Enable keepalived VRRP health check

If you want to have vrrp watch the external networking interface today, the option ha_vrrp_health_check_interval [1] detects a failure it re-triggers the transitional change - which works if the external physical interface fails because the ping will fail. In fact, we've tried to enable it before [2], but then we had to revert it [3] due to instability issues [4] in previous releases of OpenStack. Maybe the previous instability issue [4] was caused by another keepalived issue mentioned in the comment [5], now I have tested this option again, it works. This is how neutron allows monitoring southbound network today, so I would suggest we add this capability into the charm again. This is a patch for charm-neutron-openvswitch side to support enable-dvr-snat=True option which allows running gateway components on compute nodes (as of 19.04 charms, see [6]) [1] https://docs.openstack.org/ocata/networking-guide/ \ deploy-ovs-ha-vrrp.html#keepalived-vrrp-health-check [2] https://review.opendev.org/#/c/601533/ [3] https://review.opendev.org/#/c/603347/ [4] https://bugs.launchpad.net/neutron/+bug/1793102 [5] https://bugs.launchpad.net/neutron/+bug/1793102/comments/5 [6] https://bugs.launchpad.net/charm-neutron-openvswitch/+bug/1808045 Change-Id: Ic7e751dd876cc67805e841e109a4f955ad80be47 Closes-Bug: 1825966
2019-05-08 16:45:29 +08:00 · 2019-05-08 16:45:29 +08:00 · 786906d559
parent 23e26a4cf2
commit 786906d559
3 changed files with 36 additions and 0 deletions
--- a/hooks/neutron_ovs_context.py
+++ b/hooks/neutron_ovs_context.py
@ -303,6 +303,7 @@ class L3AgentContext(OSContextGenerator):
            use_dvr_snat = config('use-dvr-snat')
            agent_mode = 'dvr_snat' if use_dvr_snat else 'dvr'
            ctxt['agent_mode'] = agent_mode
+            ctxt['use_l3ha'] = neutron_api_settings.get('enable_l3ha', False)
            if not config('ext-port'):
                ctxt['external_configuration_new'] = True
        else:
--- a/templates/mitaka/l3_agent.ini
+++ b/templates/mitaka/l3_agent.ini
@ -11,3 +11,6 @@ agent_mode = {{ agent_mode }}
 gateway_external_network_id =
 external_network_bridge =
 {% endif %}
+{% if use_l3ha and agent_mode == 'dvr_snat' -%}
+ha_vrrp_health_check_interval = 30
+{% endif %}
--- a/unit_tests/test_neutron_ovs_context.py
+++ b/unit_tests/test_neutron_ovs_context.py
@ -437,6 +437,34 @@ class L3AgentContextTest(CharmTestCase):
        self.assertEqual(
            context.L3AgentContext()(), {
                'agent_mode': 'dvr',
+                'use_l3ha': False,
+                'external_configuration_new': True,
+                'enable_nfg_logging': False,
+                'nfg_log_burst_limit': 25,
+                'nfg_log_output_base': None,
+                'nfg_log_rate_limit': None,
+            }
+        )
+
+    @patch.object(charmhelpers.contrib.openstack.context, 'relation_get')
+    @patch.object(charmhelpers.contrib.openstack.context, 'relation_ids')
+    @patch.object(charmhelpers.contrib.openstack.context, 'related_units')
+    def test_dvr_enabled_l3ha_enabled(self, _runits, _rids, _rget):
+        _runits.return_value = ['unit1']
+        _rids.return_value = ['rid2']
+        rdata = {
+            'neutron-security-groups': 'True',
+            'enable-dvr': 'True',
+            'l2-population': 'True',
+            'overlay-network-type': 'vxlan',
+            'network-device-mtu': 1500,
+            'enable-l3ha': 'True',
+        }
+        _rget.side_effect = lambda *args, **kwargs: rdata
+        self.assertEqual(
+            context.L3AgentContext()(), {
+                'agent_mode': 'dvr',
+                'use_l3ha': True,
                'external_configuration_new': True,
                'enable_nfg_logging': False,
                'nfg_log_burst_limit': 25,
@ -460,6 +488,7 @@ class L3AgentContextTest(CharmTestCase):
            'overlay-network-type': 'vxlan',
            'network-device-mtu': 1500,
            'enable-nfg-logging': 'True',
+            'use_l3ha': False,
        }
        _rget.side_effect = lambda *args, **kwargs: rdata
        _validate_nfg_log_path.side_effect = lambda x: x
@ -475,6 +504,7 @@ class L3AgentContextTest(CharmTestCase):
                'nfg_log_burst_limit': 30,
                'nfg_log_output_base': '/var/log/neutron/firewall.log',
                'nfg_log_rate_limit': 200,
+                'use_l3ha': False,
            }
        )

@ -508,6 +538,7 @@ class L3AgentContextTest(CharmTestCase):
                'nfg_log_burst_limit': 25,
                'nfg_log_output_base': '/var/log/neutron/firewall.log',
                'nfg_log_rate_limit': 100,
+                'use_l3ha': False,
            }
        )

@ -529,6 +560,7 @@ class L3AgentContextTest(CharmTestCase):
        self.assertEqual(
            context.L3AgentContext()(), {
                'agent_mode': 'dvr_snat',
+                'use_l3ha': False,
                'external_configuration_new': True,
                'enable_nfg_logging': False,
                'nfg_log_burst_limit': 25,