Using OVS within an instance whose host is running nova-net

asked 2015-08-06 12:39:48 -0600

mjturek gravatar image

Goal: I'm trying to use OpenVSwitch within an instance. In more detail, I'm trying to create a setup similar to (this (Single Node using Neutron FLAT)) but within a guest.

To be clear, I have this setup (OVS bridge connected to eth0) working on an actual machine. Creating the same setup within a guest is the issue.

Inital Steps: My host machine is devstack running nova-net. I use the following localrc.

# Credentials
# Network info
# Disable neutron

The interfaces file on the host is as follows

#eth0 set to manual, br0 set to dhcp
# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
# iface eth0 inet dhcp
iface eth0 inet manual

up ifconfig $IFACE up
up ip link set $IFACE promisc on
down ip link set $IFACE promisc off
down ifconfig $IFACE down

auto br0
iface br0 inet dhcp
up ip link set $IFACE promisc on

I then create a network with the following command (subnet info replaced with xxx's)

nova network-create --fixed-range-v4 --gateway --bridge br0 --bridge-interface eth0 --multi-host T --dns1 --fixed-cidr --enable-dhcp T --allowed-start --allowed-end mjturek_net

I spawn an instance (Running an ubuntu-14.04-x86_64 cloud image) who gets an IP from nova-net. The instance can reach the external network upon boot.

Where it goes wrong: I then install ovs on this guest and create an ovs bridge. I modify the interfaces file (/etc/network/interfaces) to be the same as the one used on the host (see above). I attach eth0 (who got it's IP from nova-net) to the bridge. I bring up the bridge, it makes the DHCP request but the request never reaches the host.

Thoughts on what's wrong:

  1. nova-net is probably not aware of the MAC of the guest's OVS bridge. Neutron has a concept of ports where you can specify a MAC and then assign that port to the instance. Is there a similar concept in nova-net?
  2. Maybe the request is getting squashed by iptables? Is iptables required for nova-net?
edit retag flag offensive close merge delete