Re: [ovirt-users] questions on OVN
> From: "Gianluca Cecchi" > To: "Marcin Mirecki" > Cc: "Ovirt Users" > Sent: Thursday, February 16, 2017 4:40:46 AM > Subject: Re: [ovirt-users] questions on OVN > > On Thu, Feb 16, 2017 at 9:54 AM, Marcin Mirecki < mmire...@redhat.com > > wrote: > > > > OVN is aleady using GENEVE, VXLAN or STT tunnels (the user can choose any), > so the isolation is already assured. > The scripts provided by ovirt configure a geneve tunnel. > You are free so override this manually to vxlan or stt if you want, let me > know if you need any howto info. > A small correction/clarification: for hypervisor-hypervisor tunnels, the only tunnel encapsulations that are currently supported are GENEVE and STT. The rationale is explained in detail at http://openvswitch.org/support/dist-docs/ovn-architecture.7.html in the "Design Decisions" section. VXLAN tunnels are supported for hypervisor-gateway tunnels only. > yes, please. > I have used in the mean time the vdsm-tool command that takes care of > creating the default geneve tunnel > In my case > vdsm-tool ovn-config 10.4.168.80 10.4.168.81 > > but I would like to know how to manually use other types too. > I watched the deep dive demo about ovn but at the bottom of the related slide > there are three lines that should be equivalent to the above command, > something like > > ovs-vsctl set open ? external-ids:ovn-remote=tcp: 10.4.168.80:6642 > ovs-vsctl set open ? external-ids:ovn-encap=type=geneve > ovs-vsctl set open ? external-ids:ovn-encap-ip=10.4.168.81 > > The ? character seems a dot or a comma, I have not understood the syntax > (what are the accepted words for type= in the second line?) > The syntax here is "ovs-vsctl set [:]=...". In this case, the table name is "Open_vSwitch", "open" can be used as a shorthand because the table name is not case-sensitive and prefixes of the table name are accepted as long as they are unique. The "." character specifies the record name as explained in the ovs-vsctl man page at http://openvswitch.org/support/dist-docs-2.5/ovs-vsctl.8.txt: Open_vSwitch Global configuration for an ovs-vswitchd. This table contains exactly one record, identified by specifying . as the record name. Valid settings for external-ids:ovn-encap-type= are given in the ovn-controller man page http://openvswitch.org/support/dist-docs-2.5/ovn-controller.8.txt: external_ids:ovn-encap-type The encapsulation type that a chassis should use to con‐ nect to this node. Multiple encapsulation types may be specified with a comma-separated list. Each listed encapsulation type will be paired with ovn-encap-ip. Supported tunnel types for connecting hypervisors are geneve and stt. Gateways may use geneve, vxlan, or stt. Due to the limited amount of metadata in vxlan, the capa‐ bilities and performance of connected gateways will be reduced versus other tunnel formats. Hope this helps, Lance > Thanks again, > Gianluca > > > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] oVirt / OVN / MTU
> From: "Lance Richardson" > To: "Devin Acosta" > Cc: "Russell Bryant" , "Numan Siddique" > , "Marcin Mirecki" > , "users" > Sent: Tuesday, December 20, 2016 4:50:53 PM > Subject: Re: oVirt / OVN / MTU > > > From: "Devin Acosta" > > To: "Russell Bryant" > > Cc: "Numan Siddique" , "Lance Richardson" > > , "Marcin Mirecki" > > , "users" > > Sent: Tuesday, December 20, 2016 4:38:32 PM > > Subject: Re: oVirt / OVN / MTU > > > > So some port got stuck on a box? Any idea what would cause this and what i > > should do to remove it? > > > > Maybe there's a better way, but you could run this on the two chassis > that are involved: > > ovs-vsctl --format table --columns=name,external-ids list Interface > > > And look for for port UUID from the log message, it should show up > with "iface-id=" on both chassis (but should appear on only one). > > Once you figure out which one is wrong, do: > > ovs-vsctl remove Interface external_ids iface-id= > If you're running a recent version of ovs master, you might just need the fix listed below which was committed yesterday (maybe you don't have a duplicate port binding after all): commit f90bb0909c5320c2421cce392ad0d4ffaecb98e7 Author: Mickey Spiegel Date: Tue Dec 20 13:23:46 2016 -0800 ovn-controller: Log chassis claiming lport only when changes occur. With recent OVN commits, the logic for a chassis to claim or release a logical port was consolidated. This is a good thing. However, there was a logic change that resulted in VLOG_INFO being generated every time on the ovn-controller. This patch changes the logic so that VLOG_INFO is only generated when there is a change, for example when the chassis claims an lport the first time. Signed-off-by: Mickey Spiegel Signed-off-by: Ben Pfaff ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] oVirt / OVN / MTU
> From: "Devin Acosta" > To: "Russell Bryant" > Cc: "Numan Siddique" , "Lance Richardson" > , "Marcin Mirecki" > , "users" > Sent: Tuesday, December 20, 2016 4:38:32 PM > Subject: Re: oVirt / OVN / MTU > > So some port got stuck on a box? Any idea what would cause this and what i > should do to remove it? > Maybe there's a better way, but you could run this on the two chassis that are involved: ovs-vsctl --format table --columns=name,external-ids list Interface And look for for port UUID from the log message, it should show up with "iface-id=" on both chassis (but should appear on only one). Once you figure out which one is wrong, do: ovs-vsctl remove Interface external_ids iface-id= ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] oVirt / OVN / MTU
Hi Devin, This blog posting does a good job of explaining how to configure OVN DHCP support: http://blog.spinhirne.com/2016/09/an-introduction-to-ovn-routing.html The ovn-nb man page lists the DHCP options that can be provided, including mtu: http://openvswitch.org/support/dist-docs/ovn-nb.5.html And the ovn-nbctl man page has details about the command-line interface for setting DHCP options: http://openvswitch.org/support/dist-docs/ovn-nbctl.8.html I have very little experience using OVN's DHCP support, I've copied Numan in case I've left anything out. Lance - Original Message - > From: "Marcin Mirecki" > To: "Devin Acosta" > Cc: "users" , "Lance Richardson" > Sent: Monday, December 12, 2016 4:35:51 AM > Subject: Re: oVirt / OVN / MTU > > Devin, > > oVirt does not currently support changing external network mtu from within > ovirt (it rather relies on the provider handling this internally). > > If you are using OVN DHCP (have subnets defined for a network), you can > modify the OVN DHCP options directly in the OVN database. > I have never actually tested this myself, but looking at the OVN > documentation, it should do the job on the ports. > > The standard OVN way to do so is to use the "ovn-vsctl set DHCP_Options ..." > command. > (Unfortunately as I am trying it now it tells me that modifying DHCP_Options > is not supported) > Alternatively, you can use the OVS python API (let me know if you need any > help on this). > > Lance, > Would changing the dhcp:options:mtu suffice? > Could you please comment on how to modify the DHCP MTU using the OVN cmd > line? > > Thanks, > Marcin > > > > - Original Message - > > From: "Devin Acosta" > > To: "Marcin Mirecki" , "users" , > > "Lance Richardson" > > Sent: Monday, December 12, 2016 1:20:59 AM > > Subject: Fwd: oVirt / OVN / MTU > > > > Marcin / Lance, > > > > Not sure if the list was working correctly, I couldn't see that my message > > below made it to the list. If I need to change the MTU settings for OVN / > > OpenVSwitch to something lower than 1500, what is the best way to do this? > > We noticed that some instances (ie: Windows 2012R2) are having issues with > > the default MTU of 1500, I think there is an issue at the upper layers, and > > we can get it to work if we manually set the MTU on the instance to say > > 1400. Is there an easy way to do this so that any VM's that come up > > automatically get MTU of 1400? > > > > Devin > > > > -- Forwarded message -- > > From: Devin Acosta > > Date: Fri, Dec 9, 2016 at 2:02 PM > > Subject: oVirt / OVN / MTU > > To: users > > > > > > > > We are running oVirt 4.0.5 and we have OVN working to provide a Virtual > > Layer 2 network. We are noticing that because the OVN is using Geneve and > > between all the firewalls and networks it crosses we are running into an > > MTU issue. What is the best suggested way to lower say the entire OVN > > network to say MTU of 1400, and also allow for fragmenting packets? > > > > > > -- > > > > Devin Acosta > > Red Hat Certified Architect, LinuxStack > > 602-354-1220 || de...@linuxguru.co > > > > > > > > -- > > > > Devin Acosta > > Red Hat Certified Architect, LinuxStack > > 602-354-1220 || de...@linuxguru.co > > > ___ Users mailing list Users@ovirt.org http://lists.phx.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances between nodes.
> From: "Devin Acosta" > To: "Lance Richardson" > Cc: "Marcin Mirecki" , "users" > Sent: Tuesday, December 6, 2016 12:07:31 PM > Subject: Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances > between nodes. > > Lance, > > It appears that firewalld was my issue, can you just confirm with me what > Ports should be opened for Geneve and OVN to work properly? > Hi Devin, That's good to hear! On the ovn-northd node, you need TCP ports 6641 and 6642 open (as mentioned in Marcin's blog), on the ovn-controller nodes you need to allow packets with destination UDP port 6081 (Geneve tunnels). Lance ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances between nodes.
> From: "Devin Acosta" > To: "Lance Richardson" > Cc: "Marcin Mirecki" , "users" > Sent: Tuesday, December 6, 2016 10:49:59 AM > Subject: Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances > between nodes. > > Lance, > > I have attached the output of each into different files. I really > appreciate your help very much. > Based on asking around about the "dropping duplicate flow:", it's a known issue that is harmless (other than the noise). I'll try to find out if someone has a fix in the works. It seems your node1 has no port bindings... is that expected? >From the counters, it looks like node2 and node3 have attempted to send packets on the geneve tunnels, but neither has received anything. Could you verify that node2 and node3 have connectivity on the IPs used for the tunnels, e.g. by trying to ping 172.10.10.75 and 172.10.10.73 from node2? If that works, the issue might be iptables rules dropping geneve packets, the simplest way around that would be to "systemctl stop firewalld" if that's running (ok for a lab environment anyway). Thanks, Lance ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances between nodes.
> From: "Devin Acosta" > To: "Lance Richardson" > Cc: "Marcin Mirecki" , "users" > Sent: Monday, December 5, 2016 11:28:17 PM > Subject: Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances > between nodes. > > Lance, > > Well I installed the new kernel module and it cleared up a lot of the > errors I was seeing in the log, but what I notice is that I still can't > ping instances between hosts. I'm starting to wonder am I missing > something fundamental here? I don't see anything in the ovs-vswitchd.log to > show tunnel? > Hi Devin, OK, some small progress then. I think the best next step would be to look at the current state of your system. Could you send the output of the following commands? On the nodes running ovn-controller: ps -fwwC ovn-controller ovs-vsctl show ovs-dpctl show -s ovs-ofctl -O OpenFlow13 dump-flows br-int On the node running ovn-northd: ovn-sbctl show ovn-sbctl dump-flows Thanks, Lance ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances between nodes.
> From: "Devin Acosta" > To: "Lance Richardson" > Cc: "Marcin Mirecki" , "users" > Sent: Monday, December 5, 2016 4:17:35 PM > Subject: Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances > between nodes. > > Lance, > > I found some interesting logs, we have (3) oVIRT nodes. > > We are running: > CentOS Linux release 7.2.1511 (Core) > Linux hostname 3.10.0-327.36.3.el7.x86_64 #1 SMP Mon Oct 24 16:09:20 UTC > 2016 x86_64 x86_64 x86_64 GNU/Linux > > 2016-12-05T20:47:56.774Z|00021|ofctrl|INFO|OpenFlow error: OFPT_ERROR > (OF1.3) (xid=0x17): OFPBAC_BAD_TYPE This (generally unintelligible message usually indicates that the kernel openvswitch module doesn't support conntrack. > > 2016-12-05T20:35:04.345Z|1|vlog|INFO|opened log file > /var/log/openvswitch/ovs-vswitchd.log > 2016-12-05T20:35:04.347Z|2|ovs_numa|INFO|Discovered 16 CPU cores on > NUMA node 0 > 2016-12-05T20:35:04.347Z|3|ovs_numa|INFO|Discovered 16 CPU cores on > NUMA node 1 > 2016-12-05T20:35:04.347Z|4|ovs_numa|INFO|Discovered 2 NUMA nodes and 32 > CPU cores > 2016-12-05T20:35:04.348Z|5|reconnect|INFO|unix:/var/run/openvswitch/db.sock: > connecting... > 2016-12-05T20:35:04.348Z|6|reconnect|INFO|unix:/var/run/openvswitch/db.sock: > connected > 2016-12-05T20:35:04.350Z|7|ofproto_dpif|INFO|system@ovs-system: > Datapath supports recirculation > 2016-12-05T20:35:04.350Z|8|ofproto_dpif|INFO|system@ovs-system: MPLS > label stack length probed as 1 > 2016-12-05T20:35:04.350Z|9|ofproto_dpif|INFO|system@ovs-system: > Datapath does not support truncate action > 2016-12-05T20:35:04.350Z|00010|ofproto_dpif|INFO|system@ovs-system: > Datapath supports unique flow ids > 2016-12-05T20:35:04.350Z|00011|ofproto_dpif|INFO|system@ovs-system: > Datapath does not support ct_state > 2016-12-05T20:35:04.350Z|00012|ofproto_dpif|INFO|system@ovs-system: > Datapath does not support ct_zone > 2016-12-05T20:35:04.350Z|00013|ofproto_dpif|INFO|system@ovs-system: > Datapath does not support ct_mark > 2016-12-05T20:35:04.350Z|00014|ofproto_dpif|INFO|system@ovs-system: > Datapath does not support ct_label > 2016-12-05T20:35:04.350Z|00015|ofproto_dpif|INFO|system@ovs-system: > Datapath does not support ct_state_nat OK, "Datapath does not support ct_*" confirms that the kernel openvswitch module doesn't support the conntrack features needed by OVN. Most likely the loaded module is the stock CentOS one, you can build the out-of-tree kernel module RPM from the same source tree where you built the other OVS/OVN RPMs via: make rpm-fedora-kmod This should leave an RPM named something like: openvswitch-kmod-2.6.90-1.el7.centos.x86_64.rpm Install that and reboot and things should be working better. Regards, Lance > > Your help is greatly appreciated! > > Devin > > On Mon, Dec 5, 2016 at 12:31 PM, Lance Richardson > wrote: > > > > From: "Devin Acosta" > > > To: "Marcin Mirecki" > > > Cc: "users" > > > Sent: Monday, December 5, 2016 12:11:46 PM > > > Subject: Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of > > instances between nodes. > > > > > > Marcin, > > > > > > Also I noticed in your original post it mentions: > > > > > > ip link - the result should include a link called genev_sys_ ... > > > > > > I noticed that on my hosts I don't see any links with name: genev_sys_ ?? > > > Could this be a problem? > > > > > > lo: > > > enp4s0f0: > > > enp4s0f1: > > > enp7s0f0: > > > enp7s0f1: > > > bond0: > > > DEV-NOC: > > > ovirtmgmt: > > > bond0.700@bond0: > > > DEV-VM-NET: > > > bond0.705@bond0: > > > ;vdsmdummy;: > > > vnet0: > > > vnet1: > > > vnet2: > > > vnet3: > > > vnet4: > > > ovs-system: > > > br-int: > > > vnet5: > > > vnet6: > > > > > > > Hi Devin, > > > > What distribution and kernel version are you using? > > > > One thing you could check is whether the vport_geneve kernel module > > is being loaded, e.g. you should see something like: > > > > $ lsmod | grep vport > > vport_geneve 12560 1 > > openvswitch 246755 5 vport_geneve > > > > If vport_geneve is not loaded, you could "sudo modprobe vport_geneve" > > to make sure it's available and can be loaded. > > > > The first 100 lines or so of ovs-vswitchd.log might have some useful > > information about where things are going wrong. > > > > It does sound as though there is some issue with geneve tunnels, > > which would certainly explain issues with inter-node traffic. > > > > Regards, > > > > Lance > > > > > > -- > > Devin Acosta > Red Hat Certified Architect, LinuxStack > 602-354-1220 || de...@linuxguru.co > ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances between nodes.
> From: "Devin Acosta" > To: "Marcin Mirecki" > Cc: "users" > Sent: Monday, December 5, 2016 12:11:46 PM > Subject: Re: [ovirt-users] oVIRT 4 / OVN / Communication issues of instances > between nodes. > > Marcin, > > Also I noticed in your original post it mentions: > > ip link - the result should include a link called genev_sys_ ... > > I noticed that on my hosts I don't see any links with name: genev_sys_ ?? > Could this be a problem? > > lo: > enp4s0f0: > enp4s0f1: > enp7s0f0: > enp7s0f1: > bond0: > DEV-NOC: > ovirtmgmt: > bond0.700@bond0: > DEV-VM-NET: > bond0.705@bond0: > ;vdsmdummy;: > vnet0: > vnet1: > vnet2: > vnet3: > vnet4: > ovs-system: > br-int: > vnet5: > vnet6: > Hi Devin, What distribution and kernel version are you using? One thing you could check is whether the vport_geneve kernel module is being loaded, e.g. you should see something like: $ lsmod | grep vport vport_geneve 12560 1 openvswitch 246755 5 vport_geneve If vport_geneve is not loaded, you could "sudo modprobe vport_geneve" to make sure it's available and can be loaded. The first 100 lines or so of ovs-vswitchd.log might have some useful information about where things are going wrong. It does sound as though there is some issue with geneve tunnels, which would certainly explain issues with inter-node traffic. Regards, Lance ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] OVN Provider setup issues
> From: "Lance Richardson" > To: "Andrea Fagiani" > Cc: "Dan Kenigsberg" , users@ovirt.org, mmire...@redhat.com > Sent: Wednesday, November 16, 2016 12:37:57 PM > Subject: Re: [ovirt-users] OVN Provider setup issues > > > From: "Andrea Fagiani" > > To: "Dan Kenigsberg" > > Cc: users@ovirt.org, "Lance Richardson" , > > mmire...@redhat.com > > Sent: Wednesday, November 16, 2016 12:24:15 PM > > Subject: Re: [ovirt-users] OVN Provider setup issues > > > > On 16/11/2016 17:23, Dan Kenigsberg wrote: > > > On Tue, Nov 08, 2016 at 09:21:13AM +0100, Andrea Fagiani wrote: > > >> Hi all, > > >> > > >> I've been messing around with the ovirt-ovn-provider [1] and I've run > > >> into > > >> some issues during the initial setup. > > >> > > >> I have a 5-node cluster (running the hosted-engine VA), LEGACY virtual > > >> switch; this test was done on a single host. Following the instructions > > >> from > > >> the aforementioned blog post, I have downloaded the ovirt-provider-ovn > > >> and > > >> ovirt-provider-ovn-driver rpms, and built the rpm packages for: > > >> > > >> - openvswitch (2.6.90) > > >> - openvswitch-ovn-common > > >> - openvswitch-ovn-host > > >> - openvswitch-ovn-central > > >> - python-openvswitch > > >> > > >> I set up a dedicated VM for the OVN controller, installed ovs and > > >> ovn-central, started the ovn-northd and ovirt-provider-ovn services. So > > >> far > > >> so good. I then moved on to the oVirt host and installed the above > > >> packages > > >> (minus ovn-central) as well as the ovirt-provider-ovn-driver provided, > > >> started the ovn-controller service and ran > > >> > > >> # vdsm-tool ovn-config > > >> > > >> Executing the suggested checks I noticed that something didn't quite go > > >> as > > >> planned. Below is the /var/log/openvswitch/ovn-controller.log from the > > >> host > > >> machine. There are no firewalls involved (not even on the servers) and I > > >> also tried disabling SELinux but to no avail. > > >> > > >> Any ideas? > > >> > > >> Thanks, > > >> Andrea > > >> > > >> [1] http://www.ovirt.org/blog/2016/11/ovirt-provider-ovn/ > > >> > > >> > > >> 2016-11-07T14:22:09.552Z|1|vlog|INFO|opened log file > > >> /var/log/openvswitch/ovn-controller.log > > >> 2016-11-07T14:22:09.553Z|2|reconnect|INFO|unix:/var/run/openvswitch/db.sock: > > >> connecting... > > >> 2016-11-07T14:22:09.553Z|3|reconnect|INFO|unix:/var/run/openvswitch/db.sock: > > >> connected > > >> 2016-11-07T14:22:09.555Z|4|reconnect|INFO|tcp:10.100.248.11:6642: > > >> connecting... > > >> 2016-11-07T14:22:09.555Z|5|reconnect|INFO|tcp:10.100.248.11:6642: > > >> connected > > >> 2016-11-07T14:22:09.556Z|6|ofctrl|INFO|unix:/var/run/openvswitch/br-int.mgmt: > > >> connecting to switch > > >> 2016-11-07T14:22:09.556Z|7|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: > > >> connecting... > > >> 2016-11-07T14:22:09.557Z|8|pinctrl|INFO|unix:/var/run/openvswitch/br-int.mgmt: > > >> connecting to switch > > >> 2016-11-07T14:22:09.557Z|9|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: > > >> connecting... > > >> 2016-11-07T14:22:09.557Z|00010|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: > > >> connected > > >> 2016-11-07T14:22:09.557Z|00011|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: > > >> connected > > >> 2016-11-07T14:22:09.558Z|00012|ofctrl|INFO|OpenFlow error: OFPT_ERROR > > >> (OF1.3) (xid=0x9): OFPBMC_BAD_FIELD > > >> OFPT_FLOW_MOD (OF1.3) (xid=0x9): > > >> (***truncated to 64 bytes from 240***) > > >> 04 0e 00 f0 00 00 00 09-00 00 00 00 00 00 00 00 > > >> || > > >> 0010 00 00 00 00 00 00 00 00-22 00 00 00 00 00 00 00 > > >> |"...| > > >> 0020 ff ff ff ff ff ff ff ff-ff ff ff ff 00 00 00 00 > > >> || > > >> 0030 00 01 00 04 00 00 00 00-00 04 00 b8 00 00 00 00 > > >> || > > > Andrea, could you tell
Re: [ovirt-users] OVN Provider setup issues
> From: "Dan Kenigsberg" > > OK, the 327 kernel did not support conntrack and cannot be used for OVN. > > > > RHEL 7.3 or newer is the minimum requirement for OVN. > > Lance, can you encode this requirement in openvswitch-ovn-host.rpm ? > > Regards, > Dan. > Hi Dan, The distribution rpms should have correct dependencies, but we don't have those yet. Unfortunately there's no practical way to do that for packages built from upstream sources. We are looking into improving error messages for this condition in OVN, FWIW, which will at least make it easier to spot. Regards, Lance ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] OVN Provider setup issues
> From: "Andrea Fagiani" > To: "Dan Kenigsberg" > Cc: users@ovirt.org, "Lance Richardson" , > mmire...@redhat.com > Sent: Wednesday, November 16, 2016 12:24:15 PM > Subject: Re: [ovirt-users] OVN Provider setup issues > > On 16/11/2016 17:23, Dan Kenigsberg wrote: > > On Tue, Nov 08, 2016 at 09:21:13AM +0100, Andrea Fagiani wrote: > >> Hi all, > >> > >> I've been messing around with the ovirt-ovn-provider [1] and I've run into > >> some issues during the initial setup. > >> > >> I have a 5-node cluster (running the hosted-engine VA), LEGACY virtual > >> switch; this test was done on a single host. Following the instructions > >> from > >> the aforementioned blog post, I have downloaded the ovirt-provider-ovn and > >> ovirt-provider-ovn-driver rpms, and built the rpm packages for: > >> > >> - openvswitch (2.6.90) > >> - openvswitch-ovn-common > >> - openvswitch-ovn-host > >> - openvswitch-ovn-central > >> - python-openvswitch > >> > >> I set up a dedicated VM for the OVN controller, installed ovs and > >> ovn-central, started the ovn-northd and ovirt-provider-ovn services. So > >> far > >> so good. I then moved on to the oVirt host and installed the above > >> packages > >> (minus ovn-central) as well as the ovirt-provider-ovn-driver provided, > >> started the ovn-controller service and ran > >> > >> # vdsm-tool ovn-config > >> > >> Executing the suggested checks I noticed that something didn't quite go as > >> planned. Below is the /var/log/openvswitch/ovn-controller.log from the > >> host > >> machine. There are no firewalls involved (not even on the servers) and I > >> also tried disabling SELinux but to no avail. > >> > >> Any ideas? > >> > >> Thanks, > >> Andrea > >> > >> [1] http://www.ovirt.org/blog/2016/11/ovirt-provider-ovn/ > >> > >> > >> 2016-11-07T14:22:09.552Z|1|vlog|INFO|opened log file > >> /var/log/openvswitch/ovn-controller.log > >> 2016-11-07T14:22:09.553Z|2|reconnect|INFO|unix:/var/run/openvswitch/db.sock: > >> connecting... > >> 2016-11-07T14:22:09.553Z|3|reconnect|INFO|unix:/var/run/openvswitch/db.sock: > >> connected > >> 2016-11-07T14:22:09.555Z|4|reconnect|INFO|tcp:10.100.248.11:6642: > >> connecting... > >> 2016-11-07T14:22:09.555Z|5|reconnect|INFO|tcp:10.100.248.11:6642: > >> connected > >> 2016-11-07T14:22:09.556Z|6|ofctrl|INFO|unix:/var/run/openvswitch/br-int.mgmt: > >> connecting to switch > >> 2016-11-07T14:22:09.556Z|7|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: > >> connecting... > >> 2016-11-07T14:22:09.557Z|8|pinctrl|INFO|unix:/var/run/openvswitch/br-int.mgmt: > >> connecting to switch > >> 2016-11-07T14:22:09.557Z|9|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: > >> connecting... > >> 2016-11-07T14:22:09.557Z|00010|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: > >> connected > >> 2016-11-07T14:22:09.557Z|00011|rconn|INFO|unix:/var/run/openvswitch/br-int.mgmt: > >> connected > >> 2016-11-07T14:22:09.558Z|00012|ofctrl|INFO|OpenFlow error: OFPT_ERROR > >> (OF1.3) (xid=0x9): OFPBMC_BAD_FIELD > >> OFPT_FLOW_MOD (OF1.3) (xid=0x9): > >> (***truncated to 64 bytes from 240***) > >> 04 0e 00 f0 00 00 00 09-00 00 00 00 00 00 00 00 > >> || > >> 0010 00 00 00 00 00 00 00 00-22 00 00 00 00 00 00 00 > >> |"...| > >> 0020 ff ff ff ff ff ff ff ff-ff ff ff ff 00 00 00 00 > >> || > >> 0030 00 01 00 04 00 00 00 00-00 04 00 b8 00 00 00 00 > >> || > > Andrea, could you tell (mostly Lance) which kernel version are you > > using? > Here is the yum info output for the kernel package on the offending host: > > Installed Packages > Name : kernel > Arch: x86_64 > Version : 3.10.0 > Release : 327.36.3.el7 > > Andrea > OK, the 327 kernel did not support conntrack and cannot be used for OVN. RHEL 7.3 or newer is the minimum requirement for OVN. Lance ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
