← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #89086

[Bug 1976461] Re: [Yoga] Octavia's LB VIPs not working with allow-address-pairs

  Thread PreviousDate PreviousThread Next 
*** This bug is a duplicate of bug 1973276 ***
    https://bugs.launchpad.net/bugs/1973276

** This bug has been marked a duplicate of bug 1973276
   OVN port loses its virtual type after port update

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1976461

Title:
  [Yoga] Octavia's LB VIPs not working with allow-address-pairs

Status in OpenStack Octavia Charm:
  Invalid
Status in charm-ovn-central:
  Invalid
Status in charm-ovn-chassis:
  Invalid
Status in neutron:
  New

Bug description:
  Hi team,

  I am currently deploying with:
  juju 2.9.31
  MAAS 3.1
  openstack/yoga, bundle: https://pastebin.canonical.com/p/Rw376CF4Dw/
  Octavia: standalone setup

  When I create a LB for my kubernetes cluster, I've noticed the LB is
  unresponsive if I try to reach out from one of my VMs.

  I can access the LB and confirm the amphora-haproxy namespace exists,
  with the network interface attached and it has both LB IP and VIP
  configured to it

  Trying to reach out to the LB from one of the k8s vms results in
  timeout.

  I can see the behavior changes according to which IP I try to connect
  to on the LB.

  In scenario (1): from the client VM > LB IP (not the VIP):
  I can see the connection works, this is the ovs-ofctl on the hypervisor of the sending machine shows: https://pastebin.canonical.com/p/bZ77hhWgD6/
  Traffic gets correctly routed to one of the GENEVE tunnels, given the VM and the LB front end IP are placed in the same tenant subnet

  In scenario (2): from the client VM > LB VIP (the address-pair):
  I can see the connection does not work.
  ovs-ofctl from the sending hypervisor shows: https://pastebin.canonical.com/p/SBmW97yHVr/
  Traffic gets dropped from the sending hypervisor.

  
  **** DETAILS OF MY CURRENT YOGA DEPLOYMENT ****
  network openstack: https://pastebin.canonical.com/p/mfrPgVjyMp/
  server and LB list: https://pastebin.canonical.com/p/VKjdHzTNvD/
  port list: https://pastebin.canonical.com/p/trk2CPhDzf/
  ovn-nbctl show: https://pastebin.canonical.com/p/njKjWGX5gX/
  ovn-nbctl details of the VIP: https://pastebin.canonical.com/p/wwQy3HH4QR/
  ***********************************************

  **** STEPS TO REPRODUCE ****
  1) Deploy Openstack/Yoga with the bundle above
  2) Create 2x backend nodes on a tenant network
  3) Create an LB on the same tenant network
  4) Access one of the backend nodes (or create a client VM for this test)
  5) Try to reach to the LB: connection times out
  ****************************

To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-octavia/+bug/1976461/+subscriptions
  Thread PreviousDate PreviousThread Next