OVN in latest OpenStack
We have been installing openstack Dalmatian based on Debian packages on our institution. I am currently trying to configure OVN neutron metadata service, but it seems very hard to find how OVN actually currently does it. See [1.]. The documentation states first, that ovn-metadata-agent will run with a netns and haproxy instance on hypervisor. But there is also a reference to having metadata support in ovn-controller. In addition, I have seen hints suggesting that neutron-ovn-agent and neutron-ovn-metadata-agent would be exclusive to each other. What is the currently up-to-date way to configure OVN metadata agent? Especially, is there any up-to-date instructions how to properly configure neutron's related config files? We have following versions of ovn and ovs: openvswitch-common 3.1.0-2 (+deb12u1) ovn-common 23.03.1-1 (~deb12u2) ovn-host 23.03.1-1 (~deb12u2) neutron-ovn-metadata-agent 2:25.0.0 (-5~bpo12+1) neutron-ovn-agent 2:25.0.0 (-5~bpo12+1) Best Regards, Jani Heikkinen [1.] https://docs.openstack.org/networking-ovn/latest/contributor/design/metadata... -- Berner Fachhochschule / Bern University of Applied Sciences IT-Services / Team Linux & Infrastructure Services Jani Heikkinen IT Linux Engineer ___________________________________________________________ Dammweg 3, CH-3013 Bern Telefon direkt +41 31 848 68 14 Telefon Servicedesk +41 31 848 48 48 jani.heikkinen@bfh.ch
Hi Jani, On 2/18/25 5:47 AM, Jani Heikkinen wrote:
We have been installing openstack Dalmatian based on Debian packages on our institution.
I am currently trying to configure OVN neutron metadata service, but it seems very hard to find how OVN actually currently does it.
See [1.]. The documentation states first, that ovn-metadata-agent will run with a netns and haproxy instance on hypervisor.
But there is also a reference to having metadata support in ovn-controller. In addition, I have seen hints suggesting that neutron-ovn-agent and neutron-ovn-metadata-agent would be exclusive to each other.
The doc you linked is from the old networking-ovn repository, and was more intended for developers, not cloud admins. All code is now in the neutron repository (including this old design document) since we didn't want to throw it all out. Metadata is not supported in ovn-controller. Starting in later releases you can run either the neutron-ovn-agent (with the metadata extension enabled), or the neutron-ovn-metadata-agent, I would start with the latter to keep it simple.
What is the currently up-to-date way to configure OVN metadata agent? Especially, is there any up-to-date instructions how to properly configure neutron's related config files?
https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html A manual install is a bit of an art, and I'm not sure if everything in Debian follows that doc, but it should be pretty close to the Ubuntu sections. -Brian
We have following versions of ovn and ovs:
openvswitch-common 3.1.0-2 (+deb12u1)
ovn-common 23.03.1-1 (~deb12u2)
ovn-host 23.03.1-1 (~deb12u2)
neutron-ovn-metadata-agent 2:25.0.0 (-5~bpo12+1)
neutron-ovn-agent 2:25.0.0 (-5~bpo12+1)
Best Regards, Jani Heikkinen
[1.]
https://docs.openstack.org/networking-ovn/latest/contributor/design/metadata...
On Tue, Feb 18, 2025 at 1:14 PM Brian Haley <haleyb.dev@gmail.com> wrote:
Hi Jani,
On 2/18/25 5:47 AM, Jani Heikkinen wrote:
We have been installing openstack Dalmatian based on Debian packages on our institution.
I am currently trying to configure OVN neutron metadata service, but it seems very hard to find how OVN actually currently does it.
See [1.]. The documentation states first, that ovn-metadata-agent will run with a netns and haproxy instance on hypervisor.
But there is also a reference to having metadata support in ovn-controller. In addition, I have seen hints suggesting that neutron-ovn-agent and neutron-ovn-metadata-agent would be exclusive to each other.
The doc you linked is from the old networking-ovn repository, and was more intended for developers, not cloud admins. All code is now in the neutron repository (including this old design document) since we didn't want to throw it all out. Metadata is not supported in ovn-controller.
Perhaps the doc should not be published if it's old and confusing.
Starting in later releases you can run either the neutron-ovn-agent (with the metadata extension enabled), or the neutron-ovn-metadata-agent, I would start with the latter to keep it simple.
What is the currently up-to-date way to configure OVN metadata agent? Especially, is there any up-to-date instructions how to properly configure neutron's related config files?
https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html
A manual install is a bit of an art, and I'm not sure if everything in Debian follows that doc, but it should be pretty close to the Ubuntu sections.
-Brian
We have following versions of ovn and ovs:
openvswitch-common 3.1.0-2 (+deb12u1)
ovn-common 23.03.1-1 (~deb12u2)
ovn-host 23.03.1-1 (~deb12u2)
neutron-ovn-metadata-agent 2:25.0.0 (-5~bpo12+1)
neutron-ovn-agent 2:25.0.0 (-5~bpo12+1)
Best Regards, Jani Heikkinen
[1.]
https://docs.openstack.org/networking-ovn/latest/contributor/design/metadata...
On 2/18/25 3:59 PM, Ihar Hrachyshka wrote:
On Tue, Feb 18, 2025 at 1:14 PM Brian Haley <haleyb.dev@gmail.com <mailto:haleyb.dev@gmail.com>> wrote:
Hi Jani,
On 2/18/25 5:47 AM, Jani Heikkinen wrote: > We have been installing openstack Dalmatian based on Debian packages on > our institution. > > I am currently trying to configure OVN neutron metadata service, but it > seems very hard to find how OVN actually currently does it. > > See [1.]. The documentation states first, that ovn-metadata-agent will > run with a netns and haproxy instance on hypervisor. > > But there is also a reference to having metadata support in > ovn-controller. In addition, I have seen hints suggesting that > neutron-ovn-agent and neutron-ovn-metadata-agent would be exclusive to > each other.
The doc you linked is from the old networking-ovn repository, and was more intended for developers, not cloud admins. All code is now in the neutron repository (including this old design document) since we didn't want to throw it all out. Metadata is not supported in ovn-controller.
Perhaps the doc should not be published if it's old and confusing.
I actually don't know how to have it not show up on docs.openstack.org and codesearch didn't find an obvious answer. I'll gladly make a change if someone can point me in the right direction. -Brian
Starting in later releases you can run either the neutron-ovn-agent (with the metadata extension enabled), or the neutron-ovn-metadata-agent, I would start with the latter to keep it simple.
> What is the currently up-to-date way to configure OVN metadata agent? > Especially, is there any up-to-date instructions how to properly > configure neutron's related config files?
https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html <https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html>
A manual install is a bit of an art, and I'm not sure if everything in Debian follows that doc, but it should be pretty close to the Ubuntu sections.
-Brian
> We have following versions of ovn and ovs: > > openvswitch-common 3.1.0-2 (+deb12u1) > > ovn-common 23.03.1-1 (~deb12u2) > > ovn-host 23.03.1-1 (~deb12u2) > > neutron-ovn-metadata-agent 2:25.0.0 (-5~bpo12+1) > > neutron-ovn-agent 2:25.0.0 (-5~bpo12+1) > > > Best Regards, Jani Heikkinen > > [1.] > > https://docs.openstack.org/networking-ovn/latest/contributor/design/metadata... <https://docs.openstack.org/networking-ovn/latest/contributor/design/metadata_api.html> >
On 2025-02-19 17:53:47 -0500 (-0500), Brian Haley wrote: [...]
I actually don't know how to have it not show up on docs.openstack.org and codesearch didn't find an obvious answer. I'll gladly make a change if someone can point me in the right direction. [...]
It's documentation contained in the neutron repository, just push a commit that removes the files from https://opendev.org/openstack/neutron/src/branch/master/doc/source/install/o... and cleans up the associated TOC entry from the index.rst file in the parent directory. -- Jeremy Stanley
On 2025-02-20 00:00:03 +0000 (+0000), Jeremy Stanley wrote: [...]
It's documentation contained in the neutron repository, just push a commit that removes the files from https://opendev.org/openstack/neutron/src/branch/master/doc/source/install/o... and cleans up the associated TOC entry from the index.rst file in the parent directory.
Oops, ignore me, I misunderstood which document you were looking to remove. Clearly that's the new "good" version, so don't remove that one. ;) Clark's reply is far more correct. -- Jeremy Stanley
On Wed, Feb 19, 2025, at 2:53 PM, Brian Haley wrote:
On 2/18/25 3:59 PM, Ihar Hrachyshka wrote:
On Tue, Feb 18, 2025 at 1:14 PM Brian Haley <haleyb.dev@gmail.com <mailto:haleyb.dev@gmail.com>> wrote:
Hi Jani,
On 2/18/25 5:47 AM, Jani Heikkinen wrote: > We have been installing openstack Dalmatian based on Debian packages on > our institution. > > I am currently trying to configure OVN neutron metadata service, but it > seems very hard to find how OVN actually currently does it. > > See [1.]. The documentation states first, that ovn-metadata-agent will > run with a netns and haproxy instance on hypervisor. > > But there is also a reference to having metadata support in > ovn-controller. In addition, I have seen hints suggesting that > neutron-ovn-agent and neutron-ovn-metadata-agent would be exclusive to > each other.
The doc you linked is from the old networking-ovn repository, and was more intended for developers, not cloud admins. All code is now in the neutron repository (including this old design document) since we didn't want to throw it all out. Metadata is not supported in ovn-controller.
Perhaps the doc should not be published if it's old and confusing.
I actually don't know how to have it not show up on docs.openstack.org and codesearch didn't find an obvious answer. I'll gladly make a change if someone can point me in the right direction.
-Brian
If the documentation is still valid for some users you probably don't want to remove it entirely. I'm not sure if the old docs apply to old versions of neutron and openstack. I think this exposes a gap in the project retirement process where we don't update the documentation for a project before retiring it. In this case networking-ovn was retired but the documentation doesn't appear to warn anyone about that. Ideally we would've updated the docs in networking-ovn to indicate the retired state, let those publish, then retire the project itself. Considering that didn't happen I think we have some options: We could decide that the docs aren't valuable to anyone anymore and an OpenDev admin can delete them from afs manually. We could unretire the project, update its docuementation, then retire it again. Someone could supply updated documentation edits that an OpenDev admin could manually apply. There are probably other options that I haven't considered too.
On 2025-02-19 16:00:13 -0800 (-0800), Clark Boylan wrote: [...]
If the documentation is still valid for some users you probably don't want to remove it entirely. I'm not sure if the old docs apply to old versions of neutron and openstack. I think this exposes a gap in the project retirement process where we don't update the documentation for a project before retiring it. In this case networking-ovn was retired but the documentation doesn't appear to warn anyone about that. Ideally we would've updated the docs in networking-ovn to indicate the retired state, let those publish, then retire the project itself.
Considering that didn't happen I think we have some options: We could decide that the docs aren't valuable to anyone anymore and an OpenDev admin can delete them from afs manually. We could unretire the project, update its docuementation, then retire it again. Someone could supply updated documentation edits that an OpenDev admin could manually apply. There are probably other options that I haven't considered too.
It's this step: https://docs.openstack.org/project-team-guide/repository.html#step-5-remove-... -- Jeremy Stanley
On 2/19/25 7:28 PM, Jeremy Stanley wrote:
On 2025-02-19 16:00:13 -0800 (-0800), Clark Boylan wrote: [...]
If the documentation is still valid for some users you probably don't want to remove it entirely. I'm not sure if the old docs apply to old versions of neutron and openstack. I think this exposes a gap in the project retirement process where we don't update the documentation for a project before retiring it. In this case networking-ovn was retired but the documentation doesn't appear to warn anyone about that. Ideally we would've updated the docs in networking-ovn to indicate the retired state, let those publish, then retire the project itself.
Considering that didn't happen I think we have some options: We could decide that the docs aren't valuable to anyone anymore and an OpenDev admin can delete them from afs manually. We could unretire the project, update its docuementation, then retire it again. Someone could supply updated documentation edits that an OpenDev admin could manually apply. There are probably other options that I haven't considered too.
It's this step: https://docs.openstack.org/project-team-guide/repository.html#step-5-remove-...
Thanks for the link, the _RETIRED_REPOS step was missed, one-line change. https://review.opendev.org/c/openstack/openstack-manuals/+/942380 -Brian
On 2/18/25 19:14, Brian Haley wrote:
Hi Jani,
On 2/18/25 5:47 AM, Jani Heikkinen wrote:
We have been installing openstack Dalmatian based on Debian packages on our institution.
I am currently trying to configure OVN neutron metadata service, but it seems very hard to find how OVN actually currently does it.
See [1.]. The documentation states first, that ovn-metadata-agent will run with a netns and haproxy instance on hypervisor.
But there is also a reference to having metadata support in ovn-controller. In addition, I have seen hints suggesting that neutron-ovn-agent and neutron-ovn-metadata-agent would be exclusive to each other.
The doc you linked is from the old networking-ovn repository, and was more intended for developers, not cloud admins. All code is now in the neutron repository (including this old design document) since we didn't want to throw it all out. Metadata is not supported in ovn-controller.
Starting in later releases you can run either the neutron-ovn-agent (with the metadata extension enabled), or the neutron-ovn-metadata-agent, I would start with the latter to keep it simple.
Thank you Brian. I will use for now the neutron-ovn-metadata agent, since the neutron-ovn-agent with metadata extension does not really have any kind of documentation how to set it up.
What is the currently up-to-date way to configure OVN metadata agent? Especially, is there any up-to-date instructions how to properly configure neutron's related config files?
https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html
A manual install is a bit of an art, and I'm not sure if everything in Debian follows that doc, but it should be pretty close to the Ubuntu sections.
I have so far used the Ubuntu install instructions. For the documentation, it would be good to integrate somehow the networking install documentation. Now there is at least: 1. https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html 2. https://docs.openstack.org/neutron/latest/install/controller-install-ubuntu.... and https://docs.openstack.org/neutron/latest/install/controller-install-option2... All combined the information on these sources is not so bad, but it is confusing, because the main neutron networking guide will instruct to install OVS networking with all the DHCP agents, L3 agents and so on. I managed to get the metadata service running and OVN to work, but it could have been less painful with integrated documentation. For admin it would be useful to have for example - install controller (ubuntu) - Linux bridge - OVS - OVN - install controller (centos) .. (as above) - install controller (archX) .. Best, and thanks Jani
-Brian
We have following versions of ovn and ovs:
openvswitch-common 3.1.0-2 (+deb12u1)
ovn-common 23.03.1-1 (~deb12u2)
ovn-host 23.03.1-1 (~deb12u2)
neutron-ovn-metadata-agent 2:25.0.0 (-5~bpo12+1)
neutron-ovn-agent 2:25.0.0 (-5~bpo12+1)
Best Regards, Jani Heikkinen
[1.]
https://docs.openstack.org/networking-ovn/latest/contributor/design/metadata...
Hi Jani, On 2/20/25 10:50 AM, Jani Heikkinen wrote:
On 2/18/25 19:14, Brian Haley wrote:
Hi Jani,
On 2/18/25 5:47 AM, Jani Heikkinen wrote:
We have been installing openstack Dalmatian based on Debian packages on our institution.
I am currently trying to configure OVN neutron metadata service, but it seems very hard to find how OVN actually currently does it.
See [1.]. The documentation states first, that ovn-metadata-agent will run with a netns and haproxy instance on hypervisor.
But there is also a reference to having metadata support in ovn-controller. In addition, I have seen hints suggesting that neutron-ovn-agent and neutron-ovn-metadata-agent would be exclusive to each other.
The doc you linked is from the old networking-ovn repository, and was more intended for developers, not cloud admins. All code is now in the neutron repository (including this old design document) since we didn't want to throw it all out. Metadata is not supported in ovn-controller.
Starting in later releases you can run either the neutron-ovn-agent (with the metadata extension enabled), or the neutron-ovn-metadata-agent, I would start with the latter to keep it simple.
Thank you Brian. I will use for now the neutron-ovn-metadata agent, since the neutron-ovn-agent with metadata extension does not really have any kind of documentation how to set it up.
What is the currently up-to-date way to configure OVN metadata agent? Especially, is there any up-to-date instructions how to properly configure neutron's related config files?
https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html
A manual install is a bit of an art, and I'm not sure if everything in Debian follows that doc, but it should be pretty close to the Ubuntu sections.
I have so far used the Ubuntu install instructions. For the documentation, it would be good to integrate somehow the networking install documentation.
Thanks for the feedback. If you want to file a bug or propose a patch to make things better I would be happy to review it! -Brian
Now there is at least:
1. https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html
2. https://docs.openstack.org/neutron/latest/install/controller-install-ubuntu.... and
https://docs.openstack.org/neutron/latest/install/controller-install-option2...
All combined the information on these sources is not so bad, but it is confusing, because the main neutron networking guide will instruct to install OVS networking with all the DHCP agents, L3 agents and so on.
I managed to get the metadata service running and OVN to work, but it could have been less painful with integrated documentation. For admin it would be useful to have
for example
- install controller (ubuntu)
- Linux bridge
- OVS
- OVN
- install controller (centos)
.. (as above)
- install controller (archX)
..
Best, and thanks
Jani
-Brian
We have following versions of ovn and ovs:
openvswitch-common 3.1.0-2 (+deb12u1)
ovn-common 23.03.1-1 (~deb12u2)
ovn-host 23.03.1-1 (~deb12u2)
neutron-ovn-metadata-agent 2:25.0.0 (-5~bpo12+1)
neutron-ovn-agent 2:25.0.0 (-5~bpo12+1)
Best Regards, Jani Heikkinen
[1.]
https://docs.openstack.org/networking-ovn/latest/contributor/design/metadata...
participants (5)
-
Brian Haley
-
Clark Boylan
-
Ihar Hrachyshka
-
Jani Heikkinen
-
Jeremy Stanley