The following 2 config files will allow configuring Neutron in a way that puts the “eth0” NIC on the OpenStack br-ext bridge, permitting VMs to communicate with the external physical network/Internet. The platform is IceHouse OpenStack and RHEL/Centos 6.5.
Bridge Configuration
This file is named /etc/sysconfig/network-scripts/ifcfg-br-ex and presents the physical IP address 10.0.1.169 that had been assigned directly to eth0 before reconfiguring for OpenStack.
# ifcfg-br-ex - OpenStack external bridge DEVICE=br-ex DEVICETYPE=ovs TYPE=OVSBridge BOOTPROTO=static IPADDR=10.0.0.169 NETMASK=255.255.0.0 GATEWAY=10.0.0.1 DNS1=10.0.0.2 ONBOOT=yes OVSBOOTPROTO=none
Physical NIC Configuration
This file is named /etc/sysconfig/network-scripts/ifcfg-eth0 and replaces the original direct eth0 ifcfg file.
# file ifcfg-eth1 - LAN attached NIC DEVICE="eth0" HWADDR=00:15:17:11:22:33 TYPE=OVSPort DEVICETYPE=ovs OVSBRIDGE=br-ex ONBOOT=yes NM_CONTROLLED=no
Note that although the IP address is now on the bridge device, I’ve left the HWADDR set. If my observations working with this stuff are correct, this ensures that the low-level devicename assignment function will consistently and accurately map. I’ve had problems with eth0 and eth1 swapping themselves in the past.
Defining the provider network
The provider network for eth0 is configured as a FLAT virtual network. That requires the following values to be set in /etc/neutron/plugins/ml2/ml2_conf.ini
type_drivers = flat tenant_network_types = flat [ml2_type_flat] # (ListOpt) List of physical_network names with which flat networks # can be created. Use * to allow flat networks with arbitrary # physical_network names. flat_networks = physnet1
Note that additional type drivers and tenant network types may also be specified. This is just what’s needed for the flat physical network.
Defining the NIC/physical network association
The fourth and final file we need to configure is the /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini file. As with ml2, there are other options, covered elsewhere, but these are the ones for the flat physical network mapping.
[OVS] local_ip=10.0.0.169 enable_tunneling=True integration_bridge=br-int tunnel_bridge=br-tun tunnel_id_ranges=1:1000 bridge_mappings=physnet1:br-ex
Once these items are all configured, restart the physical network and (at a minumum) the neutron-server and neutron agent services. Or reboot. You are now ready to define the logical network for external communications. Please note that if you have removed any network drivers, you should delete/undefine the associated resources before restarting or you will end up with broken/orphan resource definitions in the database and no driver to clean them up.
Defining the Logical network and subnet
This is straight out of the OpenStack Icehouse manual. See http://docs.openstack.org/admin-guide-cloud/content/under_the_hood_openvswitch.html
$ tenant=$(keystone tenant-list | awk '/service/ {print $2}')
$ neutron router-create router01
$ neutron net-create --tenant-id $tenant public01 \
--provider:network_type flat \
--provider:physical_network physnet1 \
--router:external True
$ neutron subnet-create --tenant-id $tenant --name public01_subnet01 \
--gateway 10.0.0.1 public01 10.0.0.0/16 --disable-dhcp
$ neutron router-gateway-set router01 public01
Note the network type (flat) was enabled in the ML2 config file, as was the name “physnet1” for the physical network.
VERY IMPORTANT: A logical network belongs to a tenant. Unless explicitly shared, no other tenants can use it. You will probably want to define the physical network as shared, regardless of what the openvswitch example shows.