The Rackspace Private Cloud cookbooks setup the Openstack deployment without setting up the L3 Agent. The L3 Agent is not installed. The L3 Agent is required to route the Network Traffic to the Internet. By default the Openstack Neutron Networking deployment will be setup with the Virtual Machine Instances in Isolated Networks, in all three modes: Flat, VLAN, GRE. You can create multiple private networks for projects and create routers to route traffic between these private networks, but the VMs cannot reach the Internet. This the Rackspace Private Cloud team did because the L3 Agent is not fully supported in High Availability (HA) deployment modes.
I am not setting up HA. GRE mode is quite easy to setup because the configuration required in the physical network is minimal, compared to VLAN networking.
This is my setup:
To setup the L3 Agent follow the steps below:
Step1: On the Network Node Install the L3 agent
# apt-get -y install quantum-l3-agent
Step2: Enable IP_Forwarding on the Compute and the Network Node as below
# sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
# sysctl net.ipv4.ip_forward=1
Step3: On the Network Node create the external bridge br-ex that will be used to access the Internet
# ovs-vsctl add-br br-ex
Step4: For Step4 you need to have console access to the Network Node. SSH will not do. This is because you will be reconfiguring the eth0 interface that is used for SSH and Management traffic. This is like chopping the branch you are sitting on if you use SSH.
Modify your eth0 configuration in /etc/network/interfaces file to look like this:
auto eth0
iface eth0 inet manual
up ifconfig $IFACE 0.0.0.0 up
up ip link set $IFACE promisc on
down ip link set $IFACE promisc off
down ifconfig $IFACE down
Move your IP configuration you had on eth0 to the br-ex interface:
auto br-ex
iface br-ex inet static
address 10.112.252.245
netmask 255.255.255.0
gateway 10.112.252.253
dns-nameservers 10.112.116.138 10.112.116.139 10.112.64.1
Add the eth0 interface to br-ex bridge.
# ovs-vsctl add-port br-ex eth0
Reboot the Network Node. You should get your connectivity back to the Network Node for SSH.
Step5: As a troubleshooting step restart all Quantum services on the Network Node:
# cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i restart; done
I am not setting up HA. GRE mode is quite easy to setup because the configuration required in the physical network is minimal, compared to VLAN networking.
This is my setup:
To setup the L3 Agent follow the steps below:
Step1: On the Network Node Install the L3 agent
# apt-get -y install quantum-l3-agent
Step2: Enable IP_Forwarding on the Compute and the Network Node as below
# sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
# sysctl net.ipv4.ip_forward=1
Step3: On the Network Node create the external bridge br-ex that will be used to access the Internet
# ovs-vsctl add-br br-ex
Step4: For Step4 you need to have console access to the Network Node. SSH will not do. This is because you will be reconfiguring the eth0 interface that is used for SSH and Management traffic. This is like chopping the branch you are sitting on if you use SSH.
Modify your eth0 configuration in /etc/network/interfaces file to look like this:
auto eth0
iface eth0 inet manual
up ifconfig $IFACE 0.0.0.0 up
up ip link set $IFACE promisc on
down ip link set $IFACE promisc off
down ifconfig $IFACE down
Move your IP configuration you had on eth0 to the br-ex interface:
auto br-ex
iface br-ex inet static
address 10.112.252.245
netmask 255.255.255.0
gateway 10.112.252.253
dns-nameservers 10.112.116.138 10.112.116.139 10.112.64.1
Add the eth0 interface to br-ex bridge.
# ovs-vsctl add-port br-ex eth0
Reboot the Network Node. You should get your connectivity back to the Network Node for SSH.
Step5: As a troubleshooting step restart all Quantum services on the Network Node:
# cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i restart; done
Great article!
ReplyDeleteOne question:
Step 3 tells me to create a bridge on the network node
However,
The IP addresses in step 4 indicate the compute node, not the network one. Care to clarify?
Thanks Trond. Sorry my mistake. 10.112.252.245 is actually my Network Node in my setup. To clarify you should just move the IP address on your Network Node eth0 interface to the br-ex interface.
ReplyDelete