← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #82787

[Bug 1881029] [NEW] SSH issues during ML2/OVS to ML2/OVN migration

  Thread PreviousDate PreviousThread Next 
Public bug reported:

During ml2ovs -> ml2ovn migration ansible is not able to connect to
openstack nodes. This happens because ansible_host variables for all
nodes in the generated ansible inventory file are set to node hostnames.
The hostnames are resolved by /etc/hosts to 'management' network ip
addresses which are not accessible from the undercloud host.

ovn_migration.sh script uses the following command to retrieve nodes ip addresses from tripleo ansible inventory:
ip=`jq -r --arg role _meta --arg hostname $host_name 'to_entries[] | select(.key == $role) | .value.hostvars[$hostname].management_ip' $inventory_file`

Example of the node data from tripleo ansible inventory:
[...]
    "_meta": {
        "hostvars": {
            "controller-0": {
                "ansible_host": "192.168.24.43",
                "deploy_server_id": "9579f5a6-f8e9-474d-ac80-5021bbc99865",
                "enabled_networks": [
                    "ctlplane",
                    "storage",
                    "storage_mgmt",
                    "internal_api",
                    "tenant",
                    "external"
                ],
                "ctlplane_ip": "192.168.24.43",
                "storage_ip": "172.17.3.94",
                "storage_mgmt_ip": "172.17.4.127",
                "internal_api_ip": "172.17.1.104",
                "tenant_ip": "172.17.2.133",
                "external_ip": "10.0.0.144",
[...]


as can be seen there is no management network anymore so the command returns nothing and then the ovn_migration script fallbacks to the node hostname.

Not working ansible inventory file (current state):
[ovn-controllers]
controller-0 ansible_host=controller-0 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
controller-1 ansible_host=controller-1 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
controller-2 ansible_host=controller-2 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
[...]


Suggested solution is to use ctlplane_ip (or ansible_host) parameter from the above structure. 

Working ansible inventory file example:
[ovn-controllers]
controller-0 ansible_host=192.168.24.43 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
controller-1 ansible_host=192.168.24.17 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
controller-2 ansible_host=192.168.24.26 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
[...]

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1881029

Title:
  SSH issues during ML2/OVS to ML2/OVN migration

Status in neutron:
  New

Bug description:
  During ml2ovs -> ml2ovn migration ansible is not able to connect to
  openstack nodes. This happens because ansible_host variables for all
  nodes in the generated ansible inventory file are set to node
  hostnames. The hostnames are resolved by /etc/hosts to 'management'
  network ip addresses which are not accessible from the undercloud
  host.

  ovn_migration.sh script uses the following command to retrieve nodes ip addresses from tripleo ansible inventory:
  ip=`jq -r --arg role _meta --arg hostname $host_name 'to_entries[] | select(.key == $role) | .value.hostvars[$hostname].management_ip' $inventory_file`

  Example of the node data from tripleo ansible inventory:
  [...]
      "_meta": {
          "hostvars": {
              "controller-0": {
                  "ansible_host": "192.168.24.43",
                  "deploy_server_id": "9579f5a6-f8e9-474d-ac80-5021bbc99865",
                  "enabled_networks": [
                      "ctlplane",
                      "storage",
                      "storage_mgmt",
                      "internal_api",
                      "tenant",
                      "external"
                  ],
                  "ctlplane_ip": "192.168.24.43",
                  "storage_ip": "172.17.3.94",
                  "storage_mgmt_ip": "172.17.4.127",
                  "internal_api_ip": "172.17.1.104",
                  "tenant_ip": "172.17.2.133",
                  "external_ip": "10.0.0.144",
  [...]

  
  as can be seen there is no management network anymore so the command returns nothing and then the ovn_migration script fallbacks to the node hostname.

  Not working ansible inventory file (current state):
  [ovn-controllers]
  controller-0 ansible_host=controller-0 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  controller-1 ansible_host=controller-1 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  controller-2 ansible_host=controller-2 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  [...]

  
  Suggested solution is to use ctlplane_ip (or ansible_host) parameter from the above structure. 

  Working ansible inventory file example:
  [ovn-controllers]
  controller-0 ansible_host=192.168.24.43 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  controller-1 ansible_host=192.168.24.17 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  controller-2 ansible_host=192.168.24.26 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  [...]

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1881029/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next