[openstack-dev] Need advice on https://review.openstack.org/#/c/521632/

Emilien Macchi emilien at redhat.com
Mon Dec 11 17:22:02 UTC 2017


Hi Sandhya,

See inline:

On Mon, Dec 11, 2017 at 8:49 AM, Sandhya Dasu (sadasu) <sadasu at cisco.com> wrote:
> Hi Steven and Emilien,
>
>     I need your advice on how to proceed with the fix in
> https://review.openstack.org/#/c/521632/.
>
>
>
> The issue in question is that code in puppet-neutron for the Nexus switch,
> performs a ping test to see if all the Nexus switches specified in the
> configuration are actually reachable.
>
> After that it performs a ssh-keyscan and adds the list of Nexus switches to
> the list on known hosts on the Controllers.
>
> Code can be viewed here:
> https://github.com/openstack/puppet-neutron/blob/master/manifests/plugins/ml2/cisco/nexus_creds.pp
> (starting from line #104)
>
> I spoke to Emilien about this during the Sydney summit.
>
>
>
> Since then I have tried a bunch of different ways to solve this problem and
> I am trying to figure out the best way to proceed:
>
>
>
> 1.       Adding retry login around the ping test:
> https://review.openstack.org/#/c/521632/2
>
> 2.       Changing the order in which Neutron ML2 plugins/services were
> initialized in https://review.openstack.org/#/c/521632/8 (Failed gate
> checks)
>
> 3.       I also tried to remove a dependency between the ping test and the
> ssh-keyscan steps. (code in https://review.openstack.org/#/c/521632/7)
>
> 4.       Finally, in the latest version of the fix I completely removed the
> ping test and ssh-keyscan steps to make progress.
> (https://review.openstack.org/#/c/521632/)
>
>
>
> Although, the ping test and ssh-keyscan are not essential for the
> functioning of the Nexus driver, I would like to find a way to keep this
> code.
>
>
>
> Please let me know what would be the best way to proceed.

IMHO this code shouldn't exist. I've never seen any Puppet code
testing "ping" during a deployment.
You should rather make sure that Nexus switches are ready and
available before performing any deployment with puppet-neutron (with
Ansible for example).
But doing it with Puppet is kind of the wrong way I think.
Let me know if that makes sense but I would rather keep his manifest
to manage config files and remove this code in the future.
-- 
Emilien Macchi



More information about the OpenStack-dev mailing list