Friday, 2017-02-10

« Thursday, 2017-02-09 Index Saturday, 2017-02-11 »
*** salv-orlando has quit IRC00:10
*** gongysh has joined #openstack-neutron-ovn00:19
*** mlavalle has quit IRC00:40
*** gongysh has quit IRC01:20
*** mickeys has quit IRC01:25
*** doonhammer has quit IRC02:06
*** s3wong has quit IRC02:49
*** mickeys has joined #openstack-neutron-ovn03:08
*** gongysh has joined #openstack-neutron-ovn03:10
*** yuelongguang has quit IRC03:43
*** janki has joined #openstack-neutron-ovn05:07
*** jchhatbar has joined #openstack-neutron-ovn05:29
*** janki has quit IRC05:30
*** salv-orlando has joined #openstack-neutron-ovn05:44
*** salv-orlando has quit IRC05:50
*** jchhatbar_ has joined #openstack-neutron-ovn06:03
*** jchhatbar has quit IRC06:05
*** armax has quit IRC06:15
*** armax has joined #openstack-neutron-ovn06:16
*** jchhatbar_ is now known as janki06:18
*** salv-orlando has joined #openstack-neutron-ovn06:46
*** salv-orlando has quit IRC06:50
*** salv-orlando has joined #openstack-neutron-ovn07:02
*** ltomasbo|away is now known as ltomasbo07:02
*** pcaruana has joined #openstack-neutron-ovn07:30
*** yamamoto has quit IRC07:52
*** yamamoto has joined #openstack-neutron-ovn08:28
*** yamamoto_ has joined #openstack-neutron-ovn08:36
*** yamamoto has quit IRC08:39
*** salv-orlando has quit IRC08:53
*** salv-orlando has joined #openstack-neutron-ovn09:06
*** mickeys has quit IRC09:15
*** yamamoto_ has quit IRC09:24
*** arslanq has joined #openstack-neutron-ovn09:32
arslanqhi guys, i wanna try OVN on centOS. I have already an openstack setup (Newton) up and running on 3 nodes (1 controller and 2 computes). By default it is running OVS. I want to try OVN on it. Could anyone please guide me.09:34
*** yuelongguang has joined #openstack-neutron-ovn09:35
*** yamamoto has joined #openstack-neutron-ovn09:35
*** yamamoto has quit IRC09:43
*** salv-orlando has quit IRC09:45
numansarslanq, hi10:09
numansarslanq, you want to kind of migrate it ?10:09
numansarslanq,  like stopping neutron services and starting ovn services ?10:09
arslanqnumans: yes this is exactly what i wanna do....you can say a brownfield10:10
numansarslanq, how have you deployed openstack ?10:10
numansarslanq, are you using systemctl to stop/start the openstack services ?10:11
numanssee if this helps you - https://review.openstack.org/#/c/427230/10:11
numansarslanq, its an ansible playbook which stops the neutron services and starts the ovn services10:11
numansif you are using systemctl, it should work. Either way have a look into the playbook. I suggest you try to do something similar for your setup10:12
arslanqnumans: did it work for you on CentOS???10:15
numansarslanq, yes.10:15
numansarslanq, see the readme file10:15
numanswe tested on a tripleo setup10:15
arslanqthanks numans, i'll give it a try right away and will let you know.10:15
numansthe prerequisite is you are using ovs firewall driver instead of iptables10:16
arslanqcould you please mention ansible version?10:16
numansarslanq, if not i suggest you first migrate to using ovs firewall driver10:16
numansi think its 2.210:16
arslanqi am not sure i am using iptables or firewall one....how to make sure that?10:16
numanshave a look into the readme file. i think it has10:17
arslanqok thanks i'll give it a try10:17
numansarslanq, if you haven't configured, i presume its iptables.10:17
numansone sec, let me point you to the config param for that10:17
*** openstackgerrit has quit IRC10:18
numansansible compute,controller -f 9 -i hosts -m ini_file -a "dest=/etc/neutron/plugins/ml2/openvswitch_agent.ini section=securitygroup option=firewall_driver value=openvswitch" -b10:18
numansansible compute,controller -f 9 -i hosts -a "sudo systemctl restart neutron-openvswitch-agent"10:18
numansarslanq, have a look at these commands10:19
numansyou should be able to set it this way. you can first verify the present value in the openvswitch_agent.ini10:19
arslanqi have copied it.10:22
arslanqwell could you please help me make this understand that, what networking is this? I just install openstack using packstack on three nodes, 1 controller 2 computes. It created ovs bridge on controller node i.e br-ex and by default it set 172.24.4.224/28 subnet. All external connectivity is working. but what if i want to use my own provider network.10:24
numansarslanq, i don't have much idea on packstack. may be before deploying you could configure the answers file with your provider network details. now that you have deployed, honestly i don't know how to. probably you can create your own provider network using "neutron net-create" and see if it works10:26
arslanqi just found that :)10:27
arslanqCONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=physnet1:br-enp8s010:27
arslanqCONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-enp8s0:enp8s010:27
numansok great10:27
*** fzdarsky|afk has joined #openstack-neutron-ovn10:33
arslanqnumans: wait a sec. this readme.rst says if it is using firewall driver. What if it is iptables one?10:40
numansarslanq, have you created the vms ?10:41
numansarslanq, if not i think its ok to use this playbook.10:41
numansarslanq, if you have already created vms and you want to migrate successfully to ovn, then you need to first configure to use firewall driver.10:41
numansi am not sure how that is done10:42
numansso probably you have to see the neutron docs or check in #openstack-neutron to see on how to do it.10:42
arslanqdoes not matter, i'll delete VMs and networks etc10:43
*** fzdarsky|afk is now known as fzdarsky10:53
*** jchhatbar has joined #openstack-neutron-ovn10:59
*** janki has quit IRC11:01
*** salv-orlando has joined #openstack-neutron-ovn11:16
*** salv-orlando has quit IRC11:20
*** yamamoto has joined #openstack-neutron-ovn11:25
*** jchhatbar_ has joined #openstack-neutron-ovn11:26
*** jchhatbar has quit IRC11:28
*** yamamoto has quit IRC11:29
arslanqnumans: i was going to start migration but before that i had some queries please11:30
numansarslanq, sure11:32
numansarslanq, i will be back in 5 min11:33
*** jchhatbar has joined #openstack-neutron-ovn11:47
*** jchhatbar is now known as janki11:48
*** jchhatbar_ has quit IRC11:50
*** fzdarsky has quit IRC11:56
numansarslanq, i am back12:00
arslanqnumans: ovn_encap_ip is the compute node ip of mgmt network right?12:03
numansarslanq, yes.12:03
numansarslanq, that would be the tunnel ip12:03
numansand compute nodes establish geneve tunnels with this ip12:03
arslanqnumans: ovn_db_ip is mgmt ip of which node?12:04
numansarslanq, that should be your controller node12:04
numansyou have one controller node right ?12:04
arslanqyes i have one controller node so same will be my DB node12:04
numansright12:04
arslanqnumans:  "ovn_bridge_mappings=net1:br-em1"....here net1 is mgmt network in your example 192.0.2.0 right?12:06
arslanqi mean net1 is a NIC connected to mgmt network12:07
numansarslanq, you can configure any value here, but make sure that you move the NIC which has public connectivity to ovs bridge br-em112:07
numansarslanq, you can rename to whatever eg .. datacentre:br-ex12:08
numansarslanq, i would suggest use =physnet1:br-enp8s012:08
arslanqnormally i have one NIC which is connected to internet....i think that should work12:09
numansarslanq, because that's what packstack has configured. i may be wrong.12:09
numansok.12:09
numansarslanq, have a look at it - http://openvswitch.org/support/dist-docs/ovn-controller.8.html12:09
numansand grep for  external_ids:ovn-bridge-mappings12:09
numansin case you haven't already seen this12:09
arslanqnumans: and this bridge will be created as new...regardless of other available bridges which were created earlier by OVS12:10
numansarslanq, if the bridge doesn't exist ovn-controller would create it.12:10
numansbut if it already exists it would reuse is what i think12:11
arslanqok, since this is being created on compute node, what will be the purpose of this bridge?12:11
numansarslanq, it is required for external connectivity12:12
numansarslanq, does your compute nodes have access to external connectivity ?12:12
numansarslanq, it's something like dvr12:12
arslanqyes my compute nodes have access to internet, but a bridge like br-ex is available on controller node not on computes...let me send you details of bridges on both nodes12:13
numansarslanq, its fine. in the case of ovn, the traffic for external connectivity doesn't  go through controller node12:14
numansnetworking-ovn would choose one compute node and that would act as gateway for external connectivity ...(there are a couple of patches pending after which complete dnat would be supported)12:15
arslanqnumans: here is the detail https://pastebin.mozilla.org/897850812:16
*** salv-orlando has joined #openstack-neutron-ovn12:17
numansok.12:17
arslanqmakes sense that ovn controller on computes handles the external traffic...right12:17
numansarslanq, you may have to add the physical interface to br-ex on compute nodes to have external traffic12:17
numansyes12:17
*** numans is now known as numans_afk12:18
arslanqyes i'll add.....meanwhile should i delete br-ex from controller?12:18
numans_afkarslanq, will be back in 10 min.12:18
arslanqok12:18
numans_afkthat's upto you12:18
numans_afkshouldn't matter according to me12:18
*** janki has quit IRC12:19
arslanqshould i delete networks and recreate once migration is done?12:19
*** salv-orlando has quit IRC12:21
*** fzdarsky has joined #openstack-neutron-ovn12:25
*** salv-orlando has joined #openstack-neutron-ovn12:25
*** numans_afk is now known as numans12:35
numansarslanq, they should work even without deleting12:37
*** gongysh has quit IRC12:37
arslanqnumans: ok moving forward12:39
numansgreat12:39
arslanqnumans: no i meant more questions :P12:43
numansarslanq, sure12:43
numansi thought you are going to run the migration :)12:44
arslanqnumans: https://pastebin.mozilla.org/897851912:46
numansarslanq, i didn't get the question.12:47
numansyou mean the neutron services not running in compute nodes ?12:47
arslanqthere is list of agents you are stopping on both nodes.....but on my setup i have only openvswitch-agent running on compute and rest of the agents are running on controller node....my question is will it fail or not?12:49
arslanqno it w12:52
arslanqnumans: ok leave that i'll see it....could you please answer me this one neutron-metadata-agent12:54
arslanqsorry this one https://pastebin.mozilla.org/897852412:55
numansarslanq, it says ignore_errors to true, so its ok if the command fails.12:56
numansarslanq, this task reset the openflow version set on the br-int/br-ex. neutron ovs agent could have set a different OF flow version. so this command clears it12:56
numansso that ovn-controller can set the OF flow version it supports.12:56
arslanqit could be on br-int OR br-ex....makes sense12:57
arslanqnumans: i got it thanks a lot.....i'll bother you if there is any issue during this migration12:58
arslanqthanks again12:58
numanssure. let me know how it goes12:58
*** salv-orl_ has joined #openstack-neutron-ovn12:59
arslanqnumans: a quick question please, systemd module of ansible uses systemctl behind the scene...right?13:00
numansarslanq, i presume so.  i am not familiar with ansible. may be you can refer the documentation on systemd module to be sure13:01
arslanqok i'll do13:01
*** salv-orlando has quit IRC13:02
arslanqnumans: No package openvswitch-ovn-host available, what did u do in your case?13:38
numansarslanq, :). it is expected to install the ovn packages and the playbook  doesn't install them13:39
numansarslanq, what i suggest you is generate rpms, install them first and then run the playbook13:39
arslanqwhere did you get these packages ?13:40
numansarslanq, you can clone the ovs repo and run " make rpm-fedora RPMBUILD_OPT="--without check"13:41
numansarslanq, i dont think centos has ovs 2.6 and ovn packages yet.13:41
arslanqok13:41
numansarslanq, on the controller node you can install openvswitch-ovn-common and openvswitch-ovn-central13:42
numansarslanq, on the compute node openvswitch-ovn-common and openvswitch-ovn-host13:42
numansarslanq, also please update the openvswitch package13:42
numansarslanq, if you want you can use branch 2.7 instead of master13:43
numanswithout latest openvswitch package it wouldn't work13:43
*** fzdarsky has quit IRC13:43
arslanqlet me see...i'll inform you13:44
arslanqcurrently i have 2.5 version installed of openvswitch13:45
*** fzdarsky has joined #openstack-neutron-ovn14:15
arslanqnumans: is this package required? openvswitch-kmod14:22
numansarslanq, which version of linux you are running ?14:30
arslanqcentOS 714:30
numansarslanq, if its centos 7.3 with 3.10.514.... then its not required. else its required14:30
numansarslanq, or you can update to centos 7.314:31
arslanqi have kernel version 4.9 and centOS 7.3.161114:32
arslanqi think em good without kmod14:32
arslanqnumans: the following command error outs14:48
arslanqovs-vsctl set open . external_ids:ovn-encap-type=geneve14:48
arslanqovs-vsctl: unix:/var/run/openvswitch/db.sock: database connection failed (No such file or directory)14:49
arslanqovn-controller was not active....never mind14:51
*** mlavalle has joined #openstack-neutron-ovn15:02
*** doonhammer has joined #openstack-neutron-ovn15:23
*** mickeys has joined #openstack-neutron-ovn15:36
*** mickeys has quit IRC15:42
arslanqnumans: you there?16:09
numansarslanq, yes16:09
numanstell me16:09
arslanqits all done, i did it manually. So, how do i make sure its working16:09
numansarslanq, that's great.16:11
numansyou can create few networks, boot few vms and see if everything works fine16:11
numansarslanq, when you create some networks, ports, run "sudo ovn-nbctl show" in controller node16:11
numansand see if networking-ovn is creating the resources in NB db16:12
arslanqbefore that...the agents you are stopping playbook. are you expecting to come up these agents automatically? because i don't see them on any node16:12
numansarslanq, those agents aren't required for ovn16:12
arslanqok fine16:12
arslanqand you told me that when i'll map bridge on compute....ovn-controller automatically create that bridge16:14
arslanqbut it did not16:14
arslanqi hit this command:  ovs-vsctl set open . external_ids:ovn-bridge-mappings=eth1:br-ex16:15
arslanqovs-vsctl set Bridge br-int protocols=[]16:15
*** armax has joined #openstack-neutron-ovn16:18
arslanqnumans: seems like metadata is not working....VM is taking more than usual time to show console16:26
numansarslanq, metadata is not yet supported in ovn.16:26
arslanqmakes sense16:26
numansarslanq, you need to enable force_config_driver = true in nova.conf and restart nova-compute or while booting vms you can specify to use config drive16:27
numansarslanq, for bridge mappings, i think you need to create br-ex16:27
arslanqand what difference will it make?16:27
numansarslanq, if you want to push some meta data to your vm then you need to use config drive (for ovn)16:28
arslanqok16:28
numansarslanq, for bridge mapping this is how it would work. you first set someting like ovs-vsctl set open . external_ids:ovn-bridge-mappings=datacentre:br-ex16:29
numansand then create a provider network like -16:30
numansarslanq, neutron net-create public --router:external --provider:network_type vlan --provider:physical_network datacentre --provider:segmentation_id 1016:31
numansthis is just an example16:31
numansnotice the option "provider:physical_network"16:31
numansthis should match with the "external_ids:ovn-bridge-mappings"16:31
arslanqyes i was going to ask what is datacenter?? eth1?16:32
numansarslanq, i guess its clear now16:32
* numans signing off for now.16:33
arslanqnumans: ok. All set here on my side....i can create networks, and i can see them in database16:33
numansarslanq, hope it works fine for you :)16:33
numansarslanq, that's great16:33
arslanqnumans: Thanks a lot16:33
numansyou are welcome16:33
arslanqi can ping across computes16:33
numansthat's cool.16:34
arslanqonly external connectivity is remaning i'll make it happen on Monday......Thanks alot again16:34
numanswc16:34
*** pcaruana has quit IRC16:53
arslanqnumans: when you get back, could you please tell me that why i cant ping across networks, whereas i can ping across computes within same network.16:58
arslanqnumans: i started the l3 agent and it started working for me.17:12
*** salv-orl_ has quit IRC18:12
*** fzdarsky is now known as fzdarsky|afk18:23
*** mickeys has joined #openstack-neutron-ovn18:41
*** ltomasbo is now known as ltomasbo|away18:56
*** s3wong has joined #openstack-neutron-ovn19:05
*** doonhammer has quit IRC20:13
*** doonhammer has joined #openstack-neutron-ovn20:24
*** zkassab has joined #openstack-neutron-ovn21:07
*** salv-orlando has joined #openstack-neutron-ovn21:45
*** fzdarsky|afk has quit IRC21:57
*** yamamoto has joined #openstack-neutron-ovn23:27
*** yamamoto has quit IRC23:31
« Thursday, 2017-02-09 Index Saturday, 2017-02-11 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!