| door1121 | I am trying to deploy ovn network driver with flat and vlan configuration support. I have already running cluster with both running, but the current configuration is not clear from the doc, I can map to same device as I am getting 'vlan:br-vlan' not unique' error So How do i configure it . | 05:49 |
|---|---|---|
| door1121 | My old cluster is running linuxbridge | 05:50 |
| noonedeadpunk | hey | 06:50 |
| noonedeadpunk | yes, in OVN you can not re-use same bridge like you can in linuxbridge | 06:51 |
| noonedeadpunk | door1121: but eventually - do you *really* need to have flat network? as I guess in LXB then your "flat" network was just another vlan? | 06:53 |
| door1121 | Well I use flat network for normal vms and vlan segments for kubernetes clusters running on vms, which I attach directly flat network using as floating ip | 06:56 |
| door1121 | https://pastebin.com/cv81J6vj this is the flat network definition , was working | 07:01 |
| door1121 | linux bridge we used to attach dummy interface with veth peer which is not working with ovn unfortunately | 07:02 |
| noonedeadpunk | So what we did - is just use VLANs, as flat network for us was just another tag | 07:11 |
| noonedeadpunk | but then you need to create a different bridge, say br-physnet or smth for flat network | 07:11 |
| door1121 | Hmm thats what i am trying but then again I used to pass my traffic on same interface say bond0 and define routes in l3 switch can i map to same interface think thats not possile right | 07:21 |
| noonedeadpunk | no. not really... so you have flat network as untag on bond0? | 07:26 |
| door1121 | noonedeadpunk: No the flat is created as trunk in switch and other vlan segments are allowed | 08:03 |
| noonedeadpunk | but why you want to have it as flat then? | 08:15 |
| noonedeadpunk | except for historical purpuse | 08:15 |
| noonedeadpunk | as if it's a vlan on the same physical interface as vlan network | 08:15 |
| noonedeadpunk | as you don't have to have flat network in your neutron | 08:15 |
| noonedeadpunk | you can just use a vlan one for public access | 08:16 |
| noonedeadpunk | for neutron it doesn't matter what network you will mark as shared/external | 08:16 |
| door1121 | Well then I have to change the architecture, in that case i believe i can create multiple external networks right? | 08:21 |
| door1121 | with different tags | 08:21 |
| noonedeadpunk | you can do that today anyway | 08:22 |
| noonedeadpunk | as external network is basically what you will set as "external" in Neutron RBAC | 08:23 |
| noonedeadpunk | that works with LXB as well | 08:23 |
| noonedeadpunk | so any vlan tag can be used for external network connectivity regardless | 08:23 |
| noonedeadpunk | (if you have vlan enabled today, which sounds like you do) | 08:24 |
| noonedeadpunk | but well, OVN will change architecture in a way regardless, won't it? | 08:24 |
| door1121 | Ah yes I have run the playbooks again thats the only issue here will try thanks for the help | 08:25 |
| door1121 | Ah yes I have to run the playbooks again thats the only issue here will try thanks for the help | 08:25 |
| noonedeadpunk | but well, I think having another bridge for flat should work kinda... | 08:25 |
| noonedeadpunk | have you seen this doc? https://docs.openstack.org/openstack-ansible-os_neutron/latest/app-ovn.html#openstack-ansible-user-variables | 08:26 |
| noonedeadpunk | but yeah, it's also using 2 different physical interfaces underneath... | 08:27 |
| noonedeadpunk | but if you're doing veth pairs, you can likely trick it.... | 08:27 |
| noonedeadpunk | though I still think it's complicated for no reason, if these are still are all tagged vlans... | 08:28 |
| jrosser | good morning | 08:30 |
| door1121 | noonedeadpunk: hmm i saw the doc but as you said two different interface i dont have that at the current setup thats the issue | 08:31 |
| door1121 | Anyway i will convert flat network to tagged as well i think its better for future. I can use different network segments too, thanks for the advice | 08:33 |
| jrosser | noonedeadpunk: if you or damiandabrowski have time to make a ansible 2.17.1 / ceph-ansible 8.0 AIO - i don't see really what is wrong there yet | 08:37 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible master: Update pip/wheel/setuptools/uwsgi versions to latest https://review.opendev.org/c/openstack/openstack-ansible/+/922376 | 08:49 |
| damiandabrowski | hi! | 09:04 |
| damiandabrowski | jrosser: ok, I'll spin up AIO environment in a moment and try to find out what's going on | 09:05 |
| jrosser | damiandabrowski: that would be great thanks | 09:06 |
| jrosser | looks also like some large changes in mariadb 11.4 | 10:47 |
| jrosser | the client binary is now `mariadb` rather than `mysql` and the tls setup is somehow different as well | 10:47 |
| jrosser | (on by default right form the start i think) | 10:47 |
| noonedeadpunk | yeah | 10:48 |
| noonedeadpunk | well `Got the following error when executing the 'mysql' command line client` looks like either bug, or there still should be `mysql` somewhere.... | 10:49 |
| noonedeadpunk | https://zuul.opendev.org/t/openstack/build/95c044e952124a14acc86e4ee2c662f0/log/logs/openstack/aio1-galera-container-de892dda/mariadb.service.journal-17-36-23.log.txt#145-147 | 10:50 |
| damiandabrowski | jrosser: I faced an issue during setup-hosts.yml, did you have it as well? I wonder if it's somehow related the ansible-core==2.17.1: https://paste.openstack.org/show/bVj6mDR11jjxHtHxTUoj/ | 11:04 |
| jrosser | damiandabrowski: do you have this? https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/921837 | 11:05 |
| jrosser | the dependancies are all here (some merged already i think) https://review.opendev.org/c/openstack/openstack-ansible/+/921735 | 11:07 |
| noonedeadpunk | we need to switch to master this https://opendev.org/openstack/openstack-ansible/src/branch/master/ansible-collection-requirements.yml#L14 | 11:07 |
| noonedeadpunk | also - ceph-ansible backported and merge ceph-nfs role, so we can revert this: https://review.opendev.org/c/openstack/openstack-ansible/+/921976 | 11:08 |
| noonedeadpunk | or at least partially | 11:08 |
| noonedeadpunk | sorry, this https://review.opendev.org/c/openstack/openstack-ansible/+/921931/1 | 11:08 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible master: Switch to ceph-ansible stable-8.0 https://review.opendev.org/c/openstack/openstack-ansible/+/921976 | 11:09 |
| jrosser | ah we didnt merge anything yet there so can just restack the patches a bit | 11:09 |
| damiandabrowski | jrosser: ouh, i wasn't aware of this. It solved my issue, thanks! | 11:09 |
| noonedeadpunk | yeah, just realized that as well :) | 11:09 |
| noonedeadpunk | jrosser: there's a bug report for capi: https://bugs.launchpad.net/openstack-ansible/+bug/2070281 | 13:50 |
| noonedeadpunk | so if you could check on that - would be very nice | 13:50 |
| jrosser | oh well i have only ever tested this on ubuntu, so quite likley there is some brokenness | 13:52 |
| damiandabrowski | jrosser: I was able to reproduce the issue on my AIO. I didn't find the root cause yet but I'll continue investigation during the evening | 14:32 |
| opendevreview | Bjoern Teipel proposed openstack/openstack-ansible-os_keystone stable/2023.2: Remove X-Forwarded-Proto header in apache https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/922639 | 15:51 |
| opendevreview | Bjoern Teipel proposed openstack/openstack-ansible-os_keystone stable/2023.1: Remove X-Forwarded-Proto header in apache https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/922640 | 15:52 |
| opendevreview | Bjoern Teipel proposed openstack/openstack-ansible-os_keystone unmaintained/zed: Remove X-Forwarded-Proto header in apache https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/922642 | 16:05 |
| opendevreview | Merged openstack/openstack-ansible-os_keystone stable/2024.1: Remove X-Forwarded-Proto header in apache https://review.opendev.org/c/openstack/openstack-ansible-os_keystone/+/922552 | 17:43 |
| damiandabrowski | jrosser: I got radosgw working on my AIO after renaming `[client.rgw.aio1.rgw0]` section to `[client.rgw.default.aio1.rgw0]`in ceph.conf | 22:08 |
| damiandabrowski | but I'm not sure what is the proper name for this section and what exactly has changed in ceph, ceph-ansible or ansible-core | 22:08 |
| jrosser | damiandabrowski: how did you find that :) | 22:09 |
| damiandabrowski | I'm not 100% if it's the only change needed because I applied a lot of customizations in my AIO in a meanwhile | 22:09 |
| damiandabrowski | tomorrow I'll try to do the same on a fresh AIO and try to dig deeper | 22:09 |
| jrosser | i could see that they keystone auth config was there just like before but it did not seem to have any effect | 22:09 |
| jrosser | there is a new thing in ceph-ansible that inserts config with the centralised config store, rather than exclusively the ceph.conf files | 22:10 |
| damiandabrowski | https://paste.openstack.org/show/bQwUXkkVPKOi38SXkB0Y/ | 22:11 |
| jrosser | i did wonder if the behaviour inside ceph changes once you start to use that method also | 22:11 |
| damiandabrowski | I noticed entries for client.rgw.default.aio1.rgw0 there and I noticed that i don't have it in my ceph.conf so I decided to try what happens if I change that | 22:11 |
| damiandabrowski | and somehow it started working :D | 22:11 |
| jrosser | ah yes i also say that | 22:11 |
| jrosser | *saw | 22:11 |
| jrosser | but good catch that it's not matching ceph.conf | 22:12 |
| damiandabrowski | I'll try to provide more information tomorrow | 22:13 |
| damiandabrowski | now it's time to get some sleep :D take care! | 22:13 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!