I have been recently watching
https://www.youtube.com/watch?v=8zFQG5mKwPk&feature=autoshare
Regardless external bridge br-ex usually doesn't have DHCP mode but
on system where management and external interfaces are supported by different
NICs ( say eth0 and eht1) . It makes sense to turn br-ex into DHCP mode, splitting DHCP pools of DHCP Server serving physical external network and
allocation pool of floating IPs which belongs to virtual external network.
Lars's Kellogg Stedman Video has been made for RDO IceHouse, and I wanted to
make sure that explicit update to ovsdb via br-ex syntax would work as expected on RDO Mitaka . To see for yourself that it works exactly as proposed a while ago.
Create pool DHCP on external router like this
[root@fedora23wks ~]# virsh net-dumpxml external3
<network connections='1'>
<name>external3</name>
<uuid>d0e9964b-e91a-40c0-b769-a609aee41bf2</uuid>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr7' stp='on' delay='0'/>
<mac address='52:54:00:60:f8:6d'/>
<ip address='192.179.143.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.179.143.2' end='192.179.143.100'/>
</dhcp>
</ip>
</network>
System has two VNIC eth0 - mgmt ( static IP ) and external VNIC eth1
************
Then :-
************
In this setup packstack will bind AIO Instance to static IP belongs 192.169.142.0/24, interface eth1 will have IP obtained via DHCP
from NAT Libvirt network external3 defined above in interval
( 192.179.143.2 , 192.179.143.100 )
*************************************************************************************
ifcfg-br-ex, ifcfg-et1 configuration follow https://www.youtube.com/watch?v=8zFQG5mKwPk&feature=autoshare
*************************************************************************************
[root@CentOS72DHV network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
ONBOOT=yes
# MACADDRESS eth1
MACADDR=52:54:00:d6:d8:a0
OVS_EXTRA="set bridge $DEVICE other-config:hwaddr=$MACADDR"
OVSBOOTPROTO=dhcp
OVSDHCPINTERFACES=eth1
[root@CentOS72DHV network-scripts(keystone_admin)]# cat ifcfg-eth1
DEVICE="eth1"
BOOTPROTO="none"
ONBOOT="yes"
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br-ex
***************************
Then run script
***************************
#!/bin/bash -x
chkconfig network on
systemctl stop NetworkManager
systemctl disable NetworkManager
service network restart
****************************************
Network and OVS Configuration
****************************************
[root@CentOS72DHV network-scripts(keystone_admin)]# ovs-vsctl show
7e37d142-9b04-4d1d-a94f-c1571bf3e72d
Bridge br-ex
Port "qg-3c158a8b-f2"
Interface "qg-3c158a8b-f2"
type: internal
Port "eth1"
Interface "eth1"
Port br-ex
Interface br-ex
type: internal
Bridge br-tun
fail_mode: secure
Port br-tun
Interface br-tun
type: internal
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Bridge br-int
fail_mode: secure
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "qvodb9910dc-eb"
tag: 2
Interface "qvodb9910dc-eb"
Port "tap19245275-18"
tag: 1
Interface "tap19245275-18"
type: internal
Port br-int
Interface br-int
type: internal
Port "tapec314038-5e"
tag: 2
Interface "tapec314038-5e"
type: internal
Port "qr-c5e01f38-65"
tag: 2
Interface "qr-c5e01f38-65"
type: internal
ovs_version: "2.4.0"
[root@CentOS72DHV network-scripts(keystone_admin)]# ifconfig
br-ex: flags=4163 mtu 1500 <=== external bridge
inet 192.179.143.7 netmask 255.255.255.0 broadcast 192.179.143.255
inet6 fe80::5054:ff:fed6:d8a0 prefixlen 64 scopeid 0x20
ether 52:54:00:d6:d8:a0 txqueuelen 0 (Ethernet)
RX packets 317 bytes 27040 (26.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 304 bytes 25442 (24.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163 mtu 1500 <=== management interface
inet 192.169.142.50 netmask 255.255.255.0 broadcast 192.169.142.255
inet6 fe80::5054:ff:fe22:d9a2 prefixlen 64 scopeid 0x20
ether 52:54:00:22:d9:a2 txqueuelen 1000 (Ethernet)
RX packets 3136 bytes 1034328 (1010.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2369 bytes 6386578 (6.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163 mtu 1500
inet6 fe80::5054:ff:fed6:d8a0 prefixlen 64 scopeid 0x20
ether 52:54:00:d6:d8:a0 txqueuelen 1000 (Ethernet)
RX packets 1083 bytes 126189 (123.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 494 bytes 96540 (94.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 0 (Local Loopback)
RX packets 310689 bytes 67699696 (64.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 310689 bytes 67699696 (64.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qbrdb9910dc-eb: flags=4163 mtu 1450
ether 02:b8:f4:eb:86:ca txqueuelen 0 (Ethernet)
RX packets 15 bytes 1444 (1.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvbdb9910dc-eb: flags=4419 mtu 1450
inet6 fe80::b8:f4ff:feeb:86ca prefixlen 64 scopeid 0x20
ether 02:b8:f4:eb:86:ca txqueuelen 1000 (Ethernet)
RX packets 271 bytes 78660 (76.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 262 bytes 79210 (77.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvodb9910dc-eb: flags=4419 mtu 1450
inet6 fe80::502b:aaff:fea3:bd34 prefixlen 64 scopeid 0x20
ether 52:2b:aa:a3:bd:34 txqueuelen 1000 (Ethernet)
RX packets 262 bytes 79210 (77.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 271 bytes 78660 (76.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tapdb9910dc-eb: flags=4163 mtu 1450
inet6 fe80::fc16:3eff:fef4:568c prefixlen 64 scopeid 0x20
ether fe:16:3e:f4:56:8c txqueuelen 500 (Ethernet)
RX packets 254 bytes 78562 (76.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 272 bytes 78738 (76.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
*******************************************
Neutron reports
*******************************************
[root@CentOS72DHV ~(keystone_admin)]# neutron net-list
+--------------------------------------+--------------+--------------------------------------------+
| id | name | subnets |
+--------------------------------------+--------------+--------------------------------------------+
| 2855a852-4c0a-49a4-8ba0-f4663d78d680 | private | 72411e45-85f1-4d71-8924-fe2e2ad7aca9 |
| | | 10.0.0.0/24 |
| b388c993-ab9f-4c36-a9c4-98b9008bd5c7 | public | 6a144f83-e878-4bb3-92a6-dfce114b5d87 |
| | | 192.179.143.0/24 |
| 985d0b1a-fab9-40d6-a53c-8ea9d6e1970b | demo_network | de8523c9-1a0c-4970-b1e7-4df8a335ad34 |
| | | 50.0.0.0/24 |
+--------------------------------------+--------------+--------------------------------------------+
[root@CentOS72DHV ~(keystone_admin)]# neutron subnet-list
+--------------------------------+------------------+------------------+--------------------------------+
| id | name | cidr | allocation_pools |
+--------------------------------+------------------+------------------+--------------------------------+
| 6a144f83-e878-4bb3-92a6-dfce11 | sub_public | 192.179.143.0/24 | {"start": "192.179.143.150", |
| 4b5d87 | | | "end": "192.179.143.254"} |
| 72411e45-85f1-4d71-8924-fe2e2a | private_subnet | 10.0.0.0/24 | {"start": "10.0.0.2", "end": |
| d7aca9 | | | "10.0.0.254"} |
| de8523c9-1a0c-4970-b1e7-4df8a3 | sub_demo_network | 50.0.0.0/24 | {"start": "50.0.0.10", "end": |
| 35ad34 | | | "50.0.0.254"} |
+--------------------------------+------------------+------------------+--------------------------------+
https://www.youtube.com/watch?v=8zFQG5mKwPk&feature=autoshare
Regardless external bridge br-ex usually doesn't have DHCP mode but
on system where management and external interfaces are supported by different
NICs ( say eth0 and eht1) . It makes sense to turn br-ex into DHCP mode, splitting DHCP pools of DHCP Server serving physical external network and
allocation pool of floating IPs which belongs to virtual external network.
Lars's Kellogg Stedman Video has been made for RDO IceHouse, and I wanted to
make sure that explicit update to ovsdb via br-ex syntax would work as expected on RDO Mitaka . To see for yourself that it works exactly as proposed a while ago.
Create pool DHCP on external router like this
[root@fedora23wks ~]# virsh net-dumpxml external3
<network connections='1'>
<name>external3</name>
<uuid>d0e9964b-e91a-40c0-b769-a609aee41bf2</uuid>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr7' stp='on' delay='0'/>
<mac address='52:54:00:60:f8:6d'/>
<ip address='192.179.143.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.179.143.2' end='192.179.143.100'/>
</dhcp>
</ip>
</network>
System has two VNIC eth0 - mgmt ( static IP ) and external VNIC eth1
************
Then :-
************
# yum install -y centos-release-openstack-mitaka
# yum update -y
# sudo yum install -y openstack-packstack
# packstack --allinoneIn this setup packstack will bind AIO Instance to static IP belongs 192.169.142.0/24, interface eth1 will have IP obtained via DHCP
from NAT Libvirt network external3 defined above in interval
( 192.179.143.2 , 192.179.143.100 )
*************************************************************************************
ifcfg-br-ex, ifcfg-et1 configuration follow https://www.youtube.com/watch?v=8zFQG5mKwPk&feature=autoshare
*************************************************************************************
[root@CentOS72DHV network-scripts(keystone_admin)]# cat ifcfg-br-ex
DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
ONBOOT=yes
# MACADDRESS eth1
MACADDR=52:54:00:d6:d8:a0
OVS_EXTRA="set bridge $DEVICE other-config:hwaddr=$MACADDR"
OVSBOOTPROTO=dhcp
OVSDHCPINTERFACES=eth1
[root@CentOS72DHV network-scripts(keystone_admin)]# cat ifcfg-eth1
DEVICE="eth1"
BOOTPROTO="none"
ONBOOT="yes"
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br-ex
***************************
Then run script
***************************
#!/bin/bash -x
chkconfig network on
systemctl stop NetworkManager
systemctl disable NetworkManager
service network restart
****************************************
Network and OVS Configuration
****************************************
[root@CentOS72DHV network-scripts(keystone_admin)]# ovs-vsctl show
7e37d142-9b04-4d1d-a94f-c1571bf3e72d
Bridge br-ex
Port "qg-3c158a8b-f2"
Interface "qg-3c158a8b-f2"
type: internal
Port "eth1"
Interface "eth1"
Port br-ex
Interface br-ex
type: internal
Bridge br-tun
fail_mode: secure
Port br-tun
Interface br-tun
type: internal
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Bridge br-int
fail_mode: secure
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "qvodb9910dc-eb"
tag: 2
Interface "qvodb9910dc-eb"
Port "tap19245275-18"
tag: 1
Interface "tap19245275-18"
type: internal
Port br-int
Interface br-int
type: internal
Port "tapec314038-5e"
tag: 2
Interface "tapec314038-5e"
type: internal
Port "qr-c5e01f38-65"
tag: 2
Interface "qr-c5e01f38-65"
type: internal
ovs_version: "2.4.0"
[root@CentOS72DHV network-scripts(keystone_admin)]# ifconfig
br-ex: flags=4163
inet 192.179.143.7 netmask 255.255.255.0 broadcast 192.179.143.255
inet6 fe80::5054:ff:fed6:d8a0 prefixlen 64 scopeid 0x20
ether 52:54:00:d6:d8:a0 txqueuelen 0 (Ethernet)
RX packets 317 bytes 27040 (26.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 304 bytes 25442 (24.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163
inet 192.169.142.50 netmask 255.255.255.0 broadcast 192.169.142.255
inet6 fe80::5054:ff:fe22:d9a2 prefixlen 64 scopeid 0x20
ether 52:54:00:22:d9:a2 txqueuelen 1000 (Ethernet)
RX packets 3136 bytes 1034328 (1010.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2369 bytes 6386578 (6.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163
inet6 fe80::5054:ff:fed6:d8a0 prefixlen 64 scopeid 0x20
ether 52:54:00:d6:d8:a0 txqueuelen 1000 (Ethernet)
RX packets 1083 bytes 126189 (123.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 494 bytes 96540 (94.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 0 (Local Loopback)
RX packets 310689 bytes 67699696 (64.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 310689 bytes 67699696 (64.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qbrdb9910dc-eb: flags=4163
ether 02:b8:f4:eb:86:ca txqueuelen 0 (Ethernet)
RX packets 15 bytes 1444 (1.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvbdb9910dc-eb: flags=4419
inet6 fe80::b8:f4ff:feeb:86ca prefixlen 64 scopeid 0x20
ether 02:b8:f4:eb:86:ca txqueuelen 1000 (Ethernet)
RX packets 271 bytes 78660 (76.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 262 bytes 79210 (77.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvodb9910dc-eb: flags=4419
inet6 fe80::502b:aaff:fea3:bd34 prefixlen 64 scopeid 0x20
ether 52:2b:aa:a3:bd:34 txqueuelen 1000 (Ethernet)
RX packets 262 bytes 79210 (77.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 271 bytes 78660 (76.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tapdb9910dc-eb: flags=4163
inet6 fe80::fc16:3eff:fef4:568c prefixlen 64 scopeid 0x20
ether fe:16:3e:f4:56:8c txqueuelen 500 (Ethernet)
RX packets 254 bytes 78562 (76.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 272 bytes 78738 (76.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
*******************************************
Neutron reports
*******************************************
[root@CentOS72DHV ~(keystone_admin)]# neutron net-list
+--------------------------------------+--------------+--------------------------------------------+
| id | name | subnets |
+--------------------------------------+--------------+--------------------------------------------+
| 2855a852-4c0a-49a4-8ba0-f4663d78d680 | private | 72411e45-85f1-4d71-8924-fe2e2ad7aca9 |
| | | 10.0.0.0/24 |
| b388c993-ab9f-4c36-a9c4-98b9008bd5c7 | public | 6a144f83-e878-4bb3-92a6-dfce114b5d87 |
| | | 192.179.143.0/24 |
| 985d0b1a-fab9-40d6-a53c-8ea9d6e1970b | demo_network | de8523c9-1a0c-4970-b1e7-4df8a335ad34 |
| | | 50.0.0.0/24 |
+--------------------------------------+--------------+--------------------------------------------+
[root@CentOS72DHV ~(keystone_admin)]# neutron subnet-list
+--------------------------------+------------------+------------------+--------------------------------+
| id | name | cidr | allocation_pools |
+--------------------------------+------------------+------------------+--------------------------------+
| 6a144f83-e878-4bb3-92a6-dfce11 | sub_public | 192.179.143.0/24 | {"start": "192.179.143.150", |
| 4b5d87 | | | "end": "192.179.143.254"} |
| 72411e45-85f1-4d71-8924-fe2e2a | private_subnet | 10.0.0.0/24 | {"start": "10.0.0.2", "end": |
| d7aca9 | | | "10.0.0.254"} |
| de8523c9-1a0c-4970-b1e7-4df8a3 | sub_demo_network | 50.0.0.0/24 | {"start": "50.0.0.10", "end": |
| 35ad34 | | | "50.0.0.254"} |
+--------------------------------+------------------+------------------+--------------------------------+
