Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-12914

BZ#2268207 [ML2/OVN] Floating IP commnunications are broken for Master octavia amphora HA VIP

XMLWordPrintable

    • False
    • False
    • Committed
    • No Docs Impact
    • Committed
    • Committed
    • None

      Description of problem:

      One of our VIP customers is trying to use Floating IP address to enable external access to Octavia HA VIP. He followed steps described in https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.2/html-single/using_octavia_for_load_balancing-as-a-service/index#http-lb-float-ip_create-non-secure-http-lbs , but failed to get functional setup: real ha_ip is reachable for other instances and they can establish HTTPS connections to it, while communications are not established for floating IP address associated with real ha_ip.

      During remote session we tried to isolate a root cause by using client VM connected to client tenant network with client FIP attached and running on client compute. Client VM was used to connect to FIP address associated with real ha_ip. Both floating IP addresses were in the same external network. We found out that client compute node sends ARP requests for destination floating IP address, they arrive at destination compute node, but there is no reply from OVN. So ARP is unresolved and communications are not established.

      For some reason, ha_ip Neutron port had admin_state_up set to down because port was in disabled state. So Octavia setup is slightly different from our general recommendations at https://access.redhat.com/solutions/6629051. Nonetheless, enabling the port didn't help.

      Customer is able to consistently reproduce this problem for Octavia amphora-based loadbalancers. Regular instances using floating IP addresses are not affected by anything
      similar. Information about available data will be provided privately.

      At this point this problem is not severe blocker for customer, but this may change in the future.

      Version-Release number of selected component (if applicable):
      Red Hat OpenStack Platform release 16.2.6 (Train)

      How reproducible:
      Follow recommendations from https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/16.2/html-single/using_octavia_for_load_balancing-as-a-service/index#http-lb-float-ip_create-non-secure-http-lbs

      Actual results:
      FIP is not reachable for external entities

      Expected results:
      FIP is reachable for external entities and they can use it to communicate with ha_ip

          1.
          		 BZ#2268207 [ML2/OVN] Floating IP commnunications are broken for Master octavia amphora HA VIP Sub-task Closed Major Unassigned

              froyo@redhat.com Fernando Royo
              jira-bugzilla-migration RH Bugzilla Integration
              Toni Freger Toni Freger
              rhos-dfg-networking-squad-neutron
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: