[Openstack] ConnectQuantum to VLAN-tagged physical network

Angelo Olivera aolivera at gmail.com
Sun May 12 20:06:29 UTC 2013 

Salvatore, thanks for your reply. It took me a few tries but I finally
solved this issue by creating the vlan devices on the respective
interfaces, adding them to the corresponding bridges with ovs-vsctl
and configuring two external networks with quantum.

This would correspond to the "Multiple Flat Network" use case
described in the Grizzly Networking Administration Guide[1], although
the configuration is not explained. Quantum provides DHCP with default
routes 10.33.8.1 (vlan 108) and 10.33.9.1 (vlan 109). Namespaces are
used and there is one instance of the metadata proxy per each
namespace.

[1] http://docs.openstack.org/grizzly/openstack-network/admin/content/use_cases_multi_flat.html

/etc/network/interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 10.33.10.210
    netmask 255.255.255.0
    gateway 10.33.10.1

auto eth1
iface eth1 inet manual

auto eth1.108
iface eth1.108 inet manual
    vlan-raw-device eth1
    up /sbin/ifconfig eth1.108 up

auto eth1.109
iface eth1.109 inet manual
    vlan-raw-device eth1
    up /sbin/ifconfig eth1.109 up

/etc/quantum/quantum.conf
[DEFAULT]
lock_path = $state_path/lock
bind_host = 0.0.0.0
bind_port = 9696
core_plugin = quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2
api_paste_config = /etc/quantum/api-paste.ini
control_exchange = quantum
rabbit_host = 10.33.10.210
notification_driver = quantum.openstack.common.notifier.rpc_notifier
default_notification_level = INFO
notification_topics = notifications
[QUOTAS]
[DEFAULT_SERVICETYPE]
[AGENT]
root_helper = sudo quantum-rootwrap /etc/quantum/rootwrap.conf
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = quantum
admin_password = #######
signing_dir = /var/lib/quantum/keystone-signing

/etc/quantum/dhcp_agent.ini
[DEFAULT]
interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = quantum.agent.linux.dhcp.Dnsmasq
use_namespaces = True
enable_isolated_metadata = True

/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
[DATABASE]
sql_connection = mysql://quantum######@10.33.10.210/quantum?charset=utf8
reconnect_interval = 2
[OVS]
# even when using flat networking these two variables had to be
defined for the multiple physical networks to work
tenant_network_type = vlan
network_vlan_ranges = physdev:2048:4094,physqa:2048:4094
bridge_mappings = physdev:br-dev,physqa:br-qa
[AGENT]
polling_interval = 2
[SECURITYGROUP]
firewall_driver =
quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

# ovs-vsctl add-br br-int
# ovs-vsctl add-br br-dev
# ovs-vsctl add-port br-dev eth1.108
# ovs-vsctl add-br br-qa
# ovs-vsctl add-port br-qa eth1.109
# quantum net-create --shared dev --provider:network_type flat
--router:external=True --provider:physical_network physdev
# quantum net-create --shared qa --provider:network_type flat
--router:external=True --provider:physical_network physqa
# quantum subnet-create dev 10.33.8.0/24 --name dev-subnet
--allocation-pool start=10.33.8.10,end=10.33.8.254
# quantum subnet-create qa 10.33.9.0/24 --name qa-subnet
--allocation-pool start=10.33.9.10,end=10.33.9.254

(Question also posted on
https://answers.launchpad.net/quantum/+question/228437/)

Regards,

--
Angelo

On Thu, May 9, 2013 at 8:07 AM, Salvatore Orlando <sorlando at nicira.com> wrote:
> Your configuration looks correct, and provider networks are what you need
> for implementing this use case.
>
> Is the traffic for your subnets improperly tagged, or are you unable at all
> to forward traffic?
> If you're not using GRE overlays it might make sense verifying that VLAN
> 108/109 are allowed on physical switch ports or that the physical switch
> ports are in trunk mode.
>
>
> Regards,
> Salvatore
>
>
> On 8 May 2013 20:21, Ashok Kumaran <ashokkumaran.b at gmail.com> wrote:
>>
>> Hi Angelo,
>>
>> This should be possible. Make sure that eth1 is connected to the Vlan
>> trunk with necessary port configurations.
>>
>> Create 2 network with segmentation's ID as 108 and 109 respectively.
>> Create the respective subnets for both network and then proceed with further
>> configurations as needed. Are you facing any specific issues here?
>>
>> -Ashok
>>
>>
>> On Wed, May 8, 2013 at 9:57 PM, Angelo Olivera <aolivera at gmail.com> wrote:
>>>
>>> Hello,
>>>
>>> I am using Ubuntu 12.04 and OpenStack Grizzly from the Ubuntu Cloud
>>> archive. I am trying to get instances to get an IP address from dnsmasq in
>>> the 10.33.8.0/24 or 10.33.9.0/24 space and use physical routers at .1 as
>>> gateways. Furthermore, these two subnets should be tagged with VLANs 108 and
>>> 109, respectively.
>>>
>>> Is this doable? I have been trying different configurations with Open
>>> vSwitch to no avail. My network layout is as follows:
>>>
>>> Nodes
>>> =====
>>>
>>> Controller, network, compute node (32-core system)
>>> [eth0] 10.33.10.210. gateway: 10.33.10.1 (physical router)
>>> [eth1] connected to VLAN port on switch
>>>
>>> Compute nodes
>>> [eth0] 10.33.10.X
>>> [eth1] connected to VLAN port on switch
>>>
>>> Logical networks
>>> ============
>>>
>>> [net1]
>>> vlan:108
>>> cidr: 10.33.8.0/24
>>> gateway: 10.33.8.1 (physical router)
>>>
>>> [net2]
>>> vlan: 109
>>> cidr: 10.33.9.0/24
>>> gateway: 10.33.9.1 (physical router)
>>>
>>> One of the configurations I tested:
>>>
>>> /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
>>> network_vlan_ranges = default:1:4094
>>> bridge_mappings = default:br0
>>>
>>> ovs-vsctl add-br br-int
>>> ovs-vsctl add-br br0
>>> ovs-vsctl add-port br0 eth1
>>>
>>> quantum net-create --shared net1 --provider:network_type vlan
>>> --provider:physical_network default --provider:segmentation_id 108
>>> quantum subnet-create net1 10.33.8.0/24
>>> quantum subnet-create net2 10.33.9.0/24
>>>
>>> Thanks in advance!
>>>
>>> --
>>> Angelo
>>>
>>>
>>> _______________________________________________
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to     : openstack at lists.launchpad.net
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>
>>
>>
>> --
>> Regds,
>>
>> Ashok ,
>> Delivery Consultant,
>> HP.
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to     : openstack at lists.launchpad.net
>> Unsubscribe : https://launchpad.net/~openstack
>> More help   : https://help.launchpad.net/ListHelp
>>
>

More information about the Openstack mailing list