Ask Your Question
0

Liberty Neutron default networking

asked 2015-11-07 15:03:48 -0600

Daz gravatar image
  1. Did Liberty Neutron drop OpenVSwitch as default networking agent?
  2. Is Linux Bridges more performant than OVS? Can I create networks that don't see each other and connect them with routers (like I did with OVS in Kilo)? or is it somehow flat...
  3. I know floating IP are simply DNATing rules in the routers, but why would my physical node recognize those IPs if I don't assign them to some interface (or the external bridge)?
  4. Liberty now doesn't need a dedicated network node. Why? Don't we loose performance? (Moreover, all VMs traffic now goes through the management network... why not a dedicated network anymore?)
  5. When 2 VMs talk to each other, does traffic go through the Neutron node?

Thanks in advance for the help!

edit retag flag offensive close merge delete

Comments

  1. RDO Liberty does use OVS
  2. Where is your neutron-l3-agent running ?
    Actually Kilo(Juno) doesn't need dedicated network nodes, unless you are willing set up VRRP ( not HA Controller 3 node cluster ).
dbaxps gravatar imagedbaxps ( 2015-11-08 01:44:32 -0600 )edit

2 answers

Sort by ยป oldest newest most voted
2

answered 2015-11-08 06:21:02 -0600

Did Liberty Neutron drop OpenVSwitch as default networking agent?

To be honest, I am not certain if there is a default mechanism driver. I believe you need to explicitly set it in the ML2 configuration. The Openvswitch plugin, however, has been deprecated and probably removed by now; use ML2 and the OVS mechanism driver instead.

Is Linux Bridges more performant than OVS? Can I create networks that don't see each other and connect them with routers (like I did with OVS in Kilo)? or is it somehow flat...

You can use Linuxbridge to separate networks from each other, using VLAN, GRE or VXLAN. Same as OVS. Performance: I don't know if anybody knows this. It's certainly simpler to manage and troubleshoot.

I know floating IP are simply DNATing rules in the routers, but why would my physical node recognize those IPs if I don't assign them to some interface (or the external bridge)?

They are assigned to an interface. For example if you use OVS and network namespaces, the most common implementation, the NW node will have a separate network namespace for each network, and in that namespace a network interface for each port (or subnet? not sure), which will have the port's floating IP. The operation guide explains this to some detail in its network troubleshooting section.

Liberty now doesn't need a dedicated network node. Why? Don't we loose performance? (Moreover, all VMs traffic now goes through the management network... why not a dedicated network anymore?)

There has never been a need for a dedicated network node. You can run single node installations, and afaik there are production installations where control and network functions are combined on the same physical node (duplicated for HA, obviously). You are probably referring to the install guide, which separated network from control in earlier releases, but combines them in Liberty. I suppose the change was made for simplicity.

When 2 VMs talk to each other, does traffic go through the Neutron node?

Not if you use the distributed virtual router.

edit flag offensive delete link more

Comments

Running Nova and Neutron agents on same node would require powerful enough box , specifically handling network traffic from all Compute Nodes, unless you would implement DVR as was noticed by Bernd Bausch. But anyway this decision is a kind of trade off.

dbaxps gravatar imagedbaxps ( 2015-11-08 08:31:54 -0600 )edit

Due to DVR will put some additional pressure regarding neutron routing on Compute nodes, which in traditional architecture they are not supposed to handle.

dbaxps gravatar imagedbaxps ( 2015-11-08 08:33:40 -0600 )edit
0

answered 2015-11-08 07:01:44 -0600

dbaxps gravatar image

Bernd Baush wrote:-

the most common implementation, the NW node will have a separate network namespace for each network, and in that namespace a network interface for each port (or subnet? not sure), which will have the port's floating IP

The exact procedure is :-

$ nova boot --flavor 1 --key_name oskey1 --image \
    fa7a83d1-3ddb-4c0e-9c07-839b6b00f8ca CirrOSDev

  $ nova list
  +--------------------------------------+-------------+--------+------------+-------------+--------------+
  | ID                                   | Name        | Status | Task State | Power State | Networks     |
  +--------------------------------------+-------------+--------+------------+-------------+--------------+
  | acfbd460-d8d7-4eba-962b-de6f2f50db12 | CirrOSDev | ACTIVE | None       | Running     | int=30.0.0.2 |
  +--------------------------------------+-------------+--------+------------+-------------+--------------+

Source the user's credentials (tenant will be 'demo')

  $ . keystonerc_demo
List the ports 
 $ neutron port-list --device-id acfbd460-d8d7-4eba-962b-de6f2f50db12
 +--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
 | id                                   | name | mac_address       | fixed_ips                                                                       |
 +--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
 | 4ecfe633-dbab-4660-a51c-78ea6dbcc149 |      | fa:16:3e:88:05:e0 | {"subnet_id": "04b95f13-cc77-4f9a-8206-7f6ed183461d", "ip_address": "30.0.0.2"} |
 +--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+

Create a floating IP

  $ neutron floatingip-create ext
  Created a new floatingip:
  +---------------------+--------------------------------------+
  | Field               | Value                                |
  +---------------------+--------------------------------------+
  | fixed_ip_address    |                                      |
  | floating_ip_address | 192.168.122.11                       |
  | floating_network_id | 12e4de23-34f8-4f9f-ba2b-810c36f3cc40 |
  | id                  | 5976f269-bca2-4c44-8860-7d493909568f |
  | port_id             |                                      |
  | router_id           |                                      |
  | tenant_id           | 2c845a6ad20e45ccb0b045cee27a9661     |
  +---------------------+--------------------------------------+
List the floating IP
  $ neutron floatingip-list
  +--------------------------------------+------------------+---------------------+---------+
  | id                                   | fixed_ip_address | floating_ip_address | port_id |
  +--------------------------------------+------------------+---------------------+---------+
  | 5976f269-bca2-4c44-8860-7d493909568f |                  | 192.168.122.11      |         |
  +--------------------------------------+------------------+---------------------+---------+

Associate floating IP with the port of the VM

  $ neutron floatingip-associate 5976f269-bca2-4c44-8860-7d493909568f 4ecfe633-dbab-4660-a51c-78ea6dbcc149
  Associated floatingip 5976f269-bca2-4c44-8860-7d493909568f
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-11-07 15:03:48 -0600

Seen: 428 times

Last updated: Nov 08 '15