[Openstack] missing ovs flows and extra interfaces in pike

Hartwig Hauschild openstack at hauschild.it
Fri Oct 19 13:32:43 UTC 2018


[ I have no idea how much of the following information is necessary ]

We're running Openstack Pike, deployed with Openstack-Ansible 16.0.5.
The system is running on a bunch of compute-nodes and three combined
network/management-nodes, we're using OVS, DVR and VXLAN for networking.

The DVRs are set up with snat disabled, that's handled by different

We have recently noticed that we don't have north-south-connectivity in
a couple of qdhcp-netns and after a weeks worth of debugging it boils
down to missing OVS-flows on br-tun that should be directing the
northbound traffic at the node with the live snat-netns.

We also noticed that while every node has the ports for the
qdhcp-netns that belong on the node we also have a couple of taps and
flows for ports that are on other nodes.

To make that a bit clearer:
If you have network A with dhcp-services F, G, H we found that the ip
netns containing the dnsmasq for F, G, H are on nodes 1, 2, 3
respectively, but node 1 would also have the tap-interface and flows for
G on br-int dangeling freely without any netns.

Is there a simple explanation for this and maybe even a fix?

What we found so far seems to suggest we should either restart the
management-nodes or the neutron-agent-containers or at least stop, clean
and start ovs and neutron-openvswitch-agent inside the containers.

Is it possible to somehow redeploy or validate the flows from neutron to
make sure that everything is consistent apart from restarts?


	Hartwig Hauschild

More information about the Openstack mailing list