Thursday, 2022-06-02

« Wednesday, 2022-06-01 Index Friday, 2022-06-03 »
*** ysandeep|out is now known as ysandeep05:21
*** ysandeep is now known as ysandeep|afk06:44
*** ysandeep|afk is now known as ysandeep07:31
*** ysandeep is now known as ysandeep|break10:49
*** ysandeep|break is now known as ysandeep11:27
*** ysandeep is now known as ysandeep|afk13:06
*** ysandeep|afk is now known as ysandeep14:28
*** ysandeep is now known as ysandeep|out15:38
guesswhatAnyone is using Kolla and Octavia? I need help to setup connection for worker and healthcheck19:16
johnsomPeople are, but I don't know how many are around the channel right now.19:17
guesswhatOh, Its really hard to "transfer" the solution from other deployments method than kolla..19:25
guesswhatI found out that  hm-0 interface is working in Kolla for OVS, but its unreliable, systemd service ( https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/octavia/templates/octavia-interface.service.j2 fails often , that's why there are advising not to use it.. , but there isn't bettion solution in Kolla docs19:28
guesswhat*they are19:28
johnsomHmm, interesting. if you want to debug the systemd service I will look at it with you.19:29
johnsomOne thing I see is they are using DHCP, which, isn't necessary but should work fine.19:29
guesswhatI added Restart=on-failure, cuz its failing, cuz at the boot time, there isn't usually hm-0 interface19:32
guesswhatBut I dont feel like this is correct solution19:32
guesswhatSometimes balancers ended in Pending Update or Error state, so its by default unreliable19:33
guesswhatThans, but I will have to find another soltuion19:33
guesswhatjohnsom: From Kolla docs ...   Sometimes an interface used for Neutron external networking may also be used20:00
guesswhatfor other traffic. Plugging an interface directly into a bridge would prevent20:00
guesswhatus from having a usable IP address on the interface. One solution to this issue20:00
guesswhatis to use an intermediate Linux bridge and virtual Ethernet pair, then assign20:00
guesswhatIP addresses on the Linux bridge. This setup is supported by20:00
guesswhat:kayobe-doc:`Kayobe </>`. It is out of scope here, as it is non-trivial to set20:00
guesswhatup in a persistent manner.20:00
johnsomHmm, yeah, with linux bridge that can be an issue.20:03
guesswhatjohnsom: what if I create external flat network just for octavia management network, how can i add port with static IP to controller to be able to reach lb-mgmt-net network?20:36
johnsomJust like you would for any normal network port on a host right? netplan or network manager configuration in your OS.20:37
guesswhatbut this involves virtual interface, isnt it?20:39
guesswhati still not fully understand to ports, but basically it will generate mac address and i would be able to use that mac address in NIC on host, correct ?20:40
johnsomOnly if your controller is inside a container or something, if it's just running on a the host, you just add a network interface for the new flat network20:40
guesswhatso its the dummy interface, which will be represneted as port in flat external network, right?20:41
guesswhatbut the interface must be added manually with same mac address that port would generate20:41
johnsomNo, it would be a real interface.20:41
johnsomSo, let's say you are running your controller processes in a VM and your compute in another VM.20:42
johnsomYou would go to your hypervisor, create a new "network" for this flat network in neutron.20:42
johnsomYou would modify your controller VM to have a port on this new network directly. The OS will see the new device and add an eth100 or ens1000 or something.20:43
johnsomThen do the same on the compute VMs.20:44
johnsomThen in neutron create an lb-mgmt-net network that is bound to the phys port you just created on the compute VMs.20:44
guesswhatI have this done, problem is that this interface can not have IP address on host, so I need to somehow be able to route to this network from host20:45
johnsomConfigure Octavia to use this lb-mgmt-net, setup netplan to enable the interface on your controllers at boot and assign an IP.20:45
johnsomDon't forget to set neutron to do DHCP on that network, or have your hypervisor do it so the amps get an IP20:45
guesswhatThats the problem, Kolla does not recomment setting IP for interface which is plugged to OVS bridge20:46
guesswhat*recommend20:46
johnsomWhy not? It's just a "virtual" network interface port like your RJ45 on the back.20:46
johnsomBut you asked about a flat network, which doesn't use OVS, it uses an outside switch, hardware or provided by your hypervisor.20:47
guesswhatIts plugged https://pastebin.com/raw/wfkfyqjP20:50
guesswhathttps://docs.openstack.org/kolla-ansible/latest/reference/networking/neutron.html#example-multiple-interfaces20:50
johnsomYeah, I can't help you with the kolla issues. I have not done anything with it.20:52
johnsomHere is a basic description of a "flat" network: https://docs.rackspace.com/blog/neutron-networking-simple-flat-network/20:52
johnsomThe later section of that doc for "configuring" may not apply here20:53
johnsomIt's also a very old doc20:54
guesswhatIsnt possible to create NIC from external flat network to host ? For example via port? That would solve my problem...20:55
johnsomYeah, that is what I described above20:56
guesswhatI need to create NIC from Openstack and assign it a static IP, then I would be able to set bind address for worker and healthcheck and maybe it will work20:58
guesswhatOr maybe use vlan instead of flat and create vlan NIC directly from trunk vlan and somehow map it to a port in octavia network20:59
guesswhatI am missing a part where is additional nic assigned to a port to be able to communicate with rest of the octavia network20:59
johnsomhttps://docs.openstack.org/neutron/yoga/admin/intro-os-networking.html#provider-networks21:01
johnsomhttps://docs.openstack.org/install-guide/launch-instance-networks-provider.html21:02
guesswhat"A port is a connection point for attaching a single device, such as the NIC of a virtual server, to a virtual network."  So the NIC must exist, its not created by Openstack21:02
johnsomRight, it is created by either a physical network card in the host, or via a hypervisor adding a virtual network card to the VM21:03
guesswhatSo in case of flat network I have to add another NIC to VM ( 1 for flat network and 1 with static IP which is blocklisted from octavia network and somehow map a port to this NIC ). Correct?21:05
johnsomYes21:05
johnsomYou got it21:06
guesswhatI think that VLAN would be better solution as it involves only one NIC (eth1) which is mapped as vlan external with range lets 100:500 . Then I can create NIC (eth1.400 ) with vlan 400 from eth1 a set a static IP to it... Octavia network would use 400 vlan tag and its the same, only difference is there is physically plugged only one NIC to the VM21:09
guesswhatinstead of two and I can use it with other tags for another networks, correct ?21:09
johnsomYeah, should work fine21:09
guesswhatOf course these are virtual interfaces in my hypervisor, but using single one would be proly better solution...21:10
guesswhatJust one more thing, what should I use for openstack port create? Should I specify IP ( Static ), MAC of eth1.400 and what about VNIC type? Direct ?21:11
guesswhatjohnsom here https://pastebin.com/raw/3jixSa8q  , will it work ?21:49
guesswhathmm, seems that ist not possible to change MAC address, ens20 and trunk.octavia shares same MAC, not sure how to bind port for this NIC then21:54
johnsomI'm not sure why you need to create ports in neutron for the controllers when using a provider network for the controllers. netplan should already have an interface the controllers can use21:58
guesswhatthere will be no route21:59
guesswhateth1.400 can not reach octavia network even if its provider network22:00
johnsomWhy not? It's a local interface so it will have an IP directly on the network22:00
guesswhatping -I trunk.octavia 192.168.0.176 -> From 192.168.0.10 icmp_seq=1 Destination Host Unreachable22:02
johnsomYour controller0 host has eth1.400 interface right? Just setup the IP on it for 192.168.0.10 and you should be all set22:03
guesswhatI have this, its even visible in my snippt22:05
johnsomWhat is 192.168.0.176?22:05
johnsomYeah, I expanded the snippet to see.22:05
guesswhatIP of LB on Octavia Network ( actually LB is deployed in demo net )22:05
johnsomYou can't ping the LBs22:06
johnsomThe security group doesn't allow ICMP ping/echo22:06
guesswhatI disabled security just for test22:06
guesswhatThis is from octavia-worker: Could not connect to instance. Retrying.: requests.exceptions.ConnectionError: HTTPSConnectionPool(host='192.168.0.176', port=9443): Max retries exceeded with url: // (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7fa21074a2e0>: Failed to establish a new connection: [Errno 113] No route22:06
guesswhatto host'))22:06
johnsomok.22:06
guesswhatUbuntu does not know how to route to octavia network, even if ens20 is vlan, external network and trunk.octavia is interface assigned with IP from octavia network range22:07
guesswhatMaybe I would need to "physically" add interface, maybe this setup ( NIC + VNIC(VLAN) ) is not supported22:08
johnsomSo, from controller 0, "sudo ip route" doesn't show a local route for 192.168.0.0/16 ?22:09
johnsomWhat does "ifconfig  eth1.400 " say?22:09
guesswhatbut there is no route for 192.168.0.0/16 , who or what should set it? there isn't any gateway22:14
johnsomYeah, there should be no gateway22:15
johnsomThe kernel sets the route when the interface is brought up. What does your "ifconfig eth1.400" say?22:15
guesswhathttps://pastebin.com/raw/wctV3rSJ22:16
guesswhateth1.400 = trunk.octavia22:17
guesswhathttps://pastebin.com/raw/fifTpPSi22:17
guesswhatsee, no route22:18
guesswhatso how should NIC route if there is no gateway set...22:18
johnsomIt's the last line. 22:19
johnsom192.168.0.0/24 dev trunk.octavia proto kernel scope link src 192.168.0.1022:19
johnsomGateways are only needed if you have a router to get to another subnet. This network doesn't need to get outside the subnet, so has no router and no gateway address to point to the router22:19
guesswhatoh, thats true22:20
johnsomSo, this all looks correct to me. I am thinking the neutron/compute node side is the problem.22:20
guesswhathttps://ibb.co/k2DXz5c, https://ibb.co/7z2kR6y22:21
guesswhatMaybe I need to start from scratch...22:23
johnsomAnd in neutron you configured physnet2 to point to trunk.octavia?22:24
johnsomor I guess ens20 actually22:24
johnsomphysical_interface_mappings = physnet2:ens2022:25
johnsomsomething like that22:25
guesswhatyes22:26
guesswhatm22:26
guesswhathttps://pastebin.com/raw/XgMkvcvr22:26
guesswhatbridge_mappings = physnet1:br-ex1,physnet2:br-ex222:27
guesswhat:network_vlan_ranges = physnet2:100:50022:27
johnsomYeah, hmm. It might be interesting to setup the port on controller 1 and see if the two controllers can ping each other22:28
johnsomsince we see traffic on that port, it seems like it should be able to 22:28
guesswhati will start again, proly i will skip octavia and will setup external network just like in this case, but with nova only22:29
johnsomOk22:31
guesswhatthanks for your help22:35
« Wednesday, 2022-06-01 Index Friday, 2022-06-03 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!