OSDir

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM


They don’t come up even if I remove bonding



-----Original Message-----
From: Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>
Sent: 01 May 2018 11:23
To: users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM

** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **

Hi Adam – yes this is why I called it a last option bodge – you would effectively have to do a brctl show or ifconfig, parse all the bridges and iterate through them to bring them online. If the “networks” script doesn’t fire at the right time try the “qemu” script – it will already have been populated during the KVM agent install but you can append to this, and this fires every time a VM is brought online.

To get back to your original problem – do the bridges come online if you use active-passive instead of LACP? If not then you have effectively tried the lowest common denominator – which would point the issue at being something environmental on your specific hosts.

Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue

On 01/05/2018, 11:11, "Adam Witwicki" <awitwicki@xxxxxxxxxxxxx> wrote:

    Dag

    The HOOKS don’t list the networks created by cloudstack only the default created by libvirt

    default start begin -
    default started begin -

    I was expecting to see

    brbond0-999 start begin -
    brbond0-999 default started begin

    Thanks

    Adam

    -----Original Message-----
    From: Adam Witwicki <awitwicki@xxxxxxxxxxxxx>
    Sent: 01 May 2018 09:36
    To: users@xxxxxxxxxxxxxxxxxxxxx
    Subject: RE: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM

    ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **

    Hi Dag, for completeness

    - Your config looks OK.
      >> Thanks
    - Have you made sure LACP is actually up and running on your switch stack? If LACP on KVM can’t handshake correctly with the switches I could see you having problems.
     >> LACP is up, same issue without bonding
    - What does a “cat /proc/net/bonding/bond0” tell you when the bridge is down?
     >> LACP is up
    - Overall I suspect this could also be down to NIC drivers – it may be an idea to make sure these are fully up to date.
     >> Same Nics in RnD that worked
    - If all else fails and you cannot find a resolution you could bodge a workaround with libvirt hooks – by putting a script to up all bridges into /etc/libvirt/hooks/network – see https://libvirt.org/hooks.html for more info. I would use this as your last option though.
     >> Cheers I will take a look

    Thanks

    Adam

    -----Original Message-----
    From: Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>
    Sent: 30 April 2018 15:51
    To: users@xxxxxxxxxxxxxxxxxxxxx
    Subject: Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM

    ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **

    Ah OK – back to the original list then:

    - - -
    - Your config looks OK.
    - Have you made sure LACP is actually up and running on your switch stack? If LACP on KVM can’t handshake correctly with the switches I could see you having problems.
    - What does a “cat /proc/net/bonding/bond0” tell you when the bridge is down?
    - Overall I suspect this could also be down to NIC drivers – it may be an idea to make sure these are fully up to date.
    - If all else fails and you cannot find a resolution you could bodge a workaround with libvirt hooks – by putting a script to up all bridges into /etc/libvirt/hooks/network – see https://libvirt.org/hooks.html for more info. I would use this as your last option though.
    - - -

    Regards,
    Dag Sonstebo
    Cloud Architect
    ShapeBlue

    On 30/04/2018, 15:21, "Adam Witwicki" <awitwicki@xxxxxxxxxxxxx> wrote:

        No I am sorry, its still showing as down

        brbond0-999: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000

        -----Original Message-----
        From: Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>
        Sent: 30 April 2018 15:21
        To: users@xxxxxxxxxxxxxxxxxxxxx
        Subject: Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM

        ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **

        Excellent, glad you got it sorted.

        Regards,
        Dag Sonstebo
        Cloud Architect
        ShapeBlue

        On 30/04/2018, 15:01, "Adam Witwicki" <awitwicki@xxxxxxxxxxxxx> wrote:

            That seems to have been the issue, ZAP NetworkManager

            Thanks Guys!


            Adam

            -----Original Message-----
            From: Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>
            Sent: 30 April 2018 14:55
            To: users@xxxxxxxxxxxxxxxxxxxxx
            Subject: Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM

            ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **

            Hi Adam,

            Yes get rid of NM – it will cause you nothing but headaches.

            Regards,
            Dag Sonstebo
            Cloud Architect
            ShapeBlue

            On 30/04/2018, 14:40, "Adam Witwicki" <awitwicki@xxxxxxxxxxxxx> wrote:

                Hi Dan

                I see these in the KVM hosts messages log

                Apr 30 14:29:57 OIS-MH-P1-C1-H1-A NetworkManager[1217]: <info>  [1525094997.7754] manager: (bond0.999): new VLAN device (/org/freedesktop/NetworkManager/Devices/11)
                Apr 30 14:29:57 OIS-MH-P1-C1-H1-A NetworkManager[1217]: <info>  [1525094997.7779] device (bond0.999): link connected
                Apr 30 14:29:57 OIS-MH-P1-C1-H1-A NetworkManager[1217]: <info>  [1525094997.7833] manager: (brbond0-999): new Bridge device (/org/freedesktop/NetworkManager/Devices/12)

                Is it worth uninstalling NetworkManager?

                Thanks

                Adam

                -----Original Message-----
                From: Dag Sonstebo <Dag.Sonstebo@xxxxxxxxxxxxx>
                Sent: 30 April 2018 14:24
                To: users@xxxxxxxxxxxxxxxxxxxxx
                Subject: Re: New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM

                ** This mail originated from OUTSIDE the Oakford corporate network. Treat hyperlinks and attachments in this email with caution. **

                Hi Adam,

                As per Nicolas’ comments probably a good idea to increase the verbosity of your agent logs and see if anything pops up – also check your normal /var/log/messages.

                My twopence worth apart from this:
                - Your config looks OK.
                - Have you made sure LACP is actually up and running on your switch stack? If LACP on KVM can’t handshake correctly with the switches I could see you having problems.
                - What does a “cat /proc/net/bonding/bond0” tell you when the bridge is down?
                - Overall I suspect this could also be down to NIC drivers – it may be an idea to make sure these are fully up to date.
                - If all else fails and you cannot find a resolution you could bodge a workaround with libvirt hooks – by putting a script to up all bridges into /etc/libvirt/hooks/network – see https://libvirt.org/hooks.html for more info. I would use this as your last option though.

                Regards,
                Dag Sonstebo
                Cloud Architect
                ShapeBlue

                On 30/04/2018, 14:13, "Nicolas Bouige" <n.bouige@xxxxxxxx> wrote:

                    Adam,


                    Yes ;)

                    Sorry for my misunderstanding, i saw that when i check on my own KVM configuration.


                    Do you have any log from KVM agent cloudstack or MGMT ?

                    Nicolas Bouige
                    DIMSI
                    cloud.dimsi.fr<http://www.cloud.dimsi.fr>
                    4, avenue Laurent Cely
                    Tour d’Asnière – 92600 Asnière sur Seine
                    T/ +33 (0)6 28 98 53 40



                    ________________________________
                    De : Adam Witwicki <awitwicki@xxxxxxxxxxxxx>
                    Envoyé : lundi 30 avril 2018 14:36
                    À : users@xxxxxxxxxxxxxxxxxxxxx
                    Objet : New to Cloudstack - Issues going in to production - Public and Guest bridges not up KVM

                    Hello

                    I have managed to test Cloudstack in the Lab with very little issues, but now going into production (adding Loadbalanced Cloudstack management servers and LACP nic bonding) I am having a few issues.

                    When starting my first instance the network bridges stay down

                    13: brbond0-999: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000

                    If I bring this up using ip link set dev brbond0-999 up the bridge comes up fine and the systemVMs work.

                    Any ideas?

                    Kind Regards

                    Adam Witwicki


                    Centos 7
                    Cloudstack 4.9.3.1
                    KVM 3.2.0

                    /etc/sysconfig/network-scripts/ifcfg-enp4s0f0
                    TYPE="Ethernet"
                    USERCTL=no
                    MASTER=bond0
                    SLAVE=yes
                    NAME="enp4s0f0"
                    UUID="abe1d2f9-253c-4246-a7d6-b7e7e396ce8f"
                    DEVICE="enp4s0f0"
                    ONBOOT="yes"
                    NM_CONTROLLED=no
                    BOOTPROTO=none


                    /etc/sysconfig/network-scripts/ifcfg-enp4s0f0
                    TYPE=Ethernet
                    BOOTPROTO=none
                    USERCTL=no
                    MASTER=bond0
                    SLAVE=yes
                    NAME=enp4s0f1
                    UUID=f6cec93b-e271-44d4-818b-c94393133d23
                    DEVICE=enp4s0f1
                    ONBOOT=yes
                    NM_CONTROLLED=no


                    /etc/sysconfig/network-scripts/ifcfg-bond0
                    DEVICE=bond0
                    ONBOOT=yes
                    BONDING_OPTS='mode=4 miimon=100'
                    BRIDGE=cloudbr0
                    NM_CONTROLLED=no


                    /etc/sysconfig/network-scripts/ifcfg-cloudbr0
                    DEVICE=cloudbr0
                    TYPE=Bridge
                    ONBOOT=yes
                    BOOTPROTO=static
                    IPV6INIT=no
                    IPV6_AUTOCONF=no
                    DELAY=5
                    STP=yes
                    IPADDR= x.x.x.x
                    GATEWAY= x.x.x.x
                    PREFIX=xx
                    DNS1= x.x.x.x
                    DNS2= x.x.x.x

                    bridge name     bridge id               STP enabled     interfaces
                    brbond0-999             8000.a0369f20953c       no              bond0.999
                                                                            vnet4
                                                                            vnet5
                    cloud0          8000.fe00a9fe0006       no              vnet0
                                                                            vnet1
                    cloudbr0                8000.a0369f20953c       yes             bond0
                                                                            vnet2
                                                                            vnet3
                    virbr0          8000.525400a48eba       yes             virbr0-nic






                    Disclaimer Notice:
                    This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
                    This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
                    Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
                    Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
                    Registered in England and Wales No. 5971519




                Dag.Sonstebo@xxxxxxxxxxxxx
                www.shapeblue.com
                53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue



                Disclaimer Notice:
                This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
                This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
                Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
                Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
                Registered in England and Wales No. 5971519




            Dag.Sonstebo@xxxxxxxxxxxxx
            www.shapeblue.com
            53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue



            Disclaimer Notice:
            This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
            This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
            Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
            Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
            Registered in England and Wales No. 5971519




        Dag.Sonstebo@xxxxxxxxxxxxx
        www.shapeblue.com
        53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue



        Disclaimer Notice:
        This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
        This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
        Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
        Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
        Registered in England and Wales No. 5971519




    Dag.Sonstebo@xxxxxxxxxxxxx
    www.shapeblue.com
    53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue



    Disclaimer Notice:
    This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
    This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
    Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
    Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
    Registered in England and Wales No. 5971519

    Disclaimer Notice:
    This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
    This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
    Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
    Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
    Registered in England and Wales No. 5971519




Dag.Sonstebo@xxxxxxxxxxxxx
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK @shapeblue



Disclaimer Notice:
This email has been sent by Oakford Technology Limited, while we have checked this e-mail and any attachments for viruses, we can not guarantee that they are virus-free. You must therefore take full responsibility for virus checking.
This message and any attachments are confidential and should only be read by those to whom they are addressed. If you are not the intended recipient, please contact us, delete the message from your computer and destroy any copies. Any distribution or copying without our prior permission is prohibited.
Internet communications are not always secure and therefore Oakford Technology Limited does not accept legal responsibility for this message. The recipient is responsible for verifying its authenticity before acting on the contents. Any views or opinions presented are solely those of the author and do not necessarily represent those of Oakford Technology Limited.
Registered address: Oakford Technology Limited, 10 Prince Maurice Court, Devizes, Wiltshire. SN10 2RT.
Registered in England and Wales No. 5971519