2013-09-03 20:59:56 |
Clint Byrum |
description |
From the POC notes:
nova.conf - quantum_url is 127.0.0.1:9696 rather than 10.10.16.136:9696
Ditto quantum_admin_auth_url - {{quantum.host}} is wrong
firewall_driver not set
security_group not set [http://docs.openstack.org/trunk/openstack-network/admin/content/nova_config_security_groups.html]
service_quantum_metadata_proxy not set http://docs.openstack.org/trunk/openstack-network/admin/content/nova_config_metadata.html
quantum_metadata_proxy_shared_secret not set
quantum/metadata_agent.ini needs metadat_proxy_shared_secret set - both should be e.g, {{quantum.metadata_proxy_secret}}
may need to set nova-metadata_ip and nova_metadata_port too - to nova.host and 8775
in /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
local_ip is wrong - should be the machines local details - undercloud assigned ip.
[SECURITYGROUP]
firewall_driver = quantum.
agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
the ctlplane networking configuration isn’t suitable for virtual: we don’t want any tenant traffic getting onto 10.10.16.x at all.
what we want for networking is the public range on the network nodes, and unbridged traffic on the other nodes.
so - bridge_mappings -> blank
vlan25 with .16 as it’s address [for all-in-one the API endpoint is the thing]
-> bridge mappings should be policy
network_vlan_ranges -> blank
tenant_network_type = gre
enable_tunneling = True
tunnel_id_ranges = 1:1000
we still want br-int
We don’t need br-ctlplane
network_vlan_ranges shouldn’t be in quantum.conf at all
init-quantum is creating a provider network
init-quantum isn’t using the network range we want |
From the POC notes:
nova.conf - quantum_url is 127.0.0.1:9696 rather than 10.10.16.136:9696
Ditto quantum_admin_auth_url - {{quantum.host}} is wrong [[quantum.host is in fact "right" now" ]]
firewall_driver not set [[ fed135f6 (Robert Collins 2013-05-24 21:04:32 +1200 58)firewall_driver=nova.virt.firewall.NoopFirewallDrive ]]
security_group not set [http://docs.openstack.org/trunk/openstack-network/admin/content/nova_config_security_groups.html] [[fed135f6 (Robert Collins 2013-05-24 21:04:32 +1200 57)security_group_api=quantum]]
service_quantum_metadata_proxy not set http://docs.openstack.org/trunk/openstack-network/admin/content/nova_config_metadata.html
quantum_metadata_proxy_shared_secret not set
[[above:
177e540c (Robert Collins 2013-06-18 13:13:10 +1200 48)service_quantum_metadata_proxy={{nova.metadata-proxy
]]
quantum/metadata_agent.ini needs metadat_proxy_shared_secret set - both should be e.g, {{quantum.metadata_proxy_secret}} [[3eeb7715 (Derek Higgins 2013-07-10 09:31:40 +0100 7)metadata_proxy_shared_secret = {{neutron.metadata_pro]]
may need to set nova-metadata_ip and nova_metadata_port too - to nova.host and 8775
in /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
local_ip is wrong - should be the machines local details - undercloud assigned ip. [[Done - see os-collect-config]]
[SECURITYGROUP]
firewall_driver = quantum.
agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
the ctlplane networking configuration isn’t suitable for virtual: we don’t want any tenant traffic getting onto 10.10.16.x at all.
what we want for networking is the public range on the network nodes, and unbridged traffic on the other nodes.
so - bridge_mappings -> blank
vlan25 with .16 as it’s address [for all-in-one the API endpoint is the thing]
-> bridge mappings should be policy
network_vlan_ranges -> blank
tenant_network_type = gre
enable_tunneling = True
tunnel_id_ranges = 1:1000
[[ The above is all true now ]]
we still want br-int
We don’t need br-ctlplane [[ Wha? This needs more context I think ]]
network_vlan_ranges shouldn’t be in quantum.conf at all [[ It isn't anymore ]]
init-quantum is creating a provider network [[ All moved to incubator "from the outside" setup scripts ]]
init-quantum isn’t using the network range we want [[ Bug fails to say what we want, but I believe this is all handled now ]] |
|