[Openstack] Networking - next step?

Turbo Fredriksson turbo at bayour.com
Wed Jun 29 10:18:46 UTC 2016 

On Jun 29, 2016, at 12:28 AM, Kevin Benton wrote:

> you will also need to change that in the
> nova compute config with the 'linuxnet_ovs_integration_bridge' setting

Ah, perfect! Thanx.

> Whatever your integration bridge is, it should *not* have any physical
> interfaces plugged into it directly.

Oh. Oh?

> (In your original ovs-vsctl output it shows that eth0 is a member of
> 'br-provider' and eth1 is a member of 'br-physical'.

> So you need to remove eth1 from that if 'br-provider' is the
> integration bridge.)

These three sentences put together means that I should remove both
ethernet interfaces from my two bridge interfaces!

And that isn't what the pages on os.org say:

http://docs.openstack.org/admin-guide/networking_config-agents.html

  To uplink the node that runs neutron-l3-agent to the external
  network, create a bridge named br-ex and attach the NIC for the
  external network to this bridge.

  For example, with Open vSwitch and NIC eth1 connected to the
  external network, run:

    # ovs-vsctl add-br br-ex
    # ovs-vsctl add-port br-ex eth1

In my case, that's "br-physical" and "eth0". Which I have done.

In my setup, "br-provider" is the integration bridge..

> In your topology, did you want two networks to map to two separate real
> networks on different interfaces? If so, create two physnets for them, each
> with their own bridge_mapping.

Well, I'm not sure. In EVERY image, howto and example I've seen, including
the one your linked to yesterday, there's always two networks: The administration
network and the (isolated) "where VMs reside" network..

In my case, eth1/br-physical and eth0/br-provider respectively.

Eth0 does not have an uplink anywhere, and is only switched between the
host, traffic can't go any where else.


So in my understanding, traffic should go like this:

  VM/eth0 -> Compute/eth1 -> Control/eth1 -> Control/eth0 -> Site FW/GW

Or, I guess, it could go out via eth0 on the Compute node directly. But
eventually, one day, perhaps, I'll break out Neutron to it's own, separate
physical machine, so I'd like to work that possibility into the design
right now. Which I thought I did :)

> Also, in your l3_agent.ini, you should leave the 'external_network_bridge'
> option explicitly set to a blank value. That will let the L2 agent do all
> of the wiring and will result in the correct operational status for your
> router gateway ports.

Ok, thanx.

> That chart came from:
> http://docs.openstack.org/mitaka/networking-guide/scenario-classic-ovs.html

That doesn't talk about creating any bridges either.
-- 
Ehhhhm - The battle cry of the cronical masturbater.
- Charlie Harper

More information about the Openstack mailing list