The way we've done it is to have a vlan tagged interface on the controllers with an IP on the lb-mgmt-network. It's simpler to setup than trying to plug in an ovs interface in on the controllers and making it work that way. ________________________________ From: Oliver Weinmann <oliver.weinmann@me.com> Sent: 16 August 2022 06:51 To: Stuart Whitman <swhitman@groupw.com> Cc: openstack-discuss@lists.openstack.org <openstack-discuss@lists.openstack.org> Subject: Re: [kolla-ansible][octavia] need networking help CAUTION: This email originates from outside THG ________________________________ Hi, Yes this is not really documented. I used the following guide: https://cloudbase.it/openstack-on-arm64-lbaas/<https://cloudbase.it/openstack-on-arm64-lbaas/> It is for Arm, but the setup is the same. It basically describes how to create additional virtual Interfaces. If this is not working, and you have spare physical Interfaces, try to use them instead of virtual. Von meinem iPhone gesendet Am 16.08.2022 um 00:07 schrieb Stuart Whitman <swhitman@groupw.com>: Hello, I enabled Octavia on a kolla-ansible installed Openstack cluster. When I try to launch a loadbalancer instance, the octavia-worker.log file reports: "WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance." I researched enough to know that the problem has to do with networking between the controller and the lb-mgmt-net network. I initially overlooked this in the kolla-ansible Octavia documentation: "If using a VLAN provider network, ensure that the traffic is also bridged to Open vSwitch on the controllers." But, I don't know how to do it. Help to create the necessary bridge would be greatly appreciated. Thanks, -Stu _____________________________________ The information contained in this e-mail and any attachments from Group W may contain confidential and/or proprietary information and is intended only for the named recipient to whom it was originally addressed. If you are not the intended recipient, be aware that any disclosure, distribution, or copying of this e-mail or its attachments is strictly prohibited. If you have received this e-mail in error, please notify the sender immediately of that fact by return e-mail and permanently delete the e-mail and any attachments to it. Danny Webb Principal OpenStack Engineer The Hut Group<http://www.thehutgroup.com/> Tel: Email: Danny.Webb@thehutgroup.com<mailto:Danny.Webb@thehutgroup.com> For the purposes of this email, the "company" means The Hut Group Limited, a company registered in England and Wales (company number 6539496) whose registered office is at Fifth Floor, Voyager House, Chicago Avenue, Manchester Airport, M90 3DQ and/or any of its respective subsidiaries. Confidentiality Notice This e-mail is confidential and intended for the use of the named recipient only. If you are not the intended recipient please notify us by telephone immediately on +44(0)1606 811888 or return it to us by e-mail. Please then delete it from your system and note that any use, dissemination, forwarding, printing or copying is strictly prohibited. Any views or opinions are solely those of the author and do not necessarily represent those of the company. Encryptions and Viruses Please note that this e-mail and any attachments have not been encrypted. They may therefore be liable to be compromised. Please also note that it is your responsibility to scan this e-mail and any attachments for viruses. We do not, to the extent permitted by law, accept any liability (whether in contract, negligence or otherwise) for any virus infection and/or external compromise of security and/or confidentiality in relation to transmissions sent by e-mail. Monitoring Activity and use of the company's systems is monitored to secure its effective use and operation and for other lawful business purposes. Communications using these systems will also be monitored and may be recorded to secure effective use and operation and for other lawful business purposes. hgvyjuv

Hello, I prefer for kolla to create the bridge automatically. Each node has two physical interfaces. The network_interface and neutron_external_interface options are set in the inventory file.

you need set octavia_network_interface and configure external switch properly

I have octavia_network_interface set to "{{ api_interface }}" and api_interface is set to "{{ network_interface }}", the defaults. What do you mean by "configure external switch properly"? If you mean the external option when creating OpenStack networks, then I used the defaults in globals.yml which does not include that option. If you mean the physical switch, I'm using a low-budget switch I had lying around that is not configurable. Thanks for the help - everything else with kolla-ansible has been fairly easy. -Stu ---- From: W Ch <wchy1001@gmail.com> Sent: Tuesday, August 16, 2022 5:32 AM To: Stuart Whitman <swhitman@groupw.com> Cc: openstack-discuss@lists.openstack.org <openstack-discuss@lists.openstack.org> Subject: Re: [kolla-ansible][octavia] need networking help Hi Stuart: Usually, you need to add a bridge to all network nodes, you can use "ovs-vsctl add-br {br-name}" to add a ovs bridge, then you need to add a physical port to that bridge by executing "ovs-vsctl add-port {bridge} {port}". another alternatives, you can append the physical port to neutron_external_interface variable in globals.yml. in this case, kolla will create the ovs bridge automatically. both of them, you need set octavia_network_interface and configure external switch properly. if you really don't know how this works, I propose you use "octavia_network_type: tenant" ref: [0] , in this case, kolla-ansible will setup the octavia management network for you, you don't need to do anything. [0]: https://docs.openstack.org/kolla-ansible/latest/reference/networking/octavia... thanks. Stuart Whitman <swhitman@groupw.com> 于2022年8月16日周二 06:28写道： Hello, I enabled Octavia on a kolla-ansible installed Openstack cluster. When I try to launch a loadbalancer instance, the octavia-worker.log file reports: "WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance." I researched enough to know that the problem has to do with networking between the controller and the lb-mgmt-net network. I initially overlooked this in the kolla-ansible Octavia documentation: "If using a VLAN provider network, ensure that the traffic is also bridged to Open vSwitch on the controllers." But, I don't know how to do it. Help to create the necessary bridge would be greatly appreciated. Thanks, -Stu _____________________________________ The information contained in this e-mail and any attachments from Group W may contain confidential and/or proprietary information and is intended only for the named recipient to whom it was originally addressed. If you are not the intended recipient, be aware that any disclosure, distribution, or copying of this e-mail or its attachments is strictly prohibited. If you have received this e-mail in error, please notify the sender immediately of that fact by return e-mail and permanently delete the e-mail and any attachments to it.

HI: sorry, i forget a point in last reply. octavia-worker node also needs to access the vm in lb-mgmt-subnet. for above example. please try to ping 10.1.2.1(gateway) in octavia-worker nodes. thanks. W Ch <wchy1001@gmail.com> 于2022年8月17日周三 09:49写道：

Hi:

what i mean of 'external switch' is your physical switch. from you description, you just need to configure octavia_amp_network in global.yml. the following is example:

please ensure you have set enable_neutron_provider_networks = True before running octavia.

octavia_amp_network: name: lb-mgmt-net provider_network_type: vlan provider_segmentation_id: 1000 //vlan id, ensure your physical switch port which connected to 'neutron_external_interface' allows this vlan_id pass (trunk, allow 1000)

provider_physical_network: physnet1 //default is physnet1, you can check this in '/etc/kolla/neutron-openvswitch-agent/openvswitch_agent.ini' external: false shared: false subnet: name: lb-mgmt-subnet cidr: "10.1.2.0/24" //this should be the network cidr of vlan 1000. allocation_pool_start: "10.1.2.100" allocation_pool_end: "10.1.2.200" gateway_ip: "10.1.2.1" //this is the gateway for vlan_1000 , most time, this is the vlan 1000 interface ip address in your physical switch. enable_dhcp: yes

anyway, the goal is that a vm with octavia_amp_network network is able to access your octavia_network_interface.

thanks

Stuart Whitman <swhitman@groupw.com> 于2022年8月17日周三 00:50写道：

...

Hello,

I prefer for kolla to create the bridge automatically. Each node has two physical interfaces. The network_interface and neutron_external_interface options are set in the inventory file.

...

you need set octavia_network_interface and configure external switch properly

I have octavia_network_interface set to "{{ api_interface }}" and api_interface is set to "{{ network_interface }}", the defaults.

What do you mean by "configure external switch properly"? If you mean the external option when creating OpenStack networks, then I used the defaults in globals.yml which does not include that option. If you mean the physical switch, I'm using a low-budget switch I had lying around that is not configurable.

Thanks for the help - everything else with kolla-ansible has been fairly easy.

-Stu

----

From: W Ch <wchy1001@gmail.com> Sent: Tuesday, August 16, 2022 5:32 AM To: Stuart Whitman <swhitman@groupw.com> Cc: openstack-discuss@lists.openstack.org < openstack-discuss@lists.openstack.org> Subject: Re: [kolla-ansible][octavia] need networking help

Hi Stuart:

Usually, you need to add a bridge to all network nodes, you can use "ovs-vsctl add-br {br-name}" to add a ovs bridge, then you need to add a physical port to that bridge by executing "ovs-vsctl add-port {bridge} {port}". another alternatives, you can append the physical port to neutron_external_interface variable in globals.yml. in this case, kolla will create the ovs bridge automatically. both of them, you need set octavia_network_interface and configure external switch properly.

if you really don't know how this works, I propose you use "octavia_network_type: tenant" ref: [0] , in this case, kolla-ansible will setup the octavia management network for you, you don't need to do anything.

[0]: https://docs.openstack.org/kolla-ansible/latest/reference/networking/octavia...

thanks.

Stuart Whitman <swhitman@groupw.com> 于2022年8月16日周二 06:28写道： Hello,

I enabled Octavia on a kolla-ansible installed Openstack cluster. When I try to launch a loadbalancer instance, the octavia-worker.log file reports: "WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance."

I researched enough to know that the problem has to do with networking between the controller and the lb-mgmt-net network. I initially overlooked this in the kolla-ansible Octavia documentation: "If using a VLAN provider network, ensure that the traffic is also bridged to Open vSwitch on the controllers." But, I don't know how to do it.

Help to create the necessary bridge would be greatly appreciated.

Thanks, -Stu

_____________________________________ The information contained in this e-mail and any attachments from Group W may contain confidential and/or proprietary information and is intended only for the named recipient to whom it was originally addressed. If you are not the intended recipient, be aware that any disclosure, distribution, or copying of this e-mail or its attachments is strictly prohibited. If you have received this e-mail in error, please notify the sender immediately of that fact by return e-mail and permanently delete the e-mail and any attachments to it.