Ask Your Question
1

Connecting OVS interfaces to a bond with VLAN tagging

asked 2014-10-28 14:13:08 -0500

danofsatx gravatar image

updated 2014-10-30 12:49:55 -0500

rbowen gravatar image

Good Day, folks.

I need help setting up what I thought to be a rather simple configuration. Let me lay out the setup:

  • controller
    • on board
  • node3
    • on board
    • Intel PCIe
    • Intel PCIe
  • node4
    • on board
    • Intel PCIe
    • Intel PCIe
The onboard NIC on all three systems is the management interface. Before I ran packstack, I bonded the two PCIe NICs on the two compute nodes in 802.3ad mode, and set the bridges up for the VLANs on the bond. The switch is set to trunk VLANs 100-105 to those two systems on the bonded interfaces. So, before packstack, this is what I had:
  • controller
    • enp0s25
    • br0
    • br0.100
    • br0.101
  • Node3 + Node4
    • enp0s25
    • bond0
    • br0
    • br0.100
    • br0.101

In my answers file for packstack, I had these lines:

CONFIG_NOVA_COMPUTE_PRIVIF=br0.101
CONFIG_NOVA_NETWORK_PUBIF=br0.100
CONFIG_NOVA_NETWORK_PRIVIF=br0.101
CONFIG_NOVA_NETWORK_FIXEDRANGE=10.1.128.0/20
CONFIG_NOVA_NETWORK_FLOATRANGE=10.1.224.0/20
CONFIG_NOVA_NETWORK_VLAN_START=101
CONFIG_NOVA_NETWORK_NUMBER=5
CONFIG_NOVA_NETWORK_SIZE=255
CONFIG_NEUTRON_L3_EXT_BRIDGE=br0

I want VLAN 100 to be my public facing interface.

Packstack deployed the compute services to all three systems and did not honor the settings in the answer file setting up new bridge interfaces on all of the systems, virbr0, that does not seem to be tied to any other interface, as well as the ovs-system interfaces. [1-4].

While researching for this question, I stumbled upon ovs-vsctl, so I ran ovs-vsctl on the controller [5] and one of the nodes [6].

[1] http://paste.fedoraproject.org/145893...
[2] http://paste.fedoraproject.org/145898...
[3] http://paste.fedoraproject.org/145895...
[4] http://paste.fedoraproject.org/145899...
[5] http://paste.fedoraproject.org/145909...
[6] http://paste.fedoraproject.org/145910...

So, my starting point is this - how do I get the ovs-system talking to the bond? Next, how do I get the VLANs passed through to neutron, and eventually to the instances?

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
1

answered 2015-01-14 10:31:02 -0500

mrbriancollins gravatar image

updated 2015-01-21 00:50:59 -0500

Notice

I have a similar configuration I setup bonding on my interfaces as well. I tore down one bond to try creating the bond inside openvswitch. I can only say that it the commands completed successfully and the bridge shows up as an interface but i have not yet gotten it to raise from a down state. I followed this guide I found, the reference he gave is no longer in service. http://blog.scottlowe.org/2012/10/19/link-aggregation-and-lacp-with-open-vswitch/ (http://blog.scottlowe.org/2012/10/19/...)

I am reluctant to destroy my primary bond because it is running my openstack services through this interface.

UPDATE: Found the directive of OVSBond as the type: inside the openvswitch manual:

To use the integration for a Open vSwitch bridge or interface named
<name>, create or edit /etc/sysconfig/network-scripts/ifcfg-<name>.
This is a shell script that consists of a series of VARIABLE=VALUE
assignments.  The following OVS-specific variable names are supported:

    - DEVICETYPE: Always set to "ovs".

    - TYPE: If this is "OVSBridge", then this file represents an OVS
      bridge named <name>.  Otherwise, it represents a port on an OVS
      bridge and TYPE must have one of the following values:

        * "OVSPort", if <name> is a physical port (e.g. eth0) or
          virtual port (e.g. vif1.0).

        * "OVSIntPort", if <name> is an internal port (e.g. a tagged
          VLAN).

        * "OVSBond", if <name> is an OVS bond.

    - OVS_BRIDGE: If TYPE is anything other than "OVSBridge", set to
      the name of the OVS bridge to which the port should be attached.

    - OVS_OPTIONS: Optionally, extra options to set in the "Port"
      table when adding the port to the bridge, as a sequence of
      column[:key]=value options.  For example, "tag=100" to make the
      port an access port for VLAN 100.  See the documentation of
      "add-port" in ovs-vsctl(8) for syntax and the section on the
      Port table in ovs-vswitchd.conf.db(5) for available options.

    - OVS_EXTRA: Optionally, additional ovs-vsctl commands, separated
      by "--" (double dash).

    - BOND_IFACES: For "OVSBond" interfaces, a list of physical
      interfaces to bond together. 


Tagged VLAN interface on top of ovsbridge0:

==> ifcfg-vlan100 <==
DEVICE=vlan100
ONBOOT=yes
DEVICETYPE=ovs
TYPE=OVSIntPort
BOOTPROTO=static
IPADDR=A.B.C.D
NETMASK=X.Y.Z.0
OVS_BRIDGE=ovsbridge0
OVS_OPTIONS="tag=100"
OVS_EXTRA="set Interface $DEVICE external-ids:iface-id=$(hostname -s)-$DEVICE-vif"
HOTPLUG=no

        Bonding:

    ==> ifcfg-bond0 <==
    DEVICE=bond0
    ONBOOT=yes
    DEVICETYPE=ovs
    TYPE=OVSBond
    OVS_BRIDGE=ovsbridge0
    BOOTPROTO=none
    BOND_IFACES="gige-1b-0 gige-1b-1 gige-21-0 gige-21-1"
    OVS_OPTIONS="bond_mode=balance-tcp lacp=active"
    HOTPLUG=no

    ==> ifcfg-gige-* <==
    DEVICE=gige-*
    ONBOOT=yes
    HOTPLUG=no
edit flag offensive delete link more

Comments

1

I think the stale link in that blog post is http://brezular.com/2011/12/04/part4-...

darragh-oreilly gravatar imagedarragh-oreilly ( 2015-03-03 10:19:06 -0500 )edit
0

answered 2015-11-06 15:36:45 -0500

3j0s gravatar image

Greeting!

Firstable the characteristics from my server are:

1.- I have a All-In-One Implementation. 2.- I use a VLAN Network (no gre) 3.- I have bare-metal router

I got all interfaces working on bonding and bridge with vlan support (except for my admin interface) using OVS, and i can do ping and ssh from my controller to whatever vlan instance i chose, but i can not do the same from my outside network to my openstack instance and i can get to my router from my instance either.

I created neutron vlan network, and everything is seems working even my namespace but i cannot getting work..

So, can someone tell me what can i check?

Thx in advance

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-10-28 14:13:08 -0500

Seen: 8,354 times

Last updated: Nov 06 '15