OSDir

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM


Hi Adam – yes this is why I called it a last option bodge – you would effectively have to do a brctl show or ifconfig, parse all the bridges and iterate through them to bring them online. If the “networks” script doesn’t fire at the right time try the “qemu” script – it will already have been populated during the KVM agent install but you can append to this, and this fires every time a VM is brought online.

To get back to your original problem – do the bridges come online if you use active-passive instead of LACP? If not then you have effectively tried the lowest common denominator – which would point the issue at being something environmental on your specific hosts.

Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue

On 01/05/2018, 11:11, "Adam Witwicki" <awitwicki@xxxxxxxxxxxxx> wrote:

    Dag
    
    The HOOKS don’t list the networks created by cloudstack only the default created by libvirt
    
    default start begin -
    default started begin -
    
    I was expecting to see
    
    brbond0-999 start begin -
    brbond0-999 default started begin
    
    Thanks
    
    Adam
    
    -----Original Message-----
    From: Adam Witwicki <awitwicki@xxxxxxxxxxxxx>
    Sent: 01 May 2018 09:36
    To: users@xxxxxxxxxxxxxxxxxxxxx
    Subject: RE: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM
    
    ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **
    
    Hi Dag, for completeness
    
    - Your config looks OK.
      >> Thanks
    - Have you made sure LACP is actually up and running on your switch stack? If LACP on KVM can’t handshake correctly with the switches I could see you having problems.
     >> LACP is up, same issue without bonding
    - What does a “cat /proc/net/bonding/bond0” tell you when the bridge is down?
     >> LACP is up
    - Overall I suspect this could also be down to NIC drivers – it may be an idea to make sure these are fully up to date.
     >> Same Nics in RnD that worked
    - If all else fails and you cannot find a resolution you could bodge a workaround with libvirt hooks – by putting a script to up all bridges into /etc/libvirt/hooks/network – see https://libvirt.org/hooks.html for more info. I would use this as your last option though.
     >> Cheers I will take a look
    
    Thanks
    
    Adam
    
    -----Original Message-----
    From: Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>
    Sent: 30 April 2018 15:51
    To: users@xxxxxxxxxxxxxxxxxxxxx
    Subject: Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM
    
    ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **
    
    Ah OK – back to the original list then:
    
    - - -
    - Your config looks OK.
    - Have you made sure LACP is actually up and running on your switch stack? If LACP on KVM can’t handshake correctly with the switches I could see you having problems.
    - What does a “cat /proc/net/bonding/bond0” tell you when the bridge is down?
    - Overall I suspect this could also be down to NIC drivers – it may be an idea to make sure these are fully up to date.
    - If all else fails and you cannot find a resolution you could bodge a workaround with libvirt hooks – by putting a script to up all bridges into /etc/libvirt/hooks/network – see https://libvirt.org/hooks.html for more info. I would use this as your last option though.
    - - -
    
    Regards,
    Dag Sonstebo
    Cloud Architect
    ShapeBlue
    
    On 30/04/2018, 15:21, "Adam Witwicki" <awitwicki@xxxxxxxxxxxxx> wrote:
    
        No I am sorry, its still showing as down
    
        brbond0-999: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    
        -----Original Message-----
        From: Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>
        Sent: 30 April 2018 15:21
        To: users@xxxxxxxxxxxxxxxxxxxxx
        Subject: Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM
    
        ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **
    
        Excellent, glad you got it sorted.
    
        Regards,
        Dag Sonstebo
        Cloud Architect
        ShapeBlue
    
        On 30/04/2018, 15:01, "Adam Witwicki" <awitwicki@xxxxxxxxxxxxx> wrote:
    
            That seems to have been the issue, ZAP NetworkManager
    
            Thanks Guys!
    
    
            Adam
    
            -----Original Message-----
            From: Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>
            Sent: 30 April 2018 14:55
            To: users@xxxxxxxxxxxxxxxxxxxxx
            Subject: Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM
    
            ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **
    
            Hi Adam,
    
            Yes get rid of NM – it will cause you nothing but headaches.
    
            Regards,
            Dag Sonstebo
            Cloud Architect
            ShapeBlue
    
            On 30/04/2018, 14:40, "Adam Witwicki" <awitwicki@xxxxxxxxxxxxx> wrote:
    
                Hi Dan
    
                I see these in the KVM hosts messages log
    
                Apr 30 14:29:57 OIS-MH-P1-C1-H1-A NetworkManager[1217]: <info>  [1525094997.7754] manager: (bond0.999): new VLAN device (/org/freedesktop/NetworkManager/Devices/11)
                Apr 30 14:29:57 OIS-MH-P1-C1-H1-A NetworkManager[1217]: <info>  [1525094997.7779] device (bond0.999): link connected
                Apr 30 14:29:57 OIS-MH-P1-C1-H1-A NetworkManager[1217]: <info>  [1525094997.7833] manager: (brbond0-999): new Bridge device (/org/freedesktop/NetworkManager/Devices/12)
    
                Is it worth uninstalling NetworkManager?
    
                Thanks
    
                Adam
    
                -----Original Message-----
                From: Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>
                Sent: 30 April 2018 14:24
                To: users@xxxxxxxxxxxxxxxxxxxxx
                Subject: Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM
    
                ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **
    
                Hi Adam,
    
                As per Nicolas’ comments probably a good idea to increase the verbosity of your agent logs and see if anything pops up – also check your normal /var/log/messages.
    
                My twopence worth apart from this:
                - Your config looks OK.
                - Have you made sure LACP is actually up and running on your switch stack? If LACP on KVM can’t handshake correctly with the switches I could see you having problems.
                - What does a “cat /proc/net/bonding/bond0” tell you when the bridge is down?
                - Overall I suspect this could also be down to NIC drivers – it may be an idea to make sure these are fully up to date.
                - If all else fails and you cannot find a resolution you could bodge a workaround with libvirt hooks – by putting a script to up all bridges into /etc/libvirt/hooks/network – see https://libvirt.org/hooks.html for more info. I would use this as your last option though.
    
                Regards,
                Dag Sonstebo
                Cloud Architect
                ShapeBlue
    
                On 30/04/2018, 14:13, "Nicolas Bouige" <n.bouige@xxxxxxxx> wrote:
    
                    Adam,
    
    
                    Yes ;)
    
                    Sorry for my misunderstanding, i saw that when i check on my own KVM configuration.
    
    
                    Do you have any log from KVM agent cloudstack or MGMT ?
    
                    Nicolas Bouige
                    DIMSI
                    cloud.dimsi.fr<http://www.cloud.dimsi.fr>
                    4, avenue Laurent Cely
                    Tour d’Asnière – 92600 Asnière sur Seine
                    T/ +33 (0)6 28 98 53 40
    
    
    
                    ________________________________
                    De : Adam Witwicki <awitwicki@xxxxxxxxxxxxx>
                    Envoyé : lundi 30 avril 2018 14:36
                    À : users@xxxxxxxxxxxxxxxxxxxxx
                    Objet : New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM
    
                    Hello
    
                    I have managed to test Cloudstack in the Lab with very little issues, but now going into production (adding Loadbalanced Cloudstack management servers and LACP nic bonding) I am having a few issues.
    
                    When starting my first instance the network bridges stay down
    
                    13: brbond0-999: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    
                    If I bring this up using ip link set dev brbond0-999 up the bridge comes up fine and the systemVMs work.
    
                    Any ideas?
    
                    Kind Regards
    
                    Adam Witwicki
    
    
                    Centos 7
                    Cloudstack 4.9.3.1
                    KVM 3.2.0
    
                    /etc/sysconfig/network-scripts/ifcfg-enp4s0f0
                    TYPE="Ethernet"
                    USERCTL=no
                    MASTER=bond0
                    SLAVE=yes
                    NAME="enp4s0f0"
                    UUID="abe1d2f9-253c-4246-a7d6-b7e7e396ce8f"
                    DEVICE="enp4s0f0"
                    ONBOOT="yes"
                    NM_CONTROLLED=no
                    BOOTPROTO=none
    
    
                    /etc/sysconfig/network-scripts/ifcfg-enp4s0f0
                    TYPE=Ethernet
                    BOOTPROTO=none
                    USERCTL=no
                    MASTER=bond0
                    SLAVE=yes
                    NAME=enp4s0f1
                    UUID=f6cec93b-e271-44d4-818b-c94393133d23
                    DEVICE=enp4s0f1
                    ONBOOT=yes
                    NM_CONTROLLED=no
    
    
                    /etc/sysconfig/network-scripts/ifcfg-bond0
                    DEVICE=bond0
                    ONBOOT=yes
                    BONDING_OPTS='mode=4 miimon=100'
                    BRIDGE=cloudbr0
                    NM_CONTROLLED=no
    
    
                    /etc/sysconfig/network-scripts/ifcfg-cloudbr0
                    DEVICE=cloudbr0
                    TYPE=Bridge
                    ONBOOT=yes
                    BOOTPROTO=static
                    IPV6INIT=no
                    IPV6_AUTOCONF=no
                    DELAY=5
                    STP=yes
                    IPADDR= x.x.x.x
                    GATEWAY= x.x.x.x
                    PREFIX=xx
                    DNS1= x.x.x.x
                    DNS2= x.x.x.x
    
                    bridge name     bridge id               STP enabled     interfaces
                    brbond0-999             8000.a0369f20953c       no              bond0.999
                                                                            vnet4
                                                                            vnet5
                    cloud0          8000.fe00a9fe0006       no              vnet0
                                                                            vnet1
                    cloudbr0                8000.a0369f20953c       yes             bond0
                                                                            vnet2
                                                                            vnet3
                    virbr0          8000.525400a48eba       yes             virbr0-nic
    
    
    
    
    
    
                    Disclaimer Notice:
                    This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
                    This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
                    Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
                    Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
                    Registered in England and Wales No. 5971519
    
    
    
    
                Dag.Sonstebo@xxxxxxxxxxxxx
                www.shapeblue.com
                53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue
    
    
    
                Disclaimer Notice:
                This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
                This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
                Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
                Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
                Registered in England and Wales No. 5971519
    
    
    
    
            Dag.Sonstebo@xxxxxxxxxxxxx
            www.shapeblue.com
            53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue
    
    
    
            Disclaimer Notice:
            This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
            This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
            Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
            Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
            Registered in England and Wales No. 5971519
    
    
    
    
        Dag.Sonstebo@xxxxxxxxxxxxx
        www.shapeblue.com
        53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue
    
    
    
        Disclaimer Notice:
        This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
        This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
        Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
        Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
        Registered in England and Wales No. 5971519
    
    
    
    
    Dag.Sonstebo@xxxxxxxxxxxxx
    www.shapeblue.com
    53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue
    
    
    
    Disclaimer Notice:
    This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
    This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
    Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
    Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
    Registered in England and Wales No. 5971519
    
    Disclaimer Notice:
    This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
    This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
    Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
    Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
    Registered in England and Wales No. 5971519
    
    


Dag.Sonstebo@xxxxxxxxxxxxx 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue