@@ -35,17 +35,21 @@ network and is on a shared subnet with other machines.
3535 network hardware_network {
3636 address = "172.18.161.0/24"
3737 router [ address = "172.18.161.1" ];
38- devstack_laptop [ address = "172.18.161.6" ];
38+ devstack-1 [ address = "172.18.161.6" ];
3939 }
4040 }
4141
4242
4343DevStack Configuration
4444----------------------
4545
46+ The following is a complete `local.conf ` for the host named
47+ `devstack-1 `. It will run all the API and services, as well as
48+ serving as a hypervisor for guest instances.
4649
4750::
4851
52+ [[local|localrc]]
4953 HOST_IP=172.18.161.6
5054 SERVICE_HOST=172.18.161.6
5155 MYSQL_HOST=172.18.161.6
@@ -57,6 +61,12 @@ DevStack Configuration
5761 SERVICE_PASSWORD=secrete
5862 SERVICE_TOKEN=secrete
5963
64+ # Do not use Nova-Network
65+ disable_service n-net
66+ # Enable Neutron
67+ ENABLED_SERVICES+=,q-svc,q-dhcp,q-meta,q-agt,q-l3
68+
69+
6070 ## Neutron options
6171 Q_USE_SECGROUP=True
6272 FLOATING_RANGE="172.18.161.0/24"
@@ -71,6 +81,166 @@ DevStack Configuration
7181 OVS_BRIDGE_MAPPINGS=public:br-ex
7282
7383
84+ Adding Additional Compute Nodes
85+ -------------------------------
86+
87+ Let's suppose that after installing DevStack on the first host, you
88+ also want to do multinode testing and networking.
89+
90+ Physical Network Setup
91+ ~~~~~~~~~~~~~~~~~~~~~~
92+
93+ .. nwdiag ::
94+
95+ nwdiag {
96+ inet [ shape = cloud ];
97+ router;
98+ inet -- router;
99+
100+ network hardware_network {
101+ address = "172.18.161.0/24"
102+ router [ address = "172.18.161.1" ];
103+ devstack-1 [ address = "172.18.161.6" ];
104+ devstack-2 [ address = "172.18.161.7" ];
105+ }
106+ }
107+
108+
109+ After DevStack installs and configures Neutron, traffic from guest VMs
110+ flows out of `devstack-2 ` (the compute node) and is encapsulated in a
111+ VXLAN tunnel back to `devstack-1 ` (the control node) where the L3
112+ agent is running.
113+
114+ ::
115+
116+ stack@devstack-2:~/devstack$ sudo ovs-vsctl show
117+ 8992d965-0ba0-42fd-90e9-20ecc528bc29
118+ Bridge br-int
119+ fail_mode: secure
120+ Port br-int
121+ Interface br-int
122+ type: internal
123+ Port patch-tun
124+ Interface patch-tun
125+ type: patch
126+ options: {peer=patch-int}
127+ Bridge br-tun
128+ fail_mode: secure
129+ Port "vxlan-c0a801f6"
130+ Interface "vxlan-c0a801f6"
131+ type: vxlan
132+ options: {df_default="true", in_key=flow, local_ip="172.18.161.7", out_key=flow, remote_ip="172.18.161.6"}
133+ Port patch-int
134+ Interface patch-int
135+ type: patch
136+ options: {peer=patch-tun}
137+ Port br-tun
138+ Interface br-tun
139+ type: internal
140+ ovs_version: "2.0.2"
141+
142+ Open vSwitch on the control node, where the L3 agent runs, is
143+ configured to de-encapsulate traffic from compute nodes, then forward
144+ it over the `br-ex ` bridge, where `eth0 ` is attached.
145+
146+ ::
147+
148+ stack@devstack-1:~/devstack$ sudo ovs-vsctl show
149+ 422adeea-48d1-4a1f-98b1-8e7239077964
150+ Bridge br-tun
151+ fail_mode: secure
152+ Port br-tun
153+ Interface br-tun
154+ type: internal
155+ Port patch-int
156+ Interface patch-int
157+ type: patch
158+ options: {peer=patch-tun}
159+ Port "vxlan-c0a801d8"
160+ Interface "vxlan-c0a801d8"
161+ type: vxlan
162+ options: {df_default="true", in_key=flow, local_ip="172.18.161.6", out_key=flow, remote_ip="172.18.161.7"}
163+ Bridge br-ex
164+ Port phy-br-ex
165+ Interface phy-br-ex
166+ type: patch
167+ options: {peer=int-br-ex}
168+ Port "eth0"
169+ Interface "eth0"
170+ Port br-ex
171+ Interface br-ex
172+ type: internal
173+ Bridge br-int
174+ fail_mode: secure
175+ Port "tapce66332d-ea"
176+ tag: 1
177+ Interface "tapce66332d-ea"
178+ type: internal
179+ Port "qg-65e5a4b9-15"
180+ tag: 2
181+ Interface "qg-65e5a4b9-15"
182+ type: internal
183+ Port "qr-33e5e471-88"
184+ tag: 1
185+ Interface "qr-33e5e471-88"
186+ type: internal
187+ Port "qr-acbe9951-70"
188+ tag: 1
189+ Interface "qr-acbe9951-70"
190+ type: internal
191+ Port br-int
192+ Interface br-int
193+ type: internal
194+ Port patch-tun
195+ Interface patch-tun
196+ type: patch
197+ options: {peer=patch-int}
198+ Port int-br-ex
199+ Interface int-br-ex
200+ type: patch
201+ options: {peer=phy-br-ex}
202+ ovs_version: "2.0.2"
203+
204+ `br-int ` is a bridge that the Open vSwitch mechanism driver creates,
205+ which is used as the "integration bridge" where ports are created, and
206+ plugged into the virtual switching fabric. `br-ex ` is an OVS bridge
207+ that is used to connect physical ports (like `eth0 `), so that floating
208+ IP traffic for tenants can be received from the physical network
209+ infrastructure (and the internet), and routed to tenant network ports.
210+ `br-tun ` is a tunnel bridge that is used to connect OpenStack nodes
211+ (like `devstack-2 `) together. This bridge is used so that tenant
212+ network traffic, using the VXLAN tunneling protocol, flows between
213+ each compute node where tenant instances run.
214+
215+
216+
217+ DevStack Compute Configuration
218+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
219+
220+ The host `devstack-2 ` has a very minimal `local.conf `.
221+
222+ ::
223+
224+ [[local|localrc]]
225+ HOST_IP=172.18.161.7
226+ SERVICE_HOST=172.18.161.6
227+ MYSQL_HOST=172.18.161.6
228+ RABBIT_HOST=172.18.161.6
229+ GLANCE_HOSTPORT=172.18.161.6:9292
230+ ADMIN_PASSWORD=secrete
231+ MYSQL_PASSWORD=secrete
232+ RABBIT_PASSWORD=secrete
233+ SERVICE_PASSWORD=secrete
234+ SERVICE_TOKEN=secrete
235+
236+ ## Neutron options
237+ PUBLIC_INTERFACE=eth0
238+ ENABLED_SERVICES=n-cpu,rabbit,q-agt
239+
240+ Network traffic from `eth0 ` on the compute nodes is then NAT'd by the
241+ controller node that runs Neutron's `neutron-l3-agent ` and provides L3
242+ connectivity.
243+
74244
75245Neutron Networking with Open vSwitch and Provider Networks
76246==========================================================
0 commit comments