I am trying to get an OS instance up&running on my local infrastructure (currently VirtualBox VMs only) using the official install-guides for Debian/Ubuntu as I am running on Debian 10 (Buster).
OS stream is Viktoria.
Setup is as minimalistic as possible with keystone, glance, placement, nova, neutron and horizon on the controller node (oc1) and nova and neutron on the compute node (on1). For now, no cinder etc.
Network setup is as follows (a bit more complicated due to the connectivity "restrictions" of the VirtualBox interfaces):
enp0s3 - not used for OS - HostOnlyNetwork - 192.168.0.0/24 - 192.168.0.11 for oc1 and 192.168.0.101 for on1
enp0s8 - Management network - NatNetwork - 10.0.77.0/24 - 10.0.77.11 for oc1 and 10.0.77.101 for on1
enp0s9 - Provider network - NatNetwork - 10.0.2.0/24 - no IPs set as referred on the install guide
On both nodes, I get the following error in neutron-linuxbridge-agent.log:
2020-12-30 14:46:16.506 17101 INFO neutron.common.config [-] Logging enabled!
2020-12-30 14:46:16.506 17101 INFO neutron.common.config [-] /usr/bin/neutron-linuxbridge-agent version 17.0.0
2020-12-30 14:46:16.507 17101 INFO neutron.plugins.ml2.drivers.linuxbridge.agent.linuxbridge_neutron_agent [-] Interface mappings: {'provider': 'enp0s9'}
2020-12-30 14:46:16.507 17101 INFO neutron.plugins.ml2.drivers.linuxbridge.agent.linuxbridge_neutron_agent [-] Bridge mappings: {}
2020-12-30 14:46:16.510 17101 INFO oslo.privsep.daemon [-] Running privsep helper: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'privsep-helper', '--config-file', '/etc/neutron/neutron.conf', '--config-file', '/etc/neutron/plugins/ml2/ml2_conf.ini', '--config-file', '/etc/neutron/plugins/ml2/linuxbridge_agent.ini', '--privsep_context', 'neutron.privileged.default', '--privsep_sock_path', '/tmp/tmpt5qzvtx0/privsep.sock']
2020-12-30 14:46:17.280 17101 INFO oslo.privsep.daemon [-] Spawned new privsep daemon via rootwrap
2020-12-30 14:46:17.648 17101 ERROR neutron.plugins.ml2.drivers.linuxbridge.agent.linuxbridge_neutron_agent [-] Tunneling cannot be enabled without the local_ip bound to an interface on the host. Please configure local_ip None on the host interface to be used for tunneling and restart the agent.
I don't understand this error, as I did NOT set up vxlan and/or openvswitch at all (strictly following the Networking Option 1: Provider networks
linuxbridge_agent.ini (both - oc1 and on1):
[DEFAULT]
[agent]
[linux_bridge]
physical_interface_mappings = provider:enp0s9
[network_log]
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_security_group = true
[vxlan]
ml2_conf.ini (both - oc1 and on1):
[DEFAULT]
debug = true
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_geneve]
[ml2_type_gre]
[ml2_type_vlan]
[ml2_type_vxlan]
vni_ranges = 1:1000
[ovs_driver]
[securitygroup]
enable_security_group = True
enable_ipset = True
[sriov_driver]
neutron.conf (on1):
[DEFAULT]
auth_strategy = keystone
core_plugin = ml2
service_plugins = router,metering,qos
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
interface_driver = linuxbridge
transport_url = rabbit://openstack:*os_rabbit_pass*@oc1
[agent]
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
[cors]
[database]
connection = sqlite:///var/lib/neutron/neutrondb
[ironic]
[keystone_authtoken]
auth_url = http://oc1:5000
project_name = service
project_domain_name = default
username = neutron
user_domain_name = default
password = *neutron_pass*
www_authenticate_uri = http://oc1:5000
region_name = RegionOne
memcached_servers = oc1:11211
auth_type = password
[nova]
region_name = RegionOne
auth_url = http://oc1:5000
auth_type = password
password = *nova_pass*
project_domain_name = default
project_name = service
user_domain_name = default
username = nova
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
policy_file = /etc/neutron/policy.json
policy_dirs = /etc/neutron/policy.d
[privsep]
[quotas]
[ssl]
neutron.conf (oc1):
[DEFAULT]
auth_strategy = keystone
core_plugin = ml2
service_plugins =
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
interface_driver = linuxbridge
transport_url = rabbit://openstack:*os_rabbit_pass*@oc1
[agent]
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
[cors]
[database]
connection = mysql+pymysql://neutron:*neutron_db_pass*@oc1/neutron
[ironic]
[keystone_authtoken]
auth_url = http://oc1:5000
project_name = service
project_domain_name = default
username = neutron
user_domain_name = default
password = *neutron_pass*
www_authenticate_uri = http://oc1:5000
region_name = RegionOne
memcached_servers = oc1:11211
auth_type = password
[nova]
region_name = RegionOne
auth_url = http://oc1:5000
auth_type = password
password = *nova_pass*
project_domain_name = default
project_name = service
user_domain_name = default
username = nova
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
policy_file = /etc/neutron/policy.json
policy_dirs = /etc/neutron/policy.d
[privsep]
[quotas]
[ssl]
Did I miss something or (sic!) make somewhere an error in configuring the service?
