OpenStack: Neutron (network)

CLI

# search server / VM ID by port ID
openstack port show -c device_id -f value ${PORT_ID}
 
# get port ID for OVS interface
openstack port list -c id -f value | grep $(awk '{print substr($OVS_INTERFACE,4,8)}')

Cleanup OpenvSwitch "No such device" devices

# Evacuate all VMs
# Cleanup "No such device" Open vSwitch devices
 
openstack compute service list --host compute1.example.com
openstack server list --all --host compute1.example.com
 
ssh compute1.example.com
docker exec -it openvswitch_vswitchd ovs-vsctl show | grep "No such device"
docker exec -it openvswitch_vswitchd ovs-vsctl show | tee ovs-vsctl_show.1.out
docker exec -it neutron_openvswitch_agent neutron-ovs-cleanup
docker exec -it openvswitch_vswitchd ovs-vsctl show | tee ovs-vsctl_show.2.out
 
# diff ovs-vsctl_show.1.out ovs-vsctl_show.2.out
# reboot node

Debug DHCP errors

for NODE in ctl{1..6}-dev; do
    echo ${NODE}
    ssh ${NODE} cat /var/lib/docker/volumes/kolla_logs/_data/neutron/dnsmasq.log | grep "lease not found" | awk '{print $1, $2}' | uniq -c | awk '$1 > 100 {print}'
    echo
done

API

curl -s -H "X-Auth-Token: $(openstack token issue -c id -f value)" -X GET http://neutron.service.i.example.com:9696/v2.0/routers | jq

RBAC
https://docs.openstack.org/mitaka/networking-guide/config-rbac.html
https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/quota.html
https://docs.openstack.org/ocata/admin-guide/cli-networking-advanced-quotas.html

# show rbac quota
neutron quota-show --tenant_id <PROJECT_ID> | grep rbac_policy
 
# set rbac quota to unlimited
openstack quota set --rbac-policies -1 <PROJECT_ID>