Configuring the network¶
OpenStack-Ansible uses bridges to connect physical and logical network interfaces on the host to virtual network interfaces within containers. Target hosts need to be configured with the following network bridges:
| Bridge name | Best configured on | With a static IP |
|---|---|---|
| br-mgmt | On every node | Always |
| br-storage | On every storage node | When component is deployed on metal |
| On every compute node | Always | |
| br-vxlan | On every network node | When component is deployed on metal |
| On every compute node | Always | |
| br-vlan | On every network node | Never |
| On every compute node | Never |
For a detailed reference of how the host and container networking is implemented, refer to OpenStack-Ansible Reference Architecture, section Container Networking.
For use case examples, refer to User Guides.
Host network bridges information¶
LXC internal:
lxcbr0The
lxcbr0bridge is required for LXC, but OpenStack-Ansible configures it automatically. It provides external (typically Internet) connectivity to containers with dnsmasq (DHCP/DNS) + NAT.This bridge does not directly attach to any physical or logical interfaces on the host because iptables handles connectivity. It attaches to
eth0in each container.The container network that the bridge attaches to is configurable in the
openstack_user_config.ymlfile in theprovider_networksdictionary.Container management:
br-mgmtThe
br-mgmtbridge provides management of and communication between the infrastructure and OpenStack services.The bridge attaches to a physical or logical interface, typically a
bond0VLAN subinterface. It also attaches toeth1in each container.The container network interface that the bridge attaches to is configurable in the
openstack_user_config.ymlfile.Storage:
br-storageThe
br-storagebridge provides segregated access to Block Storage devices between OpenStack services and Block Storage devices.The bridge attaches to a physical or logical interface, typically a
bond0VLAN subinterface. It also attaches toeth2in each associated container.The container network interface that the bridge attaches to is configurable in the
openstack_user_config.ymlfile.OpenStack Networking tunnel:
br-vxlanThe
br-vxlanbridge is required if the environment is configured to allow projects to create virtual networks using VXLAN. It provides the interface for virtual (VXLAN) tunnel networks.The bridge attaches to a physical or logical interface, typically a
bond1VLAN subinterface. It also attaches toeth10in each associated container.The container network interface it attaches to is configurable in the
openstack_user_config.ymlfile.OpenStack Networking provider:
br-vlanThe
br-vlanbridge is provides infrastructure for VLAN tagged or flat (no VLAN tag) networks.The bridge attaches to a physical or logical interface, typically
bond1. It attaches toeth11for VLAN type networks in each associated container. It is not assigned an IP address because it handles only layer 2 connectivity.The container network interface that the bridge attaches to is configurable in the
openstack_user_config.ymlfile.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.