<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi,<div class=""><br class=""></div><div class="">keepalived 1:1.2.7-1ubuntu</div><div class=""><br class=""></div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">Le 22 juin 2016 à 15:41, Anna Kamyshnikova <<a href="mailto:akamyshnikova@mirantis.com" class="">akamyshnikova@mirantis.com</a>> a écrit :</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Hi!<br class=""><br class=""><div class="">What Keepalived version is used?</div></div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Wed, Jun 22, 2016 at 4:24 PM, fabrice grelaud <span dir="ltr" class=""><<a href="mailto:fabrice.grelaud@u-bordeaux.fr" target="_blank" class="">fabrice.grelaud@u-bordeaux.fr</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word" class="">Hi,<div class=""><br class=""></div><div class="">we deployed our openstack infrastructure with your « exciting » project openstack-ansible (mitaka 13.1.2) but we have some problems with L3HA after create router.</div><div class=""><br class=""></div><div class="">Our infra (closer to the doc):</div><div class="">3 controllers nodes (with bond0 (br-mgmt, br-storage), bond1 (br-vxlan, br-vlan))</div><div class="">2 compute nodes (same for network)</div><div class=""><br class=""></div><div class="">We create an external network (vlan type), an internal network (vxlan type) and a router connected to both networks.</div><div class="">And when we launch an instance (cirros), we can’t receive an ip on the vm.</div><div class=""><br class=""></div><div class="">We have:</div><div class=""><br class=""></div><div class=""><div class="">root@p-osinfra03-utility-container-783041da:~# neutron l3-agent-list-hosting-router router-bim</div><div class="">+--------------------------------------+-----------------------------------------------+----------------+-------+----------+</div><div class="">| id | host | admin_state_up | alive | ha_state |</div><div class="">+--------------------------------------+-----------------------------------------------+----------------+-------+----------+</div><div class="">| 3c7918e5-3ad6-4f82-a81b-700790e3c016 | p-osinfra01-neutron-agents-container-f1ab9c14 | True | :-) | active |</div><div class="">| f2bf385a-f210-4dbc-8d7d-4b7b845c09b0 | p-osinfra02-neutron-agents-container-48142ffe | True | :-) | active |</div><div class="">| 55350fac-16aa-488e-91fd-a7db38179c62 | p-osinfra03-neutron-agents-container-2f6557f0 | True | :-) | active |</div><div class="">+--------------------------------------+-----------------------------------------------+----------------+-------+—————+</div></div><div class=""><br class=""></div><div class="">I know, i got a problem now because i should have :-) active, :-) standby, :-) standby… Snif...</div><div class=""><br class=""></div><div class=""><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">root@p-osinfra01-neutron-agents-container-f1ab9c14:~# ip netns</span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">qrouter-eeb2147a-5cc6-4b5e-b97c-07cfc141e8e6</span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">qdhcp-0ba266fb-15c4-4566-ae88-92d4c8fd2036</span></div></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class=""><br class=""></span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class=""><div style="margin:0px;line-height:normal" class=""><span class="">root@p-osinfra01-neutron-agents-container-f1ab9c14:~# ip netns exec qrouter-eeb2147a-5cc6-4b5e-b97c-07cfc141e8e6 ip a sh</span></div><div style="margin:0px;line-height:normal" class=""><span class="">1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default </span></div><div style="margin:0px;line-height:normal" class=""><span class=""> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet <a href="http://127.0.0.1/8" target="_blank" class="">127.0.0.1/8</a> scope host lo</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet6 ::1/128 scope host </span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class="">2: ha-4a5f0287-91@if6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP group default qlen 1000</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> link/ether fa:16:3e:c2:67:a9 brd ff:ff:ff:ff:ff:ff</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet <a href="http://169.254.192.1/18" target="_blank" class="">169.254.192.1/18</a> brd 169.254.255.255 scope global ha-4a5f0287-91</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet <a href="http://169.254.0.1/24" target="_blank" class="">169.254.0.1/24</a> scope global ha-4a5f0287-91</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet6 fe80::f816:3eff:fec2:67a9/64 scope link </span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class="">3: qr-44804d69-88@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP group default qlen 1000</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> link/ether fa:16:3e:a5:8c:f2 brd ff:ff:ff:ff:ff:ff</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet <a href="http://192.168.100.254/24" target="_blank" class="">192.168.100.254/24</a> scope global qr-44804d69-88</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet6 fe80::f816:3eff:fea5:8cf2/64 scope link </span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class="">4: qg-c5c7378e-1d@if12: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> link/ether fa:16:3e:b6:4c:97 brd ff:ff:ff:ff:ff:ff</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet <a href="http://147.210.240.11/23" target="_blank" class="">147.210.240.11/23</a> scope global qg-c5c7378e-1d</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet <a href="http://147.210.240.12/32" target="_blank" class="">147.210.240.12/32</a> scope global qg-c5c7378e-1d</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class=""> inet6 fe80::f816:3eff:feb6:4c97/64 scope link </span></div><div style="margin:0px;line-height:normal" class=""><span class=""> valid_lft forever preferred_lft forever</span></div><div style="margin:0px;line-height:normal" class=""><span class=""><br class=""></span></div><div style="margin:0px;line-height:normal" class="">Same result on infra02 and infra03, qr and qg interfaces have the same ip, and ha interfaces the address 169.254.0.1.</div><div style="margin:0px;line-height:normal" class=""><br class=""></div></span></div><div class="">If we stop 2 neutron agent containers (p-osinfra02, p-osinfra03) and we restart the first (p-osinfra01), we can reboot the instance and we got an ip, a floating ip and we can access by ssh from internet to the vm. (Note: after few time, we loss our connectivity too).</div><div class=""><br class=""></div><div class="">But if we restart the two containers, we got a ha_state to « standby » until the three become « active » and finally we have the problem again.</div><div class=""><br class=""></div><div class="">The three routers on infra 01/02/03 are seen as master.</div><div class=""><br class=""></div><div class="">If we ping from our instance to the router (internal network 192.168.100.4 to 192.168.100.254) we can see some ARP Request</div><div class=""><div class="">ARP, Request who-has 192.168.100.254 tell 192.168.100.4, length 28</div><div class="">ARP, Request who-has 192.168.100.254 tell 192.168.100.4, length 28</div><div class="">ARP, Request who-has 192.168.100.254 tell 192.168.100.4, length 28</div></div><div class=""><br class=""></div><div class="">And on the compute node we see all these frames on the various interfaces tap / vxlan-89 / br-vxlan / bond1.vxlanvlan / bond1 / em2 but nothing back.</div><div class=""><br class=""></div><div class="">We also have on ha interface, on each router, the VRRP communication (heartbeat packets over a hidden project network that connects all ha routers (vxlan 70) ) . Priori as normal, each router thinks to be master.</div><div class=""> </div><div class=""><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">root@p-osinfra01-neutron-agents-container-f1ab9c14:~# ip netns exec qrouter-eeb2147a-5cc6-4b5e-b97c-07cfc141e8e6 tcpdump -nl -i ha-4a5f0287-91</span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">tcpdump: verbose output suppressed, use -v or -vv for full protocol decode</span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">listening on ha-4a5f0287-91, link-type EN10MB (Ethernet), capture size 65535 bytes</span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">IP 169.254.192.1 > <a href="http://224.0.0.18/" target="_blank" class="">224.0.0.18</a>: VRRPv2, Advertisement, vrid 1, prio 50, authtype simple, intvl 2s, length 20</span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">IP 169.254.192.1 > <a href="http://224.0.0.18/" target="_blank" class="">224.0.0.18</a>: VRRPv2, Advertisement, vrid 1, prio 50, authtype simple, intvl 2s, length 20</span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">IP 169.254.192.1 > <a href="http://224.0.0.18/" target="_blank" class="">224.0.0.18</a>: VRRPv2, Advertisement, vrid 1, prio 50, authtype simple, intvl 2s, length 20</span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class="">IP 169.254.192.1 > <a href="http://224.0.0.18/" target="_blank" class="">224.0.0.18</a>: VRRPv2, Advertisement, vrid 1, prio 50, authtype simple, intvl 2s, length 20</span></div></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class=""><br class=""></span></div><div style="margin:0px;font-size:11px;line-height:normal;font-family:Menlo" class=""><span class=""><div style="margin:0px;line-height:normal" class=""><span class="">root@p-osinfra02-neutron-agents-container-48142ffe:~# ip netns exec qrouter-eeb2147a-5cc6-4b5e-b97c-07cfc141e8e6 tcpdump -nt -i ha-4ee5f8d0-7f</span></div><div style="margin:0px;line-height:normal" class=""><span class="">tcpdump: verbose output suppressed, use -v or -vv for full protocol decode</span></div><div style="margin:0px;line-height:normal" class=""><span class="">listening on ha-4ee5f8d0-7f, link-type EN10MB (Ethernet), capture size 65535 bytes</span></div><div style="margin:0px;line-height:normal;min-height:13px" class="">IP 169.254.192.3 > <a href="http://224.0.0.18/" target="_blank" class="">224.0.0.18</a>: VRRPv2, Advertisement, vrid 1, prio 50, authtype simple, intvl 2s, length 20<span class=""></span></div><div style="margin:0px;line-height:normal;min-height:13px" class="">IP 169.254.192.3 > <a href="http://224.0.0.18/" target="_blank" class="">224.0.0.18</a>: VRRPv2, Advertisement, vrid 1, prio 50, authtype simple, intvl 2s, length 20<span class=""></span></div><div style="margin:0px;line-height:normal" class=""><span class="">IP 169.254.192.3 > <a href="http://224.0.0.18/" target="_blank" class="">224.0.0.18</a>: VRRPv2, Advertisement, vrid 1, prio 50, authtype simple, intvl 2s, length 20</span></div><div style="margin:0px;line-height:normal" class=""><span class="">IP 169.254.192.3 > <a href="http://224.0.0.18/" target="_blank" class="">224.0.0.18</a>: VRRPv2, Advertisement, vrid 1, prio 50, authtype simple, intvl 2s, length 20</span></div><div style="margin:0px;line-height:normal" class=""><span class="">IP 169.254.192.3 > <a href="http://224.0.0.18/" target="_blank" class="">224.0.0.18</a>: VRRPv2, Advertisement, vrid 1, prio 50, authtype simple, intvl 2s, length 20</span></div></span></div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">Someone could tell me if he has already encountered this problem ?</div><div class="">The infra and compute nodes are connected to a nexus 9000 switch.</div><div class=""><br class=""></div><div class="">Thank you in advance for taking the time to study my request.</div><span class="HOEnZb"><font color="#888888" class=""><div class=""><br class=""></div><div class="">Fabrice Grelaud</div><div class="">Université de Bordeaux</div><div class=""><br class=""></div></font></span></div><br class="">__________________________________________________________________________<br class="">
OpenStack Development Mailing List (not for usage questions)<br class="">
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org/?subject:unsubscribe" rel="noreferrer" target="_blank" class="">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br class="">
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank" class="">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br class="">
<br class=""></blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div>-- <br class=""><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr" class="">Regards,<div class="">Ann Kamyshnikova</div><div class="">Mirantis, Inc</div></div></div>
</div>
__________________________________________________________________________<br class="">OpenStack Development Mailing List (not for usage questions)<br class="">Unsubscribe: <a href="mailto:OpenStack-dev-request@lists.openstack.org" class="">OpenStack-dev-request@lists.openstack.org</a>?subject:unsubscribe<br class=""><a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" class="">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br class=""></div></blockquote></div><br class=""></div></body></html>