[ovirt-users] oVirt and Openstack Neutron: network not working

Marcin Mirecki mmirecki at redhat.com
Fri Mar 10 13:29:57 UTC 2017


> No i haven't defined any security policy, explicitly. I'm using a network
defined through horizon without any special option.

This is strange, as the basic flow should only connect the vnic to the ovs
integration bridge.
Please give me some time to look at the code.

> Where i find the xml file?
This is in the libvirt vm definition. It can be edited using the "virsh"
tools: virsh edit <vm name>

You could also attempt to check this by attaching some an interface (like a
veth pair) directly to the ovs bridge and setting the ovs interfaceid
parameter to mark is as osn port. Let me know if this is clear, if not I
will try to decribe the procedure in more detail.




On Fri, Mar 10, 2017 at 12:11 PM, Luca 'remix_tj' Lorenzetto <
lorenzetto.luca at gmail.com> wrote:

>
>
> Il 10 mar 2017 11:48 AM, "Marcin Mirecki" <mmirecki at redhat.com> ha
> scritto:
>
> Hello Luca
>
> >Name: openstack-networks
> >Type: OpenStack Networking
> >Description:
> >Provider URL: http://openstack.example.com:9696
>
> I assume Networking Plugin: Open vSwitch
>
>
> Yes, i confirm.
>
>
>
> Do you have any security groups defined for the vnic profile on your
> external network?
> Looking at the output you provided is seems you do.The qpb bridge and the
> qvb/qvo veth pair are created when the security groups are present.
> Can you try without the security groups? This would connect your vm vnic
> right into the ovs integration bridge (br-int).
>
>
> No i haven't defined any security policy, explicitly. I'm using a network
> defined through horizon without any special option.
>
>
> >This are the output of the commands you asked from a node where a vm
> >that is attached to a neutron network is running:
> Yes, this is what I needed.
>
> >[root at ovirt002 ~]# ovs-vsctl show
> >ovs-vsctl: unix:/var/run/openvswitch/db.sock: database connection
> >failed (No such file or directory)
>
> This is quite worrying. Is ovs on the host working properly?
> Can you please check: service openvswitch status
> If not active: service openvswitch start
>
>
> Who should enable it, a cluster confoguration or whatl else? I'm using
> ovirt-node-ng, i suppose that openvswitch is already installed (didn't
> check).
>
>
>
>
> >> Have you tried connecting any nics manually and checking connectivity
> >> between them?
> >What do you mean?
>
> Add 2 ports in openstack directly
> Add 2 nics on vm's, specifying the libvirt xml for the interfaces:
>
> <interface type="bridge">
>   <model type="virtio"/>
>   <source bridge="br-int"/>
>   <virtualport type="openvswitch">
>     <parameters interfaceid="<neturon port id>"/>
>   </virtualport>
> </interface>
>
>
>
> Where i find the xml file?
>
>
> If the openstack neutron plugin works correctly, the ports should be
> connected to the osn network.
>
>
>
>
>
>
> On Thu, Mar 9, 2017 at 4:26 PM, Luca 'remix_tj' Lorenzetto <
> lorenzetto.luca at gmail.com> wrote:
>
>> On Thu, Mar 9, 2017 at 2:24 PM, Marcin Mirecki <mmirecki at redhat.com>
>> wrote:
>> > Hello Luca,
>>
>> Hello Marcin,
>>
>> > The osn provider basically only connects the vnics to the osn networks,
>> > items like dhcp must be handled on the osn networks itself.
>>
>> Yes, i know. The network is defined by neutron, which has it's own dhcp
>> server.
>>
>> > Have you tried connecting any nics manually and checking connectivity
>> > between them?
>>
>> What do you mean?
>>
>> > No connectivity with static IP's could hint at some configuration
>> problems.
>> > Are osn/ovs set up correctly? Firewall blocking traffic?
>>
>> there is no firewall between openstack controllers and ovirt
>> engine/hosts. My doubt is about configuration, i've configured in this
>> way:
>>
>> Name: openstack-networks
>> Type: OpenStack Networking
>> Description:
>> Provider URL: http://openstack.example.com:9696
>>
>> Flagged read-only and requires authentication
>>
>> Set the authentication and tested, reports everything ok.
>>
>> Nothing else has been configured. I didn't found any documentation
>> that clarified if is enough.
>>
>> After powering on i see on openstack this:
>>
>> [stack at opstrio1101 ~]$ openstack port list | grep 00:1a:4a:16:01:51
>> <-- this is mac address of oVirt VM
>> | 86c46fed-dddf-4776-a765-27d4e52e861c | nic1
>>                         | 00:1a:4a:16:01:51 | ip_address='172.25.7.4',
>> subnet_id='280a98ad-0fd5-4961-a307-d1bfea8355cd'     |
>>
>>
>>
>> > Can you please send us a more detailed descirption of your env (ip addr,
>> > brctl show, ovs-vsctl show)?
>>
>> This are the output of the commands you asked from a node where a vm
>> that is attached to a neutron network is running:
>>
>> [root at ovirt002 ~]# ip addr
>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
>>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>>     inet 127.0.0.1/8 scope host lo
>>        valid_lft forever preferred_lft forever
>>     inet6 ::1/128 scope host
>>        valid_lft forever preferred_lft forever
>> 2: enp2s0f0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq
>> master bond0 state UP qlen 1000
>>     link/ether 00:21:5a:9b:b7:93 brd ff:ff:ff:ff:ff:ff
>> 3: enp2s0f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq
>> master bond0 state UP qlen 1000
>>     link/ether 00:21:5a:9b:b7:93 brd ff:ff:ff:ff:ff:ff
>> 4: enp2s0f2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq
>> master bond1 state UP qlen 1000
>>     link/ether 00:21:5a:9b:b7:97 brd ff:ff:ff:ff:ff:ff
>> 5: enp2s0f3: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq
>> master bond1 state UP qlen 1000
>>     link/ether 00:21:5a:9b:b7:97 brd ff:ff:ff:ff:ff:ff
>> 6: enp2s0f4: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq
>> state DOWN qlen 1000
>>     link/ether 00:21:5a:9b:b7:9b brd ff:ff:ff:ff:ff:ff
>> 7: enp2s0f5: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq
>> state DOWN qlen 1000
>>     link/ether 00:21:5a:9b:b7:9d brd ff:ff:ff:ff:ff:ff
>> 8: enp2s0f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq
>> state DOWN qlen 1000
>>     link/ether b4:b5:2f:55:bc:eb brd ff:ff:ff:ff:ff:ff
>> 9: enp2s0f7: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq
>> state DOWN qlen 1000
>>     link/ether b4:b5:2f:55:bc:ef brd ff:ff:ff:ff:ff:ff
>> 10: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
>> noqueue master ovirtmgmt state UP qlen 1000
>>     link/ether 00:21:5a:9b:b7:93 brd ff:ff:ff:ff:ff:ff
>> 11: ovirtmgmt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
>> noqueue state UP qlen 1000
>>     link/ether 00:21:5a:9b:b7:93 brd ff:ff:ff:ff:ff:ff
>>     inet 10.5.40.192/22 brd 10.5.43.255 scope global ovirtmgmt
>>        valid_lft forever preferred_lft forever
>>     inet6 fe80::221:5aff:fe9b:b793/64 scope link
>>        valid_lft forever preferred_lft forever
>> 12: bond1: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
>> noqueue master NFS state UP qlen 1000
>>     link/ether 00:21:5a:9b:b7:97 brd ff:ff:ff:ff:ff:ff
>> 13: NFS: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
>> state UP qlen 1000
>>     link/ether 00:21:5a:9b:b7:97 brd ff:ff:ff:ff:ff:ff
>>     inet 10.5.160.46/22 brd 10.5.163.255 scope global NFS
>>        valid_lft forever preferred_lft forever
>>     inet6 fe80::221:5aff:fe9b:b797/64 scope link
>>        valid_lft forever preferred_lft forever
>> 14: ;vdsmdummy;: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
>> qlen 1000
>>     link/ether be:ae:6d:b7:0f:f5 brd ff:ff:ff:ff:ff:ff
>> 16: qvo86c46fed-dd at qvb86c46fed-dd:
>> <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state
>> UP qlen 1000
>>     link/ether 5e:d1:06:97:f0:19 brd ff:ff:ff:ff:ff:ff
>>     inet6 fe80::5cd1:6ff:fe97:f019/64 scope link
>>        valid_lft forever preferred_lft forever
>> 17: qvb86c46fed-dd at qvo86c46fed-dd:
>> <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state
>> UP qlen 1000
>>     link/ether e6:73:ee:8e:03:09 brd ff:ff:ff:ff:ff:ff
>>     inet6 fe80::e473:eeff:fe8e:309/64 scope link
>>        valid_lft forever preferred_lft forever
>> 18: qbr86c46fed-dd: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state
>> DOWN qlen 1000
>>     link/ether fe:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff
>> 21: tap86c46fed-dd: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
>> pfifo_fast master qbr86c46fed-dd state UNKNOWN qlen 1000
>>     link/ether fe:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff
>>
>>
>> [root at ovirt002 ~]# brctl show
>> bridge name bridge id STP enabled interfaces
>> ;vdsmdummy; 8000.000000000000 no
>> NFS 8000.00215a9bb797 no bond1
>> ovirtmgmt 8000.00215a9bb793 no bond0
>> qbr86c46fed-dd 8000.fe1a4a160151 no tap86c46fed-dd
>>
>>
>> [root at ovirt002 ~]# ovs-vsctl show
>> ovs-vsctl: unix:/var/run/openvswitch/db.sock: database connection
>> failed (No such file or directory)
>>
>>
>> If you need other clarifications i'll dig without problem in this env.
>>
>> Luca
>>
>>
>>
>>
>> --
>> "E' assurdo impiegare gli uomini di intelligenza eccellente per fare
>> calcoli che potrebbero essere affidati a chiunque se si usassero delle
>> macchine"
>> Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)
>>
>> "Internet è la più grande biblioteca del mondo.
>> Ma il problema è che i libri sono tutti sparsi sul pavimento"
>> John Allen Paulos, Matematico (1945-vivente)
>>
>> Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , <
>> lorenzetto.luca at gmail.com>
>>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20170310/ce4513fd/attachment.html>


More information about the Users mailing list