On Thu, Aug 25, 2022 at 11:31 AM Satish Patel <satish.txt@gmail.com> wrote:

Hi Luis,

Very interesting, you are saying it will only expose tenant ip on gateway port node? Even we have DVR setup in cluster correct?

Almost. The path is the same as in a DVR setup without BGP (with the difference you can reach the internal IP). In a DVR setup, when the VM is in a tenant network, without a FIP, the traffic goes out through the cr-lrp (ovn router gateway port), i.e., the node hosting that port which is connecting the router where the subnet where the VM is to the provider network.

Note this is a limitation due to how ovn is used in openstack neutron, where traffic needs to be injected into OVN overlay in the node holding the cr-lrp. We are investigating possible ways to overcome this limitation and expose the IP right away in the node hosting the VM.

Does gateway node going to expose ip for all other compute nodes?

What if I have multiple gateway node?

No, each router connected to the provider network will have its own ovn router gateway port, and that can be allocated in any node which has "enable-chassis-as-gw". What is true is that all VMs in a tenant networks connected to the same router, will be exposed in the same location .

Did you configure that flag on all node or just gateway node?

I usually deploy with 3 controllers which are also my "networker" nodes, so those are the ones having the enable-chassis-as-gw flag.

Sent from my iPhone

On Aug 25, 2022, at 4:14 AM, Luis Tomas Bolivar <ltomasbo@redhat.com> wrote:

I tested it locally and it is exposing the IP properly in the node where the ovn router gateway port is allocated. Could you double check if that is the case in your setup too?

On Wed, Aug 24, 2022 at 8:58 AM Luis Tomas Bolivar <ltomasbo@redhat.com> wrote:

On Tue, Aug 23, 2022 at 6:04 PM Satish Patel <satish.txt@gmail.com> wrote:
Folks,

I am setting up ovn-bgp-agent lab in "BGP mode" and i found everything working great except expose tenant network https://ltomasbo.wordpress.com/2021/02/04/ovn-bgp-agent-testing-setup/

Lab Summary:

1 controller node
3 compute node

ovn-bgp-agent running on all compute node because i am using "enable_distributed_floating_ip=True"

ovn-bgp-agent config:

[DEFAULT]
debug=False
expose_tenant_networks=True
driver=ovn_bgp_driver
reconcile_interval=120
ovsdb_connection=unix:/var/run/openvswitch/db.sock

I am not seeing my vm on tenant ip getting exposed but when i attach FIP which gets exposed in loopback address. here is the full trace of debug logs: https://paste.opendev.org/show/buHiJ90nFgC1JkQxZwVk/

It is not exposed in any node, right? Note when expose_tenant_network is enabled, the traffic to the tenant VM is exposed in the node holding the cr-lrp (ovn router gateway port) for the router connecting the tenant network to the provider one.

The FIP will be exposed in the node where the VM is.

On the other hand, the error you see there should not happen, so I'll investigate why that is and also double check if the expose_tenant_network flag is broken somehow.

Thanks!

--
LUIS TOMÁS BOLÍVAR
Principal Software Engineer
Red Hat
Madrid, Spain
ltomasbo@redhat.com

--
LUIS TOMÁS BOLÍVAR
Principal Software Engineer
Red Hat
Madrid, Spain
ltomasbo@redhat.com

LUIS TOMÁS BOLÍVAR
Principal Software Engineer
Red Hat
Madrid, Spain
ltomasbo@redhat.com