| opendevreview | Merged openstack/openstack-ansible stable/2024.2: Switch plugins repo to 2024.2 branch https://review.opendev.org/c/openstack/openstack-ansible/+/936810 | 01:38 |
|---|---|---|
| mgariepy | let's try the forum : https://forum.gitlab.com/t/broken-302-leads-to-308-because-when-downloading-release-for-a-project/117898 | 13:39 |
| mgariepy | noonedeadpunk, kleini ^^ | 13:39 |
| kleini | *thumps up* | 14:10 |
| mgariepy | it's annoying :D haha | 14:10 |
| majotorresm | Hello, does anyone deployed succesfully OSA on Rocky9? how do you override the OVS and kernel bridges configuration | 15:01 |
| noonedeadpunk | well, we mainky use ubuntu here, but I think it should not matter much unless there could be issue with ceph-ansible | 15:13 |
| noonedeadpunk | majotorresm: can you give a little bit more details about what specifically you mean? | 15:13 |
| majotorresm | the issue is that ovs tries to create a bridge port using the interface name. In my case, i defined a bond named bond01. And ovs complies because the name is already taken by the kernel | 15:16 |
| noonedeadpunk | and you're trying to use bond0 as vlan network? | 15:17 |
| majotorresm | this is the final playbook, ovs_config.yml | 15:17 |
| noonedeadpunk | yeah, but it does what's being defined in config | 15:17 |
| majotorresm | nope, I am deploying this case: https://docs.openstack.org/liberty/networking-guide/scenario-provider-ovs.html | 15:18 |
| majotorresm | I think this has to be with the user_variables definition, but I still don't get it | 15:19 |
| noonedeadpunk | sry, right on the meeting now... | 15:24 |
| noonedeadpunk | so first thing - doc you're reffering is super old, it's 9yo :) | 15:25 |
| mgariepy | we should try to fix google caching stuff. it seems like google is always reffering to old release.. | 15:26 |
| mgariepy | it's true for all openstack doc tho. not just ours. | 15:26 |
| noonedeadpunk | so what playbooks do, wrt to bridging, out of the box is in openstack_user_config | 15:27 |
| derekokeeffe85 | Hi all, it's been a while since I was here. Quick question. I had an OSA deploy host that deployed a 1 controller 2 compute cluster. I need to add a compute but the deploy host was repurposed without my knowledge so I have nothing from the original deploy. Is it much work to add a compute manually to an OSA cluster with LXC containers and if mot is there any docs? Thanks in advance | 15:38 |
| *** tosky_ is now known as tosky | 15:40 | |
| mgariepy | derekokeeffe85, what version of the deployment are you using ? | 15:40 |
| noonedeadpunk | majotorresm: can I also ask why you decided to go with ovs rather then ovn these days? It doesn't matter setup much... but wondering | 15:41 |
| mgariepy | https://docs.openstack.org/openstack-ansible/2023.1/admin/scale-environment.html#add-a-compute-host | 15:41 |
| majotorresm | @noonedeadpunk it is a requirement that comes from the clien | 15:43 |
| noonedeadpunk | would it be possible for you to share `provider_networks` defenition out of openstack_user_config? | 15:44 |
| noonedeadpunk | uness you've defined `neutron_provider_networks` in user_variables | 15:44 |
| noonedeadpunk | derekokeeffe85: well. you can add UCA repo and just do `apt install nova-compute` and `apt install neutron-openvswitch-agent` (or what you're running) | 15:45 |
| noonedeadpunk | then you'd need to copy/paste configs | 15:46 |
| noonedeadpunk | and SSH keys | 15:46 |
| noonedeadpunk | majotorresm: as it feels that you try to purpose your "main" interface in an unexpected way | 15:48 |
| majotorresm | neutron_provider_networks: network_flat_networks: "*" network_types: "vlan" network_vlan_ranges: "physnet1:100:200" network_mappings: "physnet1:br-provider" network_interface_mappings: "br-provider:bond01" neutron_plugin_type: "ml2.ovs" | 15:51 |
| majotorresm | these are my user_variables definition | 15:52 |
| majotorresm | this is the ovs-vsctl show | 15:52 |
| majotorresm | [root@srv6102 ~]# ovs-vsctl show 4112daa3-3815-48fd-96e4-40d6e239816a Manager "ptcp:6640:127.0.0.1" is_connected: true Bridge br-int Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure datapath_type: system Port br-int Interface br-int type: internal Bridge bond01 fail_mode: standalone Port bond01 Interf | 15:52 |
| noonedeadpunk | majotorresm: you can use paste.openstack.org for that :) | 15:52 |
| majotorresm | ok | 15:54 |
| noonedeadpunk | majotorresm: and then you have a bond0 already being part of the bridge on compute? | 15:54 |
| noonedeadpunk | hm, ok, it's weird | 15:55 |
| majotorresm | https://paste.openstack.org/show/bOtvib9HVxKlghgEZO9S/ | 15:55 |
| majotorresm | yes, the ovs port is named as the kernel bond, so ovs throughs that error | 15:56 |
| * noonedeadpunk looking at own config | 15:57 | |
| majotorresm | great! | 16:00 |
| noonedeadpunk | I kind of wonder why you'd need these overrides.... | 16:03 |
| noonedeadpunk | as neutron_provider_networks should fill in all of these for you | 16:03 |
| noonedeadpunk | but then you also have `flat_networks: provider` in overrides but `network_flat_networks: "*"` in neutron_provider_networks | 16:04 |
| noonedeadpunk | as network_flat_networks should be used as default for flat_networks | 16:05 |
| derekokeeffe85 | I'm using Yoga 25.1.0 mariepy. noonedeadpunk is there any docs I could refer to for that process? | 16:05 |
| noonedeadpunk | um. we don't have such docs as this is pretty much manual installation path... | 16:06 |
| majotorresm | I really don't know. I just use that I found. I really really apreciate your recommendations | 16:06 |
| noonedeadpunk | but specific service do have manual installation docs for services | 16:06 |
| majotorresm | When I used yoga, this all work fine, just fine. But for this 2024.1 OSA , I found these issues | 16:07 |
| noonedeadpunk | Could you have some leftovers i nthe system from yoga? or you did re-setup? | 16:08 |
| derekokeeffe85 | Ok so it's a figuring out a manual install. Last question so, is there much requirement to touch all the containers or should it be mostly the host machine configs? | 16:10 |
| majotorresm | the user_Variables settings are not the same | 16:10 |
| majotorresm | i am deploying this on baremetal | 16:10 |
| noonedeadpunk | majotorresm: so I have smth like that in overrides only: https://paste.openstack.org/show/b4Bhp4LggRcoDdToasrZ/ | 16:11 |
| noonedeadpunk | derekokeeffe85: so you need to add another compute to deployment, config of which was lost? | 16:11 |
| noonedeadpunk | as there're no lxc on computes? | 16:11 |
| majotorresm | nope | 16:12 |
| noonedeadpunk | majotorresm: but kind of the problem is - why in the world bond0 is part of the br-int for your case | 16:12 |
| derekokeeffe85 | Yep the deploy host config is lost, what I meant is theLXC containers on the controller, is there a need to tell them about a new compute? I briefly checked the utility container and it has references in the hosts file to the existing computes | 16:13 |
| noonedeadpunk | or wait, it's even setup as bridge... | 16:13 |
| noonedeadpunk | majotorresm: let me come with some suggestion for the config for you | 16:14 |
| noonedeadpunk | majotorresm: question - you don't want tenants to create internal networks and use just vlan? | 16:19 |
| noonedeadpunk | as I see you don't have vxlan enabled | 16:20 |
| noonedeadpunk | and `tenant_network_types: ""` | 16:20 |
| majotorresm | No, I need to use tagged vlans for the instances, just the same vlans I have for the baremental servers at DC. We are migrating those baremetals to instances | 16:24 |
| majotorresm | No L3 config eighter | 16:25 |
| noonedeadpunk | but then you can wire vlans with vxlans... ok, anyway | 16:25 |
| noonedeadpunk | I'm almost done | 16:27 |
| majotorresm | thanks! vxlans are not supported at the DC, yet | 16:29 |
| noonedeadpunk | majotorresm: I think that all neutron overrides you have can be replaced with that https://paste.openstack.org/show/bfTAPKxqjArsDCRSRE0u/ | 16:29 |
| majotorresm | :O( | 16:29 |
| noonedeadpunk | majotorresm: vxlan do not DC support | 16:29 |
| mgariepy | derekokeeffe85, not idea how to do that to be frank. | 16:29 |
| noonedeadpunk | *do not need | 16:29 |
| noonedeadpunk | as tunnels are established between hypervisors on top of some existing L2 | 16:29 |
| noonedeadpunk | (or L3) | 16:30 |
| mgariepy | seems like a bunch for small steps that could go wrong in every corner. | 16:30 |
| majotorresm | ohh yes! just a missing variable fucks everything down, hehe | 16:31 |
| majotorresm | I am reinstallig the servers, I'll be back in a hour with results. Wish me luck | 16:32 |
| noonedeadpunk | majotorresm: I think you actually don't need a flat network... | 16:32 |
| noonedeadpunk | as you can't have a flat and vlan network out of the same interface | 16:32 |
| noonedeadpunk | so I didn't include it in the config | 16:32 |
| majotorresm | so, I need to define some bridges in that case, right? | 16:33 |
| noonedeadpunk | if you want to enable vxlan - yo ucan set `neutron_ml2_drivers_type: vlan,vxlan` | 16:33 |
| noonedeadpunk | majotorresm: so multiple thing with this setup - ensure that you don't access server by jsut bond01 - as indeed it will be managed by ovs, so you will likely loose connectivity as soon as interface will be added to the bridge | 16:34 |
| noonedeadpunk | so we are suing bond0.VLAN for that, and the VLAN is not in rage of what is available in openstack | 16:35 |
| majotorresm | over the bond, I have bridges for the tagged vlans and a bridge for the native vlan | 16:36 |
| majotorresm | yes, I have another vlan ID for openstack | 16:37 |
| noonedeadpunk | so the bridge on the native vlan is smth you can't have if you want to add the interface as vlan network to ovs | 16:37 |
| noonedeadpunk | otherwise, you might want to produce N flat networks for each vlan you want to have inside openstack, but that's not flexible enough... might be fine for migration. but not in the longer run | 16:38 |
| derekokeeffe85 | mgariepy noooo :) Ok I'll have to try what noonedeadpunk said and do a manual install from the docs I'm just unsure about the container configs, we have added computes before just not to an OSA cluster. Thanks though | 16:40 |
| mgariepy | otherwise you might be able to rebuild your inventory.. | 16:41 |
| noonedeadpunk | issue with rebuilding inventory is that new container names and ips will be produced... and haproxy will be screwed up on a relatively early stage | 16:42 |
| noonedeadpunk | but nothing is impossible :) | 16:42 |
| noonedeadpunk | as it's all jsut code | 16:42 |
| mgariepy | if the infra is still running.. it should be possible. | 16:43 |
| mgariepy | but well.. it's tedious as well ;) haha | 16:43 |
| noonedeadpunk | actually yeah, you can edit inventory to match reality | 16:43 |
| noonedeadpunk | probably would be easier | 16:44 |
| mgariepy | yep. | 16:44 |
| mgariepy | just 2 or 3 sed in a json file.. not a big deal ? ;p | 16:44 |
| majotorresm | @noonedeadpunk. so it didn't resolve the issue. look at this: https://paste.openstack.org/show/buXrHNVe9pGcK0pAgBr9/ | 22:31 |
| noonedeadpunk | majotorresm: well, again - are you using bond01 as untag inside some linux bridge on the host? | 22:35 |
| majotorresm | sorry, I think i miss that message. this is my network configuration: https://paste.openstack.org/show/b3VoQpiujCprGuW8qtjj/ . br-mojo is a bridge for the native vlan | 22:37 |
| noonedeadpunk | yeah, so as Isaid before - you can't do that | 22:38 |
| noonedeadpunk | untag must be pretty much clear in order to give an interface to ovs for VLANs | 22:39 |
| majotorresm | mmmm. but it worked with the Yoga installation. Is there any workaround to do, maybe I should assign a bond02 for the VLANs | 22:39 |
| noonedeadpunk | or, create all required tags on the host manually (systemd-networkd, networkmanager, etc) and define them as independent flat networks | 22:39 |
| noonedeadpunk | I don't think it would work if you set the bond01 as vlan provider | 22:40 |
| noonedeadpunk | even on Yoga | 22:40 |
| noonedeadpunk | potentially what you can do - use OVS bridge rather then linux bridge | 22:41 |
| majotorresm | ok, so I need to go further with this. I will use another bond for the vlan traffic | 22:41 |
| noonedeadpunk | and add all other interfaces to br-provider rather then br-mojo | 22:42 |
| noonedeadpunk | as you can add other interfaces to ovs brdiges... | 22:42 |
| noonedeadpunk | but I probably won't do that, as the interface is pretty much managed with neutron, and I would not want to depend on that for access to server or anything like that... | 22:43 |
| noonedeadpunk | or, you might want to create some kind of mac-vlan and then add this produced macvlan to the OVS instead of real bond01 | 22:43 |
| majotorresm | mmmm, I will | 22:44 |
| noonedeadpunk | but overall idea is that the interface you use for VLANs should not be in fact used on untag | 22:44 |
| noonedeadpunk | all tagged vlans are fine to be used from this physical one, but make sure you're not allowing them in neutron through the range | 22:45 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!