tripleo

No simple way to add static route on provisioning network via undercloud.conf

Bug #1819464 reported by Harald Jensås
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
Fix Released
Medium
Harald Jensås

Bug Description

An issue was reported in RHBZ#1665874 where the DHCP relay agent on a switch used source address that is not the IP range of any of the ctlplane network subnets. The DHCP relay have a source address that is not in any of the provisioning subnets, thus the undercloud forwards the packet out the default gateway and the asymetric filters drop the packages in the kernel.

A workaround is possible by using ``net_config_override`` override in undercloud.conf and provide a template statically defineing all the neccecarry routes.

net_config_override = /home/stack/net-config.json.template

File: /home/stack/net-config.json.template

"network_config": [
 {
  "type": "ovs_bridge",
  "name": "br-ctlplane",
  "ovs_extra": [
   "br-set-external-id br-ctlplane bridge-id br-ctlplane"
  ],
  "members": [
   {
    "type": "interface",
    "name": "{{LOCAL_INTERFACE}}",
    "primary": "true",
    "mtu": {{LOCAL_MTU}},
    "dns_servers": {{UNDERCLOUD_NAMESERVERS}}
   }
  ],
  "addresses": [
    {
      "ip_netmask": "{{PUBLIC_INTERFACE_IP}}"
    }
  ],
  "routes": [
      #
      # The first two are the routes to the peer ctlplane subnets
      #
      {
        "ip_netmask": "192.168.11.0/24",
        "next_hop": "192.168.24.1"
      },
      {
        "ip_netmask": "192.168.12.0/24",
        "next_hop": "192.168.24.1"
      },
      #
      # This additional route to the DHCP relay
      #
      {
        "ip_netmask": "192.168.254.251/32",
        "next_hop": "192.168.24.1"
      }
  ],
  "mtu": {{LOCAL_MTU}}
 }
]

The undercloud.conf should have a way to define additonal routes for the ctlplane interface. It also makes sense for these routes to be present on the overcloud nodes. We probably want to add a 'host_routes' option to the subnet defenitions in undercloud.conf, i.e:

[ctlplane-subnet]
local_subnet = ctlplane-subnet
cidr = 192.168.24.0/24
dhcp_start = 192.168.24.5
dhcp_end = 192.168.24.24
gateway = 192.168.24.1
inspection_iprange = 192.168.24.100,192.168.24.120
masquerade = False
host_routes = [{"destination": "192.168.254.251/32", "nexthop": "192.168.24.1"}]

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to python-tripleoclient (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/642566

Changed in tripleo:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (master)

Fix proposed to branch: master
Review: https://review.openstack.org/642567

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to python-tripleoclient (master)

Reviewed: https://review.openstack.org/642566
Committed: https://git.openstack.org/cgit/openstack/python-tripleoclient/commit/?id=034778b6a8bb0740f0b157f1b105c2e6c0c25712
Submitter: Zuul
Branch: master

commit 034778b6a8bb0740f0b157f1b105c2e6c0c25712
Author: Harald Jensås <email address hidden>
Date: Mon Mar 11 19:23:25 2019 +0100

    Undercloud - support ctlplane subnet host routes

    Add new option 'host_routes' to the subnet definitions
    for the ctlplane network in undercloud.conf.

    Routes defined for the local subnet will be appended
    to the THT parameter 'ControlPlaneStaticRoutes'. The
    net-config template for the undercloud will ensure
    these routes are configured on the undercloud.

    Routes are also added to UndercloudCtlplaneSubnets
    parameter used by the undercloud to create the
    ctlplane network and subnets. In THT change:
    I46b7c7175f542ad4d375a20f133c05064e7b7222 this new
    data is used so that the host routes are configured
    for the neutron ctlplane subnets.

    Related-Bug: #1819464
    Change-Id: I692fcc4a494b2cda1911814a53a0c6ec2f99f807

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (master)

Reviewed: https://review.openstack.org/642567
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=42b0bc930a525f6ff35b35bb7cb9fc93c7a829df
Submitter: Zuul
Branch: master

commit 42b0bc930a525f6ff35b35bb7cb9fc93c7a829df
Author: Harald Jensås <email address hidden>
Date: Mon Mar 11 20:04:08 2019 +0100

    Support ctlplane subnet host routes from undercloud.conf

    Change: I692fcc4a494b2cda1911814a53a0c6ec2f99f807 in
    python-tripleoclient added support to define host routes
    for the subnets in undercloud.conf.

    Update the undercloud ctlplane network post script so
    that it add's these routes to the host_routes property
    of the undercloud ctlplane subnets.

    THT already uses the data in the subnets host_routes, it
    is passed as ControlPlaneStaticRoutes to NetworkConfig
    unless ControlPlaneStaticRoutes was statically overriden
    in the environment.

    Closes-Bug: #1819464
    Depends-On: I692fcc4a494b2cda1911814a53a0c6ec2f99f807
    Change-Id: I46b7c7175f542ad4d375a20f133c05064e7b7222

Changed in tripleo:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to python-tripleoclient (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/643042

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to python-tripleoclient (master)

Reviewed: https://review.openstack.org/643042
Committed: https://git.openstack.org/cgit/openstack/python-tripleoclient/commit/?id=931e88a63e2747bdda51c9bc74d0565dff4f76aa
Submitter: Zuul
Branch: master

commit 931e88a63e2747bdda51c9bc74d0565dff4f76aa
Author: Harald Jensås <email address hidden>
Date: Wed Mar 13 13:44:19 2019 +0100

    Undercloud - ironic inspector - host routes

    Configure the host_routes specified for subnets
    in undercloud.conf as classless static routes
    in ironic inspectors dnsmasq configuration.

    The advanced routing options will be pushed to
    the inspection ramdisk similar to the way they
    are already pushed to ironic-python-agent.

    Related-Bug: #1819464
    Depends-On: I2229d386bff8ae63e4efe8406770b2b378a1991f
    Change-Id: I1afb720ae4ee4ce586c16a440e8edf8c2b23e155

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 10.5.0

This issue was fixed in the openstack/tripleo-heat-templates 10.5.0 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.