[Openstack-operators] Help with multiple external network in openstack
Geo Varghese
gvarghese at aqorn.com
Fri Jun 5 12:38:33 UTC 2015
Hi Miguel,
*I am adding my content of /etc/neutron/plugins/ml2/ml2_conf.ini of
controller*
[ml2]
type_drivers = gre,vlan
tenant_network_types = gre,vlan
mechanism_drivers = openvswitch
[ml2_type_flat]
flat_networks =
[ml2_type_vlan]
network_vlan_ranges = physnet1:803:803,physnet2:805:805
[ml2_type_gre]
tunnel_id_ranges = 1:1000
[ml2_type_vxlan]
vni_ranges =
vxlan_group =
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver =
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip = 192.168.100.74
tunnel_type = gre
enable_tunneling = True
bridge_mappings = physnet1:br-ex803,physnet2:br-ex805
*The content of /etc/neutron/l3_agent.ini of controller*
[DEFAULT]
debug = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
gateway_external_network_id =
handle_internal_only_routers = True
external_network_bridge =
metadata_port = 9697
send_arp_for_ha = 3
periodic_interval = 40
periodic_fuzzy_delay = 5
router_delete_namespaces = False
*Content of ovs-vsctl show after creating the bridges
*
root at Node25:/home/geo# ovs-vsctl show
cd31399c-bdb7-4b79-9d51-acbec1a41619
Bridge br-int
fail_mode: secure
Port int-br-ex
Interface int-br-ex
Port "qr-221f276d-81"
tag: 1
Interface "qr-221f276d-81"
type: internal
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "int-br-ex805"
Interface "int-br-ex805"
Port "int-br-ex803"
Interface "int-br-ex803"
Port "qg-d3568030-c3"
tag: 2
Interface "qg-d3568030-c3"
type: internal
Port "tapd7bacca2-15"
tag: 1
Interface "tapd7bacca2-15"
type: internal
Port br-int
Interface br-int
type: internal
Bridge "br-ex803"
Port "eth1.803"
Interface "eth1.803"
Port "phy-br-ex803"
Interface "phy-br-ex803"
Port "br-ex803"
Interface "br-ex803"
type: internal
Bridge br-tun
Port "gre-c0a864fe"
Interface "gre-c0a864fe"
type: gre
options: {in_key=flow, local_ip="192.168.100.74",
out_key=flow, remote_ip="192.168.100.254"}
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port br-tun
Interface br-tun
type: internal
Bridge "br-ex805"
Port "phy-br-ex805"
Interface "phy-br-ex805"
Port "br-ex805"
Interface "br-ex805"
type: internal
Port "eth1.805"
Interface "eth1.805"
ovs_version: "2.0.2"
*External network added by following commands*
External network 1 =>
neutron net-create ext-net1 --shared --router:external=True
--provider:physical_network physnet1 --provider:network_type vlan
--provider:segmentation_id 803
neutron subnet-create ext-net1 --name ext-subnet1 --allocation-pool
start=192.168.200.150,end=192.168.200.160 --disable-dhcp 192.168.200.0/24
External network 2 =>
neutron net-create ext-net2 --shared --router:external=True
--provider:physical_network physnet2 --provider:network_type vlan
--provider:segmentation_id 805
neutron subnet-create ext-net2 --name ext-subnet1 --allocation-pool
start=192.168.123.150,end=192.168.123.160 --disable-dhcp 192.168.123.0/24
Please update if you need any other details.
Thanks again for your time.
On Fri, Jun 5, 2015 at 5:05 PM, Geo Varghese <gvarghese at aqorn.com> wrote:
> Hi Miguel,
>
> Thanks for getting back to me.
>
> I have already restarted both machines - controller and compute
>
> Do i need to paste any commands or conf to debug it?
>
>
> On Fri, Jun 5, 2015 at 4:55 PM, Miguel A Diaz Corchero <
> miguelangel.diaz at externos.ciemat.es> wrote:
>
>> El 05/06/15 13:07, Geo Varghese escribió:
>>
>> I tried it but somethig missing still, ping to floating IP seems not
>> working
>>
>> please, try to restart the L3 agent linked with that floating IP and let
>> us know
>>
>>
>> do we have to add any changes to compute node for it?
>>
>> it shouldn't be necessary
>>
>> Miguel.
>>
>>
>>
>> On Fri, Jun 5, 2015 at 12:16 PM, Geo Varghese <gvarghese at aqorn.com>
>> wrote:
>>
>>> Miguel,
>>>
>>> Thanks thats a great link. Let me try it.
>>>
>>> On Fri, Jun 5, 2015 at 12:04 PM, Miguel A Diaz Corchero <
>>> miguelangel.diaz at externos.ciemat.es> wrote:
>>>
>>>> Following this link I configured it in my infrastructure. Maybe this
>>>> can also help you.
>>>>
>>>>
>>>> https://www.softwareab.net/wordpress/openstack-adding-external-networks-neutron-gre/
>>>>
>>>> Miguel.
>>>>
>>>> El 04/06/15 23:15, Geo Varghese escribió:
>>>>
>>>> Thanks a lot friend for explaining it. I am also using ubuntu.
>>>>
>>>> let me try it. I will update you with the results.
>>>>
>>>> On Fri, Jun 5, 2015 at 2:20 AM, Abrahams.Noah <Noah.Abrahams at igt.com>
>>>> wrote:
>>>>
>>>>> Hi Geo,
>>>>>
>>>>>
>>>>>
>>>>> First a disclaimer: I’m working on Ubuntu and Icehouse, so you might
>>>>> have different behavior, based on your distributions. Also, I don’t have
>>>>> all the specifics and flags you might need, but hopefully this can point
>>>>> you in the right direction. Also, also, the design below accounts for some
>>>>> VLAN segregation, and may be more complicated than what you need.
>>>>>
>>>>>
>>>>>
>>>>> Since you already have the eth devices created, and assuming your
>>>>> routing is correct: I would create a new bridge for each vlan with
>>>>> ovs-vsctl (say, br-ex803 and br-ex805). If you look at
>>>>> http://openvswitch.org/support/dist-docs/ovs-vsctl.8.txt you can find
>>>>> the syntax for add-br to create the bridge, then add-port to bind it to the
>>>>> eth device. You can also use ovs-vsctl to set the trunks property on the
>>>>> port, after it’s created, which you’ll need for the vlan tagging. Then,
>>>>> create a new physnet to match each one of those (physnet3, physnet4, etc)
>>>>> and include them in the bridge-mapping as “physnet3:br-ex803”, or something
>>>>> similar, and specify the VLANs as belonging to that particular physnet in
>>>>> the network_vlan_ranges parameter, like “…physnet3:803,physnet4:805”.
>>>>>
>>>>>
>>>>>
>>>>> After all that, you’ll need to update the neutron sql database so the
>>>>> entry in the network segments table will point to the correct physnet.
>>>>> Search it by the UUID of the network you’re creating, and update the
>>>>> physical_network property to match “physnet3” or whatever you create. Then
>>>>> you can create a subnet from that network, allocate from it, and it should
>>>>> work. You’ll also need to restart the openvswitch-agent and the L3-agent,
>>>>> probably before you create the subnet.
>>>>>
>>>>>
>>>>>
>>>>> *Noah Abrahams*
>>>>>
>>>>> Staff Engineer @ IGT | Central Platforms and Apps
>>>>>
>>>>>
>>>>>
>>>>> *From:* Geo Varghese [mailto:gvarghese at aqorn.com]
>>>>> *Sent:* Thursday, June 04, 2015 12:43 PM
>>>>> *To:* Abrahams.Noah
>>>>> *Cc:* openstack-operators at lists.openstack.org
>>>>> *Subject:* Re: [Openstack-operators] Help with multiple external
>>>>> network in openstack
>>>>>
>>>>>
>>>>>
>>>>> Hi Noah,
>>>>>
>>>>>
>>>>>
>>>>> Thanks a lot for valuable inputs.
>>>>>
>>>>>
>>>>>
>>>>> I am using vlan tags for 2 external network and it configured on eth1.
>>>>>
>>>>>
>>>>>
>>>>> The two interfaces for multiple external networks are eth1.803 and
>>>>> eth1.805
>>>>>
>>>>>
>>>>>
>>>>> Currently i didn't created br-ex bridge as it is multiple network.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> I have added vlan rages as =>
>>>>>
>>>>>
>>>>>
>>>>> network_vlan_ranges = physnet1:100:2999
>>>>>
>>>>>
>>>>>
>>>>> bridge_mappings as
>>>>>
>>>>>
>>>>>
>>>>> bridge_mappings =
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Can you please explain what are the configurations I have to do to
>>>>> implement it.
>>>>>
>>>>>
>>>>>
>>>>> Thanks for your time.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Jun 5, 2015 at 12:18 AM, Abrahams.Noah <Noah.Abrahams at igt.com>
>>>>> wrote:
>>>>>
>>>>> Geo,
>>>>>
>>>>>
>>>>>
>>>>> You also need to set the gateway_external_network_id variable to
>>>>> empty. If you don’t, the L3 agent is either using the gateway from the
>>>>> network with the specified UUID, or can’t figure out which one to use.
>>>>>
>>>>>
>>>>>
>>>>> Also, if the networks have VLAN tags that would be handled by the
>>>>> switch, you might need to create that network on an entirely separate
>>>>> bridge (for example: br-ex2) and bind it to your physical interface. After
>>>>> you do that, go through all the associations, such as adding the new
>>>>> physnet# in your bridge mappings and vlan ranges in your ml2_conf.ini.
>>>>>
>>>>>
>>>>>
>>>>> *Noah Abrahams*
>>>>>
>>>>> Staff Engineer @ IGT | Central Platforms and Apps
>>>>>
>>>>>
>>>>>
>>>>> *From:* Geo Varghese [mailto:gvarghese at aqorn.com]
>>>>> *Sent:* Thursday, June 04, 2015 6:26 AM
>>>>> *To:* openstack-operators at lists.openstack.org;
>>>>> openstack at lists.openstack.org
>>>>> *Subject:* [Openstack-operators] Help with multiple external network
>>>>> in openstack
>>>>>
>>>>>
>>>>>
>>>>> Hi Team,
>>>>>
>>>>> I need some help to setup multiple external network
>>>>>
>>>>>
>>>>> In normal single external network we create *br-ex* bridge and add
>>>>> it in
>>>>>
>>>>> /etc/neutron/l3_agent.ini
>>>>>
>>>>> As
>>>>>
>>>>> external_network_bridge = br-ex
>>>>>
>>>>> It is working for me.
>>>>>
>>>>> But in the case of multiple external network, this variable to be set
>>>>> to empty according to the docs. I did that but seems working.
>>>>>
>>>>> Any one please specify whta other changes i have to do to make it
>>>>> working.
>>>>>
>>>>> Thanks for your support guys.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> Regards,
>>>>>
>>>>> Geo Varghese
>>>>>
>>>>> CONFIDENTIALITY NOTICE: This message is the property of International
>>>>> Game Technology PLC and/or its subsidiaries and may contain proprietary,
>>>>> confidential or trade secret information. This message is intended solely
>>>>> for the use of the addressee. If you are not the intended recipient and
>>>>> have received this message in error, please delete this message from your
>>>>> system. Any unauthorized reading, distribution, copying, or other use of
>>>>> this message or its attachments is strictly prohibited.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> --
>>>>>
>>>>> Regards,
>>>>>
>>>>> Geo Varghese
>>>>> CONFIDENTIALITY NOTICE: This message is the property of
>>>>> International Game Technology PLC and/or its subsidiaries and may contain
>>>>> proprietary, confidential or trade secret information. This message is
>>>>> intended solely for the use of the addressee. If you are not the intended
>>>>> recipient and have received this message in error, please delete this
>>>>> message from your system. Any unauthorized reading, distribution, copying,
>>>>> or other use of this message or its attachments is strictly prohibited.
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> --
>>>> Regards,
>>>> Geo Varghese
>>>>
>>>>
>>>> _______________________________________________
>>>> OpenStack-operators mailing listOpenStack-operators at lists.openstack.orghttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> OpenStack-operators mailing list
>>>> OpenStack-operators at lists.openstack.org
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>>
>>>>
>>>
>>>
>>> --
>>> --
>>> Regards,
>>> Geo Varghese
>>>
>>
>>
>>
>> --
>> --
>> Regards,
>> Geo Varghese
>>
>>
>>
>
>
> --
> --
> Regards,
> Geo Varghese
>
--
--
Regards,
Geo Varghese
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150605/e5e80749/attachment.html>
More information about the OpenStack-operators
mailing list