Ubuntu
ovn package

  1. Bug #1924981
  2. Comment #10

Comment 10 for bug 1924981

Revision history for this message
Frode Nordahl (fnordahl) wrote :

With the gate job for the Octavia charm I deployed a bionic-ussuri cloud with the currently released packages (Note that the amphora image was built with focal pending resolution of bug 1895835).

I can confirm that the test fails with not being able to reach the FIP:
--2021-06-11 07:33:28-- http://10.78.95.98/
Connecting to 10.78.95.98:80... failed: Connection timed out.
Retrying.

And I can confirm that the ovn-controller for the hypervisor hosting the load balancer logs:
2021-06-11T05:36:21.649Z|00130|pinctrl|INFO|Claiming virtual lport 96582bd0-1823-49bd-9c40-fad147c47ca3 for this chassis with the virtual parent 38910d74-fe51-454e-907c-448c32c96661
2021-06-11T05:36:21.651Z|00131|ovsdb_idl|WARN|Dropped 17 log messages in last 55 seconds (most recently, 5 seconds ago) due to excessive rate
2021-06-11T05:36:21.651Z|00132|ovsdb_idl|WARN|transaction error: {"details":"RBAC rules for client \"awake-mammal.maas\" role \"ovn-controller\" prohibit modification of table \"Port_Binding\".","error":"permission error"}
2021-06-11T05:36:21.651Z|00133|main|INFO|OVNSB commit failed, force recompute next time.

I can confirm that after adding the -proposed pocket on ovn-central and ovn-chassis units and then upgrading the ovn-common, ovn-host and ovn-central packages the test succeeds and the RBAC violation is no longer logged by ovn-controller:
--2021-06-11 07:42:19-- (try: 5) http://10.78.95.98/
Connecting to 10.78.95.98:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 10918 (11K) [text/html]
Saving to: ‘STDOUT’

- 100%[===================>] 10.66K --.-KB/s in 0s

2021-06-11 07:42:19 (485 MB/s) - written to stdout [10918/10918]

2021-06-11 07:42:19 [INFO] Found "This is the default welcome page" in page retrieved through load balancer (provider="amphora") at "http://10.78.95.98/"

$ juju run --application ovn-central 'dpkg -l |grep ovn'
- Stdout: |
    ii ovn-central 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN central components
    ii ovn-common 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN common components
  UnitId: ovn-central/0
- Stdout: |
    ii ovn-central 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN central components
    ii ovn-common 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN common components
  UnitId: ovn-central/1
- Stdout: |
    ii ovn-central 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN central components
    ii ovn-common 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN common components
  UnitId: ovn-central/2

$ juju run --application ovn-chassis 'dpkg -l |grep ovn'
- Stdout: |
    ii neutron-ovn-metadata-agent 2:16.3.1-0ubuntu1~cloud0 all Neutron is a virtual network service for Openstack - OVN metadata agent
    ii ovn-common 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN common components
    ii ovn-host 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN host components
  UnitId: ovn-chassis/0
- Stdout: |
    ii neutron-ovn-metadata-agent 2:16.3.1-0ubuntu1~cloud0 all Neutron is a virtual network service for Openstack - OVN metadata agent
    ii ovn-common 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN common components
    ii ovn-host 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN host components
  UnitId: ovn-chassis/2
- Stdout: |
    ii neutron-ovn-metadata-agent 2:16.3.1-0ubuntu1~cloud0 all Neutron is a virtual network service for Openstack - OVN metadata agent
    ii ovn-common 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN common components
    ii ovn-host 20.03.2-0ubuntu0.20.04.1~cloud0 amd64 OVN host components
  UnitId: ovn-chassis/1

For reference packages on the neutron-api units was not touched as part of the test, and they were running python3-neutron 2:16.3.1-0ubuntu1~cloud0 for neutron-server.