From ac7fd699468ad9a02b250e5ef890aff8a03ce1bf Mon Sep 17 00:00:00 2001 From: Alexandru Avadanii Date: Fri, 25 Jan 2019 21:28:27 +0100 Subject: [ovs] Start ovs services before networking Fix broken systemd service unit dependecies: - OVS should start before networking service; - OVS ports & bridges should not be automatically ifup-ed by networking service to avoid races, so drop 'auto' for both (OVS ports are automatically handled when part of an OVS bridge); - explicitly ifup OVS bridges as part of networking service, but after all Linux interfaces have been handled; - use 'allow-ovs br-prv' to let OVS handle br-prv and avoid another race condition; While at it, fix some other related issues: - make OVS service start after DPDK service (if present); - bump OVS-DPDK compute VMs RAM since since switching from MTU 1500 to jumbo frames for virtual PODs a while ago failed to do so [1]; - avoid creating conflicting reclass linux.network.interfaces entries for OVS ports by using their name (drop 'ovs_port_' prefix): * for untagged networks they will override existing common defs; * for tagged networks, they will create separate entries; - DPDK scenarios: make gtw01 br-prv members OVS ports to avoid race conditions after node reboot by letting OVS handle them; [1] https://developers.redhat.com/blog/2018/03/16/\ ovs-dpdk-hugepage-memory/ Change-Id: I0266ba67f3849b6f7e331a758146b331730bae55 Signed-off-by: Alexandru Avadanii --- mcp/config/scenario/os-nosdn-ovs-ha.yaml | 4 +- mcp/config/scenario/os-nosdn-ovs-noha.yaml | 4 +- mcp/config/scenario/os-odl-ovs-noha.yaml | 4 +- mcp/patches/fuel-patch-copyright.template | 2 +- .../0001-Set-ovs-bridges-as-L3-interfaces.patch | 25 ++++-- .../0002-network-Bring-in-basic-VPP-support.patch | 2 +- ...S-Fix-Debian-service-deps-OVS-bridge-ifup.patch | 97 ++++++++++++++++++++++ .../mcp-common-ha/openstack_compute_pdf.yml.j2 | 6 +- .../mcp-common-noha/openstack_gateway_pdf.yml.j2 | 3 +- .../cluster/mcp-odl-noha/openstack/compute.yml.j2 | 3 +- .../cluster/mcp-odl-noha/openstack/gateway.yml.j2 | 5 ++ .../cluster/mcp-ovn-noha/openstack/compute.yml.j2 | 3 +- .../mcp-ovs-dpdk-noha/openstack/gateway.yml.j2 | 5 ++ 13 files changed, 141 insertions(+), 22 deletions(-) create mode 100644 mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch (limited to 'mcp') diff --git a/mcp/config/scenario/os-nosdn-ovs-ha.yaml b/mcp/config/scenario/os-nosdn-ovs-ha.yaml index 57f2140bb..e42d17210 100644 --- a/mcp/config/scenario/os-nosdn-ovs-ha.yaml +++ b/mcp/config/scenario/os-nosdn-ovs-ha.yaml @@ -37,7 +37,7 @@ virtual: ram: 14336 cmp001: vcpus: 4 - ram: 8192 + ram: 10240 cmp002: vcpus: 4 - ram: 8192 + ram: 10240 diff --git a/mcp/config/scenario/os-nosdn-ovs-noha.yaml b/mcp/config/scenario/os-nosdn-ovs-noha.yaml index 15cad1d29..de8873daf 100644 --- a/mcp/config/scenario/os-nosdn-ovs-noha.yaml +++ b/mcp/config/scenario/os-nosdn-ovs-noha.yaml @@ -28,7 +28,7 @@ virtual: ram: 2048 cmp001: vcpus: 4 - ram: 8192 + ram: 10240 cmp002: vcpus: 4 - ram: 8192 + ram: 10240 diff --git a/mcp/config/scenario/os-odl-ovs-noha.yaml b/mcp/config/scenario/os-odl-ovs-noha.yaml index e2df6a476..0731198db 100644 --- a/mcp/config/scenario/os-odl-ovs-noha.yaml +++ b/mcp/config/scenario/os-odl-ovs-noha.yaml @@ -33,7 +33,7 @@ virtual: ram: 5120 cmp001: vcpus: 4 - ram: 8192 + ram: 10240 cmp002: vcpus: 4 - ram: 8192 + ram: 10240 diff --git a/mcp/patches/fuel-patch-copyright.template b/mcp/patches/fuel-patch-copyright.template index e92458082..d50bdbe8a 100644 --- a/mcp/patches/fuel-patch-copyright.template +++ b/mcp/patches/fuel-patch-copyright.template @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch b/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch index 92d17a1a4..9479a990b 100644 --- a/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch +++ b/mcp/patches/salt-formula-linux/0001-Set-ovs-bridges-as-L3-interfaces.patch @@ -10,13 +10,22 @@ From: Michael Polenchuk Date: Wed, 28 Feb 2018 17:54:28 +0400 Subject: [PATCH] Set ovs bridges as L3 interfaces +--- + linux/files/ovs_bridge | 22 ++++++++++++++++++++++ + linux/files/ovs_port | 8 +++++++- + linux/network/interface.sls | 34 +++++++++++++++++++++++++++++++++- + 3 files changed, 62 insertions(+), 2 deletions(-) + create mode 100644 linux/files/ovs_bridge + diff --git a/linux/files/ovs_bridge b/linux/files/ovs_bridge new file mode 100644 -index 0000000..1322eeb +index 0000000..4718b91 --- /dev/null +++ b/linux/files/ovs_bridge -@@ -0,0 +1,20 @@ -+auto {{ bridge_name }} +@@ -0,0 +1,22 @@ ++# With systemd, adding OVS bridges as 'auto' can cause race conditions ++# https://github.com/openvswitch/ovs/blob/master/debian/openvswitch-switch.README.Debian ++# auto {{ bridge_name }} +allow-ovs {{ bridge_name }} +iface {{ bridge_name }} inet {{ bridge.get('proto', 'static' if bridge.address is defined else 'manual') }} + ovs_type OVSBridge @@ -37,11 +46,15 @@ index 0000000..1322eeb + dns-nameservers {{ bridge.name_servers | join(' ') }} + {%- endif %} diff --git a/linux/files/ovs_port b/linux/files/ovs_port -index 222ca8e..efb0307 100644 +index 222ca8e..41821b7 100644 --- a/linux/files/ovs_port +++ b/linux/files/ovs_port -@@ -1,6 +1,9 @@ - auto {{ port_name }} +@@ -1,6 +1,12 @@ +-auto {{ port_name }} ++# With systemd, adding OVS bridges as 'auto' can cause race conditions ++# https://github.com/openvswitch/ovs/blob/master/debian/openvswitch-switch.README.Debian ++# OVS ports will be automatically ifup-ed when ifup-ing the OVS bridge ++# auto {{ port_name }} allow-{{ port.bridge }} {{ port_name }} iface {{ port_name }} inet {{ port.get('proto', 'manual') }} +{%- if '.' in port_name %} diff --git a/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch b/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch index 756c575b4..44883ae82 100644 --- a/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch +++ b/mcp/patches/salt-formula-linux/0002-network-Bring-in-basic-VPP-support.patch @@ -1,5 +1,5 @@ :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -: Copyright (c) 2018 Mirantis Inc., Enea AB and others. +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 diff --git a/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch b/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch new file mode 100644 index 000000000..70b699a76 --- /dev/null +++ b/mcp/patches/salt-formula-linux/0003-OVS-Fix-Debian-service-deps-OVS-bridge-ifup.patch @@ -0,0 +1,97 @@ +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +: Copyright (c) 2019 Mirantis Inc., Enea AB and others. +: +: All rights reserved. This program and the accompanying materials +: are made available under the terms of the Apache License, Version 2.0 +: which accompanies this distribution, and is available at +: http://www.apache.org/licenses/LICENSE-2.0 +:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: +From: Alexandru Avadanii +Date: Fri, 25 Jan 2019 21:20:04 +0100 +Subject: [PATCH] OVS: Fix Debian service deps, OVS bridge ifup + +Fix OVS vs Linux bridge race condition: +- OVS services should start before networking service; +- OVS services should start after DPDK service (if present); +- networking service should ifup OVS bridges (and automatically their + OVS ports if present) after Linux interfaces/bridges; +- br-prv should be handled by OVS to avoid another race condition, + so use 'allow-ovs br-prv' instead of 'auto'; + +NOTE: +- OVS ports/bridges should NOT be configured as auto for this to work; +- OVS services correspond to OVS 2.9 or newer, since before that + ovsdb-server was called openvswitch-nonetwork. +- we also need to take care of one particularly ugly circular dep: + ovs-vswitchd --> ovsdb-server -(default dep)-> sysinit.target --> + cloud-init.service --> networking.service --> ovs-vswitchd + We'll just set 'DefaultDependencies=no' for ovs services, although + this might require explicitly adding back some of the indirect + dependencies of sysinit.target. + +Signed-off-by: Alexandru Avadanii +--- + linux/network/dpdk.sls | 2 +- + linux/network/interface.sls | 36 ++++++++++++++++++++++++++++++++++++ + 2 files changed, 37 insertions(+), 1 deletion(-) + +diff --git a/linux/network/dpdk.sls b/linux/network/dpdk.sls +index 09453c6..e866909 100644 +--- a/linux/network/dpdk.sls ++++ b/linux/network/dpdk.sls +@@ -199,7 +199,7 @@ linux_network_dpdk_bridge_interface_{{ interface_name }}: + /etc/network/interfaces.u/ifcfg-{{ interface_name }}: + file.managed: + - contents: | +- auto {{ interface_name }} ++ allow-ovs {{ interface_name }} + iface {{ interface_name }} inet static + address {{ interface.address }} + netmask {{ interface.netmask }} +diff --git a/linux/network/interface.sls b/linux/network/interface.sls +index 8bce092..11db5be 100644 +--- a/linux/network/interface.sls ++++ b/linux/network/interface.sls +@@ -24,6 +24,42 @@ linux_network_bridge_pkgs: + - pkgs: {{ network.bridge_pkgs }} + {%- endif %} + ++{%- if network.bridge == 'openvswitch' and grains.os_family == 'Debian' %} ++ ++{# create drop-in dpdk, networking dependency for ovs services #} ++/etc/systemd/system/ovsdb-server.service.d/override.conf: ++ file.managed: ++ - makedirs: true ++ - require: ++ - pkg: linux_network_bridge_pkgs ++ - contents: | ++ [Unit] ++ After=dpdk.service ++ Before=networking.service ++ DefaultDependencies=no ++ ++/etc/systemd/system/ovs-vswitchd.service.d/override.conf: ++ file.managed: ++ - makedirs: true ++ - require: ++ - pkg: linux_network_bridge_pkgs ++ - contents: | ++ [Unit] ++ Before=networking.service ++ DefaultDependencies=no ++ ++{# Debian/Ubuntu won't automatically ifup OVS bridges, workaround #} ++/etc/systemd/system/networking.service.d/ovs_workaround.conf: ++ file.managed: ++ - makedirs: true ++ - require: ++ - pkg: linux_network_bridge_pkgs ++ - contents: | ++ [Service] ++ ExecStart=/sbin/ifup --allow=ovs -a --read-environment ++ ++{%- endif %} ++ + {%- endif %} + + {%- for f in network.get('concat_iface_files', []) %} diff --git a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 index f1b369c66..de0177a04 100644 --- a/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-ha/openstack_compute_pdf.yml.j2 @@ -42,6 +42,9 @@ parameters: {%- if nm.cmp001.nic_admin in nics %} {%- do nics.pop(nm.cmp001.nic_admin) %} {%- endif %} +{%- if ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) in nics %} + {%- do nics.pop(nm.cmp001.nic_public) %} +{%- endif %} {{ ma.linux_network_interfaces_nic(nics) }} @@ -67,9 +70,8 @@ parameters: gateway: ${_param:opnfv_net_public_gw} name_servers: {{ nm.dns_public }} noifupdown: true - ovs_port_{{ nm.cmp001.nic_public }}: + {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}: enabled: true - name: {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} proto: manual ovs_port_type: OVSPort type: ovs_port diff --git a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 index d2003d235..23f4ed638 100644 --- a/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-common-noha/openstack_gateway_pdf.yml.j2 @@ -60,9 +60,8 @@ parameters: {{ ma.linux_network_interfaces_vlan(vlans) }} {%- if '-fdio-' not in conf.MCP_DEPLOY_SCENARIO %} - ovs_port_{{ nm.ctl01.nic_public }}: + {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }}: enabled: true - name: {{ ma.interface_str(nm.ctl01.nic_public, nm.vlan_public) }} mtu: ${_param:interface_mtu} proto: manual ovs_port_type: OVSPort diff --git a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2 index 5d8d26a1a..969c9347f 100644 --- a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/compute.yml.j2 @@ -80,9 +80,8 @@ parameters: netmask: ${_param:opnfv_net_private_mask} use_interfaces: - {{ ma.interface_str(nm.cmp001.nic_private, vlan_private_start) }} - ovs_port_{{ nm.cmp001.nic_public }}: + {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}: enabled: true - name: {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} mtu: ${_param:interface_mtu} proto: manual ovs_port_type: OVSPort diff --git a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2 b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2 index 58ba34f56..93313adc7 100644 --- a/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-odl-noha/openstack/gateway.yml.j2 @@ -19,6 +19,9 @@ parameters: interface: {%- if '-ovs-' in conf.MCP_DEPLOY_SCENARIO %} {{ nm.ctl01.nic_private }}: + ovs_port_type: OVSPort + type: ovs_port + bridge: br-prv ovs_bridge: br-prv br-prv: enabled: true @@ -27,6 +30,8 @@ parameters: proto: static address: ${_param:tenant_address} netmask: ${_param:opnfv_net_private_mask} + use_interfaces: + - {{ nm.ctl01.nic_private }} {%- else %} br-mesh: enabled: true diff --git a/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2 index da1b98865..ec6a1e7d3 100644 --- a/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-ovn-noha/openstack/compute.yml.j2 @@ -21,9 +21,8 @@ parameters: linux: network: interface: - ovs_port_{{ nm.cmp001.nic_public }}: + {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }}: enabled: true - name: {{ ma.interface_str(nm.cmp001.nic_public, nm.vlan_public) }} mtu: ${_param:interface_mtu} proto: manual ovs_port_type: OVSPort diff --git a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2 b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2 index 8d11eedcd..c45b75569 100644 --- a/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2 +++ b/mcp/reclass/classes/cluster/mcp-ovs-dpdk-noha/openstack/gateway.yml.j2 @@ -20,8 +20,13 @@ parameters: network: interface: {{ nm.ctl01.nic_private }}: + ovs_port_type: OVSPort + type: ovs_port + bridge: br-prv ovs_bridge: br-prv br-prv: enabled: true type: ovs_bridge mtu: ${_param:interface_mtu} + use_interfaces: + - {{ nm.ctl01.nic_private }} -- cgit 1.2.3-korg