Ask Your Question
1

Sample config for flat network mitaka/centos7 ?

asked 2016-06-12 16:20:08 -0600

Johan Landerholm gravatar image

Hi,

I have been trying to get a flat network setup working on my CentOS 7 with mitaka (rdo). I have never ever gotten the network stuff to work and I have been trying to read as much of the neutron documentation as possible. Very confusing. I have been working with unix systems for 30 years and tcp/ip networks for 20+ years.

Does anyone have a working config for a single flat network configuration? Should I use the linux bridge or the ovs ? Which is best to use?

edit retag flag offensive close merge delete

4 answers

Sort by ยป oldest newest most voted
1

answered 2016-06-13 00:35:23 -0600

alex123 gravatar image

This is described in a lot of details in official documentation: http://docs.openstack.org/mitaka/netw...

edit flag offensive delete link more
0

answered 2016-06-13 04:26:16 -0600

dbaxps gravatar image

updated 2016-06-13 04:44:45 -0600

Going through http://docs.openstack.org/mitaka/netw...
I was able to find just one statement like

$ neutron net-create provider-101 --shared \
  --provider:physical_network provider --provider:network_type vlan \
  --provider:segmentation_id 101

Thus VLAN tenant's segregation supposed to be activated. Then they completely relay on trunk switches and physical routers stripping vlan tags forwarding egress traffic outside.
Neutron L3 router gets eliminated from system

By default RDO Mitaka on CentOS 7.2 doesn't do that still relaying on Neutron Routers && L3 Neutron routing
 ( in case using "Packstack" for deployment which does VXLAN tenant's segregation and creates  Neutron routers following classic architecture). Use cases  involving external flat network provider you may see here :-
  1. https://www.linux.com/blog/multiple-e...
  2. http://lxer.com/module/newswire/view/...
    In last sample I've used ML2&OVS&VLAN setup only to avoid setting up DVR Cluster Controller&&Compute to get Nova-Docker working on Compute Node with no problems. In case of using standard Libvirt Compute_driver and KVM Hypervisor on Compute Node I would perform traditional for RDO Mitaka ML2&OVS&VXLAN deployment.

    It's important to understand that invoking external flat network provider switch your RDO Mitaka Deployment to non-bridged external networking, placing outgoing interface of neutron router in external bridge br-eth2 (for instance). All neutron work flow in/outbound is coming through OVS bridge BR-INT, however, Neutron L3 routing is still in place as well as qrouter-namespace having it's outgoing interface qg-xxxx attached to BR-INT

edit flag offensive delete link more
0

answered 2016-06-13 04:36:30 -0600

mperezmartin gravatar image

Hi,

The flat networking setup is the default one they show you when following the OpenStack Installation guide. I'd suggest you to follow it http://docs.openstack.org/mitaka/install-guide-rdo/index.html (here).

The option I'd recommend would be the "Networking option #2" since this would allow you to have private sub-nets:

Option 1 deploys the simplest possible architecture that only supports attaching instances to provider (external) networks. No self-service (private) networks, routers, or floating IP addresses. Only the admin or other privileged user can manage provider networks.

Option 2 augments option 1 with layer-3 services that support attaching instances to self-service networks. The demo or other unprivileged user can manage self-service networks including routers that provide connectivity between self-service and provider networks. Additionally, floating IP addresses provide connectivity to instances using self-service networks from external networks such as the Internet.

You will see that they use Linux bridges by default. Actually I do not have any preferences either for OVS or Linux bridges, maybe someone can elaborate further on the differences.

Other suggestions I'd have:

  • Try to deploy a "all-in-one" OpenStack. You don't have to use more than one compute node in order to have a working deployment, an thus networking gets slightly easier.
  • You can also give a try to "DevStack", it is a straightforward approach to have a working environment quickly. Bear in mind that if you go into this direction you'll need to play around with the configuration since by default it will deploy nova networks instead of Neutron.
edit flag offensive delete link more

Comments

1

Thanks, I will try again. I have been trying both DevStack and RDO, everything works except for the networking part. My test servers has dual-NIC, so I would like to use the second nic as the "public" network that provides connectivity to the outside world.

Johan Landerholm gravatar imageJohan Landerholm ( 2016-06-13 06:48:58 -0600 )edit

@Johan Landerholm,
You are supposed to understand that default AIO RDO Mitaka Setup requires updates for :

1.l3_agent.ini
2.ml2_conf.ini
3.openvswitch_agent.ini
dbaxps gravatar imagedbaxps ( 2016-06-13 09:22:00 -0600 )edit

Afterwords accordantly to updates done ( say eth1 is supposed to support external flat network) following actions are required:-

1.openstack-service restart neutron ( actually only ovs agent has to be restarted)
2.Correct syntax for invoking external flat network  provider
dbaxps gravatar imagedbaxps ( 2016-06-13 09:27:13 -0600 )edit
1

Next

  #  ovs-vsctl add-br br-eth1
  #  ovs-vsctl add-port br-eth1 eth1
 Update ( or create ) properly ifcfg-br-eth1 && ifcfg-eth1
  #  service network restart
dbaxps gravatar imagedbaxps ( 2016-06-13 09:30:55 -0600 )edit

What is the status of this? Have you managed to make it work? If so, what were the problems and the solution? If not, what problems/logs are you facing? eg. what does the following command output? $ neutron agent-list

mperezmartin gravatar imagemperezmartin ( 2016-06-17 08:05:48 -0600 )edit
0

answered 2016-07-18 19:53:57 -0600

updated 2016-07-19 10:18:09 -0600

I have a working two physical node (Controller/Network, Compute) CentOS 7 OpenStack Mitaka with OVS installation using only one physical interface on each node with addresses on my LAN. This configuration is great for POC as it only uses a single network interface (combined management, external network, and tunnels), and perhaps easier to implement than the configuration proposed in the documentation. I can create both public and tenant network based instances with access to the internet through my local LAN, with and without floating IP. The configuration supports flat networking and VXLAN tunneling. Although not relevant to your question, the configuration also runs Block Storage services, Object Store services, and orchestration services on the Controller/Network node. (Everything needed to study for OpenStack Certified Administrator exam)
The key is creating br-ex and proper configuration of that bridge and the physical network interface prior to beginning the installation. (see the third comment by @dbaxps)
Also set net.ipv4.ip_forward=1 in your sysctl configuration on the network node.

edit flag offensive delete link more

Comments

1

This is probably what has been wrong the whole time. I suspected the networking bridge should be setup before doing the mitaka install, but this can't be found in the documentation. I will try to get some more time to try again.

Johan Landerholm gravatar imageJohan Landerholm ( 2016-07-19 01:08:47 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-06-12 16:20:08 -0600

Seen: 1,521 times

Last updated: Jul 19 '16