Initial node preparation - noironetworks/opflex-documentation GitHub Wiki

The OpenStack nodes need to have a pointer added in their yum configuration to allow them to pull the OpFlex software from the Repo Server. Create the /etc/yum.repos.d/opflex.repo file with the following content, substituting the IP address of your Repo Server in the lines with the baseurl statement:

[opflex]

name=opflex repo

baseurl=http://<ip address>/opflex

failovermethod=priority

enabled=1

gpgcheck=0

With this configuration in place, check to see if the repo is working properly and verify there are no errors:

yum makecache

It is required to configure the network interfaces assigned to data network for the 802.1Q VLAN tagged traffic matching the Infrastructure (infra) VLAN of the ACI fabric. This interface can be configured as a Linux sub-interface in the operating system, or the tagging function can be offloaded to a virtual NIC (vNIC), if using Cisco UCS servers with Cisco VIC cards.

Note If using a Cisco VIC card, and LLDP discovery, disable the local LLDP functions on the VIC. For detailed information on configuring Cisco C-Series servers for VPC connections to ACI using Cisco VIC cards with VLAN tagging.

To use a Linux-level sub-interface for the infra VLAN, create an interface configuration file using the name of the parent physical or bond interface followed by a period and the number of the ACI infra VLAN. For example, if the parent interface was named eth1, the configuration file for the sub-interface would be /etc/sysconfig/network-scripts/ifcfg-eth1.<infra_VLAN_id>. Example contents for this configuration file are below:

PERSISTENT_DHCLIENT=1

DHCPRELEASE=1


DEVICE=eth1.<infra_VLAN_id>


ONBOOT=yes


PEERDNS=yes


NM_CONTROLLED=no


MACADDR= <MAC address of parent interface> (Optional)

TYPE=Ethernet

BOOTPROTO=dhcp

VLAN=yes

ONPARENT=yes

MTU=1600

Note that it is also required that the parent interface (in this example eth1) is configured with the MTU=1600 value. Ensure that a MAC address for the sub-interface is same as that of the parent interface. If for some reason the MAC address of the sub-interface is different from parent interface, it must be forced to be the same using the optional MACADDR= line in the above configuration file.
 In order to apply the changes, bounce the interface: Example:

ifdown eth1

ifup eth1

The network interface on the infra VLAN will request a DHCP address from APIC Infrastructure network for OpFlex communication. The server needs to have a dhclient configuration for this interface to receive all of the correct DHCP options with the lease. Create the /etc/dhcp/dhclient-<NIC_name>.<infra_VLAN_id>.conf (i.e. /etc/dhcp/dhclient-eth1.4093.conf) file with the following content:

send dhcp-client-identifier 01:<mac-address of infra VLAN interface in the format xx:xx:xx:xx:xx:xx>;

request subnet-mask, domain-name, domain-name-servers, host-name; send host-name <server-host-name>;

option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;

option ms-classless-static-routes code 249 = array of unsigned integer 8;

option wpad code 252 = string;

also request rfc3442-classless-static-routes;

also request ms-classless-static-routes;

also request static-routes;

also request wpad;

also request ntp-servers;

Example:

send dhcp-client-identifier 01:00:00:ca:fe:00:01;

request subnet-mask, domain-name, domain-name-servers, host-name;

send host-name compute01.cisco.com;

option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;

option ms-classless-static-routes code 249 = array of unsigned integer 8;

option wpad code 252 = string;

also request rfc3442-classless-static-routes;

also request ms-classless-static-routes;

also request static-routes;

also request wpad;

also request ntp-servers;

Broadcast, Unknown Unicast and Multicast (BUM) traffic sent by the instances created on the hosts will be sent through Multicast. Therefore it is required to add a multicast route to route the traffic on the infrastructure VLAN interface. This is done by creating /etc/sysconfig/network-scripts/route-<NIC_name>.<infra_VLAN_id> (i.e. /etc/sysconfig/network-scripts/route-eth1.4093) file with the following content:

ADDRESS0=224.0.0.0

NETMASK0=240.0.0.0

GATEWAY0=0.0.0.0

METRIC0=1000

To install the LLDP package, execute the following commands:

cd /etc/yum.repos.d/

yum install wget

wget http://download.opensuse.org/repositories/home:vbernat/RHEL_7/home:vbernat.repo

yum install lldpd

LLDP is used to automatically provision host links. Please keep in mind this is no longer recommended. You can skip installation of LLDP if automatic provisioning is not needed, in that case you can also skip installation of host/services agent. For details, see Manually Configure the Host vPC, on page 49. LLDP also requires host, services agents and even though auto config is not required, you may choose to still use LLDP and host/services agents for debugging the host.

service lldpd start

chkconfig lldpd on

Note: Depending on deployment requirements, it may not be needed to extend the datapath to the network/neutron server (controller or network node). For example using optimized (distributed) DHCP and metadata eliminates the requirement to extend datapath to the controller/network server. There may be other services needed, for example DNS, or Haproxy namespace LBaaS driver, that require datapath to be extended to the controller/neutron server, for this you will need to make sure neutron/network node has connectivity to the fabric (an interface connected to ACI leaf switches) and neutron-opflex-agent and agent-ovs are configured as listed below . In case this is not required the setup of OpFlex interface and agents (neutron-opflex-agent and agent-ovs) can be skipped on neutron/network servers. If you are planning to use optimized DHCP and metadata services, make sure to follow Enabling the Optimized Neutron Services, on page 31 before deploying OpenStack consider theses requirements: A network node will not be needed when deploying with ACI and OpFlex, since most of the neutron extension will be implemented in ACI and/or will be distributed on the compute nodes.