[rhos-list] Multiple Flat Networking config
Brent Eagles
beagles at redhat.com
Thu Jul 18 13:32:18 UTC 2013
Hi Nicolas,
On 07/18/2013 03:23 AM, Vogel Nicolas wrote:
> Hi,
>
> I'm trying to make a quantum "Multiple Flat Network" configuration (the 2nd
> Use case in the Quantum doc).
>
> I have four NICs on my server (em1, em2, p1p1, p1p2). I configured the first
> (em1) with static IP and used it for the packstack deployment. Everthing
> worked fine. I want to use this NIC only for management purpose and Openstack
> services.
>
> After the packstack allinone install, br-int and br-ex were available. Then I
> created to new networks and subnets. The first only for internal
> communication, and the second for external communication. This external
> network/subnet matches the subnet connected on em2 NIC.
>
> Then I activate my second and third NIC (em2 abd p1p1) without any IP. I run
> following commands: sudo ovs-vsctl add-port br-ex em2 and sudo ovs-vsctl
> add-port br-int p1p1 because I wan't the br-int bridge for internal
> communication only and the br-ex bridge for communication with the outside
> world.
>
> I can start VMs with 2 NICs on the 2 networks I created and both got an IP
> address per DHCP. But my VM isn't reachable from the outside world. I add
> rules to the default group to allow PING and SSH.
>
> Is my configuration right? Did I make something wrong or do I need more
> specific configuration?
>
> Thanks for the answers.
>
> Nicolas.
While I cannot give you a single answer that will fix your
configuration, I can help you debug it further and maybe resolve the
issues yourself.
Your VMs are able to communicate with each other over their private
network, right? Configurations that don't require inter-host
connectivity can use the "local" network type for the integration bridge
and don't require a physical ethernet device to be added to the
integration bridge. Since you are going down the route of having an
actual external interface looks like you might heading for configuration
a where you can add additional nodes in the future. Considering that,
you should verify some details with respect to your network/bridge
mappings in ovs_quantum_plugin.ini. It sounds like you missed a few
steps because you would typically have something like:
ovs-vsctl add-br br-p1p1
ovs-vsctl add-port br-p1p1 p1p1
instead of adding p1p1 directly to the integration bridge. Generally
speaking, OpenStack takes care of br-int.
After you've created br-p1p1, the ovs section in your
ovs_quantum_plugin.ini file should have something like this:
network_vlan_ranges = physnet1
bridge_mappings = physnet1:br-p1p1
The openvswitch agent ends up putting br-p1p1 on the br-int integration
bridge for you, effectively connecting the integration bridge to your
physical ethernet device! Take a look at
http://docs.openstack.org/trunk/openstack-network/admin/content/demo_flat_installions.html
for similar instructions. I know that is the topology you are going for
but that part of the instructions is valid.
Interestingly enough, a similar thing is going to happen for your
'external' network. You mention that your VMs have both interfaces
initialized via DHCP. Does your second network (the one that is NOT the
br-int one) and subnet have DHCP enabled, or did you create it as an
externally routed network with the intent of allocating IPs like they
were floating IP addresses. I'm guessing the former if the VMs have 2
network interfaces. I'll continue with that assumption, so forgive me if
I am off base.
br-ex is for the external network bridge, which is managed by the
l3_agent, which implies routing. So adding an interface to br-ex won't
get you what you want. It sounds really like you are trying to integrate
a network that is reachable using a physical IF on the host with VIFs on
the VMs. This is more interesting :) Honestly I haven't tried that
myself... yet. However, it is similar to connecting multiple nodes
together. Unfortunately, this is someone outside the realm of what the
OpenStack documentation tends to address but that doesn't mean it is
impossible. I'll give you some info that might help you solve this
yourself! Disclaimer: I'm not saying you *should* do this, but your
network topology is your business.
As I've mentioned above, br-ex is for routing to public networks. If you
are trying to connect VIFs from your VMs directly to host accessible
network you are dealing with br-int. Basically you are going to want to
setup your other interface (em2) just like p1p1 and associate your
non-private network with "physnet2" or whatever you call it. You will
need to study up on VLAN vs Flat etc, in order to configure
ovs_quantum_plugin.ini properly. What is correct depends entirely on
your network but if you understand the docs and understand your network,
getting the config right shouldn't be too bad.
Unfortunately, that is about as far as I can take you. I've already
assumed a lot by guessing what you are trying to do with that second
network and any further advice would be based on my imagination, not
what you are actually trying to do ;)
Cheers,
Brent
More information about the rhos-list
mailing list