<div dir="ltr">Hi Patrick,<div><br></div><div>Thanks for the info, it is slowly coming together for me, I hope. I do have a few more question and I hope it will clear up more. First let me describe my environment more. I am using foreman to manage the physical hosts, and once openstack is running it will manage the VMs as well. So that is why I have a DHCP address for the host, its a static lease from foreman.</div><div><br></div><div>My physical environment is in a blade center that has two switches in it. One switch is for eth0 and the other is for eth1. For the controller host (Everything but nova compute) the switch is configured for trunked vlan 111 (Management) and 110 (tenets) for both eth0 and eth1. For the compute nodes, the switches are configured for vlan 111 only.</div><div><br></div><div>I am thinking on my controller host I need to configure the eth0.110 device, give it a static IP and connect it to the br-ex, does that sound right?</div><div><br></div><div>I do also have some confusion about vxlan and how it is used. Is that only in the "overlay" network? From what I understand it can have tens of thousands of vlans, which the physical switches can not support. How does the OS/physical network handle that?</div><div><br></div><div>Do you have to use a non-admin project to create the private network?</div><div><br></div><div>Thanks again for the feedback, I feel I am getting close to resolving this.</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature">--Brian</div></div>
<br><div class="gmail_quote">On Thu, Dec 11, 2014 at 8:20 PM, Patrick Laimbock <span dir="ltr"><<a href="mailto:patrick@laimbock.com" target="_blank">patrick@laimbock.com</a>></span> wrote:<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Brian,<br>
<br>
Maybe there's a really simple solution but I don't have enough info to tell. So here's a "slightly" longer suggestion.<br>
<br>
For VLAN support on the *physical* network your switch will need to support 802.1Q. When you say VLANs what do you mean? If you want to use VLANs for tenant separation (so in the overlay network, not the physical network) then Open vSwitch will take of that and AFAIK (I don't use VLANs) you don't need to enable VLANs on your ifcfg devices. Unless your physical network requires VLANs off course.<br>
<br>
The interfaces you pasted had VLAN=yes but not a VLAN designation (like DEVICE=eth0.10 where .10 indicates VLAN 10) and although configured for a static setting (DHCP commented out) there was no IP address defined.<br>
<br>
So maybe take a step back. Delete all the networks and routers (might need to do that from the CLI if things are stuck), on your Neutron node backup & delete ifcfg-br-ex and restore a working ifcfg-eth0, then restart the network and restart the Open vSwitch service on your neutron node so it detects previous stuff is gone (check with ovs-vsctl show), then start with defining the ifcfg-br-ex device and make sure your network is OK first (check with ip address show and restart the network and check again). Then add ethX to br-ex:<br>
# ovs-vsctl add-port br-ex ethX ; service network restart<br>
Make sure you have access to a local console so you don't get locked out if your network fails to restart. Then restart the Open vSwitch service.<br>
<br>
Then move on to create the tenant stuff you'll need. I don't know how you installed RDO. If you used Packstack and want VLAN tenant separation then you have already provided VLAN info and you should use that when setting things up with something like:<br>
<br>
As regular user:<br>
the router<br>
the private network<br>
the private subnet<br>
add private subnet to router<br>
<br>
As admin:<br>
the public network (to be used for example to access the Internet)<br>
the public subnet<br>
add public gateway on the router<br>
<br>
As regular user:<br>
Create some floating IPs<br>
Start an instance of for example the Cirros image<br>
Assign a floating IP address<br>
Once booted log into it via the console, ping local & remote addresses. Hopefully shout "YES!" :)<br>
<br>
FWIW: If you want VLANs for tenant separation then VXLAN and GRE are much easier: Read Rhyz's explanation (5th comment) why:<br>
<a href="https://openstack.redhat.com/forum/discussion/626/help-with-neutron-networking/p1" target="_blank">https://openstack.redhat.com/<u></u>forum/discussion/626/help-<u></u>with-neutron-networking/p1</a><br>
<br>
HTH,<br>
Patrick<span class=""><br>
<br>
On 12-12-14 02:00, brian lee wrote:<br>
</span><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">
I have been working on this for days now and I just can not figure it<br>
out. Attached is a bit from horizon where it is showing both interfaces<br>
on the router as down. How can I find out what is preventing them from<br>
starting?<br>
<br>
<br>
<br></span><span class="">
--Brian<br>
<br>
On Thu, Dec 11, 2014 at 10:28 AM, brian lee <<a href="mailto:brian@brianlee.org" target="_blank">brian@brianlee.org</a><br></span><span class="">
<mailto:<a href="mailto:brian@brianlee.org" target="_blank">brian@brianlee.org</a>>> wrote:<br>
<br>
Man my copy and paste just is not liking me. Anyways, I saw posting<br>
about forcing the mac address every time, but I have not had a problem.<br>
My problem is the port does not become active. I included the device<br>
settings as a reference. This is the status of the port:<br>
<br>
+-----------------------+-----<u></u>------------------------------<u></u>------------------------------<u></u>--------------------+<br>
| Field | Value<br>
|<br>
+-----------------------+-----<u></u>------------------------------<u></u>------------------------------<u></u>--------------------+<br>
| admin_state_up | True<br>
|<br>
| allowed_address_pairs |<br>
|<br>
| binding:host_id | <a href="http://openstack-1.quicksand.bitc.morphotrust.com" target="_blank">openstack-1.quicksand.bitc.<u></u>morphotrust.com</a><br></span>
<<a href="http://openstack-1.quicksand.bitc.morphotrust.com" target="_blank">http://openstack-1.quicksand.<u></u>bitc.morphotrust.com</a>><span class=""><br>
|<br>
| binding:profile | {}<br>
|<br>
| binding:vif_details | {"port_filter": true, "ovs_hybrid_plug":<br>
true} |<br>
| binding:vif_type | ovs<br>
|<br>
| binding:vnic_type | normal<br>
|<br>
| device_id | 7319781c-6186-4684-ba60-<u></u>260b5ecee97c<br>
|<br>
| device_owner | network:router_gateway<br>
|<br>
| extra_dhcp_opts |<br>
|<br>
| fixed_ips | {"subnet_id":<br>
"7761c2ee-e392-48ff-b69a-<u></u>f0f10bbcb6db", "ip_address": "10.30.1.10"} |<br>
| id | 161de698-1666-4c0d-9248-<u></u>8de900797301<br>
|<br>
| mac_address | fa:16:3e:c9:ff:64<br>
|<br>
| name |<br>
|<br>
| network_id | b10fc224-2332-49f5-b555-<u></u>9090c3dc7f44<br>
|<br>
| security_groups |<br>
|<br>
| status | DOWN<br>
|<br>
| tenant_id |<br>
|<br>
+-----------------------+-----<u></u>------------------------------<u></u>------------------------------<u></u>--------------------+<br>
<br>
I am just not able to get that port up. And since its not up I cant<br>
ping/ssh to the VMs. What do I need to do for vlans on my physical<br>
switch?<br>
<br>
--Brian<br>
<br>
On Thu, Dec 11, 2014 at 10:01 AM, Patrick Laimbock<br></span><div><div class="h5">
<<a href="mailto:patrick@laimbock.com" target="_blank">patrick@laimbock.com</a> <mailto:<a href="mailto:patrick@laimbock.com" target="_blank">patrick@laimbock.com</a>>> wrote:<br>
<br>
Hi Brian,<br>
<br>
On 11-12-14 16:15, brian lee wrote:<br>
<br>
It looks like my cute and paste did not work right. My br-ex<br>
device<br>
looks like this:<br>
<br>
DEVICE=br-ex<br>
OVSBOOTPROTO="dhcp"<br>
OVSDHCPINTERFACES="eth0"<br>
ONBOOT=yes<br>
NM_CONTROLLED=no<br>
TYPE=OVSBridge<br>
DEVICETYPE=ovs<br>
DEVICE=br-ex<br>
OVSBOOTPROTO="dhcp"<br>
OVSDHCPINTERFACES="eth0"<br>
ONBOOT=yes<br>
NM_CONTROLLED=no<br>
TYPE=OVSBridge<br>
DEVICETYPE=ovs<br>
<br>
Sorry about the confusion.<br>
<br>
<br>
I use RDO Juno and here are my interfaces:<br>
<br>
[root@neutron1-1 network-scripts]# cat ifcfg-br-ex<br>
DEVICE=br-ex<br>
TYPE=OVSBridge<br>
DEVICETYPE=ovs<br>
OVSBOOTPROTO=dhcp<br>
OVSDHCPINTERFACES=eth1<br>
MACADDR="00:01:02:03:04:05"<br>
OVS_EXTRA="set bridge $DEVICE other-config:hwaddr=$MACADDR"<br>
ONBOOT=yes<br>
NM_CONTROLLED=no<br>
<br>
<br>
[root@neutron1-1 network-scripts]# cat ifcfg-eth1<br>
DEVICE=eth1<br>
TYPE=OVSPort<br>
DEVICETYPE=ovs<br>
OVS_BRIDGE=br-ex<br>
ONBOOT=yes<br>
BOOTPROTO=none<br>
NM_CONTROLLED=no<br>
<br>
HTH,<br>
Patrick<br>
<br>
<br></div></div>
______________________________<u></u>___________________<br>
Rdo-list mailing list<br>
<a href="mailto:Rdo-list@redhat.com" target="_blank">Rdo-list@redhat.com</a> <mailto:<a href="mailto:Rdo-list@redhat.com" target="_blank">Rdo-list@redhat.com</a>><br>
<a href="https://www.redhat.com/__mailman/listinfo/rdo-list" target="_blank">https://www.redhat.com/__<u></u>mailman/listinfo/rdo-list</a><br>
<<a href="https://www.redhat.com/mailman/listinfo/rdo-list" target="_blank">https://www.redhat.com/<u></u>mailman/listinfo/rdo-list</a>><br>
<br>
</blockquote>
<br>
</blockquote></div></div>