Open Cloud Blog

Openstack and more

OpenStack Liberty Neutron Deployment (Part 5 Add Router and Net/Subnet)

Create a router and set a gateway

Now it’s time to create a router and set a gateway.

What was configured on the nodes by Openstack?

After creating the first router and setting the gateway

After creating the first router and setting the gateway

A node local vlan has been set up by Openstack on br-int. This vlan 1 has to be connected to vlan 100 on our public network. This is done by using two Openflow rules to map Vlan IDs on br-int and br-vlan.

The router is running on the network node in a Linux network namespace. The name of the network namespace is build from „qrouter-“ and the UUID of the router [qrouter-4b965826-e67d-4473-8436-a21db3955c38].

Create a second router and set a gateway

Now create a second router and set the gateway to use the second floating pool.

After adding the second router

After adding the second router

Creating a second router and setting a gateway triggered the creation of a second node local vlan on br-int. Another set of vlan mappings between the local vlan 2 and the global vlan 101 is created on br-int and br-vlan.

Create a tenant network and attach it to r2

Now let’s create a tenant network and attach it to r2

Lets take a view on the network:

Create a net/subnet and attach it to r2

Create a net/subnet and attach it to r2

The tenant network n1/s1 is assigned the node local vlan 3. This network is using vxlan for the L2 transport, because it is a tenant vlan and the tenant network type has been set to vxlan. The global vxlan id 0x10001 is assigned to this tenant network by Neutron. On the network node, vlan 3 on br-int must be used to attach the interface of the router r2. In addition, a vxlan to vlan mapping is created on br-tun:

On the network node, a neutron namespace metadata proxy (used by Cloudinit) is running in the network namespace of the router. This proxy listens to Port 8775. All traffic, which reaches the router namespace for the target 169.254.169.254:8775 is redirected to this proxy, forwarded using a unix socket to the neutron metadata proxy in the default network namespace, and is then forwarded to the nova metadata proxy service.

The tenant’s view

On the dashboard, the tenants network view shows:

Tenant's view with two routers

Tenant’s view with two routers

The two routers are connected to the blue networks in the dashboard view, the red network in the dashboard view has been created by the tenant. This network (n1) is connected to one of the two routers.

Continue reading (part 6)

Updated: 17/01/2016 — 13:48
Open Cloud Blog © 2013-2015 Impressum Frontier Theme