[zun][kuryr][neutron] Missing vxlan ports in br-tun for Zun containers?

Jason Anderson jasonanderson at uchicago.edu
Thu Apr 8 17:00:19 UTC 2021


As usual, “rubber ducking” the openstack-discuss list yielded fruit. It turns out that I didn’t have the l2population mechanism driver enabled. I thought this was optional for some reason. It looks like enabling this and restarting the neutorn-openvswitch-agent has fixed connectivity!

/Jason

> On Apr 8, 2021, at 11:20 AM, Jason Anderson <jasonanderson at uchicago.edu> wrote:
> 
> Hello stackers,
> 
> I’m interested in using zun to launch containers and assign floating IPs via neutron to those containers. I am deploying zun, kuryr-libnetwork, and neutron with kolla-ansible on the Train release. I’ve configured neutron with one physical network and I’d like to use a VXLAN overlay for tenant networks.
> 
> What works:
> - I can launch containers on a neutron tenant network, they start successfully, they get an IP and can reach each other if they’re co-located on a single host.
> - I can create all my neutron networks, routers, subnets, without (obvious) errors.
> - I can update security groups on the container and see the iptables rules updated appropriately.
> - I can directly create Docker networks using the kuryr driver/type.
> 
> What doesn’t work:
> - I can’t see any vxlan ports on the br-tun OVS bridge
> - I can’t access the exposed container ports from the control/network node via the router netns
> - Because of that, I can’t assign floating IPs because NAT effectively won’t work to reach the containers
> 
> The fact that there are no ports on br-tun is supicious, but I’m not sure how this is supposed to work. I don’t see anything weird in neutron-openvswitch-agent logs but those logs are quite noisy and I’m not sure what to look for.
> 
> Has anybody deployed such a setup / are there limitations I should know about?
> 
> Thank you!
> 
> 
> Jason Anderson
> 
> DevOps Lead, Chameleon
> 
> ---
> 
> Department of Computer Science, University of Chicago
> Mathematics and Computer Science, Argonne National Laboratory
> jasonanderson at uchicago.edu
> 



More information about the openstack-discuss mailing list