[Openstack-operators] Manual router setup
Christopher Hull
chrishull42 at gmail.com
Wed Mar 23 22:05:41 UTC 2016
Hi Keven / all;
Re: Getting a Neutron Router to work. (set external_network_bridge =
blank). Apologies if this got sent twice.
Nope, not quite there yet re getting the damn router to work (week 3 on
this issue).
The Liberty install instructions indeed say to set...
external_network_bridge =
I'm so desperate that I thought the blank space after the = might be the
issue. No. Then I noticed these instructions in l3_agent.ini itself.
-----
# When external_network_bridge is set, each L3 agent can be associated
# with no more than one external network. This value should be set to the
UUID
# of that external network. To allow L3 agent support multiple external
# networks, both the external_network_bridge and gateway_external_network_id
# must be left empty.
# gateway_external_network_id =
----
1: Should gateway_external_network_id = be unoommented?
2: Should I reupdate the database after these changes?
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf
\
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
3: Should external_network_bridge in fact be set to the UUID of the public
network?
4. All instances Ports work just fine on public and private network. WHAT
is the difference between a Neutron router northbound port and an instance
port on the public net.
Services restarted after config change (just removed space after = actually
just in case sloppy Python coding was involved here). In fact, I rebooted
the box just to be sure.
Making my own instance based router is looking better and better all the
time. If Neutron Routers really work, maybe UFO's exist too. :-) j/k
Seriously. Thank you for your help. Hope to help the community soon
too myself. Trying to get my Gerrit account up and running but the
OpenStack.org site won't allow me to sign the Contrib agreement with out
getting a server error.
==== Config Details ======
Issue Neutron Router Northbound Port won't Ping, is Down
[root at maersk src]# ./pluto.py show -p /etc neutron rootwrap.conf
ml2_conf.ini l3_agent.ini linuxbridge_agent.ini dhcp_agent.ini
+-----------------------+------------------------------------+-------------------------------------------------+
| neutron: Section | Key |
Value |
+-----------------------+------------------------------------+-------------------------------------------------+
| DEFAULT | verbose |
True |
| DEFAULT | nova_url |
http://controller:8774/v2 |
| DEFAULT | notify_nova_on_port_data_changes |
True |
| DEFAULT | notify_nova_on_port_status_changes |
True |
| DEFAULT | auth_strategy |
keystone |
| DEFAULT | rpc_backend |
rabbit |
| DEFAULT | allow_overlapping_ips |
True |
| DEFAULT | service_plugins |
router |
| DEFAULT | core_plugin |
ml2 |
| keystone_authtoken | password |
mk4968small23buggidntpass |
| keystone_authtoken | username |
neutron |
| keystone_authtoken | project_name |
service |
| keystone_authtoken | user_domain_id |
default |
| keystone_authtoken | project_domain_id |
default |
| keystone_authtoken | auth_plugin |
password |
| keystone_authtoken | auth_url |
http://controller:35357 |
| keystone_authtoken | auth_uri |
http://controller:5000 |
| database | connection |
mysql://neutron:sleestack191@controller/neutron |
| nova | password |
mk4968small23buggidntpass |
| nova | username |
nova |
| nova | project_name |
service |
| nova | region_name |
RegionOne |
| nova | user_domain_id |
default |
| nova | project_domain_id |
default |
| nova | auth_plugin |
password |
| nova | auth_url |
http://controller:35357 |
| oslo_concurrency | lock_path |
/var/lib/neutron/tmp |
| oslo_messaging_rabbit | rabbit_password |
open.g00dke232 |
| oslo_messaging_rabbit | rabbit_userid |
openstack |
| oslo_messaging_rabbit | rabbit_host |
controller |
+-----------------------+------------------------------------+-------------------------------------------------+
+-------------------+---------------------+--------------------------------------------------------------+
| rootwrap: Section | Key |
Value |
+-------------------+---------------------+--------------------------------------------------------------+
| DEFAULT | filters_path |
/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap |
| DEFAULT | exec_dirs |
/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin |
| DEFAULT | use_syslog |
False |
| DEFAULT | syslog_log_facility |
syslog |
| DEFAULT | syslog_log_level |
ERROR |
+-------------------+---------------------+--------------------------------------------------------------+
+-------------------+----------------------+--------------------------+
| ml2_conf: Section | Key | Value |
+-------------------+----------------------+--------------------------+
| ml2 | extension_drivers | port_security |
| ml2 | mechanism_drivers | linuxbridge,l2population |
| ml2 | tenant_network_types | vxlan |
| ml2 | type_drivers | flat,vlan,vxlan |
| ml2_type_flat | flat_networks | public |
| ml2_type_vxlan | vni_ranges | 1:1000 |
| securitygroup | enable_ipset | True |
+-------------------+----------------------+--------------------------+
+-------------------+--------------------------+-----------------------------------------------------+
| l3_agent: Section | Key |
Value |
+-------------------+--------------------------+-----------------------------------------------------+
| DEFAULT | external_network_bridge
| |
| DEFAULT | verbose |
True |
| DEFAULT | interface_driver |
neutron.agent.linux.interface.BridgeInterfaceDriver |
+-------------------+--------------------------+-----------------------------------------------------+
+----------------------------+-----------------------------+--------------------------------------------------------------+
| linuxbridge_agent: Section | Key |
Value |
+----------------------------+-----------------------------+--------------------------------------------------------------+
| linux_bridge | physical_interface_mappings |
public:enp3s0 |
| vxlan | l2_population |
True |
| vxlan | local_ip |
172.22.10.99 |
| vxlan | enable_vxlan |
True |
| agent | prevent_arp_spoofing |
True |
| securitygroup | firewall_driver |
neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
| securitygroup | enable_security_group |
True |
+----------------------------+-----------------------------+--------------------------------------------------------------+
+---------------------+--------------------------+-----------------------------------------------------+
| dhcp_agent: Section | Key |
Value |
+---------------------+--------------------------+-----------------------------------------------------+
| DEFAULT | dnsmasq_config_file |
/etc/neutron/dnsmasq-neutron.conf |
| DEFAULT | verbose |
True |
| DEFAULT | enable_isolated_metadata |
True |
| DEFAULT | dhcp_driver |
neutron.agent.linux.dhcp.Dnsmasq |
| DEFAULT | interface_driver |
neutron.agent.linux.interface.BridgeInterfaceDriver |
+---------------------+--------------------------+-----------------------------------------------------+
- Christopher T. Hull
I am presently seeking a new career opportunity Please see career page
http://chrishull.com/career
333 Orchard Ave, Sunnyvale CA. 94085
(415) 385 4865
chrishull42 at gmail.com
http://chrishull.com
On Wed, Mar 23, 2016 at 8:50 AM, <chrishull42 at gmail.com> wrote:
> Thanks. Will check that.
> When I create an instance in the public or private nets they ping. Why do
> router ports behave differently than instance ports? Only the Northbound
> router port is down and won't ping. Will check settings ASAP thanks
>
> Chris.
>
> Sent from my iPhone
>
> On Mar 23, 2016, at 7:52 AM, Kevin Benton <kevin at benton.pub> wrote:
>
> Ok. The same settings should apply to Linux bridge.
>
> Make sure you have external_network_bridge defined in your L3 agent as an
> empty value.
>
> Then your external network should be created with the provider type of
> 'flat' and the physical network corresponding to the one you have defined
> in your bridge mappings in the L2 agent that attaches to the bridge going
> to your external physical network.
> On Mar 23, 2016 7:25 AM, <chrishull42 at gmail.com> wrote:
>
>> Kevin;
>> Thank you Very much. I'll check. I did a manual Liberty install so I
>> may have done something wrong. I am using LinuxBridge (not OpenVSwitch) if
>> that helps. Will post results to list soon. Would like to be able to use
>> floating IPs, a more convenient form of ipTables basically.
>>
>> Chris.
>>
>> Sent from my iPhone
>>
>> On Mar 23, 2016, at 7:16 AM, Kevin Benton <kevin at benton.pub> wrote:
>>
>> Do you have external_network_bridge set to an empty value in the l3 agent
>> config? If not, the l3 agent will use a legacy mode of wiring up the port
>> and it's status field may not be ACTIVE.
>>
>> The routers are tested thousands of times in the gate every day, so they
>> work. It's just a matter of getting your configuration correct.
>>
>> Yes, you can use a VM to route as well.
>> On Mar 23, 2016 7:06 AM, <chrishull42 at gmail.com> wrote:
>>
>>> Hi all;
>>> It appears that Liberty Neutron routers do not work. The Northbound
>>> port is always Down.
>>>
>>> What I'd like to do is dedicate an instance (CentOS) to routing between
>>> the Public net and other nets. Has anyone done this. Setting up the
>>> router is trivial. But I'm a little worried about interaction with Neutron
>>> Ports. I need to assign fixed IPs so I can route from the Internet to a
>>> server instance.
>>>
>>> Ideas?
>>>
>>> Thanks
>>> - Chris.
>>>
>>> Sent from my iPhone
>>> _______________________________________________
>>> OpenStack-operators mailing list
>>> OpenStack-operators at lists.openstack.org
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160323/e7a0b854/attachment.html>
More information about the OpenStack-operators
mailing list