Fuel for OpenStack

Cannot update ip_ranges for management and storage networks

  1. Series 7.0.x
  2. Bug #1365368
Bug #1365368 reported by harybahh
18
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Invalid
High
Fuel Python (Deprecated)
Fuel for OpenStack 8.0
6.1.x
Won't Fix
High
MOS Maintenance
Fuel for OpenStack 6.1-updates
7.0.x
Fix Released
High
Unassigned
Fuel for OpenStack 7.0

Bug Description

# fuel --fuel-version

api: '1.0'
astute_sha: 6db5f5031b74e67b92fcac1f7998eaa296d68025
build_id: 2014-08-14_19-52-36
build_number: '170'
fuellib_sha: a31dbac8fff9cf6bc4cd0d23459670e34b27a9ab
fuelmain_sha: fd58828f404e4298ed338e8f44c6a326cebd31de
mirantis: 'yes'
nailgun_sha: af3d1922bfc21345f81be3454115ab6139675c35
ostf_sha: 09b6bccf7d476771ac859bb3c76c9ebec9da9e1f
production: docker
release: 5.0.1

Through Web-UI, I create an environment, set networks and settings and add 3 nodes (1 controller, 2 computes/osd).
Before deploy changes, through Fuel CLI, I download network settings to modify IP ranges for management and storage networks.
I don't want the starting addresses Fuel determine.

# fuel --debug --env 1 network -d
GET http://127.0.0.1:8000/api/v1/clusters/1/
GET http://127.0.0.1:8000/api/v1/clusters/1/network_configuration/nova_network
Network configuration for environment with id=1 downloaded to /root/network_1.yaml

# vi network_1.yaml

Changes starting addresses in ip_ranges for mgmt and storage networks

# fuel --debug --env 1 network -u
GET http://127.0.0.1:8000/api/v1/clusters/1/
PUT http://127.0.0.1:8000/api/v1/clusters/1/network_configuration/nova_network data={"networking_parameters": {"fixed_network_size": 32, "fixed_networks_cidr": "192.168.78.32/27", "dns_nameservers": ["134.214.100.6", "134.214.100.9"], "floating_ranges": [["192.168.78.200", "192.168.78.254"]], "net_manager": "VlanManager", "fixed_networks_vlan_start": 1363, "fixed_networks_amount": 1}, "networks": [{"name": "public", "ip_ranges": [["192.168.78.131", "192.168.78.199"]], "gateway": "192.168.78.129", "meta": {"name": "public", "notation": "ip_ranges", "render_type": null, "assign_vip": true, "map_priority": 1, "ip_range": ["172.16.0.2", "172.16.0.127"], "vlan_start": null, "render_addr_mask": "public", "cidr": "172.16.0.0/24", "configurable": true, "gateway": "172.16.0.1", "use_gateway": true}, "cluster_id": 1, "vlan_start": 1369, "cidr": "192.168.78.128/25", "id": 2}, {"name": "management", "ip_ranges": [["192.168.77.131", "192.168.77.254"]], "gateway": null, "meta": {"name": "management", "notation": "cidr", "render_type": "cidr", "assign_vip": true, "map_priority": 2, "use_gateway": false, "vlan_start": 101, "render_addr_mask": "internal", "cidr": "192.168.0.0/24", "configurable": true}, "cluster_id": 1, "vlan_start": 1368, "cidr": "192.168.77.128/25", "id": 3}, {"name": "storage", "ip_ranges": [["192.168.77.3", "192.168.77.126"]], "gateway": null, "meta": {"name": "storage", "notation": "cidr", "render_type": "cidr", "assign_vip": false, "map_priority": 2, "use_gateway": false, "vlan_start": 102, "render_addr_mask": "storage", "cidr": "192.168.1.0/24", "configurable": true}, "cluster_id": 1, "vlan_start": 1367, "cidr": "192.168.77.0/25", "id": 4}, {"name": "fixed", "ip_ranges": [], "gateway": null, "meta": {"ext_net_data": ["fixed_networks_vlan_start", "fixed_networks_amount"], "name": "fixed", "notation": null, "render_type": null, "assign_vip": false, "map_priority": 2, "use_gateway": false, "vlan_start": null, "render_addr_mask": null, "configurable": false}, "cluster_id": 1, "vlan_start": null, "cidr": null, "id": 5}, {"name": "fuelweb_admin", "ip_ranges": [["192.168.73.5", "192.168.73.16"]], "gateway": null, "meta": {"notation": "cidr", "render_type": null, "assign_vip": false, "map_priority": 0, "unmovable": true, "use_gateway": false, "render_addr_mask": null, "configurable": false}, "cluster_id": null, "vlan_start": null, "cidr": "192.168.73.0/27", "id": 1}]}

JSON data are the wanted one, with new starting addresses (192.168.77.131 and 192.168.77.3)

When I download again network settings, starting addresses are still the original ones (192.168.77.130 and 192.168.77.2).
When I deploy the environment, the original starting addresses are used.

Fabrizio Soppelsa (fsoppelsa)
Changed in fuel:
importance: Undecided → Medium
Dmitry Pyzhov (dpyzhov)
Changed in fuel:
assignee: nobody → Fuel Python Team (fuel-python)
Revision history for this message
Aleksey Kasatkin (alekseyk-ru) wrote :

Fuel API supports ip_ranges setup for public and floating networks only. For all other networks ip_ranges is calculated from CIDR.
You can only change IPs on every node as a workaround:

# fuel --env 1 deployment default

Change nodes' IPs in yaml files.

# fuel --env 1 deployment upload

This will be fixed within https://blueprints.launchpad.net/fuel/+spec/advanced-networking where every network will have user-deifned IP ranges.

Changed in fuel:
milestone: none → 6.0
status: New → Confirmed
summary: - Update modified network settings failed
+ Cannot update ip_ranges for management and storage networks
Irina Povolotskaya (ipovolotskaya)
tags: added: release-notes
Vladimir Kuklin (vkuklin)
Changed in fuel:
status: Confirmed → Invalid
Revision history for this message
Andrew Woodward (xarses) wrote :

I've confirmed that uploading network yaml will NOT update the range in the database

# fuel --env 1 network --download

edit range start for any network but public

# fuel --env 1 network --upload

you can then download the network yaml or check the database ip_address_ranges table which have the same value (.1 or .2 it may move from .1 to .2 because some validator updates it to remove .1 from allocation after the networks are updated.

Real networks don't start at .1 or .2. This is a high issue and needs to be addressed in 7.0

Changed in fuel:
status: Invalid → Confirmed
importance: Medium → High
tags: added: customer-found
Changed in fuel:
status: Confirmed → Won't Fix
Revision history for this message
Andrew Woodward (xarses) wrote :

It's possible to just update the range in the sql table, but this is not a good solution for users

Revision history for this message
Aleksey Kasatkin (alekseyk-ru) wrote :

"meta" field for network is readonly for now. It should be allowed to change it via API.

Aleksandr Didenko (adidenko)
tags: added: feature
Revision history for this message
Andrew Woodward (xarses) wrote :

this is not a feature, its a High UX defect, it must be fixed, and backported

tags: removed: feature
Aleksey Kasatkin (alekseyk-ru)
tags: added: feature-advanced-networking
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to fuel-web (master)

Fix proposed to branch: master
Review: https://review.openstack.org/209892

Changed in fuel:
status: Triaged → In Progress
OpenStack Infra (hudson-openstack)
Changed in fuel:
assignee: Aleksey Kasatkin (alekseyk-ru) → Ivan Kliuk (ivankliuk)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: master
Review: https://review.openstack.org/211464

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on fuel-web (master)

Change abandoned by Ivan Kliuk (<email address hidden>) on branch: master
Review: https://review.openstack.org/211464
Reason: It was resolved not to change default 'notation' values.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fuel-web (master)

Reviewed: https://review.openstack.org/209892
Committed: https://git.openstack.org/cgit/stackforge/fuel-web/commit/?id=fb684c7c6e1ef3b9719a9c2559da0a31fb9131bb
Submitter: Jenkins
Branch: master

commit fb684c7c6e1ef3b9719a9c2559da0a31fb9131bb
Author: Ivan Kliuk <email address hidden>
Date: Sat Aug 1 11:15:00 2015 +0300

    Allow modification of NetworkGroup.meta

    * Additional validation logic for network configuration update.
    * Network configuration is validated using JSON-schema.
    * Unit tests for new validation logic and JSON-schema.
    * Additional helper methods in 'BaseValidatorTest'.
    * Minor cosmetic changes of 'test_network_template_validator.py'.

    Change-Id: Ibc4e7091eed299f513d850d7aa44453be14b9f40
    Closes-bug: #1365368
    Closes-bug: #1341026
    Closes-bug: #1469328

Changed in fuel:
status: In Progress → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to fuel-web (master)

Fix proposed to branch: master
Review: https://review.openstack.org/213347

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fuel-web (master)

Reviewed: https://review.openstack.org/213347
Committed: https://git.openstack.org/cgit/stackforge/fuel-web/commit/?id=2f75e217185cfeb64b8f43be87418dcf29684be6
Submitter: Jenkins
Branch: master

commit 2f75e217185cfeb64b8f43be87418dcf29684be6
Author: Ivan Kliuk <email address hidden>
Date: Fri Aug 14 20:48:40 2015 +0300

    [Tech debt] Networking validation schema change

    * Removed redundant 'network_group.NETWORK_GROUP' JSON-schema.
    * Added 'networks.NETWORK_CONFIGURATION', 'networks.NETWORK_GROUP' and
      'networks.NETWORK_GROUPS' JSON-schemas.
    * Network parameters are validated with corresponding JSON-schema.
    * Improved testing of validation process.

    Change-Id: Id86c1543ddd437f15242b384034d72e29a7e4ebc
    Partial-bug: #1365368
    Partial-bug: #1341026
    Partial-bug: #1469328

Nikita Marchenko (nmarchenko)
tags: added: on-verification
Revision history for this message
Nikita Marchenko (nmarchenko) wrote :

verified on 224 ISO

tags: removed: on-verification
Revision history for this message
Vitaly Sedelnik (vsedelnik) wrote :

Won't Fix for 6.1-updates because of high risk of regression (change is ~900 LOC)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to fuel-docs (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/223469

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to fuel-docs (master)

Reviewed: https://review.openstack.org/223469
Committed: https://git.openstack.org/cgit/stackforge/fuel-docs/commit/?id=ddf9c7a6000be78385ac838c4f482e48c94f268b
Submitter: Jenkins
Branch: master

commit ddf9c7a6000be78385ac838c4f482e48c94f268b
Author: evkonstantinov <email address hidden>
Date: Tue Sep 15 10:57:27 2015 +0300

    Add IP range can be updated resolved issue to relnotes

    Change-Id: Ife9dcca8b464ad956f3f7bd14204f98324c867c2
    Related-Bug:#1365368

Roman Rufanov (rrufanov)
tags: added: support
Sergey Shevorakov (sshevorakov)
tags: added: rca-done
Revision history for this message
Tatyanka (tatyana-leontovich) wrote :

issue is reproducing in 8.0 still
VERSION:
  feature_groups:
    - mirantis
  production: "docker"
  release: "8.0"
  openstack_version: "2015.1.0-8.0"
  api: "1.0"
  build_number: "139"
  build_id: "139"
  fuel-nailgun_sha: "218bc872776f272d793b11fe49f57d1415badd91"
  python-fuelclient_sha: "a3b4d6b395c8d23c04a94925006e742caf9ff7cd"
  fuel-agent_sha: "7027b9c31f1986c3904877a2133b1fcb77094beb"
  fuel-nailgun-agent_sha: "00b4b11553c250f22c0079fb74c8b782dcb7b740"
  astute_sha: "959b06c5ef8143125efd1727d350c050a922eb12"
  fuel-library_sha: "6163fc1eeb01142e500e93cd0555e78c3fbe58d6"
  fuel-ostf_sha: "bc0844c493490ddbe9ca1bb5d9f88c068772c7e3"
  fuel-createmirror_sha: "d3949f3094248b9686a4c20caea5ae13c9738a8d"
  fuelmenu_sha: "5ab60f1b7bbd770a204f1d5048a95c9c313ea43f"
  shotgun_sha: "25dd78a3118267e3616df0727ce746e7dead2d67"
  network-checker_sha: "722a2a46503cffa82d78243d516bf762cd9715fc"
  fuel-upgrade_sha: "1e894e26d4e1423a9b0d66abd6a79505f4175ff6"
  fuelmain_sha: "3b64b95f6b513b0d46b57525a858eea7a9809da3"
[root@nailgun ~]#

Steps:
Deploy master node
Bootstrap slaves from default nodegroup
3. Create cluster with Neutron VXLAN and custom nodegroup
4. Download network configuration using
     fuel --debug --env {id} --json --dir {dir} network -d
5. Update network.json with customized
IP ranges for management and storage networks
 6. Put new json on master node and update
 environment network configuration with it
http://paste.openstack.org/show/478445/
7. Download net data one more time and verify that new IP ranges are applied for network config

Actual:
changes were not applied

tags: added: are-python
tags: added: area-python
removed: are-python
Revision history for this message
Tatyanka (tatyana-leontovich) wrote :
Revision history for this message
Tatyanka (tatyana-leontovich) wrote :

Move to invalid according to for now to get data applied need provide additional data like update [meta][notation ] with changed element name (for instance for ip_ranges it will be looks like [meta][notation]:'ip_ranges')

Dmitry Pyzhov (dpyzhov)
no longer affects: fuel/8.0.x
Revision history for this message
Ed Balduf (ebalduf) wrote :
Download full text (6.6 KiB)

This seems to have reverted in 7.0

[root@fuel-ra ~]# fuel --fuel-version
DEPRECATION WARNING: /etc/fuel/client/config.yaml exists and will be used as the source for settings. This behavior is deprecated. Please specify the path to your custom settings file in the FUELCLIENT_CUSTOM_SETTINGS environment variable.
api: '1.0'
astute_sha: 6c5b73f93e24cc781c809db9159927655ced5012
auth_required: true
build_id: '301'
build_number: '301'
feature_groups:
- mirantis
fuel-agent_sha: 50e90af6e3d560e9085ff71d2950cfbcca91af67
fuel-library_sha: 5d50055aeca1dd0dc53b43825dc4c8f7780be9dd
fuel-nailgun-agent_sha: d7027952870a35db8dc52f185bb1158cdd3d1ebd
fuel-ostf_sha: 2cd967dccd66cfc3a0abd6af9f31e5b4d150a11c
fuelmain_sha: a65d453215edb0284a2e4761be7a156bb5627677
nailgun_sha: 4162b0c15adb425b37608c787944d1983f543aa8
openstack_version: 2015.1.0-7.0
production: docker
python-fuelclient_sha: 486bde57cda1badb68f915f66c61b544108606f3
release: '7.0'
release_versions:
  2015.1.0-7.0:
    VERSION:
      api: '1.0'
      astute_sha: 6c5b73f93e24cc781c809db9159927655ced5012
      build_id: '301'
      build_number: '301'
      feature_groups:
      - mirantis
      fuel-agent_sha: 50e90af6e3d560e9085ff71d2950cfbcca91af67
      fuel-library_sha: 5d50055aeca1dd0dc53b43825dc4c8f7780be9dd
      fuel-nailgun-agent_sha: d7027952870a35db8dc52f185bb1158cdd3d1ebd
      fuel-ostf_sha: 2cd967dccd66cfc3a0abd6af9f31e5b4d150a11c
      fuelmain_sha: a65d453215edb0284a2e4761be7a156bb5627677
      nailgun_sha: 4162b0c15adb425b37608c787944d1983f543aa8
      openstack_version: 2015.1.0-7.0
      production: docker
      python-fuelclient_sha: 486bde57cda1badb68f915f66c61b544108606f3
      release: '7.0'

[root@fuel-ra ~]# fuel --debug --env 6 network -d
DEPRECATION WARNING: /etc/fuel/client/config.yaml exists and will be used as the source for settings. This behavior is deprecated. Please specify the path to your custom settings file in the FUELCLIENT_CUSTOM_SETTINGS environment variable.
GET http://172.27.30.99:8000/api/v1/clusters/6/
GET http://172.27.30.99:8000/api/v1/clusters/6/network_configuration/neutron
Network configuration for environment with id=6 downloaded to /root/network_6.yaml
[root@fuel-ra ~]# cp network_6.yaml network_6.yaml.orig
[root@fuel-ra ~]# vi network_6.yaml
[root@fuel-ra ~]# diff network_6.yaml network_6.yaml.orig
96,97c96,97
< - - 172.27.25.180
< - 172.27.25.190
---
> - - 172.27.25.1
> - 172.27.25.254
 [root@fuel-ra ~]# cp network_6.yaml network_6.yaml.mod
[root@fuel-ra ~]# fuel --debug --env 6 network -u
DEPRECATION WARNING: /etc/fuel/client/config.yaml exists and will be used as the source for settings. This behavior is deprecated. Please specify the path to your custom settings file in the FUELCLIENT_CUSTOM_SETTINGS environment variable.
GET http://172.27.30.99:8000/api/v1/clusters/6/
PUT http://172.27.30.99:8000/api/v1/clusters/6/network_configuration/neutron data={"vips": {"vrouter_pub": {"node_roles": ["controller", "primary-controller"], "ipaddr": "172.27.31.100", "namespace": "vrouter", "network_role": "public/vip"}, "management": {"node_roles": ["controller", "primary-controller"], "ipaddr": "172.27.34.2", "namespace": "haproxy", "network_role"...

Read more...

Vitaly Sedelnik (vsedelnik)
tags: added: wontfix-risky
Revision history for this message
Kieran Evans (keyz182) wrote :
Download full text (6.4 KiB)

Hi. This appears to still be an issue in Fuel 8.0. (Public IPs anonymized to aaa.bbb.ccc with a single find/replace, so if you see aaa.bbb.ccc then it was the same value).

[root@fuel ~]# fuel --fuel-version
api: '1'
auth_required: true
feature_groups:
- mirantis
openstack_version: liberty-8.0
release: '8.0'

[root@fuel ~]# fuel --debug --env 1 network -d
GET http://192.168.1.1:8000/api/v1/clusters/1/
GET http://192.168.1.1:8000/api/v1/clusters/1/network_configuration/neutron
Network configuration for environment with id=1 downloaded to /root/network_1.yaml

[root@fuel ~]# nano network_1.yaml #Change public_vip and vips.public.ipaddr to a new IP (still within the public networks.ip_ranges)

[root@fuel ~]# fuel --debug --env 1 network -u
GET http://192.168.1.1:8000/api/v1/clusters/1/
PUT http://192.168.1.1:8000/api/v1/clusters/1/network_configuration/neutron data=
{
  "vips": {
    "vrouter_pub": {
      "namespace": "vrouter",
      "vendor_specific": {
        "iptables_rules": {
          "ns_start": [
            "iptables -t nat -A POSTROUTING -o <%INT%> -j MASQUERADE"
          ],
          "ns_stop": [
            "iptables -t nat -D POSTROUTING -o <%INT%> -j MASQUERADE"
          ]
        }
      },
      "ipaddr": "aaa.bbb.ccc.2",
      "node_roles": [
        "controller",
        "primary-controller"
      ],
      "network_role": "public/vip"
    },
    "management": {
      "namespace": "haproxy",
      "vendor_specific": null,
      "ipaddr": "192.168.101.2",
      "node_roles": [
        "controller",
        "primary-controller"
      ],
      "network_role": "mgmt/vip"
    },
    "public": {
      "namespace": "haproxy",
      "vendor_specific": null,
      "ipaddr": "aaa.bbb.ccc.4",
      "node_roles": [
        "controller",
        "primary-controller"
      ],
      "network_role": "public/vip"
    },
    "vrouter": {
      "namespace": "vrouter",
      "vendor_specific": null,
      "ipaddr": "192.168.101.3",
      "node_roles": [
        "controller",
        "primary-controller"
      ],
      "network_role": "mgmt/vip"
    }
  },
  "public_vrouter_vip": "aaa.bbb.ccc.2",
  "management_vrouter_vip": "192.168.101.3",
  "networking_parameters": {
    "configuration_template": null,
    "dns_nameservers": [
      "10.239.40.2",
      "10.239.40.130"
    ],
    "floating_ranges": [
      [
        "aaa.bbb.ccc.21",
        "aaa.bbb.ccc.199"
      ]
    ],
    "floating_name": "cscloud_floating_net",
    "net_l23_provider": "ovs",
    "base_mac": "fa:16:3e:00:00:00",
    "internal_gateway": "192.168.111.1",
    "internal_name": "cscloud_internal_net",
    "internal_cidr": "192.168.111.0/24",
    "gre_id_range": [
      2,
      65535
    ],
    "vlan_range": [
      1000,
      1030
    ],
    "segmentation_type": "tun"
  },
  "management_vip": "192.168.101.2",
  "public_vip": "aaa.bbb.ccc.4",
  "networks": [
    {
      "name": "public",
      "ip_ranges": [
        [
          "aaa.bbb.ccc.2",
          "aaa.bbb.ccc.4"
        ]
      ],
      "gateway": "aaa.bbb.ccc.1",
      "meta": {
        "vips": [
          "haproxy",
          "vrouter"
        ],
        "name...

Read more...

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Related blueprints

Remote bug watches

Bug watches keep track of this bug in other bug trackers.