Bug 1129227

Summary: After Staypuft installer the external network with VLAN tag doesn't work.
Product: Red Hat OpenStack Reporter: Toni Freger <tfreger>
Component: openstack-foreman-installerAssignee: Jason Guiditta <jguiditt>
Status: CLOSED ERRATA QA Contact: Toni Freger <tfreger>
Severity: high Docs Contact:
Priority: unspecified    
Version: 5.0 (RHEL 7)CC: amuller, majopela, mangelajo, mburns, morazi, oblaut, rhos-maint, sclewis, yeylon
Target Milestone: ga   
Target Release: Installer   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openstack-foreman-installer-2.0.19-1.el6ost Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1132587 (view as bug list) Environment:
Last Closed: 2014-08-21 18:08:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1132587    

Description Toni Freger 2014-08-12 10:57:14 UTC 
Description of problem:
After Staypuft installer the external network with VLAN tag doesn't work.

Version-Release number of selected component (if applicable):
ruby193-rubygem-staypuft-0.1.22.el6ost
RHEL7

How reproducible:
100%

Steps to Reproduce:
1.Openstack installation via Staypuft installer
2.Networker+Controller+Compute node
3.creation of 2 networks: Internal and external vith VLAN.
For exemple:
 neutron net-create ext_net --provider:network_type vlan --provider:physical_network ext_vlan_range --provider:segmentation_id 232 --router:external=True 

The external transmission won't work, since the packets don't get tagged with a VLAN. 

According to Miguel Angel Ajo Pelayo:
configuration set with staypuft/foreman/puppet scripts
the external_network_bridge is kept = "br-ex" but should be empty

After doing this:

  488  openstack-config --set /etc/neutron/l3_agent.ini DEFAULT
  external_network_bridge ""
  491  service neutron-ovs-cleanup restart
  492  service neutron-netns-cleanup restart


The network can be created with the

neutron net-create ext_net --provider:network_type vlan
--provider:physical_network physnet-external --provider:segmentation_id 1
--router:external=True

And packets will actually get tagged.


Additional info:
The original bug, for provider support:
https://bugzilla.redhat.com/show_bug.cgi?id=976380
Comment 4 Miguel Angel Ajo 2014-08-12 14:11:49 UTC 
This setting 

 openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge ""

Works for both cases, external network on VLAN, or flat external network with no tagging.
Comment 5 Assaf Muller 2014-08-12 14:29:29 UTC 
Note that with this change, a VLAN device will not be created over the NIC, and SSH / management traffic from the external network will only be permitted from untagged traffic.

To clarify, from Neutron's point of view, external traffic from VMs / routers / what have you will work and will be tagged appropriately. However, if you wish to SSH into the machine via its external-facing NIC, you will have to do this via untagged traffic, or SSH into another NIC / from another network.
Comment 6 Jason Guiditta 2014-08-12 14:42:52 UTC 
Patch posted:
https://github.com/redhat-openstack/astapor/pull/348
Comment 10 errata-xmlrpc 2014-08-21 18:08:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1090.html