Ask Your Question
1

How to configure neutron to use linux bridge and vlan in devstack local.conf?

asked 2015-03-21 15:13:14 -0500

ka gravatar image

Hi,

I am learning neutron and would like to setup neutron with linux bridge and vlan on my devstack. The default neutron is to setup OpenvSwitch for me.

What kind of configuration setting I should make on local.conf (or necessary files) to make neutron to use linux bridge and vlan only?

Thanks

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2015-03-23 02:24:08 -0500

darragh-oreilly gravatar image

You'll probably want to tweak these. The devstack support for the linuxbridge agent is not 100%.

# devstack local.conf using neutron ml2 and linuxbridge agent
# http://docs.openstack.org/developer/devstack/configuration.html

[[local|localrc]]

MULTI_HOST=true
SCHEDULER=nova.scheduler.chance.ChanceScheduler
HOST_IP=192.168.2.2

# speed up cloning, but will need `git fetch --unshallow` before git-review
GIT_DEPTH=10

INSTALL_TESTONLY_PACKAGES=True
LIBS_FROM_GIT=,python-neutronclient,

ENABLED_SERVICES=g-api,g-reg,key,horizon,mysql,rabbit,tempest
ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cpu,n-sch,n-cauth,n-cond,n-novnc,n-xvnc
ENABLED_SERVICES+=,cinder,c-api,c-vol,c-sch
#ENABLED_SERVICES+=,n-vol
#ENABLED_SERVICES+=,neutron,q-svc,q-agt,q-dhcp,q-l3,q-meta,q-fwaas,q-vpn,q-lbaas,q-metering
ENABLED_SERVICES+=,neutron,q-svc,q-agt,q-dhcp,q-l3,q-meta

DATABASE_PASSWORD=password
RABBIT_PASSWORD=password
SERVICE_TOKEN=password
SERVICE_PASSWORD=password
ADMIN_PASSWORD=password

# reduce resource reqs when using vms on laptop
API_WORKERS=1

SCREEN_LOGDIR=$DEST/logs
LOG_COLOR=false
LOGDAYS=7

#OFFLINE=true
#RECLONE=yes


Q_PLUGIN=ml2
Q_AGENT=linuxbridge

# want to know if neutron metadata stops working
FORCE_CONFIG_DRIVE=False
# save cpu cycles
Q_USE_ROOTWRAP=False

#NEUTRON_CREATE_INITIAL_NETWORKS=False
Q_USE_PROVIDERNET_FOR_PUBLIC=True
PUBLIC_PHYSICAL_NETWORK=flat_net1
# after to get to floating ips from host: 
# ip address add 172.24.4.1/24 dev brq<first-11-chars-of-ext-net-id>


[[post-config|/$Q_PLUGIN_CONF_FILE]]
[ml2]
tenant_network_types = vlan
type_drivers = local,flat,vlan,vxlan
mechanism_drivers = linuxbridge,l2population

[vxlan]
# warning: there are usually mtu issues with vxlan
enable_vxlan = True
local_ip = $HOST_IP
l2_population = True

[ml2_type_vxlan]
vni_ranges = 1001:2000

[ml2_type_vlan]
network_vlan_ranges = vlan_net1:1000:1999

[ml2_type_flat]
flat_networks = flat_net1

[linux_bridge]
# in virtualbox these nics need promiscous mode enabled
physical_interface_mappings = vlan_net1:eth2,flat_net1:eth3

[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
#firewall_driver = neutron.agent.firewall.NoopFirewallDriver
enable_security_group = True


[[post-config|$NEUTRON_CONF]]
[DEFAULT]
default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,neutron.context=WARN

compute node

# devstack local.conf for compute node

[[local|localrc]]

HOST_IP=192.168.2.3
SERVICE_HOST=192.168.2.2

ENABLED_SERVICES=n-cpu,n-novnc,
ENABLED_SERVICES+=,neutron,q-agt,q-dhcp,q-l3,q-meta

DATABASE_PASSWORD=password
RABBIT_PASSWORD=password
SERVICE_TOKEN=password
SERVICE_PASSWORD=password
ADMIN_PASSWORD=password

MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
Q_HOST=$SERVICE_HOST

VNCSERVER_LISTEN=0.0.0.0
VNCSERVER_PROXYCLIENT_ADDRESS=$HOST_IP

SCREEN_LOGDIR=$DEST/logs
LOG_COLOR=false
LOGDAYS=7

# want to use neutron metadata
FORCE_CONFIG_DRIVE=False

Q_AGENT=linuxbridge
Q_USE_ROOTWRAP=False

[[post-config|/$Q_PLUGIN_CONF_FILE]]

[vxlan]
enable_vxlan = True
local_ip = $HOST_IP
l2_population = True

[linux_bridge]
# in virtualbox these nics need promiscous mode enabled
physical_interface_mappings = vlan_net1:eth2,flat_net1:eth3

[securitygroup]
#firewall_driver = neutron.agent.firewall.NoopFirewallDriver
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
# maybe not needed on compute node
enable_security_group = True

[[post-config|$NEUTRON_CONF]]
[DEFAULT]
default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,neutron.context=WARN
edit flag offensive delete link more

Comments

I follow this configuration but I see two problems:

  1. An instance on the compute node fails to get an ip. (Fail to lease IP from dnsmasq)
  2. I cannot ping to an instance from the controller node (using ip netns <routre namespace="">)

Just wonder have you solved this problem?

ka gravatar imageka ( 2015-04-22 00:06:19 -0500 )edit

You don't give any specifics, so I don't know what the problem is. Assuming the networking type is VLAN, then the relevant physical switch ports will need to be configured to pass tagged packets. Tcpdumping the path is how to solve these problems.

darragh-oreilly gravatar imagedarragh-oreilly ( 2015-04-22 02:49:25 -0500 )edit
-1

answered 2015-03-21 16:14:26 -0500

mrbriancollins gravatar image

Create a linux bridge and add that port to your openvswitch.

eth0--(create)br-ex--(add as port)--openvswitch--(interVM-networking universe) and beyond?????

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-03-21 15:13:14 -0500

Seen: 2,976 times

Last updated: Mar 23 '15