From d35c27bf718be54aa0c73eee8ecdd9cf0f8ef98f Mon Sep 17 00:00:00 2001 From: Danila Balagansky Date: Wed, 28 Jun 2023 17:28:25 +0300 Subject: [PATCH] Configure OVN NB and SB DB Connection probes Allow configuration of `inactivity_probe` in Connection table in NB and SB for new installations. Issues, which successfully resolve by using this as a workaround: 1. https://www.mail-archive.com/ovs-discuss@openvswitch.org/msg07431.html 2. https://bugs.launchpad.net/kolla-ansible/+bug/1917484 According to the OVN ML, specifically this part [1], there is no other way to set `inactivity_probe` other than using Connection table. And the only valid option for it would be `0.0.0.0`, so that it could be applied to all connections. `ovn-ctl` forces `ovsdb-server` to look for addresses to listen on in Connection table with `db-nb-use-remote-in-db` and `db-sb-use-remote-in-db` options which are enabled by default. If `db-nb-create-insecure-remote` and `db-sb-create-insecure-remote` are set to `yes` (when `neutron_ovn_ssl` is `False`), this would result in flooding OVN logs with `Address already in use` errors. So we will rely on default value `no` for them from now on and only listen on and with whatever options are provided in Connection tables. [1] https://www.mail-archive.com/ovs-discuss@openvswitch.org/msg07476.html Change-Id: If87cf7cfa1788d68c9a4013d7f4877692f2bb11c --- defaults/main.yml | 2 ++ tasks/providers/ovn_cluster_setup.yml | 7 +++---- templates/ovn-northd-opts.j2 | 2 -- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 26a18106..04b519e4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -481,6 +481,8 @@ neutron_ovn_l3_scheduler: leastloaded neutron_ovn_nb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6641,'+ ovn_proto + ':') }}:6641" neutron_ovn_sb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6642,' + ovn_proto + ':') }}:6642" neutron_ovsdb_manager: ptcp:6640:127.0.0.1 +neutron_ovn_sb_inactivity_probe: 60000 +neutron_ovn_nb_inactivity_probe: 60000 # Storage location for SSL certificate authority neutron_ovn_pki_dir: "{{ openstack_pki_dir }}" diff --git a/tasks/providers/ovn_cluster_setup.yml b/tasks/providers/ovn_cluster_setup.yml index c94486b4..05548c15 100644 --- a/tasks/providers/ovn_cluster_setup.yml +++ b/tasks/providers/ovn_cluster_setup.yml @@ -81,13 +81,12 @@ - not leader_node - ovn_northd_opts.changed -- name: set ssl for ovn-nb and ovn-sb +- name: Configure connection settings for ovn-nb and ovn-sb command: "{{ cmd }}" with_items: - - "ovn-nbctl set-connection pssl:6641" - - "ovn-sbctl set-connection pssl:6642" + - "ovn-nbctl --inactivity-probe={{ neutron_ovn_nb_inactivity_probe }} set-connection p{{ ovn_proto }}:6641" + - "ovn-sbctl --inactivity-probe={{ neutron_ovn_sb_inactivity_probe }} set-connection p{{ ovn_proto }}:6642" when: - - neutron_ovn_ssl - "inventory_hostname == neutron_ovn_primary_cluster_node" - _check_cluster_db.rc != 0 - not leader_node diff --git a/templates/ovn-northd-opts.j2 b/templates/ovn-northd-opts.j2 index bc2e26fe..f70bc33a 100644 --- a/templates/ovn-northd-opts.j2 +++ b/templates/ovn-northd-opts.j2 @@ -2,8 +2,6 @@ # OVN cluster parameters {{ neutron_ovn_northd_opts }}=" \ - --db-nb-create-insecure-remote={{ (neutron_ovn_ssl) | ternary('no','yes') }} \ - --db-sb-create-insecure-remote={{ (neutron_ovn_ssl) | ternary('no','yes') }} \ --db-nb-addr={{ ansible_host }} \ --db-sb-addr={{ ansible_host }} \ --db-nb-cluster-local-addr={{ ansible_host }} \