[ovirt-users] oVirt 3.5 & Neutron (Will this work?)

Phil Daws uxbod at splatnix.net
Tue Oct 21 19:21:18 UTC 2014


Hi Moti: 

Have thrown together a diagram of how I think it should look :- 

https://cloudvault.innoffice247.com/public.php?service=files&t=9e57686453ce6b71fdce1dd1eb18fe4a 

As each oVirt host has a single activated NIC am trying to see how I can use OVS, to provide OSPF & SFLOW, and vLAN capability like I have used manually with KVM and OVS. From my dev machine this is how OVS looks: 

[root at dev01 ~]# ovs-vsctl show 
55a2af2f-daf5-4f01-a757-9bccaf4f6932 
Bridge "ovsbr0" 
Port "vnet0" 
Interface "vnet0" 
Port "vnet1" 
tag: 8 
Interface "vnet1" 
Port "vnet13" 
tag: 14 
Interface "vnet13" 
Port "vnet9" 
tag: 10 
Interface "vnet9" 
Port "mgmt0" 
Interface "mgmt0" 
type: internal 
Port "vnet14" 
tag: 8 
Interface "vnet14" 
Port "ovsbr0" 
Interface "ovsbr0" 
type: internal 
Port "vnet11" 
tag: 8 
Interface "vnet11" 
Port "vnet10" 
tag: 13 
Interface "vnet10" 
Port "vnet12" 
tag: 13 
Interface "vnet12" 
Port "em1" 
Interface "em1" 
Port "vnet3" 
tag: 14 
Interface "vnet3" 
Port "vnet4" 
tag: 20 
Interface "vnet4" 
Port "vnet2" 
tag: 10 
Interface "vnet2" 
ovs_version: "2.3.90" 

So I have a single NIC with a public facing IP and then I present that IP as a gateway, via the bridge, to a VM firewall which then handles the vlans inside that. 

Hope that makes sense ? 

Thanks, Phil 


----- Original Message ----- 
From: "Phil Daws" <uxbod at splatnix.net> 
To: "Moti Asayag" <masayag at redhat.com> 
Cc: "users" <users at ovirt.org> 
Sent: Tuesday, 21 October, 2014 5:26:33 PM 
Subject: Re: [ovirt-users] oVirt 3.5 & Neutron (Will this work?) 

Hi Moti: 

thank you for detailed response. I will diagram what I am thinking as that should explain it a whole lot better :) 

Thanks, Phil 

----- Original Message ----- 
From: "Moti Asayag" <masayag at redhat.com> 
To: "Phil Daws" <uxbod at splatnix.net> 
Cc: "users" <users at ovirt.org> 
Sent: Tuesday, 21 October, 2014 4:50:45 PM 
Subject: Re: [ovirt-users] oVirt 3.5 & Neutron (Will this work?) 


Hi Phil, 

See answers/questions inline. 

----- Original Message ----- 
> From: "Phil Daws" <uxbod at splatnix.net> 
> To: "users" <users at ovirt.org> 
> Sent: Tuesday, October 21, 2014 6:05:55 PM 
> Subject: Re: [ovirt-users] oVirt 3.5 & Neutron (Will this work?) 
> 
> Hmmm, this is interesting as it would appear you can only use the Neutron 
> appliance with a brand new host ?!? so how does one switch to use it on a 
> current system ? 

A new host is not mandatory. You need to move an existing host to maintenance 
and reinstall it. On the "Re-install" dialog select the details of the network 
provider. 

> 
> Thanks, Phil 
> 
> ----- Original Message ----- 
> From: "Phil Daws" <uxbod at splatnix.net> 
> To: users at ovirt.org 
> Sent: Tuesday, 21 October, 2014 1:31:09 PM 
> Subject: [ovirt-users] oVirt 3.5 & Neutron (Will this work?) 
> 
> Hello: 
> 
> have installed oVirt 3.5 on two cloud based servers and then managing them 
> from a local engine using a VPN link. On each server I would like to use 
> the Neutron VM appliance so that I can provision the networks using 
> OpenVswitch as I would like to learn about using OSPF between the two 
> diverse systems. 
> 

Do you intend to use a single neutron appliance for each host or to use a single 
neutron appliance to manage connectivity on the two hosts ? 

> The question is that only physical NIC is enabled (public facing), and 
> occupies the ovirtmgmt network, so would I still be able to use Neutron on 
> the second NIC even though it is not connected to anything ? 

Is there L2 connectivity between the hosts ? Or by "not connected to anything" you 
actually mean there is no wiring between the hosts ? 

If this is the first case, you should be able to define for each subnet a gateway 
via the 'Add subnet' dialog on the engine. That gateway should be used for obtaining 
connectivity for the vms to the public/external network. You'll have to configure it manually 
though (doesn't covered as part of the ovirt-neutron integration). 

If there is really no connectivity between the hosts and the only outgoing traffic from 
each host is via the ovirtmgmt network - it is problematic. According to [1], you'll 
have to specify as bridge mappings on the network provider agent details: br-neutron:ovirtmgmt, 
where ovirtmgmt will replace the neutron. 

But that also implies that you'll share any traffic going through the integration bridge 
of neutron and the hosts with the management network and respectively with the public 
network, hence the dhcp agents connected to br-int (which is connected to br-neutron and 
to ovirtmgmt) will receive request from the 'ovirtmgmt' network as well. 

Haven't tried it myself, and can't expect the results. 

[1] http://www.ovirt.org/images/2/2a/Neutron-appliance-topology.png 

> Or could I 
> bind the Neutron network to the same one as the ovirtmgmt ? Basically wish 
> to run the VMs with private IPs and then NAT through a VM firewall to the 
> public address. 
> 
> Any help would be gratefully appreciated. 
> 
> Thanks, Phil 
> _______________________________________________ 
> Users mailing list 
> Users at ovirt.org 
> http://lists.ovirt.org/mailman/listinfo/users 
> _______________________________________________ 
> Users mailing list 
> Users at ovirt.org 
> http://lists.ovirt.org/mailman/listinfo/users 
> 
_______________________________________________ 
Users mailing list 
Users at ovirt.org 
http://lists.ovirt.org/mailman/listinfo/users 



More information about the Users mailing list