Bug 1940824

Summary: [RFE] Upgrade OVN/OVS 2.11 in RHV to OVN/OVS 2.15
Product: Red Hat Enterprise Virtualization Manager Reporter: Martin Perina <mperina>
Component: ovirt-provider-ovnAssignee: Ales Musil <amusil>
Status: CLOSED ERRATA QA Contact: Michael Burman <mburman>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.4.0CC: apinnick, dholler, emarcus, eraviv, michal.skrivanek, mtessun, pelauter
Target Milestone: ovirt-4.5.0Keywords: FutureFeature, Rebase, ZStream
Target Release: 4.5.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovirt-engine-4.5.0.1 ovirt-provider-ovn-1.2.35 ovirt-openvswitch-2.15-2 vdsm-4.50.0.10 Doc Type: Release Note
Doc Text:
Upgrade from OvS/OVN 2.11 to OVN 2021 and OvS 2.15. The upgrade is transparent to the user as long as these conditions are met: 1. Upgrade the engine first. 2. Before you upgrade the hosts, disable the ovirt-provider-ovn security groups for all OVN networks that are expected to work between hosts with OVN/OvS version 2.11. 3. Upgrade the hosts to match the OVN version 2021 or higher and OvS version to 2.15. This step should be done with the web console, in order to reconfigure OVN and to refresh the certificates. 4. Reboot the host after upgrade. 5. Verify that the provider and OVN were configured successfully by launching the web console and checking the "OVN configured" field on the "General" tab for each host. (You can also obtain the value using the REST API.) Note that the value might be "No" if the host configuration has not been refreshed. If the host's OVN is not configured after refresh and you are using engine 4.5 or later, reinstalling the host will fix this issue.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-05-26 17:25:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Network RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1809463, 1965954, 1969760, 1969763, 1974439, 1980269, 1986299, 2008798    
Bug Blocks: 1782056    

Description Martin Perina 2021-03-19 09:58:01 UTC 
RHV 4.4 is using OVN/OVS 2.11, which is old version and there won't be added any new features into it. So the only way forward is to upgrade to OVN/OVS 2.13+, which will allow us to use new features (for example ipsec as requested in BZ1782056) and allow also future upgrades (OVN/OVS 2.13+ provides functionality to work with older versions, for example OVN/OVS 2.15 should work with OVN/OVS 2.13).

But there are consequences:

1. According to OVN team running OVN/OVS 2.13 with OVN/OVS 2.11 is unsupported -> we would need to change our OVN support to exclude 4.3 hosts.

2. Even though OVN/OVS 2.13 and 2.11 is unsupported, we still need to provide some reasonable upgrade path - we need to check if upgrade of hosts still using OVN/OVS 2.11 in a cluster still can finish successfully (those hosts can be upgraded to OVN/OVS 2.13) after OVN/OVS is upgraded to 2.13 on RHV Manager

This is RFE is just preliminary, it's not yet acked until we verify that our tests don't detect any failure during upgrade. And of course we will need to determine which version we want to upgrade to: 2.13 or 2.15
Comment 6 Michael Burman 2022-03-22 12:11:29 UTC 
This RFE has failedQA, as the ovn-sb is keeping the chassis in inconsistent state.
The Chassis IDs are UUID instead of hostname.
This preventing the VMs running on different hosts, to fail to communicate with each other after the hosts upgraded to ovn/ovs 2.15

We probably need to delete the chassis during the host upgrade/installation and let the ovn-controller to add itself again.
Moving back to ASSIGNED for further work.

Tested with:
rhvm-4.5.0-0.237.el8ev.noarch
ovirt-provider-ovn-1.2.35-1.el8ev.noarch
ovn-2021-21.12.0-32.el8fdp.x86_64
openvswitch2.15-2.15.0-84.el8fdp.x86_64
vdsm-4.50.0.10-1.el8ev.x86_64
ovirt-openvswitch-2.15-3.el8ev.noarch
Comment 7 Sandro Bonazzola 2022-03-29 16:16:40 UTC 
We are past 4.5.0 feature freeze, please re-target.
Comment 8 Sandro Bonazzola 2022-04-01 06:36:50 UTC 
Updated doctext according to https://github.com/oVirt/ovirt-site/pull/2821/files/87730ec701d42d1be8142fc1e64b4d229c566c3f#r839547966
Comment 9 Michael Burman 2022-04-19 14:14:57 UTC 
Verified on - rhvm-4.5.0.2-0.7.el8ev.noarch with the next packages:

ovirt-provider-ovn-1.2.36-1.el8ev.noarch

ovn-2021-21.12.0-45.el8fdp.x86_64
ovn-2021-central-21.12.0-45.el8fdp.x86_64
ovirt-openvswitch-2.15-3.el8ev.noarch
ovirt-openvswitch-ovn-central-2.15-3.el8ev.noarch
ovirt-openvswitch-ovn-2.15-3.el8ev.noarch
ovirt-openvswitch-ovn-common-2.15-3.el8ev.noarch

openvswitch2.15-2.15.0-94.el8fdp.x86_64
ovirt-python-openvswitch-2.15-3.el8ev.noarch
ovirt-openvswitch-ovn-host-2.15-3.el8ev.noarch
python3-openvswitch2.15-2.15.0-94.el8fdp.x86_64
ovn-2021-21.12.0-45.el8fdp.x86_64
ovn-2021-host-21.12.0-45.el8fdp.x86_64

ovirt-provider-ovn-driver-1.2.36-1.el8ev.noarch

vdsm-4.50.0.12-1.el8ev.x86_64
Comment 14 errata-xmlrpc 2022-05-26 17:25:09 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: RHV Engine and Host Common Packages security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:4712