[openstack-dev] [Neutron] Problem plugging I/F into Neutron...
Paul Michali (pcm)
pcm at cisco.com
Mon Mar 31 11:31:19 UTC 2014
Yeah I had noticed that change too… I’m guessing that, if I want to try to use the Nova call, that I’d want to set both the hybrid plug and port filter flags to false?
For my devstack setup, I have Neutron security groups disabled (Q_USE_SECGROUP=False), and I setup Nova to allow ICMP and SSH.
Regards,
PCM (Paul Michali)
MAIL …..…. pcm at cisco.com<mailto:pcm at cisco.com>
IRC ……..… pcm_ (irc.freenode.com<http://irc.freenode.com>)
TW ………... @pmichali
GPG Key … 4525ECC253E31A83
Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
On Mar 30, 2014, at 5:01 AM, Irena Berezovsky <irenab at mellanox.com<mailto:irenab at mellanox.com>> wrote:
Hi Paul,
Please be aware that there was also change in nova to support ovs_hybrid_plug:
https://review.openstack.org/#/c/83190/
I am not sure, but maybe worth to check nova code and nova.conf you are using to be aligned with neutron code.
Hope it helps,
Irena
From: Paul Michali (pcm) [mailto:pcm at cisco.com]
Sent: Saturday, March 29, 2014 1:17 AM
To: openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>
Subject: [openstack-dev] [Neutron] Problem plugging I/F into Neutron...
Hi,
I have a VM that I start up outside of OpenStack (as a short term solution, until we get it working inside a Nova VM), using KVM. It has scrips associated with the three interfaces that are created, to hook this VM into Neutron. One I/F is on br-ex (connected to the “public" network for DevStack), another to br-int (connected to a management network that is created), and a third is connected to br-int (connected to the “private” network for DevStack). It’s understood these are hacks to get things going and can be brittle. With DevStack, I have a vanilla localrc, so using ML2, without any ML2 settings specified.
Now, the first two scripts use internal Neutron client calls to create the port, and then plug the VIF. The third, uses Neutron to create the port, and then Nova to plug the VIF. I don’t know why - I inherited the scripts.
On one system, where Nova is based on commit b3e2e05 (10 days ago), this all works just peachy. Interfaces are hooked in and I can ping to my hearts content. On another system, that I just reimaged today, using the latest and greatest OpenStack projects, the third script fails.
I talked to Nova folks, and the vic is now an object, instead of a plain dict, and therefore calls on the object fail (as the script just provides a dict). I started trying to convert the vif to an object, but in discussing with a co-worker, we thought that we could too use Neutron calls for all of the setup of this third interface.
Well, I tried, and the port is created, but unlike the other system, the port is DOWN, and I cannot ping to or from it (the other ports still work fine, with this newer OpenStack repo). One difference is that the port is showing {"port_filter": true, "ovs_hybrid_plug": true} for binding:vif_details, in the neutron port-show output. On the older system this is empty (so must be new changes in Neutron?)
Here is the Neutron based code (trimmed) to do the create and plugging:
import neutron.agent.linux.interface as vif_driver
from neutronclient.neutron import client as qclient
qc = qclient.Client('2.0', auth_url=KEYSTONE_URL, username=user, tenant_name=tenant, password=pw)
prefix, net_name = interface.split('__')
port_name = net_name + '_p'
try:
nw_id = qc.list_networks(name=net_name)['networks'][0]['id']
except qcexp.NeutronClientException as e:
…
p_spec = {'port': {'admin_state_up': True,
'name': port_name,
'network_id': nw_id,
'mac_address': mac_addr,
'binding:host_id': hostname,
'device_id': vm_uuid,
'device_owner': 'compute:None'}}
try:
port = qc.create_port(p_spec)
except qcexp.NeutronClientException as e:
...
port_id = port['port']['id']
br_name = 'br-int'
conf = cfg.CONF
config.register_root_helper(conf)
conf.register_opts(vif_driver.OPTS)
driver = vif_driver.OVSInterfaceDriver(cfg.CONF)
driver.plug(nw_id, port_id, interface, mac_addr, br_name)
Finally, here are the questions (hope you stuck with the long message)…
Any idea why the neutron version is not working? I know there were a bunch of recent changes.
Is there a way for me to turn off the ova_hybrid_plug and port_filter flags? Should I?
Should I go back to using Nova and build a VIF object?
If so, any reason why the Neutron version would not work?
Is there a way to do a similar thing, but via using Northbound APIs (so it isn’t as brittle)?
Thanks in advance!
PCM (Paul Michali)
MAIL …..…. pcm at cisco.com<mailto:pcm at cisco.com>
IRC ……..… pcm_ (irc.freenode.com<http://irc.freenode.com/>)
TW ………... @pmichali
GPG Key … 4525ECC253E31A83
Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org<mailto:OpenStack-dev at lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140331/3c424478/attachment.html>
More information about the OpenStack-dev
mailing list