To create a SDN layer in OpenStack, we first need to install the software on our network node. This node will utilize Open vSwitch as our switch that we can use and control when defining our networks. Open vSwitch (OVS) is a production-quality, multilayer switch. In this section, we are going to configure the network node and we will use eth2 for creating Neutron tenant networks and eth3 for creating an externally routable network.
Ensure that you have a suitable server available for installation of the OpenStack network components. If you are using the accompanying Vagrant environment, this will be the network node that we will be using.
Ensure that you are logged in to the network node and that it has Internet access to allow us to install the required packages in our environment for running OVS and Neutron. If you created this node with Vagrant, you can execute the following command:
vagrant ssh network
Tip
Neutron requires access to a database and message queue. Check that the pre requisites have been installed by following the instructions at http://bit.ly/OpenStackCookbookPreReqs.
To configure our OpenStack network node, carry out the following steps:
- When we started our
networknode, using vagrant, we had to assign the third and fourth interfaces (eth2andeth3) an IP address. We no longer want an IP assigned to this physical interface, but we still want this under the control of Neutron and OVS. We will then move their corresponding addresses to a bridge. These bridges are shown in the preceding figure asbr-eth2andbr-ex. - Use the following commands to remove these IPs from our interfaces on the Network virtual machine created by Vagrant:
sudo ifconfig eth2 down sudo ifconfig eth2 0.0.0.0 up sudo ip link set eth2 promisc on sudo ifconfig eth3 down sudo ifconfig eth3 0.0.0.0 up sudo ip link set eth3 promisc on
Tip
If you are in a virtual environment, you need to ensure that your virtualization software is configured to allow VMs to enter promiscuous mode. Your virtualization software vendor documentation will provide guidance on how to do this.
On a physical server running Ubuntu, we configure this in our
/etc/network/interfacesfile as follows:auto eth2 iface eth2 inet manual up ip link set $IFACE up down ip link set $IFACE down auto eth3 iface eth3 inet manual up ip link set $IFACE up down ip link set $IFACE down
- We then update the packages installed on the node using the following commands:
sudo apt-get update sudo apt-get upgrade
- Next, we install the kernel headers package as the installation will compile some new kernel modules:
sudo apt-get install linux-headers-`uname -r` - We need to install some supporting applications and utilities using the following commands:
sudo apt-get install vlan bridge-utils dnsmasq-base dnsmasq-utils ipset python-mysqldb ntp
- We are now ready to install Open vSwitch:
sudo apt-get install openvswitch-switch openvswitch-datapath-dkms
- After this has installed and configured some kernel modules, we can start our OVS service with the following command:
sudo service openvswitch-switch start - Now we will proceed to install the Neutron components that run on this node: the Neutron DHCP Agent, the Neutron L3 Agent, the Neutron OVS Plugin, and the Neutron ML2 Plugin. The commands are as follows:
sudo apt-get install neutron-dhcp-agent neutron-l3-agent neutron-plugin-openvswitch-agent neutron-plugin-ml2
We have completed the installation of the packages on a new node in our environment that runs the software networking components of our SDN environment. This includes the OVS service through the ML2 Neutron plugin system and various Neutron components that interact with this. While we have used OVS in our example, there are many vendor plugins that include Nicira and Cisco UCS/Nexus among others. More details on the plugins that Neutron supports can be found at https://wiki.openstack.org/wiki/Neutron.
First, we configured our interface on this switch node that will serve as our tenant Neutron and External networks. The External network in OpenStack terms is often referred to as the Provider Network. On a physical server in a datacenter, this externally bridged interface (br-ex) will be connected to the network that routes to the rest of our physical servers. The assignment of this network is described in the recipe Creating an external Floating IP Neutron network. Both of the interfaces used by Neutron are created without an IP address so that our OpenStack environment can control this by bridging new networks to it. We assign IP addresses to the bridges themselves to create tunnels between these IP endpoints that have overlay networks created on them. It is these networks created within the tunnels that our instances get attached to in OpenStack.
A number of packages were installed on this network node. The list of packages that we specify for installation (excluding dependencies) is as follows:
|
Operating System |
|
|
Generic Networking Components |
|
|
Open vSwitch |
|
|
Neutron |
|