[Openstack] Tapping physical interfaces

Irena Berezovsky irenab at mellanox.com
Mon Oct 6 05:41:01 UTC 2014 

Hi Don,
Seems that there is a problem at neutron side, that ML2 refuses to bind the port.
Can you please share the error you get at neutron server?
I am not sure, but seems that  neutron ml2 configuration is not accurate.
With commands you share, I think you should change it as following:

[ovs]
bridge_mappings = physnet1:br-ex, br-eth1:br-eth1

The convention is <physical network label>: <bridge>

Hope it helps,
Irena

From: Don Waterloo [mailto:don.waterloo at gmail.com]
Sent: Monday, October 06, 2014 5:37 AM
To: openstack at lists.openstack.org
Subject: Re: [Openstack] Tapping physical interfaces

the vxlan part is definitely working, its the 'flat' part that i've just added which is not.

and, more specifically, its the ability to attach a nova instance to it. I'm not sure what i can do for screen shots, the error is the kind of generic:

 [req-d7df11f2-0a13-49e6-acf4-69fff926519f 6f5b7388bbce42f7a53a2af62fb43f06 4ef0f0caa0884594b3fd5d39efc892dc] [instance: fba1b229-5e5e-429d-8e4f-fa6fd7898d21] Error from last host: amazing.sandvine.rocks (node amazing.sandvine.rocks): [u'Traceback (most recent call last):\n', u'  File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1329, in _build_instance\n    set_access_ip=set_access_ip)\n', u'  File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 393, in decorated_function\n    return function(self, context, *args, **kwargs)\n', u'  File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1741, in _spawn\n    LOG.exception(_(\'Instance failed to spawn\'), instance=instance)\n', u'  File "/usr/lib/python2.7/dist-packages/nova/openstack/common/excutils.py", line 68, in __exit__\n    six.reraise(self.type_, self.value, self.tb)\n', u'  File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1738, in _spawn\n    block_device_info)\n', u'  File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py", line 2284, in spawn\n    write_to_disk=True)\n', u'  File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py", line 3478, in to_xml\n    disk_info, rescue, block_device_info)\n', u'  File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/driver.py", line 3292, in get_guest_config\n    flavor)\n', u'  File "/usr/lib/python2.7/dist-packages/nova/virt/libvirt/vif.py", line 384, in get_config\n    _("Unexpected vif_type=%s") % vif_type)\n', u'NovaException: Unexpected vif_type=binding_failed\n']

the 'unexpected vif_type' covers a wide variety of problems. I get this if i add boot with a port-id on the new flat network, or if i boot with the net-id of the new flat network.

On 5 October 2014 21:49, Don Waterloo <don.waterloo at gmail.com<mailto:don.waterloo at gmail.com>> wrote:
I have a system which is happily using vxlan type driver on icehouse
on ml2 / ovs.

I would now like to take on of the physical interfaces (eth1) and make
it available in a 'tap' to a specific instance. Imagine running
'snort' here.

So i added the 'type_driver' flat:
[ml2]
type_drivers = vxlan,flat,local
tenant_network_types = vxlan
mechanism_drivers = openvswitch

I added the bridge_mapping in ovs (this i'm not sure of given the
tunnel_type=vxlan?)
[ovs]
tenant_network_type = vxlan
tunnel_type = vxlan
tunnel_id_ranges = 1:1000
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip = 172.16.100.2
bridge_mappings = physnet1:br-ex,eth1:br-eth1,eth3:br-eth3
enable_tunneling=True

I ran
ovs-vsctl add-br br-eth1
ovs-vsctl add-port br-eth1 eth1

and I ran:
neutron net-create --shared --provider:network_type=flat
--provider:physical_network=br-eth1 eth1

so far so good.
But i cannot get an instance to bind to this network. I've tried
manually creating a port and using --nic port-id=, i've tried letting
it add it. But i get Unexpected vif_type=binding_failed no matter what
i do.

In nova.conf I have
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver

and i have port security disable fwiw.

Do someone have a recipe they want to share for this? Obviously this
works best on an 'all-in-one' which is what I have. Is someone else
out there having an instance directly bound to a physical port via a
bridge?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20141006/644f3568/attachment.html>

More information about the Openstack mailing list