Friday, 2020-11-27

« Thursday, 2020-11-26 Index Saturday, 2020-11-28 »
*** macz_ has quit IRC00:00
*** YoursTruly has quit IRC00:10
*** tosky has quit IRC00:23
*** YoursTruly has joined #openstack-ansible00:31
YoursTruly@admin0 it took some time as I had to reinstall whole host (to clean up after last try)00:31
YoursTrulyhttp://paste.openstack.org/show/800479/00:31
*** dpaclt has quit IRC01:53
*** YoursTruly has quit IRC02:00
*** rfolco has quit IRC02:20
*** gillesMo has quit IRC02:22
*** gillesMo has joined #openstack-ansible02:23
*** cshen has quit IRC02:24
*** raukadah is now known as chandankumar04:08
nsmedsHello folks. We've been troubleshooting an issue which only affects a few OpenStack subnets, where _some_ instances in those subnets fail to ping the gateway. Today we realized it's specifically subnets that conflict with IP ranges configured on the controller network servers.04:16
nsmedse.g. 10.0.3.0/24 is the lxcbr0 network, and if a user creates that 10.0.3.0/24 subnet on OpenStack they will experience the problem.04:16
nsmedsDigging around but thought I'd check here: anyone run into something similar before? I'm hoping there is simply a setting we need to adjust.04:17
nsmedsI think it's specifically because the controller has `10.0.3.1` assigned to it, which conflicts with the subnets gateway.04:24
*** evrardjp has quit IRC05:33
*** evrardjp has joined #openstack-ansible05:33
*** sri_ has quit IRC06:33
*** shyamb has joined #openstack-ansible06:35
*** shyam89 has joined #openstack-ansible06:35
*** shyamb has quit IRC06:35
*** sri_ has joined #openstack-ansible06:36
*** shyamb has joined #openstack-ansible07:04
*** shyam89 has quit IRC07:07
*** shyamb has quit IRC07:09
*** shyamb has joined #openstack-ansible07:28
*** cshen has joined #openstack-ansible08:04
*** andrewbonney has joined #openstack-ansible08:08
*** ThiagoCMC has quit IRC08:12
*** rpittau|afk is now known as rpittau08:17
*** jbadiapa has joined #openstack-ansible08:23
admin0nsmeds, are you on a flat network ?08:25
admin0in all my cases, the controller is never a network node, its either network or compute, so i have not faced it before08:25
*** shyamb has quit IRC08:55
*** macz_ has joined #openstack-ansible09:44
*** macz_ has quit IRC09:49
*** rfolco has joined #openstack-ansible10:13
openstackgerritMerged openstack/openstack-ansible master: [doc] Mention uwsgi overrides in doc  https://review.opendev.org/c/openstack/openstack-ansible/+/76120610:27
*** shyamb has joined #openstack-ansible10:34
openstackgerritMerged openstack/openstack-ansible-os_ceilometer master: Unify deployment of ceilometer files  https://review.opendev.org/c/openstack/openstack-ansible-os_ceilometer/+/76218310:44
openstackgerritGeorgina Shippey proposed openstack/openstack-ansible-galera_server master: Use mysql user instead of root  https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/76444911:37
*** macz_ has joined #openstack-ansible11:38
*** macz_ has quit IRC11:42
*** pto_ has quit IRC11:51
*** pto has joined #openstack-ansible11:51
*** pto has joined #openstack-ansible11:52
*** shyamb has quit IRC11:55
*** tosky has joined #openstack-ansible11:57
*** rfolco is now known as rfolco|ruck13:00
*** macz_ has joined #openstack-ansible13:02
*** macz_ has quit IRC13:07
*** jbadiapa has quit IRC13:24
*** jbadiapa has joined #openstack-ansible13:35
*** tobberydberg_ has quit IRC13:53
*** tobberydberg has joined #openstack-ansible13:56
*** rfolco has joined #openstack-ansible14:00
*** rfolco|ruck has quit IRC14:01
*** pto has quit IRC14:02
*** cshen has quit IRC14:23
nsmeds@admin0 ah interesting - your network hosts are dedicated network hosts and don't run other OpenStack services? Our "network" hosts also run the RabbitMQ, Galera, Neutron Server, Memcached, Repo and Utility containers.14:45
nsmedsThe tenant network is using VXLANs.14:45
nsmedsFor the instances which fail in those subnets, we've noticed the gateway MAC is incorrect. It has the MAC of the bridge/tap interface, not of an interface in the router netns.14:47
*** rpittau is now known as rpittau|afk14:51
nsmedsWe're seeing the ARP reply that includes the wrong MAC address as well. Still digging.15:08
*** chandankumar is now known as raukadah15:08
*** ThiagoCMC has joined #openstack-ansible15:17
openstackgerritAndrew Bonney proposed openstack/openstack-ansible master: Update variables for default Zun deployments and AIO  https://review.opendev.org/c/openstack/openstack-ansible/+/76356215:24
openstackgerritAndrew Bonney proposed openstack/openstack-ansible-os_zun master: DNM: Update zun role to match current requirements  https://review.opendev.org/c/openstack/openstack-ansible-os_zun/+/76314115:26
*** rfolco is now known as rfolco|ruck15:32
*** klamath_atx has joined #openstack-ansible16:02
ThiagoCMCHey guys, how to configure: `dhcp-option-force: "26,1500"` ?16:03
ThiagoCMCI'm trying:16:03
ThiagoCMCneutron_dnsmasq_neutron_conf_overrides:16:03
ThiagoCMC  dhcp-option-force: "26,1500"16:03
ThiagoCMCNo effect16:03
ThiagoCMCAny idea?16:03
ThiagoCMCI found this option here: https://bugs.launchpad.net/openstack-ansible/+bug/1697981 - but doesn't seems to be working16:05
openstackLaunchpad bug 1697981 in openstack-ansible "Override neutron_dnsmasq_neutron_conf_overrides is broken" [Medium,Fix released] - Assigned to Jean-Philippe Evrard (jean-philippe-evrard)16:05
*** cshen has joined #openstack-ansible16:07
*** macz_ has joined #openstack-ansible16:09
*** macz_ has quit IRC16:10
*** macz_ has joined #openstack-ansible16:10
ThiagoCMCI remember that Neutron was supposed to calculate the correct MTU for my instances but, my br-vxlan has MTU = 1550 and my instances are still with 1450. Why?16:16
ThiagoCMCGonna try this: https://github.com/openstack/openstack-ansible-os_neutron/blob/master/defaults/main.yml#L12716:19
ThiagoCMCBut also found this: https://review.opendev.org/c/openstack/openstack-manuals/+/302165/4/doc/networking-guide/source/adv-config-mtu.rst#5 - so, not sure about how to make it automatic...  :-P16:22
admin0nsmeds, when you plan for growth, then the controllers or 2-3 dedicated network nodes will be point of failures .. so in my case,i always make the compute servers also network nodes16:59
admin0in that way, a failure of one will not hamper the whole network or others17:00
admin0it will only hamper some networks17:00
admin0but since dhcp and router are in HA17:00
admin0its redundant17:00
admin0ThiagoCMC, gave up on magnum already ?17:00
*** tosky has quit IRC17:04
jrosserThiagoCMC: i left this as a note to myself in my user_variables.yml about MTU http://paste.openstack.org/show/800509/17:26
jrosserdont forget to set MTU on your actual interfaces on the hosts too or it won't do what you expect17:26
jrossernsmeds: the one time i saw traffic going between interfaces it shouldn't (a different context to yours), making sure reverse path filter was enabled stopped the wierd behaviour17:29
jrosserOSA disables RPF by default but imho that should not be necessary and we made this patch to allow it to be controlled https://review.opendev.org/c/openstack/openstack-ansible-openstack_hosts/+/75126517:30
ThiagoCMCadmin0, no, I didn't! But I got extra NIC cards yesterday, for Ceph Public, and I had to reconfigure my deployment, now, I double checking all the MTUs.17:42
ThiagoCMCjrosser, awesome! Thank you! I'll give it a try now.17:43
jrosseryou’ll need to adjust “provider” as that’s the network name17:44
ThiagoCMCThe option: "dhcp-option-force=26,1500" inside of `/etc/neutron/dnsmasq-neutron.conf` had no effect.17:44
jrosserlook at the interfaces that get created on the compute node17:45
jrosserip a with whatever the flag is for extra detail17:45
jrosseruntil you get those != 1450 no amount of messing with dhcp will help17:45
ThiagoCMCHmm... I see. The `br-vxlan` is 1550 but, the Linux `vxlan-XXX` are still being created with 1450.17:46
ThiagoCMCI thought that Neutron was inheriting the MTU from the br-vxlan automatically.17:47
ThiagoCMCGonna check your notes now.17:47
ThiagoCMCjrosser, what's the "provider" here: `ml2_conf.ini: [DEFAULT] - physical_network_mtus = provider:1500`, the `br-vxlan`?17:52
jrosserthats the name of the network17:52
jrosserin OSA there is too much name=vxlan type=vxlan which ends up with those things being vxlan:vxlan17:53
jrosserand i just can't deal with the level of confusion that creates17:53
ThiagoCMCLike this:17:53
ThiagoCMCneutron_provider_networks:17:53
ThiagoCMC  network_mappings: "vlan:br-vlan,vxlan:br-vxlan"17:53
ThiagoCMC?17:53
jrosseryes so thats name:vlan17:54
ThiagoCMCSo, the name would be "vxlan"...17:54
ThiagoCMCok17:54
ThiagoCMCThanks!17:54
jrosseri think so for a stock config17:54
ThiagoCMCit worth to mention that this must be the default somewhere, since I don't even have that configured!  lol17:54
ThiagoCMCAnd from what I remember, the "vlan:XXX" doesn't have to be a bridge, like "br-vlan", it should work with the plain network device as well...17:55
ThiagoCMCI used to have just "vlan:eth4"17:56
jrossersure, I guess it’s sort of historical and also to support the AIO config17:57
ThiagoCMCCool17:57
ThiagoCMCIsn't it better to configure the br-vxlan MTU to 1554, instead of 1550? Isn't the VXLAN overhead +54 ?18:01
ThiagoCMCMaybe even to 1574 for IPv6?18:02
openstackgerritGeorgina Shippey proposed openstack/openstack-ansible-galera_server master: Use mysql user instead of root  https://review.opendev.org/c/openstack/openstack-ansible-galera_server/+/76444918:16
*** jbadiapa has quit IRC18:21
ThiagoCMCjrosser, any idea why this error happened: http://paste.openstack.org/show/800511/ ?18:45
ThiagoCMCThe "br-mgmt" have nothing to do with the VXLAN networks!   O_O18:46
*** CeeMac has quit IRC18:55
jrosserThiagoCMC: i would say you are inadvertently using br-mgmt for your vxlan traffic18:55
jrossercheck the neturon plugin config file to see what got put in there18:56
ThiagoCMCYou're right! I'm so glad that I came down to this to double check! The `plugins/ml2/linuxbridge_agent.ini` has its local_ip from the br-mgmt! How this happened? lol18:57
ThiagoCMC:-O18:57
ThiagoCMCMy `openstack_user_config.yml` doesn't have that "unused" block under `provider_networks:`, related to the "br-vxlan". I'm guessing that's why! Since the linuxbridge-agent doesn't run in a container anymore, I removed that block!19:00
jrosserbe-mgmt is the last ditch fallback for selecting the ip to use for the vtep19:00
ThiagoCMCO_O19:00
jrosserit’s automagic otherwise, or you can add local_ip (I’m guessing here...) to the neutron config to set it yourself19:01
* jrosser not at computer to check19:01
ThiagoCMCOk, thanks!19:01
*** tosky has joined #openstack-ansible19:03
*** cshen has quit IRC19:34
ThiagoCMCjrosser, the linuxbridge agent local_ip is finally correct! I had to bring back this: http://paste.openstack.org/show/800512/19:41
ThiagoCMCIt feels weird to use this block of code for services that are "bare metal"...19:42
ThiagoCMCI mean, the provider_networks under global_overrides...19:42
jrosserwell provider_networks rather confusingly does several things19:44
jrosserit wires containers to bridges19:44
ThiagoCMCCool, learned the hardway!  LOL19:44
jrosserbut also it determines what the neutron physical network mappings are19:44
jrosserthis is what tripped you up https://github.com/openstack/openstack-ansible/blob/master/playbooks/common-playbooks/neutron.yml#L47-L5219:44
ThiagoCMCHmmm19:45
jrosserand specifically this https://github.com/openstack/openstack-ansible/blob/master/playbooks/common-tasks/dynamic-address-fact.yml#L2019:48
jrosserwhich falls back to ansible_host19:48
ThiagoCMCHmmm... Maybe it should not be called "container_networks.*"...  :-P19:49
*** cshen has joined #openstack-ansible19:49
ThiagoCMCNot sure though... lol19:50
openstackgerritMerged openstack/openstack-ansible-os_barbican master: Clean up barbican.conf  https://review.opendev.org/c/openstack/openstack-ansible-os_barbican/+/75908419:59
openstackgerritMerged openstack/openstack-ansible-os_barbican master: Allow multibackend support for Barbican  https://review.opendev.org/c/openstack/openstack-ansible-os_barbican/+/76269119:59
*** mugsie has quit IRC19:59
openstackgerritMerged openstack/openstack-ansible-os_barbican master: Add deployment of the external libraries  https://review.opendev.org/c/openstack/openstack-ansible-os_barbican/+/76284219:59
*** mugsie has joined #openstack-ansible20:01
ThiagoCMCMy Neutron setup is still in bad shape...   ;-(20:27
ThiagoCMCGonna have fun this weekend!  LOL20:27
*** andrewbonney has quit IRC20:38
*** rfolco|ruck has quit IRC21:04
*** skelly has quit IRC21:23
*** raukadah has quit IRC21:24
*** NewJorg has quit IRC21:25
*** NewJorg has joined #openstack-ansible21:25
*** redrobot has quit IRC21:27
*** fanfi has joined #openstack-ansible21:43
*** macz_ has quit IRC22:03
*** yann-kaelig has joined #openstack-ansible23:05
*** cshen has quit IRC23:10
fanfihello, is there anyone who can help me please. I would like to install os-octavia but i am failed on this error: https://pastebin.com/rpRj8CWN23:39
fanfionly one node have the issue23:40
*** tosky has quit IRC23:42
« Thursday, 2020-11-26 Index Saturday, 2020-11-28 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!