settingsLogin | Registersettings

[Openstack] Neutron routers not getting a VIP in L3 HA mode

0 votes

Hi all,

I am trying to run Neutron Juno with HA enabled for L3 routers. I have
two issues:
1. Both routers come up as backup, in their VRRP config
2. The routers do not get a VIP from my private subnet

I did these:
neutron router-create admin-router
neutron router-gateway-set admin-router public-network
neutron router-interface-add admin-router private-subnet

What am I doing wrong?

Here is the config on box 1:

columbus-pistachio:/opt/openstack # cat
/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/keepalived.conf
vrrp
syncgroup VG1 {
group {
VR1
}
notify
master
"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifymaster.sh"
notifybackup
"/var/lib/neutron/ha
confs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifybackup.sh"
notify
fault
"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifyfault.sh"
}
vrrpinstance VR1 {
state BACKUP
interface ha-a00b9164-7f
virtualrouterid 1
priority 50
nopreempt
advertint 2
track
interface {
ha-a00b9164-7f
}
virtualipaddress {
169.254.0.1/24 dev ha-a00b9164-7f
}
virtual
ipaddressexcluded {
192.168.1.1/24 dev qr-350c1c1d-94
192.168.3.2/24 dev qg-3ecc662c-19
fe80::f816:3eff:fe1b:cac2/64 dev qr-350c1c1d-94 scope link
fe80::f816:3eff:feb0:28c0/64 dev qg-3ecc662c-19 scope link
}
virtual
routes {
0.0.0.0/0 via 192.168.3.1 dev qg-3ecc662c-19
}
}

columbus-pistachio:/opt/openstack # ip netns exec
qrouter-1125512b-ae96-43f9-a69d-c781ba7217d3 ip a
1: lo: <LOOPBACK,UP,LOWERUP> mtu 65536 qdisc noqueue state UNKNOWN
group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid
lft forever preferredlft forever
inet6 ::1/128 scope host
valid
lft forever preferredlft forever
827: ha-a00b9164-7f: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:24:c8:8f brd ff:ff:ff:ff:ff:ff
inet 169.254.192.1/18 brd 169.254.255.255 scope global ha-a00b9164-7f
validlft forever preferredlft forever
inet 169.254.0.1/24 scope global ha-a00b9164-7f
validlft forever preferredlft forever
inet6 fe80::f816:3eff:fe24:c88f/64 scope link
validlft forever preferredlft forever
828: qg-3ecc662c-19: <BROADCAST,UP,LOWERUP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:b0:28:c0 brd ff:ff:ff:ff:ff:ff
inet 192.168.3.2/24 scope global qg-3ecc662c-19
valid
lft forever preferredlft forever
inet6 fe80::f816:3eff:feb0:28c0/64 scope link nodad
valid
lft forever preferredlft forever
829: qr-350c1c1d-94: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:1b:ca:c2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 scope global qr-350c1c1d-94
validlft forever preferredlft forever
inet6 fe80::f816:3eff:fe1b:cac2/64 scope link nodad
validlft forever preferredlft forever

And on two:

memphis-pistachio:/opt/openstack # cat
/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/keepalived.conf
vrrp
syncgroup VG1 {
group {
VR1
}
notify
master
"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifymaster.sh"
notifybackup
"/var/lib/neutron/ha
confs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifybackup.sh"
notify
fault
"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifyfault.sh"
}
vrrpinstance VR1 {
state BACKUP
interface ha-cc3c51fa-27
virtualrouterid 1
priority 50
nopreempt
advertint 2
track
interface {
ha-cc3c51fa-27
}
virtualipaddress {
169.254.0.1/24 dev ha-cc3c51fa-27
}
virtual
ipaddressexcluded {
192.168.1.1/24 dev qr-350c1c1d-94
192.168.3.2/24 dev qg-3ecc662c-19
fe80::f816:3eff:fe1b:cac2/64 dev qr-350c1c1d-94 scope link
fe80::f816:3eff:feb0:28c0/64 dev qg-3ecc662c-19 scope link
}
virtual
routes {
0.0.0.0/0 via 192.168.3.1 dev qg-3ecc662c-19
}
}

memphis-pistachio:/opt/openstack # ip netns exec
qrouter-1125512b-ae96-43f9-a69d-c781ba7217d3 ip a
1: lo: <LOOPBACK,UP,LOWERUP> mtu 65536 qdisc noqueue state UNKNOWN
group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid
lft forever preferredlft forever
inet6 ::1/128 scope host
valid
lft forever preferredlft forever
443: ha-cc3c51fa-27: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:c1:43:c7 brd ff:ff:ff:ff:ff:ff
inet 169.254.192.2/18 brd 169.254.255.255 scope global ha-cc3c51fa-27
validlft forever preferredlft forever
inet6 fe80::f816:3eff:fec1:43c7/64 scope link
validlft forever preferredlft forever
444: qg-3ecc662c-19: <BROADCAST,UP,LOWERUP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:b0:28:c0 brd ff:ff:ff:ff:ff:ff
445: qr-350c1c1d-94: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:1b:ca:c2 brd ff:ff:ff:ff:ff:ff

Thanks


Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
asked Apr 30, 2015 in openstack by Abhishek_Chanda (340 points)   1 4

2 Responses

0 votes

That looks right. They both have a default backup state but your first node
is master as it has IPs on your subnets and the other does not. You'll
probably see the state changes in syslog if you grep for vrrp.
On Apr 30, 2015 6:08 PM, "Abhishek Chanda" abhishek.lists@gmail.com wrote:

Hi all,

I am trying to run Neutron Juno with HA enabled for L3 routers. I have
two issues:
1. Both routers come up as backup, in their VRRP config
2. The routers do not get a VIP from my private subnet

I did these:
neutron router-create admin-router
neutron router-gateway-set admin-router public-network
neutron router-interface-add admin-router private-subnet

What am I doing wrong?

Here is the config on box 1:

columbus-pistachio:/opt/openstack # cat

/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/keepalived.conf
vrrp
syncgroup VG1 {
group {
VR1
}
notify
master

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifymaster.sh"
notify_backup

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifybackup.sh"
notify_fault

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifyfault.sh"
}
vrrpinstance VR1 {
state BACKUP
interface ha-a00b9164-7f
virtualrouterid 1
priority 50
nopreempt
advertint 2
track
interface {
ha-a00b9164-7f
}
virtualipaddress {
169.254.0.1/24 dev ha-a00b9164-7f
}
virtual
ipaddressexcluded {
192.168.1.1/24 dev qr-350c1c1d-94
192.168.3.2/24 dev qg-3ecc662c-19
fe80::f816:3eff:fe1b:cac2/64 dev qr-350c1c1d-94 scope link
fe80::f816:3eff:feb0:28c0/64 dev qg-3ecc662c-19 scope link
}
virtual
routes {
0.0.0.0/0 via 192.168.3.1 dev qg-3ecc662c-19
}
}

columbus-pistachio:/opt/openstack # ip netns exec
qrouter-1125512b-ae96-43f9-a69d-c781ba7217d3 ip a
1: lo: <LOOPBACK,UP,LOWERUP> mtu 65536 qdisc noqueue state UNKNOWN
group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid
lft forever preferredlft forever
inet6 ::1/128 scope host
valid
lft forever preferredlft forever
827: ha-a00b9164-7f: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:24:c8:8f brd ff:ff:ff:ff:ff:ff
inet 169.254.192.1/18 brd 169.254.255.255 scope global ha-a00b9164-7f
validlft forever preferredlft forever
inet 169.254.0.1/24 scope global ha-a00b9164-7f
validlft forever preferredlft forever
inet6 fe80::f816:3eff:fe24:c88f/64 scope link
validlft forever preferredlft forever
828: qg-3ecc662c-19: <BROADCAST,UP,LOWERUP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:b0:28:c0 brd ff:ff:ff:ff:ff:ff
inet 192.168.3.2/24 scope global qg-3ecc662c-19
valid
lft forever preferredlft forever
inet6 fe80::f816:3eff:feb0:28c0/64 scope link nodad
valid
lft forever preferredlft forever
829: qr-350c1c1d-94: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:1b:ca:c2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 scope global qr-350c1c1d-94
validlft forever preferredlft forever
inet6 fe80::f816:3eff:fe1b:cac2/64 scope link nodad
validlft forever preferredlft forever

And on two:

memphis-pistachio:/opt/openstack # cat

/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/keepalived.conf
vrrp
syncgroup VG1 {
group {
VR1
}
notify
master

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifymaster.sh"
notify_backup

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifybackup.sh"
notify_fault

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifyfault.sh"
}
vrrpinstance VR1 {
state BACKUP
interface ha-cc3c51fa-27
virtualrouterid 1
priority 50
nopreempt
advertint 2
track
interface {
ha-cc3c51fa-27
}
virtualipaddress {
169.254.0.1/24 dev ha-cc3c51fa-27
}
virtual
ipaddressexcluded {
192.168.1.1/24 dev qr-350c1c1d-94
192.168.3.2/24 dev qg-3ecc662c-19
fe80::f816:3eff:fe1b:cac2/64 dev qr-350c1c1d-94 scope link
fe80::f816:3eff:feb0:28c0/64 dev qg-3ecc662c-19 scope link
}
virtual
routes {
0.0.0.0/0 via 192.168.3.1 dev qg-3ecc662c-19
}
}

memphis-pistachio:/opt/openstack # ip netns exec
qrouter-1125512b-ae96-43f9-a69d-c781ba7217d3 ip a
1: lo: <LOOPBACK,UP,LOWERUP> mtu 65536 qdisc noqueue state UNKNOWN
group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid
lft forever preferredlft forever
inet6 ::1/128 scope host
valid
lft forever preferredlft forever
443: ha-cc3c51fa-27: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:c1:43:c7 brd ff:ff:ff:ff:ff:ff
inet 169.254.192.2/18 brd 169.254.255.255 scope global ha-cc3c51fa-27
validlft forever preferredlft forever
inet6 fe80::f816:3eff:fec1:43c7/64 scope link
validlft forever preferredlft forever
444: qg-3ecc662c-19: <BROADCAST,UP,LOWERUP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:b0:28:c0 brd ff:ff:ff:ff:ff:ff
445: qr-350c1c1d-94: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:1b:ca:c2 brd ff:ff:ff:ff:ff:ff

Thanks


Mailing list:
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe :
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack


Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
responded Apr 30, 2015 by Erik_McCormick (3,880 points)   3 5
0 votes

Thanks Erik.

But shouldn't the VIP be from the associated tenant network?

I need to configure reaching the VIP from another external host.
Currently, the VIP is being assigned from a link local network, which
is not reachable externally. I took a quick look at the code and this
network looks hard coded. Am I missing something?

Thanks

On Thu, Apr 30, 2015 at 3:53 PM, Erik McCormick
emccormick@cirrusseven.com wrote:
That looks right. They both have a default backup state but your first node
is master as it has IPs on your subnets and the other does not. You'll
probably see the state changes in syslog if you grep for vrrp.

On Apr 30, 2015 6:08 PM, "Abhishek Chanda" abhishek.lists@gmail.com wrote:

Hi all,

I am trying to run Neutron Juno with HA enabled for L3 routers. I have
two issues:
1. Both routers come up as backup, in their VRRP config
2. The routers do not get a VIP from my private subnet

I did these:
neutron router-create admin-router
neutron router-gateway-set admin-router public-network
neutron router-interface-add admin-router private-subnet

What am I doing wrong?

Here is the config on box 1:

columbus-pistachio:/opt/openstack # cat

/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/keepalived.conf
vrrp
syncgroup VG1 {
group {
VR1
}
notify
master

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifymaster.sh"
notify_backup

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifybackup.sh"
notify_fault

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifyfault.sh"
}
vrrpinstance VR1 {
state BACKUP
interface ha-a00b9164-7f
virtualrouterid 1
priority 50
nopreempt
advertint 2
track
interface {
ha-a00b9164-7f
}
virtualipaddress {
169.254.0.1/24 dev ha-a00b9164-7f
}
virtual
ipaddressexcluded {
192.168.1.1/24 dev qr-350c1c1d-94
192.168.3.2/24 dev qg-3ecc662c-19
fe80::f816:3eff:fe1b:cac2/64 dev qr-350c1c1d-94 scope link
fe80::f816:3eff:feb0:28c0/64 dev qg-3ecc662c-19 scope link
}
virtual
routes {
0.0.0.0/0 via 192.168.3.1 dev qg-3ecc662c-19
}
}

columbus-pistachio:/opt/openstack # ip netns exec
qrouter-1125512b-ae96-43f9-a69d-c781ba7217d3 ip a
1: lo: <LOOPBACK,UP,LOWERUP> mtu 65536 qdisc noqueue state UNKNOWN
group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid
lft forever preferredlft forever
inet6 ::1/128 scope host
valid
lft forever preferredlft forever
827: ha-a00b9164-7f: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:24:c8:8f brd ff:ff:ff:ff:ff:ff
inet 169.254.192.1/18 brd 169.254.255.255 scope global ha-a00b9164-7f
validlft forever preferredlft forever
inet 169.254.0.1/24 scope global ha-a00b9164-7f
validlft forever preferredlft forever
inet6 fe80::f816:3eff:fe24:c88f/64 scope link
validlft forever preferredlft forever
828: qg-3ecc662c-19: <BROADCAST,UP,LOWERUP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:b0:28:c0 brd ff:ff:ff:ff:ff:ff
inet 192.168.3.2/24 scope global qg-3ecc662c-19
valid
lft forever preferredlft forever
inet6 fe80::f816:3eff:feb0:28c0/64 scope link nodad
valid
lft forever preferredlft forever
829: qr-350c1c1d-94: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:1b:ca:c2 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 scope global qr-350c1c1d-94
validlft forever preferredlft forever
inet6 fe80::f816:3eff:fe1b:cac2/64 scope link nodad
validlft forever preferredlft forever

And on two:

memphis-pistachio:/opt/openstack # cat

/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/keepalived.conf
vrrp
syncgroup VG1 {
group {
VR1
}
notify
master

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifymaster.sh"
notify_backup

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifybackup.sh"
notify_fault

"/var/lib/neutron/haconfs/1125512b-ae96-43f9-a69d-c781ba7217d3/notifyfault.sh"
}
vrrpinstance VR1 {
state BACKUP
interface ha-cc3c51fa-27
virtualrouterid 1
priority 50
nopreempt
advertint 2
track
interface {
ha-cc3c51fa-27
}
virtualipaddress {
169.254.0.1/24 dev ha-cc3c51fa-27
}
virtual
ipaddressexcluded {
192.168.1.1/24 dev qr-350c1c1d-94
192.168.3.2/24 dev qg-3ecc662c-19
fe80::f816:3eff:fe1b:cac2/64 dev qr-350c1c1d-94 scope link
fe80::f816:3eff:feb0:28c0/64 dev qg-3ecc662c-19 scope link
}
virtual
routes {
0.0.0.0/0 via 192.168.3.1 dev qg-3ecc662c-19
}
}

memphis-pistachio:/opt/openstack # ip netns exec
qrouter-1125512b-ae96-43f9-a69d-c781ba7217d3 ip a
1: lo: <LOOPBACK,UP,LOWERUP> mtu 65536 qdisc noqueue state UNKNOWN
group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid
lft forever preferredlft forever
inet6 ::1/128 scope host
valid
lft forever preferredlft forever
443: ha-cc3c51fa-27: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:c1:43:c7 brd ff:ff:ff:ff:ff:ff
inet 169.254.192.2/18 brd 169.254.255.255 scope global ha-cc3c51fa-27
validlft forever preferredlft forever
inet6 fe80::f816:3eff:fec1:43c7/64 scope link
validlft forever preferredlft forever
444: qg-3ecc662c-19: <BROADCAST,UP,LOWERUP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:b0:28:c0 brd ff:ff:ff:ff:ff:ff
445: qr-350c1c1d-94: <BROADCAST,UP,LOWER
UP> mtu 1500 qdisc noqueue
state UNKNOWN group default
link/ether fa:16:3e:1b:ca:c2 brd ff:ff:ff:ff:ff:ff

Thanks


Mailing list:
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe :
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack


Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
responded Apr 30, 2015 by Abhishek_Chanda (340 points)   1 4
...