yahoo-eng-team team mailing list archive

Thread
Date
[Bug 1961184] Re: [OVN] Virtual ports are always DOWN

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1961184@xxxxxxxxxxxxxxxxxx>
Date: Mon, 14 Mar 2022 11:11:00 -0000
Reply-to: Bug 1961184 <1961184@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
Reviewed:  https://review.opendev.org/c/openstack/neutron/+/830624
Committed: https://opendev.org/openstack/neutron/commit/bdbabdf362a0755fa5a86222a7a223c727f0ec4e
Submitter: "Zuul (22348)"
Branch:    master

commit bdbabdf362a0755fa5a86222a7a223c727f0ec4e
Author: Rodolfo Alonso Hernandez <ralonsoh@xxxxxxxxxx>
Date:   Wed Feb 9 19:04:45 2022 +0000

    [OVN] Update VIP port host ID when traffic detected
    
    A virtual IP port is a port with an IP address assigned. This IP
    address is used as an allowed address pair in a bound port (or ports).
    This port is marked as "virtual" and a list of "virtual-parents"
    (ports with the VIP assigned as allowed address pair) will be
    populated accordingly.
    
    This patch updates the "binding:host_id" of the port when OVN detects
    traffic from the corresponding VIP address. OVN updates the VIP port
    SB "Port_Binding" register with the chassis ID. The hostname of this
    chassis is used to update the port host ID.
    
    The VIP port is always unbound and down; this patch only populates the
    host information to provide to the user this information using the
    OpenStack CLI, instead of making this search using the OVN CLI.
    
    Closes-Bug: #1961184
    Change-Id: I75b04d056ba0df9e34a99673c689a69cdbfa097e


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1961184

Title:
  [OVN] Virtual ports are always DOWN

Status in neutron:
  Fix Released

Bug description:
  Related bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2052243

  In OVN (same as in OVS), virtual ports are always down.

  Steps to Reproduce:
  1. Define a port for our server, and allow it to use a vip:
     $ openstack port create --network private --security-group prodlike serverport
     $ openstack server create --security-group prodlike --port serverport \
       --key-name stack --flavor m1.small --image cirros myserver \
       --availability-zone nova:cpu35d
     $ openstack floating ip set --port serverport 10.64.154.3
     $ openstack port create myvip  --network private \
       --fixed-ip ip-address=192.168.200.20
     $ openstack port set --allowed-address ip-address=192.168.200.20 serverport

  At this moment, ovn-sbctl should not show the port "myvip" on any chassis:
  $ ovn-sbctl show
  Chassis "1126ea9a-2860-4e5c-9ab5-ca1e8959edee"
      hostname: cpu35d
      Encap geneve
          ip: "10.64.145.100"
          options: {csum="true"}
      Port_Binding cr-lrp-52d45a86-6cbf-43ff-9700-755490192441
      Port_Binding "d4aafa35-ab96-4451-9623-983a164f28dd"

  The port is not bound yet:
  $ openstack port show myvip  -c status -c binding_host_id -c id
  +-----------------+--------------------------------------+
  | Field           | Value                                |
  +-----------------+--------------------------------------+
  | binding_host_id |                                      |
  | id              | 55c03aa0-2a21-4f28-bf5d-6ec2dcc5f7e3 |
  | status          | DOWN                                 |
  +-----------------+--------------------------------------+

  2. Make the VM own the port:
  Login into the VM and assign the virtual IP to the port:
    $ ssh 10.64.154.3 -l cirros
    $ sudo ip addr add 192.168.200.20 dev eth0
    $ sudo arping -U 192.168.200.20
      ARPING 192.168.200.20 from 192.168.200.20 eth0
      ^CSent 2 probe(s) (2 broadcast(s))
    Received 0 response(s) (0 request(s), 0 broadcast(s))

  When OVN detects traffic from/to a port with the IP of the virtual port, binds this VIP to the chassis hosting the port:
  Chassis "1126ea9a-2860-4e5c-9ab5-ca1e8959edee"
      hostname: cpu35d
      Encap geneve
          ip: "10.64.145.100"
          options: {csum="true"}
      Port_Binding "55c03aa0-2a21-4f28-bf5d-6ec2dcc5f7e3"
      Port_Binding cr-lrp-52d45a86-6cbf-43ff-9700-755490192441
      Port_Binding "d4aafa35-ab96-4451-9623-983a164f28dd"

  3. Check the state of the port in Neutron
  openstack port show myvip  -c status -c binding_host_id -c id

  Actual results:
  +-----------------+--------------------------------------+
  | Field           | Value                                |
  +-----------------+--------------------------------------+
  | binding_host_id |                                      |
  | id              | 55c03aa0-2a21-4f28-bf5d-6ec2dcc5f7e3 |
  | status          | DOWN                                 |
  +-----------------+--------------------------------------+

  Expected results:
  +-----------------+--------------------------------------+
  | Field           | Value                                |
  +-----------------+--------------------------------------+
  | binding_host_id | cpu35d                               |
  | id              | 55c03aa0-2a21-4f28-bf5d-6ec2dcc5f7e3 |
  | status          | ACTIVE                               |
  +-----------------+--------------------------------------+


  ***QUESTION***: in OVN is easy to detect when a VIP port has been
  bound/released and we can easily update the VIP port status and host
  ID. Should we implement this feature for OVN only, adding a gap
  between OVS and OVN?

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1961184/+subscriptions
References

[Bug 1961184] [NEW] [OVN] Virtual ports are always DOWN
From: Rodolfo Alonso, 2022-02-17