OpenStack Octavia Charm

Contrail / Tungsten Fabric support

Bug #1967460 reported by Trent Lloyd
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Octavia Charm
New
Undecided
Unassigned

Bug Description

Juniper Contrail / Tungsten Fabric charmed deployments currently recommend using a custom build of the octavia charm (https://charmhub.io/apavlov-e-octavia) with 4 small patches/workarounds.

Use of this charm is officially documented here:
https://github.com/tungstenfabric/tf-charms/blob/4c7e6448767b99a01f974b85c83a7643fd13e833/examples/overlay-octavia/octavia-bundle.yaml#L14
https://www.juniper.net/documentation/en_US/contrail20/topics/task/installation/canonical-octavia.html

Besides the fact that it doesn't make sense for a forked charm to exist with these minor changes and they should be upstream anyway, this charm was built in May 2021 and has not been updated since leaving new deployments missing 11+ months of fixes to the charm and the octavia charm team unable to patch the charm in these environments.

We somehow need to review/understand and upstream functionality to make our charm work and then get the documentation updated to deprecate this charm. The 4 patches included appear to be:

(1) src/lib/charm/openstack/octavia.py:health_manager_bind_ip

Replaced with:
return ch_net_ip.get_host_ip(ch_core.hookenv.network_get("public")["ingress-addresses"][0])

Not immediately clear why the original code doesn't work here - need to research further

(2) src/lib/charm/openstack/octavia.py:controller_ip_port_list

Replaced with:
return ch_net_ip.get_host_ip(ch_core.hookenv.network_get("public")["ingress-addresses"][0]) + ':' + OCTAVIA_HEALTH_LISTEN_PORT

Not immediately clear why the original code doesn't work here - need to research further

(3) lib/charm/openstack/api_crud.py:setup_hm_port

Function just runs "return". This function seems OVS specific so it needs to somehow only run the OVS specific setup when appropriate.

(4) lib/charm/openstack/api_crud.py:set_service_quotas_unlimited

@@ -780,7 +785,16 @@ def set_service_quotas_unlimited(identity_service):
                 "quota": {
                     "port": _ul, "security_group": _ul,
                     "security_group_rule": _ul, "network": _ul, "subnet": _ul,
- "floatingip": _ul, "router": _ul, "rbac_policy": _ul}})
+ "floatingip": _ul, "router": _ul}})
+ try:
+ nc.update_quota(
+ identity_service.service_tenant_id(),
+ body={
+ "quota": {"rbac_policy": _ul}})
+ except Exception:
+ # TF returns exception for OpenStack Ussury for this type of quota
+ # TODO: fix TF and remove this hack
+ pass

Need to follow-up on if this was fixed and whether it covers all deployed versions or otherwise how we can correctly detect and deal with this situation properly.

Revision history for this message
Trent Lloyd (lathiat) wrote :

Full diff output between "charm pull apavlov-e-octavia" and git commit e24860fdeecbe63154f45b81c140c712143f8927 (from repo-info in the built charm)

$ git diff --no-index charm-octavia/src/lib/charm/openstack/octavia.py octavia/lib/charm/openstack/octavia.py
diff --git a/charm-octavia/src/lib/charm/openstack/octavia.py b/octavia/lib/charm/openstack/octavia.py
index 4677856..5e78fe3 100644
--- a/charm-octavia/src/lib/charm/openstack/octavia.py
+++ b/octavia/lib/charm/openstack/octavia.py
@@ -97,6 +97,11 @@ def health_manager_bind_ip(cls):
     :returns: IP address of unit local Health Manager interface.
     :rtype: str
     """
+
+ # -> contrail addition
+ return ch_net_ip.get_host_ip(ch_core.hookenv.network_get("public")["ingress-addresses"][0])
+ # <- contrail addition
+
     ip_list = []
     for af in ['AF_INET6', 'AF_INET']:
         try:
@@ -143,6 +148,11 @@ def controller_ip_port_list(cls):
     :returns: Comma separated list of ip:port pairs.
     :rtype: str
     """
+
+ # -> contrail addition
+ return ch_net_ip.get_host_ip(ch_core.hookenv.network_get("public")["ingress-addresses"][0]) + ':' + OCTAVIA_HEALTH_LISTEN_PORT
+ # <- contrail addition
+
     try:
         ip_list = json.loads(
             leadership.leader_get('controller-ip-port-list'))

$ git diff --no-index charm-octavia/src/lib/charm/openstack/api_crud.py octavia/lib/charm/openstack/api_crud.py
diff --git a/charm-octavia/src/lib/charm/openstack/api_crud.py b/octavia/lib/charm/openstack/api_crud.py
index 81c8b31..16cd1bb 100644
--- a/charm-octavia/src/lib/charm/openstack/api_crud.py
+++ b/octavia/lib/charm/openstack/api_crud.py
@@ -424,6 +424,11 @@ def setup_hm_port(identity_service, octavia_charm, host_id=None):
     :rtype: bool
     :raises: api_crud.APIUnavailable, api_crud.DuplicateResource
     """
+
+ # -> contrail addition
+ return
+ # <- contrail addition
+
     unit_changed = False
     hm_port = get_hm_port(
         identity_service,
@@ -780,7 +785,16 @@ def set_service_quotas_unlimited(identity_service):
                 "quota": {
                     "port": _ul, "security_group": _ul,
                     "security_group_rule": _ul, "network": _ul, "subnet": _ul,
- "floatingip": _ul, "router": _ul, "rbac_policy": _ul}})
+ "floatingip": _ul, "router": _ul}})
+ try:
+ nc.update_quota(
+ identity_service.service_tenant_id(),
+ body={
+ "quota": {"rbac_policy": _ul}})
+ except Exception:
+ # TF returns exception for OpenStack Ussury for this type of quota
+ # TODO: fix TF and remove this hack
+ pass
     except (keystone_exceptions.catalog.EndpointNotFound,
             keystone_exceptions.connection.ConnectFailure,
             nova_client.exceptions.ClientException) as e:

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.