| opendevreview | Merged openstack/openstack-ansible stable/wallaby: Fix permissions for files created on repo server https://review.opendev.org/c/openstack/openstack-ansible/+/804711 | 01:56 |
|---|---|---|
| depasquale | ciao guys | 15:28 |
| depasquale | I finally managed to install a complete stable/wallaby on my lab (3 compute+2 compute+3 ceph) | 15:29 |
| depasquale | I am experiencing now issues with neutron (I am pretty sure it is) | 15:29 |
| depasquale | first I was able to instantiate a VM (cirros) but no IP was assigned neither for provider (flat) or private net (vxlan) | 15:30 |
| depasquale | now I am facing a generic: Error: "Exceeded maximum number of retries. Exhausted all hosts available for retrying build failures for instance..:" | 15:31 |
| depasquale | can someone help me to understand the provider (flat) network configuration in openstack-ansible? | 15:32 |
| depasquale | I am pretty sure I am wrong for small configs... here my config -> https://paste.opendev.org/show/808230/ | 15:35 |
| depasquale | NOTE: there is an error in paste... the real file is from line 1 to line 228... I think the problem is somewhere from line 65-87 | 15:38 |
| noonedeadpunk | depasquale: `net_name: "physnet1"` - should be real interface on the computes | 15:47 |
| noonedeadpunk | oh, sorry, `host_bind_override: "provider0"` ofc | 15:47 |
| depasquale | ciao thanks for the reply | 15:48 |
| depasquale | I had renamed the NIC of all the machines to have "provider0" in netplan | 15:48 |
| noonedeadpunk | aha | 15:49 |
| depasquale | so that I do not have to organize too much groups in the configuration | 15:49 |
| depasquale | physnet1 is coming from the official doc example here https://docs.openstack.org/openstack-ansible/wallaby/user/prod/provnet_groups.html | 15:49 |
| noonedeadpunk | ok, but iirc in neutron then you should have network with type flat and provider-physical-network=physnet1 ? | 15:51 |
| noonedeadpunk | also - you setup lxb, ovs, ovn? | 15:52 |
| depasquale | this is as ml2_config.ini looks like in my deploy (/etc/neutron/plugin/ml2/ml2_conf.ini) https://paste.opendev.org/show/808231/ | 15:52 |
| depasquale | I used the default config | 15:52 |
| noonedeadpunk | This looks correct as long as provider-physical-network=physnet1 for the flat network in neutron | 15:52 |
| noonedeadpunk | then it's lxb | 15:53 |
| depasquale | for sure I have removed from conf.d ovn config | 15:53 |
| depasquale | yes | 15:53 |
| noonedeadpunk | and how networks are created? can you share openstack network show output? | 15:53 |
| depasquale | wait wait there is an error in the file pasted | 15:53 |
| depasquale | [ml2_type_vlan] network_vlan_ranges = physnet1:101:200,physnet1:301:400 # ML2 VXLAN networks | 15:54 |
| depasquale | line 13 was wrong | 15:54 |
| noonedeadpunk | well, looks like multiple vlan ranges... | 15:54 |
| depasquale | if I have physnet1:provider0:<ranges> neutron fails | 15:55 |
| noonedeadpunk | yeah, fair point | 15:56 |
| depasquale | what a mess... I do not understand why it is like this... | 15:57 |
| depasquale | in your opinion the openstack_user_config.yml (first link pasted) is correct in lines 65-87? | 15:58 |
| noonedeadpunk | So I have smth like that in my sandbox https://paste.opendev.org/show/808232/ | 15:58 |
| noonedeadpunk | oh, wait | 15:59 |
| depasquale | can I ask you to share the netplan configuration? | 15:59 |
| noonedeadpunk | you can;'t have flat and vlan on exact same physical interface | 15:59 |
| depasquale | because you have bond0 and bond0.22 and I have for both the same NIC... | 16:00 |
| depasquale | oooook | 16:00 |
| noonedeadpunk | yeah, you can't have that | 16:00 |
| depasquale | thanks | 16:00 |
| noonedeadpunk | because neutron will try to manage that interface and will take it for bridge | 16:00 |
| noonedeadpunk | but, are you sure you really need vlan network?:) | 16:00 |
| depasquale | give me a second... I will share my netplan config so that you can give me an advice | 16:00 |
| depasquale | https://paste.opendev.org/show/808234/ | 16:02 |
| noonedeadpunk | I use old interfaces format - not netplan https://paste.opendev.org/show/808233/ | 16:02 |
| depasquale | thanks for your time | 16:02 |
| depasquale | I want to have both private networks (per project) and a provider shared network for "external" internet | 16:03 |
| noonedeadpunk | eventually, to be clear - you don't need bridges br-vxlan and br-vlan - they're used everywhere in docs more as a figure of speach and to be clear and consitent | 16:03 |
| noonedeadpunk | br-vxlan can be just a regular interface with IP address on it | 16:03 |
| depasquale | uhm... ok | 16:04 |
| noonedeadpunk | yeah, but why you need vlan?) as I used vlanonly because I wanted to bring in customer networks that are not part of the provider network | 16:04 |
| noonedeadpunk | and with br-vlan, what will neutron do - create like br-vlan.200 and add it to another bridge that also makes not that much sense | 16:05 |
| depasquale | so what you suggest for my use case? | 16:05 |
| depasquale | I am behind a router with a net 192.168.4.0/24 that has access to internet | 16:05 |
| noonedeadpunk | I'd say that you don't really need vlan networks (unless you know you need) and just use vxlan for tenant nets | 16:06 |
| depasquale | the other networks (MTU 9000) are connected to dedicated NIC and switch with no path to internet | 16:06 |
| depasquale | my undestanding is that vlan are needed in my use cases if I want to allocate floatingIp to make some NAT with the external world (SaaS apps) | 16:07 |
| noonedeadpunk | if you need vlan net and on the same physical interface - just do like me - move "flat" to tagged vlan, and use provider0 as vlan network | 16:07 |
| noonedeadpunk | you can you vxlan for that and I'd really recommend using it instead of vlan for tenant networks | 16:07 |
| depasquale | ok thanks for the advice | 16:08 |
| noonedeadpunk | because with vxlan you don;'t need to care about setiing up switches to server vlan ranges | 16:08 |
| noonedeadpunk | *serve | 16:08 |
| noonedeadpunk | and don't have that limit of amount of networks that are possible to be created | 16:08 |
| noonedeadpunk | (because you can have only 4094 vlan nets) | 16:09 |
| depasquale | right! thats why in my plan I would create just 1 provider network shared between all "projects"... but I will try your solution | 16:10 |
| depasquale | just for my understanding how you make possible for a proxy server (not on openstack) to reach a VM in openstack with vxlan? | 16:11 |
| depasquale | is an openstack config? or do I have to operate something at "controller" OS level? | 16:12 |
| noonedeadpunk | well, technically you can configure vxlan on proxy as well.... | 16:12 |
| noonedeadpunk | but dunno - maybe for your usecase vlan is what you need) | 16:12 |
| noonedeadpunk | eventually you can configure vxlan on any machine outside of the openstack until you have same physical net connected | 16:13 |
| depasquale | I was thinking about it right now :) | 16:14 |
| noonedeadpunk | but you need to keep in mind that machine when setting up dhcp pool for net because neutron won't be aware about these machines outside of the openstack | 16:14 |
| depasquale | but the first suggestion that I will considerate in my current configuration is to avoid to have two configurations on the same NIC | 16:14 |
| noonedeadpunk | yeah, totally | 16:15 |
| depasquale | yes yes my 192.168.4.0/24 net has no DHCP agents | 16:15 |
| depasquale | there is just a router/firewall and a proxy server | 16:15 |
| depasquale | ok so let's start from the topic identified | 16:16 |
| depasquale | if someone read the text before, I have reworked the network configuration and deployed the configuration again, than executed os-neutron-install on all the interested nodes... I am able to start a VM, but the VM is not getting an IP address neither from a provider (non VLAN) net and neither from a vxlan (internal project) net | 18:26 |
| depasquale | here the log for Cirros after the boot with a net type flat, shared, named "provider" https://paste.opendev.org/show/808235/ | 18:27 |
| depasquale | Starting network: udhcpc: started, v1.29.3 udhcpc: sending discover udhcpc: sending discover udhcpc: sending discover Usage: /sbin/cirros-dhcpc <up|down> udhcpc: no lease, failing FAIL | 18:28 |
| depasquale | any idea/suggestion? | 18:28 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!