Bug 1809470

Summary: [HE] ovirt-provider-ovn is non-functional on 4.3.9 Hosted-Engine [RHV clone - 4.3.9]
Product: Red Hat Enterprise Virtualization Manager Reporter: RHV bug bot <rhv-bugzilla-bot>
Component: ovirt-engineAssignee: Dominik Holler <dholler>
Status: CLOSED ERRATA QA Contact: msheena
Severity: urgent Docs Contact: Rolfe Dlugy-Hegwer <rdlugyhe>
Priority: urgent    
Version: 4.3.9CC: bugs, dagur, dholler, mburman, michal.skrivanek, mperina, mtessun, rdlugyhe, Rhev-m-bugs
Target Milestone: ovirt-4.3.9Keywords: AutomationBlocker, BuildBlocker, Regression, ZStream
Target Release: 4.3.9   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: ovirt-engine-4.3.9.3 Doc Type: Enhancement
Doc Text:
The current version of OVN, ovn2.11-2.11.1-33, runs as a dedicated user. The current release of RHV includes this version of OVN and adjusts the secret key file permissions to accommodate the dedicated user. These secret keys are required for encrypted OVN communication.
 Story Points: ---
Clone Of: 1806276 Environment:
Last Closed: 2020-04-02 16:32:21 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Network RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1806276    
Bug Blocks:    

Description RHV bug bot 2020-03-03 08:20:30 UTC 
+++ This bug is a downstream clone. The original bug is: +++
+++   bug 1806276 +++
======================================================================

Description of problem
======================
ovirt-provider-ovn is not functional on 4.3.9 Hosted-Engine.
There is no option of connecting RHV to the provider, creating OVN networks, etc.

Version-Release number of selected component (if applicable)
============================================================
ovirt-engine-4.3.9.0-0.1.el7.noarch
rhvm-appliance-4.3-20200204.0.el7
openvswitch2.11-2.11.0-9.el7fdp.x86_64

How reproducible
================
100%

Steps to Reproduce
==================
1. Deploy Hosted-Engine using [1], [2] on a bare metal.
2. Create a cluster with ovirt-provider-ovn as an external network provider
3. Go to 'Providers' tab in webadmin UI - edit the ovirt-provider-ovn - click 'test'

[1] - rhvm-appliance-4.3-20200204.0.el7
[2] - ovirt-engine-setup-4.3.9.0-0.1.el7.noarch

Actual results
==============
A red box appears with the text: 'Failed to communicate with the external provider, see log for additional details.'

Expected results
================
A green box appears with the text: 'Test succeeded, managed to access provider.'

Additional info
===============
- In step 1 the deafult answer file was used. this issue reproduced on a manual deploy using cli.

- The output for `# systemctl status ovn-controller.service` shows the following error: ovs|00025|stream_ssl|ERR|ssl:10.35.128.44:6642: connect: Network is unreachable

- No Geneve tunnel is created on the host installed in a cluster with ovirt-provider-ovn configured as the external network provider

- Naturally, the output for `ovn-sbctl show` on the Engine VM shows no Chassis

(Originally by Moshe Sheena)
Comment 4 RHV bug bot 2020-03-03 08:20:46 UTC 
ovirt-provider-ovn-1.2.29-1.el7ev.noarch

(Originally by Michael Burman)
Comment 5 RHV bug bot 2020-03-03 08:20:53 UTC 
we suspect a regression caused by bug 1791388

(Originally by michal.skrivanek)
Comment 13 RHV bug bot 2020-03-06 13:30:00 UTC 
INFO: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason:

[Open patch attached]

For more info please contact: rhv-devops
Comment 17 Michael Burman 2020-03-16 07:53:16 UTC 
Verified on - rhvm-4.3.9.3-0.1.el7.noarch with
ovn2.11-central-2.11.1-33.el7fdp.x86_64
rhv-openvswitch-ovn-common-2.11-5.el7ev.noarch
ovn2.11-2.11.1-33.el7fdp.x86_64
ovirt-provider-ovn-1.2.29-1.el7ev.noarch
rhv-openvswitch-ovn-central-2.11-5.el7ev.noarch

python-openvswitch2.11-2.11.0-48.el7fdp.x86_64
rhv-openvswitch-2.11-5.el7ev.noarch
rhv-openvswitch-ovn-common-2.11-5.el7ev.noarch
openvswitch2.11-2.11.0-48.el7fdp.x86_64
openvswitch-selinux-extra-policy-1.0-15.el7fdp.noarch
rhv-openvswitch-ovn-central-2.11-5.el7ev.noarch
rhv-python-openvswitch-2.11-5.el7ev.noarch
Comment 21 errata-xmlrpc 2020-04-02 16:32:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1308