Quantum

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
(Configuration)
 
(29 intermediate revisions by 3 users not shown)
Line 2: Line 2:
  
 
The [http://wiki.openstack.org/Quantum Quantum] project provides "network connectivity as a service". This page tracks [[Cloud SIG|Fedora Cloud SIG]]'s effort to maintain Quantum in Fedora.  
 
The [http://wiki.openstack.org/Quantum Quantum] project provides "network connectivity as a service". This page tracks [[Cloud SIG|Fedora Cloud SIG]]'s effort to maintain Quantum in Fedora.  
 
This page will address the installation and configuration of the following:
 
* Quantum Server
 
* Quantum Plugins
 
  
 
The packaging can be found at:
 
The packaging can be found at:
 
* [https://admin.fedoraproject.org/pkgdb/acls/name/openstack-quantum openstack-quantum] [https://bugzilla.redhat.com/buglist.cgi?component=openstack-quantum&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=MODIFIED&bug_status=POST (bugs)]
 
* [https://admin.fedoraproject.org/pkgdb/acls/name/openstack-quantum openstack-quantum] [https://bugzilla.redhat.com/buglist.cgi?component=openstack-quantum&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=MODIFIED&bug_status=POST (bugs)]
  
== Quantum Server ==
+
== Quantum Plugins ==
  
=== '''Installation''' ===
+
Quantum supports a number of different backend implementations. These are called "plugins". The plugin used is defined in the quantum configuration file (core_plugin), for example for Open vSwitch:
The Quantum service is installed as follows:
+
  
  #> sudo yum install openstack-quantum
+
    core_plugin = quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2
  
OpenStack has a preview [[OpenStack#Preview repository|repository]], allowing Fedora N-1 users to try out OpenStack packages from the latest Fedora release.
+
Below is a list of the supported plugins. Each plugin may use a different networking technology. Some may be hardware based, others software based.
  
=== '''Configuration''' ===
+
{| class="wikitable"
The Quantum service requires the installation and configuration of a database. This can be achieved by running the following:
+
|-
 +
! Plugin !! Driver
 +
|-
 +
| [http://wiki.openstack.org/cisco-quantum Cisco] || quantum.plugins.cisco.network_plugin.PluginV2
 +
|-
 +
| [http://wiki.openstack.org/Quantum-Linux-Bridge-Plugin Linux Bridge] || quantum.plugins.linuxbridge.lb_quantum_plugin.LinuxBridgePluginV2
 +
|-
 +
| [http://nicira.com/en/platform-for-innovation Nicira] || quantum.plugins.nicira.nicira_nvp_plugin.QuantumPlugin.NvpPluginV2
 +
|-
 +
| [http://openvswitch.org/openstack/documentation/ Open vSwitch] || quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2
 +
|-
 +
| [http://www.osrg.net/ryu/index.html RYU] || quantum.plugins.ryu.ryu_quantum_plugin.RyuQuantumPluginV2
 +
|-
 +
| [http://wiki.openstack.org/wiki/Quantum_NEC_OpenFlow_Plugin NEC] || quantum.plugins.nec.nec_plugin_base.NECPluginV2Base
 +
|-
 +
| [http://www.openflowhub.org/display/floodlightcontroller/Quantum+REST+Proxy+Plugin BigSwitch] || quantum.plugins.bigswitch.plugin.QuantumRestProxyV2
 +
|-
 +
| [http://www.cloudbase.it/quantum-hyper-v-plugin/ CoudBase Hyper-V] || quantum.plugins.hyperv.hyperv_quantum_plugin.HyperVQuantumPlugin
 +
|-
 +
| [http://www.midokura.com/ MidoNet] || quantum.plugins.midonet.plugin.MidonetPluginV2
 +
|-
 +
| [http://www.brocade.com/ brocade] || quantum.plugins.brocade.QuantumPlugin.BrocadePluginV2
 +
|-
 +
| [http://www.plumgrid.com/ PLUMGrid] || quantum.plugins.plumgrid.plumgrid_nos_plugin.plumgrid_plugin.QuantumPluginPLUMgridV2
 +
|}
  
 +
The wiki will describe the installation and configuration of Open vSwitch and Linux Bridge plugins.
 +
 +
== Open vSwitch ==
 +
 +
=== '''Quantum Service''' ===
 +
 +
The Quantum service is installed as follows:
 +
  #> sudo yum install openstack-quantum
 +
  #> sudo yum install openstack-quantum-openvswitch
 +
 +
The Quantum service is configured as follows:
 
   #> sudo quantum-server-setup
 
   #> sudo quantum-server-setup
  
The above script makes use of a number of default settings. Make use of the ''--help'' option to see what can be configured. This will ensure that Quantum database is installed, started and configured. In addition to this the user will be requested to supply the relevant plugin. The plugins are discussed below.
+
'''Note''' the above script will create the database and set the relevant configuration files to work with the open vswitch plugin. The script will also make use of environment variables for keystone configuration. There are: OS_TENANT_NAME, OS_USERNAME and OS_PASSWORD.
  
Once the database has been created an configured the quantum service should be enabled and started.
+
Once the service has been configured it can be started as follows:
 +
  #> sudo service quantum-server start
 +
  #> sudo chkconfig quantum-server on
  
  #> sudo systemctl enable quantum-server.service
+
=== '''Compute Node''' ===
  #> sudo systemctl start quantum-server.service
+
  
'''Note''' the Quantum server should always start after the mysqld. This can be addressed by the following command:
+
A compute node will need the agent to be configured and run.
 +
  #> sudo yum install openstack-quantum-openvswitch
  
   #> sudo sed -i /usr/lib/systemd/system/quantum-server.service -e 's/^\(After=.*\)/\1 mysqld.service/'
+
The agent is configured follows:
 +
   #> sudo quantum-node-setup
  
'''Note''' if using Fedora 16, use /lib/systemd/... instead of /usr/lib/systemd/... in the above command.
+
'''Note''' the above script will set the relevant configuration files to work with the open vswitch plugin. The script will also make use of environment variables for keystone configuration. There are: OS_TENANT_NAME, OS_USERNAME and OS_PASSWORD.
  
'''Note''' the Quantum agent also needs to be enabled and started. Please see below.
+
A integration bridge needs to be created on the openvswitch. The bridge needs to be administratively created prior to running the agent.
 +
  #> sudo ovs-vsctl add-br br-int
  
=== '''OpenStack''' ===
+
Ensure that the interfaces are persistent after reboot. This is done by creating an interface file, for example for br-int:
Please note that the script ''quantum-server-setup'' will update the nova configuration file.
+
  
''Keystone'' Integration - TBD
+
  DEVICE=br-int
 +
  DEVICETYPE=ovs
 +
  TYPE=OVSBridge
 +
  ONBOOT=yes
 +
  BOOTPROTO=none
  
== Quantum Agents ==
+
Once configured it can be started as follows:
The agent is responsible for the dynamic configuration of the switches. The following plugin agents are supported:
+
  #> sudo service quantum-openvswitch-agent start
 +
  #> sudo chkconfig quantum-openvswitch-agent on
  
* [http://wiki.openstack.org/cisco-quantum Cisco]
+
'''Note''' if the host is rebooted then the openvswitch will create tap devices that existed on the switch prior to the reboot. This may affect the way in which the various quantum agents function. This is addressed by ensuring that the quantum-ovs-cleanup script is run at boot. This is done as follows:
* [http://wiki.openstack.org/Quantum-Linux-Bridge-Plugin Linux Bridge]
+
  #> sudo chkconfig quantum-ovs-cleanup on
* [http://nicira.com/en/platform-for-innovation Nicira]
+
* [http://openvswitch.org/openstack/documentation/ Open vSwitch]
+
* [http://www.osrg.net/ryu/index.html RYU]
+
  
=== '''Installation''' ===
+
=== '''IPAM''' ===
Each agent has its own installation package:
+
  
* Cisco
+
The Quantum DHCP agent enables VM's that are launched on a Quantum network to receive a IP address. The DHCP agent is part of the openstack-quantum package. This is installed as follows:
 +
  #> sudo yum install openstack-quantum
  
   #> sudo yum install openstack-quantum-cisco
+
The DHCP agent is configured as follows (please select openvswitch for the plugin):
 +
   #> sudo quantum-dhcp-setup
  
* Linux Bridge
+
Once the agent has been configured it can be started as follows:
 +
  #> sudo service quantum-dhcp-agent start
 +
  #> sudo chkconfig quantum-dhcp-agent on
  
  #> sudo yum install openstack-quantum-linuxbridge
+
'''Note''' if the DHCP agent is not run on a compute node then the same installation for the compute node need to performed.
  
* Nicira
+
=== '''Floating IP Support''' ===
  
   #> sudo yum install openstack-quantum-nicira
+
The Quantum L3 agent provides floating IP support for VM's that are launched. The L3 agent is part of the openstack-quantum package. This is installed as follows:
 +
   #> sudo yum install openstack-quantum
  
* Open vSwitch
+
The L3 agent is configured as follows (please select openvswitch for the plugin):
 +
  #> sudo quantum-l3-setup
  
   #> sudo yum install openstack-quantum-openvswitch
+
A external bridge needs to be created on the openvswitch. The bridge needs to be administratively created prior to running the L3 agent.
 +
   #> sudo ovs-vsctl add-br br-ex
  
An OVS “integration” bridge must be created. The VMs will connect to this bridge.
+
Ensure that the interfaces are persistent after reboot. This is done by creating an interface file, for example for br-ex:
  
  #> sudo ovs-vsctl add-br br-int
+
  DEVICE=br-ex
 +
  DEVICETYPE=ovs
 +
  TYPE=OVSBridge
 +
  ONBOOT=yes
 +
  BOOTPROTO=none
  
If you wish to connect this to an physical NIC, for example eth0), then do:
+
Once the agent has been configured it can be started as follows:
 +
  #> sudo service quantum-l3-agent start
 +
  #> sudo chkconfig quantum-l3-agent on
  
   #> sudo ovs-vsctl add-port br-int eth0
+
In order for the VM to be able communicate with the Nova meta data service then the quantum-metadata-agent needs to be run.
 +
   #> sudo service quantum-metadata-agent start
 +
  #> sudo chkconfig quantum-metadata-agent on
  
'''Note''' that br-int is defined in the ovs-quantum_plugin.ini file.  
+
'''Note''' if the L3 agent is not run on a compute node then the same installation for the compute node need to performed.
  
* RYU
+
== Linux Bridge ==
  
  #> sudo yum install openstack-quantum-ryu
+
=== '''Quantum Service''' ===
  
The agents need to be installed on all of the compute nodes.
+
The Quantum service is installed as follows:
 +
  #> sudo yum install openstack-quantum
 +
  #> sudo yum install openstack-quantum-linuxbridge
  
=== '''Configuration''' ===
+
The Quantum service is configured as follows:
The Quantum plugin must be configured so that it can interface with the Quantum server. This can be achieved by running the following:
+
  #> sudo quantum-server-setup
 +
 
 +
'''Note''' the above script will create the database and set the relevant configuration files to work with the linux bridge plugin. The script will also make use of environment variables for keystone configuration. There are: OS_TENANT_NAME, OS_USERNAME and OS_PASSWORD.
 +
 
 +
Once the service has been configured it can be started as follows:
 +
  #> sudo service quantum-server start
 +
  #> sudo chkconfig quantum-server on
 +
 
 +
=== '''Compute Node''' ===
 +
 
 +
A compute node will need the agent to be configured and run.
 +
  #> sudo yum install openstack-quantum-linuxbridge
  
 +
The agent is configured follows:
 
   #> sudo quantum-node-setup
 
   #> sudo quantum-node-setup
  
The above script makes use of a number of default settings. Make use of the ''--help'' option to see what can be configured. The Quantum database hostname is very important. Please make sure that this is defined in the hosts file.  
+
'''Note''' the above script will set the relevant configuration files to work with the linux bridge plugin. The script will also make use of environment variables for keystone configuration. There are: OS_TENANT_NAME, OS_USERNAME and OS_PASSWORD.
  
 +
Once configured it can be started as follows:
 +
  #> sudo service quantum-linuxbridge-agent start
 +
  #> sudo chkconfig quantum-linuxbridge-agent on
  
Both the linuxbridge and openvswitch plugins use qemu's "ethernet" network device, so to work around the problem described in https://bugzilla.redhat.com/show_bug.cgi?id=770020, do the following if using one of these plugins:
+
=== '''IPAM and Floating IP support''' ===
 +
This is the same as the openvswitch support. One just needs to select the linux bridge plugin.
  
$> sudo systemctl stop libvirtd.service
+
== Security Groups ==
$> cat >> /etc/libvirt/qemu.conf <<EOF
+
cgroup_device_acl = [
+
    "/dev/null", "/dev/full", "/dev/zero",
+
    "/dev/random", "/dev/urandom",
+
    "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
+
    "/dev/rtc", "/dev/hpet", "/dev/net/tun",
+
]
+
EOF
+
$> sudo systemctl start libvirtd.service
+
  
 +
Quantum now has support for security groups. In the case that Quantum supports security groups then the nova configuration file should be updated to support this:
  
Please note that you need to enable and start the relevant plugin agents. These are listed below:
+
    [DEFAULT]
 +
    security_group_api = quantum
 +
    firewall_driver = nova.virt.firewall.NoopFirewallDriver
  
* Linux Bridge
+
The table below indicates which plugins support security groups.
  
  #> sudo systemctl enable quantum-linuxbridge-agent.service
+
{| class="wikitable"
  #> sudo systemctl start quantum-linuxbridge-agent.service
+
|-
 +
! Plugin !! Security Group Support
 +
|-
 +
| [http://wiki.openstack.org/cisco-quantum Cisco] || {{result|none}}
 +
|-
 +
| [http://wiki.openstack.org/Quantum-Linux-Bridge-Plugin Linux Bridge] || {{result|pass}}
 +
|-
 +
| [http://nicira.com/en/platform-for-innovation Nicira] || {{result|pass}}
 +
|-
 +
| [http://openvswitch.org/openstack/documentation/ Open vSwitch] || {{result|pass}}
 +
|-
 +
| [http://www.osrg.net/ryu/index.html RYU] || {{result|pass}}
 +
|-
 +
| [http://wiki.openstack.org/wiki/Quantum_NEC_OpenFlow_Plugin NEC] || {{result|pass}}
 +
|-
 +
| [http://www.openflowhub.org/display/floodlightcontroller/Quantum+REST+Proxy+Plugin BigSwitch] || {{result|none}}
 +
|-
 +
| [http://www.cloudbase.it/quantum-hyper-v-plugin/ CoudBase Hyper-V] || {{result|pass}}
 +
|-
 +
| [http://www.midokura.com/ MidoNet] || {{result|none}}
 +
|-
 +
| [http://www.brocade.com/ brocade] || {{result|pass}}
 +
|-
 +
| [http://www.plumgrid.com/ PLUMGrid] || {{result|none}}
 +
|}
  
* Open vSwitch
+
The Quantum configuration file also requires some configurations. The firewall driver needs to be set. This is done in the [SECURITYGROUP] section.
  
  #> sudo systemctl enable quantum-openvswitch-agent.service
+
{| class="wikitable"
  #> sudo systemctl start quantum-openvswitch-agent.service
+
|-
 +
! Implementation !! firewall_driver
 +
|-
 +
| None || quantum.agent.firewall.NoopFirewallDriver
 +
|-
 +
| IP tables (linux bridge) || quantum.agent.linux.iptables_firewall.IptablesFirewallDriver
 +
|-
 +
| IP tables (ovs) || quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
 +
|}
  
In addition to this make sure that the openvswitch service is enabled and running.
+
'''Note''' when Quantum security groups are used the Nova libvirt driver '''MUST''' be LibvirtHybridOVSBridgeDriver.
  
  #> sudo systemctl enable openvswitch.service
+
== LBaaS ==
  #> sudo systemctl start openvswitch.service
+
  
* RYU
+
TBD
  
  #> sudo systemctl enable quantum-ryu-agent.service
+
== Nova ==
  #> sudo systemctl start quantum-ryu-agent.service
+
  
=== '''OpenStack''' ===
+
In order for Nova to support Quantum a number of parameters need to be set in the Nova configuration file so that Nova can interact with Quantum. The fields to be set are:
Please note that the script ''quantum-node-setup'' will update the nova configuration file.
+
  
''Keystone'' Integration - TBD
+
Quantum API driver:
 +
    network_api_class = nova.network.quantumv2.api.API
 +
 
 +
Keystone Authentication:
 +
    quantum_url =
 +
    quantum_admin_tenant_name =
 +
    quantum_auth_strategy = keystone
 +
    quantum_admin_auth_url =
 +
    quantum_admin_password =
 +
    quantum_admin_username =
 +
 
 +
Metadata parameters (if the metadata service is enabled):
 +
    service_quantum_metadata_proxy = True
 +
 
 +
In addition to this a VIF can be set. By default this is:
 +
    libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtGenericVIFDriver
 +
 
 +
If security groups are used with the openvswitch then
 +
    libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
 +
 
 +
In order for the nova to make use of the LibvirtGenericVIFDriver driver then Quantum must be able to return the type of VIF binding. The table below shows which plugins support this operation:
 +
 
 +
{| class="wikitable"
 +
|-
 +
! Plugin !! Security Group Support
 +
|-
 +
| [http://wiki.openstack.org/cisco-quantum Cisco] || {{result|none}}
 +
|-
 +
| [http://wiki.openstack.org/Quantum-Linux-Bridge-Plugin Linux Bridge] || {{result|pass}}
 +
|-
 +
| [http://nicira.com/en/platform-for-innovation Nicira] || {{result|none}}
 +
|-
 +
| [http://openvswitch.org/openstack/documentation/ Open vSwitch] || {{result|pass}}
 +
|-
 +
| [http://www.osrg.net/ryu/index.html RYU] || {{result|none}}
 +
|-
 +
| [http://wiki.openstack.org/wiki/Quantum_NEC_OpenFlow_Plugin NEC] || {{result|pass}}
 +
|-
 +
| [http://www.openflowhub.org/display/floodlightcontroller/Quantum+REST+Proxy+Plugin BigSwitch] || {{result|pass}}
 +
|-
 +
| [http://www.cloudbase.it/quantum-hyper-v-plugin/ CoudBase Hyper-V] || {{result|pass}}
 +
|-
 +
| [http://www.midokura.com/ MidoNet] || {{result|none}}
 +
|-
 +
| [http://www.brocade.com/ brocade] || {{result|pass}}
 +
|-
 +
| [http://www.plumgrid.com/ PLUMGrid] || {{result|none}}
 +
|}
  
 
== Troubleshooting ==
 
== Troubleshooting ==
Line 142: Line 279:
 
* ''/etc/quantum/plugins.ini'' contains the specific plugin module. Check that this matches the intended plugin
 
* ''/etc/quantum/plugins.ini'' contains the specific plugin module. Check that this matches the intended plugin
 
* ''/etc/quantum/quantum.conf'' contains information relevant to the server. Check that the server is running and that the ''bind_port'' is indeed up.
 
* ''/etc/quantum/quantum.conf'' contains information relevant to the server. Check that the server is running and that the ''bind_port'' is indeed up.
* If the Quantum server does not start after reboot, and you are using mysql, then make sure that the Quantum server starts after the ''mysqld.service''.
+
* ''/etc/quantum/quantum.conf'' contains information relevant to the message broker.
 +
* It may be useful to look for errors in ''/var/log/quantum/server.log''
  
 
=== '''Quantum Plugin''' ===
 
=== '''Quantum Plugin''' ===
 
* ''/etc/quantum/plugins.ini'' contains the specific plugin module. Check that this matches the intended plugin
 
* ''/etc/quantum/plugins.ini'' contains the specific plugin module. Check that this matches the intended plugin
 
* ''/etc/quantum/quantum.conf'' contains the specific plugin module. Check that this matches the intended plugin
 
* ''/etc/quantum/quantum.conf'' contains the specific plugin module. Check that this matches the intended plugin
 +
* ''/var/log/messages'' may contain information regarding the agent
 +
* It may be useful to look for errors in ''/var/log/quantum/<agent>.log''
  
=== '''OpenStack''' ===
+
=== '''Nova''' ===
* It may be useful to look for errors in ''/var/log/nova/network.log'' and ''/var/log/nova/nova-dhcpbridge.log''  
+
* It may be useful to look for errors in ''/var/log/nova/network.log''
 
* Common configuration: ''/etc/nova/nova.conf'' contains the relevant quantum configuration.
 
* Common configuration: ''/etc/nova/nova.conf'' contains the relevant quantum configuration.
 
    network_manager=nova.network.quantum.manager.QuantumManager
 
    quantum_connection_host=localhost
 
    quantum_connection_port=9696
 
    quantum_use_dhcp=True
 
 
* Cisco
 
 
    scheduler_driver=quantum.plugins.cisco.nova.quantum_port_aware_scheduler.QuantumPortAwareScheduler
 
    libvirt_vif_type=802.1Qbh
 
    libvirt_vif_driver=quantum.plugins.cisco.nova.vifdirect.Libvirt802dot1QbhDriver
 
 
* Linux Bridge:
 
 
    libvirt_vif_type=ethernet
 
    libvirt_vif_driver=nova.virt.libvirt.vif.QuantumLinuxBridgeVIFDriver
 
    linuxnet_interface_driver=nova.network.linux_net.QuantumLinuxBridgeInterfaceDriver
 
 
* Open vSwitch:
 
 
    libvirt_vif_type=ethernet
 
    libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtOpenVswitchDriver
 
    linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver
 
  
 
== Useful Quantum Links ==
 
== Useful Quantum Links ==
 +
* [[Quantum_Converting_Plugins|HOWTO on converting between one Quantum Plugin and another]]
 +
* [[Packstack_to_Quantum|HOWTO on converting to Quantum Networking from Nova Networking after a Packstack install]]
 
* [http://docs.openstack.org/incubation/openstack-network/admin/content/ Quantum Administrators Guide]
 
* [http://docs.openstack.org/incubation/openstack-network/admin/content/ Quantum Administrators Guide]
 
* [http://wiki.openstack.org/QuantumOverview Quantum Design Principles]
 
* [http://wiki.openstack.org/QuantumOverview Quantum Design Principles]
Line 181: Line 300:
 
* [http://github.com/openstack/quantum Quantum Source Code]
 
* [http://github.com/openstack/quantum Quantum Source Code]
  
[[Category:Cloud SIG]]
+
[[Category:OpenStack]]

Latest revision as of 13:42, 27 March 2013

Contents

[edit] Quantum

The Quantum project provides "network connectivity as a service". This page tracks Fedora Cloud SIG's effort to maintain Quantum in Fedora.

The packaging can be found at:

[edit] Quantum Plugins

Quantum supports a number of different backend implementations. These are called "plugins". The plugin used is defined in the quantum configuration file (core_plugin), for example for Open vSwitch:

   core_plugin = quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2

Below is a list of the supported plugins. Each plugin may use a different networking technology. Some may be hardware based, others software based.

Plugin Driver
Cisco quantum.plugins.cisco.network_plugin.PluginV2
Linux Bridge quantum.plugins.linuxbridge.lb_quantum_plugin.LinuxBridgePluginV2
Nicira quantum.plugins.nicira.nicira_nvp_plugin.QuantumPlugin.NvpPluginV2
Open vSwitch quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2
RYU quantum.plugins.ryu.ryu_quantum_plugin.RyuQuantumPluginV2
NEC quantum.plugins.nec.nec_plugin_base.NECPluginV2Base
BigSwitch quantum.plugins.bigswitch.plugin.QuantumRestProxyV2
CoudBase Hyper-V quantum.plugins.hyperv.hyperv_quantum_plugin.HyperVQuantumPlugin
MidoNet quantum.plugins.midonet.plugin.MidonetPluginV2
brocade quantum.plugins.brocade.QuantumPlugin.BrocadePluginV2
PLUMGrid quantum.plugins.plumgrid.plumgrid_nos_plugin.plumgrid_plugin.QuantumPluginPLUMgridV2

The wiki will describe the installation and configuration of Open vSwitch and Linux Bridge plugins.

[edit] Open vSwitch

[edit] Quantum Service

The Quantum service is installed as follows:

 #> sudo yum install openstack-quantum
 #> sudo yum install openstack-quantum-openvswitch

The Quantum service is configured as follows:

 #> sudo quantum-server-setup

Note the above script will create the database and set the relevant configuration files to work with the open vswitch plugin. The script will also make use of environment variables for keystone configuration. There are: OS_TENANT_NAME, OS_USERNAME and OS_PASSWORD.

Once the service has been configured it can be started as follows:

 #> sudo service quantum-server start
 #> sudo chkconfig quantum-server on

[edit] Compute Node

A compute node will need the agent to be configured and run.

 #> sudo yum install openstack-quantum-openvswitch

The agent is configured follows:

 #> sudo quantum-node-setup

Note the above script will set the relevant configuration files to work with the open vswitch plugin. The script will also make use of environment variables for keystone configuration. There are: OS_TENANT_NAME, OS_USERNAME and OS_PASSWORD.

A integration bridge needs to be created on the openvswitch. The bridge needs to be administratively created prior to running the agent.

 #> sudo ovs-vsctl add-br br-int

Ensure that the interfaces are persistent after reboot. This is done by creating an interface file, for example for br-int:

  DEVICE=br-int
  DEVICETYPE=ovs
  TYPE=OVSBridge
  ONBOOT=yes
  BOOTPROTO=none

Once configured it can be started as follows:

 #> sudo service quantum-openvswitch-agent start
 #> sudo chkconfig quantum-openvswitch-agent on

Note if the host is rebooted then the openvswitch will create tap devices that existed on the switch prior to the reboot. This may affect the way in which the various quantum agents function. This is addressed by ensuring that the quantum-ovs-cleanup script is run at boot. This is done as follows:

 #> sudo chkconfig quantum-ovs-cleanup on

[edit] IPAM

The Quantum DHCP agent enables VM's that are launched on a Quantum network to receive a IP address. The DHCP agent is part of the openstack-quantum package. This is installed as follows:

 #> sudo yum install openstack-quantum

The DHCP agent is configured as follows (please select openvswitch for the plugin):

 #> sudo quantum-dhcp-setup

Once the agent has been configured it can be started as follows:

 #> sudo service quantum-dhcp-agent start
 #> sudo chkconfig quantum-dhcp-agent on

Note if the DHCP agent is not run on a compute node then the same installation for the compute node need to performed.

[edit] Floating IP Support

The Quantum L3 agent provides floating IP support for VM's that are launched. The L3 agent is part of the openstack-quantum package. This is installed as follows:

 #> sudo yum install openstack-quantum

The L3 agent is configured as follows (please select openvswitch for the plugin):

 #> sudo quantum-l3-setup

A external bridge needs to be created on the openvswitch. The bridge needs to be administratively created prior to running the L3 agent.

 #> sudo ovs-vsctl add-br br-ex

Ensure that the interfaces are persistent after reboot. This is done by creating an interface file, for example for br-ex:

  DEVICE=br-ex
  DEVICETYPE=ovs
  TYPE=OVSBridge
  ONBOOT=yes
  BOOTPROTO=none

Once the agent has been configured it can be started as follows:

 #> sudo service quantum-l3-agent start
 #> sudo chkconfig quantum-l3-agent on

In order for the VM to be able communicate with the Nova meta data service then the quantum-metadata-agent needs to be run.

 #> sudo service quantum-metadata-agent start
 #> sudo chkconfig quantum-metadata-agent on

Note if the L3 agent is not run on a compute node then the same installation for the compute node need to performed.

[edit] Linux Bridge

[edit] Quantum Service

The Quantum service is installed as follows:

 #> sudo yum install openstack-quantum
 #> sudo yum install openstack-quantum-linuxbridge

The Quantum service is configured as follows:

 #> sudo quantum-server-setup

Note the above script will create the database and set the relevant configuration files to work with the linux bridge plugin. The script will also make use of environment variables for keystone configuration. There are: OS_TENANT_NAME, OS_USERNAME and OS_PASSWORD.

Once the service has been configured it can be started as follows:

 #> sudo service quantum-server start
 #> sudo chkconfig quantum-server on

[edit] Compute Node

A compute node will need the agent to be configured and run.

 #> sudo yum install openstack-quantum-linuxbridge

The agent is configured follows:

 #> sudo quantum-node-setup

Note the above script will set the relevant configuration files to work with the linux bridge plugin. The script will also make use of environment variables for keystone configuration. There are: OS_TENANT_NAME, OS_USERNAME and OS_PASSWORD.

Once configured it can be started as follows:

 #> sudo service quantum-linuxbridge-agent start
 #> sudo chkconfig quantum-linuxbridge-agent on

[edit] IPAM and Floating IP support

This is the same as the openvswitch support. One just needs to select the linux bridge plugin.

[edit] Security Groups

Quantum now has support for security groups. In the case that Quantum supports security groups then the nova configuration file should be updated to support this:

   [DEFAULT]
   security_group_api = quantum
   firewall_driver = nova.virt.firewall.NoopFirewallDriver

The table below indicates which plugins support security groups.

Plugin Security Group Support
Cisco
none
Linux Bridge
Pass pass
Nicira
Pass pass
Open vSwitch
Pass pass
RYU
Pass pass
NEC
Pass pass
BigSwitch
none
CoudBase Hyper-V
Pass pass
MidoNet
none
brocade
Pass pass
PLUMGrid
none

The Quantum configuration file also requires some configurations. The firewall driver needs to be set. This is done in the [SECURITYGROUP] section.

Implementation firewall_driver
None quantum.agent.firewall.NoopFirewallDriver
IP tables (linux bridge) quantum.agent.linux.iptables_firewall.IptablesFirewallDriver
IP tables (ovs) quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

Note when Quantum security groups are used the Nova libvirt driver MUST be LibvirtHybridOVSBridgeDriver.

[edit] LBaaS

TBD

[edit] Nova

In order for Nova to support Quantum a number of parameters need to be set in the Nova configuration file so that Nova can interact with Quantum. The fields to be set are:

Quantum API driver:

   network_api_class = nova.network.quantumv2.api.API

Keystone Authentication:

   quantum_url =
   quantum_admin_tenant_name =
   quantum_auth_strategy = keystone
   quantum_admin_auth_url =
   quantum_admin_password =
   quantum_admin_username =

Metadata parameters (if the metadata service is enabled):

   service_quantum_metadata_proxy = True

In addition to this a VIF can be set. By default this is:

   libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtGenericVIFDriver

If security groups are used with the openvswitch then

   libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver

In order for the nova to make use of the LibvirtGenericVIFDriver driver then Quantum must be able to return the type of VIF binding. The table below shows which plugins support this operation:

Plugin Security Group Support
Cisco
none
Linux Bridge
Pass pass
Nicira
none
Open vSwitch
Pass pass
RYU
none
NEC
Pass pass
BigSwitch
Pass pass
CoudBase Hyper-V
Pass pass
MidoNet
none
brocade
Pass pass
PLUMGrid
none

[edit] Troubleshooting

[edit] Quantum Server

  • /etc/quantum/plugins.ini contains the specific plugin module. Check that this matches the intended plugin
  • /etc/quantum/quantum.conf contains information relevant to the server. Check that the server is running and that the bind_port is indeed up.
  • /etc/quantum/quantum.conf contains information relevant to the message broker.
  • It may be useful to look for errors in /var/log/quantum/server.log

[edit] Quantum Plugin

  • /etc/quantum/plugins.ini contains the specific plugin module. Check that this matches the intended plugin
  • /etc/quantum/quantum.conf contains the specific plugin module. Check that this matches the intended plugin
  • /var/log/messages may contain information regarding the agent
  • It may be useful to look for errors in /var/log/quantum/<agent>.log

[edit] Nova

  • It may be useful to look for errors in /var/log/nova/network.log
  • Common configuration: /etc/nova/nova.conf contains the relevant quantum configuration.

[edit] Useful Quantum Links