Thursday, 2025-04-17

« Wednesday, 2025-04-16 Index Friday, 2025-04-18 »
user0801Hi I am trying to deploy ovn networking with tag 28.0.0 on debian 12 installation completed without any issue but I am not able to get network inside vm . vm to vm communication is working fine but my external traffic not working 03:39
user0801https://pastebin.com/wiGbMacq03:39
user0801My ovs-system interface and br-int all down in all compute nodes services not showing any errors at all 03:40
user0801the bond0 network has multiple vlans created with interfaces file and it is also showing as ovs-system I done get it03:41
user0801Name floating_network ID 9cae0601-17e4-461b-bcf7-9743c57118eb Project ID 3d2f3534887b498e8f264713fb5e19a4 Status Active Admin State UP Shared Yes External Network Yes MTU 1500 Provider Network Network Type: vlan Physical Network: vlan Segmentation ID: 803:49
user0801This is the flating network conf03:50
user0801This is the floating network conf03:50
opendevreviewOpenStack Proposal Bot proposed openstack/openstack-ansible master: Imported Translations from Zanata  https://review.opendev.org/c/openstack/openstack-ansible/+/94730404:08
noonedeadpunkmornings07:26
noonedeadpunkuser0801: hey, let me read back...07:26
noonedeadpunk> ovs-system interface and br-int all down in all compute nodes - so that is fine, OVS bridge interfaces do not need to be up 07:27
noonedeadpunkbond0 though needs to be UP IIRC07:27
noonedeadpunkuser0801: one thing though, is that you usually need `network-infra_hosts: *infrastructure_hosts`, not `network_hosts: *infrastructure_hosts`07:30
noonedeadpunkI'm not sure if it affects anything or not though07:30
user0801:noonedeadpunk thanks for the reply actually the issue resolved now but I am not able to understand the packet flow, is it going via controller nodes only , i thought compute bridges are also working07:33
user0801our issue was switch config related as switch was dropping tagged network07:33
noonedeadpunkso it depends... eventually, external traffic should be going only through network-gateway_hosts07:34
noonedeadpunkalso routers should be pinned also only to hosts in this group07:34
user0801So the ovs bridges status doesnt matter hmm thats new for me07:35
noonedeadpunkbut then it also depends on `neutron_ovn_distributed_fip` variable, which is false by default07:35
noonedeadpunkit does not on kernel level, as ovs has a lower level access to interfaces07:35
user0801Yes I disabled it also so from the doc if I enable it compute nodes will communicate outside directly07:36
noonedeadpunkso you need to care only about state of interfaces attacxhed to the bridge07:36
noonedeadpunkyes, but they still will with your setup?07:36
noonedeadpunkas `network-gateway_hosts: *compute_hosts`07:36
noonedeadpunkso external connection is performed from computes right now07:36
user0801Hmm so whats the diff with DVR07:37
noonedeadpunkum, that ovn has proper implementation of DVR?:)07:37
noonedeadpunkmaybe you can tell me what you want and I can help how to do that?)07:38
noonedeadpunkas right now I'm just saying what is configured, but don't really understand what the need is07:38
user0801https://docs.openstack.org/openstack-ansible-os_neutron/latest/app-ovn.html this is the only doc i could find 07:38
user0801No issues i was just asking to clear things 07:39
noonedeadpunkaha07:39
user0801Thanks for the help :)07:39
noonedeadpunkok, so right now with `neutron_ovn_distributed_fip: false` and  `network-gateway_hosts: *compute_hosts` you get the behavior, that external traffic will be going between computes to reach the world07:39
noonedeadpunkwith setting neutron_ovn_distributed_fip: true FIPs will be served directly from the compute where VM is running07:40
noonedeadpunkso no parasite traffic07:40
user0801ohk great07:40
noonedeadpunkbut if you wanna have a dedicated gateway nodes, preventing of adding vlan to all computes, neutron_ovn_distributed_fip: true is getting weird07:41
noonedeadpunkbut, default src_nat for the router will still happen where router is pinned07:41
opendevreviewMerged openstack/openstack-ansible master: Imported Translations from Zanata  https://review.opendev.org/c/openstack/openstack-ansible/+/94730407:47
derekokeeffe85 morning all, so still having the issue with neutron. I was getting no mechanism driver ovn error so I did this "sudo apt install ovn-host ovn-central" that seemed to resolve that error but now I get this in the neutron container "ERROR neutron Stderr: 'ovsdb-client: failed to connect to "tcp:127.0.0.1:6641" (Connection refused)\n'"" I can't telnet to that on localhost or from the controller to the container on that port. sudo systemctl 08:17
derekokeeffe85status ovsdb-server = active (running) no errors08:17
noonedeadpunkderekokeeffe: sorry, a bit -ENOTIME today :(09:55
noonedeadpunk> I was getting no mechanism driver ovn error - this means you have an issue in configuration09:55
noonedeadpunkand doing manual workarounds will not really help you09:55
noonedeadpunkas OVN setup is not super trivial and it's way more then just "install packages"09:56
derekokeeffeNo worries noonedeadpunk. Ok so it's really borked on me then :( I did re re run all playbooks and they all completed so not sure where to look. As I said I used (mostly) the same openstack_user_config amd user_variables as a working deploy so not sure what I'm doing worng. What configuration might be missing/wrong to cause the ovn driver issue?09:59
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: fix problems with contributors documentation  https://review.opendev.org/c/openstack/openstack-ansible/+/94743010:04
noonedeadpunkexcept your working is OVS one?10:26
noonedeadpunkand now you wanna go with OVN10:26
noonedeadpunkwhich are *very* different10:26
derekokeeffeTo be entirely honest I was only trying to fix the error when I did the apt-install of the package.10:28
user0801Can I get a document for configuring octavia with OVN unable to find proper docs11:17
user0801https://pastebin.com/iwBwafVe    I am trying with this settings not working 11:20
kleinicontainer_interface: "bond0" sounds wrong in network configuration. That should be the name of the interface inside the octavia containers to the LBaaS network.11:57
kleiniI have there eth211:58
kleininetwork_interface should not be set except some provider bridge (br-lbaas) should be connected to that physical interface.12:02
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94756912:11
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94756912:13
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94756912:15
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: minor fixes with RabbitMQ and HAProxy  https://review.opendev.org/c/openstack/openstack-ansible/+/94756912:15
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: minor fixes with RabbitMQ and HAProxy  https://review.opendev.org/c/openstack/openstack-ansible/+/94756912:18
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: minor fixes with RabbitMQ and HAProxy  https://review.opendev.org/c/openstack/openstack-ansible/+/94756912:20
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: minor fixes with RabbitMQ and HAProxy  https://review.opendev.org/c/openstack/openstack-ansible/+/94756913:10
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: minor fixes with RabbitMQ and HAProxy  https://review.opendev.org/c/openstack/openstack-ansible/+/94756913:11
simondodsleywho is responsible for `ansible-collection-openstack`? There is an issue that seems to have been around since Jan/Feb that is causing the Zuul jobs to fail. This is blocking patches. There is little constructive activity on `#openstack-ansible-sig`13:22
NeilHanlonsimondodsley: that is not this group. afaik it's sshnaidm and gtema, whom you've already tagged, it seems13:23
simondodsleyNeilHanlon: ok - just trying other routes. These 2 seem conspicuous by their absence over the last months13:26
noonedeadpunksimondodsley: it's in #openstack-ansible-sig13:29
noonedeadpunkbut yes13:30
noonedeadpunkactivity there is very concerning13:30
noonedeadpunkand what makes things a bit worse - it's a sig and not official project13:30
noonedeadpunkso kinda having no election and somehow obscure on a way of getting new maintainers in13:31
simondodsleyMaybe we should raise this with the TC13:31
noonedeadpunkI did mention that couple of times, but not as independent topic13:32
noonedeadpunkthe root cause of it being a sig - is ansible licensing13:32
noonedeadpunkwhich is GPL13:32
noonedeadpunkso derrivative work likely should be GPL as well13:32
noonedeadpunkwhile OpenStack is Apache 2 licensed...13:32
noonedeadpunkSo it's also a legal question13:32
simondodsleywell that is above my pay grade...13:33
noonedeadpunkbtw cinder is soooo poorly covered with ansible modules....13:34
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: minor fixes with RabbitMQ and HAProxy  https://review.opendev.org/c/openstack/openstack-ansible/+/94756913:34
simondodsleyhence why i'm trying to add a few more, but that will be impossible with the current state of the CI jobs13:35
noonedeadpunklike volume types is jsut broken, qos non existent13:35
noonedeadpunkwell, right now CI fails quite "validly", no?13:36
noonedeadpunkmeaning https://zuul.opendev.org/t/openstack/build/dce64a25eb6b45ca88cb769e9b05895d13:36
noonedeadpunkas in `https://10.0.19.120/volume/v3/volumes/ansible_test_volume_manage/action` it must be uuid, not volume name13:36
simondodsleyyes - i was testing whether a manage test would even work. I don't beleive it can as manage/unmanage is so 3rd party backend dependant.13:37
noonedeadpunkor dunno... but looks related 13:37
noonedeadpunkyeah, I never tried to manage lvm tbh13:38
simondodsleyi couldn't even get to that test because the recordset test fails, so i temporarily moved my test before the recordset failure13:38
simondodsleyi think LVM works in such a different way to 'real' backends that the test will never work - as mentioned in the commit message - the test was just added in, in case i could get it to work. Given it doesn't I'll be removing it13:39
noonedeadpunkWell. I can add this topic to the next TC agenda (in case you don't want to do that on your own)13:40
opendevreviewMerged openstack/openstack-ansible master: [doc] Add multi-AZ deployment configuration sample  https://review.opendev.org/c/openstack/openstack-ansible/+/93960913:41
simondodsleynoonedeadpunk: can i ask you to officially raise the collection issue with the TC/ We need to get something sorted out for it, even if it is just to remove gerrit control from it and go back to just GitHub13:41
simondodsleylol - crossover13:41
noonedeadpunkI do't think the issue is gerrit or github.... as it's more of - who is maintainer, if we have volunteer and how to onboard new people to the sig13:42
noonedeadpunkas github won't solve any of these13:42
opendevreviewMerged openstack/openstack-ansible master: docs: fix problems with contributors documentation  https://review.opendev.org/c/openstack/openstack-ansible/+/94743013:42
noonedeadpunksimondodsley: I added https://wiki.openstack.org/wiki/Meetings/TechnicalCommittee#Agenda13:45
simondodsleythank you - i'll try and attend the meeting13:46
noonedeadpunk++ that would be extermely nice13:46
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: small fix for table  https://review.opendev.org/c/openstack/openstack-ansible/+/94757713:47
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: small fix for table  https://review.opendev.org/c/openstack/openstack-ansible/+/94757713:48
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: small fix for table  https://review.opendev.org/c/openstack/openstack-ansible/+/94757713:48
jrosseri also have outstanding patches to ansible-collection-openstack from andrew which are basically impossible to merge17:24
opendevreviewDmitriy Rabotyagov proposed openstack/openstack-ansible master: Move sync framework to integrated repo  https://review.opendev.org/c/openstack/openstack-ansible/+/94762619:31
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94763320:02
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94763320:06
opendevreviewDmitriy Chubinidze proposed openstack/openstack-ansible master: Enable translation for deploy guide  https://review.opendev.org/c/openstack/openstack-ansible/+/94763420:08
opendevreviewDmitriy Chubinidze proposed openstack/openstack-ansible master: Enable translation for deploy guide  https://review.opendev.org/c/openstack/openstack-ansible/+/94763420:10
opendevreviewDmitriy Chubinidze proposed openstack/openstack-ansible master: Enable translation for deploy guide  https://review.opendev.org/c/openstack/openstack-ansible/+/94763420:13
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94763320:13
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: fix mistakes in examples configurations for Ceph  https://review.opendev.org/c/openstack/openstack-ansible/+/94763320:14
opendevreviewMerged openstack/openstack-ansible master: docs: small fix for table  https://review.opendev.org/c/openstack/openstack-ansible/+/94757720:37
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: fix mistakes in examples configurations for Ceph  https://review.opendev.org/c/openstack/openstack-ansible/+/94763320:45
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94763320:45
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94763320:58
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94763321:12
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94763321:31
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94763321:32
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: WIP  https://review.opendev.org/c/openstack/openstack-ansible/+/94763321:47
opendevreviewIvan Anfimov proposed openstack/openstack-ansible master: docs: fix mistake in defining container networking  https://review.opendev.org/c/openstack/openstack-ansible/+/94763322:01
opendevreviewMerged openstack/openstack-ansible-plugins master: Add openstack_user_config verification playbook as healthcheck  https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/93898022:19
opendevreviewDmitriy Chubinidze proposed openstack/openstack-ansible master: docs: fix order of steps for "Defining container networking"  https://review.opendev.org/c/openstack/openstack-ansible/+/94763323:15
« Wednesday, 2025-04-16 Index Friday, 2025-04-18 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!