Neutron prerequisites for Red Hat Enterprise Linux
This OpenStack tutorial describes prerequisites to prepare your servers to leverage OpenStack Neutron with Red Hat Enterprise Linux (RHEL).
For a general description of Neutron networking concepts, refer to this Tutorial: Networking with OpenStack Neutron Basic Concepts
NOTE: Refer to this Tutorial for hardware requirements for Platform9 Managed OpenStack, if you haven’t already.
Prepare Your Linux/KVM Physical Servers for Neutron
Redundant Neutron Deployment
To run OpenStack Neutron, each of your physical servers (hypervisors) that run RHEL, as well as the Neutron network node must be prepared with following steps.
Step 1: Register the RHEL server and Subscribe to Red Hat Customer Portal
Platform9 Managed OpenStack supports RHEL versions 7.x and above. Run the following commands to register and attach the RHEL server to the Red Hat Customer Portal for updates, and enable the “server-optional” RPM repository.
[bash]subscription-manager register
subscription-manager attach
subscription-manager repos —enable=rhel-7-server-optional-rpms[/bash]
Step 2: Install, Enable, & Start the NTP Daemon.
This is required for all components to have their time synchronized.
[bash]yum install -y ntp
systemctl enable ntpd
systemctl start ntpd[/bash]
Step 3: Set SELinux to permissive
This is required for Open vSwitch (OVS) to be able to manage networking
[bash]sed -i s/SELINUX=enforcing/SELINUX=permissive/g /etc/selinux/config
setenforce 0[/bash]
Step 4: Disable Firewalld and NetworkManager
This is required for KVM and OVS to be able to create iptables rules directly without Firewalld getting in the way.
[bash]systemctl disable firewalld
systemctl stop firewalld[/bash]
[bash]systemctl disable NetworkManager
systemctl stop NetworkManager[/bash]
Step 5: Enable Network
[bash]systemctl enable network[/bash]Step 6: Load the modules needed for Neutron
[bash]modprobe bridgemodprobe 8021q
modprobe bonding
modprobe br_netfilter
echo bridge > /etc/modules-load.d/pf9.conf
echo 8021q >> /etc/modules-load.d/pf9.conf
echo bonding >> /etc/modules-load.d/pf9.conf
echo br_netfilter >> /etc/modules-load.d/pf9.conf[/bash]
Step 7: Add sysctl options
[bash]echo net.ipv4.conf.all.rp_filter=0 >> /etc/sysctl.confecho net.ipv4.conf.default.rp_filter=0 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-iptables=1 >> /etc/sysctl.conf
echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
echo net.ipv4.tcp_mtu_probing=1 >> /etc/sysctl.conf
sysctl -p[/bash]
Step 8: Add the Platform9 YUM Repo
[bash]yum -y install https://s3-us-west-1.amazonaws.com/platform9-neutron/noarch/platform9-neutron-repo-1-0.noarch.rpm[/bash]Step 9: Install Open vSwitch
[bash]yum -y install –disablerepo=”*” –enablerepo=”platform9-neutron-el7-repo” openvswitch[/bash]Step 10: Enable and start Open vSwitch
[bash]systemctl enable openvswitchsystemctl start openvswitch[/bash]
Step 11: Configure physical interfaces
We are assuming eth0 and eth1.
Please substitute your correct interface names
We are assuming an MTU of 9000 (VXLAN requires an MTU of at least 1600)
Make sure all physical switches are configured to handle this MTU or you will have problems.
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
MTU=9000
MASTER=bond0
SLAVE=yes
/etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
MTU=9000
MASTER=bond0
SLAVE=yes
Step 12: Setup the Bond interface
We are assuming bonding type=4 (LACP) refer to Bonding Types to learn more.
/etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
ONBOOT=yes
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-vlan
BONDING_MASTER=yes
BONDING_OPTS="mode=4"
MTU=9000
Step 13: Setup the VLAN trunk Bridge
/etc/sysconfig/network-scripts/ifcfg-br-vlan
DEVICE=br-vlan
BOOTPROTO=none
ONBOOT=yes
TYPE=OVSBridge
DEVICETYPE=ovs
Step 14: Setup the Management interface
We are assuming VLAN 101 for the Management network. Please use your correct VLAN ID for your environment.
We are assuming subnet 192.0.2.0/24 for Management. Please use your correct subnet
/etc/sysconfig/network-scripts/ifcfg-bond0.101
DEVICE=bond0.101
ONBOOT=yes
BOOTPROTO=none
TYPE=Vlan
VLAN=yes
IPADDR=192.0.2.10
NETMASK=255.255.255.0
GATEWAY=192.0.2.1
DNS1=192.0.2.100
DNS2=192.0.2.200
Step 15: Setup the VXLAN/GRE tunneling interface (Optional)
We are assuming VLAN 102 for VXLAN/GRE tunneling. Please use your correct VLAN
We are assuming subnet 198.51.100.0/24 for VXLAN/GRE tunneling. Please use your correct subnet.
/etc/sysconfig/network-scripts/ifcfg-bond0.102
DEVICE=bond0.102
ONBOOT=yes
BOOTPROTO=none
TYPE=Vlan
VLAN=yes
IPADDR=198.51.100.10
NETMASK=255.255.255.0
Step 16: Setup the External Interface and External Bridge
We are assuming VLAN 103 for the external network. Please use your correct VLAN.
/etc/sysconfig/network-scripts/ifcfg-bond0.103
DEVICE=bond0.103
ONBOOT=yes
BOOTPROTO=none
TYPE=OVSPort
VLAN=yes
OVS_BRIDGE=br-ext
/etc/sysconfig/network-scripts/ifcfg-br-ext
DEVICE=br-ext
ONBOOT=yes
BOOTPROTO=none
TYPE=OVSBridge
DEVICETYPE=ovs
Step 17: Setup the Storage interface (Optional)
We are assuming VLAN 104 for the storage network. Please use your correct VLAN.
We are assuming subnet 203.0.113.0/24 for the storage network. Please use your correct subnet.
/etc/sysconfig/network-scripts/ifcfg-bond0.104
DEVICE=bond0.104
ONBOOT=yes
BOOTPROTO=none
TYPE=Vlan
VLAN=yes
IPADDR=203.0.113.10
NETMASK=255.255.255.0
Step 18: Restart Networking
Make sure you have console access to your host. You will be disconnected if the configuration is incorrect.
[bash]systemctl restart network.service[/bash]