[openstack-dev] [Neutron] [DVR] easyOVS -- Smart tool to use/debug Neutron/DVR
Baohua Yang
yangbaohua at gmail.com
Fri Aug 28 10:05:24 UTC 2015
Hi , all
When using neutron (especially with DVR), I find it difficult to debug
problems with lots of ovs rules, complicated iptables rules, network
namespaces, routing tables, ...
So I create <https://github.com/yeasy/easyOVS>
<https://github.com/yeasy/easyOVS>easyOVS <https://github.com/yeasy/easyOVS>,
in summary, it can
- Format the output and use color to make it clear and easy to compare.
- Associate the OpenStack information (e.g., vm ip) on the virtual port
or rule
- Query openvswitch,iptables,namespace information in smart way.
- Check if the DVR configuration is correct.
- Smart command completion, try tab everywhere.
- Support runing local system commands.
In latest 0.5 version, it supports checking your dvr configuration and
running states, e.g., on a compute node, I run 'dvr check' command, then it
will automatically check the configuration files, bridges, ports, network
spaces, iptables rules,... like
No type given, guessing...compute node
=== Checking DVR on compute node ===
>>> Checking config files...
# Checking file = /etc/sysctl.conf...
# Checking file = /etc/neutron/neutron.conf...
# Checking file = /etc/neutron/plugins/ml2/ml2_conf.ini...
file /etc/neutron/plugins/ml2/ml2_conf.ini Not has [agent]
file /etc/neutron/plugins/ml2/ml2_conf.ini Not has l2_population = True
file /etc/neutron/plugins/ml2/ml2_conf.ini Not has
enable_distributed_routing = True
file /etc/neutron/plugins/ml2/ml2_conf.ini Not has arp_responder = True
# Checking file = /etc/neutron/l3_agent.ini...
<<< Checking config files has warnings
>>> Checking bridges...
# Existing bridges are br-tun, br-int, br-eno1, br-ex
# Vlan bridge is at br-tun, br-int, br-eno1, br-ex
<<< Checking bridges passed
>>> Checking vports ...
## Checking router port = qr-b0142af2-12
### Checking rfp port rfp-f046c591-7
Found associated floating ips : 172.29.161.127/32, 172.29.161.126/32
### Checking associated fpr port fpr-f046c591-7
### Check related fip_ns=fip-9e1c850d-e424-4379-8ebd-278ae995d5c3
Bridging in the same subnet
fg port is attached to br-ex
floating ip 172.29.161.127 match fg subnet
floating ip 172.29.161.126 match fg subnet
Checking chain rule number: neutron-postrouting-bottom...Passed
Checking chain rule number: OUTPUT...Passed
Checking chain rule number: neutron-l3-agent-snat...Passed
Checking chain rules: neutron-postrouting-bottom...Passed
Checking chain rules: PREROUTING...Passed
Checking chain rules: OUTPUT...Passed
Checking chain rules: POSTROUTING...Passed
Checking chain rules: POSTROUTING...Passed
Checking chain rules: neutron-l3-agent-POSTROUTING...Passed
Checking chain rules: neutron-l3-agent-PREROUTING...Passed
Checking chain rules: neutron-l3-agent-OUTPUT...Passed
DNAT for incoming: 172.29.161.127 --> 10.0.0.3 passed
Checking chain rules: neutron-l3-agent-float-snat...Passed
SNAT for outgoing: 10.0.0.3 --> 172.29.161.127 passed
Checking chain rules: neutron-l3-agent-OUTPUT...Passed
DNAT for incoming: 172.29.161.126 --> 10.0.0.216 passed
Checking chain rules: neutron-l3-agent-float-snat...Passed
SNAT for outgoing: 10.0.0.216 --> 172.29.161.126 passed
## Checking router port = qr-8c41bfc7-56
Checking passed already
<<< Checking vports passed
Welcome for any feedback, and welcome for any contribution!
I am trying to put this project into stackforge to let more people can use
and improve it, any thoughts if it is suitable?
https://review.openstack.org/#/c/212396/
Thanks for any help or suggestion!
--
Best wishes!
Baohua
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150828/342dcd3e/attachment.html>
More information about the OpenStack-dev
mailing list