jjo · December 29, 2023 07:03
diff --git a/openstack-neutron-gateway-mtu1500-workaround.txt b/openstack-neutron-gateway-mtu1500-workaround.txt
 ## Workaround openstack nova+openvswitch mtu issues when no jumbo frames are available, 
 ## by setting up udev at neutron-gateway to hook on routing interface creation to
 ## lower the MTU (thus trigger ICMPs for PMTU discovery)

 ## See: https://blueprints.launchpad.net/neutron/+spec/network-options-mtu

 ## keywords: openstack, nova, openvswitch, mtu, 1500, no jumbo frames

 ## Create these two files:

 mkdir -p fixes
 cat > fixes/90-openstack-mtu.rules << EOF
 # /etc/udev/rules.d/90-openstack-mtu.rules
 SUBSYSTEM=="net", ACTION=="add", KERNEL=="tap*", RUN+="/usr/local/sbin/openstack-mtu-fix.sh %k"
 EOF

 cat > fixes/openstack-mtu-fix.sh << EOF
 #!/bin/bash
 # /usr/local/sbin/openstack-mtu-fix.sh
 dev="$1"
 (
 echo $0 dev=$dev
 case "$dev" in tap*)
    # udev will pass the tapXXXXXXX interface, while we need to hack the mtu at
    # the qr-XXXXXXXX side (the routing interface inside qrouter namespace)
    qrdev=qr-${dev#tap}
    # Try the qr-XXXXXXXX interface on every namespace, if found then set its mtu=1450
    cmd="ip li show dev $qrdev 2>/dev/null || exit 0; set -x; ip li set dev $qrdev mtu 1450"
    ip netns list|egrep qrouter|xargs -I@ ip netns exec @ sh -c "$cmd"
    ;;
 esac
 ) |& logger -t openstack-mtu-fix
 EOF

 # Apply above with:
 hack_neutron_gateway_mtu() {
    local rules64=$(base64 -w0 < fixes/90-openstack-mtu.rules)
    local sbin64=$(base64 -w0 < fixes/openstack-mtu-fix.sh)
    juju run --service=neutron-gateway "echo $rules64| base64 -d | install /dev/stdin /etc/udev/rules.d/90-openstack-mtu.rules; echo $sbin64| base64 -d | install -m 755 /dev/stdin /usr/local/sbin/openstack-mtu-fix.sh"
    juju run --service=neutron-gateway "udevadm control --reload; udevadm trigger --type=devices --subsystem-match=net --action=add  --property-match=INTERFACE='tap*'; udevadm settle; tail /var/log/syslog |egrep ip.li.set.*mtu"
 }
 hack_neutron_gateway_mtu
	## Workaround openstack nova+openvswitch mtu issues when no jumbo frames are available,
	## by setting up udev at neutron-gateway to hook on routing interface creation to
	## lower the MTU (thus trigger ICMPs for PMTU discovery)

	## See: https://blueprints.launchpad.net/neutron/+spec/network-options-mtu

	## keywords: openstack, nova, openvswitch, mtu, 1500, no jumbo frames

	## Create these two files:

	mkdir -p fixes
	cat > fixes/90-openstack-mtu.rules << EOF
	# /etc/udev/rules.d/90-openstack-mtu.rules
	SUBSYSTEM=="net", ACTION=="add", KERNEL=="tap*", RUN+="/usr/local/sbin/openstack-mtu-fix.sh %k"
	EOF

	cat > fixes/openstack-mtu-fix.sh << EOF
	#!/bin/bash
	# /usr/local/sbin/openstack-mtu-fix.sh
	dev="$1"
	(
	echo $0 dev=$dev
	case "$dev" in tap*)
	# udev will pass the tapXXXXXXX interface, while we need to hack the mtu at
	# the qr-XXXXXXXX side (the routing interface inside qrouter namespace)
	qrdev=qr-${dev#tap}
	# Try the qr-XXXXXXXX interface on every namespace, if found then set its mtu=1450
	cmd="ip li show dev $qrdev 2>/dev/null \|\| exit 0; set -x; ip li set dev $qrdev mtu 1450"
	ip netns list\|egrep qrouter\|xargs -I@ ip netns exec @ sh -c "$cmd"
	;;
	esac
	) \|& logger -t openstack-mtu-fix
	EOF

	# Apply above with:
	hack_neutron_gateway_mtu() {
	local rules64=$(base64 -w0 < fixes/90-openstack-mtu.rules)
	local sbin64=$(base64 -w0 < fixes/openstack-mtu-fix.sh)
	juju run --service=neutron-gateway "echo $rules64\| base64 -d \| install /dev/stdin /etc/udev/rules.d/90-openstack-mtu.rules; echo $sbin64\| base64 -d \| install -m 755 /dev/stdin /usr/local/sbin/openstack-mtu-fix.sh"
	juju run --service=neutron-gateway "udevadm control --reload; udevadm trigger --type=devices --subsystem-match=net --action=add --property-match=INTERFACE='tap'; udevadm settle; tail /var/log/syslog \|egrep ip.li.set.mtu"
	}
	hack_neutron_gateway_mtu