Juniper Openstack

Port with VM attached shouldnt be allowed to be added to router

Bug #1473574 reported by Senthilnathan Murugappan
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
R2.20
Won't Fix
Medium
Unassigned
R3.0
Fix Committed
Medium
Ignatious Johnson Christopher
Juniper Openstack r3.0.2.0
Trunk
Fix Committed
Medium
Ignatious Johnson Christopher
Juniper Openstack r3.1.0.0-fcs

Bug Description

Port with VM attached shouldnt be allowed to be added to a logical router.

---------------------------
With 2.20-64
Have create a VM and then attached that VMI to the LR, once the port is detached noticed that the IIP, VMI, VM objects are getting deleted and the route is withdrawn subsequently.

root@a2s40:~# contrail-logs --object-type config --last 45m
2015 Jul 10 14:13:43.359022 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = 1e2c6724-a907-432f-82ec-cb90eb17c8b8, object_type = virtual_machine_interface, identifier_name = defaul
t-domain:admin-4826f1b1-821a-4d8b-b902-87790d1748bf:1e2c6724-a907-432f-82ec-cb90eb17c8b8, url = http://127.0.0.1:9100/virtual-machine-interface/1e2c6724-a907-432f-82ec-cb90eb17c8b8, operation = put, userage
nt = a2s40:/usr/bin/contrail-api, remote_ip = 127.0.0.1:9100, body = {'virtual-machine-interface': {'id_perms': {u'enable': True, u'description': None, u'created': u'2015-07-10T21:05:32.770615', u'creator':
 None, u'uuid': {u'uuid_mslong': 2174226127265415983, u'uuid_lslong': 9434139142714280120L}, u'user_visible': True, u'last_modified': u'2015-07-10T21:05:32.914879', u'permissions': {u'owner': u'cloud-admin'
, u'owner_access': 7, u'other_access': 7, u'group': u'admin', u'group_access': 7}}, 'uuid': '1e2c6724-a907-432f-82ec-cb90eb17c8b8', 'virtual_machine_interface_device_owner': 'network:router_interface'}}, domain = default-domain]
2015 Jul 10 14:13:43.377866 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = 9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0, object_type = logical_router, identifier_name = default-domain:ad
min-4826f1b1-821a-4d8b-b902-87790d1748bf:rtr1, url = http://127.0.0.1:9100/logical-router/9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0, operation = put, useragent = a2s40:/usr/bin/contrail-api, remote_ip = 127.0.0.
1:9100, body = {'logical-router': {'id_perms': {u'enable': True, u'uuid': {u'uuid_mslong': 11442375863720430970L, u'uuid_lslong': 9879114079610130336L}, u'created': u'2015-07-10T21:04:04.562448', u'descript
ion': None, u'creator': None, u'user_visible': True, u'last_modified': u'2015-07-10T21:04:04.562448', u'permissions': {u'owner': u'cloud-admin', u'owner_access': 7, u'other_access': 7, u'group': u'admin', u'group_access': 7}}, 'uuid': '9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0'}}, domain = default-domain]
2015 Jul 10 14:13:43.390015 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = 9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0, object_type = logical_router, identifier_name = default-domain:ad
min-4826f1b1-821a-4d8b-b902-87790d1748bf:rtr1, url = http://127.0.0.1:9100/ref-update, operation = ref-update, useragent = a2s40:/usr/bin/contrail-api, remote_ip = 127.0.0.1:9100, body = {'ref-type': 'virtu
al-machine-interface', 'uuid': '9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0', 'ref-fq-name': ['default-domain', 'admin-4826f1b1-821a-4d8b-b902-87790d1748bf', '1e2c6724-a907-432f-82ec-cb90eb17c8b8'], 'ref-uuid': '1e2c6724-a907-432f-82ec-cb90eb17c8b8', 'operation': 'ADD', 'type': 'logical-router', 'attr': None}, domain = default-domain]
2015 Jul 10 14:13:43.549535 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: object_type = route_target, identifier_name = target:64512:8000004, url = http://10.84.7.40:8082/route-targets, operation
 = post, useragent = a2s40:/usr/bin/contrail-schema, remote_ip = 10.84.7.40:8082, body = {'route-target': {'display_name': 'target:64512:8000004', 'id_perms': {u'enable': True, u'uuid': None, u'creator': No
ne, u'created': 0, u'user_visible': True, u'last_modified': 0, u'permissions': {u'owner': u'cloud-admin', u'owner_access': 7, u'other_access': 7, u'group': u'cloud-admin-group', u'group_access': 7}, u'description': None}, 'fq_name': ['target:64512:8000004'], 'uuid': None}}, domain = default-domain]
2015 Jul 10 14:13:43.574114 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = 9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0, object_type = logical_router, identifier_name = default-domain:ad
min-4826f1b1-821a-4d8b-b902-87790d1748bf:rtr1, url = http://10.84.7.40:8082/logical-router/9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0, operation = put, useragent = a2s40:/usr/bin/contrail-schema, remote_ip = 10.8
4.7.40:8082, body = {'logical-router': {'id_perms': {u'enable': True, u'description': None, u'created': u'2015-07-10T21:04:04.562448', u'creator': None, u'uuid': {u'uuid_mslong': 11442375863720430970L, u'uu
id_lslong': 9879114079610130336L}, u'user_visible': True, u'last_modified': u'2015-07-10T21:13:43.389172', u'permissions': {u'owner': u'cloud-admin', u'owner_access': 7, u'other_access': 7, u'group': u'admin', u'group_access': 7}}, 'uuid': '9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0', 'route_target_refs': [{'to': ['target:64512:8000004'], 'uuid': 'dc73f7dc-00b4-4507-a72d-c4667e1fc079'}]}}, domain = default-domain]
2015 Jul 10 14:13:43.589884 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = c09ebd00-02a2-48fd-b55f-3217bca6b872, object_type = routing_instance, identifier_name = default-domain:
admin-4826f1b1-821a-4d8b-b902-87790d1748bf:vn1:vn1, url = http://10.84.7.40:8082/routing-instance/c09ebd00-02a2-48fd-b55f-3217bca6b872, operation = put, useragent = a2s40:/usr/bin/contrail-schema, remote_ip
 = 10.84.7.40:8082, body = {'routing-instance': {'fq_name': ['default-domain', 'admin-4826f1b1-821a-4d8b-b902-87790d1748bf', 'vn1', 'vn1'], 'uuid': 'c09ebd00-02a2-48fd-b55f-3217bca6b872', 'routing_instance_
is_default': True, 'parent_type': 'virtual-network', 'id_perms': {u'enable': True, u'uuid': {u'uuid_mslong': 13879738909344286973L, u'uuid_lslong': 13069219721183148146L}, u'created': u'2015-07-10T21:02:07.
724795', u'description': None, u'creator': None, u'user_visible': True, u'last_modified': u'2015-07-10T21:02:07.724795', u'permissions': {u'owner': u'cloud-admin', u'owner_access': 7, u'other_access': 7, u'
group': u'admin', u'group_access': 7}}, 'route_target_refs': [{'to': ['target:64512:8000001'], 'attr': {'import_export': None}, 'uuid': 'fa3ecd61-3d8e-45c6-bc00-02585e40cfa7'}, {'to': ['target:64512:8000004'], 'attr': {'import_export': None}}]}}, domain = default-domain]
2015 Jul 10 14:15:45.607256 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = 9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0, object_type = logical_router, identifier_name = default-domain:ad
min-4826f1b1-821a-4d8b-b902-87790d1748bf:rtr1, url = http://127.0.0.1:9100/logical-router/9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0, operation = put, useragent = a2s40:/usr/bin/contrail-api, remote_ip = 127.0.0.
1:9100, body = {'logical-router': {'id_perms': {u'enable': True, u'uuid': {u'uuid_mslong': 11442375863720430970L, u'uuid_lslong': 9879114079610130336L}, u'creator': None, u'created': u'2015-07-10T21:04:04.5
62448', u'user_visible': True, u'last_modified': u'2015-07-10T21:13:43.578048', u'permissions': {u'owner': u'cloud-admin', u'owner_access': 7, u'other_access': 7, u'group': u'admin', u'group_access': 7}, u'description': None}, 'uuid': '9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0'}}, domain = default-domain]
2015 Jul 10 14:15:45.625975 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = 9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0, object_type = logical_router, identifier_name = default-domain:ad
min-4826f1b1-821a-4d8b-b902-87790d1748bf:rtr1, url = http://127.0.0.1:9100/ref-update, operation = ref-update, useragent = a2s40:/usr/bin/contrail-api, remote_ip = 127.0.0.1:9100, body = {'ref-type': 'virtu
al-machine-interface', 'uuid': '9ecb7c39-478f-4d7a-8919-a9e9e2b8cfa0', 'ref-fq-name': ['default-domain', 'admin-4826f1b1-821a-4d8b-b902-87790d1748bf', '1e2c6724-a907-432f-82ec-cb90eb17c8b8'], 'ref-uuid': '1e2c6724-a907-432f-82ec-cb90eb17c8b8', 'operation': 'DELETE', 'type': 'logical-router', 'attr': None}, domain = default-domain]
2015 Jul 10 14:15:45.656333 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = cff0f203-3fb1-4f84-8a46-7c7966bfd842, object_type = instance_ip, identifier_name = cff0f203-3fb1-4f84-8
a46-7c7966bfd842, url = http://127.0.0.1:9100/instance-ip/cff0f203-3fb1-4f84-8a46-7c7966bfd842, operation = delete, useragent = a2s40:/usr/bin/contrail-api, remote_ip = 127.0.0.1:9100, domain = default-domain]
2015 Jul 10 14:15:45.708900 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = 1e2c6724-a907-432f-82ec-cb90eb17c8b8, object_type = virtual_machine_interface, identifier_name = defaul
t-domain:admin-4826f1b1-821a-4d8b-b902-87790d1748bf:1e2c6724-a907-432f-82ec-cb90eb17c8b8, url = http://127.0.0.1:9100/virtual-machine-interface/1e2c6724-a907-432f-82ec-cb90eb17c8b8, operation = delete, useragent = a2s40:/usr/bin/contrail-api, remote_ip = 127.0.0.1:9100, domain = default-domain]
2015 Jul 10 14:15:45.735034 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = 6e9b8997-ffcd-4a29-8c13-47f2de8bbe89, object_type = virtual_machine, identifier_name = 6e9b8997-ffcd-4a
29-8c13-47f2de8bbe89, url = http://127.0.0.1:9100/virtual-machine/6e9b8997-ffcd-4a29-8c13-47f2de8bbe89, operation = delete, useragent = a2s40:/usr/bin/contrail-api, remote_ip = 127.0.0.1:9100, domain = default-domain]
2015 Jul 10 14:15:45.809367 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = c09ebd00-02a2-48fd-b55f-3217bca6b872, object_type = routing_instance, identifier_name = default-domain:
admin-4826f1b1-821a-4d8b-b902-87790d1748bf:vn1:vn1, url = http://10.84.7.40:8082/routing-instance/c09ebd00-02a2-48fd-b55f-3217bca6b872, operation = put, useragent = a2s40:/usr/bin/contrail-schema, remote_ip
 = 10.84.7.40:8082, body = {'routing-instance': {'id_perms': {u'enable': True, u'description': None, u'creator': None, u'created': u'2015-07-10T21:02:07.724795', u'user_visible': True, u'last_modified': u'2
015-07-10T21:13:43.596063', u'permissions': {u'owner': u'cloud-admin', u'owner_access': 7, u'other_access': 7, u'group': u'admin', u'group_access': 7}, u'uuid': {u'uuid_mslong': 13879738909344286973L, u'uuid_lslong': 13069219721183148146L}}, 'uuid': 'c09ebd00-02a2-48fd-b55f-3217bca6b872'}}, domain = default-domain]
2015 Jul 10 14:15:45.821870 a2s40 [:contrail-api:] : VncApiConfigLog: [VncApiCommon: identifier_uuid = c09ebd00-02a2-48fd-b55f-3217bca6b872, object_type = routing_instance, identifier_name = default-domain:
admin-4826f1b1-821a-4d8b-b902-87790d1748bf:vn1:vn1, url = http://10.84.7.40:8082/ref-update, operation = ref-update, useragent = a2s40:/usr/bin/contrail-schema, remote_ip = 10.84.7.40:8082, body = {'ref-typ
e': 'route-target', 'uuid': 'c09ebd00-02a2-48fd-b55f-3217bca6b872', 'ref-fq-name': ['target:64512:8000004'], 'ref-uuid': None, 'operation': 'DELETE', 'type': 'routing-instance', 'attr': None}, domain = default-domain]
root@a2s40:~#

See original description
Tags: config neutron
Senthilnathan Murugappan (msenthil)
Changed in juniperopenstack:
importance: Undecided → Medium
Revision history for this message
Sachin Bansal (sbansal) wrote :

This is happening because nova is deleting the port when it is detached from the vm. It was reported as https://bugs.launchpad.net/nova/+bug/1362100, which was marked as duplicate of https://bugs.launchpad.net/bugs/1158684

It should be fixed in kilo.

Revision history for this message
Senthilnathan Murugappan (smurugap) wrote : Re: snat: Port with VM attached shouldnt be allowed to be added to router

After further debugging its been decided that a port with VM being a owner shouldnt be allowed to be added to a router.

summary: - snat: detaching the port associated with VM deletes the IIP, VMI, VM
- objects
+ snat: Port with VMI attached shouldnt be allowed to be added to router
summary: - snat: Port with VMI attached shouldnt be allowed to be added to router
+ snat: Port with VM attached shouldnt be allowed to be added to router
description: updated
Nagabhushana R (bhushana)
tags: added: neutron
removed: api
summary: - snat: Port with VM attached shouldnt be allowed to be added to router
+ Port with VM attached shouldnt be allowed to be added to router
Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/19334
Submitter: Ignatious Johnson Christopher (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Bug update]

bug update...

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/19334
Submitter: Ignatious Johnson Christopher (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/19334
Committed: http://github.org/Juniper/contrail-controller/commit/1735935e302d329b36c0f7925027292fdbdacc47
Submitter: Zuul
Branch: master

commit 1735935e302d329b36c0f7925027292fdbdacc47
Author: Ignatious Johnson Christopher <email address hidden>
Date: Fri Apr 15 19:22:23 2016 +0000

1. VMI attached to VM shouldn't be allowed to attach to a logical router.
2. Check to make sure same network is not added as both internal interface
and external network to a router
Change-Id: I0a492231ee2dea3ca0f8031100f5da60bc50eda3
Closes-Bug: 1473574
Closes-Bug: 1455583

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0

Review in progress for https://review.opencontrail.org/19536
Submitter: Ignatious Johnson Christopher (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/19536
Committed: http://github.org/Juniper/contrail-controller/commit/85018e65cb4040d4e9451cdc1441174dc1d64283
Submitter: Zuul
Branch: R3.0

commit 85018e65cb4040d4e9451cdc1441174dc1d64283
Author: Ignatious Johnson Christopher <email address hidden>
Date: Fri Apr 15 19:22:23 2016 +0000

1. VMI attached to VM shouldn't be allowed to attach to a logical router.
2. Check to make sure same network is not added as both internal interface
and external network to a router
Change-Id: I0a492231ee2dea3ca0f8031100f5da60bc50eda3
Closes-Bug: 1473574
Closes-Bug: 1455583

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/19758
Submitter: Ignatious Johnson Christopher (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0

Review in progress for https://review.opencontrail.org/19760
Submitter: Ignatious Johnson Christopher (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/19760
Committed: http://github.org/Juniper/contrail-controller/commit/92e0df0e1c13175ab268fdd5fbe24ef3a47565cc
Submitter: Zuul
Branch: R3.0

commit 92e0df0e1c13175ab268fdd5fbe24ef3a47565cc
Author: Ignatious Johnson Christopher <email address hidden>
Date: Fri Apr 29 21:26:52 2016 +0000

VMI attached to VM shouldn't be allowed to attach to a logical router.
Check to make sure same network is not added as both internal interface
and external network to a router.
Handling above cases during create of logical router

Change-Id: I3e04bed5a222c5f8f3b44dcfe5bf7bbeb9f0a1f2
Closes-Bug: 1473574
Closes-Bug: 1455583

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote :

Reviewed: https://review.opencontrail.org/19758
Committed: http://github.org/Juniper/contrail-controller/commit/caee75f6f99544b189f831c156098fa78870d905
Submitter: Zuul
Branch: master

commit caee75f6f99544b189f831c156098fa78870d905
Author: Ignatious Johnson Christopher <email address hidden>
Date: Fri Apr 29 21:26:52 2016 +0000

VMI attached to VM shouldn't be allowed to attach to a logical router.
Check to make sure same network is not added as both internal interface
and external network to a router.
Handling above cases during create of logical router

Change-Id: I3e04bed5a222c5f8f3b44dcfe5bf7bbeb9f0a1f2
Closes-Bug: 1473574
Closes-Bug: 1455583

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/19880
Submitter: Ignatious Johnson Christopher (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.0

Review in progress for https://review.opencontrail.org/19881
Submitter: Ignatious Johnson Christopher (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/19881
Committed: http://github.org/Juniper/contrail-controller/commit/37e14cc14851ed159f8401b560f46d40ab8ed154
Submitter: Zuul
Branch: R3.0

commit 37e14cc14851ed159f8401b560f46d40ab8ed154
Author: Ignatious Johnson Christopher <email address hidden>
Date: Wed May 4 05:07:38 2016 +0000

Using default domain/project for the logical router unittests.
Related-Bug: 1473574
Related-Bug: 1455583

Change-Id: Id0c1f2e9426bfeb22109ef6910d92e3a3573d9a5

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote :

Reviewed: https://review.opencontrail.org/19880
Committed: http://github.org/Juniper/contrail-controller/commit/a4f713753be37df1043fc15d295934bd8c1e1fea
Submitter: Zuul
Branch: master

commit a4f713753be37df1043fc15d295934bd8c1e1fea
Author: Ignatious Johnson Christopher <email address hidden>
Date: Wed May 4 05:07:38 2016 +0000

Using default domain/project for the logical router unittests.
Related-Bug: 1473574
Related-Bug: 1455583

Change-Id: Id0c1f2e9426bfeb22109ef6910d92e3a3573d9a5

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.