Midonet integration with OpenStack Mitaka

MidoNet is an Open Source network virtualization software for IaaS infrastructure. | It decouples your IaaS cloud from your network hardware, creating an intelligent software abstraction layer between your end hosts and your physical network. | This network abstraction layer allows the cloud operator to move what has traditionally been hardware-based network appliances into a software-based multi-tenant virtual domain.

This definition from MidoNet documentation explains what MidoNet is and what MidoNet does.

At this I will post cover my experiences integrating MidoNet with OpenStack. | I used the following configurations:

All servers have CentOS 7.2 installed

OpenStack has been previously installed from RDO packages with multinode Packstack

  • x3 NSDB nodes (Casandra and Zookeeper services)

  • x2 Gateway Nodes (Midolman Agent)

  • x1 OpenStack Controller (MidoNet Cluster)

  • x1 OpenStack compute node (Midolman Agent)

NSDB NODES

Disable SElinux

setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/sysconfig/selinux

Install OpenStack Mitaka release repository

sudo yum install -y centos-release-openstack-mitaka

Add Cassandra repository

cat <<EOF>/etc/yum.repos.d/datastax.repo
[datastax]
name = DataStax Repo for Apache Cassandra
baseurl = http://rpm.datastax.com/community
enabled = 1
gpgcheck = 1
gpgkey = https://rpm.datastax.com/rpm/repo_key
EOF

Add Midonet repository

Clean repo cache and update packages

| Zookeeper Configuration | Install Zookeeper, java and dependencies

Edit zookeeper configuration file

Add all NSDB nodes at the configuration file

Create zookeeper folder on which zookeeper will store data, change the owner to zookeeper user

Create myid file at zookeeper data folder, the ID should match with the NSDB node number, insert that number as follows:

Create java folder and create a softlink to it

Start and enable Zookeeper service

Test if zookeeper is working locally

Test if zookeeper is working at NSDB remote nodes

| Cassandra configuration | Install Java and Cassandra dependencies

Edit cassandra yaml file

| Change cluster_name to midonet | Configure seed_provider seeds to match all NSDB nodes | Configure listen_address and rpc_address to match the hostname of the self node

Edit cassandra\'s init script in order to fix a bug in the init script

Add the next two lines after #Casandra startup

Start and enable Cassandra service

Check if all NSDB nodes join the cluster

Configure OpenStack Controller Nodes (On which Neutron Server is running)

Disable SElinux

Install OpenStack Mitaka release repository

Add Midonet Repository

Clean repos cache and update the system

Create an OpenStack user for MidoNet, change the password to match your own

Add admin role at tenant services to Midonet user

Create MidoNet service at Keystone

| Clean up neutron server | Stop neutron services

Remove neutron database and recreate it again

Remove plugin.ini symbolic link to ml2_conf.ini

Remove br-tun tunnel used by neutron in all the nodes

Install MidoNet packages and remove ml2 package

Make a backup of neutron configuration file

Edit neutron configuration file

Most of the options are already configured by our older neutron configuration, change the ones who apply to match this configuration

At my deployment these are the options I had to change to configure midonet

Create midonet plugins folder

Create a file called midonet.ini

Configure midonet.ini file to match your own configuration options

Create a symbolic link from midonet.ini to plugin.ini

Sync and populate database tables with Midonet plugin

Restart nova api and neutron server services

Install midonet cluster package

Configure midonet.conf file

Add all NSDB nodes at zookeeper_hosts

Configure midonet to make use of NSDB nodes as Zookeeper and cassandra hosts

Set cassandra replication factor to 3

Grab your admin token

Configure Midonet to auth with keystone

Start and enable midonet cluster service

Install midonet CLI

Create a file at you home directory with midonet auth info

Configure Compute nodes

Disable SElinux

Install OpenStack Mitaka release repository

Add Midonet repository

Clean repos cache and update the system

Edit qemu.conf

Configure with the following options, by default all these options are commented, you can paste it all wherever you want

Restart libvirtd service

Install nova-network package

Disable Nova Network service and restart Nova compute service

Install Midolman agent and java packages

Configure midolman.conf

Add all nsdb nodes as zookeeper hosts

Configure each compute node with an appropiate flavor located at /etc/midolman/ folder, the have different hardware resources configured, use the one that better match your compute host capabilities

Configure metadata, issue the following commands only once, it will automatically populate the configuration to all midonet agents

Allow metadata trafic at iptables

Remove br-tun bridge

Start and enable midolman agent service

Gateway nodes configuration

Disable SElinux

Install OpenStack Mitaka release repository

Add Midonet repository

Clean repos cache and update the system

Install Midolman agent and java packages

Configure midolman.conf

Add all nsdb nodes as zookeeper hosts

Configure each gateway node with an appropiate flavor located at /etc/midolman/ folder, the have different hardware resources configured, use the one that better match your gateway host capabilities

Grab the metadata shared secret located at nova.conf at any of your nova nodes

Allow metadata trafic at iptables

Start and enable midolman agent service

| Configure encapsulation and register nodes | Enter to midonet CLI from a controller node

Create the tunnel zone with VXLAN encapsulation

List hosts discovered by midonet, should be all the nodes where you configured midonet agents(midolman)

Register each of the nodes at the VXLAN zone we created before

| Create Networks at Neutron | Create an external network

Create an external subnet in the network we created before, use you own IP ranges to match your environment

Create a tenant network and a subnet on it

Create a tenant router

Attach the tenant subnet interface we created before to the router

Set the external network as router gateway

Now, you can create an instance at tenant network

Ensure the instance gets IP and the metadata service is properly running

If you login to the instance through VNC you should be able to ping another instances

| Edge router configuration | Create a new router

Attach the external subnet interface to the router

Create an uplink network

Create a subnet in the uplink network

Create a port for each of the gateway nodes, interface should match with the NIC you want to use for binding the gateway nodes and a IP address for the same purposes

Attach each of the ports to the edge router

| At this point you have to decide if use border routers with BGP enabled or static routes. | Use one of the following links to configure your use case: | https://docs.midonet.org/docs/latest/operations-guide/content/bgp_uplink_configuration.html | https://docs.midonet.org/docs/latest/operations-guide/content/static_setup.html

Issues I faced during configuration of Midonet

| Midolman agent don\'t start: | It was caused because midolman-env.sh file has more RAM configured as the one of my server. | Edit the file to match your server resources

Instances doesn\'t boot with the following error:

I had to remove br-tun bridges at ovs, if not, ovs locks the device and midolman cannot create the tunnel beetwen compute nodes and gateway nodes.

| This post is my experience integrating Midonet into OpenStack, maybe some things are not correct, if you find any issue, please advise me to fix it. | Regards, Eduardo Gonzalez

PreviousOpenStack keystone zero downtime upgrade process newton to ocataNextOpenStack kolla deployment

Last updated

Was this helpful?