← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #92452

[Bug 2022058] [NEW] [ovn] l3ha and disitributed router extra attributes do not reflect OVN state

  Thread PreviousDate PreviousThread Next 
Public bug reported:

With https://bugs.launchpad.net/neutron/+bug/1995974 fixed and
https://review.opendev.org/c/openstack/neutron/+/864051 merged extra
attributes such as `distributed` and `ha` are now created for OVN
routers as well.

Their default values are taken from the global configuration options
more relevant for default L3 service plugin implementation based on
Linux network namespaces

https://github.com/openstack/neutron/blob/0de6a4d620f1cb780c6a3635e10406b0db97762a/neutron/db/l3_attrs_db.py#L24-L27
https://github.com/openstack/neutron/blob/0de6a4d620f1cb780c6a3635e10406b0db97762a/neutron/conf/db/l3_hamode_db.py#L21
https://github.com/openstack/neutron/blob/0de6a4d620f1cb780c6a3635e10406b0db97762a/neutron/conf/db/l3_dvr_db.py#L19-L27

as opposed to relying on the OVN-specific options. For instance, it
order to enable the support for distributed floating IPs there is an
OVN-specific global option that enables this mode for all OVN routers:

https://github.com/openstack/neutron/blob/598fcb437a0ad3d564435799c70f38429ab4f0eb/neutron/conf/plugins/ml2/drivers/ovn/ovn_conf.py#L133-L140

As a result, OVN routers now have the `distributed` property set to
`False` by default (unless the global ML2/ovs-specific default is
changed) and it does not reflect the state of the
`ovn/enable_distributed_floating_ip` option. It can also be changed via
the API on the router without any apparent effect.

The ML2/ovs and ML2/ovn comparison docs still refer to OVN-based router having no `l3ha` or `distributed` attributes whereas this is not the case anymore: 
https://github.com/openstack/neutron/blame/cd66232c2b26cb4141c2e9426ce2dec0f38c364c/doc/source/ovn/faq/index.rst#L16-L29 

One place where it becomes relevant is the neutron-dynamic-routing
project which relies on the `distributed` property to determine whether
to add /32 routes with next-hops set to a router gateway port IP
(centralized FIPs case) or not (distributed FIPs case).

https://github.com/openstack/neutron-dynamic-routing/blob/513ea649be9fd652b0c5b391167f851bc3d653bb/neutron_dynamic_routing/db/bgp_db.py#L564
https://github.com/openstack/neutron-dynamic-routing/blob/513ea649be9fd652b0c5b391167f851bc3d653bb/neutron_dynamic_routing/db/bgp_db.py#L567-L580

For distributed routers the logic is such that IP addresses of ports
with a device owner set to `floatingip_agent_gateway` are used as a next
hop for /32 routes, however, the OVN-based L3 service plugin
implementation (OVNL3RouterPlugin) does not create those on a per
external network bases much like the core L3RouterPlugin-based
implementation does with DVR.

As a result, if an operator uses distributed FIPs with OVN with the
router attribute `distributed == False`, neutron-dynamic-routing will
advertise /32 routes with the centralized FIP logic (the southbound
traffic would go via the router gateway port).

On the other hand, if an operator uses distributed FIPs with OVN with
the router attribute `distributed == True`, neutron-dynamic-routing will
not advertise anything because the centralized routes will not be added
as the router seems to be distributed whereas there are no
`floatingip_agent_gateway` ports created with OVN.

There are at least two outputs to expect as a fix:

1) Make sure the distributed state is reflected correctly for OVN routers based on the OVN-specific config option;
2) Fix neutron-dynamic routing to still create centralized /32 routes if there are not any `floatingip_agent_gateway` ports
OR change the OVN implementation to create those for the purposes of direct southbound routing purposes.

** Affects: neutron
     Importance: Undecided
         Status: New


** Tags: bgp ndr neutron-dynamic-routing ovn

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2022058

Title:
  [ovn] l3ha and disitributed router extra attributes do not reflect OVN
  state

Status in neutron:
  New

Bug description:
  With https://bugs.launchpad.net/neutron/+bug/1995974 fixed and
  https://review.opendev.org/c/openstack/neutron/+/864051 merged extra
  attributes such as `distributed` and `ha` are now created for OVN
  routers as well.

  Their default values are taken from the global configuration options
  more relevant for default L3 service plugin implementation based on
  Linux network namespaces

  https://github.com/openstack/neutron/blob/0de6a4d620f1cb780c6a3635e10406b0db97762a/neutron/db/l3_attrs_db.py#L24-L27
  https://github.com/openstack/neutron/blob/0de6a4d620f1cb780c6a3635e10406b0db97762a/neutron/conf/db/l3_hamode_db.py#L21
  https://github.com/openstack/neutron/blob/0de6a4d620f1cb780c6a3635e10406b0db97762a/neutron/conf/db/l3_dvr_db.py#L19-L27

  as opposed to relying on the OVN-specific options. For instance, it
  order to enable the support for distributed floating IPs there is an
  OVN-specific global option that enables this mode for all OVN routers:

  https://github.com/openstack/neutron/blob/598fcb437a0ad3d564435799c70f38429ab4f0eb/neutron/conf/plugins/ml2/drivers/ovn/ovn_conf.py#L133-L140

  As a result, OVN routers now have the `distributed` property set to
  `False` by default (unless the global ML2/ovs-specific default is
  changed) and it does not reflect the state of the
  `ovn/enable_distributed_floating_ip` option. It can also be changed
  via the API on the router without any apparent effect.

  The ML2/ovs and ML2/ovn comparison docs still refer to OVN-based router having no `l3ha` or `distributed` attributes whereas this is not the case anymore: 
  https://github.com/openstack/neutron/blame/cd66232c2b26cb4141c2e9426ce2dec0f38c364c/doc/source/ovn/faq/index.rst#L16-L29 

  One place where it becomes relevant is the neutron-dynamic-routing
  project which relies on the `distributed` property to determine
  whether to add /32 routes with next-hops set to a router gateway port
  IP (centralized FIPs case) or not (distributed FIPs case).

  https://github.com/openstack/neutron-dynamic-routing/blob/513ea649be9fd652b0c5b391167f851bc3d653bb/neutron_dynamic_routing/db/bgp_db.py#L564
  https://github.com/openstack/neutron-dynamic-routing/blob/513ea649be9fd652b0c5b391167f851bc3d653bb/neutron_dynamic_routing/db/bgp_db.py#L567-L580

  For distributed routers the logic is such that IP addresses of ports
  with a device owner set to `floatingip_agent_gateway` are used as a
  next hop for /32 routes, however, the OVN-based L3 service plugin
  implementation (OVNL3RouterPlugin) does not create those on a per
  external network bases much like the core L3RouterPlugin-based
  implementation does with DVR.

  As a result, if an operator uses distributed FIPs with OVN with the
  router attribute `distributed == False`, neutron-dynamic-routing will
  advertise /32 routes with the centralized FIP logic (the southbound
  traffic would go via the router gateway port).

  On the other hand, if an operator uses distributed FIPs with OVN with
  the router attribute `distributed == True`, neutron-dynamic-routing
  will not advertise anything because the centralized routes will not be
  added as the router seems to be distributed whereas there are no
  `floatingip_agent_gateway` ports created with OVN.

  There are at least two outputs to expect as a fix:

  1) Make sure the distributed state is reflected correctly for OVN routers based on the OVN-specific config option;
  2) Fix neutron-dynamic routing to still create centralized /32 routes if there are not any `floatingip_agent_gateway` ports
  OR change the OVN implementation to create those for the purposes of direct southbound routing purposes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2022058/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next