> [ovs]
> enable_tunneling = True
> local_ip = 172.20.10.4 #this is different for the second node
> tunnel_types = gre
>
> [database]
> connection = mysql://neutron:XX@db/neutron
>
>
> Regards,
>
> Uwe
>
>
>
>
> Am 26.11.2014 um
gt;
> Meanwhile I found out that neutron-openvswitch-agent.service crashed on
> the network node (see my mail from a few minutes back).
>
> Regards,
>
> Uwe
>
>
>
> Am 26.11.2014 um 16:31 schrieb Andreas Scheuring:
> > Hi Uwe,
> > this is how my co
be valid. Maybe there's shortcut
in the code that also the ovs section is treated as agent section or
vice versa. But that's just a guess. Also haven't tried it out so far
--
Andreas
(irc: scheuran)
On Thu, 2014-11-27 at 09:47 +0100, Andreas Scheuring wrote:
> Hi Uwe,
&g
I'll try to adapt your config example and will report back once I come
> to that point again.
>
> Thanks again and have a nice weekend,
>
> Uwe
>
>
> Am 28.11.2014 um 12:37 schrieb Andreas Scheuring:
> > Hi Uwe, me again.
> > I just applied the
In a few words:
The tenant network is the software defined network you can create in the
network tab of the horizon dashboard. There could be a couple of them.
This is where you connect your instances to.
The logical networks (tenant networks) somehow have to map to the
network physics. Therfore
Hi Gonzalo,
from having a look, at the configuration reference [1], I see that the
bridge_mappings is only required in the [ovs] section [2] and not in the
ml2 configuration for vlan [3].
And also the code says, that the bridge_mappings attribute needs to be
in the [ovs] section.
You're talki
Hi Remo,
could you please share your settings via the mailinglist? I'm
interested, too.
Thanks!
--
Andreas
(irc: scheuran)
On Mon, 2015-02-09 at 21:27 -0800, Remo Mattei wrote:
> There are settings for the bridge you need to set I have it on my laptop if
> you need contact me off line
>
>
Hi,
tcpdump on a ovs bridges is not really working. The bridge is like a
real switch, so what you need to do is to set up port mirroring [1] for
all or a specific port. But although this is not working very well (to
my experience).
So if you can't see any packets on br-tun with tcpdump, that wor
Just realized that I might have misunderstood your question.
The ovs-vsctl show output you provided is from the compute node, right?
On your node that hosts the API endpoints, is there also the
neutron-server and neutron-dhcp service running?
First you're talking about not getting a dhcp reply
Hi Mitchell,
just was going through this mailthread.
If I get it right, your gateway IP Address is the 172.29.105.101. It is
configured on the Gateway interface (qg-8aac20dc-60) in the routers
network namespace (qrouter-b69f04d9-910d-472e-8f2c-ac1344c6127f).
You can prove that with executing
Hi Mitchel,
please see my response from Tuesday.
https://www.mail-archive.com/openstack%
40lists.openstack.org/msg11364.html
Hope it helps!
--
Andreas
(irc: scheuran)
On Wed, 2015-03-04 at 21:03 +, Mitchell Chen wrote:
> Hi All,
>
>
>
> I am struggling with not being able to ping t
;
> --- 172.29.105.101 ping statistics ---
> 4 packets transmitted, 0 received, 100% packet loss, time 2999ms
>
>
> Mitchell
>
> -Original Message-
> From: Andreas Scheuring [mailto:scheu...@linux.vnet.ibm.com]
> Sent: Thursday, March 05, 2015 3:42 AM
> To: Mitche
Hi Yngyi,
this absolutely makes sense.
As soon as you add a port to a bridge (doesn't matter if linux- or
ovs-bridge) it cannot be used as ip interface anymore. What you have to
do after you've added this interface to br-ex, you have to "move up" the
ip address to the br-ex.
e.g.
> ifconfig
>From the first point of view your setup looks fine.
I would recommend to use tcpdump to see where packets (dhcp or arp
requests) get lost.
For example running tcpdump on the compute nodes interface used for
tunneling you can verify if encapsulated packets leave your this node
and so on. What's
Thiago,
From an pure Openstack perspective there is no requirement to have vlans
configured when using linuxbridge with vxlan. You can put the vxlan
devices directly on your ethernet interface which will work perfectly.
The docs describe an example environment where folks use vlans in their
data
Hi Wilson,
don't get hung up on the port state for now, let's focus on on your
"ping" test that is not working.
I had a brief look at the pictures you attached. The first thing that
caught my attention is that your instance is shut off. So no chance to
ping it anyhow!
If it's still not working w
Thanks
>
>
> 2015-05-19 14:24 GMT+08:00 Andreas Scheuring
> :
> Hi Wilson,
> don't get hung up on the port
eas,
>
>
> Thanks for helping this newbie :D
>
>
> I don't know the password of the instance.
>
>
> Thanks
>
> 2015-05-20 4:12 GMT+08:00 Andreas Scheuring
> :
> Wilson,
> you can at least access your instance using the vnc cons
0800, Wilson Kwok wrote:
> Hello,
>
>
> Please see attached screenshot, you can see the instance can get DHCP
> from Neutron router, but still cannot ping router IP.
>
>
> Thanks
>
> 2015-05-20 14:14 GMT+08:00 Andreas Scheuring
> :
> That'
Your setup should be fine.
Ensure, that you have created your openstack external network as flat
provider network (default with devstack). Then adding br-ex into the
vlan device enforces vlan traffic on the external network.
An alternative approach would be to add the bond interface into the
br-e
finiton would be:
>
> [ml2_type_vlan]
> network_vlan_ranges = bond0.45:1001:2000 ?
>
> 2. Also, is it enough to have this definition on the network node ?
> (i.e. not for compute or controller node).
>
> Thanks and regards,
>
> Yngvi
>
> -Original Messa
Yes, should be on br-ex.
Can you check your l3.conf file? One way would be to define br-ex as
external bridge there.
> external_network_bridge = br-ex
Then restart l3 service and see if it changes...
Andreas
On Mi, 2015-06-17 at 07:23 +, Mitchell Chen wrote:
> Hi All,
>
>
>
> I se
No it'S not required. You need to configure your external Openstack
network properly and then connect your tenant network via a router to
it. The router then will do SNAT to get them outside.
Andreas
On Di, 2015-06-16 at 18:57 +0530, vikrant ambedkar wrote:
> Hi
>
>
> Out openstack multi nod
One way would be to achieve this via "Availabilty zones". Just create 2
host aggregates (and with it a such a zone) and add a hypervisor to each
of them (host aggreate to availability zone is 1:1 mapping)
The instance launch dialog allows you to select the zone.
Hope this helps
On Fr, 2015-06-2
The issue seems to be related to a neutron missconfiguration.
--> Unexpected vif_type=binding_failed
Please have a look at your neutron server config file in the network
node(s) and the l2 agent config files (ovs?). You should find additional
information there.
If this doesn't help, please prov
ance:
> 871c6af2-1673-4eb0-94a1-1ad07eb77ce5] Setting instance to ERROR state.
>
>
> Yngvi
>
> -Original Message-
> From: Yngvi Páll Þorfinnsson
> Sent: 29. júní 2015 11:02
> To: Andreas Scheuring
> Cc: openstack@lists.openstack.org
> Subject: Re: [Ope
nel network -> bond0.47
> > Mgmt network -> bond0.48
> > Extrenal network-> bond0.45
> >
> > And when I check for bridges and ports on the network node:
> >
> > root@network2:/# ovs-vsctl list-br
> > br-ex
> > br-int
> &g
the conf file
> /etc/neutron/plugins/ml2/ml2_conf.ini
> On computer host for now.
>
> Best regards
> Yngvi
>
> -----Original Message-
> From: Andreas Scheuring [mailto:scheu...@linux.vnet.ibm.com]
> Sent: 29. júní 2015 13:07
> To: uwe.sauter...@gmail.com
> Cc: o
| 3c4ddcff52a74f2b97b71392300aa74d |
+---+--+
How did you create yours? via the UI? Or are you attaching your instance
to the external network instead? In any case you need to attach it to
your tenant network!! I
nal=True
>
>
> But there seems not to be info on this one
> root@controller2:/# neutron net-show cf6489c4-7ed6-43dc-85aa-f4b8c6b501ca
> Unable to find network with name 'cf6489c4-7ed6-43dc-85aa-f4b8c6b501ca'
>
>
> best regards
> Yngvi
>
>
>
+--++----+-+--+
> | ID | Name | Status | Task State | Power State | Networks |
> ++--+++-+--+
> ++--+++-+--+
>
> Oh, I just followed the manual, so it's like this:
>
> source demo-openrc.sh
> neutron net-create demo-net
> neutron subnet-create demo-net --name demo-subnet \
> --gateway x.y.z.1 x.y.z.0/24
>
> And the router was also created according to the manual;
>
> neutr
orks as VLANs,
> in order to have native connection from VM to physical host on our server
> networks.
>
> Best regards
> Yngvi
>
> -Original Message-
> From: Yngvi Páll Þorfinnsson
> Sent: 30. júní 2015 08:15
> To: Andreas Scheuring
> Cc: openstack@lis
ond0.47 | 47 | bond0
> bond0.45 | 45 | bond0
>
> bond0.48 -> mgtm network
> bond0.47 -> tunnel network
> bond0.45 -> exteral network no.1
>
> currently only one external network has been configured.
>
> Best regards
> Yngvi
>
&
reste in :-)
> Best regards
> Yngvi
>
> -Original Message-
> From: Andreas Scheuring [mailto:scheu...@linux.vnet.ibm.com]
> Sent: 30. júní 2015 14:51
> To: Yngvi Páll Þorfinnsson
> Cc: openstack@lists.openstack.org
> Subject: Re: [Openstack] error creating instance
>
&
Hi,
I assume devstack does autoselect kvm if available. You can check your
nova.conf (/etc/nova/nova.conf)
The following line specifies that kvm is being used:
[libvirt]
...
virt_type = kvm
On Sa, 2015-07-04 at 08:51 +0530, shine nelson wrote:
> Hello,
>
>
> I just recently installed DevStac
+1 for updating the wiki
+1 for adding a section to the docs
Moshe,
what about the firewall support Sam mentioned? I assume fwaas is
supported, as it runs on the network node which uses ovs, but Security
Groups are not working as you're using the NoopFirewallDriver, right?
Or is there another FW
ces that are using SRIOV
> won't have security groups applied though.
>
> On Mon, Jul 20, 2015 at 3:21 PM, Moshe Levi
> wrote:
>
>
> > -Original Message-
> > From: Andreas Scheuring [mailto:scheu...@linux.vnet.ibm.com]
>
> And in the case where I'm first assigning the instance to a private
> network and then associating a floating IP, the VM gets a private
> network IP but not a public one.
>
>
That's exactly how it works. Your instance won't know anything about the
floating ip. The translation from floating I
Can you try the package bridge-utils?
On Do, 2015-08-13 at 11:15 +0530, FASEELA.ASHRAF wrote:
> Hi ,
>
> I am trying to install a 3 node architecture of Openstack icehouse
> version on my Ubuntu 14.04LTS . I would like to know if it is
> necessary to add the following lines to sysctl.conf in netw
Hi Thomas,
could you please share your neutron-server and neutron-openvswitch-agent
configuration files?
Did you set debug to true in your configuration and restarted the
neutron-openvswitch-agent on your controller node?
Andreas (irc: scheuran)
On Mi, 2015-08-19 at 14:45 +, Stinner, Thoma
Hi Sławek,
virbr0 belongs to the default libvirt network that is set up when you
install libvirt. It's not related to Openstack.
You should verify, that the vxlan port is open on both hypervisors
(default 4789 udp). This is not set up by Openstack but needs to be done
by the deployment tool or th
Assuming you have created your networks successfully. The output of
net-list also depends on the user and tenant you used for authentication
to Openstack.
E.g. if you authenticated as admin user, but with blabla tenant, you
only will see networks of the blalba tenant and not networks of the demo
t
Hi,
try to update you nova.conf like this described here [1]
[1]
https://ask.openstack.org/en/question/67340/starting-nova-compute-fails-with-missing-cpu-model-name-error/
--
Andreas
(IRC: scheuran)
On Fr, 2015-10-09 at 11:40 +0530, sahil arora wrote:
> The nova-compute service is not ru
Amir,
I haven't tried such a configuration so far - but I don't think it will
work.
So your goal is to get it running with a single NIC. So what should work
is the following setup:
Use br-ex as external bridge and plug your eth interface into it (Note
this will break IP connection, so better yo
Hi,
I'm currently preparing a blueprint that should add another network
virtualization option to openstack. This would require code changes to
novas libvirt driver and to the neutron linuxbridge agent. More to come
soon...
So what do you think, should I split the content up into two blueprints
Hi together,
for test purposes I tried to launch a vm without any networking in
openstack configured on a multinode environment (setup via devstack:
controller + cpu node). That means, neither neutron nor nova-network is
installed on the controller and the cpu node.
Should I be able to launch
Hi Nhan,
I guess more information is required to help you out there.
It would be helpful to know which setup you're using, e.g. a singlenode
or multinode setup, openvswitch for network virtualiation or something
else? Are you using nova network or neutron networking?
If I got it right you creat
LAN, now, i'm using GRE type network.
> I found a article about that
>
> http://trickycloud.wordpress.com/2013/11/12/setting-up-a-flat-network-with-neutron/
> Could you give me a advice? i should choose VLAN or GRE for best?
> Thanks
>
>
>
>
>
>
&g
he only issue I have I can not ping the tenant address of my
> instance and the address of the tenant gateway from the
> controller, network and compute nodes.
> I can not also ping the controller node from my instance.
>
>
>
Hi,
which setup are you running? Devstack singlenode, mulitnode, neutron or
legacy nova networking?
Does the subnet of your internal network has dhcp enabled? You can
simply find out having a look at the subnet details in horizon.
Regards,
Andreas
On Wed, 2014-08-27 at 13:48 +0800, Xianyi Y
Thanks for this clarification.
Just wondering: Do multiple network nodes (router + dhcp) help to exceed
the 4k subnet limitation? In such a scenario, will dhcp + routing be
distributed or is a second network node just something like a
hot-standby?
Thanks!
--
Andreas
(irc: scheuran)
On Thu, 2
Hi Srinivas,
in the past I had a similar issue while I was setting up openstack with
devstack. Not sure if that fits for your issue, as you're not using
devstack if I got it right.
The reason for this where the default security groups and rules config
of devstack. If you have a look at the this c
If you're using tunneling (e.g vxlan) you may have to enable the vxlan
port (default 4789) for incoming traffic on your compute nodes iptables.
My default iptables rules sent back an icmp admin prohibited to the dhcp
offer, so I also never got an ip addresss.
--
Andreas
(irc: scheuran)
On Tue
Hi,
Please check if the agent is available via
#neutron agent-list
This is my working vlan configuration:
Compute Node ml2.conf:
[ml2]
type_drivers = local,flat,vlan,gre,vxlan
mechanism_drivers = openvswitch,linuxbridge
[ml2_type_vlan]
network_vlan_ranges = phys-data:1000:1005
[securitygrou
So you want all users to direclty connect to this network? What about
the shared parameter?
http://docs.openstack.org/admin-guide-cloud/content/advanced_networking.html
"neutron net-create --shared public-net"
Regards,
--
Andreas
(irc: scheuran)
On Tue, 2014-10-28 at 15:08 -0400, Don Wa
Yes, to restart the services you can all the rejoin-stack.sh script. You
can navigate within the screens with commands. (E.g. ctl + a " for the
screen overview). Go to the service you want to restart and just stop it
with ctl + c and start it again using the last command from the history
(arrow up
Hi Uwe,
could you please provide the content of your /etc/neutron/plugin.ini of
the compute and the network node?
--
Andreas
(irc: scheuran)
On Wed, 2014-11-26 at 14:14 +0100, Uwe Sauter wrote:
> Hi George,
>
> it seems I missed to list that service for the compute hosts.
> These are the s
What you see is the expected behavior. A Tun (vxlan/gre) port is created
for each other Node (that runs the neutron-openvswitch-agent) in your
Openstack Cluster. So if you have a single node - no other Openstack
node - no tun port.
It's not a use case that an external (non Openstack managed System
What you need is a flat "provider network"
Basically you need to follow these steps:
- Create an ovs bridge
- Update your openvswitch agent configuration file with
bridgemapping=physnet1:where physnet1 can be any
name.
- Now create a provider network of type "flat", with the physical
network
Tyler,
please check your Security Groups first. Per default, only traffic from
other VMs is accepted (Destination: default). If everything is set up
correctly, the simplest way is to setup another rule allowing ingress
icmp for 0.0.0.0/0 (all ips). Now pings from extneral nodes can reach
the vm.
type: patch
> options: {peer=patch-tun}
> Port "gre-ac10183c"
> Interface "gre-ac10183c"
> type: gre
> options: {df_default="true", in_key=flow, local_ip="172.16.24.61",
> out_key=flow, remote_ip=&qu
2 +0330, meedia mousavi wrote:
> Hi thanks for your helps.
> It worked but I have problem. When create Instance it said : No valid
> host was found. (When lunch instance)
> Can you help me?
>
> On Monday, November 16, 2015, Andreas Scheuring
> wrote:
> What you n
Hi John,
the short answer: If you dhcp runs on the network node, then of course
your network node must be attached to that provider network as well!
Andreas (IRC: scheuran)
On Do, 2016-01-14 at 22:08 -0800, John van Ommen wrote:
> If I have a VM that's getting it's IP addresses from a VLAN provi
Hi,
I started trying out Barbican with devstack. Installation worked well.
But now after I authenticated to the commandline with
> source openrc admin demo
and then executing some command return the following error
> barbican secret list -v --debug
Starting new HTTP connection (1): 9.152.151
] => generated 0 bytes in 0 msecs ( 500) 0
headers in 0 bytes (0 switches on core 0)
Andy ideas?
On Fr, 2016-01-15 at 16:38 +0100, Andreas Scheuring wrote:
> Hi,
> I started trying out Barbican with devstack. Installation worked well.
>
> But now after I authenticated to the c
Hi everybody,
I stumbled over a definition that explains the difference between a
Provider network and a self service network. [1]
To summarize it says:
- Provider Network: primarily uses layer2 services and vlan segmentation
and cannot be used for advanced services (fwaas,..)
- Self-service Ne
Seems like it found a host to schedule it on (ODL-CN-1-2GB)
Selected host: WeighedHost [host: (ODL-CN-1-2GB, ODL-CN-1-2GB) ram:1481
disk:9216 io_ops:0 instances:0, weight: 0.0231877250665]
_schedule /opt/stack/nova/nova/scheduler/filter_scheduler.py:158
But launching that instance on this host f
- What about using Neutrons "allowed address pairs"?
- Or setting up a tunnel network within your existing openstack tunnel
network?
--
-
Andreas
IRC: andreas_s
On Sa, 2016-06-18 at 18:52 +0200, Joerg Streckfuss wrote:
> Dear list,
>
> I'm trying set up an isolated network for testing
Hi Adhi,
yeah this seems to be iptables blocking you're traffic.
Calling
# iptables-save
gives you an easy to read output of all your rules.
Probably you'll find some rule like
# -A INPUT -j REJECT --reject-with icmp-host-prohibited
Now the problem with the 2 rules you added is, that you are ap
Can you please provide the log file of the agent?
In addition it would be helpful to enable debug logging.
You can achieve this by adding
> debug = False
to the [DEFAULT] section of the agent config file.
After restarting the agent, you should see much more logs!
Thanks!
--
-
Andreas
IRC: a
We faced a similar issue while doing some tests in the past.
In any case you need to use the config drive. This is the only way how
your instance can access the IP information required.
There seem to be 3 ways for doing the configuration
#1 There is some code for cloud-init in review [1], that w
Hi Roua,
AFAIK this is not possible with OpenStack. Neutron only has the concept
of attaching ports to a network. A concept where you do not attach a
port to a network - but create a direct link between instances does not
exist yet (except that you can create dedicated a network for each
direct li
Hello Ronald,
Honestly, I don't know anymore. I guess I just enabled any networking
service (e.g. neutron) and then it worked.
To get feedback from the wider community you should provide a little
more information, like which OpenStack version you're running, which
nova driver, which Neutron
egmentation_id': 596,
'physical_network': u'pvnet1', 'id':
u'98d07e51-7b34-45de-9ca0-d7158b08a38e', 'network_type': u'vlan'}]^[[00m
*From: *Andreas Scheuring
*Date: *Wednesday, October 4, 2017 at 2:56 AM
*To: *"openstack@lists.open
75 matches
Mail list logo
