Bug 1472431 – Support for configuring the SNAT mode in Opendaylight

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1472431 - Support for configuring the SNAT mode in Opendaylight

Summary:	Support for configuring the SNAT mode in Opendaylight

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-tripleo-heat-templates (Show other bugs)
Sub Component:
Version:	12.0 (Pike)
Hardware:	Unspecified Unspecified

Priority	high Severity high
Target Milestone:	beta
Target Release:	12.0 (Pike)
Assigned To:	Janki
QA Contact:	Itzik Brown
Docs Contact:

URL:
Whiteboard:
Keywords:	Triaged

Depends On:
Blocks:	1414431 1528948
	Show dependency tree / graph

Reported:	2017-07-18 13:22 EDT by Sridhar Gaddam
Modified:	2018-10-18 03:21 EDT (History)
CC List:	4 users (show)

See Also:
Fixed In Version:	openstack-tripleo-heat-templates-7.0.0-0.20170913050522.0d7373c.el7.centos
Doc Type:	If docs needed, set a value
Doc Text:
Story Points:	---
Clone Of:
Environment:	N/A
Last Closed:	2017-12-13 16:42:20 EST
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Launchpad	1710614	None	None	None	2017-08-14 08:31 EDT
OpenStack gerrit	493861	None	None	None	2017-08-15 08:51 EDT
OpenDaylight Bug	8985	None	None	None	2017-08-14 08:25 EDT
OpenDaylight gerrit	61607	None	None	None	2017-08-14 08:27 EDT
Red Hat Product Errata	RHEA-2017:3462	normal	SHIPPED_LIVE	Red Hat OpenStack Platform 12.0 Enhancement Advisory	2018-02-15 20:43:25 EST

Groups: None (edit)

Description Sridhar Gaddam 2017-07-18 13:22:05 EDT

Description of problem:

OpenDaylight Carbon includes support for SNAT via Conntrack along with the existing mechanism which is Controller based.
However, SNAT conntrack is not enabled by default. 

Inorder to use SNAT Conntrack mode, one has to explicitly set "conntrack" (PSB) in "etc/opendaylight/datastore/initial/config/netvirt-natservice-config.xml" before starting karaf.

<natservice-config xmlns="urn:opendaylight:netvirt:natservice:config">
  <nat-mode>conntrack</nat-mode>                                                                                                                                                              
</natservice-config>

We have to expose this configuration in puppet-opendaylight and tripleo.

Comment 1 Nir Yechiel 2017-07-27 02:07:25 EDT

The plan for Pike is to expose both SNAT options (controller-based and conntrack-based) in TripleO, and set the conntrack-based as default. 

If further testing will reveal major issues with conntrack, we will reconsider this - but the current assumption is that the conntrack based solution should be our focus from now on and that the feature is stable enough.

Comment 3 Nir Yechiel 2017-08-02 19:29:33 EDT

This topic was discussed again today, and the consensus was that we should take advantage of the fact the we have different environment files for OVS and OVS-DPDK, and have separate default for each. 

OVS should default to conntrack and OVS-DPDK to controller-based. Reason for this is that the required conntrack support is not available in OVS 2.7, which is the version we are targeting for Pike/RHOSP 12.

Comment 4 Janki 2017-09-07 02:15:34 EDT

Stand-alone ODL will use controller to be default for both the cases. T-H-T will set default mechanism to conntrack for OVS and controller for OVS-DPDK.

Cherry pick to Pike: https://review.openstack.org/#/c/501228/
Cherry pick to Carbon: https://git.opendaylight.org/gerrit/#/c/61778/

Comment 5 Janki 2017-09-18 11:33:04 EDT

Fixed in version: puppet-opendaylight-4.2.0-0.20170905090706.7b618b1.el7.centos

Comment 7 Itzik Brown 2017-10-16 10:09:02 EDT

Checked with openstack-tripleo-heat-templates-7.0.1-0.20170927205938.el7ost.noarch

Default:
cat /opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-natservice-config.xml                                                                                             
<natservice-config xmlns="urn:opendaylight:netvirt:natservice:config">
  <nat-mode>conntrack</nat-mode>

Adding OpenDaylightSNATMechanism: 'controller':

cat /opt/opendaylight/etc/opendaylight/datastore/initial/config/netvirt-natservice-config.xml             
<natservice-config xmlns="urn:opendaylight:netvirt:natservice:config">
  <nat-mode>controller</nat-mode>

Comment 10 errata-xmlrpc 2017-12-13 16:42:20 EST

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:3462

Note You need to log in before you can comment on or make changes to this bug.