On 02/10/2017 08:39 AM, Gaurav Goyal wrote: > Hi, > > I need your help to configure multiple external networks in openstack > environment. > > I am using Liberty openstack. openvswitch with gre tunneling. > I want to create multiple external networks so that all interfaces of my > VM can be accessible to outside world. > I need your help to config neutron for multiple external networks. > > should i do following changes in my existing configuration? > > flat_networks = * > bridge_mappings = external:br-ex,external1:br-ex1 > ovs-vsctl add-br br-ex1 > ovs-vsctl add-port br-ex /p5p3/ > > is it going to impact all existing VMs running in openstack environment? > > * > o > > Edit the |/etc/neutron/plugins/ml2/ml2_conf.ini| file and > complete the following actions: > > 1. > > > > 1 > 2 > 3 > 4 > 5 > > |[ml2]| > |...| > |type_drivers = flat,vlan,gre,vxlan| > |tenant_network_types = gre| > |mechanism_drivers = openvswitch| > > 2. > > In the |[ml2_type_flat]| > > > 1 > 2 > 3 > > |[ml2_type_flat]| > |...| > |flat_networks = external| > > 3. > > In the |[ml2_type_gre]| section, > > > 1 > 2 > 3 > > |[ml2_type_gre]| > |...| > |tunnel_id_ranges = 1:1000| > > > o |/etc/neutron/plugins/ml2/openvswitch_agent.ini| > > [root@OSKVM1 ml2]# grep -v ^# openvswitch_agent.ini|grep -v ^$ > > [ovs] > local_ip = 10.24.0.4 > bridge_mappings = external:br-ex > [agent] > tunnel_types = gre > > * > > *To configure the Layer-3 (L3) agent* > > The Layer-3 (L3) agent > > <http://docs.openstack.org/kilo/install-guide/install/yum/content/neutron-network-node.html> > provides > routing services for virtual networks. > > o > > |/etc/neutron/l3_agent.ini| file > > 1. > > In the |[DEFAULT]| section, > > > 1 > 2 > 3 > 4 > 5 > > |[DEFAULT]| > |...| > |interface_driver = > neutron.agent.linux.interface.OVSInterfaceDriver| > |external_network_bridge =| > |router_delete_namespaces = True| > > > > Note > > The |external_network_bridge| option intentionally lacks a > value to enable multiple external networks on a single agent. > > *To configure the DHCP agent* > > The DHCP agent > <http://docs.openstack.org/kilo/install-guide/install/yum/content/neutron-network-node.html> > provides > DHCP services for virtual networks. > > 1. > > |/etc/neutron/dhcp_agent.ini| file > > 1. > > In the |[DEFAULT]| section, > > > 1 > 2 > 3 > 4 > 5 > > |[DEFAULT]| > |...| > |interface_driver = > neutron.agent.linux.interface.OVSInterfaceDriver| > |dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq| > |dhcp_delete_namespaces = True| > > 1. > > |/etc/neutron/dhcp_agent.ini| file > > 1. > > In the |[DEFAULT]| section, > > > 1 > 2 > 3 > > |[DEFAULT]| > |...| > |dnsmasq_config_file = ||/etc/neutron/dnsmasq-neutron||.conf| > > 2. > > Created |/etc/neutron/dnsmasq-neutron.conf| file and complete the > following action: > > 1. > > Enable the DHCP MTU option (26) and configure it to 1454 bytes: > > > 1 > > |dhcp-option-force=26,1454| > > *To configure the metadata agent* > > The metadata agent > <http://docs.openstack.org/kilo/install-guide/install/yum/content/neutron-network-node.html> > provides > configuration information such as credentials to instances. > > 1. > > |/etc/neutron/metadata_agent.ini| file > > 1. > > In the |[DEFAULT]| section, > > > 1 > 2 > 3 > 4 > 5 > 6 > 7 > 8 > 9 > 10 > 11 > > |[DEFAULT]| > |...| > |auth_uri = http:||//||controller:5000| > |auth_url = http:||//||controller:35357| > |auth_region = RegionOne| > |auth_plugin = password| > |project_domain_id = default| > |user_domain_id = default| > |project_name = service| > |username = neutron| > |password = NEUTRON_PASS| > > > In the |[DEFAULT]| section, configure the metadata host: > > 2. > > > 1 > 2 > 3 > > |[DEFAULT]| > |...| > |nova_metadata_ip = controller| > > 3. > > > 4. > > In the |[DEFAULT]| section, configure the metadata proxy shared > secret: > > > 1 > 2 > 3 > > |[DEFAULT]| > |...| > |metadata_proxy_shared_secret = METADATA_SECRET| > > > > 1. > > Add the external bridge: > > 2. > > # ovs-vsctl add-br br-ex > > 3. > > Add a port to the external bridge that connects to the physical > external network interface: > > Replace /|INTERFACE_NAME|/ with the actual interface name. For > example, /eth2/ or /ens256/. > > # ovs-vsctl add-port br-ex /p5p2/ > > / > / > /Regards/ > /Gaurav Goyal/ > > > > > _______________________________________________ > OpenStack-operators mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators >
In my experience, I have been able to modify the bridge mappings and add a bridge without affecting existing networks or VMs. It is required to restart the Neutron services after making such a change, but existing networks and ports will continue to operate while the Neutron services restart. If you want to have the least impact, I believe that restarting the neutron-server and L2 agents everywhere (such as openvswitch-agent) is sufficient, you can leave your L3 agents alone. -- Dan Sneddon | Senior Principal OpenStack Engineer [email protected] | redhat.com/openstack dsneddon:irc | @dxs:twitter _______________________________________________ OpenStack-operators mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
