Hi all, I have a distributed "openstack": setup -- one controller and three
compute instances. The "network node" is the same as the controller. I have a
flat external network and VLAN provider network which has been assigned tag
775.
I have a router connecting the vlan network to the external network. All the
plumbing works as expected. I can log into a openstack server and ping outside.
Networks are isolated as expected and so forth.
On the controller/network node, I see a qrouter namespace that openstack
created for the router and another one for DHCP.
I create a server on a public VLAN-enabled network. I need to reach the
server from the controller. I tried some hacks by creating a veth pair and
pushing one end to the qrouter namespace but that did not work.
I finally tried the following ugly hack (which worked):
# discover that tag 6 is used by openstack on my integration bridge.
# corresponding to vlan 775
# Create a veth pair so the root namespace can access the bridge.
ip link ip link add veth0 type veth peer name veth1
# put one end on the bridge.
# assign a tag of 6 so it can access the server.
ovs-vsctl add-port br-int veth1 tag=6
# Finally I can assign an address to veth0 and ping a host on
# the openstack managed vlan network
ifconfig veth0 10.0.40.39
After doing the steps above I am able to ping a server on my openstack managed
network from my controller.
I had to do several manual steps to figure out the internal tag that
openstack was using on the integration bridge. I did this by dumping flow rules
on the integration bridge to see how the tags were being managed. I then did the
steps outlined above. I think there must be an openstack (neutron) set of
commands which I can use rather than having to go through this.
Seeking a better solution. I should not need to look at internal tags and
figure out mappings etc. Is there an open stack command line base set of
commands to achieve this?
