yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #86081
[Bug 1747496] Re: MTUs are not set for VIFs if using kernel ovs + hybrid plug = false
** Changed in: nova
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1747496
Title:
MTUs are not set for VIFs if using kernel ovs + hybrid plug = false
Status in OpenStack Compute (nova):
Fix Released
Bug description:
Description
===========
over the last few cyles supprot for mtu other then the default of 1500 has
gernerally been improved in both nova and neutron.
At the same time it was decided to remove the responsibility for VIF plugging from
the virt drivers and centrailse it in os-vif.
over the last few cycles os-vif has been enhanced to support setting the mtu on all codepaths
and this work was completed in pike, however there are stills codepaths in the nova libvirt driver where os-vif is not used to plug the VIF and instead it is done by libvirt.
when the VIF_TYPE is ovs and hybrid_plug=False libvirt plug the VM's
VIFs iteself and os-vif is only responcible for creating the bridge it
will be plugged into. in this case as the mtu is not set in teh
libvirt xml and since os-vif is not respocible for pluggin the vif
nothing set the mtu on the tap device that is added to ovs. This
scenario arrises whenever libvirt is the nova virt driver and the no-
op or openvswitch security group drivers are used.
the end result is that in the vm the quest correctly recives the non
default(e.g. jumbo frame) mtu form the neutron dhcp server and
configures the mtu in its kernel but the mtu of the tap device added
to the ovs bridge is left at the default of 1500 preventing
jumboframes from being used by the guest.
Steps to reproduce
==================
using a host with a non default mtu
deploy devstack normally useing libvirt + kvm/qemu
and enable the openvsiwtch or no-op neutron security group driver
[[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]]
[securitygroup]
firewall_driver = openvswitch
or
[[post-config|/etc/neutron/plugins/ml2/ml2_conf.ini]]
[securitygroup]
firewall_driver = noop
spawn a singel vm via nova.
and retrive the name of the interface for ovsdb or
via virsh dumpxml.
then run ifconfig <interface name> and check the mtu.
note if openvsiwtch direver is used you will need to allow icmp/ssh
in the security groups to be able to validate network conncetivity.
Expected result
===============
tap should have same mtu as is set on neutron network.
and a ping of max mtu e.g. ping -s 9000 ... for a network mtu of 9000 should work.
Actual result
=============
tap mtu will be 1500
it is not possible to ping the vm with a packet larger then
Environment
===========
1. it was seen on pike but this effect all versions of openstack.
before the introduction of os-vif we did not support neutron network mtus
and after we started to use os-vif we enable neutron mtu support only for
the os-vif codepath so this never worked.
2. Which hypervisor did you use?
libvirt with kvm. this is not libvirt version
specific as we do not generate the libvirt xml to set the mtu
https://libvirt.org/formatdomain.html#mtu
2. Which storage type did you use?
N/a but i used ceph
3. Which networking type did you use?
neutron with kernel ovs and noop or openvsiwtch security group driver.
not this will not happen with the iptables driver as that set hybrid_plug=True
so os-vif is used to plug the VIF and it sets the mtu correctly.
to
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1747496/+subscriptions
References
