Ask Your Question
2

Is there any way to use DVR with external network provider (flat) ?

asked 2015-12-22 05:13:56 -0500

andrew.shvartz gravatar image

updated 2015-12-22 08:23:57 -0500

As far as I can see DVR requires external bridging networking, attempt to set "external_network_bridge = " in l3_agent.ini won't work with DVR. If I am wrong here, please , advise. I was able reproduce http://dbaxps.blogspot.com/2015/10/rd...
Then I added interface to another public network ( supposed to be declared as external flat network via external network provider). Attempted to update neutron.conf and neutron OVS,L3 agent *.ini and ml2_conf.ini files, added neutron-metadata-agent service , files ifcfg-br-eth2 and ifcfg-eth2 for added interface were properly configured as OVS bridge and OVS port. Neutron-openvswitch-agent has been restarted OK during "openstack-service restart neutron". This steps resulted disappearing of VXLAN tunnels. Neutron flow on DVR compute node, as follows from several manuals, is not supposed to return back to br-int before forwarding outside. But external network provider vs bridging external networking does require neutron flow to be back on br-int before sending packets out.
ml2_conf.ini (all nodes )

type_drivers = vxlan,flat
flat_networks = physnet2

Creating network.

neutron net-create public --provider:network_type flat --provider:physical_network physnet2 --router:external
neutron subnet-create --gateway 10.10.10.1 --allocation-pool start=10.10.10.100,end=10.10.10.150 --disable-dhcp --name public_subnet public 10.10.10.0/24

Then

ovs-vsctl add-br br-eth2
ovs-vsctl add-port br-eth2 eth2
plus creating ifcfg-br-eth2 and ifcfg-eth2  files  for OVS bridge and OVS port

Then

Update openvswitch-agent.ini
bridge_mappings physnet2:br-eth2

Then

opernstack-service restart ( all nodes)
edit retag flag offensive close merge delete

Comments

what exactly did you modify in the config files after adding the eth2 ?

mariusleu gravatar imagemariusleu ( 2015-12-22 06:34:33 -0500 )edit

Per https://access.redhat.com/documentati...
Replacing br-ex with br-eth2

andrew.shvartz gravatar imageandrew.shvartz ( 2015-12-22 08:09:22 -0500 )edit

The local_ip are set ok ? Can you ping controller on local_ip from compute node ?

mariusleu gravatar imagemariusleu ( 2015-12-22 11:29:16 -0500 )edit
add a comment

2 answers

Sort by ยป oldest newest most voted
1

answered 2015-12-22 13:20:23 -0500

dbaxps gravatar image

updated 2015-12-23 03:11:48 -0500

UPDATE 12/23/2015
Final draft addressing your question is here
Running DVR with external network provider (flat) on CentOS 7.2 RDO Liberty
END UPDATE
Please,change sequence of steps
1. Setup Controller/Network + Compute ML2&OVS&VXLAN via standard answer-file
Three NICs on each node MGMT (eth0) , VTEPS (eth1), Ext Interface (eth2)
2. Tune cluster to work with External Network provider per RH' link ( you've mentioned)
Just in case I kept name of outgoing bridge "br-ex"

 [root@ip-192-169-142-127 ~(keystone_admin)]# cat ifcfg-br-ex
    DEVICE="br-ex"
    NM_CONTROLLED="no"
    ONBOOT="yes"
    TYPE="OVSIntPort"
    OVS_BRIDGE=br-ex
    DEVICETYPE="ovs"
[root@ip-192-169-142-127 ~(keystone_admin)]# cat ifcfg-eth2
    DEVICE="eth2"
    ONBOOT="yes"
    TYPE="OVSPort"
    DEVICETYPE="ovs"
    OVS_BRIDGE=br-ex
    NM_CONTROLLED=no
    IPV6INIT=no

When done tune DVR configs, restart nodes.
Make sure VXLAN tunnels are here. At this point you are ready to go
The point is to get fg-xxxxxx working via br-ex ( no matter this in this case br-ex contains external neutron routers interface inside, not having visible IP like in bridged external network )

[root@ip-192-169-142-137 ~]# ovs-vsctl show
6b29bb4b-b7e0-42d7-94ba-662cd321bf82
    Bridge br-ex
        Port "eth2"
            Interface "eth2"
        Port phy-br-ex
            Interface phy-br-ex  <=== veth pair
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    Bridge br-int
        fail_mode: secure
        Port br-int
            Interface br-int
                type: internal
        Port "qvo2be937c0-cc"
            tag: 1
            Interface "qvo2be937c0-cc"
        Port int-br-ex
            Interface int-br-ex  <=== veth pair
                type: patch
                options: {peer=phy-br-ex}
        Port "qr-98432f0d-0c"
            tag: 1
            Interface "qr-98432f0d-0c"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "fg-a6949885-91"       <== outgoing fip-namespace interface ( on br-int )
            tag: 2
            Interface "fg-a6949885-91"
                type: internal
        Port "qvo997b88c5-a8"
            tag: 1
            Interface "qvo997b88c5-a8"
    Bridge br-tun
        fail_mode: secure
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port "vxlan-0c00007f"
            Interface "vxlan-0c00007f"
                type: vxlan
                options: {df_default="true", in_key=flow, local_ip="12.0.0.137", out_key=flow, remote_ip="12.0.0.127"}
    ovs_version: "2.4.0"
[root@ip-192-169-142-137 ~]# ip netns exec fip-bb5509d1-84a3-489e-847f-c07573b8f6a1 ifconfig | head -8
fg-a6949885-91: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.10.10.102  netmask 255.255.255.0  broadcast 10.10.10.255
        inet6 fe80::f816:3eff:fecf:84a5  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:cf:84:a5  txqueuelen 0  (Ethernet)
        RX packets 138191  bytes 188105981 (179.3 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 58127  bytes 4630008 (4.4 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

image description

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2015-12-22 05:13:56 -0500

Seen: 369 times

Last updated: Dec 23 '15

Related questions

How to allow external access for vms

Devstack : how to access instances by there floating IPs from a no-openstack computer ?

How to implement dhcp, wds and ad servers in openstack ( internal -external network relations)

Add a physical interface to instance

Controller down

Just say no to SNAT

Testing Juno inside Icehouse

Unable to access instance via ssh

how to create VNF like vRouter on openstack

Cannot see Router External IP