Rubygem-Staypuft: HA Neutron+GRE deployment - puppet agent exits with error on controllers: Error 400 on SERVER: Local ip for ovs agent must be set when tunneling is enabled at /etc/puppet/environments/production/modules/neutron/manifests/agents/ovs.pp:32
Further investigation shows that there's no IP on the NIC that's assigned to the tenant network. The IPAM for the network is configured to use "Internal DB" + valid range is specified.
Steps to reproduce:
Bare metal setup:
1. Install rhel-osp-installer
2. Configure an HA neutron deployment with GRE network type
3. Conigure a tenant network with foreman DB and valid range (in addition to other networks).
4. Assign the role tenant to that network and configure some NIC to use that tenant network.
5. Start the deployment.
After the OS is deployed, the puppet agent fails with the error:Error 400 on SERVER: Local ip for ovs agent must be set when tunneling is enabled at /etc/puppet/environments/production/modules/neutron/manifests/agents/ovs.pp:32
Also, there's no IP on the tenant NIC.
Puppet run should complete with no errors.
Created attachment 938247 [details]
messages from controllers + foreman.log from the staypuft
Can we get an answer to Comment 2?
Spoke directly with Lars on this. The summary is that the tenant network requires an IP address when using VXLAN or GRE for Neutron Networking.
Adding Known Issue text and removing blocker flag.
The work for this in Staypuft is to add validations as specified in the doc text
Mike and/or Lars: this part is unclear to me in terms of validations "Ensure that the Tenant subnet either has an external DHCP server or will get a static IP address assigned from Foreman"
Foreman UI validations won't detect presence of an external dhcp server, so what exactly should validations be confirming?
Shouldn't it just be a matter of the subnet config must be set to dhcp mode or ipam = internal and static?
this may go away with the subnet form re-design
Ahh, so basically the intention is to prevent the user from choosing "ipam=none" and "static" boot mode? I imagine this would apply to *all* network traffic types -- i.e. if static boot, then IPAM must be enabled?
pretty sure it only applies with gre and vxlan (based on what i wrote in the tech note)
(In reply to Mike Burns from comment #9)
> pretty sure it only applies with gre and vxlan (based on what i wrote in the
> tech note)
That's correct. GRE and VXLAN need an IP address in order to have an endpoint for the tunnel. Tunnels will be established between hypervisors and between each hypervisor and the Neutron networker.
With VLAN mode a tagged VLAN is attached to the VIF, so an IP address is not required on the interface where the tenant VLANs are trunked.
I think this will end up as a testonly bug once the refactored subnet UI makes it in, as the new subnet UI should prevent the invalid choices from being selected.
This bug should be resolved by the "Improve Foreman Subnets form for Staypuft specific use-cases" dev task
The "Improve Foreman Subnets form for Staypuft specific use-cases" PR is merged: https://github.com/theforeman/staypuft/commit/0458470858ace7de5befd3a9a5daba45b0d1e52e
I deployed the same setup, HA-neutron(GRE) and I didnt encountered those erros. the puppet have finished running and the nics with that configured with the tenant role was populated with ip addresses.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.