7.10. Validate the OpenStack Networking Installation

To begin using OpenStack Networking it is necessary to deploy networking components to compute nodes. Initial networks and routers must also be defined. It is however possible to perform basic sanity checking of the OpenStack Networking deployment by following the steps outline in this procedure.

Procedure 7.19. Validating the OpenStack Networking installation

  1. All Nodes

    1. Verify that the customized Red Hat Enterprise Linux kernel intended for use with Red Hat Enterprise Linux OpenStack Platform is running: 
      $ uname --kernel-release
2.6.32-358.6.2.openstack.el6.x86_64
      If the kernel release value returned does not contain the string openstack then update the kernel and reboot the system.
    2. Ensure that the installed IP utilities support network namespaces: 
      $ ip netns
      If an error indicating that the argument is not recognised or supported is returned then update the system using yum.

  2. Service Nodes

    1. Ensure that the neutron-server service is running: 
      $ openstack-status | grep neutron-server
neutron-server:                         active

  3. Network Nodes

    Ensure that the following services are running:
    • DHCP agent (neutron-dhcp-agent)
    • L3 agent (neutron-l3-agent)
    • Plug-in agent, if applicable (neutron-openvswitch-agent or neutron-linuxbridge-agent)
    • Metadata agent (neutron-metadata-agent)
    To do so, run: 
    # openstack-status | grep SERVICENAME
    Replace SERVICENAME with the appropriate service name. For example, to check whether the L3 agent is running: 
    # openstack-status | grep neutron-l3-agent
All required services on the service and network nodes are operational. Proceed to deploy some compute nodes, define networks, and define routers to begin using OpenStack Networking.

7.10.1. Troubleshoot OpenStack Networking Issues

This section discusses the different commands you can use and procedures you can follow to troubleshoot the OpenStack Networking service issues.
Debugging Networking Device
  • Use the ip a command to display all the physical and virtual devices.
  • Use the ovs-vsctl show command to display the interfaces and bridges in a virtual switch.
  • Use the ovs-dpctl show command to show datapaths on the switch.
Tracking Networking Packets
  • Use the tcpdump command to see where packets are not getting through. 
    # tcpdump -n -i INTERFACE -e -w FILENAME
    Replace INTERFACE with the name of the network interface to see where the packets are not getting through. The interface name can be the name of the bridge or host Ethernet device.
    The -e flag ensures that the link-level header is dumped (in which the vlan tag will appear).
    The -w flag is optional. You can use it only if you want to write the output to a file. If not, the output is written to the standard output (stdout).
    For more information about tcpdump, refer to its manual page by running man tcpdump.
  • Use the iptables command to check the iptables rules.
  • Use the firewall-cmd command to check the firewalld rules.
Debugging Network Namespaces
  • Use the ip netns list command to list all known network namespaces.
  • Use the ip netns exec command to show routing tables inside specific namespaces. 
    # ip netns exec NAMESPACE_ID bash
# route -n
    Start the ip netns exec command in a bash shell so that subsequent commands can be invoked without the ip netns exec command.