[openstack-dev] Need advice on https://review.openstack.org/#/c/521632/
Sandhya Dasu (sadasu)
sadasu at cisco.com
Mon Dec 11 17:24:59 UTC 2017
Thanks for your comments Emilien!
Yes, planning to keep the manifest, just removing the ping test and the code that is dependent on that succeeding.
Uploading a new PS to reflect this approach.
Thanks,
Sandhya
On 12/11/17, 12:22 PM, "Emilien Macchi" <emilien at redhat.com> wrote:
Hi Sandhya,
See inline:
On Mon, Dec 11, 2017 at 8:49 AM, Sandhya Dasu (sadasu) <sadasu at cisco.com> wrote:
> Hi Steven and Emilien,
>
> I need your advice on how to proceed with the fix in
> https://review.openstack.org/#/c/521632/.
>
>
>
> The issue in question is that code in puppet-neutron for the Nexus switch,
> performs a ping test to see if all the Nexus switches specified in the
> configuration are actually reachable.
>
> After that it performs a ssh-keyscan and adds the list of Nexus switches to
> the list on known hosts on the Controllers.
>
> Code can be viewed here:
> https://github.com/openstack/puppet-neutron/blob/master/manifests/plugins/ml2/cisco/nexus_creds.pp
> (starting from line #104)
>
> I spoke to Emilien about this during the Sydney summit.
>
>
>
> Since then I have tried a bunch of different ways to solve this problem and
> I am trying to figure out the best way to proceed:
>
>
>
> 1. Adding retry login around the ping test:
> https://review.openstack.org/#/c/521632/2
>
> 2. Changing the order in which Neutron ML2 plugins/services were
> initialized in https://review.openstack.org/#/c/521632/8 (Failed gate
> checks)
>
> 3. I also tried to remove a dependency between the ping test and the
> ssh-keyscan steps. (code in https://review.openstack.org/#/c/521632/7)
>
> 4. Finally, in the latest version of the fix I completely removed the
> ping test and ssh-keyscan steps to make progress.
> (https://review.openstack.org/#/c/521632/)
>
>
>
> Although, the ping test and ssh-keyscan are not essential for the
> functioning of the Nexus driver, I would like to find a way to keep this
> code.
>
>
>
> Please let me know what would be the best way to proceed.
IMHO this code shouldn't exist. I've never seen any Puppet code
testing "ping" during a deployment.
You should rather make sure that Nexus switches are ready and
available before performing any deployment with puppet-neutron (with
Ansible for example).
But doing it with Puppet is kind of the wrong way I think.
Let me know if that makes sense but I would rather keep his manifest
to manage config files and remove this code in the future.
--
Emilien Macchi
More information about the OpenStack-dev
mailing list