Ask Your Question
0

How to setup vlan tenant network use ml2 and ovs?

asked 2016-07-01 05:33:35 -0600

kramer gravatar image

The pupose is to install mitaka openstack on 3 CentOS7 nodes. One controller two compute.The network type for tenant network should be vlan.The network type for provider network should be flat.Use openvswitch not linuxbridge.

I did not find any official docs on http://www.openstack.com. The only official install guide one centos is using linuxbridge and the tenant network is vxlan not vlan. So I google some information and try to do it myself.

Below are the configuration. It is not successful. I hope someone can tell me what is wrong here.

ml2 config on controller:

[ml2]
type_drivers = flat,vlan
tenant_network_types = vlan
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vlan]
network_vlan_ranges = vlan:100:200
[securitygroup]
enable_ipset = True

ovs agent config on controller

[agent]
drop_flows_on_start = false
[ovs]
integration_bridge = br-int
bridge_mappings = vlan:br-vlan,external:br-ex
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = True

ovs agent on compute node as below

[agent]
prevent_arp_spoofing = true
[ovs]
integration_bridge = br-int
bridge_mappings = vlan:br-vlan
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = True

The br-vlan , br-ex and br-int are all created manually. But when I restart ovs and ovs-agent. There will be error in ovs-agent log like below:

2016-07-01 04:38:01.651 4404 ERROR neutron.agent.ovsdb.impl_vsctl [req-4b5464f1-e759-406c-9e37-c916b61f9aeb - - - - -] Unable to execute ['ovs-vsctl', '--timeout=10', '--oneline', '--format=json', '--', '--columns=type', 'list', 'Interface', 'int-br-vlan']. Exception: Exit code: 1; Stdin: ; Stdout: ; Stderr: ovs-vsctl: no row "int-br-vlan" in table Interface

2016-07-01 04:38:01.659 4404 ERROR neutron.agent.ovsdb.impl_vsctl [req-4b5464f1-e759-406c-9e37-c916b61f9aeb - - - - -] Unable to execute ['ovs-vsctl', '--timeout=10', '--oneline', '--format=json', '--', '--columns=ofport', 'list', 'Interface', 'int-br-vlan']. Exception: Exit code: 1; Stdin: ; Stdout: ; Stderr: ovs-vsctl: no row "int-br-vlan" in table Interface

Also Some error like these

2016-07-01 05:05:04.253 4404 ERROR neutron.agent.linux.utils [req-4b5464f1-e759-406c-9e37-c916b61f9aeb - - - - -] Exit code: 1; Stdin: ; Stdout: ; Stderr: ovs-ofctl: br-int is not a bridge or a socket

If I ignore these error try to create vm on provider network. The VM will not be connected with br-int and there will be error in ovs-agent log like below:

2016-07-01 06:06:20.535 7560 INFO neutron.agent.common.ovs_lib [req-4563ddd8-9ef4-4e06-9736-b88f45de9ddd - - - - -] Port 5bf7712f-ad6f-456a-82f2-839e1a58a93c not present in bridge br-int
2016-07-01 06:06:20.536 7560 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-4563ddd8-9ef4-4e06-9736-b88f45de9ddd - - - - -] port_unbound(): net_uuid None not in local_vlan_map
2016-07-01 06:06:20.536 7560 INFO neutron.agent.securitygroups_rpc [req-4563ddd8-9ef4-4e06-9736-b88f45de9ddd - - - - -] Remove device filter for [u'5bf7712f-ad6f-456a-82f2-839e1a58a93c']
edit retag flag offensive close merge delete

Comments

L2POP for VLAN sounds a bit strange. Sample of answer-file from http://lxer.com/module/newswire/view/... has to be slightly updated for your task.

dbaxps gravatar imagedbaxps ( 2016-07-01 06:00:44 -0600 )edit

2 answers

Sort by ยป oldest newest most voted
0

answered 2016-07-01 07:17:21 -0600

jckreddy gravatar image
here in pasting my Working vlan config  (ml2_conf.ini) 


[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = vlan
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
network_vlan_ranges = default:1001:1020
[ml2_type_gre]
[ovs]
tenant_network_type = vlan
bridge_mappings = external:br-ex
tenant_network_type = vlan
[agent]
tenant_network_type = vlan
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
edit flag offensive delete link more

Comments

Add l3_agent.ini (controller), openvswitch_agent.ini (controller,compute) to your answer.

dbaxps gravatar imagedbaxps ( 2016-07-01 07:38:21 -0600 )edit

Thanks. What is the default (default:1001:1020) means here? Is it a network name ? Can I change it to other name? Also what is the external (external:br-ex)? Also a network name? Should we create the network before the config?

kramer gravatar imagekramer ( 2016-07-03 02:45:51 -0600 )edit

default may be changed. external:br-ex doesn't doesn't presume external flat provider.
You would better post files requested.

dbaxps gravatar imagedbaxps ( 2016-07-03 03:49:37 -0600 )edit

@dbaxps. Thanks very much. So you mean external can not be changed? It is like some build-in key words means a kind of network,right?

kramer gravatar imagekramer ( 2016-07-03 03:59:55 -0600 )edit

No . You are wrong , it is not a keyword. In particular, flat or vlan external network providers usually doesn't use it. If you wouldn't follow my requests , I will quit the thread as useless.

dbaxps gravatar imagedbaxps ( 2016-07-03 09:44:07 -0600 )edit
0

answered 2016-07-01 07:04:52 -0600

dbaxps gravatar image

Actually, sample for your deployment may be found here

http://bderzhavets.blogspot.com/2016/...
Answer-file requires update Storage=>Compute Node regarding your task.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-07-01 05:33:35 -0600

Seen: 2,853 times

Last updated: Jul 01 '16