Bug 1142500 - Rubygem-Staypuft: HA Neutron+GRE deployment - puppet agent exits with error on controllers: Error 400 on SERVER: Local ip for ovs agent must be set when tunneling is enabled at /etc/puppet/environments/production/modules/neutron/manifests/agents/ovs.pp:32
Summary: Rubygem-Staypuft: HA Neutron+GRE deployment - puppet agent exits with error o...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: rubygem-staypuft
Version: 5.0 (RHEL 7)
Hardware: x86_64
OS: Linux
urgent
urgent
Target Milestone: z2
: Installer
Assignee: Imre Farkas
QA Contact: Asaf Hirshberg
URL: https://trello.com/c/xah3Fy17/232-val...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-09-16 21:56 UTC by Alexander Chuzhoy
Modified: 2016-09-20 05:03 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Known Issue
Doc Text:
When you create a deployment that uses Neutron networking and VXLAN or GRE for tenant networks, the user interface for the Red Hat Enterprise Linux OpenStack Platform installer does not validate whether the subnet carrying the Tenant network traffic type provides an IP address. This results in the following error when attempting to provision the deployment: Error 400 on SERVER: Local ip for ovs agent must be set when tunneling is enabled at /etc/puppet/environments/production/modules/neutron/manifests/agents/ovs.pp:32 As a workaround, you can ensure the subnet carrying the Tenant network traffic type can access an external DHCP service or is assigned a static IP address by the installer.
Clone Of:
Environment:
Last Closed: 2014-11-04 17:02:37 UTC
Target Upstream Version:


Attachments (Terms of Use)
messages from controllers + foreman.log from the staypuft (166.07 KB, application/octet-stream)
2014-09-16 22:00 UTC, Alexander Chuzhoy
no flags Details


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1800 normal SHIPPED_LIVE Red Hat Enterprise Linux OpenStack Platform Installer Bug Fix Advisory 2014-11-04 22:00:19 UTC

Description Alexander Chuzhoy 2014-09-16 21:56:53 UTC
Rubygem-Staypuft: HA Neutron+GRE deployment - puppet agent exits with error on controllers: Error 400 on SERVER: Local ip for ovs agent must be set when tunneling is enabled at /etc/puppet/environments/production/modules/neutron/manifests/agents/ovs.pp:32


Further investigation shows that there's no IP on the NIC that's assigned to the tenant network. The IPAM for the network is configured to use "Internal DB" + valid range is specified.



Environment:
rhel-osp-installer-0.3.4-3.el6ost.noarch
ruby193-rubygem-foreman_openstack_simplify-0.0.6-8.el6ost.noarch
openstack-foreman-installer-2.0.23-1.el6ost.noarch
openstack-puppet-modules-2014.1-21.8.el6ost.noarch

Steps to reproduce:
Bare metal setup:
1. Install rhel-osp-installer 
2. Configure an HA neutron deployment with GRE network type
3. Conigure a tenant network with foreman DB and valid range (in addition to other networks).
4. Assign the role tenant to that network and configure some NIC to use that tenant network.
5. Start the deployment.


Result:
After the OS is deployed, the puppet agent fails with the error:Error 400 on SERVER: Local ip for ovs agent must be set when tunneling is enabled at /etc/puppet/environments/production/modules/neutron/manifests/agents/ovs.pp:32

Also, there's no IP on the tenant NIC.


Expected result:
Puppet run should complete with no errors.

Comment 1 Alexander Chuzhoy 2014-09-16 22:00:16 UTC
Created attachment 938247 [details]
messages from controllers + foreman.log from the staypuft

Comment 4 Mike Burns 2014-09-18 13:30:16 UTC
Lars/Dan,

Can we get an answer to Comment 2?

Comment 5 Mike Burns 2014-09-19 11:46:45 UTC
Spoke directly with Lars on this.  The summary is that the tenant network requires an IP address when using VXLAN or GRE for Neutron Networking.

Adding Known Issue text and removing blocker flag.

The work for this in Staypuft is to add validations as specified in the doc text

Comment 6 Scott Seago 2014-10-01 20:01:32 UTC
Mike and/or Lars: this part is unclear to me in terms of validations "Ensure that the Tenant subnet either has an external DHCP server or will get a static IP address assigned from Foreman"

Foreman UI validations won't detect presence of an external dhcp server, so what exactly should validations be confirming?

Comment 7 Mike Burns 2014-10-01 20:25:11 UTC
Shouldn't it just be a matter of the subnet config must be set to dhcp mode or  ipam = internal and static?

this may go away with the subnet form re-design

Comment 8 Scott Seago 2014-10-01 20:51:10 UTC
Ahh, so basically the intention is to prevent the user from choosing "ipam=none" and "static" boot mode? I imagine this would apply to *all* network traffic types -- i.e. if static boot, then IPAM must be enabled?

Comment 9 Mike Burns 2014-10-01 20:53:37 UTC
pretty sure it only applies with gre and vxlan (based on what i wrote in the tech note)

Comment 10 Dan Sneddon 2014-10-02 20:35:42 UTC
(In reply to Mike Burns from comment #9)
> pretty sure it only applies with gre and vxlan (based on what i wrote in the
> tech note)

That's correct. GRE and VXLAN need an IP address in order to have an endpoint for the tunnel. Tunnels will be established between hypervisors and between each hypervisor and the Neutron networker.

With VLAN mode a tagged VLAN is attached to the VIF, so an IP address is not required on the interface where the tenant VLANs are trunked.

Comment 11 Scott Seago 2014-10-07 15:08:23 UTC
I think this will end up as a testonly bug once the refactored subnet UI makes it in, as the new subnet UI should prevent the invalid choices from being selected.

Comment 12 Scott Seago 2014-10-08 14:55:21 UTC
This bug should be resolved by the "Improve Foreman Subnets form for Staypuft specific use-cases" dev task

Comment 13 Imre Farkas 2014-10-10 07:43:49 UTC
The "Improve Foreman Subnets form for Staypuft specific use-cases" PR is merged: https://github.com/theforeman/staypuft/commit/0458470858ace7de5befd3a9a5daba45b0d1e52e

Comment 17 Asaf Hirshberg 2014-10-27 10:54:20 UTC
Environment:
rhel-osp-installer-0.4.5-2.el6ost.noarch (poodle)
puppet-3.6.2-2.el7.noarch
rhel 6.6

I deployed the same setup, HA-neutron(GRE) and I didnt encountered those erros. the puppet have finished running and the nics with that configured with the tenant role was populated with ip addresses.

Comment 21 errata-xmlrpc 2014-11-04 17:02:37 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2014-1800.html


Note You need to log in before you can comment on or make changes to this bug.