[ovs-discuss] ovn-ic POC problem
Han Zhou
hzhou at ovn.org
Mon May 4 03:23:14 UTC 2020
On Sun, May 3, 2020 at 4:18 AM <fangtian at ruijie.com.cn> wrote:
>
>
>
>
>
> On Wed, Apr 29, 2020 at 9:34 PM <fangtian at ruijie.com.cn> wrote:
> >
> >
> >
> > Hi all,
> >
> > I am a developer of Kube-ovn project. Currently I’m doing an
OVN-interconnect POC, the setup script is attached at the bottom.
> >
> > My problem is :as everything seems OK, but I can’t ping the Central AZ
from the East AZ.
> >
> > I did diagnose this with the ovn-trace tool ,which prompt me with the
message at the end :
> >
> >
> >
> > “egress(dp="join", inport="join-ovn-cluster", outport="node-east-1")
> >
> > -------------------------------------------------------------------
> >
> > 1. ls_out_pre_acl (ovn-northd.c:4690): ip, priority 100, uuid 7a78dffb
> >
> > reg0[0] = 1;
> >
> > next;
> >
> > 2. ls_out_pre_stateful (ovn-northd.c:4879): reg0[0] == 1, priority 100,
uuid e724b591
> >
> > ct_next;
> >
> >
> >
> > ct_next(ct_state=est|trk /* default (use --ct to customize) */)
> >
> > ---------------------------------------------------------------
> >
> > 9. ls_out_port_sec_l2 (ovn-northd.c:4564): outport == "node-east-1",
priority 50, uuid 7c98b562
> >
> > output;
> >
> > /* output to "node-east-1", type "" */
> >
> > “
> >
> > Seems the ping package was sent out from the outport "node-east-1" ,but
no response there.
> >
> >
> >
> >
> >
> > Will someone please to tell me what’s wrong with my POC setup ?
> >
> > Thanks!
> >
> > Tian
> >
>
> >
>
>
>
> >>It is hard to tell without the full topology. For example, what is the
path between the source and destination?
>
> >>Also, what's the command used to generate the ovn-trace output? What
the above trace shows is that the packet is sent out to "node-east-1", not
from. But you mentioned you were pinging from east to central, so I am
confused.
>
> >>In addition, did you check the content of IC-SB, with ovn-ic-sbctl
show? Were the ports and GWs populated in IC-SB?
>
>
>
> >>Thanks,
>
> >>Han
>
>
>
> Thanks for reply !
>
>
>
> I did trace the ping data path from the east-1 node,the message is from
the trace command。
>
> My configuration is quite simple,2 AZes with 1 node each.
>
>
>
> On the central node broker-1
>
>
>
> # ovn-ic-nbctl show
>
> Transit_Switch ts-aliyun
>
>
>
> # ovn-ic-sbctl show
>
> availability-zone central
>
> gateway 785b3dec-0af0-4906-8018-50f511bf4e4f
>
> hostname: broker-1
>
> type: geneve
>
> ip: 172.17.88.1
>
> port lsp-ovn-cluster-ts-aliyun-central
>
> transit switch: ts-aliyun
>
> address: ["1a:aa:aa:aa:aa:01 192.168.100.1/24"]
>
> availability-zone east
>
> gateway d68ac809-292e-4df0-9a45-0254750f2376
>
> hostname: east-1
>
> type: geneve
>
> ip: 172.17.88.0
>
> port lsp-ovn-cluster-ts-aliyun-east
>
> transit switch: ts-aliyun
>
> address: ["1a:aa:aa:aa:aa:02 192.168.100.2/24"]
>
> # ovn-sbctl show
>
> Chassis "d68ac809-292e-4df0-9a45-0254750f2376"
>
> hostname: east-1
>
> Encap geneve
>
> ip: "172.17.88.0"
>
> options: {csum="true"}
>
> Port_Binding lsp-ovn-cluster-ts-aliyun-east
>
> Chassis "785b3dec-0af0-4906-8018-50f511bf4e4f"
>
> hostname: broker-1
>
> Encap geneve
>
> ip: "172.17.88.1"
>
> options: {csum="true"}
>
> Port_Binding default-http-backend-67cf578fc4-66284.ingress-nginx
>
> Port_Binding tiller-deploy-67cd845dff-j7jqx.kube-system
>
> Port_Binding coredns-autoscaler-65bfc8d47d-gvvgh.kube-system
>
> Port_Binding cr-lrp-ovn-cluster-ts-aliyun-central
>
> Port_Binding kube-ovn-pinger-4hq29.kube-system
>
> Port_Binding node-broker-1
>
> Port_Binding metrics-server-6b55c64f86-l5cq5.kube-system
>
> Port_Binding coredns-7c5566588d-kgjj9.kube-system
>
>
>
> ovn-sbctl show
>
> Chassis "d68ac809-292e-4df0-9a45-0254750f2376"
>
> hostname: east-1
>
> Encap geneve
>
> ip: "172.17.88.0"
>
> options: {csum="true"}
>
> Port_Binding lsp-ovn-cluster-ts-aliyun-east
>
> Chassis "785b3dec-0af0-4906-8018-50f511bf4e4f"
>
> hostname: broker-1
>
> Encap geneve
>
> ip: "172.17.88.1"
>
> options: {csum="true"}
>
> Port_Binding default-http-backend-67cf578fc4-66284.ingress-nginx
>
> Port_Binding tiller-deploy-67cd845dff-j7jqx.kube-system
>
> Port_Binding coredns-autoscaler-65bfc8d47d-gvvgh.kube-system
>
> Port_Binding cr-lrp-ovn-cluster-ts-aliyun-central
>
> Port_Binding kube-ovn-pinger-4hq29.kube-system
>
> Port_Binding node-broker-1
>
> Port_Binding metrics-server-6b55c64f86-l5cq5.kube-system
>
> Port_Binding coredns-7c5566588d-kgjj9.kube-system
>
>
>
>
>
>
>
> On the east-1 node , things are similar.
>
>
>
> sh-4.4# ovn-nbctl show
>
> switch 1f157fe4-8576-400e-85fb-7f1fad7daf44 (ovn-default)
>
> port metrics-server-6b55c64f86-l9mhb.kube-system
>
> addresses: ["00:00:00:A0:C4:B0 10.44.0.6"]
>
> port coredns-7c5566588d-bn4fh.kube-system
>
> addresses: ["00:00:00:B1:40:ED 10.44.0.3"]
>
> port coredns-autoscaler-65bfc8d47d-xk9md.kube-system
>
> addresses: ["00:00:00:9C:49:B9 10.44.0.4"]
>
> port kube-ovn-pinger-nfcjk.kube-system
>
> addresses: ["00:00:00:4A:20:7A 10.44.0.5"]
>
> port ovn-default-ovn-cluster
>
> type: router
>
> addresses: ["00:00:00:DE:08:3C"]
>
> router-port: ovn-cluster-ovn-default
>
> port default-http-backend-67cf578fc4-wn5mj.ingress-nginx
>
> addresses: ["00:00:00:C4:22:11 10.44.0.2"]
>
> switch 0cbefdd1-8067-4db2-8a2d-3487dc16c3ea (ts-aliyun)
>
> port lsp-ovn-cluster-ts-aliyun-central
>
> type: remote
>
> addresses: ["1a:aa:aa:aa:aa:01 192.168.100.1/24"]
>
> port lsp-ovn-cluster-ts-aliyun-east
>
> type: router
>
> router-port: lrp-ovn-cluster-ts-aliyun-east
>
> switch 61a36d09-0b39-46f1-9da1-967ac195905b (join)
>
> port join-ovn-cluster
>
> type: router
>
> addresses: ["00:00:00:17:31:7A"]
>
> router-port: ovn-cluster-join
>
> port node-east-1
>
> addresses: ["00:00:00:5F:D7:E6 100.64.0.2"]
>
> router b7ef9172-ccf2-4489-8802-a03f1c441a51 (ovn-cluster)
>
> port ovn-cluster-join
>
> mac: "00:00:00:17:31:7A"
>
> networks: ["100.64.0.1/16"]
>
> port lrp-ovn-cluster-ts-aliyun-east
>
> mac: "1a:aa:aa:aa:aa:02"
>
> networks: ["192.168.100.2/24"]
>
> gateway chassis: [d68ac809-292e-4df0-9a45-0254750f2376]
>
> port ovn-cluster-ovn-default
>
> mac: "00:00:00:DE:08:3C"
>
> networks: ["10.44.0.1/16"]
>
> sh-4.4# ovn-sbctl show
>
> Chassis "785b3dec-0af0-4906-8018-50f511bf4e4f"
>
> hostname: broker-1
>
> Encap geneve
>
> ip: "172.17.88.1"
>
> options: {csum="true"}
Here it doesn't show the port-binding for port
lsp-ovn-cluster-ts-aliyun-central, which should be learned from IC-SB DB.
However, the port is shown in NB DB, and the chassis binding is also shown
in IC-SB. So it means the chassis information of the port-binding is not
learned from IC-SB to SB of the east AZ. Could you check if there is any
error log in ovn-ic of east AZ? Are the connections to SB and IC-SB both
working well? Could you share the output of "ovn-sbctl list port_binding"
in east AZ as well?
>
> Chassis "d68ac809-292e-4df0-9a45-0254750f2376"
>
> hostname: east-1
>
> Encap geneve
>
> ip: "172.17.88.0"
>
> options: {csum="true"}
>
> Port_Binding coredns-7c5566588d-bn4fh.kube-system
>
> Port_Binding coredns-autoscaler-65bfc8d47d-xk9md.kube-system
>
> Port_Binding node-east-1
>
> Port_Binding cr-lrp-ovn-cluster-ts-aliyun-east
>
> Port_Binding metrics-server-6b55c64f86-l9mhb.kube-system
>
> Port_Binding default-http-backend-67cf578fc4-wn5mj.ingress-nginx
>
> Port_Binding kube-ovn-pinger-nfcjk.kube-system
>
>
>
> Best regards
>
> tian
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20200503/6303a1d8/attachment.html>
More information about the discuss
mailing list