Bug 1821667
Summary: | keepalived virtual routerids can easily clash when running several clusters | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Karim Boumedhel <kboumedh> | |
Component: | Installer | Assignee: | Antoni Segura Puimedon <asegurap> | |
Installer sub component: | OpenShift on Bare Metal IPI | QA Contact: | Victor Voronkov <vvoronko> | |
Status: | CLOSED ERRATA | Docs Contact: | ||
Severity: | medium | |||
Priority: | medium | CC: | asegurap, augol, bperkins, kgarriso, smilner, vvoronko, yboaron | |
Version: | 4.4 | Keywords: | Triaged | |
Target Milestone: | --- | |||
Target Release: | 4.5.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: |
Cause:
Using VRRP to manager the Virtual IPs for OCP IPI clusters means that there are only 8 bits available for a virtual router ID on a given broadcast domain. There may be be virtual router IDs already in use in the broadcast domain we deploy to
Consequence:
Collisions end up preventing nodes from taking on their Virtual IPs.
Fix:
Add a tool (and document its usage) that allows the user to check which virtual router IDs will be used for the chosen cluster name.
Result:
Users now have a way to know about Virtual Router IDs before deploying.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1823465 (view as bug list) | Environment: | ||
Last Closed: | 2020-07-13 17:25:52 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1823465 |
Description
Karim Boumedhel
2020-04-07 11:31:45 UTC
Just to clarify, keepalived virtual router ids clashes only if the clusters deployed on the same L2 domain. Verified on 4.5.0-0.nightly-2020-04-14-031010 checked from master node: [master-0-0 ~]$ sudo crictl exec $(sudo crictl ps --name keepalived-monitor | awk 'FNR==2{ print $1}') runtimecfg vr-ids cnf10 APIVirtualRouterID: 147 DNSVirtualRouterID: 158 IngressVirtualRouterID: 2 [core@master-0-0 ~]$ sudo crictl exec $(sudo crictl ps --name keepalived-monitor | awk 'FNR==2{ print $1}') runtimecfg vr-ids cnf11 APIVirtualRouterID: 228 DNSVirtualRouterID: 239 IngressVirtualRouterID: 147 Checked on external host by documentation provided here https://github.com/openshift/installer/blob/master/docs/user/metal/install_ipi.md [~]# podman run quay.io/openshift/origin-baremetal-runtimecfg:4.5 vr-ids cnf11 APIVirtualRouterID: 228 DNSVirtualRouterID: 239 IngressVirtualRouterID: 147 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2409 |