[rhos-list] Nova-network v.s. Quantum in Openstack preview

[Gary Kotton]

On 02/09/2013 08:01 AM, Shixiong Shang (shshang) wrote:
> Hi, Gary:
>
> Would you please elaborate on the issues caused by IP table rules?

Sorry for taking a while to get back to you. After installing RHEL, 
running packstack with traditional nova networking and then patching for 
Quantum has caused some conflicting rules with the iptables. We are 
currently trying to isolate this and ensure that it will be dealt with 
correctly. The best way to work around this would be to delete the 
iptables and then reboot. This will ensure that nova compute and the api 
will create the relevant rules without having any unwanted rules.

Thanks
Gary
>
> Thanks a lot!
>
> Shixiong
>
>
>
> On Feb 6, 2013, at 2:06 AM, "Gary Kotton"<gkotton at redhat.com>  wrote:
>
>> On 02/05/2013 10:53 PM, Perry Myers wrote:
>>> On 02/05/2013 03:45 PM, Shixiong Shang (shshang) wrote:
>>>> Hi, experts:
>>>>
>>>> I am trying to install Redhat Openstack 2.0 (Folsom) preview on RHEL 6.4
>>>> beta. According to the Getting Started Guide, I can use "packstack" tool
>>>> to automate the installation. However, I noticed that a few parameters
>>>> in the tool still refer to "nove-network" as shown below.
>>>>
>>>> CONFIG_NOVA_NETWORK_HOST
>>>> CONFIG_NOVA_NETWORK_PUBIF
>>>> CONFIG_NOVA_NETWORK_PRIVIF
>>>> CONFIG_NOVA_NETWORK_FIXEDRANGE
>>>> CONFIG_NOVA_NETWORK_FLOATRANGE
>>>>
>>>> Does that mean the setup will still run on top of nova-network, or
>>>> nova-network will use quantum client plugin to communicate with Quantum
>>>> server?
>>>>
>>>> In addition, I don't see any quantum related parameters are included in
>>>> the tool. When will it be available?
>>> Right now, PackStack only supports Nova Networking.  We will eventually
>>> have support for Quantum in PackStack, but that support is not completed
>>> yet.
>>>
>>> So if you specifically need to use Quantum, you would need to:
>>> * Use PackStack to install w/ Nova Networking
>>> * Manually convert from Nova Networking to Quantum
>>>
>>> Gary (cc'd) has a draft process for this, but it is still a little shaky.
>>>
>>> Gary can you share that process?  Perhaps Shixiong can try it out and
>>> give us feedback on whether it works for him or not.
>> As Perry said, things are still not 100%. There are two ways about going about it. The first is to install packstack on an all in one node, the second is to have a second node that will be used for nova networking. Below is a list of steps that you can do to go from Nova networking to Quantum.
>> Please note that we found a few problems that we are dealing with - the IP tables were dropping the DHCP request from the VM that is spawned. At the moment we have narrowed it down to a few suspicious IP table rules (if deleted then it works). We have an open bug about this and are currently investigating.
>>
>> So the steps are below (I used OpenvSwitch):
>>
>> 1. Terminate nova networking (if you do packstack with 2 nodes then you will not need to do this part and the nova-network iptable rules will not be about)
>>     service openstack-nova-network stop
>>     chkconfig openstack-nova-network off
>> 2. Install quantum service
>>     yum install openstack-quantum
>> 3. Install OpenvSwicth plugin
>>     yum install openstack-quantum-openvswitch
>> 4. source keystonerc_admin [the quantum installation scripts make use of these environment variables]
>> 5. Configure quantum service
>>     quantum-server-setup
>> 6.1. The scrip above will ask if the nova parameters need to be updated. Restart the nova compute service. The script will configure Quantum as the networking module for Nova.
>>     service openstack-nova-compute-restart
>> 6.2 Start the openvswitch service
>>     service openvswitch start
>>     chkconfig openvswitch on
>>     Run "ovs-vsctl show"
>> 6.3 Create the integration bridge
>>     ovs-vsctl add-br br-int
>> 7. Start quantum service
>>     service quantum-server start
>>     chkconfig quantum-server on
>> 7.1 Start quantum agent
>>     service quantum-openvswitch-agent start
>>     chkconfig quantum-openvswitch-agent on
>> 8. Create a Quantum endpoint with keystone
>>     keystone service-create --name=quantum --type=network --description="Quantum Service"
>>     keystone endpoint-create --region RegionOne --service-id<ID>  --publicurl "http://127.0.0.1:9696" --adminurl "http://127.0.0.1:9696" --internalurl "http://127.0.0.1:9696"
>> 8.1 Create a keystone tenant and user.
>> 9. Now one is able to start to use the Quantum CLI
>>     9.1 Create a private network
>>         quantum net-create private
>>     9.2 Create a subnet
>>         quantum subnet-create 10.0.0.0/24
>> 10. In order for the IPAM to take place one needs to invoke the DHCP agent. Use DHCP setup tool:
>>     quantum-dhcp-setup
>> 11. Start DHCP agent
>>     service quantum-dhcp-agent start
>>     chkconfg quantum-dhcp-agent on
>> 12. Validate that a port has been created by the DHCP agent (quantum port-list). This port will have IP address 10.0.0.2. The gateway will 10.0.0.1.
>> 13. At this stage VM's can be deployed and they will receive IP addresses from the DHCP service.
>> 14. Layer 3 agent
>>     quantum-l3-setup
>>     Start service
>>     service quantum-l3-agent start
>>     chkconfig quantum-l3-agent on
>>
>> Please note that if you choose to use openvswitch then you will need to patch the following file:
>> /etc/init.d/quantum-ovs-cleanup
>> Swap the exec line with:
>> daemon --user quantum $exec --config-file /usr/share/$proj/$proj-dist.conf --config-file /etc/$proj/$proj.conf --config-file $config&>/dev/null
>> In addition to this you will need to ensure that this is run on boot:
>> chkconfig quantum-ovs-cleanup on
>>
>> Hopefully in the future packstack will do the majority of the stuff above.
>>
>> Please let me know if you have any problems or questions.
>> Thanks
>> Gary
>>>> Furthermore, does the tool support sub interface with VLAN TAGGING
>>>> enabled, such as eth2.277?
>>> I don't think so, but Derek would need to confirm.  I think this would
>>> be a feature enhancement.
>>>
>>> Perry