fip will loss when it migrate between dvr-sant agent and dvr_no_external in Rocky
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
New
|
Wishlist
|
Unassigned |
Bug Description
We hava 4 node,3 control node and 1 compute node ,our control node and network node are installed together, we use Rocky.
[TestCase]
Internal ip is 172.16.135.206
Float ip is 13.5.4.113
1,Create a vm with fip in control node
2,Shut down vm
3,Migrate this vm from control node to computer
4,Start up vm
[expect result]
Try to ping internet,fip worked,
[actually]
Fip does not work, fip can't ping internet successfully.
This nat rule is in snat ns
[root@CRH-KZ-3 neutron]# ip netns exec snat-3597ff2f-
-A POSTROUTING -j neutron-
-A neutron-
-A neutron-
I cannot find this fip 13.5.4.113
[root@CRH-KZ-3 neutron]# ip netns exec snat-3597ff2f-
4: qg-ecb0baea-
link/ether fa:16:3e:d7:bd:fb brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 13.5.4.232/32 brd 13.5.4.232 scope global qg-ecb0baea-0a
valid_lft forever preferred_lft forever
inet 13.5.4.32/32 brd 13.5.4.32 scope global qg-ecb0baea-0a
valid_lft forever preferred_lft forever
inet 13.5.4.4/32 scope global qg-ecb0baea-0a
valid_lft forever preferred_lft forever
inet6 2022:419:
valid_lft forever preferred_lft forever
inet6 fe80::f816:
valid_lft forever preferred_lft forever
It seems fip loss during migration.If I add addr fip to qg-ecb0baea-0a,fip will work normally
I try to debug it.
Before migration,our vm with fip is in control node, all traffic will go through interface fg-5ff577fd-8c(mac addr fa:16:3e:ec:cc:f0) in fip namespace.
Below is our sw info.
ARM-R3-
Internet 13.5.4.113 1 fa16.3eec.ccf0(a interface in fip ns) ARPA vlan205 te0/7
Below is interface fg-5ff577fd-8c in fip ns
[root@CRH-KZ-3 ~]# ip netns exec fip-d3840bac-
2: fg-5ff577fd-
link/ether fa:16:3e:ec:cc:f0 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 13.5.4.70/24 brd 13.5.4.255 scope global fg-5ff577fd-8c
valid_lft forever preferred_lft forever
inet6 fe80::f816:
valid_lft forever preferred_lft forever
After migration,the same vm is in compute node,all traffic will go through qg-ecb0baea-0a(mac addr fa:16:3e:d7:bd:fb) in snat namespace.Because fip is not added into snat ns,I ping to internet ,this request traffic will go through snat ns, but relay through fip ns.
Below is our sw info.mac in sw does not change
ARM-R3-
Internet 13.5.4.113 1 fa16.3eec.ccf0(a interface in fip ns) ARPA vlan205 te0/7
Below is our cofiguration.
l3_agent.ini in control node
[root@CRH-KZ-3 neutron]# cat l3_agent.ini
[DEFAULT]
debug = True
interface_driver = neutron.
external_
ha_vrrp_
interface_driver = openvswitch
agent_mode = dvr_snat
enable_
ovs_use_veth = True
[agent]
extensions=
[ovs]
l3_agent.ini in compute node
[root@CRH-JS-7 ~]# cat /etc/neutron/
[DEFAULT]
debug = True
interface_driver = openvswitch
external_
ha_vrrp_
agent_mode = dvr_no_external
enable_
ovs_use_veth = True
[agent]
extensions=fip_qos
[ovs]
ovsdb_debug = true
[root@CRH-KZ-3 ~]# neutron agent-list | grep CRH-KZ-3
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
| 1119b4f8-
| 7051de00-
| 91fcfb25-
| 943429e6-
[root@CRH-KZ-3 ~]#
[root@CRH-KZ-3 ~]#
[root@CRH-KZ-3 ~]#
[root@CRH-KZ-3 ~]# nova service-list | grep CRH-KZ-3
| 5491120c-
| 036adf98-
| 11b8a94c-
| f13fef0a-
[root@CRH-KZ-3 ~]#
[root@CRH-KZ-3 ~]# neutron agent-list | grep CRH-JS-7
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
| 01ab3e58-
| 042cf399-
| 5b2d6292-
| aa176740-
[root@CRH-KZ-3 ~]#
[root@CRH-KZ-3 ~]#
[root@CRH-KZ-3 ~]# nova service-list | grep CRH-JS-7
| b797cf8f-
[root@CRH-KZ-3 ~]#
tags: | added: l3-dvr-backlog |
Changed in neutron: | |
importance: | Undecided → Low |
importance: | Low → Wishlist |
So, your controller node is dvr_snat + compute. And your single compute node is dvr_no_external.
So, looks like a new bug of running mixed dvr_snat and compute nodes. We have marked such configuration as not supported: /review. opendev. org/c/openstack /neutron/ +/801503
https:/
Because there are still many other problems. /bugs.launchpad .net/neutron/ +bug/1934666 /bugs.launchpad .net/neutron/ +bug/1945306
https:/
https:/