tripleo

dhcp-all-interfaces interactions breaks bridged configurations

Bug #1272969 reported by Robert Collins on 2014-01-26

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	tripleo	Fix Released	Critical	Dan Prince

Bug Description

I alluded to this in another bug, but here's a split out one:

when we provision an instance, the physical nic (e.g. eth2) starts out as unconfigured. dhcp-all-interfaces configures it - and then after we have metadata we then move the address to the bridge device without changing config files . This leaves dhcp-client running on the interface.

When the dhcp lease expires, it renews the interface and we then have that address on both the physical interface and the ovs bridge, which breaks all traffic.

I'm not sure of the right fix, but this is breaking the ci-overcloud on a regular basis.

https://etherpad.openstack.org/p/tripleo-dhcp-all-interfaces-iteration-2

See original description

Revision history for this message

Dan Prince (dan-prince) wrote on 2014-01-27:

Why not just have init-neutron-ovs remove the network config (if it exists)?

Dan Prince (dan-prince) on 2014-01-28

Changed in tripleo:
assignee:	nobody → Dan Prince (dan-prince)

Dan Prince (dan-prince) on 2014-01-28

Changed in tripleo:
status:	Triaged → In Progress

Revision history for this message

Dan Prince (dan-prince) wrote on 2014-01-28:

Okay. So in init-neutron-ovs what if we take a slightly different approach and we configure the bridge and interface via config files (properly).

Essentially do something like this:

For RHEL/Fedora:

https://github.com/osrg/openvswitch/blob/master/rhel/README.RHEL#L65

For Debian:

https://github.com/osrg/openvswitch/blob/master/debian/openvswitch-switch.README.Debian#L63

Then if we have init-neutron-ovs just ifdown/ifup the interfaces a new lease should be obtained, it will be on the bridge, and everything should be happy right?

The way we currently do it is problematic because it leaves the network scripts untouched. We need to edit/add to them for sure to make them persistent.

In doing this we also need to adjust dhcp-all-interfaces such that it leaves existing network scripts untouched. I think it already does this...

Robert Collins (lifeless) on 2014-01-28

description:

updated

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-01-29: Fix proposed to tripleo-image-elements (master)

Fix proposed to branch: master
Review: https://review.openstack.org/69918

Revision history for this message

Robert Collins (lifeless) wrote on 2014-02-18:

So configuring via config files isn't the problem - the problem is that we have to configure eth2 to bring up the machine and then we have to *reconfigure* it to not dhcp eth2 anymore.

Revision history for this message

Dan Prince (dan-prince) wrote on 2014-03-18:

Robert: Agree that config files aren't the root of this problem. But my implementation will fix this problem as well: namely not having dhclient running on multiple interfaces for the same lease.

Revision history for this message

Openstack Gerrit (openstack-gerrit) wrote on 2014-04-18: Fix merged to tripleo-image-elements (master)

Reviewed: https://review.openstack.org/69918
Committed: https://git.openstack.org/cgit/openstack/tripleo-image-elements/commit/?id=06ef9918aa63e675c0197ed934e68e21e8572f7c
Submitter: Jenkins
Branch: master

commit 06ef9918aa63e675c0197ed934e68e21e8572f7c
Author: Dan Prince <email address hidden>
Date: Wed Jan 29 12:22:38 2014 -0500

Refactor ensure-bridge for persistance

    Updates ensure-bridge so that we use network-scripts and eni files
    to configure persistent network configs using the distro provided
    mechanism. See docs here:

http://git.openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=blob;f=rhel/README.RHEL;hb=HEAD
http://git.openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=blob;f=debian/openvswitch-switch.README.Debian;hb=HEAD

This resolves some problems with the previous approach affecting
lease renewal and machine reboots.

With the new approach:

    - tmp config files are written to disk
    - the real config files are overwritten if a change is detected
    - ifup/ifdown commands are used to start/stop the network interfaces
      if a change has been made
    - All of the ip, ovs-vsctl, etc. commands are handled by the distro
      scripts

    One more important change is that ensure-bridge expects both
    the EXTERNAL_BRIDGE and PHYSICAL_INTERFACE parameters. Previously
    the script only required EXTERNAL_BRIDGE. We don't have a use case
    for using ensure-bridge without a physical interface so I just made
    both required since this made the implementation simpler.

Change-Id: Ib775598d3bdd6f1ccecb283f47d10b92aaf0bd35
Closes-bug: #1272969

Changed in tripleo:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.