<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Arial,Helvetica,sans-serif;">
<p>> <span>It would seem that all I need to do is create a vlan27 port as shown below. The below was generated by the heat OOO heat templates.
<br>
</span></p>
<p><span><br>
</span></p>
<div>Doesn't it mean one of original templates ( which were invoked by `openstack overcloud deploy .... ` )<br>
should be updated to create vlan27 as separate network or you have some other way to add vlan27 ?<br>
<br>
<div><br>
</div>
</div>
<br>
<p></p>
<br>
<br>
<div style="color: rgb(0, 0, 0);">
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b> John Marks <jdmarks75080@gmail.com><br>
<b>Sent:</b> Tuesday, October 18, 2016 5:21 PM<br>
<b>To:</b> Boris Derzhavets; rdo-list@redhat.com<br>
<b>Subject:</b> Re: [rdo-list] Adding a vlan to the external network in tripleo</font>
<div> </div>
</div>
<div>
<div dir="ltr">I looked over you scenario in your blog and it is close. I have a single external port that shares the native VLAN and VLAN27. In my case, I configrued the external bridge (br-ex) with the native vlan and am now faced with adding vlan27 to the
bridge. RHOSP has a vlan scenario which I used in creating the bridge and vlans under it that carry the storage, etc. It would seem that all I need to do is create a vlan27 port as shown below. The below was generated by the heat OOO heat templates.
<div><br>
</div>
<div>stack: ip a</div>
<div>
<div>1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN</div>
<div> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00</div>
<div> inet <a href="http://127.0.0.1/8" id="LPlnk604269" previewremoved="true">
127.0.0.1/8</a> scope host lo</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet6 ::1/128 scope host</div>
<div> valid_lft forever preferred_lft forever</div>
<div>2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000</div>
<div> link/ether 14:58:d0:4c:2e:98 brd ff:ff:ff:ff:ff:ff</div>
<div> inet <a href="http://192.0.2.17/24" id="LPlnk182732" previewremoved="true">
192.0.2.17/24</a> brd 192.0.2.255 scope global eno1</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet <a href="http://192.0.2.15/32" id="LPlnk506184" previewremoved="true">
192.0.2.15/32</a> brd 192.0.2.255 scope global eno1</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet6 fe80::1658:d0ff:fe4c:2e98/64 scope link</div>
<div> valid_lft forever preferred_lft forever</div>
<div>3: ens1f0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000</div>
<div> link/ether 8c:dc:d4:b1:8e:b8 brd ff:ff:ff:ff:ff:ff</div>
<div>4: eno2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master ovs-system state UP qlen 1000</div>
<div> link/ether 14:58:d0:4c:2e:9c brd ff:ff:ff:ff:ff:ff</div>
<div> inet6 fe80::1658:d0ff:fe4c:2e9c/64 scope link</div>
<div> valid_lft forever preferred_lft forever</div>
<div>5: ens1f1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000</div>
<div> link/ether 8c:dc:d4:b1:8e:b9 brd ff:ff:ff:ff:ff:ff</div>
<div>6: eno3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master ovs-system state UP qlen 1000</div>
<div> link/ether 14:58:d0:4c:2e:99 brd ff:ff:ff:ff:ff:ff</div>
<div> inet6 fe80::1658:d0ff:fe4c:2e99/64 scope link</div>
<div> valid_lft forever preferred_lft forever</div>
<div>7: eno4: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000</div>
<div> link/ether 14:58:d0:4c:2e:9d brd ff:ff:ff:ff:ff:ff</div>
<div>8: eno5: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000</div>
<div> link/ether 14:58:d0:4c:2e:9a brd ff:ff:ff:ff:ff:ff</div>
<div>9: eno6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000</div>
<div> link/ether 14:58:d0:4c:2e:9e brd ff:ff:ff:ff:ff:ff</div>
<div>10: eno7: <BROADCAST,MULTICAST> mtu 1500 qdisc noop master ovs-system state DOWN qlen 1000</div>
<div> link/ether 14:58:d0:4c:2e:9b brd ff:ff:ff:ff:ff:ff</div>
<div>11: eno8: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN qlen 1000</div>
<div> link/ether 14:58:d0:4c:2e:9f brd ff:ff:ff:ff:ff:ff</div>
<div>12: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN</div>
<div> link/ether da:f8:b1:fd:2e:74 brd ff:ff:ff:ff:ff:ff</div>
<div>13: br-ex1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN</div>
<div> link/ether 14:58:d0:4c:2e:9b brd ff:ff:ff:ff:ff:ff</div>
<div>14: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN</div>
<div> link/ether 2a:98:45:ed:fb:4b brd ff:ff:ff:ff:ff:ff</div>
<div>15: vlan203: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN</div>
<div> link/ether 0a:5a:9c:28:45:f6 brd ff:ff:ff:ff:ff:ff</div>
<div> inet <a href="http://172.19.0.11/24" id="LPlnk507698" previewremoved="true">
172.19.0.11/24</a> brd 172.19.0.255 scope global vlan203</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet <a href="http://172.19.0.10/32" id="LPlnk832540" previewremoved="true">
172.19.0.10/32</a> brd 172.19.0.255 scope global vlan203</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet6 fe80::85a:9cff:fe28:45f6/64 scope link</div>
<div> valid_lft forever preferred_lft forever</div>
<div>16: vlan202: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN</div>
<div> link/ether 6e:3f:59:63:41:89 brd ff:ff:ff:ff:ff:ff</div>
<div> inet <a href="http://172.18.0.12/24" id="LPlnk135506" previewremoved="true">
172.18.0.12/24</a> brd 172.18.0.255 scope global vlan202</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet <a href="http://172.18.0.10/32" id="LPlnk335926" previewremoved="true">
172.18.0.10/32</a> brd 172.18.0.255 scope global vlan202</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet6 fe80::6c3f:59ff:fe63:4189/64 scope link</div>
<div> valid_lft forever preferred_lft forever</div>
<div>17: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN</div>
<div> link/ether 14:58:d0:4c:2e:9c brd ff:ff:ff:ff:ff:ff</div>
<div> inet <a href="http://10.1.62.169/24" id="LPlnk329355" previewremoved="true">
10.1.62.169/24</a> brd 10.1.62.255 scope global br-ex</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet <a href="http://10.1.62.168/32" id="LPlnk875641" previewremoved="true">
10.1.62.168/32</a> brd 10.1.62.255 scope global br-ex</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet6 fcff:1:62:0:1658:d0ff:fe4c:2e9c/64 scope global mngtmpaddr dynamic</div>
<div> valid_lft 2591980sec preferred_lft 604780sec</div>
<div> inet6 fe80::1658:d0ff:fe4c:2e9c/64 scope link</div>
<div> valid_lft forever preferred_lft forever</div>
<div>18: vlan204: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN</div>
<div> link/ether ba:76:32:20:c8:1e brd ff:ff:ff:ff:ff:ff</div>
<div> inet <a href="http://172.17.0.11/24" id="LPlnk858634" previewremoved="true">
172.17.0.11/24</a> brd 172.17.0.255 scope global vlan204</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet6 fe80::b876:32ff:fe20:c81e/64 scope link</div>
<div> valid_lft forever preferred_lft forever</div>
<div>19: vlan201: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN</div>
<div> link/ether 96:0b:f7:a1:89:dc brd ff:ff:ff:ff:ff:ff</div>
<div> inet <a href="http://172.16.0.13/24" id="LPlnk944441" previewremoved="true">
172.16.0.13/24</a> brd 172.16.0.255 scope global vlan201</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet <a href="http://172.16.0.10/32" id="LPlnk112132" previewremoved="true">
172.16.0.10/32</a> brd 172.16.0.255 scope global vlan201</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet <a href="http://172.16.0.11/32" id="LPlnk43034" previewremoved="true">
172.16.0.11/32</a> brd 172.16.0.255 scope global vlan201</div>
<div> valid_lft forever preferred_lft forever</div>
<div> inet6 fe80::940b:f7ff:fea1:89dc/64 scope link</div>
<div> valid_lft forever preferred_lft forever</div>
<div>23: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN</div>
<div> link/ether 12:ec:43:c0:1d:43 brd ff:ff:ff:ff:ff:ff</div>
</div>
<div><br>
</div>
<div>stack: ovs-ctl show </div>
<div>
<div>75acb2b-1107-419f-9fed-1b80741aa78a</div>
<div> Bridge br-ex</div>
<div> Port "vlan202"</div>
<div> tag: 202</div>
<div> Interface "vlan202"</div>
<div> type: internal</div>
<div> Port br-ex</div>
<div> Interface br-ex</div>
<div> type: internal</div>
<div> Port "vlan201"</div>
<div> tag: 201</div>
<div> Interface "vlan201"</div>
<div> type: internal</div>
<div> Port "bond1"</div>
<div> Interface "eno2"</div>
<div> Interface "eno3"</div>
<div> Port phy-br-ex</div>
<div> Interface phy-br-ex</div>
<div> type: patch</div>
<div> options: {peer=int-br-ex}</div>
<div> Port "vlan204"</div>
<div> tag: 204</div>
<div> Interface "vlan204"</div>
<div> type: internal</div>
<div> Port "vlan203"</div>
<div> tag: 203</div>
<div> Interface "vlan203"</div>
<div> type: internal</div>
<div> Bridge br-int</div>
<div> fail_mode: secure</div>
<div> Port "tap485f8aa8-86"</div>
<div> tag: 2</div>
<div> Interface "tap485f8aa8-86"</div>
<div> type: internal</div>
<div> Port patch-tun</div>
<div> Interface patch-tun</div>
<div> type: patch</div>
<div> options: {peer=patch-int}</div>
<div> Port "tap62b75cc5-ef"</div>
<div> tag: 3</div>
<div> Interface "tap62b75cc5-ef"</div>
<div> type: internal</div>
<div> Port br-int</div>
<div> Interface br-int</div>
<div> type: internal</div>
<div> Port "tap123c52e6-5d"</div>
<div> tag: 1</div>
<div> Interface "tap123c52e6-5d"</div>
<div> type: internal</div>
<div> Port int-br-ex</div>
<div> Interface int-br-ex</div>
<div> type: patch</div>
<div> options: {peer=phy-br-ex}</div>
<div> Bridge br-tun</div>
<div> fail_mode: secure</div>
<div> Port br-tun</div>
<div> Interface br-tun</div>
<div> type: internal</div>
<div> Port "vxlan-ac11000c"</div>
<div> Interface "vxlan-ac11000c"</div>
<div> type: vxlan</div>
<div> options: {df_default="true", in_key=flow, local_ip="172.17.0.11", out_key=flow, remote_ip="172.17.0.12"}</div>
<div> Port "vxlan-ac11000a"</div>
<div> Interface "vxlan-ac11000a"</div>
<div> type: vxlan</div>
<div> options: {df_default="true", in_key=flow, local_ip="172.17.0.11", out_key=flow, remote_ip="172.17.0.10"}</div>
<div> Port patch-int</div>
<div> Interface patch-int</div>
<div> type: patch</div>
<div> options: {peer=patch-tun}</div>
<div> Port "vxlan-ac11000d"</div>
<div> Interface "vxlan-ac11000d"</div>
<div> type: vxlan</div>
<div> options: {df_default="true", in_key=flow, local_ip="172.17.0.11", out_key=flow, remote_ip="172.17.0.13"}</div>
<div> Port "vxlan-ac11000e"</div>
<div> Interface "vxlan-ac11000e"</div>
<div> type: vxlan</div>
<div> options: {df_default="true", in_key=flow, local_ip="172.17.0.11", out_key=flow, remote_ip="172.17.0.14"}</div>
<div><br>
</div>
</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Tue, Oct 18, 2016 at 8:50 AM, John Marks <span dir="ltr">
<<a href="mailto:jdmarks75080@gmail.com" target="_blank">jdmarks75080@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex; border-left:1px #ccc solid; padding-left:1ex">
<div dir="ltr">Doesn't that make the stack very inflexible? And yes, we have faced this issue before and talked to RH about it and they said exactly the same thing. However, if I redeploy, I have found that modifying the network config does not take affect
and I have to delete and redeploy the overcloud. That would really reak havoc if I had to do that in production.
<div><br>
</div>
<div>Thanks for the reply. </div>
</div>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_extra"><br>
<div class="gmail_quote">On Tue, Oct 18, 2016 at 8:43 AM, Boris Derzhavets <span dir="ltr">
<<a href="mailto:bderzhavets@hotmail.com" target="_blank">bderzhavets@hotmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex; border-left:1px #ccc solid; padding-left:1ex">
<div dir="ltr">
<div id="m_3066342083684757220m_1310749496119380747divtagdefaultwrapper" style="font-size:12pt; color:#000000; font-family:Calibri,Arial,Helvetica,sans-serif">
<p>Sorry for typo</p>
<p><span> If I am not correct stating the above, RH's technical stuff will point to my mistake for sure</span></p>
<p><span>I skipped "if" on first place.</span><br>
</p>
<div class="m_3066342083684757220hm m_3066342083684757220HOEnZb"></div>
<p></p>
<div class="m_3066342083684757220hm m_3066342083684757220HOEnZb"><br>
</div>
<div style="color:rgb(49,55,57)">
<div class="m_3066342083684757220hm m_3066342083684757220HOEnZb">
<hr style="display:inline-block; width:98%">
<div id="m_3066342083684757220m_1310749496119380747divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b>
<a href="mailto:rdo-list-bounces@redhat.com" target="_blank">rdo-list-bounces@redhat.com</a> <<a href="mailto:rdo-list-bounces@redhat.com" target="_blank">rdo-list-bounces@redhat.com</a>> on behalf of Boris Derzhavets <<a href="mailto:bderzhavets@hotmail.com" target="_blank">bderzhavets@hotmail.com</a>><br>
<b>Sent:</b> Tuesday, October 18, 2016 4:37 PM<br>
<b>To:</b> John Marks; <a href="mailto:rdo-list@redhat.com" target="_blank">rdo-list@redhat.com</a><br>
<b>Subject:</b> Re: [rdo-list] Adding a vlan to the external network in tripleo</font>
<div> </div>
</div>
</div>
<span>
<div>
<div id="m_3066342083684757220m_1310749496119380747divtagdefaultwrapper" style="font-size:12pt; color:#000000; font-family:Calibri,Arial,Helvetica,sans-serif">
<p></p>
<div>I have a lab situation where there are 2 networks. One is in one DMZ and the other is a lab isolated network. I need access to both via the external port. I believe what I need to do is add another port to the bridge on a vlan to the lab network. I created
a new external network in Director and assigned the vlan to it. However, I am not sure that will add it to the existing bridge.
<div><br>
</div>
<div>A bigger question around this is why does Openstack not support modifications after installation to the north/south network?
<br>
<br>
Openstack has no problem with adding one more external network (or even 2) of VLAN type .<br>
See for instance <a id="m_3066342083684757220m_1310749496119380747LPlnk15761" href="https://www.linux.com/blog/rdo-mitaka-several-external-networks-vlan-provider-setup" class="m_3066342083684757220m_1310749496119380747OWAAutoLink" target="_blank">
https://www.linux.com/blog/rdo<wbr>-mitaka-several-external-netwo<wbr>rks-vlan-provider-setup</a><br>
The problem here is the way which was used for deployment, it is TripleO.<br>
To have the job done you need to update heat stack "overcloud" which had been built<br>
on undercloud Node. So you should be able redeploy overcloud with specific tripleo-heat-template<br>
addressing you needs. I would expect your br-ex bridges to have IPs on ctlplane obtained via DHCP.<br>
Any manual intervention to overcloud is impossible. You have presumably only one<br>
option , which is to ask vendor for support.<br>
I am not correct stating the above, RH's technical stuff will point to my mistake for sure.
<br>
That is why I am so sorry about regression taken place in packstack functionality<br>
<br>
Boris.<br>
<br>
<br>
East/west is easy but North/South has to have a lot of modifications made to static files (it seems) like plugin.ini and openvswitch.ini. </div>
<div><br>
</div>
</div>
<br>
<p></p>
</div>
<hr style="display:inline-block; width:98%">
<div id="m_3066342083684757220m_1310749496119380747divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b>
<a href="mailto:rdo-list-bounces@redhat.com" target="_blank">rdo-list-bounces@redhat.com</a> <<a href="mailto:rdo-list-bounces@redhat.com" target="_blank">rdo-list-bounces@redhat.com</a>> on behalf of John Marks <<a href="mailto:jdmarks75080@gmail.com" target="_blank">jdmarks75080@gmail.com</a>><br>
<b>Sent:</b> Tuesday, October 18, 2016 7:32:53 AM<br>
<b>To:</b> <a href="mailto:rdo-list@redhat.com" target="_blank">rdo-list@redhat.com</a><br>
<b>Subject:</b> [rdo-list] Adding a vlan to the external network in tripleo</font>
<div> </div>
</div>
<div>
<div dir="ltr">I have a lab situation where there are 2 networks. One is in one DMZ and the other is a lab isolated network. I need access to both via the external port. I believe what I need to do is add another port to the bridge on a vlan to the lab network.
I created a new external network in Director and assigned the vlan to it. However, I am not sure that will add it to the existing bridge.
<div><br>
</div>
<div>A bigger question around this is why does Openstack not support modifications after installation to the north/south network? East/west is easy but North/South has to have a lot of modifications made to static files (it seems) like plugin.ini and openvswitch.ini. </div>
<div><br>
</div>
<div>Any help would be appreciated. </div>
</div>
</div>
</div>
</span></div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</div>
</body>
</html>