Ask Your Question

Sample config for flat network mitaka/centos7 ?

asked 2016-06-12 16:20:08 -0500

Johan Landerholm gravatar image


I have been trying to get a flat network setup working on my CentOS 7 with mitaka (rdo). I have never ever gotten the network stuff to work and I have been trying to read as much of the neutron documentation as possible. Very confusing. I have been working with unix systems for 30 years and tcp/ip networks for 20+ years.

Does anyone have a working config for a single flat network configuration? Should I use the linux bridge or the ovs ? Which is best to use?

edit retag flag offensive close merge delete

4 answers

Sort by ยป oldest newest most voted

answered 2016-06-13 00:35:23 -0500

alex123 gravatar image

This is described in a lot of details in official documentation:

edit flag offensive delete link more

answered 2016-06-13 04:36:30 -0500

mperezmartin gravatar image


The flat networking setup is the default one they show you when following the OpenStack Installation guide. I'd suggest you to follow it (here).

The option I'd recommend would be the "Networking option #2" since this would allow you to have private sub-nets:

Option 1 deploys the simplest possible architecture that only supports attaching instances to provider (external) networks. No self-service (private) networks, routers, or floating IP addresses. Only the admin or other privileged user can manage provider networks.

Option 2 augments option 1 with layer-3 services that support attaching instances to self-service networks. The demo or other unprivileged user can manage self-service networks including routers that provide connectivity between self-service and provider networks. Additionally, floating IP addresses provide connectivity to instances using self-service networks from external networks such as the Internet.

You will see that they use Linux bridges by default. Actually I do not have any preferences either for OVS or Linux bridges, maybe someone can elaborate further on the differences.

Other suggestions I'd have:

  • Try to deploy a "all-in-one" OpenStack. You don't have to use more than one compute node in order to have a working deployment, an thus networking gets slightly easier.
  • You can also give a try to "DevStack", it is a straightforward approach to have a working environment quickly. Bear in mind that if you go into this direction you'll need to play around with the configuration since by default it will deploy nova networks instead of Neutron.
edit flag offensive delete link more



Thanks, I will try again. I have been trying both DevStack and RDO, everything works except for the networking part. My test servers has dual-NIC, so I would like to use the second nic as the "public" network that provides connectivity to the outside world.

Johan Landerholm gravatar imageJohan Landerholm ( 2016-06-13 06:48:58 -0500 )edit

@Johan Landerholm,
You are supposed to understand that default AIO RDO Mitaka Setup requires updates for :

dbaxps gravatar imagedbaxps ( 2016-06-13 09:22:00 -0500 )edit

Afterwords accordantly to updates done ( say eth1 is supposed to support external flat network) following actions are required:-

1.openstack-service restart neutron ( actually only ovs agent has to be restarted)
2.Correct syntax for invoking external flat network  provider
dbaxps gravatar imagedbaxps ( 2016-06-13 09:27:13 -0500 )edit


  #  ovs-vsctl add-br br-eth1
  #  ovs-vsctl add-port br-eth1 eth1
 Update ( or create ) properly ifcfg-br-eth1 && ifcfg-eth1
  #  service network restart
dbaxps gravatar imagedbaxps ( 2016-06-13 09:30:55 -0500 )edit

What is the status of this? Have you managed to make it work? If so, what were the problems and the solution? If not, what problems/logs are you facing? eg. what does the following command output? $ neutron agent-list

mperezmartin gravatar imagemperezmartin ( 2016-06-17 08:05:48 -0500 )edit

answered 2016-07-18 19:53:57 -0500

updated 2016-07-19 10:18:09 -0500

I have a working two physical node (Controller/Network, Compute) CentOS 7 OpenStack Mitaka with OVS installation using only one physical interface on each node with addresses on my LAN. This configuration is great for POC as it only uses a single network interface (combined management, external network, and tunnels), and perhaps easier to implement than the configuration proposed in the documentation. I can create both public and tenant network based instances with access to the internet through my local LAN, with and without floating IP. The configuration supports flat networking and VXLAN tunneling. Although not relevant to your question, the configuration also runs Block Storage services, Object Store services, and orchestration services on the Controller/Network node. (Everything needed to study for OpenStack Certified Administrator exam)
The key is creating br-ex and proper configuration of that bridge and the physical network interface prior to beginning the installation. (see the third comment by @dbaxps)
Also set net.ipv4.ip_forward=1 in your sysctl configuration on the network node.

edit flag offensive delete link more



This is probably what has been wrong the whole time. I suspected the networking bridge should be setup before doing the mitaka install, but this can't be found in the documentation. I will try to get some more time to try again.

Johan Landerholm gravatar imageJohan Landerholm ( 2016-07-19 01:08:47 -0500 )edit

answered 2016-06-13 04:26:16 -0500

dbaxps gravatar image

updated 2016-06-13 04:44:45 -0500

Going through
I was able to find just one statement like

$ neutron net-create provider-101 --shared \
  --provider:physical_network provider --provider:network_type vlan \
  --provider:segmentation_id 101

Thus VLAN tenant's segregation supposed to be activated. Then they completely relay on trunk switches and physical routers stripping vlan tags forwarding egress traffic outside.
Neutron L3 router gets eliminated from system

By default RDO Mitaka on CentOS 7.2 doesn't do that still relaying on Neutron Routers && L3 Neutron routing
 ( in case using "Packstack" for deployment which does VXLAN tenant's segregation and creates  Neutron routers following classic architecture). Use cases  involving external flat network provider you may see here :-
    In last sample I've used ML2&OVS&VLAN setup only to avoid setting up DVR Cluster Controller&&Compute to get Nova-Docker working on Compute Node with no problems. In case of using standard Libvirt Compute_driver and KVM Hypervisor on Compute Node I would perform traditional for RDO Mitaka ML2&OVS&VXLAN deployment.

    It's important to understand that invoking external flat network provider switch your RDO Mitaka Deployment to non-bridged external networking, placing outgoing interface of neutron router in external bridge br-eth2 (for instance). All neutron work flow in/outbound is coming through OVS bridge BR-INT, however, Neutron L3 routing is still in place as well as qrouter-namespace having it's outgoing interface qg-xxxx attached to BR-INT

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2016-06-12 16:20:08 -0500

Seen: 1,774 times

Last updated: Jul 19 '16