Bug 2008076 - [ovs] Invalid ovs bridge is created if multiple bridges are defined by role specific NeutronBridgeMappings [NEEDINFO]
Summary: [ovs] Invalid ovs bridge is created if multiple bridges are defined by role s...
Keywords:
Status: ASSIGNED
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-tripleo-heat-templates
Version: 16.1 (Train)
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: z6
: 16.2 (Train on RHEL 8.4)
Assignee: Brent Eagles
QA Contact: Joe H. Rahme
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-09-27 07:46 UTC by Takashi Kajinami
Modified: 2023-08-14 15:01 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:
Embargoed:
fyanac: needinfo? (beagles)

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker OSP-9930 0 None None None 2021-11-15 12:42:59 UTC

Description Takashi Kajinami 2021-09-27 07:46:50 UTC 
Description of problem:

When a deployment uses ml2+ovs and multiple bridge mappings are defined by role specific NeutronBridgeMappings,
an invalid bridge is created in overcloud nodes.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Deploy overcloud with the following environment file
~~~
parameter_defaults:
  ComputeParameters:
    NeutronBridgeMappings: 'datacentre:br-ex,datacentre2:br-ex2'
~~~

Actual results:
The following ovs bridge is created in compute nodes.
 - br-ex,datacentre2

Expected results:
The following two ovs bridges are created
 - br-ex
 - br-ex2

Additional info:
Comment 1 Takashi Kajinami 2021-09-27 07:54:19 UTC 
This issue is caused by the following implementations in tht and puppet.


- In tht, role specific parameters don't rely on parameter interface of heat templates.
  Because of that NeutronBridgeMappings in role specific parameters is not converted
  to a list automatically

- The following logic triggers creation of ovs bridge, implemented in puppet-neutron.
   https://github.com/openstack/tripleo-heat-templates/blob/461adac8f4effb591aafe7bfcdffea75cd01990f/deployment/neutron/neutron-ovs-agent-container-puppet.yaml#L302-L336

- The current logic in puppet-neutron doesn't handle a comma-separated list
  in String.
   https://github.com/openstack/puppet-neutron/blob/424320c268d931df89212b69b9ffbbe95765fdb6/manifests/agents/ml2/ovs.pp#L328
   https://github.com/openstack/puppet-neutron/blob/424320c268d931df89212b69b9ffbbe95765fdb6/manifests/plugins/ovs/bridge.pp#L6-L12
Comment 2 Takashi Kajinami 2021-09-27 08:58:07 UTC 
To avoid the issue we can fix puppet-neutron to handle a string value properly.

However I'm wondering why these ovs bridges are managed by puppet while these bridges are supposed
to be managed by os-net-config as part of network deployment.

The only configuration specific to puppet is the definition of external_id but is this really required ?
 https://github.com/openstack/puppet-neutron/blob/424320c268d931df89212b69b9ffbbe95765fdb6/manifests/plugins/ovs/bridge.pp#L11

If we don't need to run that logic to apply external_id then I tend to disable management of ovs bridge by puppet.
Comment 3 Takashi Kajinami 2021-09-27 14:06:47 UTC 
Just leaving a note...
One more option to workaround the issue easily would be to define an array value for the role specific parameter

~~~
parameter_defaults:
  ComputeParameters:
    NeutronBridgeMappings:
      - datacentre:br-ex
      - datacentre2:br-ex2
~~~
Comment 4 Takashi Kajinami 2021-09-27 14:09:41 UTC 
Initially I explained the three ovs bridges are created but it was wrong and only the one with an invalid name is created by puppet.
I updated the problem description accordingly.
Note You need to log in before you can comment on or make changes to this bug.