XenServer ensure_vlan_bridge in VLAN mode

Hi Edouard,

Sorry for the delayed reply.

looking at the provided stack trace it seems xapi backend fails to evaluate the filter expression for PIFs.
Can you confirm that FLAGS.vlan_interface is not empty on your system? (it shouldn't be, anyway).

Also, you could really help me reproducing the failure by posting a few more bits, namely:

- version of XenServer/XCP/OSS Xen
- networking stack (linux bridge/OVS)
- complete set of flags for nova-compute

Thanks,
Salvtore

Apologies again I did not see you were using XenServer 5.6...

Hi Salvatore,

I use the XenServer 5.6 with nova revision 1158 on Ubuntu 10.04.2 and the Linux networking stack (for the moment).

Here my Xenserver compute config :

--verbose
--logdir=/var/log/nova/
--lock_path=/var/lib/nova/lockfiles/

--sql_connection=mysql://root:nova@p-novamaster/nova
--s3_host=p-novamaster
--rabbit_host=p-novamaster
--cc_host=p-novamaster
--ec2_url=http://p-novamaster:8773/services/Cloud
--auth_driver=nova.auth.dbdriver.DbDriver

--connection_type=xenapi
--xenapi_connection_url=https://p-hs22-13
--xenapi_connection_username=root
--xenapi_connection_password=orange
--xenapi_inject_image=false
--rescue_timeout=86400

--network_driver=nova.network.xenapi_net
--network_manager=nova.network.manager.VlanManager
--routing_source_ip=10.193.175.154
--dhcpbridge_flagfile=/etc/nova/nova.conf
--vlan_interface=xenbr1
--public_interface=xenbr0
--dhcpbridge=/usr/bin/nova-dhcpbridge
--ec2_dmz_host=10.193.175.44
#--fixed_range=172.16.1.0/24
--dmz_cidr=10.193.175.44/32

--ca_path=/var/lib/nova/CA/
--keys_path=/var/lib/nova/keys/
--images_path=/media/data/Nova/images/
--buckets_path=/media/data/Nova/buckets/
--networks_path=/var/lib/nova/networks/
--instances_path=/var/lib/nova/instances/

--image_service=nova.image.glance.GlanceImageService
--glance_api_server=p-novamaster

--default_project=simple
--allow_admin_api=True
--allow_project_net_traffic=False

--vpn_image_id=71
--use_project_ca
--cnt_vpn_clients=5

--iscsi_ip_prefix=10.193.175.167

Hi Edouard,

I haven't yet tried to run nova using your conf, but this flag caught my eye:

--vlan_interface=xenbr1

vlan_interface is supposed to be physical ethernet device over which VLANs are created.
For xenapi, this should be a PIF, and therefore eth1 (which is usally associated with xenbr1).

As soon as I will run nova with your configuration I will be able to provide you with more detailed information.

Hi Salvatore,

Yes, you are right. I must set 'vlan_interface' to eth1.
I Tried it, but I always have the same problem.

Hi Edouard,

I apologise but I've been unable to reproduce the exception so far, even with your configuration.
Basically the problem appears to be an internal xenapi failure when evaluating the filter expression for PIF.get_all_records_where operation.

I'm afraid I have to ask you some more information:

1) XenServer build number
     (you can retrieve it by executing 'cat /etc/xensource-inventory | grep BUILD_NUMBER' at dom0 console)
2) PIFs - are there only ethX PIFs or are there other PIFs as well? Do eth PIFs have the VLAN attribute set to '-1'?
     (it would be great to have xe pif-list output, but I understand there might be privacy concerns).

Thanks,
Salvatore

Hi,

1)
# cat /etc/xensource-inventory | grep BUILD_NUMBER
BUILD_NUMBER='47101p'

2) No privacy problem to give the PIF output :

xe pif-list
uuid ( RO) : 40dbbf5f-ac4a-9c2d-311b-c16cc42a70f0
                device ( RO): eth0
    currently-attached ( RO): true
                  VLAN ( RO): -1
          network-uuid ( RO): 11ab40a2-6e1f-245c-1325-43c518b4f701

uuid ( RO) : cd6264a5-66e4-513f-0923-19fd75b9255a
                device ( RO): eth1
    currently-attached ( RO): true
                  VLAN ( RO): 100
          network-uuid ( RO): a8476c27-5390-e86c-8191-f7d48867c27f

uuid ( RO) : 9774dced-3d9f-f5b1-d4ec-ec0732c46c1e
                device ( RO): eth1
    currently-attached ( RO): true
                  VLAN ( RO): -1
          network-uuid ( RO): 88a9610a-cda1-1382-ac69-14fc9ce14d78

Oops, just to say, I openned a question about XenServer and Glance here: https://answers.launchpad.net/nova/+question/161683

Perhaps you can answer it.

For the output command 'xe pif-list', the second entry correspond to a network of a Nova project (VLAN 100 I set manually).
If I haven't any network set for a Nova project, the output command is:

<XenServer># xe pif-list
uuid ( RO) : 40dbbf5f-ac4a-9c2d-311b-c16cc42a70f0
                device ( RO): eth0
    currently-attached ( RO): true
                  VLAN ( RO): -1
          network-uuid ( RO): 11ab40a2-6e1f-245c-1325-43c518b4f701

uuid ( RO) : 9774dced-3d9f-f5b1-d4ec-ec0732c46c1e
                device ( RO): eth1
    currently-attached ( RO): true
                  VLAN ( RO): -1
          network-uuid ( RO): 88a9610a-cda1-1382-ac69-14fc9ce14d78

I made a small patch.

If network doesn't exist, it create one and it gets all PIF and explores them to find the one with associated device is equal to flag 'vlan_interface' and VLAN to value '-1'. If found, create new PIF with project VLAN id and associate it to the new network. If doesn't found, it raises an exception.

Hi Edouard,

I looked back at your initial bug report and I saw you found the error against rev 1158.
Looking at changes in nova revs, I found out that the string for building the filter was slightly changed, replacing single quotes with double quotes and vice versa.
This caused the failure as xapi backend only accepts filter tokens enclosed in double quotes.

I think the change was due to coding style consistency. I have reverted the string to the old style, and verified that the error does not occur anymore. The fix will be proposed for merge.

If the change gets rejected for coding style issues, I will propose a fix along the lines of the patch you supplied (btw, thanks for providing it).

Thanks,
Salvatore