| opendevreview | Merged openstack/openstack-ansible-openstack_openrc unmaintained/victoria: Update .gitreview for unmaintained/victoria https://review.opendev.org/c/openstack/openstack-ansible-openstack_openrc/+/913022 | 07:38 |
|---|---|---|
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-tests unmaintained/victoria: Fix functional tests running locally https://review.opendev.org/c/openstack/openstack-ansible-tests/+/916174 | 09:02 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible unmaintained/victoria: DNM - testing unmaintained branch https://review.opendev.org/c/openstack/openstack-ansible/+/916175 | 09:09 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-os_tempest unmaintained/wallaby: Fix keystone-tempest-plugin to tag made for wallaby release https://review.opendev.org/c/openstack/openstack-ansible-os_tempest/+/916277 | 11:17 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-tests unmaintained/wallaby: Update .gitreview for unmaintained/wallaby https://review.opendev.org/c/openstack/openstack-ansible-tests/+/913127 | 11:18 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible-tests unmaintained/wallaby: Update .gitreview for unmaintained/wallaby https://review.opendev.org/c/openstack/openstack-ansible-tests/+/913127 | 11:19 |
| blues11 | I was testing OpenStack OVN and have an issues with network connectivity. The network connectivity works when floating IP address and a private IP address used at the same time. However it doesn't work when floating IP attaches to the VM directly | 12:06 |
| blues11 | This is for OpenStack ansible and here is my vlan config - https://paste.openstack.org/show/bdsSt1gunR4ScpML4fOg/ | 12:07 |
| blues11 | Any clue about this issue ? | 12:07 |
| jrosser_ | blues11: are each of your compute nodes "ovn controllers" ? | 12:11 |
| jrosser_ | the config in your paste is only applied to the `neutron_ovn_controller` ansible group | 12:12 |
| blues11 | We have deployed like this network-gateway_hosts: *compute_hosts so all our hypervisor nodes are ovn controller nodes right? | 12:18 |
| jrosser_ | and you've got bond0 on all the compute nodes as well? | 12:19 |
| blues11 | Yes sure we can ping to outside with floating ip attached to vm but cannot connect flat network directly | 12:21 |
| blues11 | https://paste.openstack.org/show/bDRxkLmyF9jFK0OHLm5R/ - Those nat setup works fine | 12:25 |
| jrosser_ | you mean that it fails, or the port gets attached but no traffic flows? | 12:25 |
| jrosser_ | (i must say that i've never used ovn myself) perhaps mgariepy might have some insights here | 12:27 |
| blues11 | Can you see the test example 10.60.16.186 ip is directly atached to vm this is floating ip which is not working | 12:27 |
| jrosser_ | sadly i'm not really understanding "However it doesn't work when floating IP attaches to the VM directly" becasue my understanding is that floating IP are dealt with by the neutron router | 12:28 |
| mgariepy | hey | 12:30 |
| blues11 | Well thats not the case before with linux bridge we could do that, this is extremly helpfull to attach to vm for vrrp setup as well as whitelist ips in other env | 12:30 |
| blues11 | Hi mgariepy | 12:31 |
| jrosser_ | i do wonder if there is confusion here with "attaching a floating IP to a VM directly" vs. "attachin the VM directly to the external network" which really are not the same thing | 12:33 |
| mgariepy | can you paste a bit more config and info on your network ? | 12:33 |
| mgariepy | when you attach a fip to a vm it's natted via the router to the vms internal ip. | 12:34 |
| mgariepy | lin the nat b5fac2ab-e4cb-4ba3-a9c7-1fc6b6fd395f in your last paste. | 12:35 |
| blues11 | What we mean is attaching the VM directly to the external network not working | 12:35 |
| mgariepy | fip 10.60.16.183 is natted to 192.168.25.129 | 12:35 |
| blues11 | Yes that works fine (fip 10.60.16.183 is natted to 192.168.25.129) | 12:35 |
| blues11 | port 7131019b-5107-4dd0-883d-c79eceef57c8 addresses: ["fa:16:3e:60:af:f7 10.60.16.186"] - This dosn't works | 12:36 |
| mgariepy | you expect to have this ip configured in the server i guess ? | 12:36 |
| mgariepy | via a new interface AKA port. | 12:37 |
| blues11 | 10.60.16.186 we get this ip configured inside vm | 12:37 |
| mgariepy | what are your routes? | 12:37 |
| mgariepy | `ip r` | 12:37 |
| mgariepy | inside the vm. | 12:38 |
| mgariepy | do you also have another ip inside that vm ? | 12:38 |
| blues11 | default via 10.60.16.1 dev eth0 src 10.60.16.186 metric 1002 | 12:39 |
| mgariepy | can you ping the gw ? | 12:39 |
| blues11 | We don't have any other IP in that VM | 12:39 |
| blues11 | We are unable to do that thats the issue here | 12:40 |
| mgariepy | what are the security rules applied to the vm ? | 12:43 |
| blues11 | Thats same applied both vm icmp allowed | 12:43 |
| blues11 | I also tried with port security disabled | 12:45 |
| blues11 | We can see the tap interface showing in the hypervisor under ovs-system | 12:47 |
| mgariepy | where does the gw live ? | 12:47 |
| blues11 | gw is external l3 switch | 12:48 |
| mgariepy | https://access.redhat.com/solutions/4066321 | 12:48 |
| mgariepy | can you try the ovn-trace stuff from that page? | 12:48 |
| blues11 | Sure, I will provide this later got little busy now. Thanks for your time mgariepy | 12:51 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible unmaintained/wallaby: Update ansible role and openstack services for unmaintained branch names https://review.opendev.org/c/openstack/openstack-ansible/+/916291 | 12:55 |
| mgariepy | i do have both also but i don't mix the 2. my fip are on a network and i have another sperate network that i do attach directly to vms | 13:04 |
| mgariepy | i never tried to mix them tho. | 13:04 |
| jrosser_ | if anyone has ideas about why only two jobs ran here i would be grateful https://review.opendev.org/c/openstack/openstack-ansible/+/916291 | 14:14 |
| jrosser_ | i excpected there to be quite a few more than that | 14:14 |
| andrewbonney | This looks quite sparse: https://github.com/openstack/openstack-ansible/blob/unmaintained/wallaby/zuul.d/project.yaml | 14:16 |
| jrosser_ | ooooh i see whats going on /o\ | 14:25 |
| jrosser_ | i still have a stable/wallaby locally | 14:25 |
| jrosser_ | `git prune` is very useful in this situation | 14:26 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible unmaintained/wallaby: Update ansible role and openstack services for unmaintained branch names https://review.opendev.org/c/openstack/openstack-ansible/+/916291 | 14:28 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible unmaintained/wallaby: Return CI jobs after unmaintained branch renaming https://review.opendev.org/c/openstack/openstack-ansible/+/916302 | 14:28 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible unmaintained/wallaby: Update ansible role and openstack services for unmaintained branch names https://review.opendev.org/c/openstack/openstack-ansible/+/916291 | 14:55 |
| opendevreview | Jonathan Rosser proposed openstack/openstack-ansible unmaintained/wallaby: Return CI jobs after unmaintained branch renaming https://review.opendev.org/c/openstack/openstack-ansible/+/916302 | 14:55 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!