This blog will show you how to install Openstack Neutron using packstack on nodes running in a virtual environment. Configuration of the service is done at the command line. There is a lot of information avaliable on how to create networks and routers using the CLI, this blog will show you how to create networks and routers using the Horizon web page.
For my enviroment I am using Havanna RDO installed on top of CentOs 6.4. I have 3 nodes that are running as virtual machines in a VMware environment. I have also tested this with the IceHouse release and the install and configuration is valid for that release as well.
Nova nodes. |
First thing to do is set the Promiscuous mode to accept on the vSwitches
|
All the nodes have 3 network interfaces. Eth0 is used for both the internal and external networking and Eth1/2 is used to connect to my iSCSI storage network. I use packstack with an answer file to install all 3 nodes. Below are the specific settings in the answer file for Neutron. CONFIG_NEUTRON_SERVER_HOST=10.10.81.169 CONFIG_NEUTRON_KS_PW=password CONFIG_NEUTRON_DB_PW=password CONFIG_NEUTRON_L3_HOSTS=10.10.81.169,10.10.81.168,10.10.81.167 CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex CONFIG_NEUTRON_DHCP_HOSTS=10.10.81.169,10.10.81.168,10.10.81.167 CONFIG_NEUTRON_LBAAS_HOSTS= CONFIG_NEUTRON_L2_PLUGIN=openvswitch CONFIG_NEUTRON_METADATA_HOSTS=10.10.81.169,10.10.81.168,10.10.81.167 CONFIG_NEUTRON_METADATA_PW=password CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=gre CONFIG_NEUTRON_LB_VLAN_RANGES= CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS=eth0:br-int CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=gre CONFIG_NEUTRON_OVS_VLAN_RANGES= CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=eth0:br-ex CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:eth0 CONFIG_NEUTRON_OVS_TUNNEL_RANGES=1:1000 CONFIG_NEUTRON_OVS_TUNNEL_IF = Install with the following command: packstack –answer-file=my_answers.txt |
After the install completes we can view our hosts from the horizon web page verifying that all hosts were installed |
We have to configure the br-ex interface. Use vim to edit the ifcfg-br-ex file |
We use the setting shown above. Note that we use the ip information from eth0 here. We will replace the ifcfg-eth0 file with new settings in the next steps. |
Delete the ifcfg-eth0 file. Use vim to create a new one. |
The settings above will map eth0 to the newly created br-ex. |
Next we change the veth settings in the ini file located in the /etc/neutron directory. You can copy and paste the lines in one shot below: for i in /etc/neutron/*.ini do sed -i "s/^[# ]*ovs_use_veth.*$/ovs_use_veth = True/g" $i done |
Next we enable he metadata in the dhcp_agent.ini file.Copy and past the lines below in one shot: sed -i \ -e "s/^[# ]*enable_isolated_metadata.*$/enable_isolated_metadata = True/g" \ -e "s/^[# ]*enable_metadata_network.*$/enable_metadata_network = True/g" \ /etc/neutron/dhcp_agent.ini |
NOTE: The last 6 steps must be repeated on all nodes that will be configured to use Neutron. In this case all 3 of my nodes need this configuration. Use the correct IP address for each node in the br-ex file. |
Test that the the new br-ex and eth0 settings work by restarting the network service network restart After the configuration is complete and tested on all nodes, reboot the hosts. |
Allow ICPM and SSH connections for the Default security group with the following commands: source /root/keystonerc_admin nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 |
From the Horizon web page under Admin, Networks click “Create Network” |
Create an internal network called Internal. Assign it to the admin project. Click “Create Network” Back on the Admin, Network page you will see the network created. Click “Create Network” again |
Create an external network called External. Assign it to the admin project and use the check box to mark it as an External Network. Click “Create Network”. |
We now have 2 networks created. We need to create subnets for them. To this click on the network name. |
Click on the Create Subnet button |
Above are the settings for my external network. This is the same network address scheme as the IP’s used for the br-ex interfaces. Click the Subnet Detail tab |
Enable DHCP and create an allocation pool of IP’s that are available on the network. Note that these IPS will be used as Floating IP’s and at least one will be assigned to the external interface of the router will will create to allow the internal network to have access to the external network. Click “Create Subnet” when complete. |
We can see the subnet is created and associated with the External network. Go back to the Admin, Network page and click the Internal network. |
Click the “Create Subnet” button |
Above are the settings for my internal network. The gateway IP will be used for the internal interface of the router. Click the Subnet Detail tab |
Enable DHCP and create an IP allocation pool that will be given to instances attached to the Internal Network. Click “Create Subnet” |
The Internal Subnet is created. |
On the Project, Router page click “Create Router” |
Give the router a name. Click “Create Router” |
Set the gateway for the router by clicking “Set Gateway”. |
Use the drop down to select the External Network we created called External. Click “Set Gateway” |
The router is now created and connected to the External network. Click on the name “Router” |
We can see the interfaces connected to the router and the IPS assigned. The status reads down until the first traffic flow through the interface. |
Click the “Add Interface” button |
Use the drop down to connect the internal network to the interface. Give it an IP address. Click “Add Interface” |
The router now has 2 interfaces connecting it to both the external and internal network. |
Click on the Projects, Network Topology page and we can see a visual representation of our network. |
To test the network I deploy 3 instances. Nova will load balance so that every nodes runs one instance. I connect them to the internal network. The topology map show how they are connected and the IPS of each instance. Click on one of the instances and open a console. |
From that instance we can ping the other 2 instances and the internal router interface |
We can also ping a node on our external network. This verifies that Neutron is configured and working correctly. |