OpenStack Ansible with OpenVSwitch

Deploy: OpenStack-Ansible
2026-04-17T07:12:20+00:00
Deploy OpenStack 2024.2 with Open vSwitch using Ansible by cloning the repo, configuring YAML network bridges, and running setup playbooks.

OpenStack Ansible with Open vSwitch

Deploy OpenStack 2024.2 with Open vSwitch by cloning the OSA repository, configuring bridge mappings in YAML files, and running the standard setup playbooks.

Prerequisites

  • Deployment host: Ubuntu 22.04 LTS with Ansible 2.14+.
  • Target hosts: Minimum 1 Infra, 1 Compute, 1 Network node running Ubuntu 22.04 LTS.
  • Interfaces: Dedicated interfaces for Management, Tunnel, Storage, and External networks.

Step 1: Clone and Bootstrap OSA

Clone the 2024.2 branch and bootstrap the environment on the deployment host:

git clone -b 2024.2 https://opendev.org/openstack/openstack-ansible /opt/openstack-ansible
cd /opt/openstack-ansible
sudo ./scripts/bootstrap-ansible.sh

Step 2: Prepare Configuration

Copy the default configuration directory:

sudo cp -r /opt/openstack-ansible/etc/openstack_deploy /etc/openstack_deploy

Step 3: Configure OVS in user_variables.yml

Edit /etc/openstack_deploy/user_variables.yml to set the ML2 plugin to OVS and define tunnel parameters:

neutron_plugin_type: ml2
neutron_ml2_mechanism_drivers: openvswitch
neutron_ml2_type_drivers: flat,vlan,vxlan
neutron_agent_mode: dvr_snat
neutron_l2_population: true
neutron_tunnel_types: vxlan
neutron_tunnel_address: "{{ tunnel_address }}"
neutron_vxlan_default_vlan: 100
neutron_provider_networks:
  - network:
      network_type: flat
      physical_network: flat
      segment_id: 1
  - network:
      network_type: vxlan
      physical_network: vxlan
      segment_id: 1000

Step 4: Configure Host Networking in openstack_user_config.yml

Edit /etc/openstack_deploy/openstack_user_config.yml to define bridge mappings and interface bindings:

cidr_networks:
  management: 172.29.236.0/22
  tunnel: 172.29.240.0/22
  storage: 172.29.244.0/22
used_ips:
  - "172.29.236.1,172.29.236.50"
  - "172.29.240.1,172.29.240.50"
  - "172.29.244.1,172.29.244.50"
global_overrides:
  tunnel_bridge: br-tun
  management_bridge: br-mgmt
  provider_networks:
    - network:
        container_bridge: br-mgmt
        container_type: veth
        container_interface: eth1
        ip_from_q: management
        type: raw
        group_binds:
          - all_containers
          - hosts
    - network:
        container_bridge: br-vxlan
        container_type: veth
        container_interface: eth10
        ip_from_q: tunnel
        type: vxlan
        range: "1:1000"
        net_name: vxlan
        group_binds:
          - neutron_openvswitch_agent
    - network:
        container_bridge: br-provider
        container_type: veth
        container_interface: eth12
        host_bind_override: ens224
        type: flat
        net_name: flat
        group_binds:
          - neutron_openvswitch_agent

Step 5: Configure Target Host Network Bridges

On each target host, edit /etc/netplan/01-netcfg.yaml to attach physical interfaces to the required bridges:

network:
  version: 2
  ethernets:
    ens192:
      dhcp4: no
    ens224:
      dhcp4: no
    ens256:
      dhcp4: no
  bridges:
    br-mgmt:
      interfaces: [ens192]
      addresses: [172.29.236.11/22]
      routes:
        - to: default
          via: 172.29.236.1
      nameservers:
        addresses: [8.8.8.8, 8.8.4.4]
    br-tun:
      interfaces: [ens256]
      addresses: [172.29.240.11/22]
    br-provider:
      interfaces: [ens224]
      dhcp4: no

Apply the configuration:

sudo netplan apply

Step 6: Run the Playbooks

From the deployment host, execute the setup playbooks in order:

cd /opt/openstack-ansible
openstack-ansible playbooks/setup-hosts.yml
openstack-ansible playbooks/setup-infrastructure.yml
openstack-ansible playbooks/setup-openstack.yml

Step 7: Verify OVS Configuration

SSH into a compute or network node and verify the OVS topology and agent status:

sudo ovs-vsctl show
sudo ovs-ofctl dump-flows br-tun | head
openstack network agent list --column Agent_Type --column Host --column Admin_State --column Alive

Step 8: Create a Test Network

Create a VXLAN network to validate connectivity:

openstack network create --provider-network-type vxlan --provider-physical-network vxlan test-net
openstack subnet create --network test-net --subnet-range 192.168.100.0/24 test-subnet
openstack router create test-router
openstack router add subnet test-router test-subnet
openstack router set test-router --external-gateway public

Troubleshooting

  • OVS agent not starting: Verify installation with sudo ovs-vsctl --version and check logs at /var/log/neutron/openvswitch-agent.log.
  • No VXLAN tunnels: Ensure local_ip in user_variables.yml matches the tunnel interface IP and br-tun exists.
  • Deployment fails at Neutron: Validate YAML syntax in user_variables.yml and check for typos in neutron_ml2_mechanism_drivers.
  • VMs cannot reach external: Verify br-provider is bound to the correct physical interface via host_bind_override and check ARP tables.