microcloud: Subnet sharing warning should check interfaces not IPs #522
Conversation
gabrielmougard
force-pushed
the
fix/subnet-sharing-warning
branch
5 times, most recently
from
8e01972 to
3c0887c
Compare
cmd/microcloud/main_init.go
Outdated
| if subnet.Contains(underlayIP) { | ||
| fmt.Printf("Warning: OVN underlay IP (%s) is shared with the Ceph cluster network (%s)\n", underlayIP.String(), subnet.String()) | ||
| if sys.OVNGeneveIface == sys.MicroCephInternalNetworkIface { | ||
| fmt.Printf("Warning: OVN underlay (IP: %s) is shared on the same network interface %q with the Ceph cluster network (IP: %s)\n", underlayIP.String(), sys.OVNGeneveIface, subnet.String()) |
There was a problem hiding this comment.
subnet above seems to be redundant now as you can just use sys.MicroCephInternalNetworkSubnet instead of subnet.String().
gabrielmougard
force-pushed
the
fix/subnet-sharing-warning
branch
2 times, most recently
from
9cec54a to
eb8c057
Compare
cmd/microcloud/ask.go
Outdated
| // ipWithIface is a helper struct to store an IP address and | ||
| // its corresponding network interface. | ||
| type ipWithIface struct { | ||
| ip net.IP | ||
| ifaceName string | ||
| } | ||
|
|
There was a problem hiding this comment.
Instead of maintaining both this and several fields for each interface on InitSystem, why not just introduce a new type Network with 3 fields: Interface, IP, Subnet which are populated by the corresponding values from net.Interface.
Then each of OVNGeneveAddr MicroCephInternalSubnet, and MicroCephPublicSubnet can be changed to OVNGeneveNetwork, CephInternalNetwork, CephPublicNetwork respectively.
And finally validateSystems you can check per-cluster member if any local interface names clash, and then across all cluster members if the subnets clash.
gabrielmougard
force-pushed
the
fix/subnet-sharing-warning
branch
from
eb8c057 to
a9f6ca7
Compare
|
@masnax @roosterfish I reworked the approach based on #522 (comment) |
cmd/microcloud/ask.go
Outdated
| c.systems[sh.Name] = bootstrapSystem | ||
|
|
||
| // This is to avoid the situation where the internal network for Ceph has been skipped, but the public network has been set. | ||
| // Ceph will automatically set the internal network to the public Ceph network if the internal network is not set, which is not what we want. | ||
| // Instead, we still want to keep the internal Ceph network to use the MicroCloud internal network as a default. | ||
| if internalCephSubnet == microCloudInternalNetworkAddrCIDR { | ||
| bootstrapSystem.MicroCephInternalNetworkSubnet = microCloudInternalNetworkAddrCIDR | ||
| microcloudNetworkInterface, err := lxd.FindInterfaceForSubnet(microCloudInternalNetworkAddrCIDR) |
There was a problem hiding this comment.
I wonder if InitSystem should grow another MicroCloudInternalNetwork *Network where we can store this information after the user has selected the internal address for MicroCloud?
There was a problem hiding this comment.
Yes I had the same thinking I remember... For now, it seems that we don't need it for the current state of things but it might be needed in the future.
There was a problem hiding this comment.
My thinking was if we now check for collisions in between the OVN and Ceph networks, wouldn't it be worth also including the MicroCloud internal network into those checks?
cmd/microcloud/main_init.go
Outdated
| // If there are multiple subnet types on the same subnet, we have a collision. | ||
| if len(subnetTypeToPeers) > 1 { | ||
| var sb strings.Builder | ||
| sb.WriteString("WARNING: Subnet collision detected:\n") |
There was a problem hiding this comment.
As this PR will probably land after the "look & feel" I'll add a link here for reference on the note box #505 (comment)
|
Also requires a rebase now due to the recent CLI changes. |
|
Thanks for the feedback! |
This type will be used to store a variety of subnet informations and which local network interface they will use. This will be used both for configuring MicroCloud but for running validation as well (e.g, interface collisions within a member, subnet collisions between members of a cluster) Signed-off-by: Gabriel Mougard <[email protected]>
This will be needed to get a network interface info from a CIDR subnet notation (e.g, mostly in the case of configuring MicroCloud internal and public networks) Signed-off-by: Gabriel Mougard <[email protected]>
gabrielmougard
force-pushed
the
fix/subnet-sharing-warning
branch
from
a9f6ca7 to
e93d076
Compare
|
@roosterfish updated |
| @@ -515,24 +515,81 @@ func validateGatewayNet(config map[string]string, ipPrefix string, cidrValidator | |||
| } | |||
|
|
|||
| func (c *initConfig) validateSystems(s *service.Handler) (err error) { | |||
| for _, sys := range c.systems { | |||
| // subnetsCollisionMap maps a subnet CIDR notation to a map of subnet type to peer names. | |||
There was a problem hiding this comment.
I was running some tests with the changes proposed in this PR.
It looks the warnings are only displayed in case the subnet of the Ceph internal/public traffic isn't the one which contains MicroCloud's internal address (the default case).
Only if you change any of the Ceph subnets, it also takes the OVN underlay address into account and prints the respective warning.
There was a problem hiding this comment.
In addition I have found this when trying to trigger the warning for single node MicroCloud deployments. The members are printed twice:
! Warning: Ceph cluster network is shared with the same network interface "enp7s0" with the Ceph public network
! Warning: WARNING: Subnet collision detected:
- Members micro01, micro01 are using the "10.1.123.0/24" subnet for Ceph cluster network
- Members micro01 are using the "10.1.123.0/24" subnet for Ceph public network
Overall can we condense the output into a single warning with list entries showing the final outcome? Something like this (maybe use lists for convenience?):
! Warning: Network collision:
- Ceph cluster network, Ceph public network on same network interface "xyz"
- Ceph cluster network, Ceph public network, OVN underlay on same subnet "10.1.123.0/24"
This way we can condense the collision information in a single line which should make it more readable.
cmd/microcloud/ask.go
Outdated
| c.systems[sh.Name] = bootstrapSystem | ||
|
|
||
| // This is to avoid the situation where the internal network for Ceph has been skipped, but the public network has been set. | ||
| // Ceph will automatically set the internal network to the public Ceph network if the internal network is not set, which is not what we want. | ||
| // Instead, we still want to keep the internal Ceph network to use the MicroCloud internal network as a default. | ||
| if internalCephSubnet == microCloudInternalNetworkAddrCIDR { | ||
| bootstrapSystem.MicroCephInternalNetworkSubnet = microCloudInternalNetworkAddrCIDR | ||
| microcloudNetworkInterface, err := lxd.FindInterfaceForSubnet(microCloudInternalNetworkAddrCIDR) |
There was a problem hiding this comment.
My thinking was if we now check for collisions in between the OVN and Ceph networks, wouldn't it be worth also including the MicroCloud internal network into those checks?
gabrielmougard
force-pushed
the
fix/subnet-sharing-warning
branch
2 times, most recently
from
8862667 to
9f57467
Compare
…MicroCephPublicNetwork` and `MicroCephInternalNetwork` instead of `OVNGeneveAddr`, `MicroCephPublicNetworkSubnet` and `MicroCephInternalNetworkSubnet` Signed-off-by: Gabriel Mougard <[email protected]>
… and global subnet collisions in a cluster of members * If a member have multiple network types going through the same interface, show a warning. * If multiple subnet types are detected to use the same subnet at a cluster level, show a warning. Signed-off-by: Gabriel Mougard <[email protected]>
gabrielmougard
force-pushed
the
fix/subnet-sharing-warning
branch
from
9f57467 to
1a8b231
Compare
closes #516