Description of problem: health check for load balance doesn't work if ip is not set for logical switch port Version-Release number of selected component (if applicable): ovn2.12.0-27 How reproducible: Always Steps to Reproduce: #!/bin/bash systemctl start openvswitch systemctl start ovn-northd ovn-nbctl set-connection ptcp:6641 ovn-sbctl set-connection ptcp:6642 ovs-vsctl set open . external-ids:system-id=hv0 external-ids:ovn-remote=tcp:20.0.30.25:6642 external-ids:ovn-encap-type=geneve external-ids:ovn-encap-ip=20.0.30.25 systemctl restart ovn-controller ovn-nbctl lr-add lr1 ovn-nbctl lrp-add lr1 lr1ls1 00:01:03:0d:ff:01 192.168.1.254/24 2000::a/64 ovn-nbctl lrp-add lr1 lr1ls2 00:01:03:0d:ff:02 192.168.2.254/24 2001::a/64 ovn-nbctl set logical_router lr1 options:chassis=hv0 ovn-nbctl ls-add ls2 ovn-nbctl lsp-add ls2 ls2lr1 ovn-nbctl lsp-set-type ls2lr1 router ovn-nbctl lsp-set-options ls2lr1 router-port=lr1ls2 ovn-nbctl lsp-set-addresses ls2lr1 "00:01:03:0d:ff:02 192.168.2.254 2001::a" ovn-nbctl lsp-add ls2 ls2p1 ovn-nbctl lsp-set-addresses ls2p1 00:01:02:03:02:01 ovs-vsctl add-port br-int vm5 -- set interface vm5 type=internal ip netns add server0 ip link set vm5 netns server0 ip netns exec server0 ip link set vm5 up ip netns exec server0 ip link set lo up ip netns exec server0 ip link set vm5 address 00:01:02:03:02:01 ip netns exec server0 ip addr add 192.168.2.1/24 dev vm5 ip netns exec server0 ip route add default via 192.168.2.254 dev vm5 ovs-vsctl set interface vm5 external_ids:iface-id=ls2p1 ovn-nbctl ls-add ls1 ovn-nbctl lsp-add ls1 ls1lr1 ovn-nbctl lsp-set-type ls1lr1 router ovn-nbctl lsp-set-options ls1lr1 router-port=lr1ls1 ovn-nbctl lsp-set-addresses ls1lr1 "00:01:03:0d:ff:01 192.168.1.254 2000::a" ovn-nbctl lsp-add ls1 ls1p1 ovn-nbctl lsp-set-addresses ls1p1 00:01:02:03:01:01 ovn-nbctl lsp-add ls1 ls1p2 ovn-nbctl lsp-set-addresses ls1p2 00:01:02:03:01:02 ovn-nbctl lsp-add ls1 ls1p3 ovn-nbctl lsp-set-addresses ls1p3 00:01:02:03:01:03 ovs-vsctl add-port br-int vm1 -- set interface vm1 type=internal ip netns add client0 ip link set vm1 netns client0 ip netns exec client0 ip link set vm1 up ip netns exec client0 ip link set lo up ip netns exec client0 ip link set vm1 address 00:01:02:03:01:01 ip netns exec client0 ip addr add 192.168.1.1/24 dev vm1 ip netns exec client0 ip route add default via 192.168.1.254 dev vm1 ovs-vsctl set interface vm1 external_ids:iface-id=ls1p1 ovs-vsctl add-port br-int vm2 -- set interface vm2 type=internal ip netns add client1 ip link set vm2 netns client1 ip netns exec client1 ip link set lo up ip netns exec client1 ip link set vm2 up ip netns exec client1 ip link set vm2 address 00:01:02:03:01:02 ip netns exec client1 ip addr add 192.168.1.2/24 dev vm2 ip netns exec client1 ip route add default via 192.168.1.254 dev vm2 ovs-vsctl set interface vm2 external_ids:iface-id=ls1p2 ovs-vsctl add-port br-int vm3 -- set interface vm3 type=internal ip netns add client2 ip link set vm3 netns client2 ip netns exec client2 ip link set lo up ip netns exec client2 ip link set vm3 up ip netns exec client2 ip link set vm3 address 00:01:02:03:01:03 ip netns exec client2 ip addr add 192.168.1.3/24 dev vm3 ip netns exec client2 ip route add default via 192.168.1.254 dev vm3 ovs-vsctl set interface vm3 external_ids:iface-id=ls1p3 ovn-nbctl lb-add lb0 30.0.0.1:80 192.168.1.1:80,192.168.1.2:80 #ovn-nbctl lr-lb-add lr1 lb0 uuid=`ovn-nbctl lb-list | grep lb0 | awk '{print $1}'` ovn-nbctl set logical_switch ls1 load_balancer=$uuid uuid3=`ovn-nbctl --id=@hc1 create Load_Balancer_Health_Check vip="30.0.0.1\:80" -- add Load_Balancer $uuid health_check @hc1` ovn-nbctl set Load_Balancer_Health_Check $uuid3 options:interval=5 options:timeout=20 options:success_count=3 options:failure_count=3 ovn-nbctl --wait=sb set load_balancer $uuid ip_port_mappings:192.168.1.1=ls1p1:192.168.1.254 ovn-nbctl --wait=sb set load_balancer $uuid ip_port_mappings:192.168.1.2=ls1p2:192.168.1.254 Actual results: status is [] in output of ovn-sbctl list service_monitor Expected results: status is offline Additional info: [root@dell-per740-12 ~]# ovn-sbctl list service_monitor _uuid : 202dfad1-66ab-49a5-a9bd-ab0e3461166d external_ids : {} ip : "192.168.1.2" logical_port : ls1p2 options : {failure_count="3", interval="5", success_count="3", timeout="20"} port : 80 protocol : tcp src_ip : "192.168.1.254" src_mac : "ee:1c:a1:30:51:5b" status : [] _uuid : 12edf7ae-5727-4ea1-80da-8c875466e941 external_ids : {} ip : "192.168.1.1" logical_port : ls1p1 options : {failure_count="3", interval="5", success_count="3", timeout="20"} port : 80 protocol : tcp src_ip : "192.168.1.254" src_mac : "ee:1c:a1:30:51:5b" status : [] <=== status is [] [root@dell-per740-12 ~]# rpm -qa | grep -E "openvswitch|ovn" ovn2.12-central-2.12.0-27.el7fdp.x86_64 ovn2.12-2.12.0-27.el7fdp.x86_64 openvswitch2.12-2.12.0-21.el7fdp.x86_64 ovn2.12-host-2.12.0-27.el7fdp.x86_64 openvswitch-selinux-extra-policy-1.0-14.el7fdp.noarch
Submitted the patch for review - https://patchwork.ozlabs.org/project/openvswitch/patch/20200417065022.968218-1-numans@ovn.org/
Tested on below rpms (20D), the issue is still on. [root@netqe5 ~]# rpm -qa | grep -E "ovn|openv" ovn2.13-central-2.13.0-21.el8fdp.x86_64 openvswitch-selinux-extra-policy-1.0-23.el8fdp.noarch ovn2.13-host-2.13.0-21.el8fdp.x86_64 openvswitch2.13-2.13.0-18.el8fdp.x86_64 ovn2.13-2.13.0-21.el8fdp.x86_64 Added one line to bash script to avoid error: ovs-vsctl add-br br-int [root@netqe5 ~]# diff bug_1801058_orig.sh bug1801058.sh 13c13,14 < --- > ovs-vsctl add-br br-int > 90a92 > [root@netqe5 ~]# [root@netqe5 ~]# [root@netqe5 ~]# ovn-sbctl list service_monitor _uuid : 09e72a4a-b8fc-48fb-bdc5-4acdc77507d3 external_ids : {} ip : "192.168.1.1" logical_port : ls1p1 options : {failure_count="3", interval="5", success_count="3", timeout="20"} port : 80 protocol : tcp src_ip : "192.168.1.254" src_mac : "42:4a:cf:95:21:b4" status : [] _uuid : d6c8f76e-51dc-431f-bd90-2b2569ad5c04 external_ids : {} ip : "192.168.1.2" logical_port : ls1p2 options : {failure_count="3", interval="5", success_count="3", timeout="20"} port : 80 protocol : tcp src_ip : "192.168.1.254" src_mac : "42:4a:cf:95:21:b4" status : [] [root@netqe5 ~]#
With Jianlin's help, I verified the fix actually works. Test procedure Change#1: changed below IP to system's admin IP address. ovs-vsctl set open . external-ids:system-id=hv0 external-ids:ovn-remote=tcp:20.0.30.25:6642 external-ids:ovn-encap-type=geneve external-ids:ovn-encap-ip=20.0.30.25 Test procedure Change#2: Added below command to keep port 80 open. [root@netqe6 ~]# ip netns exec client0 nc -l -k 80 & [1] 19566 [root@netqe6 ~]# ip netns exec client1 nc -l -k 80 & [2] 19567 [root@netqe6 ~]# [root@netqe6 ~]# ovn-sbctl list service_monitor _uuid : 6490db48-6ff2-4e03-aeef-34d8beea56f5 external_ids : {} ip : "192.168.1.2" logical_port : ls1p2 options : {failure_count="3", interval="5", success_count="3", timeout="20"} port : 80 protocol : tcp src_ip : "192.168.1.254" src_mac : "da:5b:55:70:ed:bf" status : online _uuid : 1563eb7a-b5da-478a-b582-05be910ee788 external_ids : {} ip : "192.168.1.1" logical_port : ls1p1 options : {failure_count="3", interval="5", success_count="3", timeout="20"} port : 80 protocol : tcp src_ip : "192.168.1.254" src_mac : "da:5b:55:70:ed:bf" status : online [root@netqe6 ~]# rpm -qa | grep -E "openvswitch|ovn" openvswitch-selinux-extra-policy-1.0-14.el8fdp.noarch ovn2.13-2.13.0-18.el8fdp.x86_64 openvswitch2.11-2.11.0-21.el8fdp.x86_64 ovn2.13-host-2.13.0-18.el8fdp.x86_64 ovn2.13-central-2.13.0-18.el8fdp.x86_64
Verified on 20D (2.13). [root@netqe5 ~]# rpm -qa | grep -E "openvswitch|ovn" ovn2.13-central-2.13.0-21.el8fdp.x86_64 ovn2.13-2.13.0-21.el8fdp.x86_64 ovn2.13-host-2.13.0-21.el8fdp.x86_64 openvswitch-selinux-extra-policy-1.0-23.el8fdp.noarch openvswitch2.13-2.13.0-18.el8fdp.x86_64 [root@netqe5 ~]# [root@netqe5 ~]# [root@netqe5 ~]# ovn-nbctl show switch 35cf9154-eeac-4e9c-894b-39b45db62269 (ls1) port ls1p1 addresses: ["00:01:02:03:01:01"] port ls1lr1 type: router addresses: ["00:01:03:0d:ff:01 192.168.1.254 2000::a"] router-port: lr1ls1 port ls1p3 addresses: ["00:01:02:03:01:03"] port ls1p2 addresses: ["00:01:02:03:01:02"] switch 2842d931-258f-4fd2-ac2e-b5cd908e94bc (ls2) port ls2p1 addresses: ["00:01:02:03:02:01"] port ls2lr1 type: router addresses: ["00:01:03:0d:ff:02 192.168.2.254 2001::a"] router-port: lr1ls2 router c2048175-7ed5-4eb9-96af-b131998a8fdf (lr1) port lr1ls2 mac: "00:01:03:0d:ff:02" networks: ["192.168.2.254/24", "2001::a/64"] port lr1ls1 mac: "00:01:03:0d:ff:01" networks: ["192.168.1.254/24", "2000::a/64"] [root@netqe5 ~]# [root@netqe5 ~]# ovn-sbctl show Chassis hv0 hostname: netqe5.knqe.lab.eng.bos.redhat.com Encap geneve ip: "10.19.15.13" options: {csum="true"} Port_Binding ls1p3 Port_Binding ls2lr1 Port_Binding lr1ls1 Port_Binding ls1p2 Port_Binding ls1p1 Port_Binding ls1lr1 Port_Binding ls2p1 Port_Binding lr1ls2 [root@netqe5 ~]# [root@netqe5 ~]# [root@netqe5 ~]# ovs-vsctl show 53825340-def9-4d7e-b3b4-5fd6d4abf40d Bridge br-int fail_mode: secure Port vm5 Interface vm5 type: internal Port vm3 Interface vm3 type: internal Port br-int Interface br-int type: internal Port vm1 Interface vm1 type: internal Port vm2 Interface vm2 type: internal ovs_version: "2.13.0" [root@netqe5 ~]# ovn-sbctl list service_monitor _uuid : ff61f870-840e-4df5-9608-d2f4bebce878 external_ids : {} ip : "192.168.1.1" logical_port : ls1p1 options : {failure_count="3", interval="5", success_count="3", timeout="20"} port : 80 protocol : tcp src_ip : "192.168.1.254" src_mac : "26:b0:57:3d:0c:c4" status : online _uuid : a06df7b5-af58-4674-afe7-310dee6720bc external_ids : {} ip : "192.168.1.2" logical_port : ls1p2 options : {failure_count="3", interval="5", success_count="3", timeout="20"} port : 80 protocol : tcp src_ip : "192.168.1.254" src_mac : "26:b0:57:3d:0c:c4" status : online [root@netqe5 ~]#
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2317