Bug 1900657
| Summary: | Failure at nmstatectl show with ovs bridge port with vxlan at OCP 4.7 | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Quique Llorente <ellorent> | ||||||
| Component: | nmstate | Assignee: | Gris Ge <fge> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Mingyu Shi <mshi> | ||||||
| Severity: | high | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 8.3 | CC: | edwardh, ferferna, jiji, jishi, mshi, network-qe, phoracek, till, toneata | ||||||
| Target Milestone: | rc | Keywords: | Triaged, ZStream | ||||||
| Target Release: | 8.4 | Flags: | pm-rhel:
mirror+
|
||||||
| Hardware: | x86_64 | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | nmstate-1.0.0-1.el8.noarch | Doc Type: | If docs needed, set a value | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | |||||||||
| : | 1901571 (view as bug list) | Environment: | |||||||
| Last Closed: | 2021-05-18 15:17:45 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 1901571 | ||||||||
| Attachments: |
|
||||||||
I am not able to reproduce it running this on a centos 8.2
dnf copr enable -y networkmanager/NetworkManager-1.22
dnf copr enable nmstate/ovs-el8 -y
dnf install -y NetworkManager
dnf install -y podman
dnf install -y openvswitch2.11
systemctl enable openvswitch
systemctl start openvswitch
ovs-vsctl add-br br0
ovs-vsctl add-port br0 vxlan1 -- set interface vxlan1 type=vxlan options:remote_ip=192.168.1.2 options:key=flow options:dst_port=8472
podman run --network=host --privileged -it --volume /run/dbus/system_bus_socket:/run/dbus/system_bus_socket centos:8 bash -c "dnf copr enable -y networkmanager/NetworkManager-1.26 && dnf copr enable nmstate/nmstate-0.3 -y && dnf install -y nmstate && nmstatectl show
The only difference is nmstate 0.3.4 vs 0.3.6
Debugging this issue in the lab where it is seen revealed the following: - nmstate 0.3 and up is determining the OVS capability by checking if the NM plugin is in place and that the openvswitch is running. - The check for the OVS running is performed using `systemctl`. - There is a bug it the logic when collecting the interfaces data: If there are OVS interface but the capability shows as if there is no OVS support, the OVS interfaces, including the `ovs-port` are still collected and reported without and processing. - In the case of the lab setup, nmstate is installed in a container without systemd active. Therefore, the detection of the running OVS fails despite the fact it is actually running. There seem to be a need to adjust the current nmstate logic to support such a scenario and have alternatives on detecting OVS availability. My first thought about it is to check if an OVS bridge is detected in the devices list, hinting that OVS is indeed running. Created attachment 1732878 [details]
vagrant config to startup centos8 with NetworkManager 1.22 and ovs
To make reproduction easy this vagrant file configure the needed centos image to run containrized pod in top of it.
Just to illustrate it, this fix the reproducer https://github.com/nmstate/nmstate/pull/1427 Upstream has merged the patch at https://github.com/nmstate/nmstate/pull/1426 Created attachment 1738873 [details]
pre-tested.log
Verified with versions:
nmstate-1.0.0-1.el8.noarch
nispor-1.0.1-2.el8.x86_64
NetworkManager-1.30.0-0.3.el8.x86_64
DISTRO=RHEL-8.4.0-20201203.n.0
Linux hp-dl380pg8-11.rhts.eng.pek2.redhat.com 4.18.0-257.el8.x86_64 #1 SMP Wed Dec 2 02:01:12 EST 2020 x86_64 x86_64 x86_64 GNU/Linux
openvswitch-selinux-extra-policy-1.0-22.el8fdp.noarch
openvswitch2.13-2.13.0-39.el8fdp.x86_64
nmstate-plugin-ovsdb-1.0.0-1.el8.noarch
python3-openvswitch2.13-2.13.0-39.el8fdp.x86_64
Verified with versions: nmstate-1.0.0-1.el8.noarch nispor-1.0.1-2.el8.x86_64 NetworkManager-1.30.0-0.4.el8.x86_64 DISTRO=RHEL-8.4.0-20201218.d.2 Linux dell-per730-20.rhts.eng.pek2.redhat.com 4.18.0-262.el8.dt3.x86_64 #1 SMP Tue Dec 15 04:28:42 EST 2020 x86_64 x86_64 x86_64 GNU/Linux openvswitch2.13-2.13.0-71.el8fdp.x86_64 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (nmstate bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:1748 |
When running nmstatectl show over a system with an ovs bridge and an internal ovs port nmstate fails with the following error: jsonschema.exceptions.ValidationError: {'name': 'vxlan0', 'type': 'ovs-port', 'state': 'down', 'ipv4': {'enabled': False}, 'ipv6': {'enabled': False}, 'lldp': {'enabled': False}} is not valid under any of the given schemas Failed validating 'oneOf' in schema['properties']['interfaces']['items']['allOf'][5]: {'oneOf': [{'$ref': '#/definitions/interface-unknown/rw'}, {'$ref': '#/definitions/interface-ethernet/rw'}, {'$ref': '#/definitions/interface-bond/rw'}, {'$ref': '#/definitions/interface-linux-bridge/all'}, {'$ref': '#/definitions/interface-ovs-bridge/all'}, {'$ref': '#/definitions/interface-ovs-interface/rw'}, {'$ref': '#/definitions/interface-dummy/rw'}, {'$ref': '#/definitions/interface-vlan/rw'}, {'$ref': '#/definitions/interface-vxlan/rw'}, {'$ref': '#/definitions/interface-team/rw'}, {'$ref': '#/definitions/interface-other/rw'}]} On instance['interfaces'][39]: {'ipv4': {'enabled': False}, 'ipv6': {'enabled': False}, 'lldp': {'enabled': False}, 'name': 'vxlan0', 'state': 'down', 'type': 'ovs-port'} Version-Release number of selected component (if applicable): nmstate 0.3.4 How reproducible: Always Steps to reproduce: On a centos8 as root do the following dnf copr enable -y networkmanager/NetworkManager-1.22 dnf copr enable nmstate/ovs-el8 -y dnf install -y NetworkManager dnf install -y podman dnf install -y openvswitch2.11 systemctl enable openvswitch systemctl start openvswitch systemctl restart NetworkManager ovs-vsctl add-br br0 ovs-vsctl add-port br0 vxlan1 -- set interface vxlan1 type=vxlan options:remote_ip=192.168.1.2 options:key=flow options:dst_port=8472 podman run --network=host --privileged -it --volume /run/dbus/system_bus_socket:/run/dbus/system_bus_socket centos:8 bash -c "dnf install -b -y dnf-plugins-core && dnf copr enable -y networkmanager/NetworkManager-1.26 && dnf copr enable nmstate/nmstate-0.3 -y && dnf install -y nmstate && nmstatectl show" Actual results: Traceback (most recent call last): File "/usr/bin/nmstatectl", line 11, in <module> load_entry_point('nmstate==0.3.6', 'console_scripts', 'nmstatectl')() File "/usr/lib/python3.6/site-packages/nmstatectl/nmstatectl.py", line 69, in main return args.func(args) File "/usr/lib/python3.6/site-packages/nmstatectl/nmstatectl.py", line 250, in show state = _filter_state(libnmstate.show(), args.only) File "/usr/lib/python3.6/site-packages/libnmstate/netinfo.py", line 35, in show return show_with_plugins(plugins, include_status_data) File "/usr/lib/python3.6/site-packages/libnmstate/nmstate.py", line 90, in show_with_plugins validator.schema_validate(report) File "/usr/lib/python3.6/site-packages/libnmstate/validator.py", line 42, in schema_validate js.validate(data, validation_schema) File "/usr/lib/python3.6/site-packages/jsonschema/validators.py", line 541, in validate cls(schema, *args, **kwargs).validate(instance) File "/usr/lib/python3.6/site-packages/jsonschema/validators.py", line 130, in validate raise error jsonschema.exceptions.ValidationError: {'name': 'vxlan1', 'type': 'ovs-port', 'state': 'down', 'ipv4': {'enabled': False}, 'ipv6': {'enabled': False}, 'lldp': {'enabled': False}} is not valid under any of the given schemas Failed validating 'oneOf' in schema['properties']['interfaces']['items']['allOf'][5]: {'oneOf': [{'$ref': '#/definitions/interface-unknown/rw'}, {'$ref': '#/definitions/interface-ethernet/rw'}, {'$ref': '#/definitions/interface-bond/rw'}, {'$ref': '#/definitions/interface-linux-bridge/all'}, {'$ref': '#/definitions/interface-ovs-bridge/all'}, {'$ref': '#/definitions/interface-ovs-interface/rw'}, {'$ref': '#/definitions/interface-dummy/rw'}, {'$ref': '#/definitions/interface-vlan/rw'}, {'$ref': '#/definitions/interface-vxlan/rw'}, {'$ref': '#/definitions/interface-team/rw'}, {'$ref': '#/definitions/interface-other/rw'}]} On instance['interfaces'][3]: {'ipv4': {'enabled': False}, 'ipv6': {'enabled': False}, 'lldp': {'enabled': False}, 'name': 'vxlan1', 'state': 'down', 'type': 'ovs-port'} Expected results: Yaml showing the ovs bridge and port. Additional info: This was discovered running kubernetes-nmstate at OCP 4.7