OpenStack Discussions

Openstack neutron : accessing openstack managed servers from the network host

Lianamelissa
1,529 Views

Hi all, I have a distributed OpenStack setup -- one controller and three compute instances. The "network node" is the same as the controller. I have a flat external network and VLAN provider network which has been assigned tag 775.

I have a router connecting the vlan network to the external network. All the plumbing works as expected. I can log into an OpenStack server and ping outside. Networks are isolated as expected and so forth.

On the controller/network node, I see a qrouter namespace that openstack created for the router and another one for DHCP.

I create a server on a public VLAN-enabled network. I need to reach the server from the controller. I tried some hacks by creating a veth pair and pushing one end to the qrouter namespace but that did not work.

I finally tried the following ugly hack (which worked):

ovs-vsctl show 

  # Look for the mapping that openstack is using

  ovs-ofctl dump-flows br-int -O openflow13 | grep 775

  # discover that tag 6 is used by openstack on my integration bridge.
  # corresponding to vlan 775

  # Create a veth pair so the root namespace can access the bridge.


  ip link ip link add veth0 type veth peer name veth1

  # put one end on the bridge. 
  # assign a tag of 6 so it can access the server.

  ovs-vsctl add-port br-int veth1 tag=6



  # Finally I can assign an address to veth0 and ping a host on 
  # the openstack managed vlan network

  ifconfig veth0 10.0.40.39 

After doing the steps above I am able to ping a server on my openstack managed network from my controller.

I had to do several manual steps to figure out the internal tag that openstack was using on the integration bridge. I did this by dumping flow rules on the integration bridge to see how the tags were being managed. I then did the steps outlined above. I think there must be an openstack (neutron) set of commands which I can use rather than having to go through this.

Seeking a better solution. I should not need to look at internal tags and figure out mappings etc. Is there an open stack command line base set of commands to achieve this?

Thank You.

0 REPLIES 0
Public