yahoo-eng-team team mailing list archive

Thread
Date
[Bug 1890400] Re: Default gateway in HA router namespace not set if using Keepalived 1.x

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1890400@xxxxxxxxxxxxxxxxxx>
Date: Mon, 24 Aug 2020 17:43:07 -0000
Reply-to: Bug 1890400 <1890400@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Reviewed:  https://review.opendev.org/745641
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=7abe0ee34c367b4abf84820048b4aed643fc1162
Submitter: Zuul
Branch:    master

commit 7abe0ee34c367b4abf84820048b4aed643fc1162
Author: Slawek Kaplonski <skaplons@xxxxxxxxxx>
Date:   Tue Aug 11 10:47:24 2020 +0200

    Add 'keepalived_use_no_track' config option
    
    Patch [1] added option "no_track" to the keepalived's config file which
    is generated by L3 agent in HA mode.
    This was added to handle properly keepalived 2.x and interfaces which
    are in DOWN state in the backup nodes.
    But this "no_track" option is not compatible with keepalived 1.x series
    which is available e.g. on Ubuntu 18.04.
    
    As there is no easy way to check automatically if keepalived supports or
    not this config flag, this patch introduces new config option
    "keepalived_use_no_track".
    If this config option will be set to False, neutron L3 agent will not
    add "no_track" to the keepalived's config.
    
    As master branch is moving to gate on Ubuntu 20.04 where keepalived 2.x
    is already available, this new config option default value is set to
    True.
    
    [1] https://review.opendev.org/#/c/721799/
    
    Change-Id: I2dfdb9f56de28d56ca0f240ff34fa7c3a12e339b
    Closes-Bug: #1890400


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1890400

Title:
  Default gateway in HA router namespace not set if using Keepalived 1.x

Status in neutron:
  Fix Released

Bug description:
  With Rocky commit f2d234e introduces a change making Neutron more
  compatible with Keepalived 2.x. A new option `no_track` is passed to
  Keepalived by the L3 agent which Keepalived 1.x doesn't recognize,
  thus the configuration is partially not applied by Keepalived 1.x.
  resulting in a missing default gateway. Thus instances using HA
  routers to communicate with the outside world are unable to reach the
  internet and cannot be reached via their floating IP addresses.

  There are some workarounds to trigger the creating of the default
  gateway like disable and enable the router again or disable/re-start
  the L3 agent which hosts the master namespace of the HA router.

  Steps to reproduce:
  1. Create an HA router
  2. Add the gateway network (now the default gateway should be set within the routers master network namespace but there is none)
  3. Connect a tenant subnet to the router
  4. Create an instance connected to the tenant network created in step 3
  5. Try to reach the internet from within the instances created in step 4

  I was able to get some log output out of Keepalived:
  Tue Aug  4 11:59:58 2020: Starting Keepalived v1.3.9 (10/21,2017)
  Tue Aug  4 11:59:58 2020: Opening file '/var/lib/neutron/ha_confs/019f8036-8730-4584-9e07-c4a6504447ab/keepalived.conf'.
  Tue Aug  4 11:59:58 2020: Starting VRRP child process, pid=2864
  Tue Aug  4 11:59:58 2020: Registering Kernel netlink reflector
  Tue Aug  4 11:59:58 2020: Registering Kernel netlink command channel
  Tue Aug  4 11:59:58 2020: Registering gratuitous ARP shared channel
  Tue Aug  4 11:59:58 2020: Opening file '/var/lib/neutron/ha_confs/019f8036-8730-4584-9e07-c4a6504447ab/keepalived.conf'.
  Tue Aug  4 11:59:58 2020: Unknown configuration entry 'no_track' for ip address - ignoring
  Tue Aug  4 11:59:58 2020: Unknown configuration entry 'no_track' for ip address - ignoring
  Tue Aug  4 11:59:58 2020: Cannot specify scope for IPv6 addresses (fe80::f816:3eff:fe2c:6622/64) - ignoring scope
  Tue Aug  4 11:59:58 2020: VRRP parsed invalid IP no_track. skipping IP...
  Tue Aug  4 11:59:58 2020: unknown route keyword no_track
  Tue Aug  4 11:59:58 2020: VRRP_Instance(VR_23) removing protocol VIPs.
  Tue Aug  4 11:59:58 2020: VRRP_Instance(VR_23) removing protocol E-VIPs.
  Tue Aug  4 11:59:58 2020: Using LinkWatch kernel netlink reflector...
  Tue Aug  4 11:59:58 2020: VRRP_Instance(VR_23) Entering BACKUP STATE
  Tue Aug  4 11:59:58 2020: VRRP sockpool: [ifindex(1033), proto(112), unicast(0), fd(9,10)]

  You see it complaining about the 'no_track' option.

  We use Kolla containers with Ubuntu base. Even though Keepalived 2 was
  release quite a while ago, it still only provides Keepalived 1.x via
  the package repositories. Even Kolla in the latest version still uses
  Ubuntu 18.04 as base with Keepalived 1.x. Theoretically all users
  using Kolla containers with Ubuntu base (other base images not tested)
  are affected. There seems to be no apt sources for Keepalived 2.x for
  Ubuntu 18.04. You need to compile it from source in order to get a
  newer version.

  Maybe it should depend on the Keepalived version whether to pass the
  'no_track' option or make it configurable.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1890400/+subscriptions
References

[Bug 1890400] [NEW] Default gateway in HA router namespace not set if using Keepalived 1.x
From: Alexander Gräb, 2020-08-05