
0

answered 2013-01-25 01:06:22 -0500

kong gravatar image

It seems that what you said in your question was wrong, you said "OVS seems to creste three "qbr.."".

In fact, for every VIF, only one "qbr-XXX" brdge is created("qbr5c8cf1d6-7d" above), and at the same time, two veth devices named "qvb5c8cf1d6-7d" and "qvo5c8cf1d6-7d" are created for the connection between bridge and OVS integration bridge("br-int").

edit flag offensive delete link more
0

answered 2013-01-25 00:54:09 -0500

emagana gravatar image

I specifically select the Network where I want to connect my VM:

source openrc demo demo emagana@kubrick:~/openstack/devstack$ quantum net-list +--------------------------------------+---------+--------------------------------------------------+ | id | name | subnets | +--------------------------------------+---------+--------------------------------------------------+ | a67452d2-2786-46d4-9736-8ad253154951 | nova | 93a15f85-372e-4b4d-a43d-89ea9f00b9db | | f868718c-3ab7-4710-8001-906ad9593f4b | private | c386b0d7-70f3-4146-898e-7d40e0baa58a 10.0.0.0/24 | +--------------------------------------+---------+--------------------------------------------------+ emagana@kubrick:~/openstack/devstack$ emagana@kubrick:~/openstack/devstack$ emagana@kubrick:~/openstack/devstack$ glance index ID Name Disk Format Container Format Size


d90bac9a-d21e-4a87-aba3-b063ff44e6d3 cirros-0.3.0-x86_64-uec ami ami 25165824 4db8d5a0-3dc5-45f6-a539-a454468a1e5d cirros-0.3.0-x86_64-uec-ramdis ari ari 2254249 4d78df83-dffd-49ba-bdb6-77f8700b5e97 cirros-0.3.0-x86_64-uec-kernel aki aki 4731440 emagana@kubrick:~/openstack/devstack$ nova list

emagana@kubrick:~/openstack/devstack$ nova boot --image d90bac9a-d21e-4a87-aba3-b063ff44e6d3 --flavor 1 --nic net-id=f868718c-3ab7-4710-8001-906ad9593f4b vm1 +------------------------+--------------------------------------+ | Property | Value | +------------------------+--------------------------------------+ | OS-DCF:diskConfig | MANUAL | | OS-EXT-STS:power_state | 0 | | OS-EXT-STS:task_state | scheduling | | OS-EXT-STS:vm_state | building | | accessIPv4 | | | accessIPv6 | | | adminPass | 8SEQTt2Vs5Ca | | config_drive | | | created | 2013-01-24T23:03:12Z | | flavor | m1.tiny | | hostId | | | id | 029e2b69-92e5-49cd-a22d-77617704685f | | image | cirros-0.3.0-x86_64-uec | | key_name | None | | metadata | {} | | name | vm1 | | progress | 0 | | security_groups | [{u'name': u'default'}] | | status | BUILD | | tenant_id | 2792048ebfcc47e98f4f7177b2c6a312 | | updated | 2013-01-24T23:03:12Z | | user_id | 67f785acf5f7470284170b3119060d2b | +------------------------+--------------------------------------+

After this I see: emagana@kubrick:~/openstack/devstack$ ifconfig br-ex Link encap:Ethernet HWaddr 9a:74:08:bc:75:47
inet addr:172.24.4.225 Bcast:0.0.0.0 Mask:255.255.255.240 inet6 addr: fe80::9874:8ff:febc:7547/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:9 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:594 (594.0 B) TX bytes:468 (468.0 B)

eth0 Link encap:Ethernet HWaddr 00:0c:29:e3:b3:7d
inet addr:172.16.5.128 Bcast:172.16.5.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fee3:b37d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:205860 errors:0 dropped:0 overruns:0 frame:0 TX packets:148110 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:195491813 (195.4 MB) TX bytes:17000159 (17.0 MB)

eth1 Link encap:Ethernet HWaddr 00:0c:29:e3:b3:87
inet6 addr: fe80::20c:29ff:fee3:b387/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:3560 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:464159 (464.1 KB) TX bytes:468 (468.0 B)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:258352 errors:0 dropped:0 overruns:0 frame:0 TX packets:258352 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:111861719 (111.8 MB) TX bytes:111861719 (111.8 MB)

qbr5c8cf1d6-7d Link encap:Ethernet HWaddr 3a:d7:da:da:76:5d
inet6 addr: fe80::149c:8ff:feb8:e26e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5 errors:0 dropped:0 ...

(more)
edit flag offensive delete link more
0

answered 2013-01-24 02:47:42 -0500

kong gravatar image

I think you must have three networks. When you create VM without --nic parameter, Quantum will create three ports on the three networks separatly.

For every port attached to VM, nova vifDriver will create a bridge with the name "qbr-XXX", then link that bridge to the OVS integration bridge via a veth device. Then boot the VIF on the linux bridge using standard libvirt mechanisms

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2013-01-23 17:13:06 -0500

Seen: 383 times

Last updated: Jan 28 '13