Flat Provider network with OVS

In this article, I am going to show the configuration of flat provider network. It helps to avoid the NAT which in turn improves the performance. Most importantly, compute node can reach external world directly skipping the network node.

I have referred the below link for configuration and understanding the setup.

http://docs.openstack.org/liberty/networking-guide/scenario-provider-ovs.html

I am showing the setup from packstack all-in-one.

Step 1 : As we are not going to use any tenant network here hence I left that blank. flat is mentioned in type_drivers as my external network is of flat type. If you are using VLAN provider network, you can replace it accordingly.

egrep -v “^(#|$)” /etc/neutron/plugin.ini
[ml2]
type_drivers = flat
tenant_network_types =
mechanism_drivers =openvswitch
[ml2_type_flat]
flat_networks = external
[ml2_type_vlan]
[ml2_type_gre]
[ml2_type_vxlan]
[securitygroup]
enable_security_group = True

I will be create network with name of external hence I mentioned the same in flat_networks. Comment the default vxlan settings.

Step 2 : Our ML2 plugin file is configured, now it’s turn for openvswitch configuration file.

As I will be creating network with name external hence mentioned the same in bridge_mapping. br-ex is the external bridge to which port (interface) is assigned. I have disabled the tunneling.

egrep -v “^(#|$)” /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
[ovs]
enable_tunneling = False
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip =192.168.122.163
bridge_mappings = external:br-ex
[agent]
polling_interval = 2
tunnel_types =vxlan
vxlan_udp_port =4789
l2_population = False
arp_responder = False
enable_distributed_routing = False
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

Step 3 : Creating external network.

[root@allinone7 ~(keystone_admin)]# neutron net-create external1 –shared –provider:physical_network external –provider:network_type flat
Created a new network:
+—————————+————————————–+
| Field                     | Value                                |
+—————————+————————————–+
| admin_state_up            | True                                 |
| id                        | 6960a06c-5352-419f-8455-80c4d43dedf8 |
| name                      | external1                            |
| provider:network_type     | flat                                 |
| provider:physical_network | external                             |
| provider:segmentation_id  |                                      |
| router:external           | False                                |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tenant_id                 | a525deb290124433b80996d4f90b42ba     |
+—————————+————————————–+

As I am using flat network type hence mentioned the same for network_type, if your external network is VLAN provider network, you need to add one more parameter segmentation ID. It’s important to use the same physical_network name which you have used in Step 1 and Step 2 configuration files.

Step 4 : Creating subnet. My external network is 192.168.122.0/24
[root@allinone7 ~(keystone_admin)]# neutron net-list
+————————————–+———–+———+
| id                                   | name      | subnets |
+————————————–+———–+———+
| 6960a06c-5352-419f-8455-80c4d43dedf8 | external1 |         |
+————————————–+———–+———+

[root@allinone7 ~(keystone_admin)]# neutron subnet-create external1 192.168.122.0/24 –name external1-subnet –gateway 192.168.122.1
Created a new subnet:
+——————-+——————————————————+
| Field             | Value                                                |
+——————-+——————————————————+
| allocation_pools  | {“start”: “192.168.122.2”, “end”: “192.168.122.254”} |
| cidr              | 192.168.122.0/24                                     |
| dns_nameservers   |                                                      |
| enable_dhcp       | True                                                 |
| gateway_ip        | 192.168.122.1                                        |
| host_routes       |                                                      |
| id                | 38ac41fd-edc7-4ad7-a7fa-1a06000fc4c7                 |
| ip_version        | 4                                                    |
| ipv6_address_mode |                                                      |
| ipv6_ra_mode      |                                                      |
| name              | external1-subnet                                     |
| network_id        | 6960a06c-5352-419f-8455-80c4d43dedf8                 |
| tenant_id         | a525deb290124433b80996d4f90b42ba                     |
+——————-+——————————————————+
[root@allinone7 ~(keystone_admin)]# neutron net-list
+————————————–+———–+——————————————————-+
| id                                   | name      | subnets                                               |
+————————————–+———–+——————————————————-+
| 6960a06c-5352-419f-8455-80c4d43dedf8 | external1 | 38ac41fd-edc7-4ad7-a7fa-1a06000fc4c7 192.168.122.0/24 |
+————————————–+———–+——————————————————-+

Step 5 : Spawn the instance using “external” network directly.

[root@allinone7 ~(keystone_admin)]# nova list
+————————————–+—————-+——–+————+————-+————————-+
| ID                                   | Name           | Status | Task State | Power State | Networks                |
+————————————–+—————-+——–+————+————-+————————-+
| 36934762-5769-4ac1-955e-fb475b8f6a76 | test-instance1 | ACTIVE | –          | Running     | external1=192.168.122.4 |
+————————————–+—————-+——–+————+————-+————————-+

You will be able to connect to this instance directly.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s