[openstack-ansible] Dedicated gateway hosts not working with OVN
Dmitriy Rabotyagov
noonedeadpunk at gmail.com
Thu Sep 7 17:45:59 UTC 2023
I'm not a huge expert in OVN, but I believe this specific part works in
pretty much the same way for OVS and LXB.
We have exactly same usecase as you do, but with OVS for now. And the only
way to get external connectivity is to create neutron router, which will be
used as a gateway to public networks. And router should be created on OVN
gateway nodes from what I know. So your VMs always have only geneve
network, that is passed inside the router, and then router connected to
external network on gateway nodes.
Floating IP is kind of 1-to-1 NAT on the router, which allows to access
your VM through external network (and router).
Attaching public network to the VM directly in your scenario should not be
possible by design.
Feel free to join us on #openstack-ansible channel on OFTC IRC network and
we will be glad to answer your questions.
On Thu, Sep 7, 2023, 19:30 Roger Rivera <roger.riverac at gmail.com> wrote:
> Hello Dimitry,
>
> Thanks again for your help. Unfortunately, we've tried everything that's
> been suggested to no avail. And it seems plausible that external
> connectivity will not be achieved on the compute nodes if there are no
> bridges mapped to the external network on those hosts. Keep in mind these
> compute hosts do not have the ens2 physical interface to bind the ext-br or
> br-flat bridges to.
>
> Having said that, we would have loved to see a complete OVN scenario
> reference configuration with dedicated networking/gateway nodes.
>
> The documentation we have reviewed assumes compute nodes as gateways and
> that bridges can be set up on compute nodes, which is not our case. We are
> relying 100% on a single L3 interface on compute nodes with GENEVE as a
> tunneling protocol. And it is because of GENEVE that private east/west
> traffic works without a problem.
>
> Only networking nodes have that second ens2 network interface that
> physically connects to the external network, hence the need to make those
> chassis as gateway nodes.
>
> Again, our setup has the following configuration:
>
> -Compute nodes with x1 L3 NIC and IP.
> -Network/gateway nodes with x1 L3 NIC and x1 L2 NIC with connection to
> external network.
>
>
> Thank you.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20230907/bd3ca4c1/attachment-0001.htm>
More information about the openstack-discuss
mailing list