Monday, 2018-08-06

« Sunday, 2018-08-05 Index Tuesday, 2018-08-07 »
*** longkb has joined #openstack-lbaas00:30
*** hongbin has joined #openstack-lbaas01:39
openstackgerritZhaoBo proposed openstack/octavia master: [UDP] Update amphora agent api ref  https://review.openstack.org/58889301:52
*** gans has joined #openstack-lbaas03:58
*** gans has quit IRC04:05
*** hongbin has quit IRC04:09
*** nmagnezi_ has joined #openstack-lbaas06:03
*** pcaruana has joined #openstack-lbaas06:07
*** luksky has joined #openstack-lbaas06:42
*** ivve has joined #openstack-lbaas06:46
*** rcernin has quit IRC06:52
*** ramishra has joined #openstack-lbaas07:03
bzhao__cgoncalves:  Thanks for test.  That error maybe extend my knowledge, ;-( . Is that the keepalived kernel error?07:26
*** velizarx has joined #openstack-lbaas07:36
*** rpittau has joined #openstack-lbaas07:53
*** yamamoto has quit IRC08:09
cgoncalvesbzhao__, keepalived segmentation fault08:10
cgoncalvesbzhao__, before I get lots of those errors (because systemd restarts keepalived), there are errors running the health check. I will try to find what's exactly causing it08:11
cgoncalvesok, found it. the problem is that the virtual server ip address is v4 but members were configured with  ipv6 addresses08:14
bzhao__cgoncalves:  Thanks for explain. That's the real ip packet, maybe the keepalived community can search the reason.08:14
bzhao__...=.=08:14
*** crazik has left #openstack-lbaas08:15
bzhao__cgoncalves:  does haproxy support transfer from ipv4 to ipv6?08:16
cgoncalvesbzhao__, there are reports of this upstream. one dev is saying to create multiple vrrp_instances08:18
cgoncalveshttps://github.com/acassen/keepalived/issues/497#issuecomment-27312256108:18
cgoncalvesbzhao__, could you check whether a mix of v4 and v6 works for you? also the keepalived version you're running08:19
cgoncalveskeepalived v1.3.5 here (centos 7.5)08:19
openstackgerritNir Magnezi proposed openstack/octavia master: systemd should recover Keepalived  https://review.openstack.org/58899308:21
bzhao__cgoncalves:  I imaging that if we configure v4 VS, but v6 RS, I think it won't work as wish, as currently we support nat mode only, and we configure the iptables based on VIP address version on ubuntu..08:22
bzhao__cgoncalves:  I will recreate the test env.08:22
cgoncalvesok08:25
bbbbzhao_https://www.irccloud.com/pastebin/gQUNpDud/08:38
bbbbzhao_https://www.irccloud.com/pastebin/mbZP3Fx5/08:39
bbbbzhao_Oh, I remove the persistence first...08:39
bbbbzhao_sorry08:39
cgoncalveshttp://paste.openstack.org/show/727386/ is what I have08:43
cgoncalvesnote that I manually changed the RS IP addresses to v408:43
*** yamamoto has joined #openstack-lbaas08:43
cgoncalvesI can netcat to each RS but not to the virtual server08:43
bbbbzhao_https://www.irccloud.com/pastebin/uEx6kn3F/08:44
cgoncalveshttp://paste.openstack.org/show/727387/08:44
bbbbzhao_Seem lvs not support ipv4 to ipv6...08:44
bbbbzhao_I can show the rs only in amp ns.08:45
bbbbzhao_https://www.irccloud.com/pastebin/PsUCtxSb/08:46
cgoncalvesright, we have to netcat within the amphora-proxy namespace08:46
bbbbzhao_And when I request the VS, the syslog will full of no destination.08:46
bbbbzhao_Yeah, I haven't add nc in it yet.  Just testing the udp listener support tcp/http checker.. doing test the config generate is correct..;-)08:47
bzhao__cgoncalves:  I think there is a bug that if we specify the ipv6 RS(member), it doesn't check whether the persistence value  match the ipv6 version..08:50
bzhao__cgoncalves:  (⊙o⊙) many cases not cover...just the normal ones.. =。=08:51
*** salmankhan has joined #openstack-lbaas08:56
*** ktibi has joined #openstack-lbaas08:57
cgoncalvesbzhao__, should I see a process listening on a udp socket? because I don't see any on netstat08:59
bzhao__cgoncalves:  No, we can see a process listening, as the lvs will send out the packets directly based on kernel.  But we can see a connection in the ns by conntrack -L09:03
bzhao__sorry  can't see a process listening a udp port.09:03
bbbbzhao_https://www.irccloud.com/pastebin/HDO327Pm/09:04
bbbbzhao_This is the version in my ubuntu env09:04
cgoncalvesrm_work, johnsom: ^ !!! :D centos wins this time by shipping a newer keepalived version than ubuntu :P09:06
bzhao__haha09:06
*** yamamoto has quit IRC09:15
cgoncalves /proc/net/nf_conntrack doesn't show the udp one09:15
bzhao__cgoncalves:  I will install a conntrack tool for show... I'm not very familiar with the kernel configuration. Please hold on.09:21
cgoncalvesbzhao__, sure, no problem. thank you!09:22
bbbbzhao_https://www.irccloud.com/pastebin/icx9VPOL/09:26
bbbbzhao_Before L21, no new connection, as I didnt request the VIP. After L21, I request with iperf, we can see the socket connect in L27..09:27
cgoncalvesI can not get that even after requesting udp on the VIP :/09:43
bzhao__=。=09:43
openstackgerritzhouchangxun proposed openstack/octavia master: Change the driver to a singleton  https://review.openstack.org/58910009:49
*** yamamoto has joined #openstack-lbaas09:50
bzhao__cgoncalves:  Could you check the kernel configuration? net.ipv4.ip_forward  and net.ipv4.vs.conntrack enabled, ip_vs kernel module had been loaded?10:17
*** yamamoto has quit IRC10:19
*** luksky has quit IRC10:28
*** kobis1 has joined #openstack-lbaas10:57
*** kobis1 has left #openstack-lbaas10:58
*** kobis1 has joined #openstack-lbaas10:59
*** luksky has joined #openstack-lbaas11:02
*** nmagnezi_ has quit IRC11:18
cgoncalvesbzhao__, both set to 0, ip_vs kernel module enabled11:46
*** amuller has joined #openstack-lbaas11:47
bzhao__cgoncalves:  you need to set both them to 1 in amp namespace, also check the iptables is configured.11:47
bbbbzhao_-A POSTROUTING -o eth1 -p udp -j MASQUERADE11:48
bbbbzhao_like this11:48
cgoncalvesoh, wait. that is inside the namespace. they are set to 1, yes11:49
cgoncalvesI see that net.ipv6.conf.all.forwarding should have also been set to 1 but it is not11:50
bzhao__cgoncalves:  yeah, if you use ipv6, you need to set to 111:51
cgoncalvesit should have been set when starting amphora-netns systemd11:51
cgoncalvesExecStart=-/sbin/ip netns exec {{ amphora_nsname }} sysctl -w net.ipv6.conf.all.forwarding=111:51
bzhao__cgoncalves:  So the logic check the vip's ip version, if it is ipv4, it just config net.ipv4.ip_forward=111:52
bzhao__cgoncalves:  I do that in plug.py...11:52
bzhao__cgoncalves:  :(11:53
cgoncalveswait, why are we modprobing and sysctl'ing both in plug.py and systemd service?11:54
bzhao__hold on, checking the systemd script11:57
*** yamamoto has joined #openstack-lbaas12:11
bzhao__Oh, as the plug.py is for the first VIPPost request and making sure that the kernel setting is good(which is a alternative for pre-setting the kernel), I saw the latest code, johnsom move it when upload_listener_config in util.install_netns_systemd_service(), and just write the script, not exec start/restart.  So I think the script one may make sure they are correct when amp instance reboot, and the plug.py is for12:11
bzhao__running time.  Just a guess. ;-).  Maybe there are some enhance approaches for it.12:11
*** longkb has quit IRC12:23
bzhao__Leaving for home..12:29
*** nmagnezi_ has joined #openstack-lbaas12:30
*** velizarx has quit IRC12:43
*** velizarx has joined #openstack-lbaas12:48
*** yamamoto has quit IRC12:50
*** nmagnezi_ has quit IRC12:51
*** fnaval has joined #openstack-lbaas13:00
*** erjacobs has joined #openstack-lbaas13:32
johnsomYeah, this is a bit funky at the moment.  It was disjoint for haproxy. Basically it is run in plug and written out to systemd for reboots13:43
*** velizarx has quit IRC13:59
*** velizarx has joined #openstack-lbaas14:01
*** celebdor has joined #openstack-lbaas14:17
erjacobsHi, does anyone have a minute to help me create a loadbalancer in devstack? Every time i try and make one the provision_status changes to error14:19
*** nmagnezi_ has joined #openstack-lbaas14:19
*** nmagnezi_ has left #openstack-lbaas14:19
*** nmagnezi_ has joined #openstack-lbaas14:19
*** kobis1 has quit IRC14:25
*** colby_ has quit IRC14:26
*** nmagnezi_ has quit IRC14:30
*** velizarx has quit IRC14:40
openstackgerritZhaoBo proposed openstack/octavia master: [UDP] Support HTTP GET and TCP check in udp healthmonitor  https://review.openstack.org/58918014:46
*** yamamoto has joined #openstack-lbaas14:47
johnsomerjacobs Check the devstack@o-cw log with journalctl "journalctl --u devstack@o-cw | less"14:47
johnsomcgoncalves Trying to catch up, it's the keepalived in CentOs that is seg faulting?14:52
erjacobsthanks johnsom14:57
johnsomNova problem?14:57
bbbbzhao_johnsom:  He was running ipv4 VS, but ipv6 RS, then hit the seg fault.15:04
*** luksky has quit IRC15:05
bbbbzhao_checking the lvs with ipvsadm -Ln, it doesn't support this case, only can see the configured ipv4 VS, no ipv6 RS.15:07
*** celebdor has quit IRC15:07
*** celebdor has joined #openstack-lbaas15:09
*** pcaruana has quit IRC15:12
erjacobsjohnsom the --u flag is ambiguous, my options are '--user' '--utc' '--update-catalog' '--user-unit' '--unit' '--until'15:14
johnsomerjacobs Opps, I meant one dash. Sorry for the typo15:14
erjacobsjohnsom http://paste.openstack.org/show/727420/ , any thoughts?15:16
johnsomerjacobs The key line there is: Nova failed to build the instance due to: 503 Service Unavailable: Service Unavailable: The server is temporarily unable to service your: request due to maintenance downtime or capacity: problems. Please try again later.15:19
johnsomYour nova is not functioning15:19
erjacobsok15:20
erjacobsthanks for the help!15:21
johnsomSure, NP15:21
*** yamamoto has quit IRC15:27
xgerman_R15:42
xgerman_\R15:42
xgerman_learning all about user modes…15:45
johnsomYeah, I need to figure out the private message issue15:51
johnsomLet me know if you come up with the right settings15:51
johnsomI am trying "/mode <username> +R"15:55
openstackgerritGerman Eichberger proposed openstack/octavia master: Allows failover if port is not deallocated by nova  https://review.openstack.org/58586415:58
*** erjacobs has quit IRC16:00
openstackgerritGerman Eichberger proposed openstack/octavia master: Allows failover if port is not deallocated by nova  https://review.openstack.org/58586416:02
*** nmagnezi_ has joined #openstack-lbaas16:08
*** ramishra has quit IRC16:10
bbbbzhao_johnsom:  Hi, Michael, today I just finish coding the HTTP/TCP healthmonitor support in udp, not test the order change and the followup Uts addition. I will continue to do the rest tomorrow. ;-). I have to go, it's nearly 1:00 am, here. My wife will kick me. ;-(.16:42
johnsomOk, thanks!16:45
*** ktibi has quit IRC16:53
bbbbzhao_johnsom:  Thank you very much.16:53
*** luksky has joined #openstack-lbaas16:59
cgoncalvesjohnsom, keepalived seg faulting, yeah. as bbbbzhao_ already wrote, it happened when virtual server ip is v4 and real servers v6. after changing RS to v4, keepalived runs yet I don't see the udp socket open17:09
*** yamamoto has joined #openstack-lbaas17:24
bbbbzhao_cgoncalves: ;-).  Last time, I just download and install a lower version keepalived and test, it works. Before I install that, I found the exist keepalived in centos didn't route any traffic, even though other configs are correct, then I stop the keepalive and just using ipvsadm to config lvs, it works. Then I decided to install another version of keepalived. Just my experience on centos testing.17:24
*** salmankhan has quit IRC17:28
cgoncalvesbbbbzhao_, ok, thanks for that info. I need to spend some time to set up a keepalived+lvs on a full blown centos image17:33
jitekaHello, I've got a question regarding amphora VM creation17:52
jitekaIf octavia-health-manager process is not able to contact the amphora VMs on udp 555517:52
jitekaIs it triggering tasker_flow to revert the LB creation or only octavia-worker is taking the decision to revert everything when amphora are not reachable for too long after build ?17:52
johnsomjiteka It is the octavia-worker that will revert if it cannot make contact with a newly build amphora instance17:54
jitekaok then I understood correctly this part :)17:55
jitekathanks johnsom17:55
johnsomhealth manager will not start tracking the amphora until it has gone Active17:55
jitekaI found a way to avoid octavia worker to revert everything when failing as right now I need time to debug it and ssh on the amphora itself17:57
jitekaBeside the both VMs, associated neutron port and lb-uuid security group, which other resource should I look for when doing the cleaning manually myself ?17:57
*** yamamoto has quit IRC17:57
jitekahttps://docs.openstack.org/octavia/latest/configuration/configref.html#task_flow.disable_revert17:58
johnsomRight, that is the right key to disable reverts.17:58
johnsomI think that is the list, but I may be forgetting something17:58
jitekahmm server group too18:09
jiteka:)18:09
*** amuller has quit IRC18:25
*** ctracey has quit IRC18:41
*** ctracey has joined #openstack-lbaas18:42
*** numans has quit IRC18:54
*** yamamoto has joined #openstack-lbaas19:17
*** abaindur has joined #openstack-lbaas19:29
*** yamamoto has quit IRC19:31
*** yamamoto has joined #openstack-lbaas19:36
*** yamamoto has quit IRC19:47
*** kobis1 has joined #openstack-lbaas19:59
*** kobis1 has quit IRC20:15
*** rtjure has joined #openstack-lbaas20:31
johnsomcgoncalves You wouldn't happen to have that amp still around would you?  Curious what the amphora-netns systemd log said.20:31
*** celebdor has quit IRC21:07
*** harlowja has joined #openstack-lbaas21:21
openstackgerritNir Magnezi proposed openstack/octavia master: DNM: Leave VIP NIC plugging for keepalived  https://review.openstack.org/58929221:32
openstackgerritNir Magnezi proposed openstack/octavia master: DNM: Leave VIP NIC plugging for keepalived  https://review.openstack.org/58929221:33
*** yamamoto has joined #openstack-lbaas21:41
*** nmagnezi_ has quit IRC21:49
*** yamamoto has quit IRC21:51
*** rcernin has joined #openstack-lbaas22:15
*** fnaval has quit IRC22:22
*** luksky has quit IRC22:25
*** yamamoto has joined #openstack-lbaas22:43
*** yamamoto has quit IRC22:47
openstackgerritMerged openstack/octavia master: Cleanup Octavia create VIP ports on LB delete  https://review.openstack.org/58116823:07
openstackgerritMerged openstack/octavia master: Clarify that the driver support library is interim  https://review.openstack.org/58832023:07
*** hvhaugwitz has quit IRC23:23
openstackgerritMichael Johnson proposed openstack/octavia master: Followup patch for UDP support  https://review.openstack.org/58769023:23
openstackgerritMichael Johnson proposed openstack/octavia master: Followup patch for UDP support  https://review.openstack.org/58769023:30
*** hvhaugwitz has joined #openstack-lbaas23:35
« Sunday, 2018-08-05 Index Tuesday, 2018-08-07 »

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!