tripleo

Default OVN deployment requires Neutron bridge on compute nodes.

Bug #1890337 reported by Dan Sneddon
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
Fix Released
Critical
Dan Sneddon
tripleo victoria-3 "tripleo victoria"

Bug Description

OVN routes floating IP traffic directly in/out on the compute node, similar to how ML2/OVS would route traffic when DVR was enabled. This means that the default deployment of OVN includes DVR and has the same requirements as ML2/OVS did for a bridge on the compute nodes in order to directly attach the external provider network.

Since a bridge is required on the compute nodes in the default configuration, the default NIC config for os-net-config should be net-config-bridge.yaml (like the controller nodes) and not net-config-noop.yaml:

stack@undercloud templates]$ grep -R Net::SoftwareConfig /usr/share/openstack-tripleo-heat-templates/overcloud-resource-registry-puppet.j2.yaml
  OS::TripleO::{{role.name}}::Net::SoftwareConfig: net-config-noop.yaml
  OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml

OpenStack Infra (hudson-openstack)
Changed in tripleo:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (master)

Reviewed: https://review.opendev.org/744791
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=bc5b6133f1f192c7fe5330bc1fa13f8259eb9050
Submitter: Zuul
Branch: master

commit bc5b6133f1f192c7fe5330bc1fa13f8259eb9050
Author: Dan Sneddon <email address hidden>
Date: Tue Aug 4 14:08:01 2020 -0700

    Create external bridge on Compute nodes by default for OVN with DVR

    OVN is used by default, which includes DVR and requires a Neutron
    external network bridge on the Compute nodes. This change adds the
    tag 'external_bridge' to the Controller roles and modifies the
    overcloud-resource-registry-puppet.j2.yaml file to set the default
    NIC configuration to net-config-bridge.yaml when this tag is set.
    This will cause both Controller and Compute nodes to have an
    external bridge by default if no specific NIC configuration files
    are specified for both roles since the 'external_bridge' tag is set
    in roles_data.yaml.

    This change also stops using net-config-bridge.yaml when the role
    includes the 'controller' tag, since the 'external_bridge' tag is
    used instead. A release note explains the change.

    Closes-bug: 1890337
    Change-Id: I69c32d33a516c629303e87c8e9a0e4b8fe58c669

Changed in tripleo:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/755879

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/train)

Fix proposed to branch: stable/train
Review: https://review.opendev.org/755881

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/ussuri)

Reviewed: https://review.opendev.org/755879
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=1674d3a341ca8cf24faf84c73281e32bcdaafad8
Submitter: Zuul
Branch: stable/ussuri

commit 1674d3a341ca8cf24faf84c73281e32bcdaafad8
Author: Dan Sneddon <email address hidden>
Date: Tue Aug 4 14:08:01 2020 -0700

    Create external bridge on Compute nodes by default for OVN with DVR

    OVN is used by default, which includes DVR and requires a Neutron
    external network bridge on the Compute nodes. This change adds the
    tag 'external_bridge' to the Controller roles and modifies the
    overcloud-resource-registry-puppet.j2.yaml file to set the default
    NIC configuration to net-config-bridge.yaml when this tag is set.
    This will cause both Controller and Compute nodes to have an
    external bridge by default if no specific NIC configuration files
    are specified for both roles since the 'external_bridge' tag is set
    in roles_data.yaml.

    This change also stops using net-config-bridge.yaml when the role
    includes the 'controller' tag, since the 'external_bridge' tag is
    used instead. A release note explains the change. This change is
    being backported from Victoria master branch.

    Closes-bug: 1890337
    Change-Id: I69c32d33a516c629303e87c8e9a0e4b8fe58c669
    (cherry picked from commit bc5b6133f1f192c7fe5330bc1fa13f8259eb9050)

tags: added: in-stable-ussuri
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/train)

Reviewed: https://review.opendev.org/755881
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=d56070a233eae5d5799342d791056378d6de494a
Submitter: Zuul
Branch: stable/train

commit d56070a233eae5d5799342d791056378d6de494a
Author: Dan Sneddon <email address hidden>
Date: Tue Aug 4 14:08:01 2020 -0700

    Create external bridge on Compute nodes by default for OVN with DVR

    OVN is used by default, which includes DVR and requires a Neutron
    external network bridge on the Compute nodes. This change adds the
    tag 'external_bridge' to the Controller roles and modifies the
    overcloud-resource-registry-puppet.j2.yaml file to set the default
    NIC configuration to net-config-bridge.yaml when this tag is set.
    This will cause both Controller and Compute nodes to have an
    external bridge by default if no specific NIC configuration files
    are specified for both roles since the 'external_bridge' tag is set
    in roles_data.yaml.

    This change also stops using net-config-bridge.yaml when the role
    includes the 'controller' tag, since the 'external_bridge' tag is
    used instead. A release note explains the change. This change is
    being backported from the Victoria master branch.

    Closes-bug: 1890337
    Change-Id: I69c32d33a516c629303e87c8e9a0e4b8fe58c669
    (cherry picked from commit bc5b6133f1f192c7fe5330bc1fa13f8259eb9050)

tags: added: in-stable-train
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 12.4.2

This issue was fixed in the openstack/tripleo-heat-templates 12.4.2 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 11.4.0

This issue was fixed in the openstack/tripleo-heat-templates 11.4.0 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.