neutron

agent attempts to create firewall even if fwaas disabled

Bug #1310857 reported by Adam Gandelman on 2014-04-21

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	neutron	Fix Released	Medium	Sridhar Gaddam	neutron 2014.2 "juno"

Bug Description

Investigating some tempest failures in this area led me to this issue. devstack currently has a bug re: configuration of fwaas. This leads the service to be enabled, but the agent does get passed the relevant config files /w fwaas config. On firewall creation, the following traceback appears while the firewall stays in PENDING_CREATE:

neutron.services.firewall.agents.l3reference.firewall_l3_agent [req-2b7a801e-7358-418e-b4e7-95b7b27aefc2 None] FWaaS RPC failure in create_firewall for fw: f24bd240-04d5-49f1-971c-8ae95e666ef0
neutron.services.firewall.agents.l3reference.firewall_l3_agent Traceback (most recent call last):
neutron.services.firewall.agents.l3reference.firewall_l3_agent File "/opt/stack/neutron/neutron/services/firewall/agents/l3reference/firewall_l3_agent.py", line 133, in _invoke_driver_for_plugin_api
neutron.services.firewall.agents.l3reference.firewall_l3_agent self.fwaas_driver.__getattribute__(func_name)(
neutron.services.firewall.agents.l3reference.firewall_l3_agent AttributeError: 'VPNAgent' object has no attribute 'fwaas_driver'
neutron.services.firewall.agents.l3reference.firewall_l3_agent

Tags:

Sridhar Gaddam (sridhargaddam) on 2014-04-27

Changed in neutron:
assignee:	nobody → Sridhar Gaddam (sridhargaddam)
status:	New → In Progress

Revision history for this message

Openstack Gerrit (openstack-gerrit) wrote on 2014-04-27: Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/90575

Sumit Naiksatam (snaiksat) on 2014-04-27

Changed in neutron:
milestone:	none → juno-1
importance:	Undecided → High
tags:	added: fwaas icehouse-backport-potential

Kyle Mestery (mestery) on 2014-06-10

Changed in neutron:
milestone:	juno-1 → juno-2

Revision history for this message

Akihiro Motoki (amotoki) wrote on 2014-07-22:

This is a kind of configuration problems, so the priority can be lowered.

Changed in neutron:
importance:	High → Medium

Kyle Mestery (mestery) on 2014-07-22

Changed in neutron:
milestone:	juno-2 → juno-3

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-05: Fix merged to neutron (master)

Reviewed: https://review.openstack.org/90575
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=d6f014d0922e03864fd72efbcde04322711c2510
Submitter: Jenkins
Branch: master

commit d6f014d0922e03864fd72efbcde04322711c2510
Author: sridhargaddam <email address hidden>
Date: Sun Apr 27 06:25:28 2014 +0530

Exit Firewall Agent if config is invalid

    When fwaas config file is not provided to the agent,
    but the service is enabled in neutron.conf file the
    agent should exit with an error message and should
    not proceed further. This patch adds the necessary fix.

Change-Id: Iaced777e3a34e9405050252b17a203689e1c1fc0
Closes-Bug: #1310857

Changed in neutron:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2014-09-04

Changed in neutron:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2014-10-16

Changed in neutron:
milestone:	juno-3 → 2014.2

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1336652

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.