4.9 Setting up Neutron

4.9.1 Configuring VLAN Networks
4.9.2 Setting up Multiple External Network Interfaces
4.9.3 Enabling Distributed Virtual Routing (DVR)
4.9.4 Enabling Neutron Agent High Availability
4.9.5 Setting the Network Maximum Transmission Unit (MTU)

The Neutron network service enables you to create and attach interface devices managed by other OpenStack services to networks.

4.9.1 Configuring VLAN Networks

With Neutron network services, the default tenant networking option is to use GRE/VxLANs. GRE/VxLANs are the preferred tenant networking option for enterprise deployments. If you prefer to use VLANs for your tenant networks, you need to use the kollacli property set command to set the following properties before you perform the deployment:

neutron_tenant_type

The tenant network type. Valid options for this are vlan, gre and vxlan. The default is vxlan. To use VLANs for tenant networks, set this to vlan.

neutron_vlan_physnet

The name of the VLAN network. The default is physnet1, which is generally used to name flat networks. To avoid confusion with a flat network, you should change this to something other than the default, for example, physnet2. To add multiple VLAN networks, use a comma-separated list.

neutron_vlan_range

The range for VLAN IDs, in the format start_range:end_range. The default range is 1:1000. To add multiple VLAN ID ranges, use a comma-separated list.

neutron_vlan_bridge

The name for the VLAN network bridge. The default name is br-vlan. To add multiple bridges, use a comma-separated list.

neutron_vlan_interface

The VLAN traffic network interface name. The network interface must be available on each compute and network node, and by default must have the same name.

If the nodes have differing network interface names, you can use group and host properties to set different interface names, see Section 4.5, “Setting Properties for Groups or Hosts”.

The interface must not have an IP address (because it is a bridged interface) and it must not be the same interface as either the network_interface or neutron_external_interface.

To add multiple VLAN interfaces, use a comma-separated list.

For example: 

$ kollacli property set neutron_tenant_type vlan 
$ kollacli property set neutron_vlan_physnet physnet2
$ kollacli property set neutron_vlan_range 1000:2000
$ kollacli property set neutron_vlan_interface em3

4.9.2 Setting up Multiple External Network Interfaces

The default network interface to connect to the external (public) network is a single network interface. You can change the configuration to enable more than one network interface to connect to the external network.

To set up multiple external network interfaces, use the kollacli property set command to configure the following properties before you perform the deployment:

neutron_external_interface

The name of the network interfaces. The default is eth1. To use multiple external network interfaces, use a comma-separated list.

neutron_bridge_name

The name of the network bridges. The default is br-ex. To use multiple bridges, use a comma-separated list.

For example, to set up multiple external network interfaces by specifying the NICs and bridges to the external networks: 

$ kollacli property set neutron_external_interface em2,em3
$ kollacli property set neutron_bridge_name br-ex1,br-ex2

To set up multiple external network interfaces for a VLAN network: 

$ kollacli property set neutron_vlan_physnet physnet2,physnet3

For more information about VLAN networks, see Section 4.9.1, “Configuring VLAN Networks”.

4.9.3 Enabling Distributed Virtual Routing (DVR)

In a default Oracle OpenStack for Oracle Linux deployment, the routers that provide the connectivity between tenant (project) networks, and between tenant networks and external networks, are created as a single virtual router on a network node. This represents a potential point of failure, and has implications for performance and scalability.

To address this issue, you can enable Distributed Virtual Routing (DVR). With DVR, routers are created automatically on compute nodes as instances are connected to networks. The routers on the compute nodes can route connections between instances on the same tenant network, and connections between instances and external networks, where instances have been assigned a floating IP. Connections between instances without a floating IP and external networks are handled by the network node.

DVR is not enabled by default. DVR only works with the Open vSwitch mechanism driver. Compute nodes must have a network interface on the external network and the interface should not have an IP address. DVR can be used with all the supported tenant network types.

If you enable DVR, it is recommended that you also enable high availability for the virtual routers, see Section 4.9.4, “Enabling Neutron Agent High Availability”.

To enable DVR, use the kollacli property set command to configure the following properties before you perform the deployment:

enable_neutron_dvr

Enable DVR. Valid settings are yes and no. The default is no.

neutron_external_interface

The name of the network interface (for example, em2) which is connected to the external network where the neutron public network will be created. This interface should not have an IP address and should not be the same as the interface specified for the network_interface property. This interface must be available on all the network nodes, and on all the compute nodes. To use multiple external network interfaces, use a comma-separated list, for example: 

$ kollacli property set neutron_external_interface em2,em3
neutron_plugin_agent

The name of the Neutron mechanism driver and agent. Valid settings are openvswitch and linuxbridge. The default is openvswitch. For DVR, this must be set to openvswitch.

For example: 

$ kollacli property set enable_neutron_dvr yes
$ kollacli property set neutron_external_interface em2

4.9.4 Enabling Neutron Agent High Availability

Neutron agent high availability enables you to distribute virtual routers and DHCP agents across multiple nodes so that there is a backup for the services these components provide in the event of a failure.

For virtual routers, Neutron uses the Virtual Router Redundancy Protocol (VRRP) to provide high availability of a network's default gateway by enabling two or more routers to provide backup for this address. Only one virtual router is active (the master), the others are backups. The backups listen for regular VRRP multicast advertisement packets from the master. If the backups fail to receive a set number of advertisement packets, a backup takes over as the master. You configure a minimum and a maximum number of virtual routers to ensure that high availability is maintained and that additional virtual routers are added if you increase the number of network nodes.

For DHCP agents, you configure the number of agents you want to run for each project (tenant) network.

To enable Neutron agent high availability, use the kollacli property set command to configure the following properties before you perform the deployment:

enable_neutron_agent_ha

Enable Neutron agent high availability. Valid settings are yes and no. The default is no.

dhcp_agents_per_network

The number of DHCP agents to run for each project (tenant) network. The default is 2. For high availability, this must be set to 2 or more.

max_l3_agents_per_router

The maximum number of network nodes (or compute nodes if DVR is enabled) to use for each highly available router. The default is 3.

min_l3_agents_per_router

The minimum number of network nodes (or compute nodes if DVR is enabled) to use for each highly available router. The default is 2. For high availability, this must be set to 2 or more.

4.9.5 Setting the Network Maximum Transmission Unit (MTU)

You can set the maximum transmission unit (MTU) for networking components in Neutron. Setting the MTU in Neutron is supported with OpenvSwitch and Linux bridge.

You may want to set the MTU to enable Jumbo Frames for the network interfaces managed by Neutron. To enable Jumbo Frames in Neutron, you must also have Jumbo Frames enabled and configured in all physical network interfaces, and physical and virtual network layers.

To set the MTU, use the kollacli property set command to configure the following properties before you perform the deployment:

advertise_mtu

Sets whether to enable setting the MTU in Neutron. This property is not set by default, so any MTU settings in Neutron are disabled. Setting this to True enables setting the MTU options in Neutron.

global_physnet_mtu

Sets the MTU for all networks. The default is 9000.

physical_network_mtus

Sets the MTU for one or more specific networks. This overrides the global_physnet_mtu parameter for the network(s) listed. The default is physnet1:9000. To add mutliple networks, use a comma-separated list, for example: 

$ kollacli property set physical_network_mtus physnet1:9000,physnet2:9000
path_mtu

Sets the MTU for instances (tenant networks). The default is 1500. This value can be no larger than the value of global_physnet_mtu.

For example, to increase the MTU to enable Jumbo Frames for instances on a VxLAN tenant network: 

$ kollacli property set advertise_mtu = True
$ kollacli property set path_mtu 9000

Copyright © 2016, 2017 Oracle and/or its affiliates. All rights reserved. Legal Notices