Open Stack

Hello,

On my compute hosts I don't have any rules except those which neutron
agent is creating.

-- 
Best regards / Pozdrawiam
Sławek Kapłoński
slawek at kaplonski.pl

On Fri, 02 Oct 2015, Mike Lowe wrote:

> One thing that I always forget is iptables rules to allow the udp port 8472 vxlan packets in.
> 
> > On Oct 2, 2015, at 4:41 PM, Sławek Kapłoński <slawek at kaplonski.pl> wrote:
> > 
> > Hello,
> > 
> > I'm trying to configure small openstack infra (one network node, 2
> > compute nodes) with linux bridge and vxlan tenant networks. I don't know
> > what I'm doing wrong but my instances have no connection between
> > each other. On compute hosts I run neutron-plugin-linuxbrigde-agent
> > with config like:
> > 
> > ------------------
> > [ml2_type_vxlan]
> > # (ListOpt) Comma-separated list of <vni_min>:<vni_max> tuples
> > # enumerating
> > # ranges of VXLAN VNI IDs that are available for tenant network
> > # allocation.
> > #
> > vni_ranges = 10000:20000
> > 
> > # (StrOpt) Multicast group for the VXLAN interface. When configured,
> > # will
> > # enable sending all broadcast traffic to this multicast group. When
> > # left
> > # unconfigured, will disable multicast VXLAN mode.
> > #
> > # vxlan_group =
> > # Example: vxlan_group = 239.1.1.1
> > 
> > [securitygroup]
> > # Controls if neutron security group is enabled or not.
> > # It should be false when you use nova security group.
> > enable_security_group = True
> > 
> > # Use ipset to speed-up the iptables security groups. Enabling ipset
> > # support
> > # requires that ipset is installed on L2 agent node.
> > enable_ipset = True
> > 
> > firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
> > 
> > [ovs]
> > local_ip = 10.1.0.4
> > 
> > [agent]
> > tunnel_types = vxlan
> > 
> > [linuxbridge]
> > physical_interface_mappings = physnet1:eth1
> > 
> > [vxlan]
> > local_ip = 10.1.0.4
> > l2_population = True
> > enable_vxlan = True
> > -------------------
> > 
> > Eth1 is my "tunnel network" which should be used for tunnels. When I
> > spawn vms on compute 1 and 2 and after configuring network manually on
> > both vms (dhcp is not working also because of broken tunnels probably)
> > it not pings.
> > Even when I started two instances on same host and they are both
> > connected to one bridge:
> > 
> > -------------------
> > root at compute-2:/usr/lib/python2.7/dist-packages/neutron# brctl show
> > bridge name	bridge id		STP enabled	interfaces
> > brq8fe8a32f-e6		8000.ce544d0c0e5d	no		tap691a138a-6c
> > 							tapbc1e5179-53
> > 							vxlan-10052
> > virbr0		8000.5254007611ab	yes		virbr0-nic
> > -------------------
> > 
> > those 2 vms are not pinging each other :/
> > I don't have any expeirence with linux bridge in fact (For now I was always
> > using ovs). Maybe someone of You will know what I should check or what I should
> > configure wrong :/ Generally I was installing this openstack according to
> > official openstack documentation but in this docs there is info about ovs+gre
> > tunnels and that is what I changed. I'm using Ubuntu 14.04 and Openstack Kilo
> > installed from cloud archive repo.
> > 
> > -- 
> > Best regards / Pozdrawiam
> > Sławek Kapłoński
> > slawek at kaplonski.pl
> > 
> > _______________________________________________
> > OpenStack-operators mailing list
> > OpenStack-operators at lists.openstack.org
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>