Ask Your Question
1

second external network doesn't work with neutron dvr! [closed]

asked 2015-04-02 06:13:47 -0500

capsali gravatar image

updated 2015-05-25 07:06:44 -0500

Hi,

I have an openstack installation on 7 servers: 2 controller/network nodes in HA, 3 compute nodes and 2 storage nodes. For block and ephemeral storage i use ceph as backend.

Neutron is set up in dvr mode on computes and dvr_snat on controllers. Provider network is vlan from 100 to 199.

Let's say i have 2 external networks with the following subnets 10.10.0.0/24 with vlan tag 100 and 10.10.1.0/24 with vlan tag 101.

i create the first external network from dashboard under physnet1 with vlantag 100, create the subnet without dhcp. I create a router and an internal network. Associate a port to the internal network and set gateway to the external network. Everything works as expected. The gateway port (10.10.0.2) is created on the controller that provisions snat to the vm's.

Next i boot 3 instances, one on every compute node. I associate a floating ip on the first instance, when i click add fip it gives me 10.10.0.3 and i associate it to the instance.

Another port is created as network:floatingip_agent_gateway (10.10.0.4) that i belive is the fip dvr creates for routing purposes. Add another fip gives me 10.10.0.5. Associate it to the vm running on compute2, 10.10.0.6 is created aswell as port network:floatingip_agent_gateway .

The same goes for compute3, 10.10.0.7 as intance fip and 10.10.0.8 as network:floatingip_agent_gateway . The next fips get released in order.

I create the second external network on physnet1 with vlan tag 101 and the subnet. I create another router, router2, and create a port on internal network2 and set gateway to external network2.

The gateway port gets created(10.10.1.2) and i can ping it. I create another 3 instances on every compute node. Add a fip and associate it with the first instance.

It get's associated but i dont get a network:floatingip_agent_gateway port. I can't ping it.

The error i get at l3_agent.log on the compute node is :

2015-04-02 13:54:30.913 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:55:45.981 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:55:47.026 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-1a4b9fb4-85bf-4788-a5db-2adbe586635e', 'ip', 'addr', 'show', 'rfp-1a4b9fb4-8']
Exit code: 1
Stdout: ''
Stderr: 'Device "rfp-1a4b9fb4-8" does not exist.\n'
2015-04-02 13:56:39.011 4302 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'fip-3cdb714e-0964-4e0b-bf4f-18822222d2b4', 'ip', '-4 ...
(more)
edit retag flag offensive reopen merge delete

Closed for the following reason the question is answered, right answer was accepted by capsali
close date 2015-05-25 07:07:08.785138

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-04-07 08:26:25 -0500

Charles Benon gravatar image

Hi Capsali,

With Neutron (not sure for DVR), I needed to use a second l3 file:

http://docs.openstack.org/admin-guide...

handle_internal_only_routers = False
gateway_external_network_id = <ID>
external_network_bridge = br-mgmt

ID can be collected by neutron net-list (first column)

Command would be:

/usr/bin/python /usr/bin/neutron-l3-agent --config-file=/etc/neutron/neutron.conf --config-file=/etc/neutron/l3_agent-2.ini --config-file=/etc/neutron/fwaas_driver.ini --log-file=/var/log/neutron/l3-agent.log

edit flag offensive delete link more

Comments

1

Since Icehouse it's possible to use a single l3_agent to manage multiple external networks.

No need for second agent. This is a DVR related issue since i had no trouble in legacy neutron.

capsali gravatar imagecapsali ( 2015-04-07 08:55:42 -0500 )edit

Good to know. Your configuration looks good, could you provide: neutron net-list; neutron subnet-list ;neutron router-port-list ;neutron router-list ;neutron floatingip-list

Charles Benon gravatar imageCharles Benon ( 2015-04-07 11:38:03 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-04-02 06:13:47 -0500

Seen: 730 times

Last updated: May 25 '15