Luca,

Can you please send me the vdsm log of plugging a vnic to an external network?
The relevant log file is: /var/log/vdsm/vdsm.log



On Fri, Mar 10, 2017 at 12:11 PM, Luca 'remix_tj' Lorenzetto <lorenzetto.luca@gmail.com> wrote:


Il 10 mar 2017 11:48 AM, "Marcin Mirecki" <mmirecki@redhat.com> ha scritto:
Hello Luca

>Name: openstack-networks
>Type: OpenStack Networking
>Description:
>Provider URL: http://openstack.example.com:9696

I assume Networking Plugin: Open vSwitch

Yes, i confirm.



Do you have any security groups defined for the vnic profile on your external network?
Looking at the output you provided is seems you do.The qpb bridge and the qvb/qvo veth pair are created when the security groups are present.
Can you try without the security groups? This would connect your vm vnic right into the ovs integration bridge (br-int).

No i haven't defined any security policy, explicitly. I'm using a network defined through horizon without any special option.


>This are the output of the commands you asked from a node where a vm
>that is attached to a neutron network is running:
Yes, this is what I needed.

>[root@ovirt002 ~]# ovs-vsctl show
>ovs-vsctl: unix:/var/run/openvswitch/db.sock: database connection
>failed (No such file or directory)

This is quite worrying. Is ovs on the host working properly?
Can you please check: service openvswitch status
If not active: service openvswitch start

Who should enable it, a cluster confoguration or whatl else? I'm using ovirt-node-ng, i suppose that openvswitch is already installed (didn't check).




>> Have you tried connecting any nics manually and checking connectivity
>> between them?
>What do you mean?

Add 2 ports in openstack directly
Add 2 nics on vm's, specifying the libvirt xml for the interfaces:

<interface type="bridge">
  <model type="virtio"/>
  <source bridge="br-int"/>
  <virtualport type="openvswitch">
    <parameters interfaceid="<neturon port id>"/>
  </virtualport>
</interface>


Where i find the xml file?


If the openstack neutron plugin works correctly, the ports should be connected to the osn network.





On Thu, Mar 9, 2017 at 4:26 PM, Luca 'remix_tj' Lorenzetto <lorenzetto.luca@gmail.com> wrote:
On Thu, Mar 9, 2017 at 2:24 PM, Marcin Mirecki <mmirecki@redhat.com> wrote:
> Hello Luca,

Hello Marcin,

> The osn provider basically only connects the vnics to the osn networks,
> items like dhcp must be handled on the osn networks itself.

Yes, i know. The network is defined by neutron, which has it's own dhcp server.

> Have you tried connecting any nics manually and checking connectivity
> between them?

What do you mean?

> No connectivity with static IP's could hint at some configuration problems.
> Are osn/ovs set up correctly? Firewall blocking traffic?

there is no firewall between openstack controllers and ovirt
engine/hosts. My doubt is about configuration, i've configured in this
way:

Name: openstack-networks
Type: OpenStack Networking
Description:
Provider URL: http://openstack.example.com:9696

Flagged read-only and requires authentication

Set the authentication and tested, reports everything ok.

Nothing else has been configured. I didn't found any documentation
that clarified if is enough.

After powering on i see on openstack this:

[stack@opstrio1101 ~]$ openstack port list | grep 00:1a:4a:16:01:51
<-- this is mac address of oVirt VM
| 86c46fed-dddf-4776-a765-27d4e52e861c | nic1
                        | 00:1a:4a:16:01:51 | ip_address='172.25.7.4',
subnet_id='280a98ad-0fd5-4961-a307-d1bfea8355cd'     |



> Can you please send us a more detailed descirption of your env (ip addr,
> brctl show, ovs-vsctl show)?

This are the output of the commands you asked from a node where a vm
that is attached to a neutron network is running:

[root@ovirt002 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp2s0f0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq
master bond0 state UP qlen 1000
    link/ether 00:21:5a:9b:b7:93 brd ff:ff:ff:ff:ff:ff
3: enp2s0f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq
master bond0 state UP qlen 1000
    link/ether 00:21:5a:9b:b7:93 brd ff:ff:ff:ff:ff:ff
4: enp2s0f2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq
master bond1 state UP qlen 1000
    link/ether 00:21:5a:9b:b7:97 brd ff:ff:ff:ff:ff:ff
5: enp2s0f3: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq
master bond1 state UP qlen 1000
    link/ether 00:21:5a:9b:b7:97 brd ff:ff:ff:ff:ff:ff
6: enp2s0f4: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq
state DOWN qlen 1000
    link/ether 00:21:5a:9b:b7:9b brd ff:ff:ff:ff:ff:ff
7: enp2s0f5: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq
state DOWN qlen 1000
    link/ether 00:21:5a:9b:b7:9d brd ff:ff:ff:ff:ff:ff
8: enp2s0f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq
state DOWN qlen 1000
    link/ether b4:b5:2f:55:bc:eb brd ff:ff:ff:ff:ff:ff
9: enp2s0f7: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq
state DOWN qlen 1000
    link/ether b4:b5:2f:55:bc:ef brd ff:ff:ff:ff:ff:ff
10: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
noqueue master ovirtmgmt state UP qlen 1000
    link/ether 00:21:5a:9b:b7:93 brd ff:ff:ff:ff:ff:ff
11: ovirtmgmt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP qlen 1000
    link/ether 00:21:5a:9b:b7:93 brd ff:ff:ff:ff:ff:ff
    inet 10.5.40.192/22 brd 10.5.43.255 scope global ovirtmgmt
       valid_lft forever preferred_lft forever
    inet6 fe80::221:5aff:fe9b:b793/64 scope link
       valid_lft forever preferred_lft forever
12: bond1: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
noqueue master NFS state UP qlen 1000
    link/ether 00:21:5a:9b:b7:97 brd ff:ff:ff:ff:ff:ff
13: NFS: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP qlen 1000
    link/ether 00:21:5a:9b:b7:97 brd ff:ff:ff:ff:ff:ff
    inet 10.5.160.46/22 brd 10.5.163.255 scope global NFS
       valid_lft forever preferred_lft forever
    inet6 fe80::221:5aff:fe9b:b797/64 scope link
       valid_lft forever preferred_lft forever
14: ;vdsmdummy;: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether be:ae:6d:b7:0f:f5 brd ff:ff:ff:ff:ff:ff
16: qvo86c46fed-dd@qvb86c46fed-dd:
<BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UP qlen 1000
    link/ether 5e:d1:06:97:f0:19 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::5cd1:6ff:fe97:f019/64 scope link
       valid_lft forever preferred_lft forever
17: qvb86c46fed-dd@qvo86c46fed-dd:
<BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UP qlen 1000
    link/ether e6:73:ee:8e:03:09 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::e473:eeff:fe8e:309/64 scope link
       valid_lft forever preferred_lft forever
18: qbr86c46fed-dd: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state
DOWN qlen 1000
    link/ether fe:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff
21: tap86c46fed-dd: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
pfifo_fast master qbr86c46fed-dd state UNKNOWN qlen 1000
    link/ether fe:1a:4a:16:01:51 brd ff:ff:ff:ff:ff:ff


[root@ovirt002 ~]# brctl show
bridge name bridge id STP enabled interfaces
;vdsmdummy; 8000.000000000000 no
NFS 8000.00215a9bb797 no bond1
ovirtmgmt 8000.00215a9bb793 no bond0
qbr86c46fed-dd 8000.fe1a4a160151 no tap86c46fed-dd


[root@ovirt002 ~]# ovs-vsctl show
ovs-vsctl: unix:/var/run/openvswitch/db.sock: database connection
failed (No such file or directory)


If you need other clarifications i'll dig without problem in this env.

Luca




--
"E' assurdo impiegare gli uomini di intelligenza eccellente per fare
calcoli che potrebbero essere affidati a chiunque se si usassero delle
macchine"
Gottfried Wilhelm von Leibnitz, Filosofo e Matematico (1646-1716)

"Internet è la più grande biblioteca del mondo.
Ma il problema è che i libri sono tutti sparsi sul pavimento"
John Allen Paulos, Matematico (1945-vivente)

Luca 'remix_tj' Lorenzetto, http://www.remixtj.net , <lorenzetto.luca@gmail.com>