Ask Your Question

penghon's profile - activity

2017-03-06 12:10:00 -0500 received badge  Teacher (source)
2015-11-21 14:07:51 -0500 received badge  Famous Question (source)
2015-11-03 04:57:15 -0500 received badge  Notable Question (source)
2015-11-01 23:33:47 -0500 answered a question Has anyone gotten multiple external gateways to work for flat/vlan networks and openvswitch?

I found out that the problem is with my understanding. Assumption: Multiple gateways (routers created via openstack) can be used for a single instance that has more than one interface tagged to a separate external gateway.

What I found out: You no longer can configure openstack routers if you use multiple external vlan. The keypoint which I missed out from http://blog.oddbit.com/2014/05/28/multiple-external-networks-wit/ (http://blog.oddbit.com/2014/05/28/mul...) is "This assumes that eth1 is connected to a network using 10.1.0.0/24 and eth2 is connected to a network using 10.2.0.0/24, and that each network has a gateway sitting at the corresponding .1 address."

From my setup:

    [root@diminishingreturns (keystone_user1)]# ovs-vsctl show
    59ed8124-67f7-4da5-b4ec-177c12f4dcc5
        Bridge "br-ex2"
            Port "eth2"
                Interface "eth2"
            Port "phy-br-ex2"
                Interface "phy-br-ex2"
                    type: patch
                    options: {peer="int-br-ex2"}
            Port "br-ex2"
                Interface "br-ex2"
                    type: internal
        Bridge br-int
            fail_mode: secure
            Port "int-br-ex2"
                Interface "int-br-ex2"
                    type: patch
                    options: {peer="phy-br-ex2"}
            Port "qvo37461431-48"
                tag: 1
                Interface "qvo37461431-48"
            Port "qvoec757be8-b1"
                tag: 1
                Interface "qvoec757be8-b1"
            Port br-int
                Interface br-int
                    type: internal
            Port int-br-ex
                Interface int-br-ex
                    type: patch
                    options: {peer=phy-br-ex}
            Port "qvob5290ebb-d3"
                tag: 3
                Interface "qvob5290ebb-d3"
        Bridge br-ex
            Port br-ex
                Interface br-ex
                    type: internal
            Port phy-br-ex
                Interface phy-br-ex
                    type: patch
                    options: {peer=int-br-ex}
            Port "eth1"
                Interface "eth1"
        ovs_version: "2.3.1"

[root@diminishingreturns cinder(keystone_user1)]# ovs-ofctl show br-int
OFPT_FEATURES_REPLY (xid=0x2): dpid:00001e68565d0d43
n_tables:254, n_buffers:256
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: OUTPUT SET_VLAN_VID SET_VLAN_PCP STRIP_VLAN SET_DL_SRC SET_DL_DST SET_NW_SRC SET_NW_DST SET_NW_TOS SET_TP_SRC SET_TP_DST ENQUEUE
 16(int-br-ex2): addr:86:e4:99:88:e3:8e
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 17(int-br-ex): addr:22:81:34:97:cb:b7
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 18(qvo37461431-48): addr:4a:a6:6a:ac:b3:e3
     config:     0
     state:      0
     current:    10GB-FD COPPER
     speed: 10000 Mbps now, 0 Mbps max
 20(qvoec757be8-b1): addr:fa:1a:ea:be:92:6a
     config:     0
     state:      0
     current:    10GB-FD COPPER
     speed: 10000 Mbps now, 0 Mbps max
 21(qvob5290ebb-d3): addr:6e:b1:53:4d:16:1f
     config:     0
     state:      0
     current:    10GB-FD COPPER
     speed: 10000 Mbps now, 0 Mbps max
 LOCAL(br-int): addr:1e:68:56:5d:0d:43
     config:     PORT_DOWN
     state:      LINK_DOWN
     speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0
[root@diminishingreturns cinder(keystone_user1)]# ovs-ofctl dump-flows br-int
NXST_FLOW reply (xid=0x4):
  cookie=0x0, duration=12124.902s, table=0, n_packets=409, n_bytes=39452, idle_age=1, priority=1 actions=NORMAL
  cookie=0x0, duration=12124.320s, table=0, n_packets=9, n_bytes=576, idle_age=1596, priority=2,in_port=16 actions=drop
  cookie=0x0, duration=12123.718s, table=0, n_packets=9, n_bytes=576, idle_age=1596, priority=2,in_port=17 actions=drop
  cookie=0x0, duration=801.740s, table=0, n_packets=334, n_bytes=31700, idle_age=1, priority=3,in_port=16,vlan_tci=0x0000 actions=mod_vlan_vid:3,NORMAL
  cookie=0x0, duration=1492.361s, table=0, n_packets=27, n_bytes=2212, idle_age=312, priority=3,in_port=17,vlan_tci=0x0000 actions=mod_vlan_vid ...
(more)
2015-10-20 08:01:05 -0500 received badge  Popular Question (source)
2015-10-04 22:00:45 -0500 answered a question Cause for strange network config?

From my own testing only the qg-yyyy interface will only be associated with the external network openvswitch br-external (or whatever you call it) when you have the following configured: external_network_bridge = br-ex

This lead me to have issues creating multiple external gateways.

I have also used packstack to create the config in both kilo and Juno. Same result.

2015-10-04 21:49:53 -0500 answered a question Problems configuring multiple external networks with Neutron?

I assume that you are using openvswitch? What is the output of your ovs-vsctl show?

2015-10-04 00:13:05 -0500 asked a question Has anyone gotten multiple external gateways to work for flat/vlan networks and openvswitch?

Based on http://blog.oddbit.com/2014/05/28/multiple-external-networks-wit/ (http://blog.oddbit.com/2014/05/28/mul...) it would appear that you can achieve something like the following:

            +                              
            |  +---------+   +---------------------+
            +--+ router1 +---+  external1/gateway1 |
+---------+ |  +---------+   +---------------------+
| private +-+                              
+---------+ |                              
            |  +---------+   +---------------------+
            +--+ router2 +---+ external2/gateway2  |
            |  +---------+   +---------------------+

+

I have not been able to get the above to work and would like to ask if anyone has ever gotten such a configuration to work in their Juno/Kilo opentstack deployment.

[root@clarion ~(keystone_admin)]# ovs-vsctl show
a74b8d71-bdec-475d-9462-0ba733383bfc
    Bridge br-ex
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
        Port "eth1"
            Interface "eth1"
    Bridge br-int
        fail_mode: secure
        Port br-int
            Interface br-int
                type: internal
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port "qg-88797849-5f "
            tag: 1
            Interface "qg-88797849-5f "
                type: internal
        Port "int-br-ex2"
            Interface "int-br-ex2"
                type: patch
                options: {peer="phy-br-ex2"}
    Bridge "br-ex2"
        Port "br-ex2"
            Interface "br-ex2"
                type: internal
        Port "phy-br-ex2"
            Interface "phy-br-ex2"
                type: patch
                options: {peer="int-br-ex2"}
        Port "eth2"
            Interface "eth2"
    ovs_version: "2.3.1"

[root@clarion ~]# grep -iRE "br-ex|physnet|external_network_bridge|gateway_external_network_id" /etc/neutron/* | grep -v "#"
/etc/neutron/l3_agent.ini:gateway_external_network_id =
/etc/neutron/l3_agent.ini:external_network_bridge =
/etc/neutron/plugin.ini:network_vlan_ranges =physnet1:1:100,physnet2:101:200
/etc/neutron/plugins/ml2/ml2_conf.ini:network_vlan_ranges =physnet1:1:100,physnet2:101:200
/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:bridge_mappings =physnet1:br-ex,physnet2:br-ex2

The odd behaviour seen is that the qg interface of the router is attached to br-int as shown in the above ovs-vsctl show command.

I have tested on Juno and kilo, wiped out the config and reconfig, create/recreate network/router/subnet via GUI and CLI and nothing works.

Any advice/guidance would be greatly appreciated.

2015-10-03 23:54:29 -0500 answered a question Multiple external subnets

http://blog.oddbit.com/2014/05/28/multiple-external-networks-wit/ (http://blog.oddbit.com/2014/05/28/mul...) suppose to allow you to do what you want but I have no luck in getting it working.

2015-09-25 23:11:12 -0500 answered a question unable to create gateway for tenant router

run ovs-vsctl show, make sure that the qg interface is attached to the right ovs bridge. If you don't see that, your external path is not going out the right way or you have not set a router to point to the right gateway. Make sure the following from /etc/neutron/l3_agent.ini is configured correctly:

external_network_bridge = br-ex

2015-07-27 01:56:06 -0500 received badge  Famous Question (source)
2015-07-27 01:56:06 -0500 received badge  Notable Question (source)
2015-07-27 01:56:06 -0500 received badge  Popular Question (source)
2015-07-17 12:04:25 -0500 received badge  Editor (source)
2015-07-17 11:59:00 -0500 answered a question ceilometer meter-list “The service catalog is empty."

looks like a known issue for kilo? Keystone v3 authentication is failing for the ceilometer shell with ceilometerclient 1.0.13

Also try the following which came from another previous answered question which works for me too: unset OS_USER_DOMAIN_ID; unset OS_PROJECT_DOMAIN_ID;

2015-07-16 07:19:08 -0500 received badge  Enthusiast
2015-07-05 09:50:18 -0500 asked a question glance API v2 option --human-readable unrecognized argument

http://docs.openstack.org/cli-reference/content/glanceclient_commands.html (http://docs.openstack.org/cli-referen...) stated the following: usage: glance --os-image-api-version 2 image-show [--human-readable] [--max-column-width ]

Running the above on kilo/CENTOS7 with --human-readable option results in the following error: [root@cloud] glance --os-image-api-version 2 image-show --human-readable $id glance: error: unrecognized arguments: --human-readable

Removing the above option shows the image details.

Does any one know if the option ever works?