Using OVS within an instance whose host is running nova-net

asked 2015-08-06 12:39:48 -0600

mjturek gravatar image

Goal: I'm trying to use OpenVSwitch within an instance. In more detail, I'm trying to create a setup similar to http://wiki.stackinsider.org/index.php/DevStack_-_Single_Node_using_Neutron_FLAT_-_Icehouse (this (Single Node using Neutron FLAT)) but within a guest.

To be clear, I have this setup (OVS bridge connected to eth0) working on an actual machine. Creating the same setup within a guest is the issue.

Inital Steps: My host machine is devstack running nova-net. I use the following localrc.


# Credentials
HOST_IP=xxx.xxx.xxx.xxx
ADMIN_PASSWORD=password
DATABASE_PASSWORD=password
RABBIT_PASSWORD=password
SERVICE_PASSWORD=password
SERVICE_TOKEN=password
# Network info
MULTI_HOST=1
FLAT_INTERFACE=eth0
VLAN_INTERFACE=eth0
# Disable neutron
DISABLED_SERVICES=neutron 

The interfaces file on the host is as follows


#eth0 set to manual, br0 set to dhcp
# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
# iface eth0 inet dhcp
iface eth0 inet manual

up ifconfig $IFACE 0.0.0.0 up
up ip link set $IFACE promisc on
down ip link set $IFACE promisc off
down ifconfig $IFACE down

auto br0
iface br0 inet dhcp
up ip link set $IFACE promisc on

I then create a network with the following command (subnet info replaced with xxx's)


nova network-create --fixed-range-v4 xxx.xxx.xxx.0/24 --gateway xxx.xxx.xxx.254 --bridge br0 --bridge-interface eth0 --multi-host T --dns1 xxx.xxx.xxx.xxx --fixed-cidr xxx.xxx.xxx.0/24 --enable-dhcp T --allowed-start xxx.xxx.xxx.200 --allowed-end xxx.xxx.xxx.205 mjturek_net

I spawn an instance (Running an ubuntu-14.04-x86_64 cloud image) who gets an IP from nova-net. The instance can reach the external network upon boot.

Where it goes wrong: I then install ovs on this guest and create an ovs bridge. I modify the interfaces file (/etc/network/interfaces) to be the same as the one used on the host (see above). I attach eth0 (who got it's IP from nova-net) to the bridge. I bring up the bridge, it makes the DHCP request but the request never reaches the host.

Thoughts on what's wrong:

  1. nova-net is probably not aware of the MAC of the guest's OVS bridge. Neutron has a concept of ports where you can specify a MAC and then assign that port to the instance. Is there a similar concept in nova-net?
  2. Maybe the request is getting squashed by iptables? Is iptables required for nova-net?
edit retag flag offensive close merge delete