Creating LoadBalancers does not work with OpenContrail

[dbaumgarten]

Affected binary: openstack-cloud-controller-manager (occm)

/kind bug

What happened: I am trying to use the openstack-cloud-controller-manager in a Kubernetes that is installed on OpenStack Ocata.
When I create a Service of Type LoadBalancer I get the following error-event:

 Warning  SyncLoadBalancerFailed  34s (x4 over 74s)  service-controller  Error syncing load balancer: failed to ensure load balancer: error creating LB floatingip {Description:Floating IP for Kubernetes external service default/my-service from cluster kubernetes FloatingNetworkID:fe4fa7de-7649-444b-96d8-c64248d3f8f4 FloatingIP: PortID:46858c5d-71c3-4996-910f-0784285c08fe FixedIP: SubnetID: TenantID: ProjectID:}: Bad request with: [POST https://redacted:9696/v2.0/floatingips], error message: {"NeutronError": {"message": "Unrecognized attribute(s) 'description'", "type": "HTTPBadRequest", "detail": ""}}

and the cloud-controller fails to provision the LoadBalancer.

What you expected to happen: Provisioning of the LoadBalancer should succeed without errors.

How to reproduce it: Try to create a Service of type LoadBalancer on an Openstack installation that is using OpenContrail

Anything else we need to know?: The error is caused by the following line: https://github.com/kubernetes/cloud-provider-openstack/blob/a4ac35b8e879f597c666b05006e061814db0d2c6/pkg/cloudprovider/providers/openstack/openstack_loadbalancer.go#L1293 (but other lines the add descriptions to networking-resources will also cause similar problems).

I talked to our internal OpenStack-team and got the following response: "we are using OpenContrail as an SDN and it doesn't support 'Description' no matter the OpenStack version"

This means, that at the moment this cloud-provider does not work for anyone using OpenContrail.

I see two possible solutions here:

• Remove all "Description" fields from all create-requests for networking resources
• Add a flag to the configfile (contrail_compatibility_mode=true??) and if that flag is set, set all "Description"-attributes to "" when creating networking-resources (and as the struct fields are tagged with omitempty, the fields will not be sent at all).

Environment:

• openstack-cloud-controller-manager(or other related binary) version: 1.16.8
• OpenStack version: Ocata
• Others: OpenContrail as SDN

[dbaumgarten]

Also, here is the list of the OpenContrail components we are using and their versions:

OpenContrail 3.2 version

ii  contrail-config                      3.2~20180723125558-0              amd64        OpenContrail configuration management
ii  contrail-config-openstack            3.2~20180723125558-0              amd64        OpenContrail configuration OpenStack module
ii  contrail-control                     3.2~20180723125558-0              amd64        OpenContrail control-node
ii  contrail-database                    3.2~20180723125558-0              amd64        OpenContrail database integration
ii  contrail-dns                         3.2~20180723125558-0              amd64        OpenContrail control-dns
ii  contrail-lib                         3.2~20180723125558-0              amd64        OpenContrail libraries
ii  contrail-nodemgr                     3.2~20180723125558-0              amd64        OpenContrail nodemgr implementation
ii  contrail-utils                       3.2~20180723125558-0              amd64        OpenContrail tools and utilities
ii  contrail-web-controller              3.2~20180723125558-0              all          OpenContrail WebUI Controller
ii  contrail-web-core                    3.2~20180723125558-0              amd64        OpenContrail WebUI Core

just in case anyone is intersted.

[lingxiankong]

• According to https://releases.openstack.org/, Ocata is already Unmaintained (This doesn't affect this issue though, just a reminder).
• According to https://docs.openstack.org/api-ref/network/v2/index.html?expanded=create-floating-ip-detail#floating-ips-floatingips, description is part of Neutron floating IP creation API, and the openstack-cloud-controller-manager supports OpenStack.
• we are using OpenContrail as an SDN and it doesn't support 'Description' no matter the OpenStack version, this is not right, using OpenContrail as Neutron plugin shouldn't affect Neutron API, the floating IP description is stored in Neutron DB not OpenContrail.

So I don't think there is something we can do to solve your issue. Please let us know if you have any other questions.

[dbaumgarten]

While I agree with you, that "in theory" using OpenContrail should not affect the Neutron-API, I do get an "Unrecognized attribute"-Error from a Neutron-API that should definetly know this attribute.

The OpenContrail documentation does not mention "Description" as a supported field ( https://www.juniper.net/documentation/en_US/release-independent/contrail/information-products/pathway-pages/api-server/vnc_cfg_api_server.gen.html#vnc_cfg_api_server.gen.resource_common.FloatingIp ).

And at the moment I just do not have a better explanation for the error I am seeing.

I will create a fork of the provider, comment-out the offenting lines and check if this solves the problem.

If it is OpenContrail's fault or not. Something makes using the cloud-provider impossible on some OpenStack-clouds and that should be resolved.

[lingxiankong]

Something makes using the cloud-provider impossible on some OpenStack-clouds and that should be resolved.

We only support official OpenStack API and I'm pretty sure Ocata Neutron should support description attribute of floating IP, https://github.com/openstack/neutron/blob/stable%2Focata/neutron/db/l3_db.py#L1322

[hamzazafar]

@lingxiankong opencontrail doesn't have an ml2 plugin, it has a monolithic plugin and it doesn't use neutron db at all.

@dbaumgarten the description field is available in id-perms object in floating ip

I am using opencontrail r5.1 release with openstack neutron rocky. Moreover I am using the NeutronPluginContrailCoreV2, i think you are using NeutronPluginContrailCoreV3 which is not supported.

I am able to create a floating IP with description field using openstack cli:

$ openstack floating ip create public --description "some description"
$ openstack floating ip show e3916775-8f3f-4eaa-a686-52a3559889e6
+---------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field               | Value                                                                                                                                                              |
+---------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at          | None                                                                                                                                                               |
| description         | some description                                                                                                                                                   |
| dns_domain          | None                                                                                                                                                               |
| dns_name            | None                                                                                                                                                               |
| fixed_ip_address    | None                                                                                                                                                               |
| floating_ip_address | *.*.*.*                                                                                                                                                            |
| floating_network_id | ************************                                                                                                                                           |
| id                  | e3916775-8f3f-4eaa-a686-52a3559889e6                                                                                                                               |
| location            | cloud='', project.domain_id='default', project.domain_name=, project.id='*', project.name='services', region_name='*', zone=                                       |
| name                | *                                                                                                                                                      |
| port_details        | None                                                                                                                                                               |
| port_id             | None                                                                                                                                                               |
| project_id          | *                                                                                                                               |
| qos_policy_id       | None                                                                                                                                                               |
| revision_number     | None                                                                                                                                                               |
| router_id           | None                                                                                                                                                               |
| status              | DOWN                                                                                                                                                               |
| subnet_id           | None                                                                                                                                                               |
| tags                | []                                                                                                                                                                 |
| updated_at          | None                                                                                                                                                               |
+---------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------+

This means that cloud provider should also have no issues with setting description field in floating IPs, please check your contrail version/configurations. Hope this helps!

[dbaumgarten]

The CLI command you used to test this does not work for me:

openstack floating ip create public --description "some description"
Error while executing command: BadRequestException: Unknown error, {"NeutronError": {"message": "Unrecognized attribute(s) 'description'", "type": "HTTPBadRequest", "detail": ""}}

(which is the exact same problem as the cloud-provider is having)

I do not have access to the details of the OpenContrail installation (or configuration), and even if I did, I would not be able to change it.

So far it seems like I only have two options here:

• Wait for an update of the Openstack/Opencontrail installation that hopefully fixes this.
• Maintain a fork of this repo with changes that enable it to work with the current OpenContrail installation.

Neither of these sounds great...