Hi,


Dnia poniedziaƂek, 11 marca 2024 11:57:44 CET Mika Saari pisze:

> Hi,

>

>   I am using latest kolla-ansible installation. Network is in openvswitch

> type.  My question is related to my provider network with VLAN type

> (external HW router, external DHCP, ...). The network is directly connected

> to the hardware through HW switch <-tagged-> bond0 <-> br-ex1 <->

> openvswitch.

>

>   When I create a new instance (cirros) to this provider network the

> instance can not connect to the metadata server during the bootup.


Metadata server is typically running inside Neutron router's namespace or, in case of isolated networks in the network's dhcp namespace created by the dhcp agent.

It will not be available if You have external dhcp server and instances plugged directly into the provider network (which I assume is not connected to any router in neutron).

You will need to use config-drive instead of metadata server in such case.

There is ongoing work [1] to provide "distributed metadata" which would be then provided directly by the neutron-openvswitch-agent but it's not completed yet (and there is no progress on it recently).


> The dhcp

> is trying to fetch the address, and I can sniff the data in bond0, br-ex1,

> br-int and br-tun and the dhcp request leaves the hardware, DHCP server

> sends the reply, but the reply wont go through back to the instance.


Where those replies are dropped? On the bond0 or somewhere in the Openvswitch?

Did You try to disable port_security for the port (or allow all ingress traffic in You security group) to make sure that SGs aren't dropping those replies?


> If I

> force a static IP to this cirros instance and try pinging the network, the

> ICMP doesn't leave the bond0. After around 15 minutes the network starts

> suddenly to work and dhcp reply goes through and the instance gets the

> dynamic IP. After this the whole network starts to work fluently.

>

>   Any ideas what might be the problem?

>

>   Thank you very much!

>


[1] https://review.opendev.org/q/topic:%22distributed_metadata_data_path%22


--

Slawek Kaplonski

Principal Software Engineer

Red Hat