[ovs-discuss] cells v2 routing question

Numan Siddique numans at ovn.org
Mon Jan 25 10:28:17 UTC 2021


On Sat, Jan 23, 2021 at 4:36 PM Pedro Sousa <pgsousa at gmail.com> wrote:

> Hi Numan,
>
> sorry to insist, but maybe you, or someone on this mailing list can assist
> me. Let me try to explain better my problem:
>
> I have a nova cells deployment where I have the parent site and a remote
> site cell, think about AZ1 and AZ2. The remote cell doesn't have a ovn-db
> and it's connected to the primary, however it has it's own ovn-controller
> and It's able to provision it's own router on the remote compute sites.
>
> You can see the attached picture to understand better.
>
> My question is, when I create a provider network on the primary site, am I
> able to reach a vm that's on remote cell using a floating ip through the
> geneve tunnel? I tested it, but it doesn't work.
>
> In simple terms I would like a distributed routing on my deployment, when
> I create router that's on a specific AZ, I want to access to a VM that's on
> another AZ, through that router. Is this possible? Considering that are not
> separate OVN deployments?
>

Ok. So they are not separate OVN deployments.

I think it should be possible provided you have proper connectivity between
the AZs
so that geneve tunnels are established and the VLAN provider network is
reachable
on both the AZs.

Is your DVR deployment ? i.e each compute node have external connectivity ?

In OVN terms, suppose a VM in AZ2 has a dnat_and_snat entry (i.e floating
ip associated) ? If so
can you check if external_mac and logical_port column for that entry in the
NAT table is set ?

You can run the command - ovn-nbctl find NAT external_ip=<FIP>  (or
ovn-nbctl list NAT)
and check if it is the case. Suppose if these columns are not set, then the
North->South
traffic is centralized on the gateway/network nodes.

Run ovn-nbctl show <neutron-router-id> and ovn-sbctl show and see where the
distributed
gateway router port is scheduled (starting with cr-lrp-<router_port>).
Distributed gateway
router port connects your router to the VLAN provider network. I'd also
suggest you to
check with the Openstack neutron folks in the opendev ML.

Added Daniel Alvarez if he has any comments from openstack neutron side.

Thanks
Numan




>
> Thanks.
>
> On Thu, Jan 21, 2021 at 4:31 PM Pedro Sousa <pgsousa at gmail.com> wrote:
>
>> Hi Numan,
>>
>> you're right, I upgraded to ussuri and now I see the commands, however in
>> the second site, which is an openstack cell, I don't see the bd, I only see
>> an ovn-controller and ovn-metadata running on compute nodes.
>>
>> My understanding is that BD is on the central site only, and cell is
>> connected to it.
>>
>> However, I want to create a provider network on the central site and that
>> this network is routable from the primary site and reachable on the second
>> site, which is a cell.
>>
>> My question is if this is possible.
>>
>> Thanks
>>
>> On Wed, Jan 20, 2021 at 5:41 AM Numan Siddique <numans at ovn.org> wrote:
>>
>>>
>>>
>>> On Tue, Jan 19, 2021 at 10:41 PM Pedro Sousa <pgsousa at gmail.com> wrote:
>>>
>>>> Hi Numan,
>>>>
>>>> I'm trying to follow the howto but I can't seem to find  ovn-ic-nbctl
>>>> and  ovn-ic-sbctl commands.
>>>>
>>>> I'm using *openstack train* deployed with tripleo running containers:
>>>>
>>>>
>>>> *tripleotraincentos8/centos-binary-ovn-controller:current-tripleo
>>>>  kolla_start
>>>> ovn_controllertripleotraincentos8/centos-binary-ovn-northd:current-tripleo
>>>>          /bin/bash /usr/lo...         ovn-dbs-bundle-podman-0*
>>>>
>>>> Any hint where those commands might be or do I need to rebuild the
>>>> container with it?
>>>>
>>>
>>> What version of OVN does it have ? ovn-ic is available since OVN 20.03.
>>>
>>> Maybe it is not packaged in the openstack train OVN version. I'd suggest
>>> to check out the OVN packages in the latest RDO
>>> or building it yourself.
>>>
>>> Thanks
>>> Numan
>>>
>>> Thanks
>>>>
>>>>
>>>>
>>>> On Mon, Jan 18, 2021 at 5:00 PM Numan Siddique <numans at ovn.org> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Mon, Jan 18, 2021 at 10:25 PM Pedro Sousa <pgsousa at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi there,
>>>>>>
>>>>>> I'm using OVN with ovs in openstack train in 2 geographically distant
>>>>>> sites, using cells v2 segregation.
>>>>>>
>>>>>> I configured a provider(external) VLAN network with floating ips on
>>>>>> primary AZ site but I can only reach vms that run on that AZ, the remote
>>>>>> vms on the secondary AZ are unreacheable.
>>>>>>
>>>>>> Is it possible using OVN routing, to reach the remote site vms from
>>>>>> the primary site?
>>>>>>
>>>>>> Or do I need to use different provider networks for each AZ?
>>>>>>
>>>>>
>>>>> Hi Pedro,
>>>>>
>>>>> You have 2 separate OVN based deployments and you want to interconnect
>>>>> them ?
>>>>>
>>>>> If so, OVN has an interconnection feature for this. You can check this
>>>>> out -
>>>>> https://docs.ovn.org/en/latest/tutorials/ovn-interconnection.html
>>>>>
>>>>> Thanks
>>>>> Numan
>>>>>
>>>>>
>>>>>> Thanks
>>>>>> _______________________________________________
>>>>>> discuss mailing list
>>>>>> discuss at openvswitch.org
>>>>>> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>>>>>>
>>>>> _______________________________________________
>>>> discuss mailing list
>>>> discuss at openvswitch.org
>>>> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>>>>
>>> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20210125/69872c43/attachment.html>


More information about the discuss mailing list