Ask Your Question
0

subnet interface status is down in router when create new routers

asked 2015-12-28 10:07:33 -0500

sacha-m gravatar image

updated 2015-12-28 11:16:12 -0500

This is my scenario:

  • Liberty
  • RDO
  • Centos 7

Topology:

(Internet)----(1)Physical Router(2)-----(em1)Manager(em2)----(em1)Compute node

Physical Router:

  • Interface 1: xxx.yyy.zzz.www
  • Interface 2: 192.168.70.1/24

Manager:

  • em1: 192.168.70.10/24
  • em2: 192.168.80.1/24

Compute node:

  • em1: 192.168.80.13/24

This is what I do first:

In "Manager" I add this line to /etc/sysctl.conf:

net.ipv4.ip_forward = 1

Then, in "Manager":

# systemctl stop NetworkManager
# systemctl disable NetworkManager
# systemctl enable network
# systemctl disable firewalld
# systemctl stop firewalld
# yum update -y
# yum install -y https://rdoproject.org/repos/rdo-release.rpm
# yum update -y
# yum install -y openstack-packstack
# yum update -y

Reboot the box.

Then, in the "Compute Node" server I do the same than in the "Manager" server. All the traffic pass thru the "Manager" server, that has IP forwarding enabled.

Then, I generate the answer file:

packstack --gen-answer-file=respuestas.cfg

The only change I made on the response file:

CONFIG_COMPUTE_HOSTS=192.168.80.13

So, everything is installed on the Server called "Manager" and the only thing is installed on the other server is Nova (and Neutron Agent).

Once everything is installed, in the "Manager" server, I create the file /etc/sysconfig/network-scripts/ifcfg-br-ex and put this in there:

DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTROTO=static
IPADD=192.168.80.1
NETMSK=255.255.255.0 
DNS1=8.8.8.8
ONBOOT=yes

Then, in "Manager" I edit the /etc/sysconfig/network-scripts/ifcfg-em2 file and add/change this:

TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex

And then, I edit /etc/neutron/plugin.ini and add this:

network_vlan_ranges = physnet1
bridge_mappings = physnet1:br-ex

Finally, I restart network service:

# systemctl restart network.service

In Horizon, I create the correct rules in "Access & Security"/"Security Groups" section.

Now, due the "demo" project is created, I will use that internal network and router to connect my first instance (that is launched on the "admin" project). In order to do that, I edit the "private" network, make it shared, and then I'm able to launch an instance (cirros), ping the router (default gateway) and everything. I Can use floating IPs and they work fine.

The problem is when I want to create new networks/routers. This is what I do, as "admin" user:

# . keystonerc_admin
# neutron router-create router_test 
# neutron net-create network_new_lan --provider:network_type vxlan
# neutron subnet-create --name subnet_new_lan --enable_dhcp --allocation-pool=start=172.16.90.2,end=172.16.90.254 --gateway=172.16.90.1 --dns-nameserver 8.8.8.8 network_new_lan 172.16.90.0/24
# neutron router-interface-add router_test subnet=subnet_new_lan

At this point, If I see in the "interfaces" section inside Project/Network/Routers in Horizon, in the "router_test" router, I'll see a "Down" status in the internal interface (which is the one we just created).

Any instance that uses this internal subnet (subnet_new_lan) will not get an IP and, of course, will not have connectivity to the router nor internet, nor nothing (because it doesn't ... (more)

edit retag flag offensive close merge delete

Comments

Don't touch sysctl.conf before running packstack.

dbaxps gravatar imagedbaxps ( 2015-12-28 13:46:47 -0500 )edit

I have to, because the second server ("Compute Node", 192.168.80.13) needs the IP forwarding from "Manager" in order to reach the Internet and download packages and stuff.

sacha-m gravatar imagesacha-m ( 2015-12-29 06:48:35 -0500 )edit
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-12-28 13:09:28 -0500

dbaxps gravatar image

updated 2015-12-28 14:02:07 -0500

Using answer field as comment
Use em1 on Controller/Network && Compute as MGMT and VTEP's interface at a time
See for answer-file http://dbaxps.blogspot.com/2015/12/ru...
eth0 <==> em1, eth1<==> em1
The only one thing you need is answer-file , ignore the rest completely
UPDATE

CONFIG_PROVISION_DEMO=n

Remove block

# systemctl stop NetworkManager
# systemctl disable NetworkManager
# systemctl enable network
# systemctl disable firewalld
# systemctl stop firewalld

Then (1)

# yum update -y
# yum install -y https://rdoproject.org/repos/rdo-release.rpm
# yum install -y openstack-packstack
# packstack --answer-file=./answer2node.txt ( from my post )
Tune IPs mgmt net as 192.168.70.0/24 matching External , connecting Controller to Physical Router 
Controller/Network 192.168.70.100, Compute 192.168.70.101.Packstack is supposed to be bind to this
IPs

Then (2)

Only on Controller update :-

root@controller  network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="static"
# 192.168.70.100 should be IP of Controller/Network Node during packstack run.
IPADDR="192.168.70.100"   
NETMASK="255.255.255.0"
DNS1="8.8.8.8"
BROADCAST="192.168.70.255"
GATEWAY="192.168.70.1"
NM_CONTROLLED="no"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="yes"
IPV6INIT=no
ONBOOT="yes"
TYPE="OVSIntPort"
OVS_BRIDGE=br-ex
DEVICETYPE="ovs"

[root@controller  network-scripts(keystone_admin)]# cat ifcfg-em1
DEVICE="em1"
# HWADDR=00:22:15:63:E4:E2
ONBOOT="yes"
TYPE="OVSPort"
DEVICETYPE="ovs"
OVS_BRIDGE=br-ex
NM_CONTROLLED=no
IPV6INIT=no

Only now run :-

#!/bin/bash -x
chkconfig network on ;
systemctl stop NetworkManager ;
systemctl disable NetworkManager ;
service network restart

Packstack will take care on disabling dynamic firewalld and enabling ipv4 iptables firewall along with
/etc/sysconfig/iptables on both node. Keep /etc/hosts correct on both nodes.

 Create external network (as admin) , router, private net (as demo)  via dashboard. Your virtual external net should be 192.168.70.0/24,  gateway 192.168.70.1 type VXLAN (shared). It should match real one.
edit flag offensive delete link more

Comments

Three rhings: when you say eth1<==> em1 ypu mean eth1<==> em2, right? Second, I don't want the "manager" server to be Compute Node. Third, my second server (named "Compute Node") is in a different network than em1 of Master, but in the same than em2. The idea is to isolate that network. Thx.

sacha-m gravatar imagesacha-m ( 2015-12-28 16:33:26 -0500 )edit

There is procedure of conversion new names like em, eno ... to eth(X) on CentOS 7.X
em2 on Controller and Compute should be converted to eth0 and em1 to eth1 on Controller
Then you would have masquerade 192.168.80.0/24 either retune Router changing outgoing internal subnet.

dbaxps gravatar imagedbaxps ( 2015-12-28 16:57:36 -0500 )edit

Controller won't run nova-compute. Don't worry. Conversion :-
http://serverfault.com/questions/6561....
MGMT packstack network has to be internet enabled during packstack run.

dbaxps gravatar imagedbaxps ( 2015-12-28 17:07:44 -0500 )edit

Nope. I did what you say with no luck. I will close the case and open it when I can explain it in a better way.

sacha-m gravatar imagesacha-m ( 2015-12-29 16:49:24 -0500 )edit

Please, submit syntax for creating external network been used.

dbaxps gravatar imagedbaxps ( 2015-12-30 13:50:49 -0500 )edit
see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2015-12-28 10:07:33 -0500

Seen: 2,067 times

Last updated: Dec 28 '15

Related questions

PackStack installation networking issue

neutron generate random MAC

Neutron LBaaS - loadbalancer status and stats return null

Where I can find iptables rules of the virtual router

Instance failed to spawn

Unable to create security group.

Help with neutron policy.json

QoS: neutron bandwidth limit method

How to connect the VM to the internet

How do I modify the IP pool?