[ovirt-users] Re: New failure Gluster deploy: Set granual-entry-heal on --> Bricks down

[Sverker Abrahamsson via Users]

We ran in to this issue as well when trying to install Ovirt Hyperconverged.

The root issue is that kmod-kvdo in Centos 8 (and probably upstream) is 
built for a specific kernel and if you don't run that kernel it is not 
found. This is a major issue even if you match the kernel version then 
if the kernel is updated then your volume will fail because a rpm 
package for kmod-kvdo for that specific kernel would have to be built. 
It doesn't even declare a rpm dependency on the kernel version it works 
with.


I cloned the git repo from https://github.com/dm-vdo/kvdo and built a 
rpm from there, it uses dkms so it will build a module for the running 
kernel and if the kernel is updated then a new module for that version 
will be built. Works like a charm every time, but I haven't yet tried to 
run the hyperconverged wizard again.


/Sverker

Den 2021-01-11 kl. 21:32, skrev Charles Lam:

Dear Strahil and Ritesh,

Thank you both.  I am back where I started with:

"One or more bricks could be down. Please execute the command again after bringing all bricks online and finishing 
any pending heals\nVolume heal failed.", "stdout_lines": ["One or more bricks could be down. Please 
execute the command again after bringing all bricks online and finishing any pending heals", "Volume heal 
failed."]

Regarding my most recent issue:

"vdo: ERROR - Kernel module kvdo not installed\nvdo: ERROR - modprobe: FATAL: 
Module
kvdo not found in directory /lib/modules/4.18.0-240.1.1.el8_3.x86_64\n"

Per Strahil's note, I checked for kvdo:

[r...@host1.tld.com conf.d]# rpm -qa | grep vdo
libblockdev-vdo-2.24-1.el8.x86_64
vdo-6.2.3.114-14.el8.x86_64
kmod-kvdo-6.2.2.117-65.el8.x86_64
[r...@host1.tld.com conf.d]#

[r...@host2.tld.com conf.d]# rpm -qa | grep vdo
libblockdev-vdo-2.24-1.el8.x86_64
vdo-6.2.3.114-14.el8.x86_64
kmod-kvdo-6.2.2.117-65.el8.x86_64
[r...@host2.tld.com conf.d]#

[r...@host3.tld.com ~]# rpm -qa | grep vdo
libblockdev-vdo-2.24-1.el8.x86_64
vdo-6.2.3.114-14.el8.x86_64
kmod-kvdo-6.2.2.117-65.el8.x86_64
[r...@host3.tld.com ~]#

I found 
https://unix.stackexchange.com/questions/624011/problem-on-centos-8-with-creating-vdo-kernel-module-kvdo-not-installed
 which pointed to https://bugs.centos.org/view.php?id=17928.  As suggested on 
the CentOS bug tracker I attempted to manually install

vdo-support-6.2.4.14-14.el8.x86_64
vdo-6.2.4.14-14.el8.x86_64
kmod-kvdo-6.2.3.91-73.el8.x86_64

but there was a dependency that kernel-core be greater than what I was 
installed, so I manually upgraded kernel-core to 
kernel-core-4.18.0-259.el8.x86_64.rpm then upgraded vdo and kmod-kvdo to

vdo-6.2.4.14-14.el8.x86_64.rpm
kmod-kvdo-6.2.4.26-76.el8.x86_64.rpm

and installed vdo-support-6.2.4.14-14.el8.x86_64.rpm.  Upon clean-up and 
redeploy I am now back at Gluster deploy failing at

TASK [gluster.features/roles/gluster_hci : Set granual-entry-heal on] **
task path: 
/etc/ansible/roles/gluster.features/roles/gluster_hci/tasks/hci_volumes.yml:67
failed: [fmov1n1.sn.dtcorp.com] (item={'volname': 'engine', 'brick': '/gluster_bricks/engine/engine', 'arbiter': 0}) => {"ansible_loop_var": "item", "changed": true, "cmd": ["gluster", "volume", "heal", "engine", "granular-entry-heal", "enable"], "delta": "0:00:10.098573", 
"end": "2021-01-11 19:27:05.333720", "item": {"arbiter": 0, "brick": "/gluster_bricks/engine/engine", "volname": "engine"}, "msg": "non-zero return code", "rc": 107, "start": "2021-01-11 19:26:55.235147", "stderr": "", "stderr_lines": [], 
"stdout": "One or more bricks could be down. Please execute the command again after bringing all bricks online and finishing any pending heals\nVolume heal failed.", "stdout_lines": ["One or more bricks could be down. Please execute the command again after bringing all bricks online and finishing any pending heals", "Volume heal failed."]}
failed: [fmov1n1.sn.dtcorp.com] (item={'volname': 'data', 'brick': '/gluster_bricks/data/data', 'arbiter': 0}) => {"ansible_loop_var": "item", "changed": true, "cmd": ["gluster", "volume", "heal", "data", "granular-entry-heal", "enable"], "delta": "0:00:10.099670", "end": 
"2021-01-11 19:27:20.564554", "item": {"arbiter": 0, "brick": "/gluster_bricks/data/data", "volname": "data"}, "msg": "non-zero return code", "rc": 107, "start": "2021-01-11 19:27:10.464884", "stderr": "", "stderr_lines": [], "stdout": "One or 
more bricks could be down. Please execute the command again after bringing all bricks online and finishing any pending heals\nVolume heal failed.", "stdout_lines": ["One or more bricks could be down. Please execute the command again after bringing all bricks online and finishing any pending heals", "Volume heal failed."]}
failed: [fmov1n1.sn.dtcorp.com] (item={'volname': 'vmstore', 'brick': '/gluster_bricks/vmstore/vmstore', 'arbiter': 0}) => {"ansible_loop_var": "item", "changed": true, "cmd": ["gluster", "volume", "heal", "vmstore", "granular-entry-heal", "enable"], "delta": "0:00:10.104624", 
"end": "2021-01-11 19:27:35.774230", 

[ovirt-users] Re: Hosted engine install failure: ipv6.gateway: gateway cannot be set if there are no addresses configured

[Sverker Abrahamsson via Users]

Hi Ales,
this is a CentOS 8 so my impression was that you always have 
NetworkManager then? At least my attempt to remove it failed miserably.


The enp4s0 config was created by the install, so it should be controlled 
by NetworkManager.


/Sverker

Den 2020-09-03 kl. 12:29, skrev Ales Musil:



On Thu, Sep 3, 2020 at 12:21 PM Sverker Abrahamsson 
mailto:sver...@abrahamsson.com>> wrote:


Hi Ales,
right now I have a manually created ovirtmgmt bridge (virbr0 and
vnet0 seems to be created during the failed attempt to deploy
hosted engine):

[root@h1-mgmt ~]# nmcli con show
NAME UUID  TYPE  DEVICE
enp4s0 af7ccb53-011b-4c36-998a-1878b4ae7100  ethernet  enp4s0
Bridge ovirtmgmt 9a0b07c0-2983-fe97-ec7f-ad2b51c3a3f0  bridge
ovirtmgmt
virbr0 aa593151-2c12-4cf7-985b-f105b3575d09  bridge    virbr0
enp4s0.4000 ecc8064d-18c1-99b7-3fe4-9c5a593ece6f  vlan enp4s0.4000
vnet0 a6db45bd-93c8-4c37-85fc-0c58ba3e9d00  tun   vnet0
[root@h1-mgmt ~]# nmstatectl show
---
dns-resolver:
  config:
    search: []
    server:
    - 213.133.98.98
  running:
    search: []
    server:
    - 213.133.98.98
route-rules:
  config: []
routes:
  config:
  - destination: 0.0.0.0/0 <http://0.0.0.0/0>
    metric: -1
    next-hop-address: 144.76.84.65
    next-hop-interface: enp4s0
    table-id: 0
  - destination: ::/0
    metric: -1
    next-hop-address: fe80::1
    next-hop-interface: enp4s0
    table-id: 0
  running:
  - destination: 0.0.0.0/0 <http://0.0.0.0/0>
    metric: 100
    next-hop-address: 144.76.84.65
    next-hop-interface: enp4s0
    table-id: 254
  - destination: 144.76.84.65/32 <http://144.76.84.65/32>
    metric: 100
    next-hop-address: ''
    next-hop-interface: enp4s0
    table-id: 254
  - destination: 172.27.1.0/24 <http://172.27.1.0/24>
    metric: 425
    next-hop-address: ''
    next-hop-interface: ovirtmgmt
    table-id: 254
  - destination: 192.168.1.0/24 <http://192.168.1.0/24>
    metric: 0
    next-hop-address: ''
    next-hop-interface: virbr0
    table-id: 254
  - destination: 2a01:4f8:192:1148::/64
    metric: 100
    next-hop-address: ''
    next-hop-interface: enp4s0
    table-id: 254
  - destination: ::/0
    metric: 100
    next-hop-address: fe80::1
    next-hop-interface: enp4s0
    table-id: 254
  - destination: fe80::/64
    metric: 100
    next-hop-address: ''
    next-hop-interface: enp4s0
    table-id: 254
  - destination: ff00::/8
    metric: 256
    next-hop-address: ''
    next-hop-interface: enp4s0
    table-id: 255
interfaces:
- name: ;vdsmdummy;
  type: linux-bridge
  state: down
  ipv4:
    enabled: false
  ipv6:
    enabled: false
  mac-address: DE:D3:A8:24:27:F6
  mtu: 1500
- name: br-int
  type: unknown
  state: down
  ipv4:
    enabled: false
  ipv6:
    enabled: false
  mac-address: 6E:37:94:63:E0:4B
  mtu: 1500
- name: enp4s0
  type: ethernet
  state: up
  ethernet:
    auto-negotiation: true
    duplex: full
    speed: 1000
  ipv4:
    address:
    - ip: 144.76.84.73
  prefix-length: 32
    dhcp: false
    enabled: true
  ipv6:
    address:
    - ip: 2a01:4f8:192:1148::2
  prefix-length: 64
    - ip: fe80::62a4:4cff:fee9:4ac
  prefix-length: 64
    auto-dns: true
    auto-gateway: true
    auto-routes: true
    autoconf: true
    dhcp: true
    enabled: true
  mac-address: 60:A4:4C:E9:04:AC
  mtu: 1500
- name: enp4s0.4000
  type: vlan
  state: up
  ipv4:
    dhcp: false
    enabled: false
  ipv6:
    enabled: false
  mac-address: 60:A4:4C:E9:04:AC
  mtu: 1500
  vlan:
    base-iface: enp4s0
    id: 4000
- name: lo
  type: unknown
  state: down
  ipv4:
    enabled: false
  ipv6:
    enabled: false
  mtu: 65536
- name: ovirtmgmt
  type: linux-bridge
  state: up
  bridge:
    options:
  group-forward-mask: 0
  mac-ageing-time: 300
  multicast-snooping: true
  stp:
    enabled: false
    forward-delay: 15
    hello-time: 2
    max-age: 20
    priority: 32768
    port:
    - name: enp4s0.4000
  stp-hairpin-mode: false
  stp-path-cost: 100
  stp-priority: 32
  ipv4:
    address:
    - ip: 172.27.1.1
  prefix-length: 24
    dhcp: false
    enabled: true
  ipv6:
    autoconf: false
    dhcp: false
    enabled: false
  mac-address: 60:A4:4C:E9:04:AC
  mtu: 1500
- 

[ovirt-users] Re: Hosted engine install failure: ipv6.gateway: gateway cannot be set if there are no addresses configured

[Sverker Abrahamsson via Users]

 this:


[root@h1-mgmt ~]# nmcli con show
NAME UUID TYPE  DEVICE
enp4s0   af7ccb53-011b-4c36-998a-1878b4ae7100 ethernet  enp4s0
enp4s0.4000  ecc8064d-18c1-99b7-3fe4-9c5a593ece6f vlan  enp4s0.4000
[root@h1-mgmt ~]# nmstatectl show
---
dns-resolver:
  config:
    search: []
    server:
    - 213.133.98.98
  running:
    search: []
    server:
    - 213.133.98.98
route-rules:
  config: []
routes:
  config:
  - destination: 0.0.0.0/0
    metric: -1
    next-hop-address: 144.76.84.65
    next-hop-interface: enp4s0
    table-id: 0
  - destination: ::/0
    metric: -1
    next-hop-address: fe80::1
    next-hop-interface: enp4s0
    table-id: 0
  running:
  - destination: 0.0.0.0/0
    metric: 100
    next-hop-address: 144.76.84.65
    next-hop-interface: enp4s0
    table-id: 254
  - destination: 144.76.84.65/32
    metric: 100
    next-hop-address: ''
    next-hop-interface: enp4s0
    table-id: 254
  - destination: 172.27.1.0/24
    metric: 400
    next-hop-address: ''
    next-hop-interface: enp4s0.4000
    table-id: 254
  - destination: 2a01:4f8:192:1148::/64
    metric: 100
    next-hop-address: ''
    next-hop-interface: enp4s0
    table-id: 254
  - destination: ::/0
    metric: 100
    next-hop-address: fe80::1
    next-hop-interface: enp4s0
    table-id: 254
  - destination: fe80::/64
    metric: 100
    next-hop-address: ''
    next-hop-interface: enp4s0
    table-id: 254
  - destination: ff00::/8
    metric: 256
    next-hop-address: ''
    next-hop-interface: enp4s0
    table-id: 255
interfaces:
- name: ;vdsmdummy;
  type: linux-bridge
  state: down
  ipv4:
    enabled: false
  ipv6:
    enabled: false
  mac-address: B2:9E:E0:61:71:88
  mtu: 1500
- name: br-int
  type: unknown
  state: down
  ipv4:
    enabled: false
  ipv6:
    enabled: false
  mac-address: 6E:37:94:63:E0:4B
  mtu: 1500
- name: enp4s0
  type: ethernet
  state: up
  ethernet:
    auto-negotiation: true
    duplex: full
    speed: 1000
  ipv4:
    address:
    - ip: 144.76.84.73
  prefix-length: 32
    dhcp: false
    enabled: true
  ipv6:
    address:
    - ip: 2a01:4f8:192:1148::2
  prefix-length: 64
    - ip: fe80::62a4:4cff:fee9:4ac
  prefix-length: 64
    auto-dns: true
    auto-gateway: true
    auto-routes: true
    autoconf: true
    dhcp: true
    enabled: true
  mac-address: 60:A4:4C:E9:04:AC
  mtu: 1500
- name: enp4s0.4000
  type: vlan
  state: up
  ipv4:
    address:
    - ip: 172.27.1.1
  prefix-length: 24
    dhcp: false
    enabled: true
  ipv6:
    autoconf: false
    dhcp: false
    enabled: false
  mac-address: 60:A4:4C:E9:04:AC
  mtu: 1500
  vlan:
    base-iface: enp4s0
    id: 4000
- name: lo
  type: unknown
  state: down
  ipv4:
    enabled: false
  ipv6:
    enabled: false
  mtu: 65536
- name: ovs-system
  type: unknown
  state: down
  ipv4:
    enabled: false
  ipv6:
    enabled: false
  mac-address: A2:35:7A:6C:B7:EF
  mtu: 1500

/Sverker

Den 2020-09-03 kl. 11:54, skrev Ales Musil:



On Thu, Sep 3, 2020 at 11:51 AM Sverker Abrahamsson via Users 
mailto:users@ovirt.org>> wrote:


Hi Dominik
That is my issue, I don't get to where I can get the ovirtmgmt
bridge established because vdsm insists on creating it. It used to
be possible to create that bridge statically and vdsm would just
skip it but seems to be broken now.

If it would be possible to use OVN for the management network that
would solve my issue and would be the preferable solution, but as
you write that isn't possible which was what I suspected.

Do you have any other suggestion on how to solve this issue? That
I get the external interface untagged and the internal network
tagged is not possible to change.

/Sverker


Hello Sverker,

can you please share output from "nmcli con show" and "nmstatectl show"?

Thank you.
Regards,
Ales

Den 2020-09-03 kl. 10:52, skrev Dominik Holler:



On Wed, Sep 2, 2020 at 10:38 PM Sverker Abrahamsson via Users
mailto:users@ovirt.org>> wrote:

Well, unforturnatly I don't have a choise since it is out of
my control.
I only have one physical network port where the external
traffic is
untagged and the internal vlan is tagged. If I could run with
OVN


OVN is for VM traffic only, not usable for the management network.

instead I wouldn't need that tagged vlan, but I haven't been
able to get
that to work neither.


Please let us know if OVN does not work for VM traffic for you.

It's perfectly possible to have both tagged and untagged
traffic on the
same switch port, issue is that vdsm tries to take control
over the
network without being able to be flexible enough.. I'm
attempting now to
have ovirtmgmt bridge created before, that used to be
possible but
according to previous mails on the list it went broken
somewhere at 4.x.

/Sverker

   

[ovirt-users] Re: Hosted engine install failure: ipv6.gateway: gateway cannot be set if there are no addresses configured

[Sverker Abrahamsson via Users]

Hi Dominik
That is my issue, I don't get to where I can get the ovirtmgmt bridge 
established because vdsm insists on creating it. It used to be possible 
to create that bridge statically and vdsm would just skip it but seems 
to be broken now.


If it would be possible to use OVN for the management network that would 
solve my issue and would be the preferable solution, but as you write 
that isn't possible which was what I suspected.


Do you have any other suggestion on how to solve this issue? That I get 
the external interface untagged and the internal network tagged is not 
possible to change.


/Sverker

Den 2020-09-03 kl. 10:52, skrev Dominik Holler:



On Wed, Sep 2, 2020 at 10:38 PM Sverker Abrahamsson via Users 
mailto:users@ovirt.org>> wrote:


Well, unforturnatly I don't have a choise since it is out of my
control.
I only have one physical network port where the external traffic is
untagged and the internal vlan is tagged. If I could run with OVN


OVN is for VM traffic only, not usable for the management network.

instead I wouldn't need that tagged vlan, but I haven't been able
to get
that to work neither.


Please let us know if OVN does not work for VM traffic for you.

It's perfectly possible to have both tagged and untagged traffic
on the
same switch port, issue is that vdsm tries to take control over the
network without being able to be flexible enough.. I'm attempting
now to
have ovirtmgmt bridge created before, that used to be possible but
according to previous mails on the list it went broken somewhere
at 4.x.

/Sverker

Den 2020-09-02 kl. 21:39, skrev Strahil Nikolov:
> Switchports can either be tagged or untagged.
> I'm not sure that your setup is supported at all.
>
> Best Regards,
> Strahil Nikolov
>
>
>
>
>
>
> В сряда, 2 септември 2020 г., 20:41:57 Гринуич+3, Sverker
Abrahamsson via Users mailto:users@ovirt.org>>
написа:
>
>
>
>
>
> Pretty formatting the "desired state" it seems that vdsm tries
to remove
> the ip of my underlying interface, that is enp4s0:
> 


> {
>      'interfaces': [{
>              'name': 'enp4s0',
>              'state': 'up',
>              'mtu': 1500
>          }, {
>              'vlan': {
>                  'id': 4000,
>                  'base-iface': 'enp4s0'
>              },
>              'name': 'enp4s0.4000',
>              'type': 'vlan',
>              'state': 'up',
>              'mtu': 1500,
>              'ipv4': {
>                  'enabled': False
>              },
>              'ipv6': {
>                  'enabled': False
>              }
>          }, {
>              'name': 'ovirtmgmt',
>              'type': 'linux-bridge',
>              'state': 'up',
>              'mtu': 1500,
>              'bridge': {
>                  'port': [{
>                          'name': 'enp4s0.4000'
>                      }
>                  ],
>                  'options': {
>                      'stp': {
>                          'enabled': False
>                      }
>                  }
>              },
>              'ipv4': {
>                  'enabled': True,
>                  'address': [{
>                          'ip': '172.27.1.1',
>                          'prefix-length': 24
>                      }
>                  ],
>                  'dhcp': False
>              },
>              'ipv6': {
>                  'enabled': False
>              }
>          }
>      ],
>      'dns-resolver': {
>          'config'
>          : {
>              'server': ['213.133.98.98']
>          }
>      }
> }
>


Thanks, this is helpful information.
Can you please share the getCapabilities result sent from vdsm to 
Engine directly before the setupNetworks request,

and the parameters of the setupNetworks request from Engine to vdsm?
Both are in the vdsm.log during adding the host.

>
> This is my interfaces before vdsm attemtpts to change the config:
>
> enp4s0: flags=4163  mtu 1500
>      inet 144.76.84.73  netmask 255.255.255.255 broadcast
0.0.0.0
>      inet6 fe80::62a4:4cff:fee9:4ac  prefixlen 64 scopeid
0x20
>      inet6 2a01:4f8:192:1148::2  prefixlen 64 scopeid
0x0
>      ether 60:a4:4c:e9:04:ac  txqueuelen 1000 (Ethernet)
>      RX packets 293442  bytes 385541799 (367.6 MiB)
>    

[ovirt-users] Re: Hosted engine install failure: ipv6.gateway: gateway cannot be set if there are no addresses configured

[Sverker Abrahamsson via Users]

Hi Strahil,
there is nothing wrong with the switch other than that I don't have any 
control over it so the network setup is as it is. The issue is that vdsm 
breaks the network setup because it's not flexible enough.


/Sverker

Den 2020-09-03 kl. 00:47, skrev Strahil Nikolov:

What is you switch brand & model ?
Maybe someone more experienced in networking can help.


Best Regards,
Strahil Nikolov






В сряда, 2 септември 2020 г., 23:39:57 Гринуич+3, Sverker Abrahamsson via Users 
 написа:





Well, unforturnatly I don't have a choise since it is out of my control.
I only have one physical network port where the external traffic is
untagged and the internal vlan is tagged. If I could run with OVN
instead I wouldn't need that tagged vlan, but I haven't been able to get
that to work neither.

It's perfectly possible to have both tagged and untagged traffic on the
same switch port, issue is that vdsm tries to take control over the
network without being able to be flexible enough.. I'm attempting now to
have ovirtmgmt bridge created before, that used to be possible but
according to previous mails on the list it went broken somewhere at 4.x.

/Sverker

Den 2020-09-02 kl. 21:39, skrev Strahil Nikolov:

Switchports can either be tagged or untagged.
I'm not sure that your setup is supported at all.

Best Regards,
Strahil Nikolov






В сряда, 2 септември 2020 г., 20:41:57 Гринуич+3, Sverker Abrahamsson via Users 
 написа:





Pretty formatting the "desired state" it seems that vdsm tries to remove
the ip of my underlying interface, that is enp4s0:

{
       'interfaces': [{
               'name': 'enp4s0',
               'state': 'up',
               'mtu': 1500
           }, {
               'vlan': {
                   'id': 4000,
                   'base-iface': 'enp4s0'
               },
               'name': 'enp4s0.4000',
               'type': 'vlan',
               'state': 'up',
               'mtu': 1500,
               'ipv4': {
                   'enabled': False
               },
               'ipv6': {
                   'enabled': False
               }
           }, {
               'name': 'ovirtmgmt',
               'type': 'linux-bridge',
               'state': 'up',
               'mtu': 1500,
               'bridge': {
                   'port': [{
                           'name': 'enp4s0.4000'
                       }
                   ],
                   'options': {
                       'stp': {
                           'enabled': False
                       }
                   }
               },
               'ipv4': {
                   'enabled': True,
                   'address': [{
                           'ip': '172.27.1.1',
                           'prefix-length': 24
                       }
                   ],
                   'dhcp': False
               },
               'ipv6': {
                   'enabled': False
               }
           }
       ],
       'dns-resolver': {
           'config'
           : {
               'server': ['213.133.98.98']
           }
       }
}


This is my interfaces before vdsm attemtpts to change the config:

enp4s0: flags=4163  mtu 1500
       inet 144.76.84.73  netmask 255.255.255.255  broadcast 0.0.0.0
       inet6 fe80::62a4:4cff:fee9:4ac  prefixlen 64  scopeid 0x20
       inet6 2a01:4f8:192:1148::2  prefixlen 64  scopeid 0x0
       ether 60:a4:4c:e9:04:ac  txqueuelen 1000  (Ethernet)
       RX packets 293442  bytes 385541799 (367.6 MiB)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 91095  bytes 31160348 (29.7 MiB)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
       device interrupt 17  memory 0xf7d0-f7d2

enp4s0.4000: flags=4163  mtu 1500
       inet 172.27.1.1  netmask 255.255.255.0  broadcast 172.27.1.255
       inet6 fe80::62a4:4cff:fee9:4ac  prefixlen 64  scopeid 0x20
       ether 60:a4:4c:e9:04:ac  txqueuelen 1000  (Ethernet)
       RX packets 0  bytes 0 (0.0 B)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 13  bytes 938 (938.0 B)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

I.e. enp4s0 is the external interface that must not be changed, bridge
must be created on the vlan interface. I would prefer to create the
bridge manually and not through vdsm if that is possible.

/Sverker

Den 2020-09-02 kl. 19:14, skrev Sverker Abrahamsson via Users:

Hi,
I'm attempting to install hosted engine but getting this failure:

[ ERROR ] fatal: [localhost]: FAILED! => {"changed": false, "msg":
"The host has been set in non_operational status, deployment errors:
code 505: Host h1-mgmt.limetransit.com installation failed. Failed to
configure management network on the host.,    code 1120: Failed to
configure management network on host h1-mgmt.limetransit.com due to
setup networks failure., code 9000: Failed to verify 

[ovirt-users] Re: Hosted engine install failure: ipv6.gateway: gateway cannot be set if there are no addresses configured

[Sverker Abrahamsson via Users]

Well, unforturnatly I don't have a choise since it is out of my control. 
I only have one physical network port where the external traffic is 
untagged and the internal vlan is tagged. If I could run with OVN 
instead I wouldn't need that tagged vlan, but I haven't been able to get 
that to work neither.


It's perfectly possible to have both tagged and untagged traffic on the 
same switch port, issue is that vdsm tries to take control over the 
network without being able to be flexible enough.. I'm attempting now to 
have ovirtmgmt bridge created before, that used to be possible but 
according to previous mails on the list it went broken somewhere at 4.x.


/Sverker

Den 2020-09-02 kl. 21:39, skrev Strahil Nikolov:

Switchports can either be tagged or untagged.
I'm not sure that your setup is supported at all.

Best Regards,
Strahil Nikolov






В сряда, 2 септември 2020 г., 20:41:57 Гринуич+3, Sverker Abrahamsson via Users 
 написа:





Pretty formatting the "desired state" it seems that vdsm tries to remove
the ip of my underlying interface, that is enp4s0:

{
     'interfaces': [{
             'name': 'enp4s0',
             'state': 'up',
             'mtu': 1500
         }, {
             'vlan': {
                 'id': 4000,
                 'base-iface': 'enp4s0'
             },
             'name': 'enp4s0.4000',
             'type': 'vlan',
             'state': 'up',
             'mtu': 1500,
             'ipv4': {
                 'enabled': False
             },
             'ipv6': {
                 'enabled': False
             }
         }, {
             'name': 'ovirtmgmt',
             'type': 'linux-bridge',
             'state': 'up',
             'mtu': 1500,
             'bridge': {
                 'port': [{
                         'name': 'enp4s0.4000'
                     }
                 ],
                 'options': {
                     'stp': {
                         'enabled': False
                     }
                 }
             },
             'ipv4': {
                 'enabled': True,
                 'address': [{
                         'ip': '172.27.1.1',
                         'prefix-length': 24
                     }
                 ],
                 'dhcp': False
             },
             'ipv6': {
                 'enabled': False
             }
         }
     ],
     'dns-resolver': {
         'config'
         : {
             'server': ['213.133.98.98']
         }
     }
}


This is my interfaces before vdsm attemtpts to change the config:

enp4s0: flags=4163  mtu 1500
     inet 144.76.84.73  netmask 255.255.255.255  broadcast 0.0.0.0
     inet6 fe80::62a4:4cff:fee9:4ac  prefixlen 64  scopeid 0x20
     inet6 2a01:4f8:192:1148::2  prefixlen 64  scopeid 0x0
     ether 60:a4:4c:e9:04:ac  txqueuelen 1000  (Ethernet)
     RX packets 293442  bytes 385541799 (367.6 MiB)
     RX errors 0  dropped 0  overruns 0  frame 0
     TX packets 91095  bytes 31160348 (29.7 MiB)
     TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
     device interrupt 17  memory 0xf7d0-f7d2

enp4s0.4000: flags=4163  mtu 1500
     inet 172.27.1.1  netmask 255.255.255.0  broadcast 172.27.1.255
     inet6 fe80::62a4:4cff:fee9:4ac  prefixlen 64  scopeid 0x20
     ether 60:a4:4c:e9:04:ac  txqueuelen 1000  (Ethernet)
     RX packets 0  bytes 0 (0.0 B)
     RX errors 0  dropped 0  overruns 0  frame 0
     TX packets 13  bytes 938 (938.0 B)
     TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

I.e. enp4s0 is the external interface that must not be changed, bridge
must be created on the vlan interface. I would prefer to create the
bridge manually and not through vdsm if that is possible.

/Sverker

Den 2020-09-02 kl. 19:14, skrev Sverker Abrahamsson via Users:

Hi,
I'm attempting to install hosted engine but getting this failure:

[ ERROR ] fatal: [localhost]: FAILED! => {"changed": false, "msg":
"The host has been set in non_operational status, deployment errors:
code 505: Host h1-mgmt.limetransit.com installation failed. Failed to
configure management network on the host.,    code 1120: Failed to
configure management network on host h1-mgmt.limetransit.com due to
setup networks failure., code 9000: Failed to verify Power Management
configuration for Host h1-mgmt.limetransit.com.,    code 10802: VDSM
h1-mgmt.limetransit.com command HostSetupNetworksVDS failed: Internal
JSON-RPC error: {'reason': 'Unexpected failure of libnm when running
the mainloop: run execution'},   fix accordingly and re-deploy."}

Looking in vdsm.log I find this which I believe is the root cause:

MainProcess|jsonrpc/0::DEBUG::2020-09-02
16:38:25,897::supervdsm_server::93::SuperVdsm.ServerCallback::(wrapper)
call setupNetworks with ({'ovirtmgmt': {'vlan': '4000', 'netmask':
'255.255.255.0', 'ipv6autoconf': False,
'nic': 'enp4s0', 'bridged': 'true', 'ipaddr': '172.27.

[ovirt-users] Hosted engine + OVN

[Sverker Abrahamsson via Users]

Was it ever solved to install hosted engine with ovn? I tried a few 
years ago, got it almost to work but then gave up.

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/6KWV2MKV6E3ABQL6DGKVJ7FZTGNG3JPK/

[ovirt-users] Re: Hosted engine install failure: ipv6.gateway: gateway cannot be set if there are no addresses configured

[Sverker Abrahamsson via Users]

Pretty formatting the "desired state" it seems that vdsm tries to remove 
the ip of my underlying interface, that is enp4s0:


{
    'interfaces': [{
            'name': 'enp4s0',
            'state': 'up',
            'mtu': 1500
        }, {
            'vlan': {
                'id': 4000,
                'base-iface': 'enp4s0'
            },
            'name': 'enp4s0.4000',
            'type': 'vlan',
            'state': 'up',
            'mtu': 1500,
            'ipv4': {
                'enabled': False
            },
            'ipv6': {
                'enabled': False
            }
        }, {
            'name': 'ovirtmgmt',
            'type': 'linux-bridge',
            'state': 'up',
            'mtu': 1500,
            'bridge': {
                'port': [{
                        'name': 'enp4s0.4000'
                    }
                ],
                'options': {
                    'stp': {
                        'enabled': False
                    }
                }
            },
            'ipv4': {
                'enabled': True,
                'address': [{
                        'ip': '172.27.1.1',
                        'prefix-length': 24
                    }
                ],
                'dhcp': False
            },
            'ipv6': {
                'enabled': False
            }
        }
    ],
    'dns-resolver': {
        'config'
        : {
            'server': ['213.133.98.98']
        }
    }
}


This is my interfaces before vdsm attemtpts to change the config:

enp4s0: flags=4163  mtu 1500
    inet 144.76.84.73  netmask 255.255.255.255  broadcast 0.0.0.0
    inet6 fe80::62a4:4cff:fee9:4ac  prefixlen 64  scopeid 0x20
    inet6 2a01:4f8:192:1148::2  prefixlen 64  scopeid 0x0
    ether 60:a4:4c:e9:04:ac  txqueuelen 1000  (Ethernet)
    RX packets 293442  bytes 385541799 (367.6 MiB)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 91095  bytes 31160348 (29.7 MiB)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    device interrupt 17  memory 0xf7d0-f7d2

enp4s0.4000: flags=4163  mtu 1500
    inet 172.27.1.1  netmask 255.255.255.0  broadcast 172.27.1.255
    inet6 fe80::62a4:4cff:fee9:4ac  prefixlen 64  scopeid 0x20
    ether 60:a4:4c:e9:04:ac  txqueuelen 1000  (Ethernet)
    RX packets 0  bytes 0 (0.0 B)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 13  bytes 938 (938.0 B)
    TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

I.e. enp4s0 is the external interface that must not be changed, bridge 
must be created on the vlan interface. I would prefer to create the 
bridge manually and not through vdsm if that is possible.


/Sverker

Den 2020-09-02 kl. 19:14, skrev Sverker Abrahamsson via Users:

Hi,
I'm attempting to install hosted engine but getting this failure:

[ ERROR ] fatal: [localhost]: FAILED! => {"changed": false, "msg": 
"The host has been set in non_operational status, deployment errors:   
code 505: Host h1-mgmt.limetransit.com installation failed. Failed to 
configure management network on the host.,    code 1120: Failed to 
configure management network on host h1-mgmt.limetransit.com due to 
setup networks failure., code 9000: Failed to verify Power Management 
configuration for Host h1-mgmt.limetransit.com.,    code 10802: VDSM 
h1-mgmt.limetransit.com command HostSetupNetworksVDS failed: Internal 
JSON-RPC error: {'reason': 'Unexpected failure of libnm when running 
the mainloop: run execution'},   fix accordingly and re-deploy."}


Looking in vdsm.log I find this which I believe is the root cause:

MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,897::supervdsm_server::93::SuperVdsm.ServerCallback::(wrapper) 
call setupNetworks with ({'ovirtmgmt': {'vlan': '4000', 'netmask': 
'255.255.255.0', 'ipv6autoconf': False,
'nic': 'enp4s0', 'bridged': 'true', 'ipaddr': '172.27.1.1', 
'defaultRoute': True, 'dhcpv6': False, 'STP': 'no', 'mtu': 1500, 
'switch': 'legacy'}}, {}, {'connectivityTimeout': 120, 
'commitOnSuccess': True, 'connectivityCh

eck': 'true'}) {}
MainProcess|jsonrpc/0::INFO::2020-09-02 
16:38:25,897::api::220::root::(setupNetworks) Setting up network 
according to configuration: networks:{'ovirtmgmt': {'vlan': '4000', 
'netmask': '255.255.255.0', 'ipv6autoconf': Fal
se, 'nic': 'enp4s0', 'bridged': 'true', 'ipaddr': '172.27.1.1', 
'defaultRoute': True, 'dhcpv6': False, 'STP': 'no', 'mtu': 1500, 
'switch': 'legacy'}}, bondings:{}, options:{'connectivityTimeout': 
120, 'commitOnSuccess':

True, 'connectivityCheck': 'true'}
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,902::cmdutils::130::root::(exec_cmd) /sbin/tc qdisc show (cwd 
None)
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,906::cmdutils::138::root::(exec_cmd) SUCCESS:  = b''; 
 = 0
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,945::vsctl::74::root::(commit) Executing commands

[ovirt-users] Hosted engine install failure: ipv6.gateway: gateway cannot be set if there are no addresses configured

[Sverker Abrahamsson via Users]

Hi,
I'm attempting to install hosted engine but getting this failure:

[ ERROR ] fatal: [localhost]: FAILED! => {"changed": false, "msg": "The 
host has been set in non_operational status, deployment errors:   code 
505: Host h1-mgmt.limetransit.com installation failed. Failed to 
configure management network on the host.,    code 1120: Failed to 
configure management network on host h1-mgmt.limetransit.com due to 
setup networks failure., code 9000: Failed to verify Power Management 
configuration for Host h1-mgmt.limetransit.com.,    code 10802: VDSM 
h1-mgmt.limetransit.com command HostSetupNetworksVDS failed: Internal 
JSON-RPC error: {'reason': 'Unexpected failure of libnm when running the 
mainloop: run execution'},   fix accordingly and re-deploy."}


Looking in vdsm.log I find this which I believe is the root cause:

MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,897::supervdsm_server::93::SuperVdsm.ServerCallback::(wrapper) 
call setupNetworks with ({'ovirtmgmt': {'vlan': '4000', 'netmask': 
'255.255.255.0', 'ipv6autoconf': False,
'nic': 'enp4s0', 'bridged': 'true', 'ipaddr': '172.27.1.1', 
'defaultRoute': True, 'dhcpv6': False, 'STP': 'no', 'mtu': 1500, 
'switch': 'legacy'}}, {}, {'connectivityTimeout': 120, 
'commitOnSuccess': True, 'connectivityCh

eck': 'true'}) {}
MainProcess|jsonrpc/0::INFO::2020-09-02 
16:38:25,897::api::220::root::(setupNetworks) Setting up network 
according to configuration: networks:{'ovirtmgmt': {'vlan': '4000', 
'netmask': '255.255.255.0', 'ipv6autoconf': Fal
se, 'nic': 'enp4s0', 'bridged': 'true', 'ipaddr': '172.27.1.1', 
'defaultRoute': True, 'dhcpv6': False, 'STP': 'no', 'mtu': 1500, 
'switch': 'legacy'}}, bondings:{}, options:{'connectivityTimeout': 120, 
'commitOnSuccess':

True, 'connectivityCheck': 'true'}
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,902::cmdutils::130::root::(exec_cmd) /sbin/tc qdisc show (cwd None)
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,906::cmdutils::138::root::(exec_cmd) SUCCESS:  = b'';  = 0
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,945::vsctl::74::root::(commit) Executing commands: 
/usr/bin/ovs-vsctl --timeout=5 --oneline --format=json -- list Bridge -- 
list Port -- list Interface
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,945::cmdutils::130::root::(exec_cmd) /usr/bin/ovs-vsctl 
--timeout=5 --oneline --format=json -- list Bridge -- list Port -- list 
Interface (cwd None)
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,952::cmdutils::138::root::(exec_cmd) SUCCESS:  = b'';  = 0
MainProcess|jsonrpc/0::INFO::2020-09-02 
16:38:25,957::netconfpersistence::58::root::(setNetwork) Adding network 
ovirtmgmt({'vlan': 4000, 'netmask': '255.255.255.0', 'ipv6autoconf': 
False, 'nic': 'enp4s0', 'bridged': True
, 'ipaddr': '172.27.1.1', 'defaultRoute': True, 'dhcpv6': False, 'mtu': 
1500, 'switch': 'legacy', 'stp': False, 'bootproto': 'none', 
'nameservers': ['213.133.98.98']})
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:25,958::commands::153::common.commands::(start) /usr/bin/taskset 
--cpu-list 0-7 /usr/libexec/vdsm/hooks/before_network_setup/50_fcoe (cwd 
None)
MainProcess|jsonrpc/0::INFO::2020-09-02 
16:38:26,154::hooks::122::root::(_runHooksDir) 
/usr/libexec/vdsm/hooks/before_network_setup/50_fcoe: rc=0 err=b''
MainProcess|jsonrpc/0::INFO::2020-09-02 
16:38:26,155::configurator::195::root::(_setup_nmstate) Processing setup 
through nmstate
MainProcess|jsonrpc/0::INFO::2020-09-02 
16:38:26,175::configurator::197::root::(_setup_nmstate) Desired state: 
{'interfaces': [{'name': 'enp4s0', 'state': 'up', 'mtu': 1500}, {'vlan': 
{'id': 4000, 'base-iface': 'enp4s0'}
, 'name': 'enp4s0.4000', 'type': 'vlan', 'state': 'up', 'mtu': 1500, 
'ipv4': {'enabled': False}, 'ipv6': {'enabled': False}}, {'name': 
'ovirtmgmt', 'type': 'linux-bridge', 'state': 'up', 'mtu': 1500, 
'bridge': {'port': [
{'name': 'enp4s0.4000'}], 'options': {'stp': {'enabled': False}}}, 
'ipv4': {'enabled': True, 'address': [{'ip': '172.27.1.1', 
'prefix-length': 24}], 'dhcp': False}, 'ipv6': {'enabled': False}}], 
'dns-resolver': {'config'

: {'server': ['213.133.98.98']}}}
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:26,217::checkpoint::121::root::(create) Checkpoint 
/org/freedesktop/NetworkManager/Checkpoint/1 created for all devices: 60
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:26,218::netapplier::239::root::(_add_interfaces) Adding new 
interfaces: ['ovirtmgmt']
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:26,221::netapplier::251::root::(_edit_interfaces) Editing 
interfaces: ['enp4s0.4000', 'enp4s0']
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:26,224::nmclient::136::root::(execute_next_action) Executing NM 
action: func=add_connection_async
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:26,231::connection::329::root::(_add_connection_callback) 
Connection adding succeeded: dev=ovirtmgmt
MainProcess|jsonrpc/0::DEBUG::2020-09-02 
16:38:26,232::nmclient::136::root::(execute_next_action) Executing NM 
action: 

[ovirt-users] Re: Unable to start VM on host with OVS networking

[Sverker Abrahamsson]

In my setup the reason why I attempted to use OVS/OVN is that I 
(currently) have two hosts in a data center (Hetzner) which does not 
have a common subnet. Each of these hosts have one public IPv4 address.


Because of that I want the ovirt networks to be on private ip ranges and 
they do not correspond to any physical network interfaces. I've been 
able to work around that by making dummy interfaces visible for vdsm to 
which it can bind the ovirtmgmt bridge.


It also means that I need to connect the obirtmgmt bridges on the two 
hosts with tunnels. With OVS I can set that up manually and it works 
great, issue is that vdsm wants to control the network interfaces and 
creates an OVS bridge with random name to attach ovirtmgmt port to, 
hence I have no convenient way to connect these bridges. I could put a 
hook in after_network_setup to create tunnels, but I suppose the OVS 
bridges needs to have the same name on both sides.


I want to use ovirt for a test environment with quite complex network, 
hence why OVN is desired to be able to set it up virtual.


With OVN + physnet as you describe it I assume I should get the desired 
functionality as ovirtmgmt needs to be present on all hosts. Since you 
disabled changing switch type in engine gui I changed it in db, don't 
know if anything more is needed, and in the vdsm persistent file. On 
vdsm level that works fine, the OVS bridge with random name is created 
with ovirtmgmt port, but as you write since 4.2.3 it no longer creates 
the port for hosted engine on the OVS bridge. I worked around that with 
a hook script that add the missing elements to interface section of the 
vm xml.


My understanding is that for OVN+physnet then OVS switch is needed but 
doesn't then the ovirtmgmt port has to be on an OVS bridge? If so then 
hosted engine must be able to connect it's port to the same bridge.


Next concern is where should the OVN databases be? With hosted-engine 
setup they are created on the vm which seems like a chicken and the egg 
issue to me as how could the hosts where ovn-controller runs be able to 
connect to db before the vm has started? In my setup the vm only have 
private address which means the other host is not able to reach ovn 
database until the virtual network has established.


Therefore I created OVN databases on one of the hosts, and configured 
with ssl cert/keys so that they are able to communicate fine. I 
configured ovirt-provider-ovn running on hosted engine vm to connect to 
the db host but even when ovn-remote is set to the correct address on 
the host the requests from ovirt-provider-ovn towards port 6641 still 
goes to the engine vm.


Are there any additional steps that is needed to take?

/Sverker


Den 2018-05-25 kl. 17:41, skrev Dan Kenigsberg:

I believe the user community deserves a little background for this
decision. OVS has been "experimental" since ovirt-4.0.z with migration
disabled by default. We were not aware of huge benefits it had
over the default Linux bridge, and did not expect people to be using
it in important deployments.

I would love to hear your experience regarding our OVS support, and
why you have chosen it.

In ovirt-4.2.0, the way in which VM libvirt definition is built has
changed considerably, and takes place in ovirt-engine, not in vdsm.
The vdsm code that supports OVS connectivity was disabled in
ovirt-4.2.3 which means that indeed, the experimental OVS feature is
no longer available for direct usage (unless you still use cluster
compatibility level 4.1)

However, as Thomas Davis explains, with OVN + physnet, ovirt-4.2 gives
you a matching functionality, including live migration out-of-the-box.
OVS switchtype was upgraded from "experimental" to "tech-preview". I'd
like to drop the advisory altogether, but we keep it because we still
have bugs and
missing features comparing to Linux bridge clusters.

We've blocked changing the switchtype of existing clusters because
this functionality is buggy (particularly on the SPM host), and as of
ovirt-4.2, we do not have code to support live migration from a Linux
bridge host to an OVS one. Only cold migration is possible. We kept it
open over REST to allow testing and bugfixes to that flow, as well as
usage by careful users.

Thanks for using oVirt and its new features, and for engaging with the
community.

Regards,
Dan.

On Tue, May 22, 2018 at 9:20 PM,   wrote:

The answer is..

OVN replaced OVS as the networking technology.  You cannot switch back to 
legacy, they disabled switching between ovs and legacy in the default (1st) 
datacenter using the gui.  You can however, use Ansible to switch it.

Remove the VDSM ovs setting, it will just mess you up, and it's not supported 
in 4.2

To able to migrate a VM in 4.2, you have use OVN with OVS.

I did this a few months back, on a 4.2.2 hosted-engine setup:

0) To setup a node in a cluster, make sure the cluster is in OVS, not
legacy.

1) Make sure you have an OVN controller setup somewhere. 

[ovirt-users] Re: Unable to start VM on host with OVS networking

[Sverker Abrahamsson]

Hi Jonathan,
it seems somewhat similar to what I've been struggeling with. I've 
worked around it with a hook script until someone can explain from where 
it should discover that the interface should be created on an ovs 
bridge. Look at the thread with topic "hosted engine with openvswitch".


/Sverker


Den 2018-05-17 kl. 22:09, skrev Jonathan Dieter:

I have a production ovirt setup that's gone through multiple updates over the 
years.  At some point when 4.0 or 4.1 came out, I switched from legacy 
networking to OVS, and everything worked perfectly until I upgraded to 4.2.  
Since I upgraded to 4.2, I've been getting messages that the networks were all 
out of sync, but everything continued working properly.

Today I tracked down the network sync problem, fixed it on one of my three hosts, and 
then attempted to start a VM on the host.  It refused to start with the error message: 
"Unable to add bridge ovirtmgmt port vnet0: Operation not supported".  From 
what I can tell, the xml being generated is still for the old legacy network.  I 
completely reinstalled the node, using the latest 4.2.3 node ISO image, and it still 
doesn't work.

In the cluster, the switch type is "OVS (Experimental)" (and this option can't be 
changed, apparently), the compatibility version is 4.2, the firewall type is firewalld and there's 
no "Default Network Provider".

I suspect that my upgrades have somehow left my system in half OVS/half legacy 
mode, but I'm not sure how to move it all the way to OVS mode and I don't want 
to mess with the other two hosts until I'm sure I've got it figured out.

My (compressed) vdsm.log is at https://www.lesbg.com/jdieter/vdsm.log.xz and my 
(compressed) supervdsm.log is at https://www.lesbg.com/jdieter/supervdsm.log.xz.

If anyone could point me in the right direction to get this fixed, I'd sure 
appreciate it.

Jonathan
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org

[ovirt-users] Re: hosted engine with openvswitch

[Sverker Abrahamsson]

Hi
I've been able to work around this issue by adding a hook which checks 
if the ovirtmgmt interface is a port on a ovs switch and if so add the 
correct data to interface element. I added this to before_device_create 
and before_nic_hotplug folders, it works as far as bringing the hosted 
engine up, but resyncing host network from engine side makes it loose 
the connection.


/Sverker


Den 2018-05-14 kl. 10:12, skrev Sverker Abrahamsson:


Apparently the logs were too big for the mailing list, but should have 
been received by Petr and Dominik. Let me know if not.


What it boils down to, I think, is that the xml sent to libvirt does 
not have the correct data for openvswitch in interface element, see 
snippet below.


The question is, where should that be set?

What I actually want to reach is to have ovirtmgmt network on OVN 
according to this description 
"https://gist.github.com/phoracek/ebbd9a6bcfcb14d88f6b463c8dccb27b; so 
it might be an unnecessary step to get it to work with OVS switch but 
the content of interface element in xml sent to libvirt is similar so 
I think an understanding of where it comes from is necessary to 
troubleshoot that (if needed).


/Sverker

Den 2018-05-13 kl. 00:23, skrev Sverker Abrahamsson:
Sure, they are attached. The attempt to start the hosted engine vm 
occurs at 14:29:42


Best regards
Sverker

Den 2018-05-11 kl. 13:39, skrev Petr Horacek:

Hi,

would you mind sharing the whole vdsm.log and supervdsm.log?

Thanks,
Petr

2018-05-10 22:48 GMT+02:00 Sverker Abrahamsson 
<sver...@abrahamsson.com <mailto:sver...@abrahamsson.com>>:


Hi Dominik

Den 2018-05-10 kl. 22:08, skrev Dominik Holler:

On Thu, 10 May 2018 19:15:07 +0200
Sverker Abrahamsson <sver...@abrahamsson.com
<mailto:sver...@abrahamsson.com>> wrote:

Hi
I have a problem with running hosted engine with
openvswitch. I have

Which version of oVirt?

Ovirt version is 4.2.3.5, vdsm version 4.20.27

How do you configured hosted engine to use openvswitch?
Did you follow the steps in
https://lists.ovirt.org/pipermail/users/2017-March/080748.html
<https://lists.ovirt.org/pipermail/users/2017-March/080748.html>
?

I've followed the same steps as outlined in that mail just that
I found it when I started to troubleshoot.

one cluster where the ovirt engine runs on the host,
there it works

What is the switch type of this cluster?

OVS

and when starting a vm the interface definition looks
like this:

      
      
      
      
      
      
      
      

Where do you pick up this xml?

From vdsm.log when the vm is created

The xml for that vm as fetched from vdsm does not
contain virtualport

Where do you pick up this xml, maybe from a logfile or virsh?

 vdsm-client VM getInfo vmID=3efc0421-5ad5-4a04-9a0e-30bd8822b299

tag nor does it use the correct bridge, it looks like this:


      
      
      
      
      
      
      


I.e. somewhere the definition is modified to contain the
correct data
to work with openvswitch

On the other cluster where I try to run hosted engine I
don't get the

What is the switch type of this cluster?

In the engine it's set to OVS, but at this point it hasn't
started yet. Does the host have that setting somewhere?

above behaviour. When the engine vm starts the interface
settings are
not modified to use the bridge in openvswitch, with the
result that
the vm fails to start:

Can you share the error message from engine.log and
vdsm.log, and maybe
supervdsm.log?

These are the error messages when vm fails to start, but it's
caused by the interface element does not contain virtualport nor
the correct bridge.

vdsm.log:
2018-05-10 22:45:30,562+0200 ERROR (vm/f222c92f) [virt.vm]
(vmId='f222c92f-91af-4d1c-860d-c2b406211496') The vm start
process failed (vm:943)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line
872, in _startUnderlyingVm
    self._run()
  File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line
2872, in _run
    dom.createWithFlags(flags)
  File
"/usr/lib/python2.7/site-packages/vdsm/common/libvirtconnection.py",
line 130, in wrapper
    ret = f(*args, **kwargs)
  File
"/usr/lib/python2.7/site-packages/vdsm/common

[ovirt-users] Re: Fwd: Re: Re: hosted engine with openvswitch

[Sverker Abrahamsson]

Apparently the logs were too big for the mailing list, but should have 
been received by Petr and Dominik. Let me know if not.


What it boils down to, I think, is that the xml sent to libvirt does not 
have the correct data for openvswitch in interface element, see snippet 
below.


The question is, where should that be set?

What I actually want to reach is to have ovirtmgmt network on OVN 
according to this description 
"https://gist.github.com/phoracek/ebbd9a6bcfcb14d88f6b463c8dccb27b; so 
it might be an unnecessary step to get it to work with OVS switch but 
the content of interface element in xml sent to libvirt is similar so I 
think an understanding of where it comes from is necessary to 
troubleshoot that (if needed).


/Sverker

Den 2018-05-13 kl. 00:23, skrev Sverker Abrahamsson:
Sure, they are attached. The attempt to start the hosted engine vm 
occurs at 14:29:42


Best regards
Sverker

Den 2018-05-11 kl. 13:39, skrev Petr Horacek:

Hi,

would you mind sharing the whole vdsm.log and supervdsm.log?

Thanks,
Petr

2018-05-10 22:48 GMT+02:00 Sverker Abrahamsson 
<sver...@abrahamsson.com <mailto:sver...@abrahamsson.com>>:


Hi Dominik

Den 2018-05-10 kl. 22:08, skrev Dominik Holler:

On Thu, 10 May 2018 19:15:07 +0200
Sverker Abrahamsson <sver...@abrahamsson.com
<mailto:sver...@abrahamsson.com>> wrote:

Hi
I have a problem with running hosted engine with
openvswitch. I have

Which version of oVirt?

Ovirt version is 4.2.3.5, vdsm version 4.20.27

How do you configured hosted engine to use openvswitch?
Did you follow the steps in
https://lists.ovirt.org/pipermail/users/2017-March/080748.html
<https://lists.ovirt.org/pipermail/users/2017-March/080748.html>
?

I've followed the same steps as outlined in that mail just that I
found it when I started to troubleshoot.

one cluster where the ovirt engine runs on the host,
there it works

What is the switch type of this cluster?

OVS

and when starting a vm the interface definition looks
like this:

      
      
      
      
      
      
      
      

Where do you pick up this xml?

From vdsm.log when the vm is created

The xml for that vm as fetched from vdsm does not contain
virtualport

Where do you pick up this xml, maybe from a logfile or virsh?

 vdsm-client VM getInfo vmID=3efc0421-5ad5-4a04-9a0e-30bd8822b299

tag nor does it use the correct bridge, it looks like this:


      
      
      
      
      
      
      


I.e. somewhere the definition is modified to contain the
correct data
to work with openvswitch

On the other cluster where I try to run hosted engine I
don't get the

What is the switch type of this cluster?

In the engine it's set to OVS, but at this point it hasn't
started yet. Does the host have that setting somewhere?

above behaviour. When the engine vm starts the interface
settings are
not modified to use the bridge in openvswitch, with the
result that
the vm fails to start:

Can you share the error message from engine.log and vdsm.log,
and maybe
supervdsm.log?

These are the error messages when vm fails to start, but it's
caused by the interface element does not contain virtualport nor
the correct bridge.

vdsm.log:
2018-05-10 22:45:30,562+0200 ERROR (vm/f222c92f) [virt.vm]
(vmId='f222c92f-91af-4d1c-860d-c2b406211496') The vm start
process failed (vm:943)
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line
872, in _startUnderlyingVm
    self._run()
  File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line
2872, in _run
    dom.createWithFlags(flags)
  File
"/usr/lib/python2.7/site-packages/vdsm/common/libvirtconnection.py",
line 130, in wrapper
    ret = f(*args, **kwargs)
  File
"/usr/lib/python2.7/site-packages/vdsm/common/function.py", line
92, in wrapper
    return func(inst, *args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/libvirt.py", line
1099, in createWithFlags
    if ret == -1: raise libvirtError ('virDomainCreateWithFlags()
failed', dom=self)
libvirtError: Unable to add bridge ovirtmgmt port vnet0:
Operation not supported
2018-05-10 22:45:30,562+0200 INFO  (vm/f222c92f) [virt.vm]
(vmId='f

[ovirt-users] Re: hosted engine with openvswitch

[Sverker Abrahamsson]

Hi Dominik

Den 2018-05-10 kl. 22:08, skrev Dominik Holler:


On Thu, 10 May 2018 19:15:07 +0200
Sverker Abrahamsson <sver...@abrahamsson.com> wrote:


Hi
I have a problem with running hosted engine with openvswitch. I have

Which version of oVirt?

Ovirt version is 4.2.3.5, vdsm version 4.20.27

How do you configured hosted engine to use openvswitch?
Did you follow the steps in
https://lists.ovirt.org/pipermail/users/2017-March/080748.html
?
I've followed the same steps as outlined in that mail just that I found 
it when I started to troubleshoot.

one cluster where the ovirt engine runs on the host, there it works

What is the switch type of this cluster?

OVS

and when starting a vm the interface definition looks like this:

      
      
      
      
      
      
      
      


Where do you pick up this xml?

From vdsm.log when the vm is created

The xml for that vm as fetched from vdsm does not contain virtualport

Where do you pick up this xml, maybe from a logfile or virsh?

 vdsm-client VM getInfo vmID=3efc0421-5ad5-4a04-9a0e-30bd8822b299

tag nor does it use the correct bridge, it looks like this:


      
      
      
      
      
      
      


I.e. somewhere the definition is modified to contain the correct data
to work with openvswitch

On the other cluster where I try to run hosted engine I don't get the

What is the switch type of this cluster?
In the engine it's set to OVS, but at this point it hasn't started yet. 
Does the host have that setting somewhere?



above behaviour. When the engine vm starts the interface settings are
not modified to use the bridge in openvswitch, with the result that
the vm fails to start:


Can you share the error message from engine.log and vdsm.log, and maybe
supervdsm.log?
These are the error messages when vm fails to start, but it's caused by 
the interface element does not contain virtualport nor the correct bridge.


vdsm.log:
2018-05-10 22:45:30,562+0200 ERROR (vm/f222c92f) [virt.vm] 
(vmId='f222c92f-91af-4d1c-860d-c2b406211496') The vm start process 
failed (vm:943)

Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line 872, in 
_startUnderlyingVm

    self._run()
  File "/usr/lib/python2.7/site-packages/vdsm/virt/vm.py", line 2872, 
in _run

    dom.createWithFlags(flags)
  File 
"/usr/lib/python2.7/site-packages/vdsm/common/libvirtconnection.py", 
line 130, in wrapper

    ret = f(*args, **kwargs)
  File "/usr/lib/python2.7/site-packages/vdsm/common/function.py", line 
92, in wrapper

    return func(inst, *args, **kwargs)
  File "/usr/lib64/python2.7/site-packages/libvirt.py", line 1099, in 
createWithFlags
    if ret == -1: raise libvirtError ('virDomainCreateWithFlags() 
failed', dom=self)
libvirtError: Unable to add bridge ovirtmgmt port vnet0: Operation not 
supported
2018-05-10 22:45:30,562+0200 INFO  (vm/f222c92f) [virt.vm] 
(vmId='f222c92f-91af-4d1c-860d-c2b406211496') Changed state to Down: 
Unable to add bridge ovirtmgmt port vnet0: Operation not supported (code=1)

(vm:1683)
2018-05-10 22:45:30,604+0200 INFO  (vm/f222c92f) [virt.vm] 
(vmId='f222c92f-91af-4d1c-860d-c2b406211496') Stopping connection 
(guestagent:438)


It's the hosted engine vm that fails to start, hence I don't have any 
engine.log and supervdsm.log doesn't contain anything about this



      
      
      
      
      
      
      
      
      
      

Last login: Thu May 10 16:23:48 2018 from 172.27.1.32
[root@h2 ~]# ovs-vsctl show
dfcf7463-ce51-4115-9a3a-ecab9efa8146
      Bridge "vdsmbr_H91hH5sG"
      Port "vdsmbr_H91hH5sG"
      Interface "vdsmbr_H91hH5sG"
      type: internal
      Port ovirtmgmt
      Interface ovirtmgmt
      type: internal
      Port "dummy0"
      Interface "dummy0"
      ovs_version: "2.9.0"

I assumed first there is a hook that make the needed change, but the
only hooks I can find that mentions openvswitch are
ovirt_provider_ovn_hook and 50_openstacknet but both those would set
the source bridge to br-int and not look up the dynamic name of the
bridge as created by vdsm.

One special thing about the host where I try to run hosted engine is
that the there is a dummy port since otherwise I couldn't get vdsm to
create the bridge, but that shouldn't affect changing the interface
definition for the vm.

Where should I look next?
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org

[ovirt-users] hosted engine with openvswitch

[Sverker Abrahamsson]

Hi
I have a problem with running hosted engine with openvswitch. I have one 
cluster where the ovirt engine runs on the host, there it works and when 
starting a vm the interface definition looks like this:


    
    slot="0x03" type="pci" />

    
    
    
    
    
    

The xml for that vm as fetched from vdsm does not contain virtualport 
tag nor does it use the correct bridge, it looks like this:



    
    
    
    type="pci"/>

    
    
    


I.e. somewhere the definition is modified to contain the correct data to 
work with openvswitch


On the other cluster where I try to run hosted engine I don't get the 
above behaviour. When the engine vm starts the interface settings are 
not modified to use the bridge in openvswitch, with the result that the 
vm fails to start:


    
    
    
    
    
    slot="0x03" type="pci"/>

    
    
    
    

Last login: Thu May 10 16:23:48 2018 from 172.27.1.32
[root@h2 ~]# ovs-vsctl show
dfcf7463-ce51-4115-9a3a-ecab9efa8146
    Bridge "vdsmbr_H91hH5sG"
    Port "vdsmbr_H91hH5sG"
    Interface "vdsmbr_H91hH5sG"
    type: internal
    Port ovirtmgmt
    Interface ovirtmgmt
    type: internal
    Port "dummy0"
    Interface "dummy0"
    ovs_version: "2.9.0"

I assumed first there is a hook that make the needed change, but the 
only hooks I can find that mentions openvswitch are 
ovirt_provider_ovn_hook and 50_openstacknet but both those would set the 
source bridge to br-int and not look up the dynamic name of the bridge 
as created by vdsm.


One special thing about the host where I try to run hosted engine is 
that the there is a dummy port since otherwise I couldn't get vdsm to 
create the bridge, but that shouldn't affect changing the interface 
definition for the vm.


Where should I look next?
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org

Re: [ovirt-users] Network interface persistence

[Sverker Abrahamsson]

This discussion seems relevant:
https://access.redhat.com/discussions/916973

For my CentOS machines there are various alternatives described here 
which should work, but what to do about my debian-based appliance where 
I can't get access enough to edit such things? I then need to be able to 
set up a consistent naming from the virtual bios.


If it matters the switch type used is OVS.
/Sverker

Den 2018-03-26 kl. 13:41, skrev Sverker Abrahamsson:
I have a number of vm's running under Ovirt 4.2, most are CentOS 7 and 
one Debian. Issue is that when multiple network interfaces are 
assigned they don't persist but it variates at boot which interface 
will be which.


I've tried various methods, setting UUID and HWADDRESS in the ifcfg 
file and a file /etc/udev/rules.d/70-persistent-net.rules file like 
the below:


SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", 
ATTR{address}=="00:1a:4a:16:01:63", KERNEL=="eth*", NAME="eth0"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", 
ATTR{address}=="00:1a:4a:16:01:6d", KERNEL=="eth*", NAME="eth1"


I've also tried in the gui to change the network profile each virtual 
card is attached, but even then the interfaces in vm will be oposide 
of what I had intended.


How to accomplish with Ovirt to get network interface persistence? The 
Debian vm is an appliance so I can't log in to it to change network 
interfaces.


/Sverker

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Error during SSO authentication Cannot authenticate user 'admin@internal'

[Sverker Abrahamsson]

Since upgrading my test lab to ovirt 4.2 I can't get ovirt-provider-ovn 
to work. From ovirt-provider-ovn.log:


2017-11-14 00:40:15,795   Request: POST : /v2.0///tokens
2017-11-14 00:40:15,795   Request body:
{
  "auth" : {
    "passwordCredentials" : {
  "username" : "admin@internal",
  "password" : "x"
    }
  }
}
2017-11-14 00:40:15,819   Starting new HTTPS connection (1): h2-int
2017-11-14 00:40:20,829   "POST /ovirt-engine/sso/oauth/token HTTP/1.1" 
400 118
2017-11-14 00:40:20,830   Error during SSO authentication Cannot 
authenticate user 'admin@internal': The username or password is 
incorrect.. : access_deniedNone

Traceback (most recent call last):
  File "/usr/share/ovirt-provider-ovn/handlers/base_handler.py", line 
119, in _handle_request

    method, path_parts, content)
  File "/usr/share/ovirt-provider-ovn/handlers/selecting_handler.py", 
line 177, in handle_request

    handler, content, parameters
  File "/usr/share/ovirt-provider-ovn/handlers/keystone.py", line 28, 
in call_response_handler

    return response_handler(content, parameters)
  File "/usr/share/ovirt-provider-ovn/handlers/keystone_responses.py", 
line 58, in post_tokens

    user_password=user_password)
  File "/usr/share/ovirt-provider-ovn/auth/plugin_facade.py", line 26, 
in create_token

    return auth.core.plugin.create_token(user_at_domain, user_password)
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/plugin.py", 
line 48, in create_token

    timeout=self._timeout())
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 
62, in create_token

    username, password, engine_url, ca_file, timeout)
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 
54, in wrapper

    _check_for_error(response)
  File "/usr/share/ovirt-provider-ovn/auth/plugins/ovirt/sso.py", line 
168, in _check_for_error

    result['error'], details))
Unauthorized: Error during SSO authentication Cannot authenticate user 
'admin@internal': The username or password is incorrect.. : 
access_deniedNone


And in engine.log:

2017-11-14 00:40:20,828+01 ERROR 
[org.ovirt.engine.core.sso.utils.SsoUtils] (default task-16) [] 
OAuthException access_denied: Cannot authenticate user 'admin@internal': 
The username or password is incorrect..


The password in the request is the same as used to log in to the admin 
portal and works fine there.


/Sverker

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] engine upgrade 3.5 -> 4.1.1

[Sverker Abrahamsson]

Hi Simone.
I get the following result:
# sudo -u postgres psql engine -c "SELECT vm_guid, run_on_vds FROM vms 
WHERE vm_name in (select 'HostedEngine' union select option_value from 
vdc_options where option_name='HostedEngineVmName')"

could not change directory to "/root"
   vm_guid| run_on_vds
--+
 4e4df6ea-ea01-465b-9424-4436aa24cec0 |
(1 row)

/Sverker


Den 2017-04-28 kl. 10:32, skrev Simone Tiraboschi:


On Thu, Apr 27, 2017 at 9:27 PM, Sverker Abrahamsson 
<sver...@abrahamsson.com <mailto:sver...@abrahamsson.com>> wrote:


Hi
I upgraded an old ovirt installation from 3.5 to latest version,
but end up with this error message when running engine-setup:

[ INFO  ] Stage: Setup validation
[ ERROR ] It seems that you are running your engine inside of the
hosted-engine VM and are not in "Global Maintenance" mode. In that
case you should put the system into the "Global Maintenance" mode
before running engine-setup, or the hosted-engine HA agent might
kill the machine, which might corrupt your data.
[ ERROR ] Failed to execute stage 'Setup validation': Hosted
Engine setup detected, but Global Maintenance is not set.

This is not a hosted engine, so why does it think so? How can I
get it past this step?


Hi Sverker,
could you please share the output of:
  sudo -u postgres psql engine -c "SELECT vm_guid, run_on_vds FROM vms 
WHERE vm_name in (select 'HostedEngine' union select option_value from 
vdc_options where option_name='HostedEngineVmName')"


thanks


Best regards
/Sverker

___
Users mailing list
Users@ovirt.org <mailto:Users@ovirt.org>
http://lists.ovirt.org/mailman/listinfo/users
<http://lists.ovirt.org/mailman/listinfo/users>




___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] engine upgrade 3.5 -> 4.1.1

[Sverker Abrahamsson]

Hi
I upgraded an old ovirt installation from 3.5 to latest version, but end 
up with this error message when running engine-setup:


[ INFO  ] Stage: Setup validation
[ ERROR ] It seems that you are running your engine inside of the 
hosted-engine VM and are not in "Global Maintenance" mode. In that case 
you should put the system into the "Global Maintenance" mode before 
running engine-setup, or the hosted-engine HA agent might kill the 
machine, which might corrupt your data.
[ ERROR ] Failed to execute stage 'Setup validation': Hosted Engine 
setup detected, but Global Maintenance is not set.


This is not a hosted engine, so why does it think so? How can I get it 
past this step?


Best regards
/Sverker

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

I've followed the instructions to best effort, so hopefully it's right..


Den 2017-01-13 kl. 10:31, skrev Marcin Mirecki:

Please push the patch into: https://gerrit.ovirt.org/ovirt-provider-ovn
(let me know if you need some directions)



- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Monday, January 9, 2017 1:45:37 PM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

Ok, found it. The issue is right here:

  
  
  
  
  
  
  
  
  
  
  
  

There are two elements for virtualport, the first without id and the
second with. On h2 I had fixed this which was the patch I posted earlier
although I switched back to use br-int after understanding that was the
correct way. When that hook was copied to h1 the port gets attached fine.

Patch with updated testcase attached.

/Sverker


Den 2017-01-09 kl. 10:41, skrev Sverker Abrahamsson:

This is the content of vdsm.log on h1 at this time:

2017-01-06 20:54:12,636 INFO  (jsonrpc/7) [jsonrpc.JsonRpcServer] RPC
call VM.create succeeded in 0.01 seconds (__init__:515)
2017-01-06 20:54:12,636 INFO  (vm/6dd5291e) [virt.vm]
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') VM wrapper has started
(vm:1901)
2017-01-06 20:54:12,636 INFO  (vm/6dd5291e) [vds] prepared volume
path:
/rhev/data-center/mnt/h2-int.limetransit.com:_var_lib_exports_iso/1d49c4bc-0fec-4503-a583-d476fa3a370d/images/----/CentOS-7-x86_64-NetInstall-1611.iso
(clientIF:374)
2017-01-06 20:54:12,743 INFO  (vm/6dd5291e) [root]  (hooks:108)
2017-01-06 20:54:12,847 INFO  (vm/6dd5291e) [root]  (hooks:108)
2017-01-06 20:54:12,863 INFO  (vm/6dd5291e) [virt.vm]
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') 
http://ovirt.org/vm/tune/1.0; type="kvm">
 CentOS7_3
 6dd5291e-6556-4d29-8b4e-ea896e627645
 1048576
 1048576
 4294967296
 16
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 hvm
 
 
 
 
 
 oVirt
 oVirt Node
 7-3.1611.el7.centos
 62f1adff-b29e-4a7c-abba-c2c4c73248c6
 6dd5291e-6556-4d29-8b4e-ea896e627645
 
 
 
 
 
 
 
 
 
 
 
 SandyBridge
 
 
 
 
 

  (vm:1988)
2017-01-06 20:54:13,046 INFO  (libvirt/events) [virt.vm]
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') CPU running: onResume
(vm:4863)
2017-01-06 20:54:13,058 INFO  (vm/6dd5291e) [virt.vm]
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') Starting connection
(guestagent:245)
2017-01-06 20:54:13,060 INFO  (vm/6dd5291e) [virt.vm]
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') CPU running: domain
initialization (vm:4863)
2017-01-06 20:54:15,154 INFO  (jsonrpc/6) [jsonrpc.JsonRpcServer] RPC
call Host.getVMFullList succeeded in 0.01 seconds (__init__:515)
2017-01-06 20:54:17,571 INFO  (periodic/2) [dispatcher] Run and
protect: getVolumeSize(sdUUID=u'2ee54fb8-48f2-4576-8cff-f2346504b08b',
spUUID=u'584ebd64-0268-0193-025b-038e',
imgUUID=u'5a3aae57-ffe0-4a3b-aa87-8461669db7f9',
volUUID=u'b6a88789-fcb1-4d3e-911b-2a4d3b6c69c7', options=None)
(logUtils:49)
2017-01-06 20:54:17,573 INFO  (periodic/2) [dispatcher] Run and
protect: getVolumeSize, Return response: {'truesize': '1859723264',
'apparentsize': '21474836480'} (logUtils:52)
2017-01-06 20:54:21,211 INFO  (periodic/2) [dispatcher] Run and
protect: repoStats(options=None) (logUtils:49)
2017-01-06 20:54:21,212 INFO  (periodic/2) [dispatcher] Run and
protect: repoStats, Return response:
{u'2ee54fb8-48f2-4576-8cff-f2346504b08b': {'code': 0, 'actual': True,
'version': 3, 'acquired': True, 'delay': '0.000936552', 'lastCheck':
'1.4', 'valid': True}, u'1d49c4bc-0fec-4503-a583-d476fa3a370d':
{'code': 0, 'actual': True, 'version': 0, 'acquired': True, 'delay':
'0.000960248', 'lastCheck': '1.4', 'valid': True}} (logUtils:52)
2017-01-06 20:54:23,543 INFO  (jsonrpc/2) [jsonrpc.JsonRpcServer] RPC
call Host.getAllVmStats succeeded in 0.00 seconds (__init__:515)
2017-01-06 20:54:23,641 INFO  (jsonrpc/1) [jsonrpc.JsonRpcServer] RPC
call Host.getAllV

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Ok, found it. The issue is right here:










interfaceid="912cba79-982e-4a87-868e-241fedccb59a" />




There are two elements for virtualport, the first without id and the 
second with. On h2 I had fixed this which was the patch I posted earlier 
although I switched back to use br-int after understanding that was the 
correct way. When that hook was copied to h1 the port gets attached fine.


Patch with updated testcase attached.

/Sverker


Den 2017-01-09 kl. 10:41, skrev Sverker Abrahamsson:

This is the content of vdsm.log on h1 at this time:

2017-01-06 20:54:12,636 INFO  (jsonrpc/7) [jsonrpc.JsonRpcServer] RPC 
call VM.create succeeded in 0.01 seconds (__init__:515)
2017-01-06 20:54:12,636 INFO  (vm/6dd5291e) [virt.vm] 
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') VM wrapper has started 
(vm:1901)
2017-01-06 20:54:12,636 INFO  (vm/6dd5291e) [vds] prepared volume 
path: 
/rhev/data-center/mnt/h2-int.limetransit.com:_var_lib_exports_iso/1d49c4bc-0fec-4503-a583-d476fa3a370d/images/----/CentOS-7-x86_64-NetInstall-1611.iso 
(clientIF:374)

2017-01-06 20:54:12,743 INFO  (vm/6dd5291e) [root]  (hooks:108)
2017-01-06 20:54:12,847 INFO  (vm/6dd5291e) [root]  (hooks:108)
2017-01-06 20:54:12,863 INFO  (vm/6dd5291e) [virt.vm] 
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') encoding='UTF-8'?>

http://ovirt.org/vm/tune/1.0; type="kvm">
CentOS7_3
6dd5291e-6556-4d29-8b4e-ea896e627645
1048576
1048576
4294967296
16



path="/var/lib/libvirt/qemu/channels/6dd5291e-6556-4d29-8b4e-ea896e627645.com.redhat.rhevm.vdsm" 
/>




path="/var/lib/libvirt/qemu/channels/6dd5291e-6556-4d29-8b4e-ea896e627645.org.qemu.guest_agent.0" 
/>







vram="32768" />


passwdValidTo="1970-01-01T00:00:01" port="-1" tlsPort="-1" type="spice">




















interfaceid="912cba79-982e-4a87-868e-241fedccb59a" />




file="/rhev/data-center/mnt/h2-int.limetransit.com:_var_lib_exports_iso/1d49c4bc-0fec-4503-a583-d476fa3a370d/images/----/CentOS-7-x86_64-NetInstall-1611.iso" 
startupPolicy="optional" />













hvm





oVirt
oVirt Node
7-3.1611.el7.centos
name="serial">62f1adff-b29e-4a7c-abba-c2c4c73248c6
name="uuid">6dd5291e-6556-4d29-8b4e-ea896e627645












SandyBridge






 (vm:1988)
2017-01-06 20:54:13,046 INFO  (libvirt/events) [virt.vm] 
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') CPU running: onResume 
(vm:4863)
2017-01-06 20:54:13,058 INFO  (vm/6dd5291e) [virt.vm] 
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') Starting connection 
(guestagent:245)
2017-01-06 20:54:13,060 INFO  (vm/6dd5291e) [virt.vm] 
(vmId='6dd5291e-6556-4d29-8b4e-ea896e627645') CPU running: domain 
initialization (vm:4863)
2017-01-06 20:54:15,154 INFO  (jsonrpc/6) [jsonrpc.JsonRpcServer] RPC 
call Host.getVMFullList succeeded in 0.01 seconds (__init__:515)
2017-01-06 20:54:17,571 INFO  (periodic/2) [dispatcher] Run and 
protect: getVolumeSize(sdUUID=u'2ee54fb8-48f2-4576-8cff-f2346504b08b', 
spUUID=u'584ebd64-0268-0193-025b-038e', 
imgUUID=u'5a3aae57-ffe0-4a3b-aa87-8461669db7f9', 
volUUID=u'b6a88789-fcb1-4d3e-911b-2a4d3b6c69c7', options=None) 
(logUtils:49)
2017-01-06 20:54:17,573 INFO  (periodic/2) [dispatcher] Run and 
protect: getVolumeSize, Return response: {'truesize': '1859723264', 
'apparentsize': '21474836480'} (logUtils:52)
2017-01-06 20:54:21,211 INFO  (periodic/2) [dispatcher] Run and 
protect: repoStats(options=None) (logUtils:49)
2017-01-06 20:54:21,212 INFO  (periodic/2) [dispatcher] Run and 
protect: repoStats, Return response: 
{u'2ee54fb8-48f2-4576-8cff-f2346504b08b': {'code': 0, 'actual': True, 
'version': 3, 'acquired': True, 'delay': '0.000936552', 'lastCheck': 
'1.4', 'valid': True}, u'1d49c4bc-0fec-4503-a583-d476fa3a370d': 
{'code': 0, 'actual': True, 'version': 0, 'acquired': True, 'delay': 
'0.000960248', 'lastCheck': '1.4', 'valid': True}} (logUtils:52)
2017-01-06 20:54:23,543 INFO  (jsonrpc

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

'version': 0, 'acquired': True, 'delay': '0.000960248', 'lastCheck': 
'2.1', 'valid': True}} (logUtils:52)
2017-01-06 20:54:24,924 INFO  (jsonrpc/0) [jsonrpc.JsonRpcServer] RPC 
call Host.getStats succeeded in 0.01 seconds (__init__:515)


Vdsm and the OVN driver must have been called as the port IS created, 
but with the wrong id. I don't find the faulty id in vdsm.log neither, 
the xml above have the correct id.

/Sverker

Den 2017-01-09 kl. 10:06, skrev Marcin Mirecki:

The port is set up on the host by the ovirt-provider-ovn-driver.
The driver is invoked by the vdsm hook whenever any operation on
the port is done.
Please ensure that this is installed properly.
You can check the vdsm log (/var/log/vdsm/vdsm.log) to see if the
hook was executed properly.


- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Friday, January 6, 2017 9:00:26 PM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

I created a new VM in the ui and assigned it to host h1. In
/var/log/ovirt-provider-ovn.log I get the following:

2017-01-06 20:54:11,940   Request: GET : /v2.0/ports
2017-01-06 20:54:11,940   Connecting to remote ovn database:
tcp:127.0.0.1:6641
2017-01-06 20:54:12,157   Connected (number of retries: 2)
2017-01-06 20:54:12,158   Response code: 200
2017-01-06 20:54:12,158   Response body: {"ports": [{"name":
"4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873", "network_id":
"e53554cf-e553-40a1-8d22-9c8d95ec0601", "device_owner": "oVirt",
"mac_address": "00:1a:4a:16:01:51", "id":
"4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873", "device_id":
"40cd7328-d575-4c3d-b656-9ef9bacc0078"}, {"name":
"92f6d3c8-68b3-4986-9c09-60bee04644b5", "network_id":
"e53554cf-e553-40a1-8d22-9c8d95ec0601", "device_owner": "oVirt",
"mac_address": "00:1a:4a:16:01:52", "id":
"92f6d3c8-68b3-4986-9c09-60bee04644b5", "device_id":
"4baefa8c-3822-4de0-9cd0-1d025bab7844"}]}
2017-01-06 20:54:12,160   Request: SHOW :
/v2.0/networks/e53554cf-e553-40a1-8d22-9c8d95ec0601
2017-01-06 20:54:12,160   Connecting to remote ovn database:
tcp:127.0.0.1:6641
2017-01-06 20:54:12,377   Connected (number of retries: 2)
2017-01-06 20:54:12,378   Response code: 200
2017-01-06 20:54:12,378   Response body: {"network": {"id":
"e53554cf-e553-40a1-8d22-9c8d95ec0601", "name": "ovirtbridge"}}
2017-01-06 20:54:12,380   Request: POST : /v2.0/ports
2017-01-06 20:54:12,380   Request body:
{
"port" : {
  "name" : "nic1",
  "binding:host_id" : "h1.limetransit.com",
  "admin_state_up" : true,
  "device_id" : "e8553a88-05f0-401d-8b9b-5fff77f7bbbe",
  "device_owner" : "oVirt",
  "mac_address" : "00:1a:4a:16:01:54",
  "network_id" : "e53554cf-e553-40a1-8d22-9c8d95ec0601"
}
}
2017-01-06 20:54:12,380   Connecting to remote ovn database:
tcp:127.0.0.1:6641
2017-01-06 20:54:12,610   Connected (number of retries: 2)
2017-01-06 20:54:12,614   Response code: 200
2017-01-06 20:54:12,614   Response body: {"port": {"name":
"912cba79-982e-4a87-868e-241fedccb59a", "network_id":
"e53554cf-e553-40a1-8d22-9c8d95ec0601", "device_owner": "oVirt",
"mac_address": "00:1a:4a:16:01:54", "id":
"912cba79-982e-4a87-868e-241fedccb59a", "device_id":
"e8553a88-05f0-401d-8b9b-5fff77f7bbbe"}}

h1:/var/log/messages
Jan  6 20:54:12 h1 ovs-vsctl: ovs|1|vsctl|INFO|Called as ovs-vsctl
--timeout=5 -- --if-exists del-port vnet1 -- add-port br-int vnet1 --
set Interface vnet1 "external-ids:attached-mac=\"00:1a:4a:16:01:54\"" --
set Interface vnet1
"external-ids:iface-id=\"20388407-0f76-41d8-97aa-8e2b5978f908\"" -- set
Interface vnet1
"external-ids:vm-id=\"6dd5291e-6556-4d29-8b4e-ea896e627645\"" -- set
Interface vnet1 external-ids:iface-status=active

[root@h2 ~]# ovn-nbctl show
  switch e53554cf-e553-40a1-8d22-9c8d95ec0601 (ovirtbridge)
  port 4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873
  addresses: ["00:1a:4a:16:01:51"]
  port 912cba79-982e-4a87-868e-241fedccb59a
  addresses: ["00:1a:4a:16:01:54"]
      port 92f6d3c8-68b3-4986-9c09-60bee04644b5
  addresses: ["00:1a:4a:16:01:52"]
  port ovirtbridge-port2
  addresses: ["unknown"]
  port ovirtbridge-port1
  addresses: ["

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

I created a new VM in the ui and assigned it to host h1. In 
/var/log/ovirt-provider-ovn.log I get the following:


2017-01-06 20:54:11,940   Request: GET : /v2.0/ports
2017-01-06 20:54:11,940   Connecting to remote ovn database: 
tcp:127.0.0.1:6641

2017-01-06 20:54:12,157   Connected (number of retries: 2)
2017-01-06 20:54:12,158   Response code: 200
2017-01-06 20:54:12,158   Response body: {"ports": [{"name": 
"4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873", "network_id": 
"e53554cf-e553-40a1-8d22-9c8d95ec0601", "device_owner": "oVirt", 
"mac_address": "00:1a:4a:16:01:51", "id": 
"4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873", "device_id": 
"40cd7328-d575-4c3d-b656-9ef9bacc0078"}, {"name": 
"92f6d3c8-68b3-4986-9c09-60bee04644b5", "network_id": 
"e53554cf-e553-40a1-8d22-9c8d95ec0601", "device_owner": "oVirt", 
"mac_address": "00:1a:4a:16:01:52", "id": 
"92f6d3c8-68b3-4986-9c09-60bee04644b5", "device_id": 
"4baefa8c-3822-4de0-9cd0-1d025bab7844"}]}
2017-01-06 20:54:12,160   Request: SHOW : 
/v2.0/networks/e53554cf-e553-40a1-8d22-9c8d95ec0601
2017-01-06 20:54:12,160   Connecting to remote ovn database: 
tcp:127.0.0.1:6641

2017-01-06 20:54:12,377   Connected (number of retries: 2)
2017-01-06 20:54:12,378   Response code: 200
2017-01-06 20:54:12,378   Response body: {"network": {"id": 
"e53554cf-e553-40a1-8d22-9c8d95ec0601", "name": "ovirtbridge"}}

2017-01-06 20:54:12,380   Request: POST : /v2.0/ports
2017-01-06 20:54:12,380   Request body:
{
  "port" : {
"name" : "nic1",
"binding:host_id" : "h1.limetransit.com",
"admin_state_up" : true,
"device_id" : "e8553a88-05f0-401d-8b9b-5fff77f7bbbe",
"device_owner" : "oVirt",
"mac_address" : "00:1a:4a:16:01:54",
"network_id" : "e53554cf-e553-40a1-8d22-9c8d95ec0601"
  }
}
2017-01-06 20:54:12,380   Connecting to remote ovn database: 
tcp:127.0.0.1:6641

2017-01-06 20:54:12,610   Connected (number of retries: 2)
2017-01-06 20:54:12,614   Response code: 200
2017-01-06 20:54:12,614   Response body: {"port": {"name": 
"912cba79-982e-4a87-868e-241fedccb59a", "network_id": 
"e53554cf-e553-40a1-8d22-9c8d95ec0601", "device_owner": "oVirt", 
"mac_address": "00:1a:4a:16:01:54", "id": 
"912cba79-982e-4a87-868e-241fedccb59a", "device_id": 
"e8553a88-05f0-401d-8b9b-5fff77f7bbbe"}}


h1:/var/log/messages
Jan  6 20:54:12 h1 ovs-vsctl: ovs|1|vsctl|INFO|Called as ovs-vsctl 
--timeout=5 -- --if-exists del-port vnet1 -- add-port br-int vnet1 -- 
set Interface vnet1 "external-ids:attached-mac=\"00:1a:4a:16:01:54\"" -- 
set Interface vnet1 
"external-ids:iface-id=\"20388407-0f76-41d8-97aa-8e2b5978f908\"" -- set 
Interface vnet1 
"external-ids:vm-id=\"6dd5291e-6556-4d29-8b4e-ea896e627645\"" -- set 
Interface vnet1 external-ids:iface-status=active


[root@h2 ~]# ovn-nbctl show
switch e53554cf-e553-40a1-8d22-9c8d95ec0601 (ovirtbridge)
port 4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873
addresses: ["00:1a:4a:16:01:51"]
port 912cba79-982e-4a87-868e-241fedccb59a
addresses: ["00:1a:4a:16:01:54"]
port 92f6d3c8-68b3-4986-9c09-60bee04644b5
addresses: ["00:1a:4a:16:01:52"]
port ovirtbridge-port2
addresses: ["unknown"]
port ovirtbridge-port1
addresses: ["unknown"]
[root@h2 ~]# ovn-sbctl show
Chassis "6e4dd29f-7607-48d7-8e5a-eef4c6aeefb5"
hostname: "h2.limetransit.com"
Encap geneve
ip: "148.251.126.50"
options: {csum="true"}
Port_Binding "4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873"
Port_Binding "ovirtbridge-port1"
Chassis "4f10fb04-8fb2-48d7-8a3f-ea6444c02cf9"
hostname: "h1.limetransit.com"
Encap geneve
ip: "144.76.84.73"
options: {csum="true"}
Port_Binding "ovirtbridge-port2"
Port_Binding "92f6d3c8-68b3-4986-9c09-60bee04644b5"

I.e. same issue
/Sverker

Den 2017-01-06 kl. 20:49, skrev Sverker Abrahamsson:


The port is created from Ovirt UI, the ovs-vsctl command below is 
executed when VM is started. In /var/log/ovirt-provider-ovn.log on h2 
I get the following:


2017-01-06 20:19:25,452   Request: GET : /v2.0/ports
2017-01-06 20:19:25,452   Connecting to remote ovn database: 
tcp:127.0.0.1:6641

2017-01-06 20:19:25,670   Connected 

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

ot;
    options: {csum="true"}
Port_Binding "ovirtbridge-port2"
Port_Binding "92f6d3c8-68b3-4986-9c09-60bee04644b5"

I don't know from where the ID 72dafda5-03c2-4bb6-bcb6-241fa5c0a1f3 
comes from, doesn't show in any log other than /var/log/messages.


If I do the same exercise on the same host as engine is running on then 
the port for the VM gets the right id and is working from beginning.

/Sverker

Den 2017-01-03 kl. 10:23, skrev Marcin Mirecki:

How did you create this port?
 From the oVirt engine UI?
The OVN provider creates the port when you add the port in the engine UI,
it is then plugged into the ovs bridge by the VIF driver.
Please attach /var/log/ovirt-provider-ovn.log



- Original Message -

From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
To: "Marcin Mirecki"<mmire...@redhat.com>
Cc: "Ovirt Users"<users@ovirt.org>
Sent: Tuesday, January 3, 2017 2:06:22 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

Found an issue with Ovirt - OVN integration.

Engine and OVN central db running on host h2. Created VM to run on host
h1, which is started. Ovn db state:

[root@h2 env3]# ovn-nbctl show
  switch e53554cf-e553-40a1-8d22-9c8d95ec0601 (ovirtbridge)
  port 4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873
  addresses: ["00:1a:4a:16:01:51"]
  port 92f6d3c8-68b3-4986-9c09-60bee04644b5
  addresses: ["00:1a:4a:16:01:52"]
  port ovirtbridge-port2
  addresses: ["unknown"]
  port ovirtbridge-port1
  addresses: ["unknown"]
[root@h2 env3]# ovn-sbctl show
Chassis "6e4dd29f-7607-48d7-8e5a-eef4c6aeefb5"
  hostname: "h2.limetransit.com"
  Encap geneve
  ip: "148.251.126.50"
  options: {csum="true"}
  Port_Binding "4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873"
  Port_Binding "ovirtbridge-port1"
Chassis "4f10fb04-8fb2-48d7-8a3f-ea6444c02cf9"
  hostname: "h1.limetransit.com"
  Encap geneve
  ip: "144.76.84.73"
  options: {csum="true"}
  Port_Binding "ovirtbridge-port2"

Port 92f6d3c8-68b3-4986-9c09-60bee04644b5 is for the new VM which is
started on h1, but it is not assigned to that chassis. The reason is
that on h1 the port on br-int is created like this:

ovs-vsctl --timeout=5 -- --if-exists del-port vnet0 -- add-port br-int
vnet0 -- set Interface vnet0
"external-ids:attached-mac=\"00:1a:4a:16:01:52\"" -- set Interface vnet0
"external-ids:iface-id=\"35bcbe31-2c7e-4d97-add9-ce150eeb2f11\"" -- set
Interface vnet0
"external-ids:vm-id=\"4d0c134a-11a0-40f4-b2fb-c13c17c7251c\"" -- set
Interface vnet0 external-ids:iface-status=active

I.e. the extrernal id of interface is wrong. When I manually change to
the right id like this the port works fine:

ovs-vsctl --timeout=5 -- --if-exists del-port vnet0 -- add-port br-int
vnet0 -- set Interface vnet0
"external-ids:attached-mac=\"00:1a:4a:16:01:52\"" -- set Interface vnet0
"external-ids:iface-id=\"92f6d3c8-68b3-4986-9c09-60bee04644b5\"" -- set
Interface vnet0
"external-ids:vm-id=\"4d0c134a-11a0-40f4-b2fb-c13c17c7251c\"" -- set
Interface vnet0 external-ids:iface-status=active

sb db after correcting the port:

Chassis "6e4dd29f-7607-48d7-8e5a-eef4c6aeefb5"
  hostname: "h2.limetransit.com"
  Encap geneve
  ip: "148.251.126.50"
  options: {csum="true"}
  Port_Binding "4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873"
  Port_Binding "ovirtbridge-port1"
Chassis "4f10fb04-8fb2-48d7-8a3f-ea6444c02cf9"
  hostname: "h1.limetransit.com"
  Encap geneve
  ip: "144.76.84.73"
  options: {csum="true"}
  Port_Binding "ovirtbridge-port2"
  Port_Binding "92f6d3c8-68b3-4986-9c09-60bee04644b5"

I don't know from where the faulty id comes from, it's not in any logs.
In the domain xml as printed in vdsm.log the id is correct:

  
  
  
  
  
  
  
  
  
  
  
  

Where is the ovs-vsctl command line built for this call?

/Sverker


Den 2017-01-02 kl. 13:40, skrev Sverker Abrahamsson:

Got it to work now by following the env8 example in OVN tutorial,
where a port is added with type l2gateway. Not sure how that is
different from the localnet variant, but didn't suceed in getting that
one working. Now I'm able to ping and telnet over the tunnel, but not
ssh even when the port is answering on telnet. Neither does nfs
traffic work even though mount did. Suspecting MTU issue. I

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Found an issue with Ovirt - OVN integration.

Engine and OVN central db running on host h2. Created VM to run on host 
h1, which is started. Ovn db state:


[root@h2 env3]# ovn-nbctl show
switch e53554cf-e553-40a1-8d22-9c8d95ec0601 (ovirtbridge)
port 4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873
addresses: ["00:1a:4a:16:01:51"]
port 92f6d3c8-68b3-4986-9c09-60bee04644b5
addresses: ["00:1a:4a:16:01:52"]
port ovirtbridge-port2
addresses: ["unknown"]
port ovirtbridge-port1
addresses: ["unknown"]
[root@h2 env3]# ovn-sbctl show
Chassis "6e4dd29f-7607-48d7-8e5a-eef4c6aeefb5"
hostname: "h2.limetransit.com"
Encap geneve
ip: "148.251.126.50"
options: {csum="true"}
Port_Binding "4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873"
Port_Binding "ovirtbridge-port1"
Chassis "4f10fb04-8fb2-48d7-8a3f-ea6444c02cf9"
hostname: "h1.limetransit.com"
Encap geneve
ip: "144.76.84.73"
options: {csum="true"}
Port_Binding "ovirtbridge-port2"

Port 92f6d3c8-68b3-4986-9c09-60bee04644b5 is for the new VM which is 
started on h1, but it is not assigned to that chassis. The reason is 
that on h1 the port on br-int is created like this:


ovs-vsctl --timeout=5 -- --if-exists del-port vnet0 -- add-port br-int 
vnet0 -- set Interface vnet0 
"external-ids:attached-mac=\"00:1a:4a:16:01:52\"" -- set Interface vnet0 
"external-ids:iface-id=\"35bcbe31-2c7e-4d97-add9-ce150eeb2f11\"" -- set 
Interface vnet0 
"external-ids:vm-id=\"4d0c134a-11a0-40f4-b2fb-c13c17c7251c\"" -- set 
Interface vnet0 external-ids:iface-status=active


I.e. the extrernal id of interface is wrong. When I manually change to 
the right id like this the port works fine:


ovs-vsctl --timeout=5 -- --if-exists del-port vnet0 -- add-port br-int 
vnet0 -- set Interface vnet0 
"external-ids:attached-mac=\"00:1a:4a:16:01:52\"" -- set Interface vnet0 
"external-ids:iface-id=\"92f6d3c8-68b3-4986-9c09-60bee04644b5\"" -- set 
Interface vnet0 
"external-ids:vm-id=\"4d0c134a-11a0-40f4-b2fb-c13c17c7251c\"" -- set 
Interface vnet0 external-ids:iface-status=active


sb db after correcting the port:

Chassis "6e4dd29f-7607-48d7-8e5a-eef4c6aeefb5"
hostname: "h2.limetransit.com"
Encap geneve
ip: "148.251.126.50"
options: {csum="true"}
Port_Binding "4981ee5f-6e15-4bd5-a1cf-7ead9bdd5873"
Port_Binding "ovirtbridge-port1"
Chassis "4f10fb04-8fb2-48d7-8a3f-ea6444c02cf9"
hostname: "h1.limetransit.com"
Encap geneve
ip: "144.76.84.73"
options: {csum="true"}
Port_Binding "ovirtbridge-port2"
Port_Binding "92f6d3c8-68b3-4986-9c09-60bee04644b5"

I don't know from where the faulty id comes from, it's not in any logs. 
In the domain xml as printed in vdsm.log the id is correct:











interfaceid="92f6d3c8-68b3-4986-9c09-60bee04644b5" />




Where is the ovs-vsctl command line built for this call?

/Sverker


Den 2017-01-02 kl. 13:40, skrev Sverker Abrahamsson:
Got it to work now by following the env8 example in OVN tutorial, 
where a port is added with type l2gateway. Not sure how that is 
different from the localnet variant, but didn't suceed in getting that 
one working. Now I'm able to ping and telnet over the tunnel, but not 
ssh even when the port is answering on telnet. Neither does nfs 
traffic work even though mount did. Suspecting MTU issue. I did notice 
that ovn-controller starts too early, before network interfaces are 
established and hence can't reach the db. As these is a purely OVS/OVN 
issue I'll ask about it on their mailing list.


Getting back to the original issue with Ovirt, I've now added the 
second host h1 to ovirt-engine. Had to do the same as with h2 to 
create a dummy ovirtmgmt network but configured access via the public 
IP. My firewall settings was replaced with iptables config and 
vdsm.conf was overwritten when engine was set up, so those had to be 
manually restored. It would be preferable if it would be possible to 
configure ovirt-engine that it does not "own" the host and instead 
comply with the settings it has instead of enforcing it's own view..


Apart from that it seems the second host works, although I need to 
resolve the traffic issue over the OVS tunnel.

/Sverker

Den 2017-01-02 kl. 01:13, skrev Sverker Abrahamsson:
1. That is not possible as ovirt (or vdsm) will rewrite the network 
configuration to a non-working state. That

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Got it to work now by following the env8 example in OVN tutorial, where 
a port is added with type l2gateway. Not sure how that is different from 
the localnet variant, but didn't suceed in getting that one working. Now 
I'm able to ping and telnet over the tunnel, but not ssh even when the 
port is answering on telnet. Neither does nfs traffic work even though 
mount did. Suspecting MTU issue. I did notice that ovn-controller starts 
too early, before network interfaces are established and hence can't 
reach the db. As these is a purely OVS/OVN issue I'll ask about it on 
their mailing list.


Getting back to the original issue with Ovirt, I've now added the second 
host h1 to ovirt-engine. Had to do the same as with h2 to create a dummy 
ovirtmgmt network but configured access via the public IP. My firewall 
settings was replaced with iptables config and vdsm.conf was overwritten 
when engine was set up, so those had to be manually restored. It would 
be preferable if it would be possible to configure ovirt-engine that it 
does not "own" the host and instead comply with the settings it has 
instead of enforcing it's own view..


Apart from that it seems the second host works, although I need to 
resolve the traffic issue over the OVS tunnel.

/Sverker

Den 2017-01-02 kl. 01:13, skrev Sverker Abrahamsson:
1. That is not possible as ovirt (or vdsm) will rewrite the network 
configuration to a non-working state. That is why I've set that if as 
hidden to vdsm and is why I'm keen on getting OVS/OVN to work


2. I've been reading the doc for OVN and starting to connect the dots, 
which is not trivial as it is complex. Some insights reached:


First step is the OVN database, installed by openvswitch-ovn-central, 
which I currently have running on h2 host. The 'ovn-nbctl' and 
'ovn-sbctl' commands are only possible to execute on a database node. 
Two ip's are given to 'vdsm-tool ovn-config  ip>' as arguments, where  is how this OVN node reaches 
the database and  is the ip to which other OVN nodes sets 
up a tunnel to this node. I.e. it is not for creating a tunnel to the 
database which I thought first from the description in blog post.


The tunnel between OVN nodes is of type geneve which is a UDP based 
protocol but I have not been able to find anywhere which port is used 
so that I can open it in firewalld. I have added OVN on another host, 
called h1, and connected it to the db. I see there is traffic to the 
db port, but I don't see any geneve traffic between the nodes.


Ovirt is now able to create it's vnet0 interface on the br-int ovs 
bridge, but then I run into the next issue. How do I create a 
connection from the logical switch to the physical host? I need that 
to a) get a connection out to the internet through a masqueraded if or 
ipv6 and b) be able to run a dhcp server to give ip's to the VM's.


/Sverker

Den 2016-12-30 kl. 18:05, skrev Marcin Mirecki:

1. Why not use your physical nic for ovirtmgmt then?

2. "ovn-nbctl ls-add" does not add a bridge, but a logical switch.
br-int is an internal OVN implementation detail, which the user
should not care about. What you see in the ovirt UI are logical
networks. They are implemented as OVN logical switches in case
of the OVN provider.

Please look at:
http://www.ovirt.org/blog/2016/11/ovirt-provider-ovn/
You can get the latest rpms from here:
http://resources.ovirt.org/repos/ovirt/experimental/master/ovirt-provider-ovn_fc24_46/rpm/fc24/noarch/ 



- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Friday, December 30, 2016 4:25:58 PM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory 
ovirtmgmt network


1. No, I did not want to put the ovirtmgmt bridge on my physical nic as
it always messed up the network config making the host unreachable. I
have put a ovs bridge on this nic which I will use to make tunnels when
I add other hosts. Maybe br-int will be used for that instead, will see
when I get that far.

As it is now I have a dummy if for ovirtmgmt bridge but this will
probably not work when I add other hosts as that bridge cannot connect
to the other hosts. I'm considering keeping this just as a dummy to 
keep

ovirt engine satisfied while the actual communication will happen over
OVN/OVS bridges and tunnels.

2. On
https://www.ovirt.org//develop/release-management/features/ovirt-ovn-provider/ 


there is instructions how to add an OVS bridge to OVN with |ovn-nbctl
ls-add |. If you want to use br-int then it makes 
sense to
make that bridge visible in ovirt webui under networks so that it 
can be

selected for VM's.

It quite doesn't make sense to me that I can select other network 
for my

VM but then that setting is not used when setting up the network.

/Sverker

Den 2016-12-30 kl. 15:34, skrev Marcin Mirecki:

Hi,

The OVN provid

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

1. That is not possible as ovirt (or vdsm) will rewrite the network 
configuration to a non-working state. That is why I've set that if as 
hidden to vdsm and is why I'm keen on getting OVS/OVN to work


2. I've been reading the doc for OVN and starting to connect the dots, 
which is not trivial as it is complex. Some insights reached:


First step is the OVN database, installed by openvswitch-ovn-central, 
which I currently have running on h2 host. The 'ovn-nbctl' and 
'ovn-sbctl' commands are only possible to execute on a database node. 
Two ip's are given to 'vdsm-tool ovn-config  ip>' as arguments, where  is how this OVN node reaches 
the database and  is the ip to which other OVN nodes sets up 
a tunnel to this node. I.e. it is not for creating a tunnel to the 
database which I thought first from the description in blog post.


The tunnel between OVN nodes is of type geneve which is a UDP based 
protocol but I have not been able to find anywhere which port is used so 
that I can open it in firewalld. I have added OVN on another host, 
called h1, and connected it to the db. I see there is traffic to the db 
port, but I don't see any geneve traffic between the nodes.


Ovirt is now able to create it's vnet0 interface on the br-int ovs 
bridge, but then I run into the next issue. How do I create a connection 
from the logical switch to the physical host? I need that to a) get a 
connection out to the internet through a masqueraded if or ipv6 and b) 
be able to run a dhcp server to give ip's to the VM's.


/Sverker

Den 2016-12-30 kl. 18:05, skrev Marcin Mirecki:

1. Why not use your physical nic for ovirtmgmt then?

2. "ovn-nbctl ls-add" does not add a bridge, but a logical switch.
br-int is an internal OVN implementation detail, which the user
should not care about. What you see in the ovirt UI are logical
networks. They are implemented as OVN logical switches in case
of the OVN provider.

Please look at:
http://www.ovirt.org/blog/2016/11/ovirt-provider-ovn/
You can get the latest rpms from here:
http://resources.ovirt.org/repos/ovirt/experimental/master/ovirt-provider-ovn_fc24_46/rpm/fc24/noarch/

- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Friday, December 30, 2016 4:25:58 PM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

1. No, I did not want to put the ovirtmgmt bridge on my physical nic as
it always messed up the network config making the host unreachable. I
have put a ovs bridge on this nic which I will use to make tunnels when
I add other hosts. Maybe br-int will be used for that instead, will see
when I get that far.

As it is now I have a dummy if for ovirtmgmt bridge but this will
probably not work when I add other hosts as that bridge cannot connect
to the other hosts. I'm considering keeping this just as a dummy to keep
ovirt engine satisfied while the actual communication will happen over
OVN/OVS bridges and tunnels.

2. On
https://www.ovirt.org//develop/release-management/features/ovirt-ovn-provider/
there is instructions how to add an OVS bridge to OVN with |ovn-nbctl
ls-add |. If you want to use br-int then it makes sense to
make that bridge visible in ovirt webui under networks so that it can be
selected for VM's.

It quite doesn't make sense to me that I can select other network for my
VM but then that setting is not used when setting up the network.

/Sverker

Den 2016-12-30 kl. 15:34, skrev Marcin Mirecki:

Hi,

The OVN provider does not require you to add any bridges manually.
As I understand we were dealing with two problems:
1. You only had one physical nic and wanted to put a bridge on it,
 attaching the management network to the bridge. This was the reason for
 creating the bridge (the recommended setup would be to used a separate
 physical nic for the management network). This bridge has nothing to
 do with the OVN bridge.
2. OVN - you want to use OVN on this system. For this you have to install
 OVN on your hosts. This should create the br-int bridge, which are
 then used by the OVN provider. This br-int bridge must be configured
 to connect to other hosts using the geneve tunnels.

In both cases the systems will not be aware of any bridges you create.
They need a nic (be it physical or virtual) to connect to other system.
Usually this is the physical nic. In your case you decided to put a bridge
on the physical nic, and give oVirt a virtual nic attached to this bridge.
This works, but keep in mind that the bridge you have introduced is outside
of oVirt's (and OVN) control (and as such is not supported).


What is the purpose of
adding my bridges to Ovirt through the external provider and configure
them on my VM

I am not quite sure I understand.
The external provider (OVN provider to be specific), does not add any

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

1. No, I did not want to put the ovirtmgmt bridge on my physical nic as 
it always messed up the network config making the host unreachable. I 
have put a ovs bridge on this nic which I will use to make tunnels when 
I add other hosts. Maybe br-int will be used for that instead, will see 
when I get that far.


As it is now I have a dummy if for ovirtmgmt bridge but this will 
probably not work when I add other hosts as that bridge cannot connect 
to the other hosts. I'm considering keeping this just as a dummy to keep 
ovirt engine satisfied while the actual communication will happen over 
OVN/OVS bridges and tunnels.


2. On 
https://www.ovirt.org//develop/release-management/features/ovirt-ovn-provider/ 
there is instructions how to add an OVS bridge to OVN with |ovn-nbctl 
ls-add |. If you want to use br-int then it makes sense to 
make that bridge visible in ovirt webui under networks so that it can be 
selected for VM's.


It quite doesn't make sense to me that I can select other network for my 
VM but then that setting is not used when setting up the network.


/Sverker

Den 2016-12-30 kl. 15:34, skrev Marcin Mirecki:

Hi,

The OVN provider does not require you to add any bridges manually.
As I understand we were dealing with two problems:
1. You only had one physical nic and wanted to put a bridge on it,
attaching the management network to the bridge. This was the reason for
creating the bridge (the recommended setup would be to used a separate
physical nic for the management network). This bridge has nothing to
do with the OVN bridge.
2. OVN - you want to use OVN on this system. For this you have to install
OVN on your hosts. This should create the br-int bridge, which are
then used by the OVN provider. This br-int bridge must be configured
to connect to other hosts using the geneve tunnels.

In both cases the systems will not be aware of any bridges you create.
They need a nic (be it physical or virtual) to connect to other system.
Usually this is the physical nic. In your case you decided to put a bridge
on the physical nic, and give oVirt a virtual nic attached to this bridge.
This works, but keep in mind that the bridge you have introduced is outside
of oVirt's (and OVN) control (and as such is not supported).


What is the purpose of
adding my bridges to Ovirt through the external provider and configure
them on my VM

I am not quite sure I understand.
The external provider (OVN provider to be specific), does not add any bridges
to the system. It is using the br-int bridge created by OVN. The networks
created by the OVN provider are purely logical entities, implemented using
the OVN br-int bridge.

Marcin


- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Friday, December 30, 2016 12:15:43 PM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

Hi
That is the logic I quite don't understand. What is the purpose of
adding my bridges to Ovirt through the external provider and configure
them on my VM if you are disregarding that and using br-int anyway?

/Sverker

Den 2016-12-30 kl. 10:53, skrev Marcin Mirecki:

Sverker,

br-int is the integration bridge created by default in OVN. This is the
bridge we use for the OVN provider. As OVN is required to be installed,
we assume that this bridge is present.
Using any other ovs bridge is not supported, and will require custom code
changes (such as the ones you created).

The proper setup in your case would probably be to create br-int and
connect
this to your ovirtbridge, although I don't know the details of your env, so
this is just my best guess.

Marcin


- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>, "Numan Siddique"
<nusid...@redhat.com>
Sent: Friday, December 30, 2016 1:14:50 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
network

Even better, if the value is not hardcoded then the configured value is
used. Might be that I'm missunderstanding something but this is the
behaviour I expected instead of that it is using br-int.

Attached is a patch which properly sets up the xml, in case there is
already a virtual port there + testcode of some variants

/Sverker

Den 2016-12-29 kl. 22:55, skrev Sverker Abrahamsson:

When I change
/usr/libexec/vdsm/hooks/before_device_create/ovirt_provider_ovn_hook
to instead of hardcoded to br-int use BRIDGE_NAME = 'ovirtbridge' then
I get the expected behaviour and I get a working network connectivity
in my VM with IP provided by dhcp.

/Sverker

Den 2016-12-29 kl. 22:07, skrev Sverker Abrahamsson:

By default the vNic profile of my OVN bridge ovirtbridge gets a
Network filter name

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Hi
That is the logic I quite don't understand. What is the purpose of 
adding my bridges to Ovirt through the external provider and configure 
them on my VM if you are disregarding that and using br-int anyway?


/Sverker

Den 2016-12-30 kl. 10:53, skrev Marcin Mirecki:

Sverker,

br-int is the integration bridge created by default in OVN. This is the
bridge we use for the OVN provider. As OVN is required to be installed,
we assume that this bridge is present.
Using any other ovs bridge is not supported, and will require custom code
changes (such as the ones you created).

The proper setup in your case would probably be to create br-int and connect
this to your ovirtbridge, although I don't know the details of your env, so
this is just my best guess.

Marcin


- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>, "Numan Siddique" <nusid...@redhat.com>
Sent: Friday, December 30, 2016 1:14:50 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

Even better, if the value is not hardcoded then the configured value is
used. Might be that I'm missunderstanding something but this is the
behaviour I expected instead of that it is using br-int.

Attached is a patch which properly sets up the xml, in case there is
already a virtual port there + testcode of some variants

/Sverker

Den 2016-12-29 kl. 22:55, skrev Sverker Abrahamsson:

When I change
/usr/libexec/vdsm/hooks/before_device_create/ovirt_provider_ovn_hook
to instead of hardcoded to br-int use BRIDGE_NAME = 'ovirtbridge' then
I get the expected behaviour and I get a working network connectivity
in my VM with IP provided by dhcp.

/Sverker

Den 2016-12-29 kl. 22:07, skrev Sverker Abrahamsson:

By default the vNic profile of my OVN bridge ovirtbridge gets a
Network filter named vdsm-no-mac-spoofing. If I instead set No filter
then I don't get those ebtables / iptables messages. It seems that
there is some issue between ovirt/vdsm and firewalld, which we can
put to the side for now.

It is not clear for me why the port is added on br-int instead of the
bridge I've assigned to the VM, which is ovirtbridge??

/Sverker

Den 2016-12-29 kl. 14:20, skrev Sverker Abrahamsson:

The specific command most likely fails because there is no chain
named libvirt-J-vnet0, but when should that have been created?
/Sverker

 Vidarebefordrat meddelande 
Ämne:   Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
network
Datum:  Thu, 29 Dec 2016 08:06:29 -0500 (EST)
Från:   Marcin Mirecki <mmire...@redhat.com>
Till:   Sverker Abrahamsson <sver...@abrahamsson.com>
Kopia:  Ovirt Users <users@ovirt.org>, Lance Richardson
<lrich...@redhat.com>, Numan Siddique <nusid...@redhat.com>



Let me add the OVN team.

Lance, Numan,

Can you please look at this?

Trying to plug a vNIC results in:

Dec 28 23:31:35 h2 ovs-vsctl: ovs|1|vsctl|INFO|Called as
ovs-vsctl
--timeout=5 -- --if-exists del-port vnet0 -- add-port br-int
vnet0 --
set Interface vnet0
"external-ids:attached-mac=\"00:1a:4a:16:01:51\""
-- set Interface vnet0
"external-ids:iface-id=\"e8853aac-8a75-41b0-8010-e630017dcdd8\""
--
set Interface vnet0
"external-ids:vm-id=\"b9440d60-ef5a-4e2b-83cf-081df7c09e6f\"" --
set
Interface vnet0 external-ids:iface-status=active
Dec 28 23:31:35 h2 kernel: device vnet0 entered promiscuous mode
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -D PREROUTING -i vnet0
-j
libvirt-J-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:

More details below


- Original Message -

From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
To: "Marcin Mirecki"<mmire...@redhat.com>
Cc: "Ovirt Users"<users@ovirt.org>
Sent: Thursday, December 29, 2016 1:42:11 PM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
network

Hi
Same problem still..
/Sverker

Den 2016-12-29 kl. 13:34, skrev Marcin Mirecki:

Hi,

The tunnels are created to connect multiple OVN controllers.
If there is only one, there is no need for the tunnels, so none
will be created, this is the correct behavior.

Does the problem still occur after setting configuring the
OVN-controller?

Marcin

- Original Message -

From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
To: "Marcin Mirecki"<mmire...@redhat.com>
Cc: "Ovirt Users"<users@ovirt.org>
Sent: Thursday, December 29, 2016 11:44:32 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory
ovirtmgmt
network

Hi
The rpm packages you listed in the other mail are installed but I
had
not run vdsm-tool ovn-config to create tunnel as the OVN controller
is
on the same host.

[root@h2 ~]# rpm

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Even better, if the value is not hardcoded then the configured value is 
used. Might be that I'm missunderstanding something but this is the 
behaviour I expected instead of that it is using br-int.


Attached is a patch which properly sets up the xml, in case there is 
already a virtual port there + testcode of some variants


/Sverker

Den 2016-12-29 kl. 22:55, skrev Sverker Abrahamsson:


When I change 
/usr/libexec/vdsm/hooks/before_device_create/ovirt_provider_ovn_hook 
to instead of hardcoded to br-int use BRIDGE_NAME = 'ovirtbridge' then 
I get the expected behaviour and I get a working network connectivity 
in my VM with IP provided by dhcp.


/Sverker

Den 2016-12-29 kl. 22:07, skrev Sverker Abrahamsson:


By default the vNic profile of my OVN bridge ovirtbridge gets a 
Network filter named vdsm-no-mac-spoofing. If I instead set No filter 
then I don't get those ebtables / iptables messages. It seems that 
there is some issue between ovirt/vdsm and firewalld, which we can 
put to the side for now.


It is not clear for me why the port is added on br-int instead of the 
bridge I've assigned to the VM, which is ovirtbridge??


/Sverker

Den 2016-12-29 kl. 14:20, skrev Sverker Abrahamsson:


The specific command most likely fails because there is no chain 
named libvirt-J-vnet0, but when should that have been created?

/Sverker

 Vidarebefordrat meddelande 
Ämne: 	Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt 
network

Datum:  Thu, 29 Dec 2016 08:06:29 -0500 (EST)
Från:   Marcin Mirecki <mmire...@redhat.com>
Till:   Sverker Abrahamsson <sver...@abrahamsson.com>
Kopia: 	Ovirt Users <users@ovirt.org>, Lance Richardson 
<lrich...@redhat.com>, Numan Siddique <nusid...@redhat.com>




Let me add the OVN team.

Lance, Numan,

Can you please look at this?

Trying to plug a vNIC results in:
> >>>>>> Dec 28 23:31:35 h2 ovs-vsctl: ovs|1|vsctl|INFO|Called as ovs-vsctl
> >>>>>> --timeout=5 -- --if-exists del-port vnet0 -- add-port br-int vnet0 --
> >>>>>> set Interface vnet0 "external-ids:attached-mac=\"00:1a:4a:16:01:51\""
> >>>>>> -- set Interface vnet0
> >>>>>> "external-ids:iface-id=\"e8853aac-8a75-41b0-8010-e630017dcdd8\"" --
> >>>>>> set Interface vnet0
> >>>>>> "external-ids:vm-id=\"b9440d60-ef5a-4e2b-83cf-081df7c09e6f\"" -- set
> >>>>>> Interface vnet0 external-ids:iface-status=active
> >>>>>> Dec 28 23:31:35 h2 kernel: device vnet0 entered promiscuous mode
> >>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
> >>>>>> '/usr/sbin/ebtables --concurrent -t nat -D PREROUTING -i vnet0 -j
> >>>>>> libvirt-J-vnet0' failed:
> >>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:

More details below


- Original Message -
> From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
> To: "Marcin Mirecki"<mmire...@redhat.com>
> Cc: "Ovirt Users"<users@ovirt.org>
> Sent: Thursday, December 29, 2016 1:42:11 PM
> Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network
>
> Hi
> Same problem still..
> /Sverker
>
> Den 2016-12-29 kl. 13:34, skrev Marcin Mirecki:
> > Hi,
> >
> > The tunnels are created to connect multiple OVN controllers.
> > If there is only one, there is no need for the tunnels, so none
> > will be created, this is the correct behavior.
> >
> > Does the problem still occur after setting configuring the OVN-controller?
> >
> > Marcin
> >
> > - Original Message -
> >> From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
> >> To: "Marcin Mirecki"<mmire...@redhat.com>
> >> Cc: "Ovirt Users"<users@ovirt.org>
> >> Sent: Thursday, December 29, 2016 11:44:32 AM
> >> Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
> >> network
> >>
> >> Hi
> >> The rpm packages you listed in the other mail are installed but I had
> >> not run vdsm-tool ovn-config to create tunnel as the OVN controller is
> >> on the same host.
> >>
> >> [root@h2 ~]# rpm -q openvswitch-ovn-common
> >> openvswitch-ovn-common-2.6.90-1.el7.centos.x86_64
> >> [root@h2 ~]# rpm -q openvswitch-ovn-host
> >> openvswitch-ovn-host-2.6.90-1.el7.centos.x86_64
> >> [root@h2 ~]# rpm -q python-openvswitch
> >> python-openvswitch-2.6.90-1.el7.centos.noarch
> >>
> >> After removing my manually created br-int

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

When I change 
/usr/libexec/vdsm/hooks/before_device_create/ovirt_provider_ovn_hook to 
instead of hardcoded to br-int use BRIDGE_NAME = 'ovirtbridge' then I 
get the expected behaviour and I get a working network connectivity in 
my VM with IP provided by dhcp.


/Sverker

Den 2016-12-29 kl. 22:07, skrev Sverker Abrahamsson:


By default the vNic profile of my OVN bridge ovirtbridge gets a 
Network filter named vdsm-no-mac-spoofing. If I instead set No filter 
then I don't get those ebtables / iptables messages. It seems that 
there is some issue between ovirt/vdsm and firewalld, which we can put 
to the side for now.


It is not clear for me why the port is added on br-int instead of the 
bridge I've assigned to the VM, which is ovirtbridge??


/Sverker

Den 2016-12-29 kl. 14:20, skrev Sverker Abrahamsson:


The specific command most likely fails because there is no chain 
named libvirt-J-vnet0, but when should that have been created?

/Sverker

 Vidarebefordrat meddelande 
Ämne: 	Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt 
network

Datum:  Thu, 29 Dec 2016 08:06:29 -0500 (EST)
Från:   Marcin Mirecki <mmire...@redhat.com>
Till:   Sverker Abrahamsson <sver...@abrahamsson.com>
Kopia: 	Ovirt Users <users@ovirt.org>, Lance Richardson 
<lrich...@redhat.com>, Numan Siddique <nusid...@redhat.com>




Let me add the OVN team.

Lance, Numan,

Can you please look at this?

Trying to plug a vNIC results in:
> >>>>>> Dec 28 23:31:35 h2 ovs-vsctl: ovs|1|vsctl|INFO|Called as ovs-vsctl
> >>>>>> --timeout=5 -- --if-exists del-port vnet0 -- add-port br-int vnet0 --
> >>>>>> set Interface vnet0 "external-ids:attached-mac=\"00:1a:4a:16:01:51\""
> >>>>>> -- set Interface vnet0
> >>>>>> "external-ids:iface-id=\"e8853aac-8a75-41b0-8010-e630017dcdd8\"" --
> >>>>>> set Interface vnet0
> >>>>>> "external-ids:vm-id=\"b9440d60-ef5a-4e2b-83cf-081df7c09e6f\"" -- set
> >>>>>> Interface vnet0 external-ids:iface-status=active
> >>>>>> Dec 28 23:31:35 h2 kernel: device vnet0 entered promiscuous mode
> >>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
> >>>>>> '/usr/sbin/ebtables --concurrent -t nat -D PREROUTING -i vnet0 -j
> >>>>>> libvirt-J-vnet0' failed:
> >>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:

More details below


- Original Message -
> From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
> To: "Marcin Mirecki"<mmire...@redhat.com>
> Cc: "Ovirt Users"<users@ovirt.org>
> Sent: Thursday, December 29, 2016 1:42:11 PM
> Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network
>
> Hi
> Same problem still..
> /Sverker
>
> Den 2016-12-29 kl. 13:34, skrev Marcin Mirecki:
> > Hi,
> >
> > The tunnels are created to connect multiple OVN controllers.
> > If there is only one, there is no need for the tunnels, so none
> > will be created, this is the correct behavior.
> >
> > Does the problem still occur after setting configuring the OVN-controller?
> >
> > Marcin
> >
> > - Original Message -
> >> From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
> >> To: "Marcin Mirecki"<mmire...@redhat.com>
> >> Cc: "Ovirt Users"<users@ovirt.org>
> >> Sent: Thursday, December 29, 2016 11:44:32 AM
> >> Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
> >> network
> >>
> >> Hi
> >> The rpm packages you listed in the other mail are installed but I had
> >> not run vdsm-tool ovn-config to create tunnel as the OVN controller is
> >> on the same host.
> >>
> >> [root@h2 ~]# rpm -q openvswitch-ovn-common
> >> openvswitch-ovn-common-2.6.90-1.el7.centos.x86_64
> >> [root@h2 ~]# rpm -q openvswitch-ovn-host
> >> openvswitch-ovn-host-2.6.90-1.el7.centos.x86_64
> >> [root@h2 ~]# rpm -q python-openvswitch
> >> python-openvswitch-2.6.90-1.el7.centos.noarch
> >>
> >> After removing my manually created br-int and run
> >>
> >> vdsm-tool ovn-config 127.0.0.1 172.27.1.1
> >>
> >> then I have the br-int but 'ip link show' does not show any link
> >> 'genev_sys_' nor does 'ovs-vsctl show' any port for ovn. I assume these
> >> are when there is an actual tunnel?
> >>
> >> [root@h2 ~]# ovs-vsctl show
> >> ebb6aede-cbbc-4f4f-a88a-a9cd72

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

By default the vNic profile of my OVN bridge ovirtbridge gets a Network 
filter named vdsm-no-mac-spoofing. If I instead set No filter then I 
don't get those ebtables / iptables messages. It seems that there is 
some issue between ovirt/vdsm and firewalld, which we can put to the 
side for now.


It is not clear for me why the port is added on br-int instead of the 
bridge I've assigned to the VM, which is ovirtbridge??


/Sverker

Den 2016-12-29 kl. 14:20, skrev Sverker Abrahamsson:


The specific command most likely fails because there is no chain named 
libvirt-J-vnet0, but when should that have been created?

/Sverker

 Vidarebefordrat meddelande 
Ämne: 	Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt 
network

Datum:  Thu, 29 Dec 2016 08:06:29 -0500 (EST)
Från:   Marcin Mirecki <mmire...@redhat.com>
Till:   Sverker Abrahamsson <sver...@abrahamsson.com>
Kopia: 	Ovirt Users <users@ovirt.org>, Lance Richardson 
<lrich...@redhat.com>, Numan Siddique <nusid...@redhat.com>




Let me add the OVN team.

Lance, Numan,

Can you please look at this?

Trying to plug a vNIC results in:
> >>>>>> Dec 28 23:31:35 h2 ovs-vsctl: ovs|1|vsctl|INFO|Called as ovs-vsctl
> >>>>>> --timeout=5 -- --if-exists del-port vnet0 -- add-port br-int vnet0 --
> >>>>>> set Interface vnet0 "external-ids:attached-mac=\"00:1a:4a:16:01:51\""
> >>>>>> -- set Interface vnet0
> >>>>>> "external-ids:iface-id=\"e8853aac-8a75-41b0-8010-e630017dcdd8\"" --
> >>>>>> set Interface vnet0
> >>>>>> "external-ids:vm-id=\"b9440d60-ef5a-4e2b-83cf-081df7c09e6f\"" -- set
> >>>>>> Interface vnet0 external-ids:iface-status=active
> >>>>>> Dec 28 23:31:35 h2 kernel: device vnet0 entered promiscuous mode
> >>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
> >>>>>> '/usr/sbin/ebtables --concurrent -t nat -D PREROUTING -i vnet0 -j
> >>>>>> libvirt-J-vnet0' failed:
> >>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:

More details below


- Original Message -
> From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
> To: "Marcin Mirecki"<mmire...@redhat.com>
> Cc: "Ovirt Users"<users@ovirt.org>
> Sent: Thursday, December 29, 2016 1:42:11 PM
> Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network
>
> Hi
> Same problem still..
> /Sverker
>
> Den 2016-12-29 kl. 13:34, skrev Marcin Mirecki:
> > Hi,
> >
> > The tunnels are created to connect multiple OVN controllers.
> > If there is only one, there is no need for the tunnels, so none
> > will be created, this is the correct behavior.
> >
> > Does the problem still occur after setting configuring the OVN-controller?
> >
> > Marcin
> >
> > - Original Message -
> >> From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
> >> To: "Marcin Mirecki"<mmire...@redhat.com>
> >> Cc: "Ovirt Users"<users@ovirt.org>
> >> Sent: Thursday, December 29, 2016 11:44:32 AM
> >> Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
> >> network
> >>
> >> Hi
> >> The rpm packages you listed in the other mail are installed but I had
> >> not run vdsm-tool ovn-config to create tunnel as the OVN controller is
> >> on the same host.
> >>
> >> [root@h2 ~]# rpm -q openvswitch-ovn-common
> >> openvswitch-ovn-common-2.6.90-1.el7.centos.x86_64
> >> [root@h2 ~]# rpm -q openvswitch-ovn-host
> >> openvswitch-ovn-host-2.6.90-1.el7.centos.x86_64
> >> [root@h2 ~]# rpm -q python-openvswitch
> >> python-openvswitch-2.6.90-1.el7.centos.noarch
> >>
> >> After removing my manually created br-int and run
> >>
> >> vdsm-tool ovn-config 127.0.0.1 172.27.1.1
> >>
> >> then I have the br-int but 'ip link show' does not show any link
> >> 'genev_sys_' nor does 'ovs-vsctl show' any port for ovn. I assume these
> >> are when there is an actual tunnel?
> >>
> >> [root@h2 ~]# ovs-vsctl show
> >> ebb6aede-cbbc-4f4f-a88a-a9cd72b2bd23
> >>   Bridge br-int
> >>   fail_mode: secure
> >>   Port br-int
> >>   Interface br-int
> >>   type: internal
> >>   Bridge ovirtbridge
> >>   Port ovirtbridge
> >>   Interface ovirtbrid

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

2.limetransit.com vdsm-tool[3736]: return 
tool_command[cmd]["command"](*args)
Dec 29 21:08:09 h2.limetransit.com vdsm-tool[3736]: File 
"/usr/lib/python2.7/site-packages/vdsm/tool/restore_nets.py", line 41, 
in restore_command

Dec 29 21:08:09 h2.limetransit.com vdsm-tool[3736]: exec_restore(cmd)
Dec 29 21:08:09 h2.limetransit.com vdsm-tool[3736]: File 
"/usr/lib/python2.7/site-packages/vdsm/tool/restore_nets.py", line 54, 
in exec_restore
Dec 29 21:08:09 h2.limetransit.com vdsm-tool[3736]: raise 
EnvironmentError('Failed to restore the persisted networks')
Dec 29 21:08:09 h2.limetransit.com vdsm-tool[3736]: EnvironmentError: 
Failed to restore the persisted networks


So I remove the nameservers section as well. At first I could not get it 
to work, as vdsm-network would find the backup file 
/var/lib/vdsm/persistence/netconf/nets/ovirtmgmt~ but after removing 
that it worked fine.


Not sure when nameservers and defaultroute was set in vdsm as it worked 
on reboot before.

/Sverker

Den 2016-12-29 kl. 14:20, skrev Sverker Abrahamsson:


The specific command most likely fails because there is no chain named 
libvirt-J-vnet0, but when should that have been created?

/Sverker

 Vidarebefordrat meddelande 
Ämne: 	Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt 
network

Datum:  Thu, 29 Dec 2016 08:06:29 -0500 (EST)
Från:   Marcin Mirecki <mmire...@redhat.com>
Till:   Sverker Abrahamsson <sver...@abrahamsson.com>
Kopia: 	Ovirt Users <users@ovirt.org>, Lance Richardson 
<lrich...@redhat.com>, Numan Siddique <nusid...@redhat.com>




Let me add the OVN team.

Lance, Numan,

Can you please look at this?

Trying to plug a vNIC results in:
> >>>>>> Dec 28 23:31:35 h2 ovs-vsctl: ovs|1|vsctl|INFO|Called as ovs-vsctl
> >>>>>> --timeout=5 -- --if-exists del-port vnet0 -- add-port br-int vnet0 --
> >>>>>> set Interface vnet0 "external-ids:attached-mac=\"00:1a:4a:16:01:51\""
> >>>>>> -- set Interface vnet0
> >>>>>> "external-ids:iface-id=\"e8853aac-8a75-41b0-8010-e630017dcdd8\"" --
> >>>>>> set Interface vnet0
> >>>>>> "external-ids:vm-id=\"b9440d60-ef5a-4e2b-83cf-081df7c09e6f\"" -- set
> >>>>>> Interface vnet0 external-ids:iface-status=active
> >>>>>> Dec 28 23:31:35 h2 kernel: device vnet0 entered promiscuous mode
> >>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
> >>>>>> '/usr/sbin/ebtables --concurrent -t nat -D PREROUTING -i vnet0 -j
> >>>>>> libvirt-J-vnet0' failed:
> >>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:

More details below


- Original Message -
> From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
> To: "Marcin Mirecki"<mmire...@redhat.com>
> Cc: "Ovirt Users"<users@ovirt.org>
> Sent: Thursday, December 29, 2016 1:42:11 PM
> Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network
>
> Hi
> Same problem still..
> /Sverker
>
> Den 2016-12-29 kl. 13:34, skrev Marcin Mirecki:
> > Hi,
> >
> > The tunnels are created to connect multiple OVN controllers.
> > If there is only one, there is no need for the tunnels, so none
> > will be created, this is the correct behavior.
> >
> > Does the problem still occur after setting configuring the OVN-controller?
> >
> > Marcin
> >
> > - Original Message -
> >> From: "Sverker Abrahamsson"<sver...@abrahamsson.com>
> >> To: "Marcin Mirecki"<mmire...@redhat.com>
> >> Cc: "Ovirt Users"<users@ovirt.org>
> >> Sent: Thursday, December 29, 2016 11:44:32 AM
> >> Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
> >> network
> >>
> >> Hi
> >> The rpm packages you listed in the other mail are installed but I had
> >> not run vdsm-tool ovn-config to create tunnel as the OVN controller is
> >> on the same host.
> >>
> >> [root@h2 ~]# rpm -q openvswitch-ovn-common
> >> openvswitch-ovn-common-2.6.90-1.el7.centos.x86_64
> >> [root@h2 ~]# rpm -q openvswitch-ovn-host
> >> openvswitch-ovn-host-2.6.90-1.el7.centos.x86_64
> >> [root@h2 ~]# rpm -q python-openvswitch
> >> python-openvswitch-2.6.90-1.el7.centos.noarch
> >>
> >> After removing my manually created br-int and run
> >>
> >> vdsm-tool ovn-config 127.0.0.1 172.27.1.1
> >>
> >> then I have the br-int but 'ip link show' does not show any link

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

The specific command most likely fails because there is no chain named 
libvirt-J-vnet0, but when should that have been created?

/Sverker

 Vidarebefordrat meddelande 
Ämne:   Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network
Datum:  Thu, 29 Dec 2016 08:06:29 -0500 (EST)
Från:   Marcin Mirecki <mmire...@redhat.com>
Till:   Sverker Abrahamsson <sver...@abrahamsson.com>
Kopia: 	Ovirt Users <users@ovirt.org>, Lance Richardson 
<lrich...@redhat.com>, Numan Siddique <nusid...@redhat.com>




Let me add the OVN team.

Lance, Numan,

Can you please look at this?

Trying to plug a vNIC results in:

>>>>>> Dec 28 23:31:35 h2 ovs-vsctl: ovs|1|vsctl|INFO|Called as ovs-vsctl
>>>>>> --timeout=5 -- --if-exists del-port vnet0 -- add-port br-int vnet0 --
>>>>>> set Interface vnet0 "external-ids:attached-mac=\"00:1a:4a:16:01:51\""
>>>>>> -- set Interface vnet0
>>>>>> "external-ids:iface-id=\"e8853aac-8a75-41b0-8010-e630017dcdd8\"" --
>>>>>> set Interface vnet0
>>>>>> "external-ids:vm-id=\"b9440d60-ef5a-4e2b-83cf-081df7c09e6f\"" -- set
>>>>>> Interface vnet0 external-ids:iface-status=active
>>>>>> Dec 28 23:31:35 h2 kernel: device vnet0 entered promiscuous mode
>>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
>>>>>> '/usr/sbin/ebtables --concurrent -t nat -D PREROUTING -i vnet0 -j
>>>>>> libvirt-J-vnet0' failed:
>>>>>> Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:


More details below


- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Thursday, December 29, 2016 1:42:11 PM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

Hi
Same problem still..
/Sverker

Den 2016-12-29 kl. 13:34, skrev Marcin Mirecki:
> Hi,
>
> The tunnels are created to connect multiple OVN controllers.
> If there is only one, there is no need for the tunnels, so none
> will be created, this is the correct behavior.
>
> Does the problem still occur after setting configuring the OVN-controller?
>
> Marcin
>
> - Original Message -
>> From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
>> To: "Marcin Mirecki" <mmire...@redhat.com>
>> Cc: "Ovirt Users" <users@ovirt.org>
>> Sent: Thursday, December 29, 2016 11:44:32 AM
>> Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
>> network
>>
>> Hi
>> The rpm packages you listed in the other mail are installed but I had
>> not run vdsm-tool ovn-config to create tunnel as the OVN controller is
>> on the same host.
>>
>> [root@h2 ~]# rpm -q openvswitch-ovn-common
>> openvswitch-ovn-common-2.6.90-1.el7.centos.x86_64
>> [root@h2 ~]# rpm -q openvswitch-ovn-host
>> openvswitch-ovn-host-2.6.90-1.el7.centos.x86_64
>> [root@h2 ~]# rpm -q python-openvswitch
>> python-openvswitch-2.6.90-1.el7.centos.noarch
>>
>> After removing my manually created br-int and run
>>
>> vdsm-tool ovn-config 127.0.0.1 172.27.1.1
>>
>> then I have the br-int but 'ip link show' does not show any link
>> 'genev_sys_' nor does 'ovs-vsctl show' any port for ovn. I assume these
>> are when there is an actual tunnel?
>>
>> [root@h2 ~]# ovs-vsctl show
>> ebb6aede-cbbc-4f4f-a88a-a9cd72b2bd23
>>   Bridge br-int
>>   fail_mode: secure
>>   Port br-int
>>   Interface br-int
>>   type: internal
>>   Bridge ovirtbridge
>>   Port ovirtbridge
>>   Interface ovirtbridge
>>   type: internal
>>   Bridge "ovsbridge0"
>>   Port "ovsbridge0"
>>   Interface "ovsbridge0"
>>   type: internal
>>   Port "eth0"
>>   Interface "eth0"
>>   ovs_version: "2.6.90"
>>
>> [root@h2 ~]# ip link show
>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode
>> DEFAULT qlen 1
>>   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>> 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
>> master ovs-system state UP mode DEFAULT qlen 1000
>>   link/ether 44:8a:5b:84:7d:b3 brd ff:ff:ff:ff:ff:ff
>> 3: ovs-system: <B

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Hi
Same problem still..
/Sverker

Den 2016-12-29 kl. 13:34, skrev Marcin Mirecki:

Hi,

The tunnels are created to connect multiple OVN controllers.
If there is only one, there is no need for the tunnels, so none
will be created, this is the correct behavior.

Does the problem still occur after setting configuring the OVN-controller?

Marcin

- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Thursday, December 29, 2016 11:44:32 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

Hi
The rpm packages you listed in the other mail are installed but I had
not run vdsm-tool ovn-config to create tunnel as the OVN controller is
on the same host.

[root@h2 ~]# rpm -q openvswitch-ovn-common
openvswitch-ovn-common-2.6.90-1.el7.centos.x86_64
[root@h2 ~]# rpm -q openvswitch-ovn-host
openvswitch-ovn-host-2.6.90-1.el7.centos.x86_64
[root@h2 ~]# rpm -q python-openvswitch
python-openvswitch-2.6.90-1.el7.centos.noarch

After removing my manually created br-int and run

vdsm-tool ovn-config 127.0.0.1 172.27.1.1

then I have the br-int but 'ip link show' does not show any link
'genev_sys_' nor does 'ovs-vsctl show' any port for ovn. I assume these
are when there is an actual tunnel?

[root@h2 ~]# ovs-vsctl show
ebb6aede-cbbc-4f4f-a88a-a9cd72b2bd23
  Bridge br-int
  fail_mode: secure
  Port br-int
  Interface br-int
  type: internal
  Bridge ovirtbridge
  Port ovirtbridge
  Interface ovirtbridge
  type: internal
  Bridge "ovsbridge0"
  Port "ovsbridge0"
  Interface "ovsbridge0"
  type: internal
  Port "eth0"
  Interface "eth0"
  ovs_version: "2.6.90"

[root@h2 ~]# ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode
DEFAULT qlen 1
  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast
master ovs-system state UP mode DEFAULT qlen 1000
  link/ether 44:8a:5b:84:7d:b3 brd ff:ff:ff:ff:ff:ff
3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode
DEFAULT qlen 1000
  link/ether 5a:14:cf:28:47:e2 brd ff:ff:ff:ff:ff:ff
4: ovsbridge0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UNKNOWN mode DEFAULT qlen 1000
  link/ether 44:8a:5b:84:7d:b3 brd ff:ff:ff:ff:ff:ff
5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode
DEFAULT qlen 1000
  link/ether 9e:b0:3a:9d:f2:4b brd ff:ff:ff:ff:ff:ff
6: ovirtbridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UNKNOWN mode DEFAULT qlen 1000
  link/ether a6:f6:e5:a4:5b:45 brd ff:ff:ff:ff:ff:ff
7: dummy0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue master
ovirtmgmt state UNKNOWN mode DEFAULT qlen 1000
  link/ether 66:e0:1c:c3:a9:d8 brd ff:ff:ff:ff:ff:ff
8: ovirtmgmt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP mode DEFAULT qlen 1000
  link/ether 66:e0:1c:c3:a9:d8 brd ff:ff:ff:ff:ff:ff

Firewall settings:
[root@h2 ~]# firewall-cmd --list-all-zones
work
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:


drop
target: DROP
icmp-block-inversion: no
interfaces:
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:


internal
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client mdns samba-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:


external
target: default
icmp-block-inversion: no
interfaces:
sources:
services: ssh
ports:
protocols:
masquerade: yes
forward-ports:
sourceports:
icmp-blocks:
rich rules:


trusted
target: ACCEPT
icmp-block-inversion: no
interfaces:
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:


home
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client mdns samba-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:


dmz
target: default
icmp-block-inversion: no
interfaces:
sources:
services: ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:


public (ac

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

uot;tcp" accept
rule family="ipv4" port port="6642" protocol="tcp" accept

The db dump is attached
/Sverker
Den 2016-12-29 kl. 09:50, skrev Marcin Mirecki:

Hi,

Can you please do: "sudo ovsdb-client dump"
on the host and send me the output?

Have you configured the ovn controller to connect to the
OVN north? You can do it using "vdsm-tool ovn-config" or
using the OVN tools directly.
Please check out: https://www.ovirt.org/blog/2016/11/ovirt-provider-ovn/
for details.

Also please note that the OVN provider is completely different
from the neutron-openvswitch plugin. Please don't mix the two.

Marcin


- Original Message -

From: "Marcin Mirecki" <mmire...@redhat.com>
To: "Sverker Abrahamsson" <sver...@abrahamsson.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Thursday, December 29, 2016 9:27:19 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

Hi,

br-int is the OVN integration bridge, it should have been created
when installing OVN. I assume you have the following packages installed
on the host:
 openvswitch-ovn-common
 openvswitch-ovn-host
 python-openvswitch

Please give me some time to look at the connectivity problem.

Marcin



- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Thursday, December 29, 2016 12:47:04 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
network

From
/usr/libexec/vdsm/hooks/before_device_create/ovirt_provider_ovn_hook
(installed by ovirt-provider-ovn-driver rpm):

BRIDGE_NAME = 'br-int'


Den 2016-12-28 kl. 23:56, skrev Sverker Abrahamsson:

Googling on the message about br-int suggested adding that bridge to ovs:

ovs-vsctl add-br br-int

Then the VM is able to boot, but it fails to get network connectivity.
Output in /var/log/messages:

Dec 28 23:31:35 h2 ovs-vsctl: ovs|1|vsctl|INFO|Called as ovs-vsctl
--timeout=5 -- --if-exists del-port vnet0 -- add-port br-int vnet0 --
set Interface vnet0 "external-ids:attached-mac=\"00:1a:4a:16:01:51\""
-- set Interface vnet0
"external-ids:iface-id=\"e8853aac-8a75-41b0-8010-e630017dcdd8\"" --
set Interface vnet0
"external-ids:vm-id=\"b9440d60-ef5a-4e2b-83cf-081df7c09e6f\"" -- set
Interface vnet0 external-ids:iface-status=active
Dec 28 23:31:35 h2 kernel: device vnet0 entered promiscuous mode
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -D PREROUTING -i vnet0 -j
libvirt-J-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -D POSTROUTING -o vnet0 -j
libvirt-P-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -L libvirt-J-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -L libvirt-P-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -F libvirt-J-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -X libvirt-J-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -F libvirt-P-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -X libvirt-P-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -F J-vnet0-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -X J-vnet0-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -F J-vnet0-arp-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/ebtables --concurrent -t nat -X J-vnet0-arp-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/iptables -w2 -w -D libvirt-out -m physdev
--physdev-is-bridged --physdev-out vnet0 -g FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/iptables -w2 -w -D libvirt-out -m physdev --physdev-out
vnet0 -g FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/iptables -w2 -w -D libvirt-in -m physdev --physdev-in vnet0
-g FI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/iptables -w2 -w -D libvirt-host-in -m physdev --physdev-in
vnet0 -g HI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/iptables -w2 -w -F FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED:
'/usr/sbin/iptables -w2 -w -X FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMM

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

From 
/usr/libexec/vdsm/hooks/before_device_create/ovirt_provider_ovn_hook 
(installed by ovirt-provider-ovn-driver rpm):


BRIDGE_NAME = 'br-int'


Den 2016-12-28 kl. 23:56, skrev Sverker Abrahamsson:

Googling on the message about br-int suggested adding that bridge to ovs:

ovs-vsctl add-br br-int

Then the VM is able to boot, but it fails to get network connectivity. 
Output in /var/log/messages:


Dec 28 23:31:35 h2 ovs-vsctl: ovs|1|vsctl|INFO|Called as ovs-vsctl 
--timeout=5 -- --if-exists del-port vnet0 -- add-port br-int vnet0 -- 
set Interface vnet0 "external-ids:attached-mac=\"00:1a:4a:16:01:51\"" 
-- set Interface vnet0 
"external-ids:iface-id=\"e8853aac-8a75-41b0-8010-e630017dcdd8\"" -- 
set Interface vnet0 
"external-ids:vm-id=\"b9440d60-ef5a-4e2b-83cf-081df7c09e6f\"" -- set 
Interface vnet0 external-ids:iface-status=active

Dec 28 23:31:35 h2 kernel: device vnet0 entered promiscuous mode
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -D PREROUTING -i vnet0 -j 
libvirt-J-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -D POSTROUTING -o vnet0 -j 
libvirt-P-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -L libvirt-J-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -L libvirt-P-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -F libvirt-J-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -X libvirt-J-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -F libvirt-P-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -X libvirt-P-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -F J-vnet0-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -X J-vnet0-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -F J-vnet0-arp-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -X J-vnet0-arp-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -D libvirt-out -m physdev 
--physdev-is-bridged --physdev-out vnet0 -g FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -D libvirt-out -m physdev --physdev-out 
vnet0 -g FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -D libvirt-in -m physdev --physdev-in vnet0 
-g FI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -D libvirt-host-in -m physdev --physdev-in 
vnet0 -g HI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -F FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -X FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -F FI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -X FI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -F HI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -X HI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -E FP-vnet0 FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -E FJ-vnet0 FI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/iptables -w2 -w -E HJ-vnet0 HI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -D libvirt-out -m physdev 
--physdev-is-bridged --physdev-out vnet0 -g FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -D libvirt-out -m physdev --physdev-out 
vnet0 -g FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -D libvirt-in -m physdev --physdev-in 
vnet0 -g FI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -D libvirt-host-in -m physdev --physdev-in 
vnet0 -g HI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -F FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -X FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/us

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

ED: 
'/usr/sbin/ip6tables -w2 -w -F HI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -X HI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -E FP-vnet0 FO-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -E FJ-vnet0 FI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ip6tables -w2 -w -E HJ-vnet0 HI-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -D PREROUTING -i vnet0 -j 
libvirt-I-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -D POSTROUTING -o vnet0 -j 
libvirt-O-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -L libvirt-I-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -L libvirt-O-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -F libvirt-I-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -X libvirt-I-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -F libvirt-O-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -X libvirt-O-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -L libvirt-P-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -E libvirt-P-vnet0 
libvirt-O-vnet0' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -F I-vnet0-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -X I-vnet0-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -F I-vnet0-arp-mac' failed:
Dec 28 23:31:35 h2 firewalld: WARNING: COMMAND_FAILED: 
'/usr/sbin/ebtables --concurrent -t nat -X I-vnet0-arp-mac' failed:



[root@h2 etc]# ovs-vsctl show
ebb6aede-cbbc-4f4f-a88a-a9cd72b2bd23
Bridge ovirtbridge
Port "ovirtport0"
Interface "ovirtport0"
type: internal
Port ovirtbridge
Interface ovirtbridge
type: internal
Bridge "ovsbridge0"
Port "ovsbridge0"
Interface "ovsbridge0"
type: internal
Port "eth0"
Interface "eth0"
Bridge br-int
Port br-int
Interface br-int
type: internal
Port "vnet0"
Interface "vnet0"
ovs_version: "2.6.90"

Searching through the code it appears that br-int comes from 
neutron-openvswitch plugin ??


[root@h2 share]# rpm -qf 
/usr/share/otopi/plugins/ovirt-host-deploy/openstack/neutron_openvswitch.py

ovirt-host-deploy-1.6.0-0.0.master.20161215101008.gitb76ad50.el7.centos.noarch

/Sverker

Den 2016-12-28 kl. 23:24, skrev Sverker Abrahamsson:

In addition I had to add an alias to modprobe:

[root@h2 modprobe.d]# cat dummy.conf
alias dummy0 dummy


Den 2016-12-28 kl. 23:03, skrev Sverker Abrahamsson:

Hi
I first tried to set device name to dummy_0, but then ifup did not 
succeed in creating the device unless I first did 'ip link add 
dummy_0 type dummy' but then it would not suceed to establish the if 
on reboot.


Setting fake_nics = dummy0 would not work neither, but this works:

fake_nics = dummy*

The engine is now able to find the if and assign bridge ovirtmgmt to it.

However, I then run into the next issue when starting a VM:

2016-12-28 22:28:23,897 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(ForkJoinPool-1-worker-2) [] Correlation ID: null, Call Stack: null, 
Custom Event ID: -1, Message: VM CentOS7 is down with error. Exit 
message: Cannot get interface MTU on 'br-int': No such device.


This VM has a nic on ovirtbridge, which comes from the OVN provider.

/Sverker

Den 2016-12-28 kl. 14:38, skrev Marcin Mirecki:

Sverker,

Can you try adding a vnic named veth_* or dummy_*,
(or alternatively add the name of the vnic to
vdsm.config fake_nics), and setup the management
network using this vnic?
I suppose adding the vnic you use for connecting
to the engine to fake_nics should make it visible
to the engine, and you should be able to use it for
the setup.

Marcin



- Original Message -

From: "Marcin Mirecki" <mmire...@redhat.com>
To: "Sverker Abrahamsson" <sver...@abrahamsson.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Wednesday, December 28, 2016 12:06:26 PM

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

In addition I had to add an alias to modprobe:

[root@h2 modprobe.d]# cat dummy.conf
alias dummy0 dummy


Den 2016-12-28 kl. 23:03, skrev Sverker Abrahamsson:

Hi
I first tried to set device name to dummy_0, but then ifup did not 
succeed in creating the device unless I first did 'ip link add dummy_0 
type dummy' but then it would not suceed to establish the if on reboot.


Setting fake_nics = dummy0 would not work neither, but this works:

fake_nics = dummy*

The engine is now able to find the if and assign bridge ovirtmgmt to it.

However, I then run into the next issue when starting a VM:

2016-12-28 22:28:23,897 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(ForkJoinPool-1-worker-2) [] Correlation ID: null, Call Stack: null, 
Custom Event ID: -1, Message: VM CentOS7 is down with error. Exit 
message: Cannot get interface MTU on 'br-int': No such device.


This VM has a nic on ovirtbridge, which comes from the OVN provider.

/Sverker

Den 2016-12-28 kl. 14:38, skrev Marcin Mirecki:

Sverker,

Can you try adding a vnic named veth_* or dummy_*,
(or alternatively add the name of the vnic to
vdsm.config fake_nics), and setup the management
network using this vnic?
I suppose adding the vnic you use for connecting
to the engine to fake_nics should make it visible
to the engine, and you should be able to use it for
the setup.

Marcin



- Original Message -

From: "Marcin Mirecki" <mmire...@redhat.com>
To: "Sverker Abrahamsson" <sver...@abrahamsson.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Wednesday, December 28, 2016 12:06:26 PM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory 
ovirtmgmt network



I have an internal OVS bridge called ovirtbridge which has a port with
IP address, but in the host network settings that port is not visible.
I just verified and unfortunately the virtual ports are not visible 
in engine

to assign a network to :(
I'm afraid that the engine is not ready for such a scenario (even if it
works).
Please give me some time to look for a solution.

- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Wednesday, December 28, 2016 11:48:24 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
network

Hi Marcin
Yes, that is my issue. I don't want to let ovirt/vdsm see eth0 nor
ovsbridge0 since as soon as it sees them it messes up the network 
config

so that the host will be unreachable.

I have an internal OVS bridge called ovirtbridge which has a port with
IP address, but in the host network settings that port is not visible.
It doesn't help to name it ovirtmgmt.

The engine is able to communicate with the host on the ip it has been
given, it's just that it believes that it HAS to have a ovirtmgmt
network which can't be on OVN.

/Sverker


Den 2016-12-28 kl. 10:45, skrev Marcin Mirecki:

Hi Sverker,

The management network is mandatory on each host. It's used by the
engine to communicate with the host.
Looking at your description and the exception it looks like it is
missing.
The error is caused by not having any network for the host
(network list retrieved in 
InterfaceDaoImpl.getHostNetworksByCluster -

which
gets all the networks on nics for a host from vds_interface table 
in the

DB).

Could you maybe create a virtual nic connected to ovsbridge0 (as I
understand you
have no physical nic available) and use this for the management 
network?



I then create a bridge for use with ovirt, with a private address.
I'm not quite sure I understand. Is this yet another bridge 
connected to

ovsbridge0?
You could also attach the vnic for the management network here if 
need

be.

Please keep in mind that OVN has no use in setting up the management
network.
The OVN provider can only handle external networks, which can not 
be used

for a
management network.

Marcin


- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: users@ovirt.org
Sent: Wednesday, December 28, 2016 12:39:59 AM
Subject: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
network



Hi
For long time I've been looking for proper support in ovirt for Open
vSwitch
so I'm happy that it is moving in the right direction. However, 
there

seems
to still be a dependency on a ovirtmgmt bridge and I'm unable to 
move

that
to the OVN provider.

The hosting center where I rent hw instances has a bit special 
network

setup,
so I have one physical network port with a /32 netmask and
point-to-point
config to router. The physical port I connect to a ovs bridge 
which has

the
public ip. Since ovirt always messes up the network config when I've
tried
to let it have access to the network config for the physical 
port, I've

set
eht0 and ovsbridge0 as hidden in vdsm.conf.


I then create a bridge f

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Hi
I first tried to set device name to dummy_0, but then ifup did not 
succeed in creating the device unless I first did 'ip link add dummy_0 
type dummy' but then it would not suceed to establish the if on reboot.


Setting fake_nics = dummy0 would not work neither, but this works:

fake_nics = dummy*

The engine is now able to find the if and assign bridge ovirtmgmt to it.

However, I then run into the next issue when starting a VM:

2016-12-28 22:28:23,897 ERROR 
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] 
(ForkJoinPool-1-worker-2) [] Correlation ID: null, Call Stack: null, 
Custom Event ID: -1, Message: VM CentOS7 is down with error. Exit 
message: Cannot get interface MTU on 'br-int': No such device.


This VM has a nic on ovirtbridge, which comes from the OVN provider.

/Sverker

Den 2016-12-28 kl. 14:38, skrev Marcin Mirecki:

Sverker,

Can you try adding a vnic named veth_* or dummy_*,
(or alternatively add the name of the vnic to
vdsm.config fake_nics), and setup the management
network using this vnic?
I suppose adding the vnic you use for connecting
to the engine to fake_nics should make it visible
to the engine, and you should be able to use it for
the setup.

Marcin



- Original Message -

From: "Marcin Mirecki" <mmire...@redhat.com>
To: "Sverker Abrahamsson" <sver...@abrahamsson.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Wednesday, December 28, 2016 12:06:26 PM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network


I have an internal OVS bridge called ovirtbridge which has a port with
IP address, but in the host network settings that port is not visible.

I just verified and unfortunately the virtual ports are not visible in engine
to assign a network to :(
I'm afraid that the engine is not ready for such a scenario (even if it
works).
Please give me some time to look for a solution.

- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Wednesday, December 28, 2016 11:48:24 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
network

Hi Marcin
Yes, that is my issue. I don't want to let ovirt/vdsm see eth0 nor
ovsbridge0 since as soon as it sees them it messes up the network config
so that the host will be unreachable.

I have an internal OVS bridge called ovirtbridge which has a port with
IP address, but in the host network settings that port is not visible.
It doesn't help to name it ovirtmgmt.

The engine is able to communicate with the host on the ip it has been
given, it's just that it believes that it HAS to have a ovirtmgmt
network which can't be on OVN.

/Sverker


Den 2016-12-28 kl. 10:45, skrev Marcin Mirecki:

Hi Sverker,

The management network is mandatory on each host. It's used by the
engine to communicate with the host.
Looking at your description and the exception it looks like it is
missing.
The error is caused by not having any network for the host
(network list retrieved in InterfaceDaoImpl.getHostNetworksByCluster -
which
gets all the networks on nics for a host from vds_interface table in the
DB).

Could you maybe create a virtual nic connected to ovsbridge0 (as I
understand you
have no physical nic available) and use this for the management network?


I then create a bridge for use with ovirt, with a private address.

I'm not quite sure I understand. Is this yet another bridge connected to
ovsbridge0?
You could also attach the vnic for the management network here if need
be.

Please keep in mind that OVN has no use in setting up the management
network.
The OVN provider can only handle external networks, which can not be used
for a
management network.

Marcin


- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: users@ovirt.org
Sent: Wednesday, December 28, 2016 12:39:59 AM
Subject: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt
network



Hi
For long time I've been looking for proper support in ovirt for Open
vSwitch
so I'm happy that it is moving in the right direction. However, there
seems
to still be a dependency on a ovirtmgmt bridge and I'm unable to move
that
to the OVN provider.

The hosting center where I rent hw instances has a bit special network
setup,
so I have one physical network port with a /32 netmask and
point-to-point
config to router. The physical port I connect to a ovs bridge which has
the
public ip. Since ovirt always messes up the network config when I've
tried
to let it have access to the network config for the physical port, I've
set
eht0 and ovsbridge0 as hidden in vdsm.conf.


I then create a bridge for use with ovirt, with a private address. With
the
OVN provider I am now able to import these into the engine and it looks
good. When creating a VM I can select that it will have a vNic on my

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

I have tried various variants to create an interface with the dummy 
driver, currently I have an interface dummy0 which is assigned to a 
legacy bridge ovirtmgmt but ovirt-engine doesn't see those neither.

/Sverker


Den 2016-12-28 kl. 12:06, skrev Marcin Mirecki:

I have an internal OVS bridge called ovirtbridge which has a port with
IP address, but in the host network settings that port is not visible.

I just verified and unfortunately the virtual ports are not visible in engine 
to assign a network to :(
I'm afraid that the engine is not ready for such a scenario (even if it works).
Please give me some time to look for a solution.

- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: "Marcin Mirecki" <mmire...@redhat.com>
Cc: "Ovirt Users" <users@ovirt.org>
Sent: Wednesday, December 28, 2016 11:48:24 AM
Subject: Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

Hi Marcin
Yes, that is my issue. I don't want to let ovirt/vdsm see eth0 nor
ovsbridge0 since as soon as it sees them it messes up the network config
so that the host will be unreachable.

I have an internal OVS bridge called ovirtbridge which has a port with
IP address, but in the host network settings that port is not visible.
It doesn't help to name it ovirtmgmt.

The engine is able to communicate with the host on the ip it has been
given, it's just that it believes that it HAS to have a ovirtmgmt
network which can't be on OVN.

/Sverker


Den 2016-12-28 kl. 10:45, skrev Marcin Mirecki:

Hi Sverker,

The management network is mandatory on each host. It's used by the
engine to communicate with the host.
Looking at your description and the exception it looks like it is missing.
The error is caused by not having any network for the host
(network list retrieved in InterfaceDaoImpl.getHostNetworksByCluster -
which
gets all the networks on nics for a host from vds_interface table in the
DB).

Could you maybe create a virtual nic connected to ovsbridge0 (as I
understand you
have no physical nic available) and use this for the management network?


I then create a bridge for use with ovirt, with a private address.

I'm not quite sure I understand. Is this yet another bridge connected to
ovsbridge0?
You could also attach the vnic for the management network here if need be.

Please keep in mind that OVN has no use in setting up the management
network.
The OVN provider can only handle external networks, which can not be used
for a
management network.

Marcin


- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: users@ovirt.org
Sent: Wednesday, December 28, 2016 12:39:59 AM
Subject: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network



Hi
For long time I've been looking for proper support in ovirt for Open
vSwitch
so I'm happy that it is moving in the right direction. However, there
seems
to still be a dependency on a ovirtmgmt bridge and I'm unable to move that
to the OVN provider.

The hosting center where I rent hw instances has a bit special network
setup,
so I have one physical network port with a /32 netmask and point-to-point
config to router. The physical port I connect to a ovs bridge which has
the
public ip. Since ovirt always messes up the network config when I've tried
to let it have access to the network config for the physical port, I've
set
eht0 and ovsbridge0 as hidden in vdsm.conf.


I then create a bridge for use with ovirt, with a private address. With
the
OVN provider I am now able to import these into the engine and it looks
good. When creating a VM I can select that it will have a vNic on my OVS
bridge.

However, I can't start the VM as an exception is thrown in the log:

2016-12-28 00:13:33,350 ERROR [org.ovirt.engine.core.bll.RunVmCommand]
(default task-5) [3c882d53] Error during ValidateFailure.:
java.lang.NullPointerException
at
org.ovirt.engine.core.bll.scheduling.policyunits.NetworkPolicyUnit.validateRequiredNetworksAvailable(NetworkPolicyUnit.java:140)
[bll.jar:]
at
org.ovirt.engine.core.bll.scheduling.policyunits.NetworkPolicyUnit.filter(NetworkPolicyUnit.java:69)
[bll.jar:]
at
org.ovirt.engine.core.bll.scheduling.SchedulingManager.runInternalFilters(SchedulingManager.java:597)
[bll.jar:]
at
org.ovirt.engine.core.bll.scheduling.SchedulingManager.runFilters(SchedulingManager.java:564)
[bll.jar:]
at
org.ovirt.engine.core.bll.scheduling.SchedulingManager.canSchedule(SchedulingManager.java:494)
[bll.jar:]
at
org.ovirt.engine.core.bll.validator.RunVmValidator.canRunVm(RunVmValidator.java:133)
[bll.jar:]
at org.ovirt.engine.core.bll.RunVmCommand.validate(RunVmCommand.java:940)
[bll.jar:]
at
org.ovirt.engine.core.bll.CommandBase.internalValidate(CommandBase.java:886)
[bll.jar:]
at
org.ovirt.engine.core.bll.CommandBase.validateOnly(CommandBase.java:366)
[bll.jar:]
at
org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.can

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Hi Marcin
Yes, that is my issue. I don't want to let ovirt/vdsm see eth0 nor 
ovsbridge0 since as soon as it sees them it messes up the network config 
so that the host will be unreachable.


I have an internal OVS bridge called ovirtbridge which has a port with 
IP address, but in the host network settings that port is not visible. 
It doesn't help to name it ovirtmgmt.


The engine is able to communicate with the host on the ip it has been 
given, it's just that it believes that it HAS to have a ovirtmgmt 
network which can't be on OVN.


/Sverker


Den 2016-12-28 kl. 10:45, skrev Marcin Mirecki:

Hi Sverker,

The management network is mandatory on each host. It's used by the
engine to communicate with the host.
Looking at your description and the exception it looks like it is missing.
The error is caused by not having any network for the host
(network list retrieved in InterfaceDaoImpl.getHostNetworksByCluster - which
gets all the networks on nics for a host from vds_interface table in the DB).

Could you maybe create a virtual nic connected to ovsbridge0 (as I understand 
you
have no physical nic available) and use this for the management network?


I then create a bridge for use with ovirt, with a private address.

I'm not quite sure I understand. Is this yet another bridge connected to 
ovsbridge0?
You could also attach the vnic for the management network here if need be.

Please keep in mind that OVN has no use in setting up the management network.
The OVN provider can only handle external networks, which can not be used for a
management network.

Marcin


- Original Message -

From: "Sverker Abrahamsson" <sver...@abrahamsson.com>
To: users@ovirt.org
Sent: Wednesday, December 28, 2016 12:39:59 AM
Subject: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network



Hi
For long time I've been looking for proper support in ovirt for Open vSwitch
so I'm happy that it is moving in the right direction. However, there seems
to still be a dependency on a ovirtmgmt bridge and I'm unable to move that
to the OVN provider.

The hosting center where I rent hw instances has a bit special network setup,
so I have one physical network port with a /32 netmask and point-to-point
config to router. The physical port I connect to a ovs bridge which has the
public ip. Since ovirt always messes up the network config when I've tried
to let it have access to the network config for the physical port, I've set
eht0 and ovsbridge0 as hidden in vdsm.conf.


I then create a bridge for use with ovirt, with a private address. With the
OVN provider I am now able to import these into the engine and it looks
good. When creating a VM I can select that it will have a vNic on my OVS
bridge.

However, I can't start the VM as an exception is thrown in the log:

2016-12-28 00:13:33,350 ERROR [org.ovirt.engine.core.bll.RunVmCommand]
(default task-5) [3c882d53] Error during ValidateFailure.:
java.lang.NullPointerException
at
org.ovirt.engine.core.bll.scheduling.policyunits.NetworkPolicyUnit.validateRequiredNetworksAvailable(NetworkPolicyUnit.java:140)
[bll.jar:]
at
org.ovirt.engine.core.bll.scheduling.policyunits.NetworkPolicyUnit.filter(NetworkPolicyUnit.java:69)
[bll.jar:]
at
org.ovirt.engine.core.bll.scheduling.SchedulingManager.runInternalFilters(SchedulingManager.java:597)
[bll.jar:]
at
org.ovirt.engine.core.bll.scheduling.SchedulingManager.runFilters(SchedulingManager.java:564)
[bll.jar:]
at
org.ovirt.engine.core.bll.scheduling.SchedulingManager.canSchedule(SchedulingManager.java:494)
[bll.jar:]
at
org.ovirt.engine.core.bll.validator.RunVmValidator.canRunVm(RunVmValidator.java:133)
[bll.jar:]
at org.ovirt.engine.core.bll.RunVmCommand.validate(RunVmCommand.java:940)
[bll.jar:]
at
org.ovirt.engine.core.bll.CommandBase.internalValidate(CommandBase.java:886)
[bll.jar:]
at org.ovirt.engine.core.bll.CommandBase.validateOnly(CommandBase.java:366)
[bll.jar:]
at
org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.canRunActions(PrevalidatingMultipleActionsRunner.java:113)
[bll.jar:]
at
org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.invokeCommands(PrevalidatingMultipleActionsRunner.java:99)
[bll.jar:]
at
org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.execute(PrevalidatingMultipleActionsRunner.java:76)
[bll.jar:]
at org.ovirt.engine.core.bll.Backend.runMultipleActionsImpl(Backend.java:613)
[bll.jar:]
at org.ovirt.engine.core.bll.Backend.runMultipleActions(Backend.java:583)
[bll.jar:]


Looking at that section of code where the exception is thrown, I see that it
iterates over host networks to find required networks, which I assume is
ovirtmgmt. In the host network setup dialog I don't see any networks at all
but it lists ovirtmgmt as required. It also list the OVN networks but these
can't be statically assigned as they are added dynamically when needed,
which is fine.

I believe that I either need to remove ovirtmgmt network or configure that it
is provided by the OVN provi

Re: [ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Hi Yaniv
I have installed ovirt-provider-ovn-1.0-1.fc24.noarch.rpm and 
ovirt-provider-ovn-driver-1.0-1.fc24.noarch.rpm

/Sverker

Den 2016-12-28 kl. 09:24, skrev Yaniv Dary:

Did you install the host side VIF driver?

Yaniv Dary Technical Product Manager Red Hat Israel Ltd. 34 Jerusalem 
Road Building A, 4th floor Ra'anana, Israel 4350109 Tel : +972 (9) 
7692306 8272306 Email: yd...@redhat.com <mailto:yd...@redhat.com> IRC 
: ydary


On Wed, Dec 28, 2016 at 1:39 AM, Sverker Abrahamsson 
<sver...@abrahamsson.com <mailto:sver...@abrahamsson.com>> wrote:


Hi
For long time I've been looking for proper support in ovirt for
Open vSwitch so I'm happy that it is moving in the right
direction. However, there seems to still be a dependency on a
ovirtmgmt bridge and I'm unable to move that to the OVN provider.

The hosting center where I rent hw instances has a bit special
network setup, so I have one physical network port with a /32
netmask and point-to-point config to router. The physical port I
connect to a ovs bridge which has the public ip. Since ovirt
always messes up the network config when I've tried to let it have
access to the network config for the physical port, I've set eht0
and ovsbridge0 as hidden in vdsm.conf.

I then create a bridge for use with ovirt, with a private address.
With the OVN provider I am now able to import these into the
engine and it looks good. When creating a VM I can select that it
will have a vNic on my OVS bridge.

However, I can't start the VM as an exception is thrown in the log:

2016-12-28 00:13:33,350 ERROR
[org.ovirt.engine.core.bll.RunVmCommand] (default task-5)
[3c882d53] Error during ValidateFailure.:
java.lang.NullPointerException
at

org.ovirt.engine.core.bll.scheduling.policyunits.NetworkPolicyUnit.validateRequiredNetworksAvailable(NetworkPolicyUnit.java:140)
[bll.jar:]
at

org.ovirt.engine.core.bll.scheduling.policyunits.NetworkPolicyUnit.filter(NetworkPolicyUnit.java:69)
[bll.jar:]
at

org.ovirt.engine.core.bll.scheduling.SchedulingManager.runInternalFilters(SchedulingManager.java:597)
[bll.jar:]
at

org.ovirt.engine.core.bll.scheduling.SchedulingManager.runFilters(SchedulingManager.java:564)
[bll.jar:]
at

org.ovirt.engine.core.bll.scheduling.SchedulingManager.canSchedule(SchedulingManager.java:494)
[bll.jar:]
at

org.ovirt.engine.core.bll.validator.RunVmValidator.canRunVm(RunVmValidator.java:133)
[bll.jar:]
at
org.ovirt.engine.core.bll.RunVmCommand.validate(RunVmCommand.java:940)
[bll.jar:]
at
org.ovirt.engine.core.bll.CommandBase.internalValidate(CommandBase.java:886)
[bll.jar:]
at
org.ovirt.engine.core.bll.CommandBase.validateOnly(CommandBase.java:366)
[bll.jar:]
at

org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.canRunActions(PrevalidatingMultipleActionsRunner.java:113)
[bll.jar:]
at

org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.invokeCommands(PrevalidatingMultipleActionsRunner.java:99)
[bll.jar:]
at

org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.execute(PrevalidatingMultipleActionsRunner.java:76)
[bll.jar:]
at
org.ovirt.engine.core.bll.Backend.runMultipleActionsImpl(Backend.java:613)
[bll.jar:]
at
org.ovirt.engine.core.bll.Backend.runMultipleActions(Backend.java:583)
[bll.jar:]

Looking at that section of code where the exception is thrown, I
see that it iterates over host networks to find required networks,
which I assume is ovirtmgmt. In the host network setup dialog I
don't see any networks at all but it lists ovirtmgmt as required.
It also list the OVN networks but these can't be statically
assigned as they are added dynamically when needed, which is fine.

I believe that I either need to remove ovirtmgmt network or
configure that it is provided by the OVN provider, but neither is
possible. Preferably it shouldn't be hardcoded which network is
management and mandatory but be possible to configure.

/Sverker

Den 2016-12-27 kl. 17:10, skrev Marcin Mirecki:

The following is a new meeting request:

Subject: OVN Deep Dive for oVirt 4.1
Organizer: "Marcin Mirecki"<mmire...@redhat.com> <mailto:mmire...@redhat.com>  


Time: Wednesday, January 11, 2017, 4:00:00 PM - 5:00:00 PM GMT +01:00 
Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna
  
Invitees:users@ovirt.org <mailto:users@ovirt.org>  



*~*~*~*~*~*~*~*~*~*

OVN (Open Virtual Networking) is a new network virtualization project that
brings virtual networking to Open vSwitch.
OVN is now availble to use as a tech preview in oVirt. It is made available
using the oVir

[ovirt-users] Issue with OVN/OVS and mandatory ovirtmgmt network

[Sverker Abrahamsson]

Hi
For long time I've been looking for proper support in ovirt for Open 
vSwitch so I'm happy that it is moving in the right direction. However, 
there seems to still be a dependency on a ovirtmgmt bridge and I'm 
unable to move that to the OVN provider.


The hosting center where I rent hw instances has a bit special network 
setup, so I have one physical network port with a /32 netmask and 
point-to-point config to router. The physical port I connect to a ovs 
bridge which has the public ip. Since ovirt always messes up the network 
config when I've tried to let it have access to the network config for 
the physical port, I've set eht0 and ovsbridge0 as hidden in vdsm.conf.


I then create a bridge for use with ovirt, with a private address. With 
the OVN provider I am now able to import these into the engine and it 
looks good. When creating a VM I can select that it will have a vNic on 
my OVS bridge.


However, I can't start the VM as an exception is thrown in the log:

2016-12-28 00:13:33,350 ERROR [org.ovirt.engine.core.bll.RunVmCommand] 
(default task-5) [3c882d53] Error during ValidateFailure.: 
java.lang.NullPointerException
at 
org.ovirt.engine.core.bll.scheduling.policyunits.NetworkPolicyUnit.validateRequiredNetworksAvailable(NetworkPolicyUnit.java:140) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.scheduling.policyunits.NetworkPolicyUnit.filter(NetworkPolicyUnit.java:69) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.scheduling.SchedulingManager.runInternalFilters(SchedulingManager.java:597) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.scheduling.SchedulingManager.runFilters(SchedulingManager.java:564) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.scheduling.SchedulingManager.canSchedule(SchedulingManager.java:494) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.validator.RunVmValidator.canRunVm(RunVmValidator.java:133) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.RunVmCommand.validate(RunVmCommand.java:940) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.CommandBase.internalValidate(CommandBase.java:886) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.CommandBase.validateOnly(CommandBase.java:366) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.canRunActions(PrevalidatingMultipleActionsRunner.java:113) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.invokeCommands(PrevalidatingMultipleActionsRunner.java:99) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.PrevalidatingMultipleActionsRunner.execute(PrevalidatingMultipleActionsRunner.java:76) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.Backend.runMultipleActionsImpl(Backend.java:613) 
[bll.jar:]
at 
org.ovirt.engine.core.bll.Backend.runMultipleActions(Backend.java:583) 
[bll.jar:]


Looking at that section of code where the exception is thrown, I see 
that it iterates over host networks to find required networks, which I 
assume is ovirtmgmt. In the host network setup dialog I don't see any 
networks at all but it lists ovirtmgmt as required. It also list the OVN 
networks but these can't be statically assigned as they are added 
dynamically when needed, which is fine.


I believe that I either need to remove ovirtmgmt network or configure 
that it is provided by the OVN provider, but neither is possible. 
Preferably it shouldn't be hardcoded which network is management and 
mandatory but be possible to configure.


/Sverker

Den 2016-12-27 kl. 17:10, skrev Marcin Mirecki:

The following is a new meeting request:

Subject: OVN Deep Dive for oVirt 4.1
Organizer: "Marcin Mirecki" 

Time: Wednesday, January 11, 2017, 4:00:00 PM - 5:00:00 PM GMT +01:00 
Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna
  
Invitees: users@ovirt.org



*~*~*~*~*~*~*~*~*~*

OVN (Open Virtual Networking) is a new network virtualization project that
brings virtual networking to Open vSwitch.
OVN is now availble to use as a tech preview in oVirt. It is made available
using the oVirt external network providers API, which allows using external
network management software inside environments managed by oVirt.
The integration with OVN will allow users to take advantage of native OVS
support for software defined networks.

The advantages of using OVN:
- ability to use large number of networks with no need for multiple host NICs
   or VLAN use
- ability to set up new network without any changes to the physical 
infrastructure
- easier to maintain due to centralized management
- good traffic isolation due to Openflow rules
- improved performance over neutron OVS plugin 
(https://blog.russellbryant.net/2016/12/19/comparing-openstack-neutron-ml2ovs-and-ovn-control-plane/)


Session outline:
- OVN overview
- oVirt external network provider API overview
- oVirt provider for OVN overview

Session link:
https://www.youtube.com/watch?v=vGeouWfKJwA

Feature Page:
https://www.ovirt.org//develop/release-management/features/ovirt-ovn-provider/

Re: [ovirt-users] Ovirt + OpenVSwitch

[Sverker Abrahamsson]

I've been giving this a new try. Unfortunately the setup script for 
hosted engine seems to be hardcoded to create a bridge on a physical 
network interface. I was somewhat successful by creating a dummy 
ovirtmgmt bridge interface and patching bridge.py to give back a static 
ip. Then the engine started up but failed later in the setup due to a 
faulty firewall rule.


I then thought that ok I'll restore the network config to the original 
settings, run the setup and then add the OpenVSwitch config. That failed 
even more miserably before I got that far..


As soon as vdsm activates it will write ifcfg files for eth0 and 
ovirtmgmt but with a config that doesn't work in my case as there are 
some additional parameters that are needed. For example it is missing 
the HWADDR setting in ifcfg-eth0. This is using the beta1 release of 4.0


Even if I boot rescue image and correct the network configuration it 
will again be overwritten by vdsm on boot.


I really need to make Ovirt understand that it must NOT change any 
network configuration on the host, just use what is provided to it and 
if there is something that it doesn't like then log the settings that 
should be changed.


How can I accomplish that?

/Sverker

On 2016-04-13 14:50, Dan Kenigsberg wrote:

On Mon, Apr 11, 2016 at 01:24:51PM +0200, Sverker Abrahamsson wrote:

Hi
My usecase is that I am setting up a lab to emulate a customers production
environment which has multiple vlans. As this is done in a hosting
environment where I don't have any control over the switches, I've created
virtual switches with OpenVSwitch which connects together a couple of
physical servers which are running virtual machines to emulate their
servers. Currently I'm running a few virtual machines created manually with
libvirt but looking for a more user friendly way of handling them.

I'm not looking at managing the network setup from Ovirt, I just want it to
use the network that is present and create VM's there.

In this case, you may want to define your ovs-based network in
libvirt (virsh net-define bla.xml) and use vdsm-hook-extnet to let ovirt
consume it.


The tweaking that I did with 3.6 was to run the hosted-engine setup but
where it failed I put the right answer in the file so that it would skip
over that part. I got that far that it attempts to start the vm but as it
doesn't give right parameters to libvirt it fails to create a port on the
bridge.

I'm not having much luck with the 4.0 alpha though, this is a separate
machine that I set up for this testing but when I run hosted-engine --deploy
it just returns without any message. I did run the cleanup script found at
http://www.ovirt.org/documentation/how-to/hosted-engine/ and rebooted in
between but still no luck

/Sverker


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Ovirt + OpenVSwitch

[Sverker Abrahamsson]

Hi
My usecase is that I am setting up a lab to emulate a customers 
production environment which has multiple vlans. As this is done in a 
hosting environment where I don't have any control over the switches, 
I've created virtual switches with OpenVSwitch which connects together a 
couple of physical servers which are running virtual machines to emulate 
their servers. Currently I'm running a few virtual machines created 
manually with libvirt but looking for a more user friendly way of 
handling them.


I'm not looking at managing the network setup from Ovirt, I just want it 
to use the network that is present and create VM's there.


The tweaking that I did with 3.6 was to run the hosted-engine setup but 
where it failed I put the right answer in the file so that it would skip 
over that part. I got that far that it attempts to start the vm but as 
it doesn't give right parameters to libvirt it fails to create a port on 
the bridge.


I'm not having much luck with the 4.0 alpha though, this is a separate 
machine that I set up for this testing but when I run hosted-engine 
--deploy it just returns without any message. I did run the cleanup 
script found at http://www.ovirt.org/documentation/how-to/hosted-engine/ 
and rebooted in between but still no luck


/Sverker

On 2016-04-07 13:49, Dan Kenigsberg wrote:

On Wed, Apr 06, 2016 at 11:57:08AM -0400, Martin Mucha wrote:

Hi,

I think OpenVSwitch should be supported in 4.0.

M.

- Original Message -

Has anybody succeeded in installing Ovirt 3.6 with hosted engine on a
server which uses OpenVSwitch for the network config?

I believe my issue is that Ovirt wants to control the network to create
a bridge for its management and I wants it to just use whatever network
is available on the host without trying to be clever about it. I was
able to tweak it to get to the final stage where it fails on waiting for
the engine to start.

Martin is right, but we should understand your usage of OpenVSwitch
first.

Do you intend to use it for networking of ovirt VMs? For something else?

How did you tweak "it" (ovirt? hosted engine? ovs?)


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Ovirt + OpenVSwitch

[Sverker Abrahamsson]

Has anybody succeeded in installing Ovirt 3.6 with hosted engine on a 
server which uses OpenVSwitch for the network config?


I believe my issue is that Ovirt wants to control the network to create 
a bridge for its management and I wants it to just use whatever network 
is available on the host without trying to be clever about it. I was 
able to tweak it to get to the final stage where it fails on waiting for 
the engine to start.


Best regards
Sverker

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users