osism / issues

This repository is used for bug reports that are cross-project or not bound to a specific repository (or to an unknown repository).
https://www.osism.tech
1 stars 1 forks source link

[bug] Neutron Upgrade without vpnaas not possible for 8.0.0 #1138

Closed flyersa closed 1 month ago

flyersa commented 1 month ago

OSISM release version

8.0.0

What's the problem?

osism apply -a upgrade neutron gives this error trying to upgrade from 7.1.x to 8.0.0 on a installation where no VPNaaS is enabled at all:

FAILED! => {"msg": "The conditional check 'neutron_services | select_services_enabled_and_mapped_to_host | list | intersect([\"neutron-l3-agent\", \"neutron-linuxbridge-agent\", \"neutron-openvswitch-agent\"]) | list | length > 0' failed. The error was: error while evaluating conditional (neutron_services | select_services_enabled_and_mapped_to_host | list | intersect([\"neutron-l3-agent\", \"neutron-linuxbridge-agent\", \"neutron-openvswitch-agent\"]) | list | length > 0): {'neutron-server': {'container_name': 'neutron_server', 'image': '{{ neutron_server_image_full }}', 'enabled': True, 'group': 'neutron-server', 'host_in_groups': \"{{ inventory_hostname in groups['neutron-server'] }}\", 'volumes': '{{ neutron_server_default_volumes + neutron_server_extra_volumes }}', 'dimensions': '{{ neutron_server_dimensions }}', 'healthcheck': '{{ neutron_server_healthcheck }}', 'haproxy': {'neutron_server': {'enabled': '{{ enable_neutron | bool and not neutron_enable_tls_backend | bool }}', 'mode': 'http', 'external': False, 'port': '{{ neutron_server_port }}', 'listen_port': '{{ neutron_server_listen_port }}'}, 'neutron_server_external': {'enabled': '{{ enable_neutron | bool and not neutron_enable_tls_backend | bool }}', 'mode': 'http', 'external': True, 'external_fqdn': '{{ neutron_external_fqdn }}', 'port': '{{ neutron_server_public_port }}', 'listen_port': '{{ neutron_server_listen_port }}'}}}, 'neutron-openvswitch-agent': {'container_name': 'neutron_openvswitch_agent', 'image': '{{ neutron_openvswitch_agent_image_full }}', 'enabled': \"{{ neutron_plugin_agent == 'openvswitch' }}\", 'privileged': True, 'environment': {'KOLLA_LEGACY_IPTABLES': '{{ neutron_legacy_iptables | bool | lower }}'}, 'host_in_groups': \"{{ (inventory_hostname in groups['compute'] or (enable_manila_backend_generic | bool and inventory_hostname in groups['manila-share']) or inventory_hostname in groups['neutron-dhcp-agent'] or inventory_hostname in groups['neutron-l3-agent'] or inventory_hostname in groups['neutron-metadata-agent'] and not enable_nova_fake | bool) or (inventory_hostname in groups['neutron-dhcp-agent'] or inventory_hostname in groups['neutron-l3-agent'] or inventory_hostname in groups['neutron-metadata-agent'] and enable_nova_fake | bool) }}\", 'volumes': '{{ neutron_openvswitch_agent_default_volumes + neutron_openvswitch_agent_extra_volumes }}', 'dimensions': '{{ neutron_openvswitch_agent_dimensions }}', 'healthcheck': '{{ neutron_openvswitch_agent_healthcheck }}'}, 'neutron-linuxbridge-agent': {'container_name': 'neutron_linuxbridge_agent', 'image': '{{ neutron_linuxbridge_agent_image_full }}', 'privileged': True, 'enabled': \"{{ neutron_plugin_agent == 'linuxbridge' }}\", 'environment': {'KOLLA_LEGACY_IPTABLES': '{{ neutron_legacy_iptables | bool | lower }}'}, 'host_in_groups': \"{{ inventory_hostname in groups['compute'] or (enable_manila | bool and inventory_hostname in groups['manila-share']) or inventory_hostname in groups['neutron-dhcp-agent'] or inventory_hostname in groups['neutron-l3-agent'] or inventory_hostname in groups['neutron-metadata-agent'] }}\", 'volumes': '{{ neutron_linuxbridge_agent_default_volumes + neutron_linuxbridge_agent_extra_volumes }}', 'dimensions': '{{ neutron_linuxbridge_agent_dimensions }}', 'healthcheck': '{{ neutron_linuxbridge_agent_healthcheck }}'}, 'neutron-dhcp-agent': {'container_name': 'neutron_dhcp_agent', 'image': '{{ neutron_dhcp_agent_image_full }}', 'privileged': True, 'enabled': \"{{ neutron_plugin_agent not in ['ovn', 'vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] or neutron_ovn_dhcp_agent | bool }}\", 'group': 'neutron-dhcp-agent', 'host_in_groups': \"{{ inventory_hostname in groups['neutron-dhcp-agent'] }}\", 'volumes': '{{ neutron_dhcp_agent_default_volumes + neutron_dhcp_agent_extra_volumes }}', 'dimensions': '{{ neutron_dhcp_agent_dimensions }}', 'healthcheck': '{{ neutron_dhcp_agent_healthcheck }}'}, 'neutron-l3-agent': {'container_name': 'neutron_l3_agent', 'image': '{{ neutron_l3_agent_image_full }}', 'privileged': True, 'enabled': \"{{ neutron_plugin_agent not in ['ovn', 'vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp', 'vmware_dvs'] }}\", 'environment': {'KOLLA_LEGACY_IPTABLES': '{{ neutron_legacy_iptables | bool | lower }}'}, 'host_in_groups': \"{{ inventory_hostname in groups['neutron-l3-agent'] or (inventory_hostname in groups['compute'] and enable_neutron_dvr | bool) }}\", 'volumes': '{{ neutron_l3_agent_default_volumes + neutron_l3_agent_extra_volumes }}', 'dimensions': '{{ neutron_l3_agent_dimensions }}', 'healthcheck': '{{ neutron_l3_agent_healthcheck }}'}, 'neutron-sriov-agent': {'container_name': 'neutron_sriov_agent', 'image': '{{ neutron_sriov_agent_image_full }}', 'privileged': True, 'enabled': \"{{ enable_neutron_sriov | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] }}\", 'host_in_groups': \"{{ inventory_hostname in groups['compute'] }}\", 'volumes': '{{ neutron_sriov_agent_default_volumes + neutron_sriov_agent_extra_volumes }}', 'dimensions': '{{ neutron_sriov_agent_dimensions }}', 'healthcheck': '{{ neutron_sriov_agent_healthcheck }}'}, 'neutron-mlnx-agent': {'container_name': 'neutron_mlnx_agent', 'image': '{{ neutron_mlnx_agent_image_full }}', 'enabled': \"{{ enable_neutron_mlnx | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] }}\", 'host_in_groups': \"{{ inventory_hostname in groups['compute'] }}\", 'volumes': '{{ neutron_mlnx_agent_default_volumes + neutron_mlnx_agent_extra_volumes }}', 'dimensions': '{{ neutron_mlnx_agent_dimensions }}'}, 'neutron-eswitchd': {'container_name': 'neutron_eswitchd', 'image': '{{ neutron_eswitchd_image_full }}', 'privileged': True, 'enabled': \"{{ enable_neutron_mlnx | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] }}\", 'host_in_groups': \"{{ inventory_hostname in groups['compute'] }}\", 'volumes': '{{ neutron_eswitchd_default_volumes + neutron_eswitchd_extra_volumes }}', 'dimensions': '{{ neutron_eswitchd_dimensions }}'}, 'neutron-metadata-agent': {'container_name': 'neutron_metadata_agent', 'image': '{{ neutron_metadata_agent_image_full }}', 'privileged': True, 'enabled': \"{{ neutron_plugin_agent not in ['ovn', 'vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp'] }}\", 'host_in_groups': \"{{ inventory_hostname in groups['neutron-metadata-agent'] or (inventory_hostname in groups['compute'] and neutron_plugin_agent == 'openvswitch' and enable_neutron_dvr | bool) }}\", 'volumes': '{{ neutron_metadata_agent_default_volumes + neutron_metadata_agent_extra_volumes }}', 'dimensions': '{{ neutron_metadata_agent_dimensions }}', 'healthcheck': '{{ neutron_metadata_agent_healthcheck }}'}, 'neutron-ovn-metadata-agent': {'container_name': 'neutron_ovn_metadata_agent', 'image': '{{ neutron_ovn_metadata_agent_image_full }}', 'privileged': True, 'enabled': \"{{ neutron_plugin_agent == 'ovn' }}\", 'host_in_groups': \"{{ inventory_hostname in groups['neutron-ovn-metadata-agent'] }}\", 'volumes': '{{ neutron_ovn_metadata_agent_default_volumes + neutron_ovn_metadata_agent_extra_volumes }}', 'dimensions': '{{ neutron_ovn_metadata_agent_dimensions }}', 'healthcheck': '{{ neutron_ovn_metadata_agent_healthcheck }}'}, 'neutron-bgp-dragent': {'container_name': 'neutron_bgp_dragent', 'image': '{{ neutron_bgp_dragent_image_full }}', 'privileged': True, 'enabled': \"{{ enable_neutron_bgp_dragent | bool and neutron_plugin_agent not in ['vmware_nsxv', 'vmware_nsxv3', 'vmware_nsxp', 'vmware_dvs'] }}\", 'group': 'neutron-bgp-dragent', 'host_in_groups': \"{{ inventory_hostname in groups['neutron-bgp-dragent'] }}\", 'volumes': '{{ neutron_bgp_dragent_default_volumes + neutron_bgp_dragent_extra_volumes }}', 'dimensions': '{{ neutron_bgp_dragent_dimensions }}', 'healthcheck': '{{ neutron_bgp_dragent_healthcheck }}'}, 'neutron-infoblox-ipam-agent': {'container_name': 'neutron_infoblox_ipam_agent', 'image': '{{ neutron_infoblox_ipam_agent_image_full }}', 'privileged': True, 'enabled': '{{ enable_neutron_infoblox_ipam_agent | bool }}', 'group': 'neutron-infoblox-ipam-agent', 'host_in_groups': \"{{ inventory_hostname in groups['neutron-infoblox-ipam-agent'] }}\", 'volumes': '{{ neutron_infoblox_ipam_agent_default_volumes + neutron_infoblox_ipam_agent_extra_volumes }}', 'dimensions': '{{ neutron_infoblox_ipam_agent_dimensions }}'}, 'neutron-metering-agent': {'container_name': 'neutron_metering_agent', 'image': '{{ neutron_metering_agent_image_full }}', 'privileged': True, 'enabled': '{{ enable_neutron_metering | bool }}', 'group': 'neutron-metering-agent', 'host_in_groups': \"{{ inventory_hostname in groups['neutron-metering-agent'] }}\", 'volumes': '{{ neutron_metering_agent_default_volumes + neutron_metering_agent_extra_volumes }}', 'dimensions': '{{ neutron_metering_agent_dimensions }}'}, 'ironic-neutron-agent': {'container_name': 'ironic_neutron_agent', 'image': '{{ ironic_neutron_agent_image_full }}', 'privileged': False, 'enabled': '{{ enable_ironic_neutron_agent | bool }}', 'group': 'ironic-neutron-agent', 'host_in_groups': \"{{ inventory_hostname in groups['ironic-neutron-agent'] }}\", 'volumes': '{{ ironic_neutron_agent_default_volumes + ironic_neutron_agent_extra_volumes }}', 'dimensions': '{{ ironic_neutron_agent_dimensions }}', 'healthcheck': '{{ ironic_neutron_agent_healthcheck }}'}, 'neutron-tls-proxy': {'container_name': 'neutron_tls_proxy', 'group': 'neutron-server', 'host_in_groups': \"{{ inventory_hostname in groups['neutron-server'] }}\", 'enabled': '{{ neutron_enable_tls_backend }}', 'image': '{{ neutron_tls_proxy_image_full }}', 'volumes': '{{ neutron_tls_proxy_default_volumes + neutron_tls_proxy_extra_volumes }}', 'dimensions': '{{ neutron_tls_proxy_dimensions }}', 'healthcheck': '{{ neutron_tls_proxy_healthcheck }}', 'haproxy': {'neutron_tls_proxy': {'enabled': '{{ enable_neutron | bool and neutron_enable_tls_backend | bool }}', 'mode': 'http', 'external': False, 'port': '{{ neutron_server_port }}', 'listen_port': '{{ neutron_server_listen_port }}', 'tls_backend': 'yes'}, 'neutron_tls_proxy_external': {'enabled': '{{ enable_neutron | bool and neutron_enable_tls_backend | bool }}', 'mode': 'http', 'external': True, 'external_fqdn': '{{ neutron_external_fqdn }}', 'port': '{{ neutron_server_port }}', 'listen_port': '{{ neutron_server_listen_port }}', 'tls_backend': 'yes'}}}, 'neutron-ovn-agent': {'container_name': 'neutron_ovn_agent', 'group': 'neutron-ovn-agent', 'host_in_groups': \"{{ inventory_hostname in groups['neutron-ovn-agent'] }}\", 'enabled': '{{ neutron_enable_ovn_agent | bool }}', 'image': '{{ neutron_ovn_agent_image_full }}', 'volumes': '{{ neutron_ovn_agent_default_volumes + neutron_ovn_agent_extra_volumes }}', 'dimensions': '{{ neutron_ovn_agent_dimensions }}', 'healthcheck': '{{ neutron_ovn_agent_healthcheck }}'}, 'neutron-ovn-vpn-agent': {'container_name': 'neutron_ovn_vpn_agent', 'image': '{{ neutron_ovn_vpn_agent_image_full }}', 'enabled': \"{{ enable_neutron_vpnaas | bool and neutron_plugin_agent == 'ovn' }}\", 'privileged': True, 'host_in_groups': \"{{ inventory_hostname in groups['neutron-ovn-vpn-agent'] }}\", 'volumes': '{{ neutron_ovn_vpn_agent_default_volumes + neutron_ovn_vpn_agent_extra_volumes }}', 'dimensions': '{{ neutron_ovn_vpn_agent_dimensions }}', 'healthcheck': '{{ neutron_ovn_vpn_agent_healthcheck }}'}}: 'dict object' has no attribute 'neutron-ovn-vpn-agent'\n\nThe error appears to be in '/ansible/roles/neutron/tasks/config-host.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Load and persist kernel modules\n ^ here\n"}

References to existing reports

References to existing bug reports, mailing lists, ...

Severity

low

Urgency

low

flyersa commented 1 month ago

In addition to this, cinder is completly broken and cannot talk to redis anymore.

2024-09-18 13:14:03.030 6454 ERROR oslo_service.service Traceback (most recent call last): 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service File "/var/lib/kolla/venv/lib/python3.10/site-packages/oslo_service/service.py", line 810, in run_service 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service service.start() 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service File "/var/lib/kolla/venv/lib/python3.10/site-packages/cinder/service.py", line 227, in start 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service coordination.COORDINATOR.start() 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service File "/var/lib/kolla/venv/lib/python3.10/site-packages/cinder/coordination.py", line 87, in start 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service self.coordinator.start(start_heart=True) 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service File "/var/lib/kolla/venv/lib/python3.10/site-packages/tooz/coordination.py", line 689, in start 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service super(CoordinationDriverWithExecutor, self).start(start_heart) 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service File "/var/lib/kolla/venv/lib/python3.10/site-packages/tooz/coordination.py", line 426, in start 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service self._start() 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service File "/var/lib/kolla/venv/lib/python3.10/site-packages/tooz/drivers/redis.py", line 62, in wrapper 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service utils.raise_with_cause( 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service File "/var/lib/kolla/venv/lib/python3.10/site-packages/tooz/utils.py", line 223, in raise_with_cause 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service excutils.raise_with_cause(exc_cls, message, *args, **kwargs) 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service File "/var/lib/kolla/venv/lib/python3.10/site-packages/oslo_utils/excutils.py", line 142, in raise_with_cause 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service raise exc_cls(message, *args, **kwargs) from kwargs.get('cause') 2024-09-18 13:14:03.030 6454 ERROR oslo_service.service tooz.coordination.ToozConnectionError: invalid username-password pair

plus horizon crashes on listing instances, so nova also is broken. interessting

I checked the redis credentials, they are correct in the file, also tried redeployment already. error is always the same. cant wrap my head around this issue

flyersa commented 1 month ago

Hmm apparently the issue is that the redis coordination is set to user admin instead of default in the cinder.conf files. How can this be? Strange is in the staging environment i didnt have this issue. Same with gnocchi where also in the gnocchi conf files the redis user is set to admin :/

berendt commented 1 month ago

Default value for redis_connection_string: https://github.com/osism/defaults/blob/main/all/001-kolla-defaults.yml#L883 cinder.conf template: https://github.com/openstack/kolla-ansible/blob/stable/2024.1/ansible/roles/cinder/templates/cinder.conf.j2#L260 gnocchi.conf template: https://github.com/openstack/kolla-ansible/blob/stable/2024.1/ansible/roles/gnocchi/templates/gnocchi.conf.j2#L71

flyersa commented 1 month ago

well it looks like this was a PEBCAK problem. For some reason i stil had pre 2024.1 osism containers running on manager (doah!) sorry