Marcin,

I installed the OVN-Central on a dedicated VM that lives on the ovirtmgmt network, I also installed the OVN-Provider on this same instance. I then installed the OVN-Controllers on all 3 of my oVirt Nodes, with the OVN provider driver, and configured the vdsm ovn-controller {central-ip} {ovirt-node-ip} on each of the boxes. It appears to be running but what I am noticing is that the ovs-vswitchd process is pegged at 100% on all the oVirt nodes.

So for instance from oVirt Node 3 (IP 75) the ovs-vsctl shows the IPs for the other 2 nodes in it's configuration. It seems to be that way across all 3 nodes, they know about the other nodes in the cluster. I was able to create a network inside of oVIRT using the external provider. After i create a subnet inside oVirt I do get an error at the top but seems to be ok?


Inline image 2

(Output from Node3 IP 75, of: ovs-vsctl show)

61af799c-a621-445e-8183-23dcb38ea3cc
    Bridge br-int
        fail_mode: secure
        Port "ovn-c0dc09-0"
            Interface "ovn-c0dc09-0"
                type: geneve
                options: {csum="true", key=flow, remote_ip="172.10.10.73"}
        Port "ovn-456949-0"
            Interface "ovn-456949-0"
                type: geneve
                options: {csum="true", key=flow, remote_ip="172.10.10.74"}
        Port br-int
            Interface br-int
                type: internal
    ovs_version: "2.6.90"



Example where the (ovs-vswitchd) is running at 100% on all 3 oVirt Nodes.

  PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     TIME+ COMMAND
 1768 root      10 -10   49680  10808   9388 R 100.0  0.0  24:48.85 ovs-vswitchd


[root@ovirt01 openvswitch]# tail -f ovs-vswitchd.log
2016-12-02T18:27:12.174Z|00604|poll_loop|INFO|Dropped 557231 log messages in last 6 seconds (most recently, 0 seconds ago) due to excessive rate
2016-12-02T18:27:12.174Z|00605|poll_loop|INFO|wakeup due to 0-ms timeout at vswitchd/bridge.c:3031 (100% CPU usage)
2016-12-02T18:27:18.174Z|00606|poll_loop|INFO|Dropped 536053 log messages in last 6 seconds (most recently, 0 seconds ago) due to excessive rate
2016-12-02T18:27:18.174Z|00607|poll_loop|INFO|wakeup due to 0-ms timeout at vswitchd/bridge.c:3031 (100% CPU usage)
2016-12-02T18:27:24.174Z|00608|poll_loop|INFO|Dropped 536369 log messages in last 6 seconds (most recently, 0 seconds ago) due to excessive rate
2016-12-02T18:27:24.174Z|00609|poll_loop|INFO|wakeup due to 0-ms timeout at vswitchd/bridge.c:3031 (100% CPU usage)
2016-12-02T18:27:30.174Z|00610|poll_loop|INFO|Dropped 532134 log messages in last 6 seconds (most recently, 0 seconds ago) due to excessive rate
2016-12-02T18:27:30.174Z|00611|poll_loop|INFO|wakeup due to 1-ms timeout at vswitchd/bridge.c:3031 (100% CPU usage)
2016-12-02T18:27:36.174Z|00612|poll_loop|INFO|Dropped 531659 log messages in last 6 seconds (most recently, 0 seconds ago) due to excessive rate
2016-12-02T18:27:36.174Z|00613|poll_loop|INFO|wakeup due to 0-ms timeout at vswitchd/bridge.c:3031 (99% CPU usage)


One other thing that I notice is that when I got to Provision a Virtual Machine from the Main Data Center, my Networks don't show under the NIC where I could select them? Am I missing something on this?

Thanks very much for your help.

Devin Acosta


On Fri, Dec 2, 2016 at 5:16 AM, Marcin Mirecki <mmirecki@redhat.com> wrote:
Devin,

> I presume the OVN Controller should just be some VM that is on the
> ovirtmgmt network, or is there a preferred place to install the OVN
> controller software?

Please note the difference between OVN-Central and OVN-Controller:
OVN-Central is the central part of OVN, storing the logical configuration and controlling the many OVN-Controllers
OVN-Controller is the piece of software which resides on the ovirt-hosts, and manages the local OVS setup on the host.

                 OVN-Central
               /       |      \
              /        |       \
             /         |        \
            /          |         \
OVN-Controller    OVN-Controller   OVN-Controller


OVN-central can be installed anywhere , as long as it can communicate with the engine and all the hosts.
During development we install it along the ovirt engine for convinience.

OVN-Controller must be installed on every ovirt host.


>I then also assume I install the OVN agents onto all
> the oVirt Nodes.

Short answer: Yes

Longe answer: If you plan not to use external networks on some clusters, you
can skip its hosts.
You can choose the clusters which support the external network by assigning the
network to clusters.

> I see
> that when you go to add the External Provider, does OVN Controller use
> authentication, is there any information I would need to have besides
> knowing which node it's on in order to add it to external provider?

For now it is only the url of the provider.
The provider is still under development, authentication is still just an
empty mock.

>Would I
> need to have any bridges or OVS configured on the nodes for this to work or
> just install the services and get them configured and it just works?

We are using the default 'br-int' bridge which OVN is using. All should be configured
when OVS/OVN is installed.

Let me know if I can help with anything else.
Marcin



----- Original Message -----
> From: "Devin Acosta" <devin@pabstatencio.com>
> To: "Marcin Mirecki" <mmirecki@redhat.com>
> Cc: "users" <Users@ovirt.org>, "Yaniv Dary" <ydary@redhat.com>
> Sent: Thursday, December 1, 2016 6:19:07 PM
> Subject: Re: [ovirt-users] oVirt 4 and Neutron
>
> I have manually created the RPM's successfully, I just want to clarify a
> few items so I make sure I'm deploying this according to best practice.
>
> I presume the OVN Controller should just be some VM that is on the
> ovirtmgmt network, or is there a preferred place to install the OVN
> controller software? I then also assume I install the OVN agents onto all
> the oVirt Nodes. My take on this is that this OVN replaces the more complex
> Neutron/OVS installation, and makes for a more simple deployment.  I see
> that when you go to add the External Provider, does OVN Controller use
> authentication, is there any information I would need to have besides
> knowing which node it's on in order to add it to external provider? Would I
> need to have any bridges or OVS configured on the nodes for this to work or
> just install the services and get them configured and it just works?
>
>
> Your assistance is appreciated.
>
> On Thu, Dec 1, 2016 at 3:54 AM, Marcin Mirecki <mmirecki@redhat.com> wrote:
>
> > Devin,
> >
> > The openvswitch OVN packages must be build manually at the moment. It is
> > still not available either in the repos, nor as a download.
> > For now please use the procedure attached below to build the OVN rpm's.
> >
> > I am not sure where 'firewalld-system' comes from. Is it not
> > 'firewalld-filesystem'?
> > This should be available from the standard repo.
> >
> > The ovirt-provider-ovn is being developed quite actively, and the blogpost
> > is already somewhat outdated (even though it's not even a month old). I
> > will try to update it asap.
> >
> > Thanks,
> > Marcin
> >
> >
> > BUILDING PROVIDER RPMS:
> > ----------------------
> >   git clone https://gerrit.ovirt.org/ovirt-provider-ovn
> >   make rpm
> >
> >
> >
> >
> > BUILDING OVN RPMS:
> > ------------------
> >
> > Clone the repository:
> >
> >   git clone https://github.com/openvswitch/ovs
> >
> > Install the following packages, as they are need to build ovn:
> >
> >   yum -y install gcc make python-devel openssl-devel kernel-devel graphviz
> > kernel-debug-devel autoconf automake rpm-build redhat-rpm-config rpm-build
> > rpmdevtools bash-completion autoconf automake libtool PyQt4 groff
> > libcap-ng-devel python-twisted-core python-zope-interface graphviz
> > openssl-devel selinux-policy-devel
> >
> > Build the ovn rpms:
> >
> >   cd ovs
> >   ./boot.sh
> >   ./configure
> >   make dist
> >   cp openvswitch-<version>.tar.gz $HOME/rpmbuild/SOURCES
> >   cd $HOME/rpmbuild/SOURCES
> >   tar xzf openvswitch-<version>.tar.gz
> >   cd openvswitch-<version>
> >   rpmbuild -bb rhel/openvswitch-fedora.spec
> >
> > The built rpms will reside here: ~/rpmbuild/RPMS/x86_64/
> >
> > --------------------
> >
> >
> >
> >
> >
> >
> >
> > ----- Original Message -----
> > > From: "Yaniv Dary" <ydary@redhat.com>
> > > To: "Devin Acosta" <devin@pabstatencio.com>, "Marcin Mirecki" <
> > mmirecki@redhat.com>
> > > Cc: "users" <Users@ovirt.org>
> > > Sent: Thursday, December 1, 2016 11:15:00 AM
> > > Subject: Re: [ovirt-users] oVirt 4 and Neutron
> > >
> > > Adding Marcin to help with this.
> > >
> > > Yaniv Dary
> > > Technical Product Manager
> > > Red Hat Israel Ltd.
> > > 34 Jerusalem Road
> > > Building A, 4th floor
> > > Ra'anana, Israel 4350109
> > >
> > > Tel : +972 (9) 7692306
> > >         8272306
> > > Email: ydary@redhat.com
> > > IRC : ydary
> > >
> > >
> > > On Thu, Dec 1, 2016 at 6:42 AM, Devin Acosta <devin@pabstatencio.com>
> > wrote:
> > >
> > > >
> > > > Yaniv,
> > > >
> > > > I am looking at the page that talks about ovirt-provider-ovn, and it
> > > > sounds like something I want to try. However the document seems to be
> > not
> > > > complete, and I'm not sure i fully understand how it should be
> > deployed.
> > > > When I downloaded the "ovirt-provider-ovn-driver-0-1.noarch.rpm" and
> > try
> > > > to install on the oVIRT nodes it complains about needing other packages
> > > > such as:
> > > >
> > > > - openvswitch-ovn-central
> > > > - python-openvswitch
> > > > - firewalld-system
> > > > - openvswitch-ovn-host
> > > >
> > > > I don't see anywhere where it talks about getting access to the RPMS
> > for
> > > > openvswitch-ovn-central. Also I presume like Neutron I would install
> > OVN on
> > > > a Master node and then install some clients on the nodes? Can you
> > provide
> > > > me additional information on this?
> > > >
> > > >
> > > >
> > > > On Tue, Nov 22, 2016 at 1:43 AM, Yaniv Dary <ydary@redhat.com> wrote:
> > > >
> > > >> We are working on a native path to SDN via OVN (experimental at this
> > > >> point):
> > > >> https://www.ovirt.org/blog/2016/11/ovirt-provider-ovn/
> > > >>
> > > >> Using Neutron is an option, but at some point the native option might
> > be
> > > >> easier to use (we want to add a UI for it and tighter integration).
> > > >>
> > > >> Yaniv Dary
> > > >> Technical Product Manager
> > > >> Red Hat Israel Ltd.
> > > >> 34 Jerusalem Road
> > > >> Building A, 4th floor
> > > >> Ra'anana, Israel 4350109
> > > >>
> > > >> Tel : +972 (9) 7692306
> > > >>         8272306
> > > >> Email: ydary@redhat.com
> > > >> IRC : ydary
> > > >>
> > > >>
> > > >> On Tue, Nov 22, 2016 at 5:09 AM, Devin Acosta <devin@pabstatencio.com
> > >
> > > >> wrote:
> > > >>
> > > >>> oVirt Users:
> > > >>>
> > > >>> My work is currently deploying oVirt 4.0.5 into our Development
> > > >>> environment. I see there use to be a maintained Openstack Neutron
> > image
> > > >>> that could be used with oVirt to provide SDN functionality. I'm
> > > >>> suspecting
> > > >>> that the reason for the image no longer being maintained is because
> > it
> > > >>> became a hassle to keep updated and patched. From what I understand
> > the
> > > >>> current idea is to just point your oVirt installation to an already
> > > >>> installed Openstack setup. I can easily install an image and install
> > the
> > > >>> latest Openstack (Keystone/Neutron) and then point oVirt to it, but I
> > > >>> want
> > > >>> to understand if that is the proper way to move forward. Is there a
> > > >>> general
> > > >>> consensus with the way oVirt is moving in regards to Software Defined
> > > >>> Networking and Neutron in general? Just want to ensure I understand
> > it
> > > >>> clearly before just installing my own Neutron if there is going to be
> > > >>> another method.
> > > >>>
> > > >>> Any feedback is appreciated.
> > > >>>
> > > >>> Devin Acosta RHCA
> > > >>>
> > > >>>
> > > >>> _______________________________________________
> > > >>> Users mailing list
> > > >>> Users@ovirt.org
> > > >>> http://lists.ovirt.org/mailman/listinfo/users
> > > >>>
> > > >>>
> > > >>
> > > >
> > > >
> > > > --
> > > >
> > > > Devin Acosta
> > > > Red Hat Certified Architect, LinuxStack
> > > > 602-354-1220 || devin@linuxguru.co
> > > >
> > >
> >
>
>
>
> --
>
> Devin Acosta
> Red Hat Certified Architect, LinuxStack
> 602-354-1220 || devin@linuxguru.co
>



--

Devin Acosta
Red Hat Certified Architect, LinuxStack 
602-354-1220 || devin@linuxguru.co