[Openstack] Networking - next step?
Turbo Fredriksson
turbo at bayour.com
Mon Jun 27 22:25:46 UTC 2016
I'm not sure what to do next. I've finally got my first
instance up and running. But it doesn't get a DHCP address.
Which is the first thing I can't figure out.
I assume(d) that the Control node is [going to be] the gateway
to the rest of the network (because the Control node is also
the Network node) and the Compute should route all traffic coming
from the VMs to that host.
In Openstack I have created the "physical" (provider) network,
with a allocation pool of IP address that is available on the,
surprise, surprise, the physical network (which is eventually
NATed out to the Internet) where everything else not related
to Openstack is located.
I also have three tenant networks, which won't be routed outside
of Openstack.
There is a Openstack router, with a leg (port) on each of these
networks. Unfortunately, all ports on that router is "Down".
That's the second thing I can't figure out how to change. I can't
seem to figure out a way to do anything about that and I see
anything obvious to this in the logs:
----- s n i p -----
bladeA01b:~# grep 57fa1869-fc0d-4c5c-924c-402782b5bd24 /var/log/neutron/neutron-openvswitch-agent.log
2016-06-27 10:50:17.575 17559 INFO neutron.agent.common.ovs_lib [req-6627cbfc-f9c4-4cf8-b07f-92b53eba1ccc - - - - -] Port 57fa1869-fc0d-4c5c-924c-402782b5bd24 not present in bridge br-physical
2016-06-27 10:50:18.385 17559 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-6627cbfc-f9c4-4cf8-b07f-92b53eba1ccc - - - - -] Port 57fa1869-fc0d-4c5c-924c-402782b5bd24 was not found on the integration bridge and will therefore not be processed
2016-06-27 10:50:19.329 17559 INFO neutron.agent.securitygroups_rpc [req-6627cbfc-f9c4-4cf8-b07f-92b53eba1ccc - - - - -] Preparing filters for devices set([u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'657fbe47-babe-4a0e-afd6-5dbfd05d5748', u'1e7c4621-a4ff-4057-8ce7-3ecdca717b27', u'1b37164c-834d-4765-9829-87c621b2dc8c'])
2016-06-27 10:50:47.293 17559 INFO neutron.agent.common.ovs_lib [req-6627cbfc-f9c4-4cf8-b07f-92b53eba1ccc - - - - -] Port 57fa1869-fc0d-4c5c-924c-402782b5bd24 not present in bridge br-physical
2016-06-27 10:50:48.103 17559 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-6627cbfc-f9c4-4cf8-b07f-92b53eba1ccc - - - - -] Port 57fa1869-fc0d-4c5c-924c-402782b5bd24 was not found on the integration bridge and will therefore not be processed
2016-06-27 10:50:49.044 17559 INFO neutron.agent.securitygroups_rpc [req-6627cbfc-f9c4-4cf8-b07f-92b53eba1ccc - - - - -] Preparing filters for devices set([u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'657fbe47-babe-4a0e-afd6-5dbfd05d5748', u'1e7c4621-a4ff-4057-8ce7-3ecdca717b27', u'1b37164c-834d-4765-9829-87c621b2dc8c'])
2016-06-27 11:15:26.635 20929 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-430be11d-8f34-4750-9aef-71af9fb8994d - - - - -] Port 57fa1869-fc0d-4c5c-924c-402782b5bd24 updated. Details: {u'profile': {}, u'network_qos_policy_id': None, u'qos_policy_id': None, u'allowed_address_pairs': [], u'admin_state_up': True, u'network_id': u'eadb3df0-3c4b-46e5-afb7-fe5d2ef09328', u'segmentation_id': None, u'device_owner': u'network:router_gateway', u'physical_network': u'external', u'mac_address': u'fa:16:3e:46:b8:f2', u'device': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'port_security_enabled': False, u'port_id': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'fixed_ips': [{u'subnet_id': u'172bdf64-9291-415a-8930-455f1f59453f', u'ip_address': u'10.0.0.200'}], u'network_type': u'flat', u'security_groups': []}
2016-06-27 11:15:28.833 20929 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-430be11d-8f34-4750-9aef-71af9fb8994d - - - - -] Configuration for devices up [u'57fa1869-fc0d-4c5c-924c-402782b5bd24'] and devices down [] completed.
2016-06-27 17:07:15.302 23086 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-06aee021-d73f-4984-b5fc-7ccb73edf20f - - - - -] Port 57fa1869-fc0d-4c5c-924c-402782b5bd24 updated. Details: {u'profile': {}, u'network_qos_policy_id': None, u'qos_policy_id': None, u'allowed_address_pairs': [], u'admin_state_up': True, u'network_id': u'eadb3df0-3c4b-46e5-afb7-fe5d2ef09328', u'segmentation_id': None, u'device_owner': u'network:router_gateway', u'physical_network': u'external', u'mac_address': u'fa:16:3e:46:b8:f2', u'device': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'port_security_enabled': False, u'port_id': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'fixed_ips': [{u'subnet_id': u'172bdf64-9291-415a-8930-455f1f59453f', u'ip_address': u'10.0.0.200'}], u'network_type': u'flat', u'security_groups': []}
2016-06-27 17:07:17.037 23086 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-06aee021-d73f-4984-b5fc-7ccb73edf20f - - - - -] Configuration for devices up [u'57fa1869-fc0d-4c5c-924c-402782b5bd24'] and devices down [] completed.
2016-06-27 17:07:20.473 23086 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-06aee021-d73f-4984-b5fc-7ccb73edf20f - - - - -] Port 57fa1869-fc0d-4c5c-924c-402782b5bd24 updated. Details: {u'profile': {}, u'network_qos_policy_id': None, u'qos_policy_id': None, u'allowed_address_pairs': [], u'admin_state_up': True, u'network_id': u'eadb3df0-3c4b-46e5-afb7-fe5d2ef09328', u'segmentation_id': None, u'device_owner': u'network:router_gateway', u'physical_network': u'external', u'mac_address': u'fa:16:3e:46:b8:f2', u'device': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'port_security_enabled': False, u'port_id': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'fixed_ips': [{u'subnet_id': u'172bdf64-9291-415a-8930-455f1f59453f', u'ip_address': u'10.0.0.200'}], u'network_type': u'flat', u'security_groups': []}
2016-06-27 17:07:21.994 23086 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-06aee021-d73f-4984-b5fc-7ccb73edf20f - - - - -] Configuration for devices up [u'57fa1869-fc0d-4c5c-924c-402782b5bd24'] and devices down [] completed.
2016-06-27 17:07:46.553 26647 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-8a1fb99d-e3a2-41a7-b610-788cea2e0e2a - - - - -] Port 57fa1869-fc0d-4c5c-924c-402782b5bd24 updated. Details: {u'profile': {}, u'network_qos_policy_id': None, u'qos_policy_id': None, u'allowed_address_pairs': [], u'admin_state_up': True, u'network_id': u'eadb3df0-3c4b-46e5-afb7-fe5d2ef09328', u'segmentation_id': None, u'device_owner': u'network:router_gateway', u'physical_network': u'external', u'mac_address': u'fa:16:3e:46:b8:f2', u'device': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'port_security_enabled': False, u'port_id': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'fixed_ips': [{u'subnet_id': u'172bdf64-9291-415a-8930-455f1f59453f', u'ip_address': u'10.0.0.200'}], u'network_type': u'flat', u'security_groups': []}
2016-06-27 17:07:48.430 26647 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-8a1fb99d-e3a2-41a7-b610-788cea2e0e2a - - - - -] Configuration for devices up [u'57fa1869-fc0d-4c5c-924c-402782b5bd24'] and devices down [] completed.
2016-06-27 21:01:00.090 26647 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-8a1fb99d-e3a2-41a7-b610-788cea2e0e2a - - - - -] Port 57fa1869-fc0d-4c5c-924c-402782b5bd24 updated. Details: {u'profile': {}, u'network_qos_policy_id': None, u'qos_policy_id': None, u'allowed_address_pairs': [], u'admin_state_up': True, u'network_id': u'eadb3df0-3c4b-46e5-afb7-fe5d2ef09328', u'segmentation_id': None, u'device_owner': u'network:router_gateway', u'physical_network': u'external', u'mac_address': u'fa:16:3e:46:b8:f2', u'device': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'port_security_enabled': False, u'port_id': u'57fa1869-fc0d-4c5c-924c-402782b5bd24', u'fixed_ips': [{u'subnet_id': u'172bdf64-9291-415a-8930-455f1f59453f', u'ip_address': u'10.0.0.200'}], u'network_type': u'flat', u'security_groups': []}
2016-06-27 21:01:02.017 26647 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-8a1fb99d-e3a2-41a7-b610-788cea2e0e2a - - - - -] Configuration for devices up [u'57fa1869-fc0d-4c5c-924c-402782b5bd24'] and devices down [] completed.
2016-06-27 21:19:16.746 26647 INFO neutron.agent.securitygroups_rpc [req-8a1fb99d-e3a2-41a7-b610-788cea2e0e2a - - - - -] Remove device filter for set([u'57fa1869-fc0d-4c5c-924c-402782b5bd24'])
2016-06-27 21:19:16.886 26647 INFO neutron.plugins.ml2.drivers.openvswitch.agent.ovs_neutron_agent [req-8a1fb99d-e3a2-41a7-b610-788cea2e0e2a - - - - -] Ports set([u'57fa1869-fc0d-4c5c-924c-402782b5bd24']) removed
----- s n i p -----
"not found on the integration bridge" (that would be "br-provider"
as I've configured it - but next part says "br-physical", which is
it?), "not present in bridge br-physical".
Ok.. ? So do _I'm_ supposed to put it there, or is Openstack?
See the included screenshot for how this looks like in graphical
form. PS, the third tenant network is under the router info blob.
When I create my instance, I chose one of the tenant networks
and one of the floating IPs (from the "physical" pool), but
it won't get an IP, and the floating one isn't recorded anywhere
in the instance (second thing). And even if I login through VNC
(which I have to do via a separate VNC client, because the "built-in"
one in the web GUI don't seem to work for some reason - fourth
thing) and set it, it won't route anywhere.
On the Controller I have the following interfaces ("lo" removed
from the list for brevity), routes and bridges:
----- s n i p -----
bladeA01b:~# ifconfig
br-physical: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.4.1 netmask 255.255.0.0 broadcast 10.0.4.255
ether 78:e7:d1:59:f8:ec txqueuelen 0 (Ethernet)
RX packets 9416 bytes 2024698 (1.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4141 bytes 1846909 (1.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-provider: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.99.0.1 netmask 255.255.255.0 broadcast 10.99.0.255
ether 78:e7:d1:59:f8:e8 txqueuelen 0 (Ethernet)
RX packets 12 bytes 986 (986.0 B)
RX errors 0 dropped 9 overruns 0 frame 0
TX packets 3 bytes 182 (182.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
ether 78:e7:d1:59:f8:e8 txqueuelen 1000 (Ethernet)
RX packets 934 bytes 70418 (68.7 KiB)
RX errors 0 dropped 15 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 28 memory 0xfb000000-fb7fffff
eth1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
ether 78:e7:d1:59:f8:ec txqueuelen 1000 (Ethernet)
RX packets 9950 bytes 2028818 (1.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4662 bytes 1893239 (1.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 40 memory 0xfa000000-fa7fffff
bladeA01b:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.254 0.0.0.0 UG 0 0 0 br-physical
10.0.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-physical
10.99.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br-provider
bladeA01b:~# ovs-vsctl show
f9ba2214-4c6c-4185-97c3-20ff5c1ca8f0
Bridge br-provider
fail_mode: secure
Port int-br-physical
Interface int-br-physical
type: patch
options: {peer=phy-br-physical}
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port br-provider
Interface br-provider
type: internal
Port "eth0"
Interface "eth0"
Bridge br-tun
fail_mode: secure
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port br-tun
Interface br-tun
type: internal
Bridge br-physical
Port phy-br-physical
Interface phy-br-physical
type: patch
options: {peer=int-br-physical}
Port br-physical
Interface br-physical
type: internal
Port "tapf4f5a1e1-74"
Interface "tapf4f5a1e1-74"
type: internal
Port "eth1"
Interface "eth1"
ovs_version: "2.3.0"
----- s n i p -----
Here, "br-provider" is bridged with "eth0", which is connected
to a cisco switch, without any uplink. See more below.
And "br-physical" is linked with "eth1" which is connected to an
identical Cisco switch with the uplink to the rest of the network.
On the Compute I have:
----- s n i p -----
bladeA03b:~# ifconfig
br-physical: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.4.3 netmask 255.255.0.0 broadcast 10.0.4.255
ether 78:e7:d1:59:f2:64 txqueuelen 0 (Ethernet)
RX packets 11120 bytes 2431517 (2.3 MiB)
RX errors 0 dropped 588 overruns 0 frame 0
TX packets 6862 bytes 2241131 (2.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-provider: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1458
inet 10.99.0.3 netmask 255.255.255.0 broadcast 10.99.0.255
ether 78:e7:d1:59:f2:60 txqueuelen 0 (Ethernet)
RX packets 317 bytes 29098 (28.4 KiB)
RX errors 0 dropped 3 overruns 0 frame 0
TX packets 200 bytes 36124 (35.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.42.1 netmask 255.255.0.0 broadcast 0.0.0.0
ether 02:42:60:20:b1:b6 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
ether 78:e7:d1:59:f2:60 txqueuelen 1000 (Ethernet)
RX packets 3031 bytes 229586 (224.2 KiB)
RX errors 0 dropped 32 overruns 0 frame 0
TX packets 210 bytes 38494 (37.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 28 memory 0xfb000000-fb7fffff
eth1: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1500
ether 78:e7:d1:59:f2:64 txqueuelen 1000 (Ethernet)
RX packets 16453 bytes 2991187 (2.8 MiB)
RX errors 0 dropped 39 overruns 0 frame 0
TX packets 7614 bytes 2321027 (2.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 40 memory 0xfa000000-fa7fffff
qbr6a866c7f-2b: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1458
ether 0a:eb:34:e9:14:97 txqueuelen 0 (Ethernet)
RX packets 10 bytes 1366 (1.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvb6a866c7f-2b: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1458
ether 0a:eb:34:e9:14:97 txqueuelen 1000 (Ethernet)
RX packets 10 bytes 756 (756.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 9 bytes 1464 (1.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvo6a866c7f-2b: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST> mtu 1458
ether 92:ea:b0:a3:3e:05 txqueuelen 1000 (Ethernet)
RX packets 9 bytes 1464 (1.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 10 bytes 756 (756.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tap6a866c7f-2b: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1458
ether fe:16:3e:80:7a:30 txqueuelen 500 (Ethernet)
RX packets 9 bytes 1464 (1.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 10 bytes 756 (756.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
bladeA03b:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.254 0.0.0.0 UG 0 0 0 br-physical
10.0.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-physical
10.99.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br-provider
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
bladeA03b:~# ovs-vsctl show
5e1ec384-b926-4148-9bfd-cbf7db56cfa2
Bridge br-physical
Port "eth1"
Interface "eth1"
Port br-physical
Interface br-physical
type: internal
Bridge br-provider
Port "qvo6a866c7f-2b"
Interface "qvo6a866c7f-2b"
Port br-provider
Interface br-provider
type: internal
Port "eth0"
Interface "eth0"
ovs_version: "2.3.0"
----- s n i p -----
Again, "br-provider" is bridged with "eth0", same Cisco switch
as the Controller/eth0 is connected to. I can ping the two
10.99.0.x addresses for these two machines. WITHOUT going through
"eth1" (and the site firewall/gateway/router).
In both these machines, "eth1" is the connection to the "physical"
(provider/administration) network and as said, "eth0" is the internal
(tenant) network.
My security group I'm using allows everything, ingress and egress.
--
Life sucks and then you die
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160627/2ef10c25/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot 2016-06-27 20.05.32.png
Type: image/png
Size: 71850 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160627/2ef10c25/attachment.png>
More information about the Openstack
mailing list
