Bug 1283671 - HA Controller nodes utilize the provision network's default route rather than external, causing vip to be unreachable.
HA Controller nodes utilize the provision network's default route rather than...
Status: CLOSED NOTABUG
Product: Red Hat OpenStack
Classification: Red Hat
Component: rhosp-director (Show other bugs)
7.0 (Kilo)
x86_64 Linux
unspecified Severity medium
: ---
: 7.0 (Kilo)
Assigned To: chris alfonso
yeylon@redhat.com
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-11-19 09:32 EST by John Browning
Modified: 2016-04-18 03:01 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-12-08 16:30:12 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
controller.yaml template (2.41 KB, text/plain)
2015-11-19 09:38 EST, John Browning
no flags Details
external network overrides template (996 bytes, text/plain)
2015-11-19 09:39 EST, John Browning
no flags Details

  None (edit)
Description John Browning 2015-11-19 09:32:20 EST
Description of problem:
When deploying a simple 2 nic, 2 vlan configuration of RHEL OSP 7.1 (provision network + external network), all controller nodes utilize the provision network's default route regardless of controller.yaml network configuration.

Version-Release number of selected component (if applicable): 7.1


How reproducible: Always


Steps to Reproduce:
1. Force defroute to external network in osp director templates
2. Deploy 3 node HA OSP environment
3.

Actual results: All controller nodes have the default route of the provision network, even when setting defroute: no/false in the controller.yaml template and setting next hop in the 'external' section of the controller.yaml template.  VIP is then unreachable.


Expected results:
Controller node has external network default route set, vip is accessible.

Additional info:
This environment is internal to redhat currently in one of our SA labs and I can show this environment to engineering for reproducing.

It appears to be very similar to this: https://review.openstack.org/#/c/197742/
Comment 2 John Browning 2015-11-19 09:38 EST
Created attachment 1096698 [details]
controller.yaml template

This is the template for controller nodes.
Comment 3 John Browning 2015-11-19 09:39 EST
Created attachment 1096700 [details]
external network overrides template

Network configuration overrides.
Comment 4 Dan Sneddon 2015-12-08 16:29:56 EST
This is a consequence of using use_dhcp: true on the control plane interface of the controller.yaml. The Undercloud sets a specific route (not default) to the all-zeroes network, which overrides the default route on the External interface.

Assuming this is OSP-Director 7.1 or later, use the following in controller.yaml to use a static IP address on the control plane (which will not have a default route):

          network_config:
            -
              type: ovs_bridge
              # Assuming you want to keep br-ex as external bridge name
              name: {get_input: bridge_name}
              use_dhcp: true
              defroute: yes
              members:
                -
                  type: interface
                  name: eth1
                  primary: true
            -
              type: ovs_bridge
              name: br-provisioning
              use_dhcp: false
              addresses:
                -
                  ip_netmask:
                    list_join:
                      - '/'
                      - - {get_param: ControlPlaneIp}
                        - {get_param: ControlPlaneSubnetCidr}
              routes:
                -
                  ip_netmask: 169.254.169.254/32
                  next_hop: {get_param: EC2MetadataIp}
              members:
               -
                  type: interface
                  name: eth0
                  primary: true

Note You need to log in before you can comment on or make changes to this bug.