Configure OVN NB and SB DB Connection probes

Allow configuration of `inactivity_probe` in Connection table in NB and SB for new installations. Issues, which successfully resolve by using this as a workaround: 1. https://www.mail-archive.com/ovs-discuss@openvswitch.org/msg07431.html 2. https://bugs.launchpad.net/kolla-ansible/+bug/1917484 According to the OVN ML, specifically this part [1], there is no other way to set `inactivity_probe` other than using Connection table. And the only valid option for it would be `0.0.0.0`, so that it could be applied to all connections. `ovn-ctl` forces `ovsdb-server` to look for addresses to listen on in Connection table with `db-nb-use-remote-in-db` and `db-sb-use-remote-in-db` options which are enabled by default. If `db-nb-create-insecure-remote` and `db-sb-create-insecure-remote` are set to `yes` (when `neutron_ovn_ssl` is `False`), this would result in flooding OVN logs with `Address already in use` errors. So we will rely on default value `no` for them from now on and only listen on and with whatever options are provided in Connection tables. [1] https://www.mail-archive.com/ovs-discuss@openvswitch.org/msg07476.html Change-Id: If87cf7cfa1788d68c9a4013d7f4877692f2bb11c
2023-06-28 17:28:25 +03:00 · 2023-06-28 17:28:25 +03:00 · d35c27bf71
commit d35c27bf71
parent d0c37ede9f
3 changed files with 5 additions and 6 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -481,6 +481,8 @@ neutron_ovn_l3_scheduler: leastloaded
 neutron_ovn_nb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6641,'+ ovn_proto + ':') }}:6641"
 neutron_ovn_sb_connection: "{{ ovn_proto }}:{{ groups['neutron_ovn_northd'] | map('extract', hostvars, ['ansible_host']) | join(':6642,' + ovn_proto + ':') }}:6642"
 neutron_ovsdb_manager: ptcp:6640:127.0.0.1
+neutron_ovn_sb_inactivity_probe: 60000
+neutron_ovn_nb_inactivity_probe: 60000

 # Storage location for SSL certificate authority
 neutron_ovn_pki_dir: "{{ openstack_pki_dir }}"
--- a/tasks/providers/ovn_cluster_setup.yml
+++ b/tasks/providers/ovn_cluster_setup.yml
@ -81,13 +81,12 @@
    - not leader_node
    - ovn_northd_opts.changed

- name: set ssl for ovn-nb and ovn-sb
+- name: Configure connection settings for ovn-nb and ovn-sb
  command: "{{ cmd }}"
  with_items:
-    - "ovn-nbctl set-connection pssl:6641"
-    - "ovn-sbctl set-connection pssl:6642"
+    - "ovn-nbctl --inactivity-probe={{ neutron_ovn_nb_inactivity_probe }} set-connection p{{ ovn_proto }}:6641"
+    - "ovn-sbctl --inactivity-probe={{ neutron_ovn_sb_inactivity_probe }} set-connection p{{ ovn_proto }}:6642"
  when:
-    - neutron_ovn_ssl
    - "inventory_hostname == neutron_ovn_primary_cluster_node"
    - _check_cluster_db.rc != 0
    - not leader_node
--- a/templates/ovn-northd-opts.j2
+++ b/templates/ovn-northd-opts.j2
@ -2,8 +2,6 @@

 # OVN cluster parameters
 {{ neutron_ovn_northd_opts }}=" \
-  --db-nb-create-insecure-remote={{ (neutron_ovn_ssl) | ternary('no','yes') }} \
-  --db-sb-create-insecure-remote={{ (neutron_ovn_ssl) | ternary('no','yes') }} \
  --db-nb-addr={{ ansible_host }} \
  --db-sb-addr={{ ansible_host }} \
  --db-nb-cluster-local-addr={{ ansible_host }} \