aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2019-01-25 21:28:27 +0100
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2019-01-27 20:07:55 +0100
commitac7fd699468ad9a02b250e5ef890aff8a03ce1bf (patch)
tree5179b8dee6790b04f72849558745ba2bde251eb6
parent30f1a9046ec688c0813ae8676aba2dbd6e5738f6 (diff)
[ovs] Start ovs services before networking
Fix broken systemd service unit dependecies: - OVS should start before networking service; - OVS ports & bridges should not be automatically ifup-ed by networking service to avoid races, so drop 'auto' for both (OVS ports are automatically handled when part of an OVS bridge); - explicitly ifup OVS bridges as part of networking service, but after all Linux interfaces have been handled; - use 'allow-ovs br-prv' to let OVS handle br-prv and avoid another race condition; While at it, fix some other related issues: - make OVS service start after DPDK service (if present); - bump OVS-DPDK compute VMs RAM since since switching from MTU 1500 to jumbo frames for virtual PODs a while ago failed to do so [1]; - avoid creating conflicting reclass linux.network.interfaces entries for OVS ports by using their name (drop 'ovs_port_' prefix): * for untagged networks they will override existing common defs; * for tagged networks, they will create separate entries; - DPDK scenarios: make gtw01 br-prv members OVS ports to avoid race conditions after node reboot by letting OVS handle them; [1] https://developers.redhat.com/blog/2018/03/16/\ ovs-dpdk-hugepage-memory/ Change-Id: I0266ba67f3849b6f7e331a758146b331730bae55 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
-rw-r--r--mcp/config/scenario/os-nosdn-ovs-ha.yaml4
-rw-r--r--mcp/config/scenario/os-nosdn-ovs-noha.yaml4
-rw-r--r--mcp/config/scenario/os-odl-ovs-noha.yaml4
-rw-r--r--mcp/patches/fuel-patch-copyright.template2
-rw-r--r--mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch25
-rw-r--r--mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch2
-rw-r--r--mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch97
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j26
-rw-r--r--mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j23
-rw-r--r--mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j23
-rw-r--r--mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j25
-rw-r--r--mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j23
-rw-r--r--mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j25
13 files changed, 141 insertions, 22 deletions
diff --git a/mcp/config/scenario/os-nosdn-ovs-ha.yaml b/mcp/config/scenario/os-nosdn-ovs-ha.yaml
index 57f2140bb..e42d17210 100644
--- a/mcp/config/scenario/os-nosdn-ovs-ha.yaml
+++ b/mcp/config/scenario/os-nosdn-ovs-ha.yaml
@@ -37,7 +37,7 @@ virtual:
ram: 14336
cmp001:
vcpus: 4
- ram: 8192
+ ram: 10240
cmp002:
vcpus: 4
- ram: 8192
+ ram: 10240
diff --git a/mcp/config/scenario/os-nosdn-ovs-noha.yaml b/mcp/config/scenario/os-nosdn-ovs-noha.yaml
index 15cad1d29..de8873daf 100644
--- a/mcp/config/scenario/os-nosdn-ovs-noha.yaml
+++ b/mcp/config/scenario/os-nosdn-ovs-noha.yaml
@@ -28,7 +28,7 @@ virtual:
ram: 2048
cmp001:
vcpus: 4
- ram: 8192
+ ram: 10240
cmp002:
vcpus: 4
- ram: 8192
+ ram: 10240
diff --git a/mcp/config/scenario/os-odl-ovs-noha.yaml b/mcp/config/scenario/os-odl-ovs-noha.yaml
index e2df6a476..0731198db 100644
--- a/mcp/config/scenario/os-odl-ovs-noha.yaml
+++ b/mcp/config/scenario/os-odl-ovs-noha.yaml
@@ -33,7 +33,7 @@ virtual:
ram: 5120
cmp001:
vcpus: 4
- ram: 8192
+ ram: 10240
cmp002:
vcpus: 4
- ram: 8192
+ ram: 10240
diff --git a/mcp/patches/fuel-patch-copyright.template b/mcp/patches/fuel-patch-copyright.template
index e92458082..d50bdbe8a 100644
--- a/mcp/patches/fuel-patch-copyright.template
+++ b/mcp/patches/fuel-patch-copyright.template
@@ -1,5 +1,5 @@
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
-: Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+: Copyright (c) 2019 Mirantis Inc., Enea AB and others.
:
: All rights reserved. This program and the accompanying materials
: are made available under the terms of the Apache License, Version 2.0
diff --git a/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch b/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch
index 92d17a1a4..9479a990b 100644
--- a/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch
+++ b/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch
@@ -10,13 +10,22 @@ From: Michael Polenchuk <mpolenchuk@mirantis.com>
Date: Wed, 28 Feb 2018 17:54:28 +0400
Subject: [PATCH] Set ovs bridges as L3 interfaces
+---
+ linux/files/ovs_bridge | 22 ++++++++++++++++++++++
+ linux/files/ovs_port | 8 +++++++-
+ linux/network/interface.sls | 34 +++++++++++++++++++++++++++++++++-
+ 3 files changed, 62 insertions(+), 2 deletions(-)
+ create mode 100644 linux/files/ovs_bridge
+
diff --git a/linux/files/ovs_bridge b/linux/files/ovs_bridge
new file mode 100644
-index 0000000..1322eeb
+index 0000000..4718b91
--- /dev/null
+++ b/linux/files/ovs_bridge
-@@ -0,0 +1,20 @@
-+auto {{ bridge_name }}
+@@ -0,0 +1,22 @@
++# With systemd, adding OVS bridges as 'auto' can cause race conditions
++# https://github.com/openvswitch/ovs/blob/master/debian/openvswitch-switch.README.Debian
++# auto {{ bridge_name }}
+allow-ovs {{ bridge_name }}
+iface {{ bridge_name }} inet {{ bridge.get('proto', 'static' if bridge.address is defined else 'manual') }}
+ ovs_type OVSBridge
@@ -37,11 +46,15 @@ index 0000000..1322eeb
+ dns-nameservers {{ bridge.name_servers | join(' ') }}
+ {%- endif %}
diff --git a/linux/files/ovs_port b/linux/files/ovs_port
-index 222ca8e..efb0307 100644
+index 222ca8e..41821b7 100644
--- a/linux/files/ovs_port
+++ b/linux/files/ovs_port
-@@ -1,6 +1,9 @@
- auto {{ port_name }}
+@@ -1,6 +1,12 @@
+-auto {{ port_name }}
++# With systemd, adding OVS bridges as 'auto' can cause race conditions
++# https://github.com/openvswitch/ovs/blob/master/debian/openvswitch-switch.README.Debian
++# OVS ports will be automatically ifup-ed when ifup-ing the OVS bridge
++# auto {{ port_name }}
allow-{{ port.bridge }} {{ port_name }}
iface {{ port_name }} inet {{ port.get('proto', 'manual') }}
+{%- if '.' in port_name %}
diff --git a/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch b/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch
index 756c575b4..44883ae82 100644
--- a/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch
+++ b/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch
@@ -1,5 +1,5 @@
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
-: Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+: Copyright (c) 2019 Mirantis Inc., Enea AB and others.
:
: All rights reserved. This program and the accompanying materials
: are made available under the terms of the Apache License, Version 2.0
diff --git a/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch b/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch
new file mode 100644
index 000000000..70b699a76
--- /dev/null
+++ b/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch
@@ -0,0 +1,97 @@
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+: Copyright (c) 2019 Mirantis Inc., Enea AB and others.
+:
+: All rights reserved. This program and the accompanying materials
+: are made available under the terms of the Apache License, Version 2.0
+: which accompanies this distribution, and is available at
+: http://www.apache.org/licenses/LICENSE-2.0
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+Date: Fri, 25 Jan 2019 21:20:04 +0100
+Subject: [PATCH] OVS: Fix Debian service deps, OVS bridge ifup
+
+Fix OVS vs Linux bridge race condition:
+- OVS services should start before networking service;
+- OVS services should start after DPDK service (if present);
+- networking service should ifup OVS bridges (and automatically their
+ OVS ports if present) after Linux interfaces/bridges;
+- br-prv should be handled by OVS to avoid another race condition,
+ so use 'allow-ovs br-prv' instead of 'auto';
+
+NOTE:
+- OVS ports/bridges should NOT be configured as auto for this to work;
+- OVS services correspond to OVS 2.9 or newer, since before that
+ ovsdb-server was called openvswitch-nonetwork.
+- we also need to take care of one particularly ugly circular dep:
+ ovs-vswitchd --> ovsdb-server -(default dep)-> sysinit.target -->
+ cloud-init.service --> networking.service --> ovs-vswitchd
+ We'll just set 'DefaultDependencies=no' for ovs services, although
+ this might require explicitly adding back some of the indirect
+ dependencies of sysinit.target.
+
+Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+---
+ linux/network/dpdk.sls | 2 +-
+ linux/network/interface.sls | 36 ++++++++++++++++++++++++++++++++++++
+ 2 files changed, 37 insertions(+), 1 deletion(-)
+
+diff --git a/linux/network/dpdk.sls b/linux/network/dpdk.sls
+index 09453c6..e866909 100644
+--- a/linux/network/dpdk.sls
++++ b/linux/network/dpdk.sls
+@@ -199,7 +199,7 @@ linux_network_dpdk_bridge_interface_{{ interface_name }}:
+ /etc/network/interfaces.u/ifcfg-{{ interface_name }}:
+ file.managed:
+ - contents: |
+- auto {{ interface_name }}
++ allow-ovs {{ interface_name }}
+ iface {{ interface_name }} inet static
+ address {{ interface.address }}
+ netmask {{ interface.netmask }}
+diff --git a/linux/network/interface.sls b/linux/network/interface.sls
+index 8bce092..11db5be 100644
+--- a/linux/network/interface.sls
++++ b/linux/network/interface.sls
+@@ -24,6 +24,42 @@ linux_network_bridge_pkgs:
+ - pkgs: {{ network.bridge_pkgs }}
+ {%- endif %}
+
++{%- if network.bridge == 'openvswitch' and grains.os_family == 'Debian' %}
++
++{# create drop-in dpdk, networking dependency for ovs services #}
++/etc/systemd/system/ovsdb-server.service.d/override.conf:
++ file.managed:
++ - makedirs: true
++ - require:
++ - pkg: linux_network_bridge_pkgs
++ - contents: |
++ [Unit]
++ After=dpdk.service
++ Before=networking.service
++ DefaultDependencies=no
++
++/etc/systemd/system/ovs-vswitchd.service.d/override.conf:
++ file.managed:
++ - makedirs: true
++ - require:
++ - pkg: linux_network_bridge_pkgs
++ - contents: |
++ [Unit]
++ Before=networking.service
++ DefaultDependencies=no
++
++{# Debian/Ubuntu won't automatically ifup OVS bridges, workaround #}
++/etc/systemd/system/networking.service.d/ovs_workaround.conf:
++ file.managed:
++ - makedirs: true
++ - require:
++ - pkg: linux_network_bridge_pkgs
++ - contents: |
++ [Service]
++ ExecStart=/sbin/ifup --allow=ovs -a --read-environment
++
++{%- endif %}
++
+ {%- endif %}
+
+ {%- for f in network.get('concat_iface_files', []) %}
diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2
index f1b369c66..de0177a04 100644
--- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2
@@ -42,6 +42,9 @@ parameters:
{%- if nm.cmp001.nic_admin in nics %}
{%- do nics.pop(nm.cmp001.nic_admin) %}
{%- endif %}
+{%- if ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) in nics %}
+ {%- do nics.pop(nm.cmp001.nic_public) %}
+{%- endif %}
{{ ma.linux_network_interfaces_nic(nics) }}
@@ -67,9 +70,8 @@ parameters:
gateway: ${_param:opnfv_net_public_gw}
name_servers: {{ nm.dns_public }}
noifupdown: true
- ovs_port_{{ nm.cmp001.nic_public }}:
+ {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}:
enabled: true
- name: {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}
proto: manual
ovs_port_type: OVSPort
type: ovs_port
diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2
index d2003d235..23f4ed638 100644
--- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2
@@ -60,9 +60,8 @@ parameters:
{{ ma.linux_network_interfaces_vlan(vlans) }}
{%- if '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %}
- ovs_port_{{ nm.ctl01.nic_public }}:
+ {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }}:
enabled: true
- name: {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }}
mtu: ${_param:interface_mtu}
proto: manual
ovs_port_type: OVSPort
diff --git a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2
index 5d8d26a1a..969c9347f 100644
--- a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2
@@ -80,9 +80,8 @@ parameters:
netmask: ${_param:opnfv_net_private_mask}
use_interfaces:
- {{ ma.interface_str(nm.cmp001.nic_private, vlan_private_start) }}
- ovs_port_{{ nm.cmp001.nic_public }}:
+ {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}:
enabled: true
- name: {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}
mtu: ${_param:interface_mtu}
proto: manual
ovs_port_type: OVSPort
diff --git a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2
index 58ba34f56..93313adc7 100644
--- a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2
@@ -19,6 +19,9 @@ parameters:
interface:
{%- if '-ovs-' in conf.MCP_DEPLOY_SCENARIO %}
{{ nm.ctl01.nic_private }}:
+ ovs_port_type: OVSPort
+ type: ovs_port
+ bridge: br-prv
ovs_bridge: br-prv
br-prv:
enabled: true
@@ -27,6 +30,8 @@ parameters:
proto: static
address: ${_param:tenant_address}
netmask: ${_param:opnfv_net_private_mask}
+ use_interfaces:
+ - {{ nm.ctl01.nic_private }}
{%- else %}
br-mesh:
enabled: true
diff --git a/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2
index da1b98865..ec6a1e7d3 100644
--- a/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2
@@ -21,9 +21,8 @@ parameters:
linux:
network:
interface:
- ovs_port_{{ nm.cmp001.nic_public }}:
+ {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}:
enabled: true
- name: {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}
mtu: ${_param:interface_mtu}
proto: manual
ovs_port_type: OVSPort
diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2
index 8d11eedcd..c45b75569 100644
--- a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2
+++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2
@@ -20,8 +20,13 @@ parameters:
network:
interface:
{{ nm.ctl01.nic_private }}:
+ ovs_port_type: OVSPort
+ type: ovs_port
+ bridge: br-prv
ovs_bridge: br-prv
br-prv:
enabled: true
type: ovs_bridge
mtu: ${_param:interface_mtu}
+ use_interfaces:
+ - {{ nm.ctl01.nic_private }}