OpenStack Network Configuration for Avi Controller Cluster

This article explains how to configure a cluster in Avi Vantage for an OpenStack cloud. To provide Avi Controller high availability (HA), add two additional Controller nodes to create a 3-node Controller cluster. For more details on deploying a cluster, refer to Deploying an Avi Controller Cluster.

Prerequisites for Cluster Deployment

There are certain prerequisites defined for the leader and follower nodes in a cluster. For complete information, refer to Prerequisites for Cluster Deployment.
From an OpenStack perspective, consider the following:

  1. A Neutron port is created and is available for cluster VIP.
  2. A floating IP is available for Neutron port.

Deploying an Avi Controller Cluster

For complete information on configuring Controller’s management interfaces and cluster IP, refer to Deploying an Avi Controller Cluster. The following steps are for creating OpenStack floating IP and binding that with the cluster IP:

  1. Add the cluster IP and the secondary IP for the cluster leader. As shown in Figure 1, 172.16.0.65 is the cluster IP which is added as the secondary IP for the cluster leader.

    Figure_1

    Figure 1. OpenStack Cluster Configuration

    
       root@172-16-0-66:~# ip a
         eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
         link/ether 00:50:56:bd:5a:0f brd ff:ff:ff:ff:ff:ff
         inet 172.16.0.66/24 brd 172.16.0.255 scope global eth0
         valid_lft forever preferred_lft forever
         inet 172.16.0.65/32 scope global eth0:1<<<<<<<<<<<<<<<<<<<<<<Cluster IP
      
      
  2. Access OpenStack Horizon CLI.

    a) List the Network
    neutron net-list — This indicates the configured requisite networks.

    
     root@openstack-mitaka:/root# neutron net-list
     +--------------------------------------+---------------+------------------------------------------------------+
     | id                                   | name          | subnets                                              |
     +--------------------------------------+---------------+------------------------------------------------------+
     | 10a514a3-d843-499d-80fd-28274d4a4912 | webserver-net | 3ebfb2ef-9b47-44f7-9da5-5245e1d0ed53 192.168.10.0/24 |
     | 5dd0b1cb-ebba-4ff9-84fd-74dcf13c7f86 | client-net    | a9a00d61-6ee8-4fac-80df-4e0bb8c8b4f3 192.168.11.0/24 |
     | c1c045f5-2d0f-43e3-ab43-55f990cde9b7 | provider1     | 1b65c0da-38c7-4c85-88a9-30c52c6a4558 10.130.128.0/18 |
     | dd9dab27-9228-4765-96f2-d56194136ba0 | avimgmt       | 5785c1cf-a222-4b0a-9343-003153f37a65 172.16.0.0/24   |
     +--------------------------------------+---------------+------------------------------------------------------+
     
     

    b) Create a floating IP
    neutron floatingip-create provider1provider1 is the network used.

    
     root@openstack-mitaka:/root# neutron floatingip-create provider1
     
     

    New floating IP is created.

    
     +---------------------+--------------------------------------+
     | Field               | Value                                |
     +---------------------+--------------------------------------+
     | description         |                                      |
     | fixed_ip_address    |                                      |
     | floating_ip_address | 10.130.170.86                        |
     | floating_network_id | c1c045f5-2d0f-43e3-ab43-55f990cde9b7 |
     | id                  | 4ec57a12-7357-461a-80f6-d87ae7536335 |
     | port_id             |                                      |
     | router_id           |                                      |
     | status              | DOWN                                 |
     | tenant_id           | 904fb201a92f443297bffca3b354d52d     |
     +---------------------+--------------------------------------+
     
     

    c) Get the port-id for cluster IP.

    
     root@openstack-mitaka:/root# neutron port-list | grep 172.16.0.65
     | 95665123-64a4-453a-abde-70fdb3d2ae2a | AviClusterIp:cluster-02d33104-1f0f-46fa-9afd-15592d76dec4:cloud-b47ca58b-0224-42ee-b733-18e184cf2c27   | fa:16:3e:52:81:06 | {"subnet_id": "5785c1cf-a222-4b0a-9343-003153f37a65", "ip_address": "172.16.0.65"}|
     
     

    d) Associate the cluster IP with the floating IP.
    Using the port-id from the command above (95665123-64a4-453a-abde-70fdb3d2ae2a in this case), associate it with the floating IP created in step b.

    
     root@openstack-mitaka:/root# neutron floatingip-associate 4ec57a12-7357-461a-80f6-d87ae7536335 95665123-64a4-453a-abde-70fdb3d2ae2a
     
     
    
      +---------------------+--------------------------------------+
      | Field               | Value                                |
      +---------------------+--------------------------------------+
      | description         |                                      |
      | fixed_ip_address    | 172.16.0.65                          |
      | floating_ip_address | 10.130.170.86                        |
      | floating_network_id | c1c045f5-2d0f-43e3-ab43-55f990cde9b7 |
      | id                  | 4ec57a12-7357-461a-80f6-d87ae7536335 |
      | port_id             | 95665123-64a4-453a-abde-70fdb3d2ae2a |
      | router_id           | 2d3b93a2-7804-4841-90c4-be15b148d099 |
      | status              | ACTIVE                               |
      | tenant_id           | 904fb201a92f443297bffca3b354d52d     |
      +---------------------+--------------------------------------+
     
     

    Note:

    1. For OpenStack No-Access cloud type, the AAP entries need to be configured manually using the following command. An example is shown in the code block below.
      
       root@openstack-mitaka:/root# neutron port-update Controller_Port --allowed-address-pairs type=dict list=true ip_address=cluster_ip,mac_address=cluster_mac
       
       
      
       root@openstack-mitaka:/root# neutron port-update 134 --allowed-address-pairs type=dict list=true ip_address=172.16.0.133,mac_address=fa:16:3e:47:6b:70
       root@openstack-mitaka:/root# neutron port-show d0bf0bda-02e2-46bf-abd2-0d05cc4654df    
       +-------------------------------+----------------------------------------------------------------------------------------+
            | Field                    | Value                                                                                  |
            +--------------------------+----------------------------------------------------------------------------------------+
            | admin_state_up           |   True                                                                                 |
            | allowed_address_pairs    |   {"ip_address": "172.16.0.131", "mac_address": "fa:16:3e:47:6b:70"}                   |
            | binding:host_id          |   openstack-mitaka                                                                     |
            | binding:profile          |   {}                                                                                   |
            | binding:vif_details      |   {"port_filter": true}                                                                |
            | binding:vif_type         |   bridge                                                                               |
            | binding:vnic_type        |   normal                                                                               |
            | created_at               |   2018-01-12T13:58:02                                                                  |
            | description              |                                                                                        |
            | device_id                |   2adedfc3-75d6-4296-ad18-bfc38873485c                                                 |
            | device_owner             |   compute:nova                                                                         |
            | extra_dhcp_opts          |                                                                                        |
            | fixed_ips                |   {"subnet_id": "5785c1cf-a222-4b0a-9343-003153f37a65", "ip_address": "172.16.0.133"}  |
            | id                       |   d0bf0bda-02e2-46bf-abd2-0d05cc4654df                                                 |
            | mac_address              |   fa:16:3e:47:6b:70                                                                    |
            | name                     |                                                                                        |
            | network_id               |   dd9dab27-9228-4765-96f2-d56194136ba0                                                 |
            | port_security_enabled    |   True                                                                                 |
            | security_groups          |   3cc1092e-538c-4ff7-b4ac-eeff84731f75                                                 |
            | status                   |   ACTIVE                                                                               |
            | tenant_id                |   904fb201a92f443297bffca3b354d52d                                                     |
            | updated_at               |   2018-01-12T14:19:06                                                                  |
             
            +--------------------------+----------------------------------------------------------------------------------------+
              
      
      
    2. Create the neutron port for the VIP by using the following command.

      
              root@openstack-mitaka:/root# neutron port-create "neutron_network_name" --allowed-address-pairs type=dict list=true mac_address="controller_mac1",ip_address="controller_ip1" mac_address="controller_mac2",ip_address="controller_ip2" mac_address="controller_mac3",ip_address="controller_ip3" --fixed-ip ip_address="cluster_ip" --tenant-id "tenant_uuid"
          
          
      
         root@openstack-mitaka:/root# neutron port-create "avimgmt" --allowed-address-pairs type=dict list=true mac_address="fa:16:3e:52:81:03",ip_address="172.16.0.63" mac_address="fa:16:3e:52:81:04",ip_address="172.16.0.64" mac_address="fa:16:3e:52:81:06",ip_address="172.16.0.66" --fixed-ip ip_address="172.16.0.65" --tenant-id "904fb201a92f443297bffca3b354d52d"
         
         

    e) When the leader Controller fails (or reboots), a follower Controller will take over the cluster IP (in this case 172.16.0.65), and the mapping between floating IP (10.130.170.86) and cluster IP (172.16.0.65) will not change. Therefore, without intervention, the floating IP and cluster IP association will work as expected.