Ask Your Question
0

vxlan peers not being created on compute node (vm not getting dhcp)

asked 2017-10-04 08:15:12 -0500

BrunoGraz gravatar image

updated 2017-10-04 10:48:58 -0500

Hi,

I have deployed Openstack Ocata with kolla-ansible and I'm getting a similar issue as described here.

The difference is that I see it in a single the compute node - when I create a VM on the compute node the vxlan peers are not created on the compute host and therefore the VM is not able to get a DHCP address.

The only workaround I have found so far was to restart neutron-openvswitch-agent when the vm is already on the compute node, this will create the missing vxlan links, but it is a temporary solution as other vms would also require the service restart.

There are no errors in the neutron-agent nor in openvswitch logs, l2pop and arp_responder are enabled and there are no difference in the configuration file across the compute nodes.

I tried enabling debug in both agents but also didn't help so much.


br-tun before neutron agent restart

Bridge br-tun
    Controller "tcp:127.0.0.1:6633"
        is_connected: true
    fail_mode: secure
    Port br-tun
        Interface br-tun
            type: internal
    Port patch-int
        Interface patch-int
            type: patch
            options: {peer=patch-tun}

br-tun after restart

Bridge br-tun
    Controller "tcp:127.0.0.1:6633"
        is_connected: true
    fail_mode: secure
    Port "vxlan-c0a80b05"
        Interface "vxlan-c0a80b05"
            type: vxlan
            options: {df_default="true", in_key=flow, local_ip="192.X.X.8", out_key=flow, remote_ip="192.X.X.5"}
    Port br-tun
        Interface br-tun
            type: internal
    Port "vxlan-c0a80b0a"
        Interface "vxlan-c0a80b0a"
            type: vxlan
            options: {df_default="true", in_key=flow, local_ip="192.X.X.8", out_key=flow, remote_ip="192.X.X.10"}
    Port "vxlan-c0a80b06"
        Interface "vxlan-c0a80b06"
            type: vxlan
            options: {df_default="true", in_key=flow, local_ip="192.X.X.8", out_key=flow, remote_ip="192.X.X.6"}
    Port "vxlan-c0a80b02"
        Interface "vxlan-c0a80b02"
            type: vxlan
            options: {df_default="true", in_key=flow, local_ip="192.X.X.8", out_key=flow, remote_ip="192.X.X.2"}
    Port patch-int
        Interface patch-int
            type: patch
            options: {peer=patch-tun}
    Port "vxlan-c0a80b09"
        Interface "vxlan-c0a80b09"
            type: vxlan
            options: {df_default="true", in_key=flow, local_ip="192.X.X.8", out_key=flow, remote_ip="192.X.X.9"}
    Port "vxlan-c0a80b0b"
        Interface "vxlan-c0a80b0b"
            type: vxlan
            options: {df_default="true", in_key=flow, local_ip="192.X.X.8", out_key=flow, remote_ip="192.X.X.11"}

EDIT:

Neutron network:

+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| availability_zone_hints   |                                      |
| availability_zones        | nova                                 |
| created_at                | 2017-08-25T12:15:22Z                 |
| description               |                                      |
| id                        | b4e73eb0-7799-4284-bb81-9f6144a9c223 |
| ipv4_address_scope        |                                      |
| ipv6_address_scope        |                                      |
| mtu                       | 1450                                 |
| name                      | default_internal                     |
| project_id                | 4913dfacc1d248bea911630dd84236c9     |
| provider:network_type     | vxlan                                |
| provider:physical_network |                                      |
| provider:segmentation_id  | 1                                    |
| revision_number           | 4                                    |
| router:external           | False                                |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   | e4dab764-faf1-5832-839d-7eb593abfa64 |
| tags                      |                                      |
| tenant_id                 | 4913dfacc1d248bea911630dd84236c9     |
| updated_at                | 2017-08-25T12:15:23Z                 |
+---------------------------+--------------------------------------+

ip netns exec qdhcp-b4e73eb0-7799-4284-bb81-9f6144a9c223 ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
114: tapb46cdb0c-7b: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:58:38:a4 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.2/24 brd 10.0.0.255 scope global tapb46cdb0c-7b ...
(more)
edit retag flag offensive close merge delete

Comments

Can you share what config you used in kolla, full ovs ovs-vsctl show in compute and network nodes, ip netns on each node, network/subnets config in neutron.

Eduardo Gonzalez gravatar imageEduardo Gonzalez ( 2017-10-04 09:28:40 -0500 )edit

First thing i noticed is ansible code is pike not ocata, something may change in releases in config

Eduardo Gonzalez gravatar imageEduardo Gonzalez ( 2017-10-04 09:35:20 -0500 )edit

Edited, added a bit more information. This issue is quite strange as there are no errors whatsoever on neutron/openvswitch logs. It looks like some openvswitch flows are not being applied - comparing with other compute nodes - but my understanding on this is more limited.

BrunoGraz gravatar imageBrunoGraz ( 2017-10-04 10:44:58 -0500 )edit

also for the deployment we used the branch stable/ocata for kolla-ansible

BrunoGraz gravatar imageBrunoGraz ( 2017-10-04 10:47:46 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2017-11-22 08:06:18 -0500

vlad-belogrudov gravatar image

I get similar results with docker 17.06.2 though with older docker it worked well. No errors could be identified yet

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2017-10-04 08:15:12 -0500

Seen: 517 times

Last updated: Nov 22 '17