<div dir="ltr">The node will PXE boot, but having the provisioning network separate from the control plane network, and having a specific route back to the remote subnet causes a LOT of issues. <div><br></div><div>With the specific route, the remote node will PXE boot but not talk to the ironic API service on the controller node. </div><div>Without the specific route, the remote node can talk to the ironic API but cannot PXE boot off the provisioning network. </div><div><br></div><div>Unless I add a bunch of network namespace stuff, the simple answer is to move <i>everything</i> onto the control plane. The docs dissuade against this, however, apparently for security reasons. </div><div><br></div><div>Moving everything onto the control plane network seems to be the obvious but less desirable choice. </div><div><br></div><div>Tom King</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Aug 4, 2020 at 4:22 PM Thomas King <<a href="mailto:thomas.king@gmail.com">thomas.king@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Getting closer. I was able to create the segment and the subnet for the remote network on that segment. <div><br></div><div>When I attempted to provide the baremetal node, Neutron is unable to create/attach a port to the remote node: <br>WARNING ironic.common.neutron [req-b3f373fc-e76a-4c13-9ebb-41cfc682d31b 4946f15716c04f8585d013e364802c6c 1664a38fc668432ca6bee9189be142d9 - default default] The local_link_connection is required for 'neutron' network interface and is not present in the nodes 3ed87e51-00c5-4b27-95c0-665c8337e49b port ccc335c6-3521-48a5-927d-d7ee13f7f05b<br></div><div><br></div><div>I changed its network interface from neutron back to flat and it went past this. I'm now waiting to see if the node will PXE boot. </div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Aug 4, 2020 at 1:41 PM Thomas King <<a href="mailto:thomas.king@gmail.com" target="_blank">thomas.king@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Changing the ml2 flat_networks from specific physical networks to a wildcard allowed me to create a segment. I may be unstuck. <div><br></div><div>New config: </div><div><span>[ml2_type_flat]</span><br>flat_networks=*<br></div><div><br></div><div>Now to try creating the subnet and try a remote provision. </div><div><br></div><div>Tom King</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 3, 2020 at 3:58 PM Thomas King <<a href="mailto:thomas.king@gmail.com" target="_blank">thomas.king@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I've been using named physical networks so long, I completely forgot using wildcards! <div><br></div><div>Is this the answer????</div><div><a href="https://docs.openstack.org/mitaka/config-reference/networking/networking_options_reference.html#modular-layer-2-ml2-flat-type-configuration-options" target="_blank">https://docs.openstack.org/mitaka/config-reference/networking/networking_options_reference.html#modular-layer-2-ml2-flat-type-configuration-options</a><br></div><div><br></div><div>Tom King</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 28, 2020 at 3:46 PM Thomas King <<a href="mailto:thomas.king@gmail.com" target="_blank">thomas.king@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Ruslanas has been a tremendous help. To catch up the discussion lists...<div>1. I enabled Neutron segments. </div><div>2. I renamed the existing segments for each network so they'll make sense. </div><div>3. I attempted to create a segment for a remote subnet (it is using DHCP relay) and this was the error that is blocking me. This is where the docs do not cover:</div><div>[root@sea-maas-controller ~(keystone_admin)]# openstack network segment create --physical-network remote146-30-32 --network-type flat --network baremetal seg-remote-146-30-32<br>BadRequestException: 400: Client Error for url: <a href="http://10.146.30.65:9696/v2.0/segments" target="_blank">http://10.146.30.65:9696/v2.0/segments</a>, Invalid input for operation: physical_network 'remote146-30-32' unknown for flat provider network.<br></div><div><br></div><div>I've asked Ruslanas to clarify how their physical networks correspond to their remote networks. They have a single provider network and multiple segments tied to multiple physical networks. </div><div><br></div><div>However, if anyone can shine some light on this, I would greatly appreciate it. How should neutron's configurations accommodate remote networks<->Neutron segments when I have only one physical network attachment for provisioning? </div><div><br></div><div>Thanks!</div><div>Tom King</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Jul 15, 2020 at 3:33 PM Thomas King <<a href="mailto:thomas.king@gmail.com" target="_blank">thomas.king@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">That helps a lot, thank you! <div><br></div><div>"I use only one network..." </div><div>This bit seems to go completely against the Neutron segments documentation. When you have access, please let me know if Triple-O is using segments or some other method. </div><div><br></div><div>I greatly appreciate this, this is a tremendous help. </div><div><br></div><div>Tom King</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Jul 15, 2020 at 1:07 PM Ruslanas Gžibovskis <<a href="mailto:ruslanas@lpic.lt" target="_blank">ruslanas@lpic.lt</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">Hi Thomas,<div dir="auto"><br></div><div dir="auto">I have a bit complicated setup from tripleo side :) I use only one network (only ControlPlane). thanks to Harold, he helped to make it work for me. </div><div dir="auto"><br></div><div dir="auto">Yes, as written in the tripleo docs for leaf networks, it use the same neutron network, different subnets. so neutron network is ctlplane (I think) and have ctlplane-subnet, remote-provision and remote-KI :)) that generates additional lines in "ip r s" output for routing "foreign" subnets through correct gw, if you would have isolated networks, by vlans and ports this would apply for each subnet different gw... I believe you know/understand that part.</div><div dir="auto"><br></div><div dir="auto">remote* subnets have dhcp-relay setup by network team... do not ask details for that. I do not know how to, but can ask :)</div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">in undercloud/tripleo i have 2 dhcp servers, one is for introspection, another for provide/cleanup and deployment process.</div><div dir="auto"><br></div><div dir="auto">all of those subnets have organization level tagged networks and are tagged on network devices, but they are untagged on provisioning interfaces/ports, as in general pxe should be untagged, but some nic's can do vlan untag on nic/bios level. but who cares!?</div><div dir="auto"><br></div><div dir="auto">I just did a brief check on your first post, I think I have simmilar setup to yours :)) I will check in around 12hours :)) more deaply, as will be at work :)))</div><div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">P.S. sorry for wrong terms, I am bad at naming.</div><br><br><div class="gmail_quote" dir="auto"><div dir="ltr" class="gmail_attr">On Wed, 15 Jul 2020, 21:13 Thomas King, <<a href="mailto:thomas.king@gmail.com" rel="noreferrer" target="_blank">thomas.king@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Ruslanas, that would be excellent! <br><div><br></div><div>I will reply to you directly for details later unless the maillist would like the full thread. </div><div><br></div><div>Some preliminary questions: </div><div><ul><li>Do you have a separate physical interface for the segment(s) used for your remote subnets? <br>The docs state each segment must have a unique physical network name, which suggests a separate physical interface for each segment unless I'm misunderstanding something.</li><li>Are your provisioning segments all on the same Neutron network? </li><li>Are you using tagged switchports or access switchports to your Ironic server(s)?</li></ul><div>Thanks, </div></div><div>Tom King</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Jul 15, 2020 at 12:26 AM Ruslanas Gžibovskis <<a href="mailto:ruslanas@lpic.lt" rel="noreferrer noreferrer" target="_blank">ruslanas@lpic.lt</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I have deployed that with tripleO, but now we are recabling and redeploying it. So once I have it running I can share my configs, just name which you want :)</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 14 Jul 2020 at 18:40, Thomas King <<a href="mailto:thomas.king@gmail.com" rel="noreferrer noreferrer" target="_blank">thomas.king@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">I have. That's the Triple-O docs and they don't go through the normal .conf files to explain how it works outside of Triple-O. It has some ideas but no running configurations. <div><br></div><div>Tom King</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jul 14, 2020 at 3:01 AM Ruslanas Gžibovskis <<a href="mailto:ruslanas@lpic.lt" rel="noreferrer noreferrer" target="_blank">ruslanas@lpic.lt</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">hi, have you checked:
<a href="https://docs.openstack.org/project-deploy-guide/tripleo-docs/latest/features/routed_spine_leaf_network.html" rel="noreferrer noreferrer" target="_blank">https://docs.openstack.org/project-deploy-guide/tripleo-docs/latest/features/routed_spine_leaf_network.html</a> ?<div>I am following this link. I only have one network, having different issues tho ;)<span style="color:rgb(51,51,51);font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,"Helvetica Neue",sans-serif;font-size:14px"> </span></div></div></blockquote></div></blockquote></div></blockquote></div>
</blockquote></div></div>
</blockquote></div>
</blockquote></div>
</blockquote></div>
</blockquote></div>
</blockquote></div>
</blockquote></div>