yahoo-eng-team team mailing list archive

[OpenStack Infra <1881029@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/731367
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=0402337c151d6db3b6e04569df3735e0dc44125f
Submitter: Zuul
Branch:    master

commit 0402337c151d6db3b6e04569df3735e0dc44125f
Author: Roman Safronov <rsafrono@xxxxxxxxxx>
Date:   Thu May 28 01:19:41 2020 +0300

    Fix ssh to nodes during ML2/OVS to ML2/OVN migration
    
    Migration ansible playbooks are not able to connect to overcloud
    nodes using ssh due to bad settings in the generated ansible
    inventory file. Ctlplane subnet ip addresses should be used by
    ansible in order to be able to establish connection successfully.
    
    Closes-bug: #1881029
    Change-Id: I1588b88279ba1e25706cc74f4a888901e5aadcb6


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1881029

Title:
  SSH issues during ML2/OVS to ML2/OVN migration

Status in neutron:
  Fix Released

Bug description:
  During ml2ovs -> ml2ovn migration ansible is not able to connect to
  openstack nodes. This happens because ansible_host variables for all
  nodes in the generated ansible inventory file are set to node
  hostnames. The hostnames are resolved by /etc/hosts to 'management'
  network ip addresses which are not accessible from the undercloud
  host.

  ovn_migration.sh script uses the following command to retrieve nodes ip addresses from tripleo ansible inventory:
  ip=`jq -r --arg role _meta --arg hostname $host_name 'to_entries[] | select(.key == $role) | .value.hostvars[$hostname].management_ip' $inventory_file`

  Example of the node data from tripleo ansible inventory:
  [...]
      "_meta": {
          "hostvars": {
              "controller-0": {
                  "ansible_host": "192.168.24.43",
                  "deploy_server_id": "9579f5a6-f8e9-474d-ac80-5021bbc99865",
                  "enabled_networks": [
                      "ctlplane",
                      "storage",
                      "storage_mgmt",
                      "internal_api",
                      "tenant",
                      "external"
                  ],
                  "ctlplane_ip": "192.168.24.43",
                  "storage_ip": "172.17.3.94",
                  "storage_mgmt_ip": "172.17.4.127",
                  "internal_api_ip": "172.17.1.104",
                  "tenant_ip": "172.17.2.133",
                  "external_ip": "10.0.0.144",
  [...]

  
  as can be seen there is no management network anymore so the command returns nothing and then the ovn_migration script fallbacks to the node hostname.

  Not working ansible inventory file (current state):
  [ovn-controllers]
  controller-0 ansible_host=controller-0 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  controller-1 ansible_host=controller-1 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  controller-2 ansible_host=controller-2 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  [...]

  
  Suggested solution is to use ctlplane_ip (or ansible_host) parameter from the above structure. 

  Working ansible inventory file example:
  [ovn-controllers]
  controller-0 ansible_host=192.168.24.43 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  controller-1 ansible_host=192.168.24.17 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  controller-2 ansible_host=192.168.24.26 ansible_ssh_user=heat-admin ansible_become=true ovn_controller=true
  [...]

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1881029/+subscriptions