On Sat, 23 Mar 2019 15:19:06 +0100 Gianluca Cecchi <gianluca.cec...@gmail.com> wrote:
> On Fri, Mar 22, 2019 at 10:19 PM Dominik Holler <dhol...@redhat.com> wrote: > > > > > > in _runHooksDir > > > raise exception.HookError(err) > > > HookError: Hook Error: ('',) > > > > Thanks for raising this. > > I created https://bugzilla.redhat.com/1691933 to track this. > > > > Do you uninstalled vdsm-hook-openstacknet? > > > > No. > It seems to me this package had never got installed but in 4.2.x OVN > external network provider worked. > The environment was created at beginning 2017 with 4.0.6 and then gradually > updated, now at 4.3.2. > OVN originally installed when in 4.1.0 with the manual way before official > inclusion in engine-setup > > [root@ov300 ~]# rpm -q vdsm-hook-openstacknet > package vdsm-hook-openstacknet is not installed > [root@ov300 ~]# > > [root@ov300 ~]# ll -rt /var/log/yum.log* > -rw-------. 1 root root 63893 Sep 29 2017 /var/log/yum.log-20180101 > -rw-------. 1 root root 13840 Feb 9 2018 /var/log/yum.log-20180326 > -rw-------. 1 root root 43106 Nov 22 11:47 /var/log/yum.log-20190101 > -rw-------. 1 root root 38473 Mar 5 13:46 /var/log/yum.log-20190306 > -rw-------. 1 root root 5018 Mar 22 14:11 /var/log/yum.log > [root@ov300 ~]# > > [root@ov300 ~]# grep vdsm-hook-openstacknet /var/log/yum.log* > [root@ov300 ~]# > > And the same for the other two hosts > I can confirm that if I install that package (no vdsm restart): > > Installing: > vdsm-hook-openstacknet noarch > 4.30.11-1.el7 ovirt-4.3 14 k > > The VM with OVN network card on ovn192 is able to boot now and I have the > vnet1 interface on ov300 > > [root@ov300 ~]# ovs-vsctl show > f1a41e9c-16fb-4aa2-a386-2f366ade4d3c > Bridge br-int > fail_mode: secure > Port br-int > Interface br-int > type: internal > Port "ovn-b8872a-0" > Interface "ovn-b8872a-0" > type: geneve > options: {csum="true", key=flow, remote_ip="10.4.192.34"} > Port "ovn-1dce5b-0" > Interface "ovn-1dce5b-0" > type: geneve > options: {csum="true", key=flow, remote_ip="10.4.192.32"} > Port "vnet1" > Interface "vnet1" > ovs_version: "2.10.1" > [root@ov300 ~]# > > [root@ovmgr1 ~]# ovn-sbctl show > Chassis "ddecf0da-4708-4f93-958b-6af365a5eeca" > hostname: "ov300.datacenter.polimi.it" > Encap geneve > ip: "10.4.192.33" > options: {csum="true"} > Port_Binding "84c78095-744c-4415-805f-5f739af3d4d3" > Chassis "1dce5b7c-a9fc-4ddb-99b4-e2c9e0fa54c5" > hostname: "ov200.datacenter.polimi.it" > Encap geneve > ip: "10.4.192.32" > options: {csum="true"} > Chassis "b8872ab5-4606-4a79-b77d-9d956a18d349" > hostname: "ov301.datacenter.polimi.it" > Encap geneve > ip: "10.4.192.34" > options: {csum="true"} > [root@ovmgr1 ~]# > > And on engine: > [root@ovmgr1 ~]# ovn-nbctl show > switch fc2fc4e8-ff71-4ec3-ba03-536a870cd483 > (ovirt-ovn192-1e252228-ade7-47c8-acda-5209be358fcf) > port 84c78095-744c-4415-805f-5f739af3d4d3 > addresses: ["00:1a:4a:17:01:53 dynamic"] > switch 9e77163a-c4e4-4abf-a554-0388e6b5e4ce > (ovirt-ovn172-4ac7ba24-aad5-432d-b1d2-672eaeea7d63) > [root@ovmgr1 ~]# > > So at the end it could be a missing dependency during install of new > packages? > Not by intention. If vdsm-hook-openstacknet is installed, a file in /etc/sudoers.d/ is created, which allows vdsm to call ovs-vsctl without restricted parameters. /etc/sudoers.d/50_vdsm_hook_ovirt_provider_ovn_hook of ovirt-provider-ovn-driver should allow vdsm to call ovs-vsctl with all required parameters, but it does not. This is why I created bug 1691933. In the newer installations I checked vdsm-hook-openstacknet was installed and hides the bug. Maybe there are upgrade paths, which results in scenarios, where vdsm-hook-openstacknet is not installed, which should be fine, but shows the bug. > I have to dig a bit more, because from first tests if I start another VM on > the same ovn192 network also on the same host they are not able to > communicate > Possibly an iptables misconfiguration on host? > Just to understand the error, would you please check if /var/log/openvswitch/ovn-controller.log or any other logfile in the same directory contains any hints? Would communication using a new created ovn network without port security enabled work? If there are not further hints, I suggest to re-configure the ovirt-provider-ovn-driver on the host via vdsm-tool ovn-config OVN_Central_IP Tunneling_IP_or_Network_Name (please find more details on https://ovirt.org/documentation/admin-guide/chap-External_Providers.html#configuring-hosts-for-an-ovn-tunnel-networ ) and check if this fixed the issue. > I have vnet1 and vnet2 on host now > > [root@ov300 ~]# ovs-vsctl show > f1a41e9c-16fb-4aa2-a386-2f366ade4d3c > Bridge br-int > fail_mode: secure > Port br-int > Interface br-int > type: internal > Port "vnet2" > Interface "vnet2" > Port "ovn-b8872a-0" > Interface "ovn-b8872a-0" > type: geneve > options: {csum="true", key=flow, remote_ip="10.4.192.34"} > Port "ovn-1dce5b-0" > Interface "ovn-1dce5b-0" > type: geneve > options: {csum="true", key=flow, remote_ip="10.4.192.32"} > Port "vnet1" > Interface "vnet1" > ovs_version: "2.10.1" > [root@ov300 ~]# > > Thanks for the moment > Gianluca _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/BGEAO6W2TJWHDP4E3NZIXEHR4P6IG6CE/