Hi, all
I want to deploy an baremetal environment(pike) with network isolation. I have three controller nodes and one compute node. Each node has 3 nics. If I set external network as a vlan I succeed. But If I set external network on the bridge(using native vlan on the trunked interface) I fail. Anyone can help? Thanks!
Here are some config of controller nodes. Compute node does not have external network and storage management network.
Controller NICs
| Bonded Interface | Bond Slaves |
|
| bond1 | eth1, eth2 |
|
| Networks |
| NIC |
| Provisioning |
| eth0 |
| External |
| bond1 / br-ex |
| Internal |
| bond1 / vlan201 |
| Tenant |
| bond1 / vlan204 |
| Storage |
| bond1 / vlan202 |
| Storage Management |
| bond1 / vlan203 |
network-environment.yaml
resource_registry:
OS::TripleO::Compute::Net::SoftwareConfig:
../network/config/bond-with-vlans/compute.yaml
OS::TripleO::Controller::Net::SoftwareConfig:
../network/config/bond-with-vlans/controller.yaml
parameter_defaults:
ControlPlaneSubnetCidr: '24'
ControlPlaneDefaultRoute: 192.168.24.1
EC2MetadataIp: 192.168.24.1
InternalApiNetCidr: 172.17.0.0/24
StorageNetCidr: 172.18.0.0/24
StorageMgmtNetCidr: 172.19.0.0/24
TenantNetCidr: 172.16.0.0/24
ExternalNetCidr: 192.168.1.0/24
InternalApiNetworkVlanID: 201
StorageNetworkVlanID: 202
StorageMgmtNetworkVlanID: 203
TenantNetworkVlanID: 204
InternalApiAllocationPools: [{'start': '172.17.0.10', 'end': '172.17.0.200'}]
StorageAllocationPools: [{'start': '172.18.0.10', 'end': '172.18.0.200'}]
StorageMgmtAllocationPools: [{'start': '172.19.0.10', 'end': '172.19.0.200'}]
TenantAllocationPools: [{'start': '172.16.0.10', 'end': '172.16.0.200'}]
ExternalAllocationPools: [{'start': '192.168.1.223', 'end': '192.168.1.235'}]
ExternalInterfaceDefaultRoute: 192.168.1.1
DnsServers: ["192.168.1.1"]
NeutronNetworkType: 'vlan'
NeutronTunnelTypes: ''
NeutronNetworkVLANRanges: 'datacentre:1:1000'
BondInterfaceOvsOptions: "bond_mode=active-backup"
NeutronMechanismDrivers: linuxbridge
controller.yaml
[...]
resources:
OsNetConfigImpl:
type: OS::Heat::SoftwareConfig
properties:
group: script
config:
str_replace:
template:
get_file: ../../scripts/run-os-net-config.sh
params:
$network_config:
network_config:
- type: interface
name: nic1
use_dhcp: false
addresses:
- ip_netmask:
list_join:
- /
- - get_param: ControlPlaneIp
- get_param: ControlPlaneSubnetCidr
routes:
- ip_netmask: 169.254.169.254/32
next_hop:
get_param: EC2MetadataIp
- type: linux_bridge
name: bridge_name
dns_servers:
get_param: DnsServers
use_dhcp: false
addresses:
- ip_netmask:
get_param: ExternalIpSubnet
routes:
- default: true
next_hop:
get_param: ExternalInterfaceDefaultRoute
members:
- type: linux_bond
name: bond1
bonding_options: mode=1
members:
- type: interface
name: nic2
primary: true
- type: interface
name: nic3
- type: vlan
device: bond1
vlan_id:
get_param: InternalApiNetworkVlanID
addresses:
- ip_netmask:
get_param: InternalApiIpSubnet
- type: vlan
device: bond1
vlan_id:
get_param: StorageNetworkVlanID
addresses:
- ip_netmask:
get_param: StorageIpSubnet
- type: vlan
device: bond1
vlan_id:
get_param: StorageMgmtNetworkVlanID
addresses:
- ip_netmask:
get_param: StorageMgmtIpSubnet
- type: vlan
device: bond1
vlan_id:
get_param: TenantNetworkVlanID
addresses:
- ip_netmask:
get_param: TenantIpSubnet
outputs:
OS::stack_id:
description: The OsNetConfigImpl resource.
value:
get_resource: OsNetConfigImpl