Octavia on Midonet 5.4

Description

Hello,

I'm trying to deploy Octavia loadbalancer on our OpenStack Pike with Midonet.
Octavia creates two VMs (amphoras) and sets VRRP between them so there are three ports created in internal network:

port attached to one amphora VM:

name: octavia-lb-vrrp-4ec49a51-0aeb-4b35-8e4c-139f85e5cd88
id: 8a5d86b5-4beb-4339-ac00-8a53fc4d433e
ip: 192.168.0.10
mac: fa:16:3e:1d:75:4b
owner: compute:nova

port attached to second amphora VM:

name: octavia-lb-vrrp-cb5d8201-c0c9-4a83-8e1b-83f173b5ff7a
id: dd0a2d1e-a464-49a0-af77-d29c81eb37da
ip: 192.168.0.13
mac: fa:16:3e:23:2b:ac
owner: compute:nova

port for VIP of loadbalancer (this port is not bound):
name: octavia-lb-72d87758-42d6-4111-b0f2-709ca1070f52
id: a08e090c-ab0e-4376-a665-d64164e59f3e
ip: 192.168.0.7
mac: fa:16:3e:ba:01:c6
owner: Octavia
device-id: lb-72d87758-42d6-4111-b0f2-709ca1070f52

Floating IP is pointing to the VIP port so all incoming traffic is directed to VIP port.

Ports details from Openstack perspective:

(openstack) port show 8a5d86b5-4beb-4339-ac00-8a53fc4d433e
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Field

Value

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

admin_state_up

UP

allowed_address_pairs

ip_address='192.168.0.7', mac_address='fa:16:3e:1d:75:4b'

binding_host_id

cfdev-compute1

binding_profile

 

binding_vif_details

port_filter='True'

binding_vif_type

midonet

binding_vnic_type

normal

created_at

2019-03-21T10:39:00Z

data_plane_status

None

description

 

device_id

18a15e2e-4f75-4110-ab2a-1d0b605af9d4

device_owner

compute:nova

dns_assignment

fqdn='amphora-4ec49a51-0aeb-4b35-8e4c-139f85e5cd88.cf2-ns.cloudferro.com.', hostname='amphora-4ec49a51-0aeb-4b35-8e4c-139f85e5cd88', ip_address='192.168.0.10'

dns_domain

None

dns_name

amphora-4ec49a51-0aeb-4b35-8e4c-139f85e5cd88

extra_dhcp_opts

 

fixed_ips

ip_address='192.168.0.10', subnet_id='78be330f-d616-4462-a870-4312d2859762'

id

8a5d86b5-4beb-4339-ac00-8a53fc4d433e

mac_address

fa:16:3e:1d:75:4b

name

octavia-lb-vrrp-4ec49a51-0aeb-4b35-8e4c-139f85e5cd88

network_id

afaca372-1fad-44dd-ae89-c5d7edec5836

port_security_enabled

True

project_id

e9e541d050b14e64840b06195d54d40d

propagate_uplink_status

None

qos_policy_id

None

resource_request

None

revision_number

9

security_group_ids

f977f265-1a18-46f4-ae78-5761799875b0

status

ACTIVE

tags

 

trunk_details

None

updated_at

2019-03-21T10:39:08Z

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

(openstack) port show dd0a2d1e-a464-49a0-af77-d29c81eb37da
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Field

Value

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

admin_state_up

UP

allowed_address_pairs

ip_address='192.168.0.7', mac_address='fa:16:3e:23:2b:ac'

binding_host_id

cfdev-compute2

binding_profile

 

binding_vif_details

port_filter='True'

binding_vif_type

midonet

binding_vnic_type

normal

created_at

2019-03-21T10:39:09Z

data_plane_status

None

description

 

device_id

d97a5a4b-c31b-465d-b6a4-3628b408288f

device_owner

compute:nova

dns_assignment

fqdn='amphora-cb5d8201-c0c9-4a83-8e1b-83f173b5ff7a.cf2-ns.cloudferro.com.', hostname='amphora-cb5d8201-c0c9-4a83-8e1b-83f173b5ff7a', ip_address='192.168.0.13'

dns_domain

None

dns_name

amphora-cb5d8201-c0c9-4a83-8e1b-83f173b5ff7a

extra_dhcp_opts

 

fixed_ips

ip_address='192.168.0.13', subnet_id='78be330f-d616-4462-a870-4312d2859762'

id

dd0a2d1e-a464-49a0-af77-d29c81eb37da

mac_address

fa:16:3e:23:2b:ac

name

octavia-lb-vrrp-cb5d8201-c0c9-4a83-8e1b-83f173b5ff7a

network_id

afaca372-1fad-44dd-ae89-c5d7edec5836

port_security_enabled

True

project_id

e9e541d050b14e64840b06195d54d40d

propagate_uplink_status

None

qos_policy_id

None

resource_request

None

revision_number

9

security_group_ids

f977f265-1a18-46f4-ae78-5761799875b0

status

ACTIVE

tags

 

trunk_details

None

updated_at

2019-03-21T10:39:18Z

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

(openstack) port show a08e090c-ab0e-4376-a665-d64164e59f3e
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Field

Value

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

admin_state_up

DOWN

allowed_address_pairs

 

binding_host_id

 

binding_profile

 

binding_vif_details

 

binding_vif_type

unbound

binding_vnic_type

normal

created_at

2019-03-21T10:37:39Z

data_plane_status

None

description

 

device_id

lb-72d87758-42d6-4111-b0f2-709ca1070f52

device_owner

Octavia

dns_assignment

fqdn='host-192-168-0-7.cf2-ns.cloudferro.com.', hostname='host-192-168-0-7', ip_address='192.168.0.7'

dns_domain

None

dns_name

 

extra_dhcp_opts

 

fixed_ips

ip_address='192.168.0.7', subnet_id='78be330f-d616-4462-a870-4312d2859762'

id

a08e090c-ab0e-4376-a665-d64164e59f3e

mac_address

fa:16:3e:ba:01:c6

name

octavia-lb-72d87758-42d6-4111-b0f2-709ca1070f52

network_id

afaca372-1fad-44dd-ae89-c5d7edec5836

port_security_enabled

True

project_id

a7e98c5d185b40bdb5e1b837e73a0648

propagate_uplink_status

None

qos_policy_id

None

resource_request

None

revision_number

4

security_group_ids

f977f265-1a18-46f4-ae78-5761799875b0

status

DOWN

tags

 

trunk_details

None

updated_at

2019-03-21T10:38:58Z

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

ports details from Midonet perspective:

root@cfdev-ctrl1(CFDEV):~# midonet-cli -e port 8a5d86b5-4beb-4339-ac00-8a53fc4d433e show
port 8a5d86b5-4beb-4339-ac00-8a53fc4d433e device afaca372-1fad-44dd-ae89-c5d7edec5836 state up plugged yes infilter 42103742-7ebf-4712-a27b-b2a13b4ead54 outfilter 8854c64e-6747-4327-b3fa-7393a149f61a vlan 0

root@cfdev-ctrl1(CFDEV):~# midonet-cli -e port dd0a2d1e-a464-49a0-af77-d29c81eb37da show
port dd0a2d1e-a464-49a0-af77-d29c81eb37da device afaca372-1fad-44dd-ae89-c5d7edec5836 state up plugged yes infilter 15479ce9-9130-4d8b-a10c-ea6e46e8d9b0 outfilter df036de5-88c8-49be-b08d-2b5cdcef82fe vlan 0

root@cfdev-ctrl1(CFDEV):~# midonet-cli -e port a08e090c-ab0e-4376-a665-d64164e59f3e show
port a08e090c-ab0e-4376-a665-d64164e59f3e device afaca372-1fad-44dd-ae89-c5d7edec5836 state down plugged no infilter 68c3b8fb-9e5a-475d-a81e-eeb3a3e67154 outfilter a28749f7-87a2-4368-b99f-2f8139e12a1a vlan 0

Master amphora VM has two addresses configured on network interfaces:

  • its IP, for example 192.168.0.10

  • VIP address 192.168.0.7

In vanilla neutron implementation when packet enters VIP port router sends ARP request packet in internal network to find MAC address for 192.168.0.7 and MASTER amphora VM responds with its MAC address, so traffic is then directed to the VM and everything is working.

In Midonet, packet is dropped by Midolman because VIP port is not bound to anything. Midolman is not trying to find MAC address in the network for 192.168.0.7 IP.

Please see attached diagram.

Status

Assignee

Alexander Gabert

Reporter

Piotr Misiak

Labels

None

Affects versions

5.4.6

Priority

Major
Configure