neutron

Deleting a subnet that is added to a router leaves behind a port that cannot be deleted

Bug #1104337 reported by Terry Wilson
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
neutron
Fix Released
High
Salvatore Orlando
neutron 2013.1 "grizzly"
Folsom
Fix Released
High
Gary Kotton
neutron 2012.2.4

Bug Description

When adding a subnet to a router via router-interface-add, it is possible to delete the subnet without removing the interface. This leaves a port behind that cannot be deleted because it is part of a router, and a router that cannot be deleted because it has an active port. It is possible to delete the port via running a network-delete, but one shouldn't have to delete the entire network just to fix the issue.

I'm attaching a patch that deletes ports marked as AUTO_DELETE_PORT_OWNERS when deleting the subnet (the same thing that happens if we cascade deleting by deleting a network) instead of just deleting the IPAllocation.

Example of issue:
[terry@f17-devstack1 quantum]$ quantum net-create net1
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | ee4e9eae-f51d-442d-84c0-d81b6e1ba69e |
| name | net1 |
| provider:network_type | vlan |
| provider:physical_network | physnet1 |
| provider:segmentation_id | 1 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | 2e3986dd9ea643f4949223283299ddec |
+---------------------------+--------------------------------------+
[terry@f17-devstack1 quantum]$ quantum subnet-create net1 10.10.10.0/24 --name subnet1
Created a new subnet:
+------------------+------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------+
| allocation_pools | {"start": "10.10.10.2", "end": "10.10.10.254"} |
| cidr | 10.10.10.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 10.10.10.1 |
| host_routes | |
| id | 02eb6689-04b0-4617-8bf9-10fddc2fa591 |
| ip_version | 4 |
| name | subnet1 |
| network_id | ee4e9eae-f51d-442d-84c0-d81b6e1ba69e |
| tenant_id | 2e3986dd9ea643f4949223283299ddec |
+------------------+------------------------------------------------+
[terry@f17-devstack1 quantum]$ quantum router-create router1
Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| external_gateway_info | |
| id | f13fca0d-6ba9-4b9d-a842-e34dedbede2b |
| name | router1 |
| status | ACTIVE |
| tenant_id | 2e3986dd9ea643f4949223283299ddec |
+-----------------------+--------------------------------------+
[terry@f17-devstack1 quantum]$ quantum router-interface-add router1 subnet1
Added interface to router router1
[terry@f17-devstack1 quantum]$ quantum port-list
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------------+
| 2486674a-8ce7-42ae-8b36-1a41d4a54606 | | fa:16:3e:7d:fe:66 | {"subnet_id": "02eb6689-04b0-4617-8bf9-10fddc2fa591", "ip_address": "10.10.10.1"} |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------------+
[terry@f17-devstack1 quantum]$ quantum subnet-delete subnet1
Deleted subnet: subnet1
[terry@f17-devstack1 quantum]$ quantum port-list
+--------------------------------------+------+-------------------+-----------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+-----------+
| 2486674a-8ce7-42ae-8b36-1a41d4a54606 | | fa:16:3e:7d:fe:66 | |
+--------------------------------------+------+-------------------+-----------+
[terry@f17-devstack1 quantum]$ quantum port-delete 2486674a-8ce7-42ae-8b36-1a41d4a54606
Port 2486674a-8ce7-42ae-8b36-1a41d4a54606 has owner network:router_interface and therefore cannot be deleted directly via the port API.
[terry@f17-devstack1 quantum]$ quantum router-delete router1
Router f13fca0d-6ba9-4b9d-a842-e34dedbede2b still has active ports
[terry@f17-devstack1 quantum]$ quantum router-interface-delete router1 02eb6689-04b0-4617-8bf9-10fddc2fa591
Unable to find subnet with name '02eb6689-04b0-4617-8bf9-10fddc2fa591'

See original description
Revision history for this message
Terry Wilson (otherwiseguy) wrote :
Terry Wilson (otherwiseguy)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to quantum (master)

Fix proposed to branch: master
Review: https://review.openstack.org/20424

Changed in quantum:
assignee: nobody → Terry Wilson (otherwiseguy)
status: New → In Progress
Mark McClain (markmcclain)
tags: added: db l3-ipam-dhcp
removed: database router subnet
Revision history for this message
Sam Betts (sambetts) wrote :

I am experiencing a similar issue, although I thought this would have been solved by the ability to pass a port_id through when doing a router-interface-delete rest call. However this is not the case, as that just causes a stack trace:

URL = /routers/{routerid}/remove_router_interface
JSON Data = { "port_id" : someportid }

Results:

2013-02-18 13:23:07 ERROR [quantum.api.v2.resource] remove_router_interface failed
Traceback (most recent call last):
  File "/opt/stack/quantum/quantum/api/v2/resource.py", line 96, in resource
    result = method(request=request, **args)
  File "/opt/stack/quantum/quantum/api/v2/base.py", line 158, in _handle_action
    return getattr(self._plugin, name)(request.context, id, body)
  File "/opt/stack/quantum/quantum/db/l3_db.py", line 405, in remove_router_interface
    port_db['fixed_ips'][0]['subnet_id'])
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/dynamic.py", line 249, in __getitem__
    return self._clone(sess).__getitem__(index)
  File "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/query.py", line 2028, in __getitem__
    return list(self[item:item+1])[0]
IndexError: list index out of range

Revision history for this message
dan wendlandt (danwent) wrote :

Terry, please let us know if you plan on addressing the comments in the review, otherwise we'll have someone else from the team address this issue.

Sam: yes, the problem is that router_interface_delete assumes the subnet is still there, so we need to either fail subnet-delete if there is a router interface for that subnet, or automatically remove the router interface on subnet delete.

tags: added: folsom-backport-potential
Changed in quantum:
milestone: none → grizzly-3
importance: Undecided → High
dan wendlandt (danwent)
Changed in quantum:
milestone: grizzly-3 → grizzly-rc1
Revision history for this message
Terry Wilson (otherwiseguy) wrote :

Dan: Sorry, a bunch of other stuff came up. I'll try to look at it today and address comments.

Revision history for this message
dan wendlandt (danwent) wrote :

At team meeting, we'll need to discuss whether we need to have a core dev take over this fix so it can make grizzly.

OpenStack Infra (hudson-openstack)
Changed in quantum:
assignee: Terry Wilson (otherwiseguy) → Salvatore Orlando (salvatore-orlando)
Revision history for this message
Salvatore Orlando (salvatore-orlando) wrote :

I pushed a new patch for it, but we might probably want to add a unit test too.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to quantum (master)

Reviewed: https://review.openstack.org/20424
Committed: http://github.com/openstack/quantum/commit/921f203f4906a3b566f5a58471a55a4eedfc939c
Submitter: Jenkins
Branch: master

commit 921f203f4906a3b566f5a58471a55a4eedfc939c
Author: Salvatore Orlando <email address hidden>
Date: Mon Mar 4 18:19:47 2013 +0100

    L3 port delete prevention: do not raise if no IP on port

    Bug #1104337

    This patch alters the prevent_l3_port_deletion logic.
    PortInUse is raised only if the port has a device owner in
    (router_interface, router_gateway, floatingip) and an IP
    address.
    If no IP address is found on the port the port itself can
    be considered stale and therefore deleted as any association
    with l3 entities would be void.

    Change-Id: I9d711b2a9d2cbcc8be481f1751f51fe5b9f01327

Changed in quantum:
status: In Progress → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to quantum (stable/folsom)

Fix proposed to branch: stable/folsom
Review: https://review.openstack.org/23516

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to quantum (stable/folsom)

Reviewed: https://review.openstack.org/23516
Committed: http://github.com/openstack/quantum/commit/f94b1491b8cb4701cd5064610d546db00d675c62
Submitter: Jenkins
Branch: stable/folsom

commit f94b1491b8cb4701cd5064610d546db00d675c62
Author: Salvatore Orlando <email address hidden>
Date: Mon Mar 4 18:19:47 2013 +0100

    L3 port delete prevention: do not raise if no IP on port

    Bug #1104337

    This patch alters the prevent_l3_port_deletion logic.
    PortInUse is raised only if the port has a device owner in
    (router_interface, router_gateway, floatingip) and an IP
    address.
    If no IP address is found on the port the port itself can
    be considered stale and therefore deleted as any association
    with l3 entities would be void.

    Change-Id: I9d711b2a9d2cbcc8be481f1751f51fe5b9f01327

Thierry Carrez (ttx)
Changed in quantum:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in quantum:
milestone: grizzly-rc1 → 2013.1
Alan Pevec (apevec)
tags: removed: folsom-backport-potential
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.