410 Commits

Author SHA1 Message Date
Zuul
65b5913fdd Merge "Add BGP NIC IP cleanup logic for the OVN driver" 2025-02-07 16:01:03 +00:00
Dmitrii Shcherbakov
019605c97f Add BGP NIC IP cleanup logic for the OVN driver
Currently IPs present on the bgp_nic are not cleaned up during regular
reconciliation syncs so if ovn-bgp-agent misses an update from OVN NB
or that update is not delivered correctly for whatever reason, the IPs
on bgp_nic remain uncleared.

Usually this leads to issues whenever an IP got used and then released
for future use: the fabric keeps using a route advertised by FRR
pointing to the old host that contains the residual IP and not to the
new host that is supposed to be the next hop for this IP.

The underlying reasons for leftover IPs being present still need to be
debugged and fixed so a warning is logged (the warning level is used
as normally the IPs are cleaned up based on NB DB events and this
usually not a normal situation).

Closes-Bug: #2096736
Change-Id: I6f55b5a77f1f9d6a50ef00be48b6c41d00d54b24
2025-02-05 22:13:49 +03:00
Zuul
d4f9b7ef1b Merge "Add option to avoid VRF removal" 2025-02-05 18:55:48 +00:00
Zuul
0202f507ea Merge "Expose floating ips attached to virtual ports" 2025-02-05 18:45:16 +00:00
Zuul
a631d050a4 Merge "Add a static FDB entry to fabric-facing bridges" 2025-02-05 18:18:06 +00:00
Zuul
37655792e1 Merge "Use BFD sessions for local OVN" 2025-02-04 12:31:40 +00:00
Jakub Libosvar
54347452db Use BFD sessions for local OVN
This patch needs bump of ovsdbapp to >=2.10.0

Depends-On: https://review.opendev.org/c/openstack/ovsdbapp/+/936877

Change-Id: I77294a9077e230efbb182cb6590e2ca135449b73
2025-02-03 10:01:53 +00:00
Dmitriy Rabotyagov
0840f4afc9 Add option to avoid VRF removal
A usecase posisble when operator wants to have a peering established
per-VRF. This would mean, that they need to enslave a unique
interface inside of the VRF and define peers for the router in FRR.

Current logic with removal of the VRF upon disconnect makes such
usecase impossible, as there are no means inside of the agent
to recover FRR and VRF configuration to intended by operator state.

This serves as motivation to allow operator to disable VRF removal
through configuration option.

Closes-Bug: #2097121
Change-Id: I2155508b167f84289de8f6510dfca1d5fc6a2a74
2025-01-31 17:32:03 +01:00
Michel Nederlof
df2af13552 Expose floating ips attached to virtual ports
Neutron keeps track of which host is hosting the virtual ip.
This we can use to match floating ip's attached to virtual ports.

Closes-Bug: #2096663
Change-Id: Ie7739926f3377c88a3bc58f06ccec7865594eaa4
2025-01-24 13:34:40 +00:00
Zuul
f90262e7d3 Merge "Introduce multinode tempest job" 2025-01-17 10:37:56 +00:00
Zuul
6febd7d537 Merge "Fix text from CrLrpChassisChangeWithdrawEvent docstring" 2025-01-13 15:06:47 +00:00
Jakub Libosvar
0b22516768 Introduce multinode tempest job
The job has 4 nodes:
 - a spine node serving as a spine switch and a place where the tempest
   tests are executed from
 - 2 leaf nodes serving as route reflectors to the spine node
 - controller running all-in-one openstack with
ovn-bgp-agent and frr configured to peer with the leaf nodes

The job is non-voting for now to assess its stability and replaces
ovn-bgp-agent-tempest-plugin job because that job was one node only and
hence the BGP protocol couldn't be validated.

Depends-On: https://review.opendev.org/c/openstack/devstack/+/938697

Change-Id: If8d2d59c6bc06124d98204770d7689b66d9b9cae
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2025-01-13 13:21:51 +00:00
Zuul
e0065b75fc Merge "Split _ensure_ovn_network_link function" 2025-01-13 11:35:13 +00:00
Takashi Kajinami
dee105f338 Update default envlist
Python 3.7 support was already removed so it should no longer be in
the default envlist. Also use unversioned target instead of versioned
ones so that we don't have to update the envlist when supported python
versions are updated.

Change-Id: Ic463ee939274817b4a824c064edcb92d58472d6f
2025-01-13 14:12:34 +09:00
Jakub Libosvar
eaecae8f01 Split _ensure_ovn_network_link function
The function does two completely distinct things consuming distinct
parameters based on one differentiating direction parameter. It's better
to have dedicated function to each routine to avoid unnecessary
complexity.

It also fixes a bug in the unittest where it cmds were empty.

Change-Id: Ic22981037777d5dfdb633459df5f914563801193
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-12-02 13:16:53 +00:00
Eduardo Olivares
de21b62066 Fix text from CrLrpChassisChangeWithdrawEvent docstring
It had been copied from previous class CrLrpChassisChangeExposeEvent.

Change-Id: I575c3ff48189c69d311216dd7032e6c4bb083319
2024-11-28 09:02:19 +01:00
Zuul
faf71abadd Merge "Support ovn-bgp agent with DVR disabled" 2024-11-27 16:55:16 +00:00
Zuul
ba4115cc84 Merge "Bump ovsdbapp to 2.8.0" 2024-11-25 08:26:55 +00:00
Zuul
972d739e7f Merge "Remove test_ovn_bgp_agent" 2024-11-22 22:00:39 +00:00
Dmitrii Shcherbakov
1986ad2398 Add a static FDB entry to fabric-facing bridges
Without a static entry in the FDB the MAC address we use both for the
internal port of the bridge and the bgp-router LRP is re-learned using
the normal Ethernet switch FDB learning logic: whenever the guest
traffic is sent out via the bgp-router LR, the port is set to the patch
port leading to br-bgp. Sending traffic from the internal port then
rewrites that back. Until then the traffic destined to the internal
port is being sent to br-bgp which results in flow table misses and
drop flows being cached.

Adding a static entry to the FDB effectively disables learning based
on the traffic coming out of the patch port leading to br-bgp.

Closes-Bug: #2089297
Change-Id: I8563adb49db8fa94c51f9ba47275e8c7812997ea
2024-11-22 17:15:49 +00:00
Jakub Libosvar
89421f84be Support ovn-bgp agent with DVR disabled
The patch adds events that match on gateway chassis hosting the cr lrp
ports for the given floating ips. If there is a failover detected and
the CR LRP moves to a different chassis, all the floating IPs are moved
to with it.

It also adds functional tests for agent and its watchers. The watchers
part can be improved and the functional framework can be used further to
extend testing coverage.

Closes-Bug: #2056477

Change-Id: Ia857df921eb32e5e822fc790064179b07351d8d3
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-11-22 15:17:51 +00:00
Dmitriy Rabotyagov
d7e275ea85 Use neutron_lib constants a device name limiter
At the moment device name length is hardcoded in code. At the same time
there is a constant inside neutron_lib which defines maximum length
for intraface names.

Change-Id: I2432fd3a61434ecd9e5960f55c35a9c01b711e30
2024-11-20 16:46:39 +00:00
Dmitriy Rabotyagov
b0325ea205 Handle trimming of vlan interface namings
At the moment vlan interfaces would be trimmed in an unexpected manner,
where instead of the interface vlan UUID will be trimmed when provider
bridge is long enough.
For example, vlan 1001 on `br-provider` will result in interface
`br-provider.100` which can lead to non-unique names, ie if there's also
vlan 1002 on the same br-provider.

Moreover, current code fails to ensure required sysctl parameters are
present, since interface name is trimmed.

This is basically continuation of the fix originally proposed in [1]

[1] https://review.opendev.org/c/openstack/ovn-bgp-agent/+/909788

Closes-Bug: #2054599
Change-Id: Ie1470138eb9ada627deead84863710f7ea43fd76
2024-11-20 16:46:33 +00:00
Eduardo Olivares
4f8fe6adbf Fix type for config option bgp_chassis_id
Type List was wrongly used. Type Str should be used instead.

Closes-Bug: #2088057
Change-Id: I26e04725ce419f87b8cde78567e88fe479cee1ae
2024-11-13 12:37:41 +01:00
Jakub Libosvar
a01dddcefa functional: Introduce a base class for OVN func testing
The patch creates a base classes that inherit from the ovsdbapp project.
A new API fixture is added to be able to use OVN BGP agent OVN IDL in
the functional tests.

Change-Id: I139d6798a1ed2f51d447c86f16dad2aa3892412b
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-11-01 17:48:07 +00:00
Jakub Libosvar
01872eab78 Bump ovsdbapp to 2.8.0
This is aligned with the requirements project. The patch removes the
code that is present in the current ovsdbapp and uses it from the
library.

Change-Id: Iacc1af5d5f98f5008fb01234c4af0a6461146d51
2024-10-31 18:51:53 +00:00
Jakub Libosvar
8a7ebde363 Move devstack job to experimental
Currently the job doesn't validate everything and just consumes time and
resources. I have some ideas to push this forward but for now
experimental seems like a better suited place for the job.

Change-Id: Idad9338b2a445f5b58218590c0ee9ee4555bf0b5
2024-10-31 17:45:46 +00:00
Jakub Libosvar
e3a509cd14 Introduce LSP address column parsing functions
There is a repeated code that can be replaced by function calls.

Change-Id: Ia04e251a6014b10d0a3e1f75df71f1f4a00a1f8b
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-10-31 17:45:46 +00:00
Jakub Libosvar
62ecacc180 nb driver: Don't expose FIP if the external_mac is not set
If the external_mac in the NAT entry is not set then it means two
things:

1) The DVR is disabled (see [2])

2) The external_mac has not been set yet because Neutron doesn't
populate the external_mac column of the FIP NAT entry until
the associated port with the FIP is bound to a chassis. This is
because of LB VIPs that don't get bound [1].

For case 1) we need to expose the FIP on the gateway node where the LRP
is hosted. For case 2) we can ignore if the external_mac is not set but
then we need another event that would re-act on setting the
external_mac. This will be done in a followup patch.

[1] https://bugs.launchpad.net/networking-ovn/+bug/1789686
[2] https://bugs.launchpad.net/ovn-bgp-agent/+bug/2056477

Related-Bug: #2073403

Change-Id: Ie24f1f370c44f95840af2d4d2010c20655738ebc
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-10-31 17:45:46 +00:00
Jakub Libosvar
9e6095688d Expose FIP if external_mac was set
OVN doesn't set external_mac on NAT until the port was brought up. This
patch adds an event that exposes the FIP if it gets the external_mac
column set.

Resolves-Bug: #2073403
Change-Id: Ib732e0e2ba3af4acb32d5d587deed5d049b12cf5
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-10-31 17:45:46 +00:00
Jakub Libosvar
ee15a0a414 Remove test_ovn_bgp_agent
It was probably overlooked during the initial commit

Change-Id: Ibe9802382d77e77ca0d1f509825d1ffc8343910a
2024-10-30 17:00:56 -04:00
Eduardo Olivares
7e348daca0 Refactor ovn_bgp_agent.privileged.ovs_vsctl
When ovs commands fail, we re-try after adding `-O OpenFlow13`, but that
is only valid for `ovs-ofctl`.
To fix this issue, this patch implements a small refactor of the module
in order to separete calls to ovs-ofctl and ovs-vsctl.

Related-Bug: #2080258
Change-Id: Ib8ee872d4bd587ade325bc4f6da3e9d8804c28c0
2024-10-09 14:45:16 +02:00
Eduardo Olivares
e615106ab8 Add retries to get_device_port_at_ovs
Extending retries added to `get_ovs_patch_port_ofport` at [1].

[1] https://review.opendev.org/c/885976

Closes-Bug: #2080258
Change-Id: Id41336ad235159d5fbe125c6c1bbecd2a73a819e
2024-10-08 08:46:50 +02:00
Zuul
a037e0314b Merge "Make in_port consistent type" 2024-10-04 08:41:45 +00:00
Jakub Libosvar
46abd9b503 Make in_port consistent type
The in_port structure is always list but in case there is a failure when
obtaining the list of ports on the bridge, it was set to a set type.
This patch initializes it as a list.

TrivialFix

Change-Id: Iec62246f730b9aa80d4145b357da49612b850243
2024-10-02 11:12:03 -04:00
Michel Nederlof
59ad44aca5 Fix live migrations and possibly also VIP failovers
When a live migration happens, another flow is happening,
so we need to take this into consideration.

Change-Id: Ib27bbc95a0853f32354f743dcec2bdb4bb797097
Closes-Bug: #2082085
2024-09-26 12:38:12 +00:00
Takashi Kajinami
f503911227 Bump hacking
hacking 3.0 is quite old. Bump it to the current latest version.

Change-Id: Iac62f9294f54530cc7208f575e3c4eb81a8749e1
2024-09-21 18:11:43 +09:00
Takashi Kajinami
d49179b857 Drop Python 3.6/7 support
Support for Python 3.6 and 3.7 was removed some time ago and these
versions have been untested.

Change-Id: I0e340989d797de26815c0945ce99767641c904b6
2024-09-21 18:07:38 +09:00
ba53e21de7 Update master for stable/2024.2
Add file to the reno documentation build to show release notes for
stable/2024.2.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2024.2.

Sem-Ver: feature
Change-Id: Ifb5ff641dd97e6bb9fed2672ef6772cad05e1326
2024-09-12 13:24:17 +00:00
Jakub Libosvar
bf7c746075 Move _get_ips_info out of LRP event
The method was made function to be able to use it in more generic
manner.

Change-Id: I33a24f6942a4e2b1c12c9bdaf80d88757795f24b
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
3.0.0.0rc1 3.0.0
2024-08-06 15:32:09 +00:00
Jakub Libosvar
d142f39702 Move methods out of LSP events
The methods are moved to a function to ports utility module as the
methods were not reading or modifying the instance state.

Change-Id: Iae9d1d1f2f5d5bab38c290a5d6e8f5cf8136e108
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-08-06 15:32:03 +00:00
Jakub Libosvar
fed8d0376d Move some LogicalSwitchChassisEvent methods out
The methods that do not modify object state or don't read from the state
are moved out to utils module so they can be re-used elsewhere too.

Change-Id: I4169ae38552b96092f6eae43e082bd6313d730a4
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-08-06 15:30:40 +00:00
Jakub Libosvar
7ce42598b4 Remove _get_router method from events
The method was tied to an event instance but didn't actually
modify the state of the instance. It was replaced with a helper
function.

Change-Id: I25b6ba95f0fd2731737d014eae54d3d7e27a5513
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-08-05 19:03:28 +00:00
Jakub Libosvar
acb53b4009 Remove duplicated _get_network method
The method was tied to an instance of some events but didn't actually
modify state of the instance. It was replaced with a generic helper
function.

Change-Id: I0d24ead8e44cde1df62df77408801cbbc758c4a6
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-08-05 19:03:28 +00:00
Jakub Libosvar
41ea5a37a5 evpn: Remove Chassis events
The code was a copy and paste from the bgp_watcher

Change-Id: I054a13303b39567b5136497c8c1f1f8d9b848490
2024-08-05 19:03:28 +00:00
Jakub Libosvar
eaa906e2e5 Remove _check_ip_associated method from Event
The method should be a helper function as it does not modify any state
of the Event instance.

Change-Id: Id744b40d3203fa864bbdf6c541ca7c311c16f9ce
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-08-05 18:23:20 +00:00
Jakub Libosvar
6e9ee5803e NB: Consolidate common code of events to the superclass
Change-Id: I7b7d8cb8402695bdd41fb0f87f1cb2e4fff80b50
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-08-01 21:32:37 +00:00
Jakub Libosvar
8ce9807372 Remove FakeLogicalSwitchChassisEvent class
It is not used anywhere

Change-Id: Iaf2fabe5ba4908c44cef5d10a60fa78de1f4f7fa
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
2024-08-01 21:32:34 +00:00
Zuul
ef38b8c54f Merge "Remove dead code from get_port_chassis function" 2024-07-31 06:49:14 +00:00
Jakub Libosvar
c5eaef9c55 Remove dead code from get_port_chassis function
The function returned a tuple but the second returned object was always
ignored. The patch also deletes redunant unittest.

TrivialFix

Change-Id: I85b3b9a58c8d07aa6bbce240d22cceccbb8a7588
2024-07-30 12:17:50 -04:00