JuJu destroying my bridges during OpenStack deployment

emil-jacero · 3 November 2020 13:17

Hi guys,

I have a testing environment based on MAAS KVM Pods. Three of the machines created in MAAS KVM Pod are utilized as OpenStack controllers.

When deploying my OpenStack using JuJu i have problems with these three controllers. In my deployment i am utilizing LXD containers and therefore JuJu creates bridges. However JuJu is creating the bridges incorrectly.

In the examples below i am showing the differences that i have found causing the problem.
Notice that the mac address is missing from the bridge in the “not working” example. In the same
example the mac address is present on the interface itself. This should be enough but apparently it is not

Is it a bug or something else?
Am i doing something wrong?

P.S. Also why does the DNS server (MAAS node) show up twice in the name servers addresses list?

Working

network:
  version: 2
  bridges:
    br-eno1:
      interfaces: [eno1]
      addresses:
      - 10.10.4.5/24
      gateway4: 10.10.4.1
      nameservers:
        search: [az1.example.com]
        addresses: [10.10.4.2, 10.10.4.2]
      mtu: 1500
      macaddress: 52:54:00:35:9e:2f
  ethernets:
    eno1:
      match:
        macaddress: 52:54:00:35:9e:2f
      set-name: eno1
      mtu: 1500

Not working

network:
  version: 2
  bridges:
    br-eno1:
      interfaces: [eno1]
      addresses:
      - 10.10.4.5/24
      gateway4: 10.10.4.1
      nameservers:
        search: [az1.example.com]
        addresses: [10.10.10.2, 10.10.10.2]
      mtu: 1500
  ethernets:
    eno1:
      match:
        macaddress: 52:54:00:35:9e:2f
      set-name: eno1
      mtu: 1500

JuJu version: 2.9-rc2-focal-amd64
MAAS version: 2.8.2 (installed as a snap)

emil-jacero · 4 November 2020 17:11

Update:

I have found out that i need to configure my machines in MAAS with bridges instead of letting JuJu handle it.

jameinel · 4 November 2020 17:17

You can preconfigure bridges in MAAS and Juju should consume them. I’m a little surprised that if you had configured bridges for KVM that we also wouldn’t have used them instead of creating our own.

As for why MAAS ends up showing up 2x, I think this is the information that MAAS is feeding us, and we are passing it through. It is a bit surprising, though.

emil-jacero · 4 November 2020 17:32

I realized that my physical machines that i was using as KVM Pods wasn’t configured with bridges in MAAS. That means that when i the create my VMs in these Pods they got macvtap interfaces. And add to that the mismatching MAC addresses on the bridges created by Juju.

My way to solve it was to add the bridges in MAAS and then recreate all my VMs. On the three controller nodes for Openstack (used for lxd containers) i also added bridges in MAAS.

tl;dr
When i first got the problem i didn’t realize that my VMs was using macvtap interfaces and therefore did not allow the LXD containers inside the VMs with different MAC addresses to pass traffic through. Configuring the KVM Pods and VMs in MAAS with bridges solved it all