Bug 1129227 - After Staypuft installer the external network with VLAN tag doesn't work.
Summary: After Staypuft installer the external network with VLAN tag doesn't work.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-foreman-installer
Version: 5.0 (RHEL 7)
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ga
: Installer
Assignee: Jason Guiditta
QA Contact: Toni Freger
URL:
Whiteboard:
Depends On:
Blocks: 1132587
TreeView+ depends on / blocked
 
Reported: 2014-08-12 10:57 UTC by Toni Freger
Modified: 2019-09-10 14:11 UTC (History)
9 users (show)

Fixed In Version: openstack-foreman-installer-2.0.19-1.el6ost
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1132587 (view as bug list)
Environment:
Last Closed: 2014-08-21 18:08:52 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1090 0 normal SHIPPED_LIVE Red Hat Enterprise Linux OpenStack Platform Enhancement Advisory 2014-08-22 15:28:08 UTC

Description Toni Freger 2014-08-12 10:57:14 UTC 
Description of problem:
After Staypuft installer the external network with VLAN tag doesn't work.

Version-Release number of selected component (if applicable):
ruby193-rubygem-staypuft-0.1.22.el6ost
RHEL7

How reproducible:
100%

Steps to Reproduce:
1.Openstack installation via Staypuft installer
2.Networker+Controller+Compute node
3.creation of 2 networks: Internal and external vith VLAN.
For exemple:
 neutron net-create ext_net --provider:network_type vlan --provider:physical_network ext_vlan_range --provider:segmentation_id 232 --router:external=True 

The external transmission won't work, since the packets don't get tagged with a VLAN. 

According to Miguel Angel Ajo Pelayo:
configuration set with staypuft/foreman/puppet scripts
the external_network_bridge is kept = "br-ex" but should be empty

After doing this:

  488  openstack-config --set /etc/neutron/l3_agent.ini DEFAULT
  external_network_bridge ""
  491  service neutron-ovs-cleanup restart
  492  service neutron-netns-cleanup restart


The network can be created with the

neutron net-create ext_net --provider:network_type vlan
--provider:physical_network physnet-external --provider:segmentation_id 1
--router:external=True

And packets will actually get tagged.


Additional info:
The original bug, for provider support:
https://bugzilla.redhat.com/show_bug.cgi?id=976380
Comment 4 Miguel Angel Ajo 2014-08-12 14:11:49 UTC 
This setting 

 openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge ""

Works for both cases, external network on VLAN, or flat external network with no tagging.
Comment 5 Assaf Muller 2014-08-12 14:29:29 UTC 
Note that with this change, a VLAN device will not be created over the NIC, and SSH / management traffic from the external network will only be permitted from untagged traffic.

To clarify, from Neutron's point of view, external traffic from VMs / routers / what have you will work and will be tagged appropriately. However, if you wish to SSH into the machine via its external-facing NIC, you will have to do this via untagged traffic, or SSH into another NIC / from another network.
Comment 6 Jason Guiditta 2014-08-12 14:42:52 UTC 
Patch posted:
https://github.com/redhat-openstack/astapor/pull/348
Comment 10 errata-xmlrpc 2014-08-21 18:08:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1090.html
Note You need to log in before you can comment on or make changes to this bug.