<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<br>
<br>
<div class="moz-cite-prefix">On 2023-06-27 15:02, Roberto Bartzen
Acosta wrote:<br>
</div>
<blockquote type="cite" cite="mid:CALsEdxSnrTZp5P7SGyxORsoL3yrOr4Y8g4bvbPtaOS8EhdcR6w@mail.gmail.com">
<div dir="ltr">
<div dir="ltr"><br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Em ter., 27 de jun. de 2023
às 15:22, Gary Molenkamp <<a href="mailto:molenkam@uwo.ca" moz-do-not-send="true" class="moz-txt-link-freetext">molenkam@uwo.ca</a>>
escreveu:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div> Thanks for the pointers, itlooks like I'm starting to
narrow it down. Something still confusing me, though.<br>
<br>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px
0px 0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex"> <br>
I've built a Zed cloud, since upgraded to
Antelope, using the Neutron <br>
Manual install method here: <br>
<a href="https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html" rel="noreferrer" target="_blank" moz-do-not-send="true" class="moz-txt-link-freetext">https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html</a><br>
I'm using a multi-tenent configuration using
geneve and the flat <br>
provider network is present on each
hypervisor. Each hypervisor is <br>
connected to the physical provider network,
along with the tenent <br>
network and is tagged as an external chassis
under OVN.<br>
br-int exists, as does br-provider<br>
ovs-vsctl set open . <br>
external-ids:ovn-cms-options=enable-chassis-as-gw<br>
</blockquote>
<div><br>
</div>
<div>Any specific reason to enable gateway on
compute nodes? Generally it's recommended to
use controller/network nodes as gateway.
What's your env(number of controllers,
network, compute nodes)?<br>
</div>
</div>
</div>
</blockquote>
<div><br>
</div>
<div>Wouldn't it be interesting to
enable-chassis-as-gw on the compute nodes, just in
case you want to use DVR: If that's the case, you
need to map the external bridge (<span style="background-color:rgb(244,245,247);color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap">ovs-vsctl set open . external-ids:ovn-bridge-mappings=...</span>)
via ansible this is created automatically, but in
the manual installation I didn't see any mention
of it.</div>
<div> </div>
<div>The problem is basically that the port of the
OVN LRP may not be in the same chassis as the VM
that failed (since the CR-LRP will be where the
first VM of that network will be created). The
suggestion is to remove the enable-chassis-as-gw
from the compute nodes to allow the VM to forward
traffic via tunneling/Geneve to the chassis where
the LRP resides.<br>
</div>
<div><br>
</div>
<div><span style="color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247)">ovs-vsctl remove open . external-ids ovn-cms-options="enable-chassis-as-gw"
</span><span style="box-sizing:border-box;padding-left:8px;margin-right:8px;text-align:right;float:left;font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247);display:inline-block;padding-right:8px"></span><span style="color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247)">ovs-vsctl remove open . external-ids ovn-bridge-mappings
</span><span style="box-sizing:border-box;padding-left:8px;margin-right:8px;text-align:right;float:left;font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247);display:inline-block;padding-right:8px"></span><span style="color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247)">ip link set br-provider-name down
</span><span style="box-sizing:border-box;padding-left:8px;margin-right:8px;text-align:right;float:left;font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247);display:inline-block;padding-right:8px"></span><span style="color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247)">ovs-vsctl del-br </span><span style="color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247)">br-provider-name</span><span style="color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247)">
</span><span style="box-sizing:border-box;padding-left:8px;margin-right:8px;text-align:right;float:left;font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247);display:inline-block;padding-right:8px"></span><span style="color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247)">systemctl restart ovn-controller
</span><span style="box-sizing:border-box;padding-left:8px;margin-right:8px;text-align:right;float:left;font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247);display:inline-block;padding-right:8px"></span><span style="color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247)">systemctl restart openvswitch-switch
</span><span style="box-sizing:border-box;padding-left:8px;margin-right:8px;text-align:right;float:left;font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap;background-color:rgb(244,245,247);display:inline-block;padding-right:8px"></span></div>
<br>
</div>
</div>
</blockquote>
<br>
How does one support both use-case types?<br>
<br>
If I want to use DVR via each compute node, then I must
create the br-provider bridge, set the chassis as a
gateway and map the bridge. This seems to be breaking
forwarding to the OVN LRP. The hypervisor/VM with the
working LRP works but any other hypervisor is not
tunneling via Geneve.<br>
</div>
</blockquote>
<div><br>
<a href="https://docs.openstack.org/neutron/zed/ovn/faq/index.html" moz-do-not-send="true" class="moz-txt-link-freetext">https://docs.openstack.org/neutron/zed/ovn/faq/index.html</a></div>
<div>The E/W traffic is "completely distributed in all cases."
for OVN driver... It is natively supported and should work
via openflow / tunneling / Geneve without any issues.</div>
<div><br>
</div>
<div>The problem is that when you set the <span style="background-color:rgb(244,245,247);color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap">enable-</span><span style="background-color:rgb(244,245,247);color:rgb(23,43,77);font-family:SFMono-Medium,"SF Mono","Segoe UI Mono","Roboto Mono","Ubuntu Mono",Menlo,Consolas,Courier,monospace;font-size:14px;white-space:pre-wrap">chassis-as-gw</span> flag
you enable gateway router port scheduling for a chassis that
may not have an external bridge mapped (and this breaks
external traffic).</div>
</div>
</div>
</blockquote>
<br>
E/W traffic looks good and each compute shows forwarding connections
to the other compute.<br>
<br>
Each compute has the proper external bridge mapped. ie:<br>
<br>
external_ids : {hostname=compute05.cloud.sci.uwo.ca,
ovn-bridge-mappings="provider:br-provider",
ovn-cms-options=enable-chassis-as-gw, ovn-encap-ip="192.168.0.105",
ovn-encap-type=geneve, ovn-remote="tcp:172.31.102.100:6642",
rundir="/var/run/openvswitch",
system-id="8e0fa17c-e480-4b60-9015-bd8833412561"}<br>
<br>
Likewise all geneve tunnels between the compute nodes are
established.<br>
<br>
<br>
<br>
<br>
<br>
<pre class="moz-signature" cols="72">--
Gary Molenkamp Science Technology Services
Systems Administrator University of Western Ontario
<a class="moz-txt-link-abbreviated" href="mailto:molenkam@uwo.ca">molenkam@uwo.ca</a> <a class="moz-txt-link-freetext" href="http://sts.sci.uwo.ca">http://sts.sci.uwo.ca</a>
(519) 661-2111 x86882 (519) 661-3566</pre>
</body>
</html>