[Openstack] Trove Project Bug
Amrith Kumar
amrith at tesora.com
Fri Nov 13 21:21:00 UTC 2015
Hi Khushbu,
A couple of things about this email, and the bug in question. First, thanks for your interest in Trove and your recent contributions to the project.
The bug in question (1324995) proposed a possible solution whereby incorrect status could be reported briefly during guest instance startup and as Tim writes in his bug report, there was a hack in place to prevent it from happening. He was proposing that rather than waiting a certain amount of time before querying state, that we should instead check the package list to see whether we ought to check database state or not.
As it turns out, very recently (like in the past 3 weeks) some changes have been merged (see: https://review.openstack.org/#/c/234461/ and https://review.openstack.org/#/c/231572/) which do away with the guesswork around the decisions about whether the guest is up or not. As such, I believe that the problems being described in the subject bug (https://bugs.launchpad.net/trove/+bug/1324995) are no longer an issue for Trove.
We are currently in the process of scrubbing the bugs in Launchpad and identifying the ones that are still bugs that need to be fixed and the ones that can be safely closed, or have been addressed in another way.
At a different level, we value contributions of code and of reviews and reviewing code submitted by others is a great way to get up to speed on the project. So please consider those as well. If you are open to working on some other bugs, I'm happy to point you to some that you may be able to work on.
Thanks,
-amrith
P.S. Would you submitting a new change set for https://review.openstack.org/#/c/236927/ that has been under review for some time now.
From: Khushbu Parakh [mailto:khushbuparakh at hotmail.com]
Sent: Friday, November 13, 2015 11:24 AM
To: openstack at lists.openstack.org
Subject: Re: [Openstack] Trove Project Bug
Hello everyone,
I need some help in understanding the working process and how further I can contribute in solving this bug
https://bugs.launchpad.net/trove/+bug/1324995 this is related to trove project.
thanks in advance,
Regards,
Khushbu Parakh
Arya College Of Engineering and IT
Linkedin: http://linkedin.com/in/khushbuparakh
about.me/khushbu.parakh
> From: openstack-request at lists.openstack.org<mailto:openstack-request at lists.openstack.org>
> Subject: Openstack Digest, Vol 29, Issue 12
> To: openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> Date: Thu, 12 Nov 2015 12:00:04 +0000
>
> Send Openstack mailing list submissions to
> openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> or, via email, send a message with subject or body 'help' to
> openstack-request at lists.openstack.org<mailto:openstack-request at lists.openstack.org>
>
> You can reach the person managing the list at
> openstack-owner at lists.openstack.org<mailto:openstack-owner at lists.openstack.org>
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Openstack digest..."
>
>
> Today's Topics:
>
> 1. Re: Keystone Fernet Token (Reza Bakhshayeshi)
> 2. Re: Openstack Kilo Vxlan tunnel single NIC setup (Amir Huski?)
> 3. Vxlan/gre port is not created in br-tun Kilo (Amir Huski?)
> 4. Re: Openstack Kilo Vxlan tunnel single NIC setup
> (Andreas Scheuring)
> 5. Re: Vxlan/gre port is not created in br-tun Kilo
> (Aleksei Stupnikov)
> 6. Re: Openstack Kilo Vxlan tunnel single NIC setup (Amir Huski?)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 11 Nov 2015 22:36:45 +0330
> From: Reza Bakhshayeshi <reza.b2008 at gmail.com<mailto:reza.b2008 at gmail.com>>
> To: Adam Young <ayoung at redhat.com<mailto:ayoung at redhat.com>>
> Cc: openstack <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> Subject: Re: [Openstack] Keystone Fernet Token
> Message-ID:
> <CAMGoRG2Wnh=urtD5bz+38cnGV-8+jm3ZxCcL=xAPohOxb9NLkw at mail.gmail.com<mailto:CAMGoRG2Wnh=urtD5bz+38cnGV-8+jm3ZxCcL=xAPohOxb9NLkw at mail.gmail.com>>
> Content-Type: text/plain; charset="utf-8"
>
> Dear Adam,
>
> here is the audit.log content:
>
> type=AVC msg=audit(1447271600.161:353): avc: denied { write } for
> pid=4616 comm="httpd" name="fernet-keys" dev="dm-1" ino=1706000
> scontext=system_u:system_r:httpd_t:s0
> tcontext=unconfined_u:object_r:etc_t:s0 tclass=dir
> type=SYSCALL msg=audit(1447271600.161:353): arch=c000003e syscall=21
> success=no exit=-13 a0=7f2ebf240b10 a1=2 a2=7f2ed1d1af88 a3=0 items=0
> ppid=2714 pid=4616 auid=4294967295 uid=163 gid=163 euid=163 suid=163
> fsuid=163 egid=163 sgid=163 fsgid=163 tty=(none) ses=4294967295
> comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0
> key=(null)
> type=AVC msg=audit(1447271602.313:354): avc: denied { write } for
> pid=4648 comm="httpd" name="fernet-keys" dev="dm-1" ino=1706000
> scontext=system_u:system_r:httpd_t:s0
> tcontext=unconfined_u:object_r:etc_t:s0 tclass=dir
> type=SYSCALL msg=audit(1447271602.313:354): arch=c000003e syscall=21
> success=no exit=-13 a0=7f2ebf60a4c0 a1=2 a2=7f2ed1d1af88 a3=0 items=0
> ppid=2714 pid=4648 auid=4294967295 uid=163 gid=163 euid=163 suid=163
> fsuid=163 egid=163 sgid=163 fsgid=163 tty=(none) ses=4294967295
> comm="httpd" exe="/usr/sbin/httpd" subj=system_u:system_r:httpd_t:s0
> key=(null)
>
>
> On 9 November 2015 at 18:22, Adam Young <ayoung at redhat.com<mailto:ayoung at redhat.com>> wrote:
>
> > On 11/07/2015 01:08 PM, Reza Bakhshayeshi wrote:
> >
> > Thanks all, specially Rahul,
> > I solved the problem temporarily by disabling selinux.
> >
> >
> > What did you have for an AVC? It sounds like the issue was The Keystone
> > WSGI process reading the Keys file? Can you post the relevant sections
> > from the audit log?
> >
> >
> >
> > On 3 November 2015 at 07:43, ??? <zhangjl at awcloud.com<mailto:zhangjl at awcloud.com>> wrote:
> >
> >> Maybe, you should do like follows:
> >>
> >> chown -R keystone:keystone /etc/keystone
> >>
> >> Then, restart the keystone service:
> >>
> >> systemctl restart openstack-keystone
> >>
> >>
> >>
> >>
> >>
> >> ------------------
> >> Best Regards
> >>
> >> ZhangJialong
> >>
> >>
> >>
> >> ------------------ Original ------------------
> >> *From: * "Adam Young"< <ayoung at redhat.com<mailto:ayoung at redhat.com>>ayoung at redhat.com<mailto:ayoung at redhat.com>>;
> >> *Date: * Tue, Nov 3, 2015 11:01 AM
> >> *To: * "openstack"< <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> >> openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>;
> >> *Subject: * Re: [Openstack] Keystone Fernet Token
> >>
> >> On 10/28/2015 02:23 PM, Reza Bakhshayeshi wrote:
> >>
> >> Hi all,
> >>
> >> I'm going to use fernet token on OpenStack Kilo (only Keystone service is
> >> installed),
> >> I've configured keystone.conf like:
> >>
> >> [token]
> >> provider = keystone.token.providers.fernet.Provider
> >>
> >> when I'm running:
> >> keystone-manage fernet_setup --keystone-user keystone --keystone-group
> >> keystone
> >>
> >> keys creating successfully in /etc/keystone/fernet-keys directory.
> >> But when I'm going to creating a token I receive the following error,
> >> here is the complete log:
> >>
> >> 2015-10-28 21:22:14.680 65218 INFO keystone.common.wsgi [-] GET /?
> >> 2015-10-28 23:50:25.343 9377 INFO keystone.token.providers.fernet.utils
> >> [-] [fernet_tokens] key_repository does not appear to exist; attempting to
> >> create it
> >> 2015-10-28 23:50:25.344 9377 INFO keystone.token.providers.fernet.utils
> >> [-] Created a new key: /etc/keystone/fernet-keys/0
> >> 2015-10-28 23:50:25.344 9377 INFO keystone.token.providers.fernet.utils
> >> [-] Starting key rotation with 1 key files: ['/etc/keystone/fernet-keys/0']
> >> 2015-10-28 23:50:25.344 9377 INFO keystone.token.providers.fernet.utils
> >> [-] Current primary key is: 0
> >> 2015-10-28 23:50:25.345 9377 INFO keystone.token.providers.fernet.utils
> >> [-] Next primary key will be: 1
> >> 2015-10-28 23:50:25.345 9377 INFO keystone.token.providers.fernet.utils
> >> [-] Promoted key 0 to be the primary: 1
> >> 2015-10-28 23:50:25.345 9377 INFO keystone.token.providers.fernet.utils
> >> [-] Created a new key: /etc/keystone/fernet-keys/0
> >> 2015-10-28 23:50:25.345 9377 INFO keystone.token.providers.fernet.utils
> >> [-] Excess keys to purge: []
> >> 2015-10-28 23:50:52.632 8059 INFO keystone.common.wsgi [-] POST /tokens?
> >> 2015-10-28 23:50:52.889 8059 ERROR keystone.token.providers.fernet.utils
> >> [-] Either [fernet_tokens] key_repository does not exist or Keystone does
> >> not have sufficient permission to access it: /etc/keystone/fernet-keys/
> >> 2015-10-28 23:50:52.890 8059 WARNING keystone.common.wsgi [-] No
> >> encryption keys found; run keystone-manage fernet_setup to bootstrap one.
> >>
> >> while the permissions seem to be correct:
> >>
> >> # ls -lah /etc/keystone/
> >> total 104K
> >> drwxr-x---. 3 root keystone 4.0K Oct 28 23:50 .
> >> drwxr-xr-x. 143 root root 12K Oct 28 12:56 ..
> >> -rw-r-----. 1 root keystone 1.5K Jul 29 00:21
> >> default_catalog.templates
> >> drwx------. 2 keystone keystone 4.0K Oct 28 23:50 fernet-keys
> >> -rw-r-----. 1 root keystone 57K Oct 28 23:48 keystone.conf
> >> -rw-r-----. 1 root keystone 1.1K Jul 29 00:21 logging.conf
> >> -rw-r-----. 1 keystone keystone 8.6K Jul 29 00:21 policy.json
> >> -rw-r-----. 1 keystone keystone 665 Jul 29 00:21
> >> sso_callback_template.html
> >>
> >> What am I missing?
> >>
> >>
> >> No idea. When I get into these situations, I use rpdb;
> >>
> >> http://adam.younglogic.com/2015/02/debugging-openstack-with-rpdb/
> >>
> >>
> >> Is there anything in /etc/keystone/fernet-keys ?
> >>
> >>
> >>
> >>
> >>
> >> _______________________________________________
> >> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >> Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> >> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >>
> >>
> >>
> >> _______________________________________________
> >> Mailing list:
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >> Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> >> Unsubscribe :
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >>
> >>
> >
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151111/daf8f2e3/attachment-0001.html>
>
> ------------------------------
>
> Message: 2
> Date: Thu, 12 Nov 2015 09:36:13 +0100
> From: Amir Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>
> To: Akash Gunjal <akgunjal at in.ibm.com<mailto:akgunjal at in.ibm.com>>
> Cc: "openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>" <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single NIC setup
> Message-ID:
> <CAFSgVcyv+=uTK-bDQRYre-LctXB3aBeazVpzya6YGP4mZ90z+g at mail.gmail.com<mailto:CAFSgVcyv+=uTK-bDQRYre-LctXB3aBeazVpzya6YGP4mZ90z+g at mail.gmail.com>>
> Content-Type: text/plain; charset="utf-8"
>
> Thank you all for suggestions and sorry for late answer. Now I have PC with
> two interfaces; eth0 for br-ex (LAN) and eth1 for vxlan/gre tunnel
> interface. Br-ex is working fine and also I can ping and access VM using
> floating IP. But still facing issue with vxlan/gre tunnels. Vxlan/gre port
> is not created on br-tun.
>
> As I already wrote I'm trying to enable L2 connectivity between VMs running
> on single node Openstack Kilo instalation (Devstack) and external Linux
> host using vxlan/gre tunnel. Since there are now two NICs I'll open new
> thread.
>
> Regards,
> Amir
>
> On Mon, Oct 19, 2015 at 12:36 PM, Akash Gunjal <akgunjal at in.ibm.com<mailto:akgunjal at in.ibm.com>> wrote:
>
> > Hi Amir,
> >
> > One point to check is the security rules set in your controller. Check if
> > you have set the ingress/egress rules set for ICMP protocol (ping) which
> > will otherwise block traffic from external hosts to the tenant VM.
> >
> > Regards,
> > Akash
> >
> > [image: Inactive hide details for yatin kumbhare ---10/19/2015 03:56:22
> > PM---Hi Amir, Not quite sure, as I haven't tried such a thing.]yatin
> > kumbhare ---10/19/2015 03:56:22 PM---Hi Amir, Not quite sure, as I haven't
> > tried such a thing.
> >
> > From: yatin kumbhare <yatinkumbhare at gmail.com<mailto:yatinkumbhare at gmail.com>>
> > To: Amir Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>
> > Cc: "openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>" <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> > Date: 10/19/2015 03:56 PM
> > Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single NIC setup
> > ------------------------------
> >
> >
> >
> > Hi Amir,
> >
> > Not quite sure, as I haven't tried such a thing.
> >
> > but IMHO, you might require l2-gateway.
> >
> > Kind of this: *https://www.youtube.com/watch?v=74Wfr4myf5k*
> > <https://www.youtube.com/watch?v=74Wfr4myf5k>
> >
> > Regards,
> > Yatin
> >
> > On Mon, Oct 19, 2015 at 4:35 AM, Amir Huski? <*amir.huskic at gmail.com*
<mailto:*amir.huskic at gmail.com*%0b>> > <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>> wrote:
> >
> > Hello James,
> >
> > I use underscores in ml2 config file as You suggested. Also made some
> > changes in config file. Here is available:
> > *https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0*
> > <https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0>
> >
> > Summary:
> > - can ping from OS host to external gw and external linux host
> > - can ping from tenant VM to external gw and external linux host
> > - can't ping OS host and tenant VM floating IP from external linux host
> > - tcpdump on br-ex and eth0 interface is showing arp request during
> > ping request from linux external host using vxlan segment
> >
> > For additional info please check info from CLI screen here:
> > *https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0*
> > <https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0>
> >
> > Accidently I deleted symbolic link in log files pointing to agent log.
> > Unfortunately I don't know how to create it again with proper permissions.
> > I tried with chmod and chown using reference command but without much
> > success.
> >
> > lrwxrwxrwx 1 amir amir 43 Sep 19 15:26 screen-n-sch.log ->
> > /opt/stack/logs/n-sch.log.2015-09-19-150746
> > * -rw-r--r-- 1 amir amir 245730291 Okt 18 14:00 screen-q-agt.log*
> > lrwxrwxrwx 1 amir amir 44 Sep 19 15:25 screen-q-dhcp.log ->
> > /opt/stack/logs/q-dhcp.log.2015-09-19-150746
> >
> >
> > Thank you for your help and time.
> >
> > Kind regards,
> > Amir
> >
> >
> > On Wed, Oct 14, 2015 at 4:06 PM, James Denton <
> > *james.denton at rackspace.com*<mailto:*james.denton at rackspace.com*> <james.denton at rackspace.com<mailto:james.denton at rackspace.com>>> wrote:
> > Hi Amir,
> >
> > A couple of recommendations:
> >
> > - Your vxlan_group setting has an extra dot at the end that may be
> > causing issues:
> > [ml2_type_vxlan]
> > vxlan_group = 239.0.0.0.
> > - Your [OVS] block has some incorrect options. Use underscores rather
> > than spaces:
> > [ovs]
> > bridge_mappings = public:br-ex
> > local_ip = 192.168.100.100
> > vxlan_udp_port = 8472
> > tunnel type = vxlan
> > tunnel id ranges = 1001:2000
> > tenant network type = vxlan
> > enable tunneling = true
> > - Same goes for [agent] as well:
> > [agent]
> > tunnel_types = vxlan
> > root_helper_daemon = sudo /usr/local/bin/neutron-rootwrap-daemon
> > /etc/neutron/rootwrap.conf
> > root_helper = sudo /usr/local/bin/neutron-rootwrap
> > /etc/neutron/rootwrap.conf
> > #tunnel_types = vxlan
> > vxlan_udp_port = 8472
> > l2 population = false
> > Start by correcting those issues and restart the OVS agents across
> > your hosts. The agent log may be of help here as well.
> >
> > James
> > On Oct 14, 2015, at 2:38 AM, Amir Huski? <*amir.huskic at gmail.com*
<mailto:*amir.huskic at gmail.com*%0b>> > <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>> wrote:
> >
> > Hello,
> >
> > there is also my ml2_conf.ini file:
> > *https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini*
> > <https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini>
> >
> > Could problem be related to single NIC installation? Is it
> > possible to have same interface for bridge mappings and also for tunnel
> > bridge? Example below:
> >
> > bridge_mappings = public:br-ex
> > integration bridge = br-int
> > tunnel bridge = br-ex
> >
> > Thank you.
> > Regards,
> > Amir
> >
> >
> > On Mon, Oct 12, 2015 at 3:53 PM, Amir Huski? <
> > *amir.huskic at gmail.com*<mailto:*amir.huskic at gmail.com*> <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>> wrote:
> > Hi all,
> >
> > I'm trying to setup up Openstack test lab.
> >
> > I deployed Openstack Kilo (Devstack) on PC running Ubuntu LTS
> > 14.02 with single NIC.
> > Tenants are isolated with vxlan networks. I can ping from VMs
> > to external network PCs, SSH login from external PCs to tenants VMs
> > floating IP address, etc.
> >
> > I would like also to connect tenant VMs to external network
> > physical Linux host using vxlan tunnel and have L2 connectivity between VM
> > and physical Linux host over L3 network.
> >
> > Vxlan interface on Linux physical host is up and running.
> > When I am trying to ping from Linux physical host to Openstack VM (not
> > floating IP) using same subnet L2 address (example ping from 192.168.10.10
> > to 192.168.10.11) UDP packets on port 8472 are coming to Openstack br-ex
> > interface with ARP request.
> >
> > Problem is that I can't setup vxlan tunnel on Openstack.
> > Command "sudo ovs-vsctl show" doesn't show any vxlan tunnels.
> > Also when I try to ping from VM to Linux host using L2 IP
> > address (ping from 192.168.10.11 to 192.168.10.10) tcpdump on br-ex doesn't
> > show anything.
> >
> > My ml2_conf.ini files is configured following this guide:
> > *http://www.opencloudblog.com/?p=300*
> > <http://www.opencloudblog.com/?p=300>
> >
> > Thanks in advance for your help,
> >
> > Regards,
> > Amir
> >
> > _______________________________________________
> > Mailing list:
> > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack*
> > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
> > Post to : *openstack at lists.openstack.org*<mailto:*openstack at lists.openstack.org*>
> > <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> > Unsubscribe :
> > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack*
> > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
> >
> >
> >
> > _______________________________________________
> > Mailing list:
> > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack*
> > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
> > Post to : *openstack at lists.openstack.org*<mailto:*openstack at lists.openstack.org*>
> > <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> > Unsubscribe :
> > *http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack*
> > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack>
> >
> > _______________________________________________
> > Mailing list:
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > Unsubscribe :
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >
> >
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151112/1ae61847/attachment-0001.html>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: ecblank.gif
> Type: image/gif
> Size: 45 bytes
> Desc: not available
> URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151112/1ae61847/attachment-0002.gif>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: graycol.gif
> Type: image/gif
> Size: 105 bytes
> Desc: not available
> URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151112/1ae61847/attachment-0003.gif>
>
> ------------------------------
>
> Message: 3
> Date: Thu, 12 Nov 2015 10:00:12 +0100
> From: Amir Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>
> To: Openstack <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> Subject: [Openstack] Vxlan/gre port is not created in br-tun Kilo
> Message-ID:
> <CAFSgVcxtympHKoP7RxN5uz=wW6F7+5tFVi_h0Xcs30AD-HXnQA at mail.gmail.com<mailto:CAFSgVcxtympHKoP7RxN5uz=wW6F7+5tFVi_h0Xcs30AD-HXnQA at mail.gmail.com>>
> Content-Type: text/plain; charset="utf-8"
>
> Hello,
>
> vxlan/gre port is not created in br-tun Kilo. I'm using PC with two NICs,
> running Ubuntu 14.04 LTS and Devstack skript for Kilo installation (single
> node setup).
>
> My goal is to enable L2 connectivity between VMs (vxlan/gre network) on
> Kilo and external Linux host.
> Eth0 is used for br-ex and LAN connectivity. That part is fine. I can ping
> and ssh to VMs using their floating IP.
> Eth1 should be used for vxlan/gre tunnel connection between Kilo node and
> Linux external node that have vxlan/gre interfaces.
>
> eth0: 192.168.123.1
> eth1: 192.168.100.254
> VMs internal: 192.168.10.x
> Linux external host vxlan/gre tunnel: 192.168.10.10, eth0 192.168.50.10
>
> amir at openstack:~/devstack$ sudo ovs-vsctl show
> c2020516-3b76-4b8c-8fa6-110fcb4fd5e3
> Bridge br-tun
> fail_mode: secure
> Port patch-int
> Interface patch-int
> type: patch
> options: {peer=patch-tun}
> Port br-tun
> Interface br-tun
> type: internal
> Bridge br-int
> fail_mode: secure
>
> When I try to ping from VMs to external Linux host using L2 network segment
> (192.168.10.5 -> 192.168.10.10) I can see using tcpdump that packets are
> coming only to br-int. When I try to ping from Linux external host to VMs
> using L2 network segment (192.168.10.10 -> 192.168.10.5) ping packets are
> coming to eth1 but not also to br-tun.
>
> I can add vxlan/gre port to OVS manually but nothing change and also tried
> with vxlan and gre but result is the same.
>
> Here are my configuration files and CLI output (ifconfig, ip a, OVS
> bridges/ports status, etc):
> https://dl.dropboxusercontent.com/u/4298410/Openstack_vxlan.zip
>
> What I'm doing wrong?
>
> Thank you.
> Regards,
> Amir
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151112/4bab2926/attachment-0001.html>
>
> ------------------------------
>
> Message: 4
> Date: Thu, 12 Nov 2015 10:17:32 +0100
> From: Andreas Scheuring <scheuran at linux.vnet.ibm.com<mailto:scheuran at linux.vnet.ibm.com>>
> To: Amir Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>
> Cc: "openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>" <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single NIC setup
> Message-ID: <1447319852.3078.9.camel at scheuran-ThinkPad-W530<mailto:1447319852.3078.9.camel at scheuran-ThinkPad-W530>>
> Content-Type: text/plain; charset="UTF-8"
>
> What you see is the expected behavior. A Tun (vxlan/gre) port is created
> for each other Node (that runs the neutron-openvswitch-agent) in your
> Openstack Cluster. So if you have a single node - no other Openstack
> node - no tun port.
>
> It's not a use case that an external (non Openstack managed System) Node
> is participating in your Openstack internal tunnel network.
>
> The current ovs implementation knows exactly which vm is reachable via
> which mac on which other hypervisor via which tunnel port. All these
> logic is implemented via openflow rules, which steer the traffic to the
> correct tun device. Traffic that does not match those rules, will be
> dropped (I guess).
>
> You can only achieve this with an external vxlan network. I personally
> haven't tried this so far creating it with Openstack. But for a prove of
> concept you could create the tun port on your own on br-ex (instead of
> plugging your interface into br-ex).
>
> Hope this helps.
>
>
>
> --
> Andreas
> (IRC: scheuran)
>
>
>
> On Do, 2015-11-12 at 09:36 +0100, Amir Huski? wrote:
> > Thank you all for suggestions and sorry for late answer. Now I have PC
> > with two interfaces; eth0 for br-ex (LAN) and eth1 for vxlan/gre
> > tunnel interface. Br-ex is working fine and also I can ping and access
> > VM using floating IP. But still facing issue with vxlan/gre tunnels.
> > Vxlan/gre port is not created on br-tun.
> >
> >
> > As I already wrote I'm trying to enable L2 connectivity between VMs
> > running on single node Openstack Kilo instalation (Devstack) and
> > external Linux host using vxlan/gre tunnel. Since there are now two
> > NICs I'll open new thread.
> >
> >
> > Regards,
> > Amir
> >
> > On Mon, Oct 19, 2015 at 12:36 PM, Akash Gunjal <akgunjal at in.ibm.com<mailto:akgunjal at in.ibm.com>>
> > wrote:
> > Hi Amir,
> >
> > One point to check is the security rules set in your
> > controller. Check if you have set the ingress/egress rules set
> > for ICMP protocol (ping) which will otherwise block traffic
> > from external hosts to the tenant VM.
> >
> > Regards,
> > Akash
> >
> > Inactive hide details for yatin kumbhare ---10/19/2015
> > 03:56:22 PM---Hi Amir, Not quite sure, as I haven't tried such
> > a thing.yatin kumbhare ---10/19/2015 03:56:22 PM---Hi Amir,
> > Not quite sure, as I haven't tried such a thing.
> >
> > From: yatin kumbhare <yatinkumbhare at gmail.com<mailto:yatinkumbhare at gmail.com>>
> > To: Amir Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>
> > Cc: "openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>"
> > <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> > Date: 10/19/2015 03:56 PM
> > Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single
> > NIC setup
> >
> >
> >
> > ______________________________________________________________
> >
> >
> >
> > Hi Amir,
> >
> > Not quite sure, as I haven't tried such a thing.
> >
> > but IMHO, you might require l2-gateway.
> >
> > Kind of this: https://www.youtube.com/watch?v=74Wfr4myf5k
> >
> > Regards,
> > Yatin
> >
> > On Mon, Oct 19, 2015 at 4:35 AM, Amir Huski?
> > <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>> wrote:
> > Hello James,
> >
> > I use underscores in ml2 config file as You suggested.
> > Also made some changes in config file. Here is
> > available:
> > https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0
> >
> > Summary:
> > - can ping from OS host to external gw and external
> > linux host
> > - can ping from tenant VM to external gw and external
> > linux host
> > - can't ping OS host and tenant VM floating IP from
> > external linux host
> > - tcpdump on br-ex and eth0 interface is showing arp
> > request during ping request from linux external host
> > using vxlan segment
> >
> > For additional info please check info from CLI screen
> > here:
> > https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0
> >
> > Accidently I deleted symbolic link in log files
> > pointing to agent log. Unfortunately I don't know how
> > to create it again with proper permissions. I tried
> > with chmod and chown using reference command but
> > without much success.
> >
> > lrwxrwxrwx 1 amir amir 43 Sep 19 15:26
> > screen-n-sch.log
> > -> /opt/stack/logs/n-sch.log.2015-09-19-150746
> > -rw-r--r-- 1 amir amir 245730291 Okt 18 14:00
> > screen-q-agt.log
> > lrwxrwxrwx 1 amir amir 44 Sep 19 15:25
> > screen-q-dhcp.log
> > -> /opt/stack/logs/q-dhcp.log.2015-09-19-150746
> >
> >
> > Thank you for your help and time.
> >
> > Kind regards,
> > Amir
> >
> > On Wed, Oct 14, 2015 at 4:06 PM, James Denton
> > <james.denton at rackspace.com<mailto:james.denton at rackspace.com>> wrote:
> > Hi Amir,
> >
> > A couple of recommendations:
> >
> > - Your vxlan_group setting has an extra dot at the end
> > that may be causing issues:
> > [ml2_type_vxlan]
> > vxlan_group = 239.0.0.0.
> > - Your [OVS] block has some incorrect options. Use
> > underscores rather than spaces:
> > [ovs]
> > bridge_mappings = public:br-ex
> > local_ip = 192.168.100.100
> > vxlan_udp_port = 8472
> > tunnel type = vxlan
> > tunnel id ranges = 1001:2000
> > tenant network type = vxlan
> > enable tunneling = true
> > - Same goes for [agent] as well:
> > [agent]
> > tunnel_types = vxlan
> > root_helper_daemon =
> > sudo /usr/local/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf
> > root_helper =
> > sudo /usr/local/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
> > #tunnel_types = vxlan
> > vxlan_udp_port = 8472
> > l2 population = false
> > Start by correcting those issues and restart the OVS
> > agents across your hosts. The agent log may be of help
> > here as well.
> >
> > James
> > On Oct 14, 2015, at 2:38 AM, Amir
> > Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>> wrote:
> >
> > Hello,
> >
> > there is also my ml2_conf.ini
> > file: https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini
> >
> > Could problem be related to single NIC
> > installation? Is it possible to have
> > same interface for bridge mappings and
> > also for tunnel bridge? Example below:
> >
> > bridge_mappings = public:br-ex
> > integration bridge = br-int
> > tunnel bridge = br-ex
> >
> > Thank you.
> > Regards,
> > Amir
> >
> >
> > On Mon, Oct 12, 2015 at 3:53 PM, Amir
> > Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>> wrote:
> > Hi all,
> >
> > I'm trying to setup up
> > Openstack test lab.
> >
> > I deployed Openstack Kilo
> > (Devstack) on PC running
> > Ubuntu LTS 14.02 with single
> > NIC.
> > Tenants are isolated with
> > vxlan networks. I can ping
> > from VMs to external network
> > PCs, SSH login from external
> > PCs to tenants VMs floating IP
> > address, etc.
> >
> > I would like also to connect
> > tenant VMs to external network
> > physical Linux host using
> > vxlan tunnel and have L2
> > connectivity between VM and
> > physical Linux host over L3
> > network.
> >
> > Vxlan interface on Linux
> > physical host is up and
> > running. When I am trying to
> > ping from Linux physical host
> > to Openstack VM (not floating
> > IP) using same subnet L2
> > address (example ping from
> > 192.168.10.10 to
> > 192.168.10.11) UDP packets on
> > port 8472 are coming to
> > Openstack br-ex interface with
> > ARP request.
> >
> > Problem is that I can't setup
> > vxlan tunnel on Openstack.
> > Command "sudo ovs-vsctl show"
> > doesn't show any vxlan
> > tunnels.
> > Also when I try to ping from
> > VM to Linux host using L2 IP
> > address (ping from
> > 192.168.10.11 to
> > 192.168.10.10) tcpdump on
> > br-ex doesn't show anything.
> >
> > My ml2_conf.ini files is
> > configured following this
> > guide:
> > http://www.opencloudblog.com/?p=300
> >
> > Thanks in advance for your
> > help,
> >
> > Regards,
> > Amir
> >
> > _______________________________________________
> > Mailing list:
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > Post to :
> > openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > Unsubscribe :
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >
> >
> >
> > _______________________________________________
> > Mailing list:
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > Unsubscribe :
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > _______________________________________________
> > Mailing list:
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > Unsubscribe :
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
>
>
> ------------------------------
>
> Message: 5
> Date: Thu, 12 Nov 2015 12:30:45 +0300
> From: Aleksei Stupnikov <astupnikov at mirantis.com<mailto:astupnikov at mirantis.com>>
> To: Amir Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>
> Cc: Openstack <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> Subject: Re: [Openstack] Vxlan/gre port is not created in br-tun Kilo
> Message-ID:
> <CA+GpT_LK-JwfRbdLPbv91UCk7NuMh8LKgn__tGsGVMOyPA2wvQ at mail.gmail.com<mailto:CA+GpT_LK-JwfRbdLPbv91UCk7NuMh8LKgn__tGsGVMOyPA2wvQ at mail.gmail.com>>
> Content-Type: text/plain; charset="utf-8"
>
> Hello, Amir.
>
> I have had exactly the same problem some time ago. Please see a description
> and possible solution at
> https://ask.openstack.org/en/question/68671/centos7-rdo-vxlan-tcp-segment-losses/
> (you should check statistics at L2 and L3 interfaces using ethtool -S and
> ip -s commands before applying proposed WA).
>
> BR, Alexey Stupnikov.
>
> On Thu, Nov 12, 2015 at 12:00 PM, Amir Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>> wrote:
>
> > Hello,
> >
> > vxlan/gre port is not created in br-tun Kilo. I'm using PC with two NICs,
> > running Ubuntu 14.04 LTS and Devstack skript for Kilo installation (single
> > node setup).
> >
> > My goal is to enable L2 connectivity between VMs (vxlan/gre network) on
> > Kilo and external Linux host.
> > Eth0 is used for br-ex and LAN connectivity. That part is fine. I can ping
> > and ssh to VMs using their floating IP.
> > Eth1 should be used for vxlan/gre tunnel connection between Kilo node and
> > Linux external node that have vxlan/gre interfaces.
> >
> > eth0: 192.168.123.1
> > eth1: 192.168.100.254
> > VMs internal: 192.168.10.x
> > Linux external host vxlan/gre tunnel: 192.168.10.10, eth0 192.168.50.10
> >
> > amir at openstack:~/devstack$ sudo ovs-vsctl show
> > c2020516-3b76-4b8c-8fa6-110fcb4fd5e3
> > Bridge br-tun
> > fail_mode: secure
> > Port patch-int
> > Interface patch-int
> > type: patch
> > options: {peer=patch-tun}
> > Port br-tun
> > Interface br-tun
> > type: internal
> > Bridge br-int
> > fail_mode: secure
> >
> > When I try to ping from VMs to external Linux host using L2 network
> > segment (192.168.10.5 -> 192.168.10.10) I can see using tcpdump that
> > packets are coming only to br-int. When I try to ping from Linux external
> > host to VMs using L2 network segment (192.168.10.10 -> 192.168.10.5) ping
> > packets are coming to eth1 but not also to br-tun.
> >
> > I can add vxlan/gre port to OVS manually but nothing change and also tried
> > with vxlan and gre but result is the same.
> >
> > Here are my configuration files and CLI output (ifconfig, ip a, OVS
> > bridges/ports status, etc):
> > https://dl.dropboxusercontent.com/u/4298410/Openstack_vxlan.zip
> >
> > What I'm doing wrong?
> >
> > Thank you.
> > Regards,
> > Amir
> >
> >
> > _______________________________________________
> > Mailing list:
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > Unsubscribe :
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >
> >
>
>
> --
> BR, Alexey Stupnikov.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151112/de10e15f/attachment-0001.html>
>
> ------------------------------
>
> Message: 6
> Date: Thu, 12 Nov 2015 12:57:23 +0100
> From: Amir Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>
> To: Andreas Scheuring <scheuran at linux.vnet.ibm.com<mailto:scheuran at linux.vnet.ibm.com>>
> Cc: "openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>" <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single NIC setup
> Message-ID:
> <CAFSgVczx=_Q5Wy1yn2T89JfffH14JeRQ9MPFBMNFU2cG+qQC=g at mail.gmail.com<mailto:CAFSgVczx=_Q5Wy1yn2T89JfffH14JeRQ9MPFBMNFU2cG+qQC=g at mail.gmail.com>>
> Content-Type: text/plain; charset="utf-8"
>
> Thank you Andreas. I'll try it. I've opened new thread with additional info
> (here:
> http://lists.openstack.org/pipermail/openstack/2015-November/014564.html)
> and subject: Vxlan/gre port is not created in br-tun Kilo. There are also
> config files.
>
> Regards,
> Amir
>
> On Thu, Nov 12, 2015 at 10:17 AM, Andreas Scheuring <
> scheuran at linux.vnet.ibm.com<mailto:scheuran at linux.vnet.ibm.com>> wrote:
>
> > What you see is the expected behavior. A Tun (vxlan/gre) port is created
> > for each other Node (that runs the neutron-openvswitch-agent) in your
> > Openstack Cluster. So if you have a single node - no other Openstack
> > node - no tun port.
> >
> > It's not a use case that an external (non Openstack managed System) Node
> > is participating in your Openstack internal tunnel network.
> >
> > The current ovs implementation knows exactly which vm is reachable via
> > which mac on which other hypervisor via which tunnel port. All these
> > logic is implemented via openflow rules, which steer the traffic to the
> > correct tun device. Traffic that does not match those rules, will be
> > dropped (I guess).
> >
> > You can only achieve this with an external vxlan network. I personally
> > haven't tried this so far creating it with Openstack. But for a prove of
> > concept you could create the tun port on your own on br-ex (instead of
> > plugging your interface into br-ex).
> >
> > Hope this helps.
> >
> >
> >
> > --
> > Andreas
> > (IRC: scheuran)
> >
> >
> >
> > On Do, 2015-11-12 at 09:36 +0100, Amir Huski? wrote:
> > > Thank you all for suggestions and sorry for late answer. Now I have PC
> > > with two interfaces; eth0 for br-ex (LAN) and eth1 for vxlan/gre
> > > tunnel interface. Br-ex is working fine and also I can ping and access
> > > VM using floating IP. But still facing issue with vxlan/gre tunnels.
> > > Vxlan/gre port is not created on br-tun.
> > >
> > >
> > > As I already wrote I'm trying to enable L2 connectivity between VMs
> > > running on single node Openstack Kilo instalation (Devstack) and
> > > external Linux host using vxlan/gre tunnel. Since there are now two
> > > NICs I'll open new thread.
> > >
> > >
> > > Regards,
> > > Amir
> > >
> > > On Mon, Oct 19, 2015 at 12:36 PM, Akash Gunjal <akgunjal at in.ibm.com<mailto:akgunjal at in.ibm.com>>
> > > wrote:
> > > Hi Amir,
> > >
> > > One point to check is the security rules set in your
> > > controller. Check if you have set the ingress/egress rules set
> > > for ICMP protocol (ping) which will otherwise block traffic
> > > from external hosts to the tenant VM.
> > >
> > > Regards,
> > > Akash
> > >
> > > Inactive hide details for yatin kumbhare ---10/19/2015
> > > 03:56:22 PM---Hi Amir, Not quite sure, as I haven't tried such
> > > a thing.yatin kumbhare ---10/19/2015 03:56:22 PM---Hi Amir,
> > > Not quite sure, as I haven't tried such a thing.
> > >
> > > From: yatin kumbhare <yatinkumbhare at gmail.com<mailto:yatinkumbhare at gmail.com>>
> > > To: Amir Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>>
> > > Cc: "openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>"
> > > <openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>>
> > > Date: 10/19/2015 03:56 PM
> > > Subject: Re: [Openstack] Openstack Kilo Vxlan tunnel single
> > > NIC setup
> > >
> > >
> > >
> > > ______________________________________________________________
> > >
> > >
> > >
> > > Hi Amir,
> > >
> > > Not quite sure, as I haven't tried such a thing.
> > >
> > > but IMHO, you might require l2-gateway.
> > >
> > > Kind of this: https://www.youtube.com/watch?v=74Wfr4myf5k
> > >
> > > Regards,
> > > Yatin
> > >
> > > On Mon, Oct 19, 2015 at 4:35 AM, Amir Huski?
> > > <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>> wrote:
> > > Hello James,
> > >
> > > I use underscores in ml2 config file as You suggested.
> > > Also made some changes in config file. Here is
> > > available:
> > >
> > https://www.dropbox.com/s/fuzwiyuyfngyyl2/ml2_conf.ini?dl=0
> > >
> > > Summary:
> > > - can ping from OS host to external gw and external
> > > linux host
> > > - can ping from tenant VM to external gw and external
> > > linux host
> > > - can't ping OS host and tenant VM floating IP from
> > > external linux host
> > > - tcpdump on br-ex and eth0 interface is showing arp
> > > request during ping request from linux external host
> > > using vxlan segment
> > >
> > > For additional info please check info from CLI screen
> > > here:
> > >
> > https://www.dropbox.com/s/fv5hen4jbo6fmby/CLI_debug.txt?dl=0
> > >
> > > Accidently I deleted symbolic link in log files
> > > pointing to agent log. Unfortunately I don't know how
> > > to create it again with proper permissions. I tried
> > > with chmod and chown using reference command but
> > > without much success.
> > >
> > > lrwxrwxrwx 1 amir amir 43 Sep 19 15:26
> > > screen-n-sch.log
> > > -> /opt/stack/logs/n-sch.log.2015-09-19-150746
> > > -rw-r--r-- 1 amir amir 245730291 Okt 18 14:00
> > > screen-q-agt.log
> > > lrwxrwxrwx 1 amir amir 44 Sep 19 15:25
> > > screen-q-dhcp.log
> > > -> /opt/stack/logs/q-dhcp.log.2015-09-19-150746
> > >
> > >
> > > Thank you for your help and time.
> > >
> > > Kind regards,
> > > Amir
> > >
> > > On Wed, Oct 14, 2015 at 4:06 PM, James Denton
> > > <james.denton at rackspace.com<mailto:james.denton at rackspace.com>> wrote:
> > > Hi Amir,
> > >
> > > A couple of recommendations:
> > >
> > > - Your vxlan_group setting has an extra dot at the end
> > > that may be causing issues:
> > > [ml2_type_vxlan]
> > > vxlan_group = 239.0.0.0.
> > > - Your [OVS] block has some incorrect options. Use
> > > underscores rather than spaces:
> > > [ovs]
> > > bridge_mappings = public:br-ex
> > > local_ip = 192.168.100.100
> > > vxlan_udp_port = 8472
> > > tunnel type = vxlan
> > > tunnel id ranges = 1001:2000
> > > tenant network type = vxlan
> > > enable tunneling = true
> > > - Same goes for [agent] as well:
> > > [agent]
> > > tunnel_types = vxlan
> > > root_helper_daemon =
> > > sudo /usr/local/bin/neutron-rootwrap-daemon
> > /etc/neutron/rootwrap.conf
> > > root_helper =
> > > sudo /usr/local/bin/neutron-rootwrap
> > /etc/neutron/rootwrap.conf
> > > #tunnel_types = vxlan
> > > vxlan_udp_port = 8472
> > > l2 population = false
> > > Start by correcting those issues and restart the OVS
> > > agents across your hosts. The agent log may be of help
> > > here as well.
> > >
> > > James
> > > On Oct 14, 2015, at 2:38 AM, Amir
> > > Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>> wrote:
> > >
> > > Hello,
> > >
> > > there is also my ml2_conf.ini
> > > file:
> > https://dl.dropboxusercontent.com/u/4298410/ml2_conf.ini
> > >
> > > Could problem be related to single NIC
> > > installation? Is it possible to have
> > > same interface for bridge mappings and
> > > also for tunnel bridge? Example below:
> > >
> > > bridge_mappings = public:br-ex
> > > integration bridge = br-int
> > > tunnel bridge = br-ex
> > >
> > > Thank you.
> > > Regards,
> > > Amir
> > >
> > >
> > > On Mon, Oct 12, 2015 at 3:53 PM, Amir
> > > Huski? <amir.huskic at gmail.com<mailto:amir.huskic at gmail.com>> wrote:
> > > Hi all,
> > >
> > > I'm trying to setup up
> > > Openstack test lab.
> > >
> > > I deployed Openstack Kilo
> > > (Devstack) on PC running
> > > Ubuntu LTS 14.02 with single
> > > NIC.
> > > Tenants are isolated with
> > > vxlan networks. I can ping
> > > from VMs to external network
> > > PCs, SSH login from external
> > > PCs to tenants VMs floating IP
> > > address, etc.
> > >
> > > I would like also to connect
> > > tenant VMs to external network
> > > physical Linux host using
> > > vxlan tunnel and have L2
> > > connectivity between VM and
> > > physical Linux host over L3
> > > network.
> > >
> > > Vxlan interface on Linux
> > > physical host is up and
> > > running. When I am trying to
> > > ping from Linux physical host
> > > to Openstack VM (not floating
> > > IP) using same subnet L2
> > > address (example ping from
> > > 192.168.10.10 to
> > > 192.168.10.11) UDP packets on
> > > port 8472 are coming to
> > > Openstack br-ex interface with
> > > ARP request.
> > >
> > > Problem is that I can't setup
> > > vxlan tunnel on Openstack.
> > > Command "sudo ovs-vsctl show"
> > > doesn't show any vxlan
> > > tunnels.
> > > Also when I try to ping from
> > > VM to Linux host using L2 IP
> > > address (ping from
> > > 192.168.10.11 to
> > > 192.168.10.10) tcpdump on
> > > br-ex doesn't show anything.
> > >
> > > My ml2_conf.ini files is
> > > configured following this
> > > guide:
> > >
> > http://www.opencloudblog.com/?p=300
> > >
> > > Thanks in advance for your
> > > help,
> > >
> > > Regards,
> > > Amir
> > >
> > >
> > _______________________________________________
> > > Mailing list:
> > >
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > > Post to :
> > > openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > > Unsubscribe :
> > >
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > >
> > >
> > >
> > > _______________________________________________
> > > Mailing list:
> > >
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > > Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > > Unsubscribe :
> > >
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > > _______________________________________________
> > > Mailing list:
> > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > > Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > > Unsubscribe :
> > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > >
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > Mailing list:
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > > Post to : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> > > Unsubscribe :
> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151112/f3d59fb6/attachment-0001.html>
>
> ------------------------------
>
> _______________________________________________
> Openstack mailing list
> openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
> End of Openstack Digest, Vol 29, Issue 12
> *****************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151113/8ff50f8f/attachment.html>
More information about the Openstack
mailing list
