From ac7fd699468ad9a02b250e5ef890aff8a03ce1bf Mon Sep 17 00:00:00 2001
From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Date: Fri, 25 Jan 2019 21:28:27 +0100
Subject: [ovs] Start ovs services before networking

Fix broken systemd service unit dependecies:
- OVS should start before networking service;
- OVS ports & bridges should not be automatically ifup-ed by
  networking service to avoid races, so drop 'auto' for both
  (OVS ports are automatically handled when part of an OVS bridge);
- explicitly ifup OVS bridges as part of networking service, but
  after all Linux interfaces have been handled;
- use 'allow-ovs br-prv' to let OVS handle br-prv and avoid another
  race condition;

While at it, fix some other related issues:
- make OVS service start after DPDK service (if present);
- bump OVS-DPDK compute VMs RAM since since switching from MTU 1500
  to jumbo frames for virtual PODs a while ago failed to do so [1];
- avoid creating conflicting reclass linux.network.interfaces entries
  for OVS ports by using their name (drop 'ovs_port_' prefix):
  * for untagged networks they will override existing common defs;
  * for tagged networks, they will create separate entries;
- DPDK scenarios: make gtw01 br-prv members OVS ports to avoid race
  conditions after node reboot by letting OVS handle them;

[1] https://developers.redhat.com/blog/2018/03/16/\
    ovs-dpdk-hugepage-memory/

Change-Id: I0266ba67f3849b6f7e331a758146b331730bae55
Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
---
 mcp/patches/fuel-patch-copyright.template          |  2 +-
 .../0001-Set-ovs-bridges-as-L3-interfaces.patch    | 25 ++++--
 .../0002-network-Bring-in-basic-VPP-support.patch  |  2 +-
 ...S-Fix-Debian-service-deps-OVS-bridge-ifup.patch | 97 ++++++++++++++++++++++
 4 files changed, 118 insertions(+), 8 deletions(-)
 create mode 100644 mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch

(limited to 'mcp/patches')

diff --git a/mcp/patches/fuel-patch-copyright.template b/mcp/patches/fuel-patch-copyright.template
index e92458082..d50bdbe8a 100644
--- a/mcp/patches/fuel-patch-copyright.template
+++ b/mcp/patches/fuel-patch-copyright.template
@@ -1,5 +1,5 @@
 ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
-: Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+: Copyright (c) 2019 Mirantis Inc., Enea AB and others.
 :
 : All rights reserved. This program and the accompanying materials
 : are made available under the terms of the Apache License, Version 2.0
diff --git a/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch b/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch
index 92d17a1a4..9479a990b 100644
--- a/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch
+++ b/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch
@@ -10,13 +10,22 @@ From: Michael Polenchuk <mpolenchuk@mirantis.com>
 Date: Wed, 28 Feb 2018 17:54:28 +0400
 Subject: [PATCH] Set ovs bridges as L3 interfaces
 
+---
+ linux/files/ovs_bridge      | 22 ++++++++++++++++++++++
+ linux/files/ovs_port        |  8 +++++++-
+ linux/network/interface.sls | 34 +++++++++++++++++++++++++++++++++-
+ 3 files changed, 62 insertions(+), 2 deletions(-)
+ create mode 100644 linux/files/ovs_bridge
+
 diff --git a/linux/files/ovs_bridge b/linux/files/ovs_bridge
 new file mode 100644
-index 0000000..1322eeb
+index 0000000..4718b91
 --- /dev/null
 +++ b/linux/files/ovs_bridge
-@@ -0,0 +1,20 @@
-+auto {{ bridge_name }}
+@@ -0,0 +1,22 @@
++# With systemd, adding OVS bridges as 'auto' can cause race conditions
++# https://github.com/openvswitch/ovs/blob/master/debian/openvswitch-switch.README.Debian
++# auto {{ bridge_name }}
 +allow-ovs {{ bridge_name }}
 +iface {{ bridge_name }} inet {{ bridge.get('proto', 'static' if bridge.address is defined else 'manual') }}
 +  ovs_type OVSBridge
@@ -37,11 +46,15 @@ index 0000000..1322eeb
 +  dns-nameservers {{ bridge.name_servers | join(' ') }}
 +  {%- endif %}
 diff --git a/linux/files/ovs_port b/linux/files/ovs_port
-index 222ca8e..efb0307 100644
+index 222ca8e..41821b7 100644
 --- a/linux/files/ovs_port
 +++ b/linux/files/ovs_port
-@@ -1,6 +1,9 @@
- auto {{ port_name }}
+@@ -1,6 +1,12 @@
+-auto {{ port_name }}
++# With systemd, adding OVS bridges as 'auto' can cause race conditions
++# https://github.com/openvswitch/ovs/blob/master/debian/openvswitch-switch.README.Debian
++# OVS ports will be automatically ifup-ed when ifup-ing the OVS bridge
++# auto {{ port_name }}
  allow-{{ port.bridge }} {{ port_name }}
  iface {{ port_name }} inet {{ port.get('proto', 'manual') }}
 +{%- if '.' in port_name %}
diff --git a/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch b/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch
index 756c575b4..44883ae82 100644
--- a/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch
+++ b/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch
@@ -1,5 +1,5 @@
 ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
-: Copyright (c) 2018 Mirantis Inc., Enea AB and others.
+: Copyright (c) 2019 Mirantis Inc., Enea AB and others.
 :
 : All rights reserved. This program and the accompanying materials
 : are made available under the terms of the Apache License, Version 2.0
diff --git a/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch b/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch
new file mode 100644
index 000000000..70b699a76
--- /dev/null
+++ b/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch
@@ -0,0 +1,97 @@
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+: Copyright (c) 2019 Mirantis Inc., Enea AB and others.
+:
+: All rights reserved. This program and the accompanying materials
+: are made available under the terms of the Apache License, Version 2.0
+: which accompanies this distribution, and is available at
+: http://www.apache.org/licenses/LICENSE-2.0
+::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
+From: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+Date: Fri, 25 Jan 2019 21:20:04 +0100
+Subject: [PATCH] OVS: Fix Debian service deps, OVS bridge ifup
+
+Fix OVS vs Linux bridge race condition:
+- OVS services should start before networking service;
+- OVS services should start after DPDK service (if present);
+- networking service should ifup OVS bridges (and automatically their
+  OVS ports if present) after Linux interfaces/bridges;
+- br-prv should be handled by OVS to avoid another race condition,
+  so use 'allow-ovs br-prv' instead of 'auto';
+
+NOTE:
+- OVS ports/bridges should NOT be configured as auto for this to work;
+- OVS services correspond to OVS 2.9 or newer, since before that
+  ovsdb-server was called openvswitch-nonetwork.
+- we also need to take care of one particularly ugly circular dep:
+  ovs-vswitchd --> ovsdb-server -(default dep)-> sysinit.target -->
+  cloud-init.service --> networking.service --> ovs-vswitchd
+  We'll just set 'DefaultDependencies=no' for ovs services, although
+  this might require explicitly adding back some of the indirect
+  dependencies of sysinit.target.
+
+Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
+---
+ linux/network/dpdk.sls      |  2 +-
+ linux/network/interface.sls | 36 ++++++++++++++++++++++++++++++++++++
+ 2 files changed, 37 insertions(+), 1 deletion(-)
+
+diff --git a/linux/network/dpdk.sls b/linux/network/dpdk.sls
+index 09453c6..e866909 100644
+--- a/linux/network/dpdk.sls
++++ b/linux/network/dpdk.sls
+@@ -199,7 +199,7 @@ linux_network_dpdk_bridge_interface_{{ interface_name }}:
+ /etc/network/interfaces.u/ifcfg-{{ interface_name }}:
+   file.managed:
+     - contents: |
+-        auto {{ interface_name }}
++        allow-ovs {{ interface_name }}
+         iface {{ interface_name }} inet static
+         address {{ interface.address }}
+         netmask {{ interface.netmask }}
+diff --git a/linux/network/interface.sls b/linux/network/interface.sls
+index 8bce092..11db5be 100644
+--- a/linux/network/interface.sls
++++ b/linux/network/interface.sls
+@@ -24,6 +24,42 @@ linux_network_bridge_pkgs:
+   - pkgs: {{ network.bridge_pkgs }}
+   {%- endif %}
+
++{%- if network.bridge == 'openvswitch' and grains.os_family == 'Debian' %}
++
++{# create drop-in dpdk, networking dependency for ovs services #}
++/etc/systemd/system/ovsdb-server.service.d/override.conf:
++  file.managed:
++    - makedirs: true
++    - require:
++      - pkg: linux_network_bridge_pkgs
++    - contents: |
++        [Unit]
++        After=dpdk.service
++        Before=networking.service
++        DefaultDependencies=no
++
++/etc/systemd/system/ovs-vswitchd.service.d/override.conf:
++  file.managed:
++    - makedirs: true
++    - require:
++      - pkg: linux_network_bridge_pkgs
++    - contents: |
++        [Unit]
++        Before=networking.service
++        DefaultDependencies=no
++
++{# Debian/Ubuntu won't automatically ifup OVS bridges, workaround #}
++/etc/systemd/system/networking.service.d/ovs_workaround.conf:
++  file.managed:
++    - makedirs: true
++    - require:
++      - pkg: linux_network_bridge_pkgs
++    - contents: |
++        [Service]
++        ExecStart=/sbin/ifup --allow=ovs -a --read-environment
++
++{%- endif %}
++
+ {%- endif %}
+
+ {%- for f in network.get('concat_iface_files', []) %}
-- 
cgit 1.2.3-korg