Ask Your Question
1

Help With Packstack All-in-one External Access and 2 Network Interfaces

asked 2014-03-07 12:31:41 -0500

ten_ten_steve gravatar image

I've followed the guide from RDO "Neutron with existing external network" found here and I was able to install packstack using packstack --allinone --provision-all-in-one-ovs-bridge=n without any errors on my CentOS 6.5 host.

My server has a dual network interface card where port-1 is connected to 192.168.1.0/24 and port-2 is connected to 10.10.10.0/24. I would like my VMs to access the external network through port-2 (10.10.10.0/24) and have everything else use port-1(192.168.1.0/24).

So far I've configured eth0 and 192.168.1.1 as my default gateway and eth1 as an Open-VSwitch port to br-ex (just like the guide). Then I set up my br-ex Open-VSwitch port to use my 10.10.10.0/24 network. Here's my eth1 and br-ex interface config:

DEVICE=eth1
HWADDR=XX:XX:XX:XX:XX:XX
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex
ONBOOT=yes

DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
IPADDR=10.10.10.201
NETMASK=255.255.255.0
DNS1=10.10.10.1
ONBOOT=yes

After a network service restart, I see that all interfaces are brought online, but I'm not able to ping 10.10.10.201 from my desktop. Running ovs-vsctl show gives the response: Note that I am able to ping other systems on my 10.10.10.0/24 subnet, so I know my LAN is working correctly.

6d4c71a2-b1d3-44d9-8b27-4b3970cf7e1e

   Bridge br-ex
      Port "eth1"
         Interface "eth1"
      Port br-ex
         Interface br-ex
            type: internal

   Bridge br-int
      Port int-br-ex
         Interface int-br-ex
      Port br-int
         Interface br-int
            type: internal
   ovs_version: "1.11.0"

Any ideas to get connectivity to br-ex? Did I miss something? Do I need to set up some policy based routing to reach br-ex?

edit retag flag offensive close merge delete

2 answers

Sort by » oldest newest most voted
1

answered 2014-03-11 13:23:45 -0500

ten_ten_steve gravatar image

I have it working... almost.

I ended up re-installing everything on my OpenStack host, including the host OS (CentOS 6.5 - basic server installation). After installing CentOS, I set up eth0 as static & the default route. For reference, here is my eth0 config:

DEVICE=eth0
HWADDR=E4:1F:13:1F:46:C4
TYPE=Ethernet
UUID=39fb6462-d33b-4700-ad0c-304945de92b8
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.12
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=192.168.1.1
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME="System eth0"

I left eth1 as disabled for now.

As seen in thisguide provided by c0nsaw I set SELINUX=permissive. This was different from my previous setup where I had left SELINUX=enforcing.

Then I ran the RDO installation as per the linked post (and many others just like it) using the havana-release repo and packstack --allinone --provision-all-in-one-ovs-bridge=n. This will bind all the various OpenStack components to either my loopback or eth0 network interface according to PackStack.

After Packstack did it's thing, I configured my br-ex and eth1 interfaces as follows:

/etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE=eth1
HWADDR=E4:1F:13:1F:46:C6
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex
ONBOOT=yes
NM_CONTROLLED=no
IPV6INIT=no

/etc/sysconfig/network-scripts/ifcfg-br-ex

DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
IPADDR=10.10.10.100
NETMASK=255.255.255.0
DNS1=10.10.10.1
ONBOOT=yes

Restart the network service and loged into Horizon from 192.168.1.12 as admin and deleted all the existing networking components from the demo and admin tenants. After clearing out all the existing demo networking, I created a whole new set of virtual networking resources using the following commands from my host's CLI:

 . keystonerc_admin
neutron net-create public --router:external=True
neutron subnet-create public 10.10.10.0/24 --name public_subnet --enable_dhcp=False --allocation-pool start=10.10.10.101,end=10.10.10.199 --gateway=10.10.10.1
neutron router-create router1
neutron router-gateway-set router1 public

For the tenant private network and sub-network, I set up through horizon. Added some inbound rules to the default security group, started a test instance, assigned a floating IP and I was able to ping out and in.

I did not set up any policy based routing.

The only issue remaining is that all ports off the public network show their status as DOWN even though I am able to pass traffic between my physical network to/from my virtual network. Open-VSwitch shows all the corresponding virtual interfaces correctly.

I've seen some references to a 'bug' in openstack that causes this behavior. I'll have to conduct a little more research before I claim that this is the reason.

However, for now my instances are online and available!

edit flag offensive delete link more

Comments

Sweet :) Thanks for posting your config, very helpful !

c0nsaw gravatar imagec0nsaw ( 2014-03-11 16:04:29 -0500 )edit
0

answered 2014-03-08 12:15:50 -0500

c0nsaw gravatar image

updated 2014-03-08 12:17:51 -0500

This works for me.

http://cunninghamshane.com/my-all-in-one-openstack-deployment-at-home/ (http://cunninghamshane.com/my-all-in-...)

edit flag offensive delete link more

Comments

Thanks for the reply, This article runs through the same installation instructions I've seen server times over. Where all networking traffic is routed through one network interface. Nothing mentioned about supporting two network interfaces.

ten_ten_steve gravatar imageten_ten_steve ( 2014-03-10 08:24:58 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

[hide preview]

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-03-07 12:31:41 -0500

Seen: 2,700 times

Last updated: Mar 11 '14