| f0o | this sounds like conflicting information :D | 06:33 |
|---|---|---|
| f0o | anyway I guess the first step is to get the networks moved from the fip phyiscal_network to the vlan physical_network without having to recreate it all. And that seems to be a bigger task. I hoped OVN would just be fine if the bridge interfaces remained the same but apparently not. | 07:31 |
| f0o | Gemini DeepResearch suggests to edit the ovn-bridge-mappings attribute of the chassis individually | 07:38 |
| f0o | guess I'll yolo that next | 07:39 |
| f0o | I feel like this is one part of the solution and the other being the SD DB entries that I found which reference the `fip` network | 07:52 |
| f0o | so if I change the network_name from the provnet lsp in nbctl... | 08:27 |
| f0o_ | holy moly | 09:01 |
| f0o_ | it worked | 09:01 |
| *** f0o_ is now known as f0o | 09:02 | |
| f0o | ovn-nbctl lsp-set-options provnet-89eece21-b131-4924-bb0b-0173314f89c0 network_name=vlan | 09:02 |
| f0o | it took a few sec but all flows moved over without VM reboots | 09:02 |
| f0o | so now networksegments table is updated to vlan where it was fip and the 3 networks I had on fip are manually changed to vlan in NB DB using above command | 09:04 |
| f0o | now let's try adding distributed fips | 09:06 |
| f0o | Good news, network didnt die and I see some packets on the hypervisor - Bad news, distributed fip didnt do anything, even an instance reboot didnt seem to do the trick | 09:24 |
| f0o | all traffic still seems to go onto the gateway nodes | 09:24 |
| f0o | nvmd rebooting actually _does_ the trick | 10:00 |
| f0o | OVN just does magic shit and I cant tcpdump the traffic | 10:00 |
| f0o | or maybe not.... just as I wrote it I saw the gateway nodes' CPU spike up again | 10:00 |
| f0o | I wonder if I need to release and recreate the FIPs for this to actually work... | 10:07 |
| f0o | disassociation and reassociation as well as instance shutoff+startup didnt do the trick | 10:07 |
| f0o | nope brand new fip is also just going through br-vxlan instead of going directly out of the compute node | 10:12 |
| f0o | so what's missing here? | 10:12 |
| f0o | brand new router and tenant network with test vm and test fip did also not do anything, traffic is still going through the gateway nodes | 10:43 |
| f0o | I feel like some flag somewhere might be missing again | 10:43 |
| f0o | after a bit more rabbit holing i noticed that distributed fip is not supported IF: ovn-router is set AND port_forwarding plugin is loaded AND vlan tenant networks are set in tenant_network_types. | 14:56 |
| f0o | I do not have port_forwarding service plugin but neutron, at least the ovn-sync tool, believes I do. In fact I only defined ovn-router in my ansible. Furthermore, looking at https://github.com/openstack/openstack-ansible-os_neutron/blob/master/doc/source/app-ovn.rst#openstack-ansible-user-variables adds more confusion to what tenant_network_types should be set to support | 14:58 |
| f0o | vlan external networks but geneve tenant networks | 14:58 |
| f0o | The ambiguity here is the terms neutron_ml2_drivers_type and neutron_provider_networks.network_types | 14:58 |
| f0o | looking at https://github.com/openstack/openstack-ansible-os_neutron/blob/master/templates/plugins/ml2/ml2_conf.ini.j2#L6; it seems that Provider network === Tenant Network | 14:59 |
| f0o | But Provider and Tenant are really not the same thing here... | 14:59 |
| f0o | gonna only set neutron_provider_networks.network_types to geneve now and see what happens | 15:06 |
| f0o | that didnt change anything | 15:37 |
| f0o | I've also made sure that all the LRPs have reside-on-redirect-chassis="false" set in their options; no change | 15:48 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!