Fuel for OpenStack

Do not turn on firewall while Image Base provisioning is used

Bug #1441136 reported by Alexander Kurenyshev
32
This bug affects 5 people
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Fix Released
High
Alexander Gordeev
Fuel for OpenStack 6.1
6.0.x
Won't Fix
Medium
Alexander Gordeev
Fuel for OpenStack 6.0-updates

Bug Description

Steps to reproduce:
Use Image Base provisioning
1) Setup reboot-plugin (see attachments)
2) Create environment: centos, nova flat
    'slave-01': ['controller', 'ceph-osd'],
    'slave-02': ['compute', 'ceph-osd'],
    'slave-03': ['compute'],
    'slave-04': ['ceph-osd']
3) Enable plugin at the UI
4) Deploy

Expected behaviour:
Deploy is successful

Actual behaviour:
Deploy failed

The root of the problem is nodes lost iptables rules after reboot plugin hook

Revision history for this message
Alexander Kurenyshev (akurenyshev) wrote :
Revision history for this message
Alexander Kurenyshev (akurenyshev) wrote :
Revision history for this message
Vladimir Kuklin (vkuklin) wrote :

This issue should be fixed by provisioning team. Firewall should be disabled as it makes no sense to configure it as FUEL will override this settings in a matter of seconds.

Changed in fuel:
assignee: Fuel Library Team (fuel-library) → Fuel provisioning team (fuel-provisioning)
importance: Undecided → High
status: New → Triaged
Dmitry Pyzhov (dpyzhov)
Changed in fuel:
assignee: Fuel provisioning team (fuel-provisioning) → Aleksandr Gordeev (a-gordeev)
Evgeniya Shumakher (eshumakher)
tags: added: customer-found
Dmitry Pyzhov (dpyzhov)
tags: added: feature-image-based
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to fuel-main (master)

Fix proposed to branch: master
Review: https://review.openstack.org/177312

Changed in fuel:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to fuel-main (master)

Reviewed: https://review.openstack.org/177312
Committed: https://git.openstack.org/cgit/stackforge/fuel-main/commit/?id=6b59c4a5a6488097f93172ba004ff59b0e03791a
Submitter: Jenkins
Branch: master

commit 6b59c4a5a6488097f93172ba004ff59b0e03791a
Author: Alexander Gordeev <email address hidden>
Date: Fri Apr 24 18:23:36 2015 +0300

    [IBP] turn off firewall on centos

    Firewall should be disabled as it makes no sense to configure it as
    FUEL will override network settings in a matter of seconds.

    Change-Id: I9c7fbe3e129efa536dd9104341dabb6a384229f9
    Closes-Bug: #1441136

Changed in fuel:
status: In Progress → Fix Committed
Maksym Strukov (unbelll)
tags: added: on-verification
Revision history for this message
Maksym Strukov (unbelll) wrote :

{"build_id": "2015-05-26_16-19-56", "build_number": "469", "release_versions": {"2014.2.2-6.1": {"VERSION": {"build_id": "2015-05-26_16-19-56", "build_number": "469", "api": "1.0", "fuel-library_sha": "5cde6f16688486a37f3b280501e98a70883e0d06", "nailgun_sha": "f737675091bd1903aace0e36812e855ce47dfec7", "feature_groups": ["mirantis"], "openstack_version": "2014.2.2-6.1", "production": "docker", "python-fuelclient_sha": "e19f1b65792f84c4a18b5a9473f85ef3ba172fce", "astute_sha": "0bd72c72369e743376864e8e8dabfe873d40450a", "fuel-ostf_sha": "87819878bc0ca572900e1f6933d9b99e666d6f62", "release": "6.1", "fuelmain_sha": "13b3e9cf074ba1cf1ae06509c55fbab613c73f4e"}}}, "auth_required": true, "api": "1.0", "fuel-library_sha": "5cde6f16688486a37f3b280501e98a70883e0d06", "nailgun_sha": "f737675091bd1903aace0e36812e855ce47dfec7", "feature_groups": ["mirantis"], "openstack_version": "2014.2.2-6.1", "production": "docker", "python-fuelclient_sha": "e19f1b65792f84c4a18b5a9473f85ef3ba172fce", "astute_sha": "0bd72c72369e743376864e8e8dabfe873d40450a", "fuel-ostf_sha": "87819878bc0ca572900e1f6933d9b99e666d6f62", "release": "6.1", "fuelmain_sha": "13b3e9cf074ba1cf1ae06509c55fbab613c73f4e"}

Actual:
compute nodes failed to deploy:

2015-05-27 20:31:07.488 32215 TRACE nova DBConnectionError: (OperationalError) (2003, "Can't connect to MySQL server on '10.109.7.8' (113)") None None
...
 (/Stage[main]/Nova::Api/Exec[nova-db-sync]) Failed to call refresh: /usr/bin/nova-manage db sync returned 1 instead of one of [0]
...
Execution of '/usr/bin/nova-manage network create novanetwork 10.109.8.128/25 1 128 --dns1 8.8.4.4 --dns2 8.8.8.8' returned 1: 2015-05-27 20:19:00.628 26797 INFO nova.network.driver [-] Loading network driver 'nova.network.linux_net'

Same cluster without reboot_plugin.rpm deployed successfully

tags: removed: on-verification
Changed in fuel:
status: Fix Committed → Confirmed
Revision history for this message
Dmitry Pyzhov (dpyzhov) wrote :

This is a new issue in the same conditions. But in library. Moving the bug back to Fix Committed. Please file a new bug.

Changed in fuel:
status: Confirmed → Fix Committed
Revision history for this message
Maksym Strukov (unbelll) wrote :

To verify after https://bugs.launchpad.net/fuel/+bug/1459733

Revision history for this message
Maksym Strukov (unbelll) wrote :

Verified as fixed in 6.1-501

{"build_id": "2015-06-03_11-42-48", "build_number": "501", "release_versions": {"2014.2.2-6.1": {"VERSION": {"build_id": "2015-06-03_11-42-48", "build_number": "501", "api": "1.0", "fuel-library_sha": "aacfc99fb74b6f08af20451130df8a64ef861faa", "nailgun_sha": "5cd6c1236c81faaf61d3ce1cd3c9ac9e13cf1056", "feature_groups": ["mirantis"], "openstack_version": "2014.2.2-6.1", "production": "docker", "python-fuelclient_sha": "4fc55db0265bbf39c369df398b9dc7d6469ba13b", "astute_sha": "cbae24e9904be2ff8d1d49c0c48d1bdc33574228", "fuel-ostf_sha": "f899e16c4ce9a60f94e7128ecde1324ea41d09d4", "release": "6.1", "fuelmain_sha": "bcc909ffc5dd5156ba54cae348b6a07c1b607b24"}}}, "auth_required": true, "api": "1.0", "fuel-library_sha": "aacfc99fb74b6f08af20451130df8a64ef861faa", "nailgun_sha": "5cd6c1236c81faaf61d3ce1cd3c9ac9e13cf1056", "feature_groups": ["mirantis"], "openstack_version": "2014.2.2-6.1", "production": "docker", "python-fuelclient_sha": "4fc55db0265bbf39c369df398b9dc7d6469ba13b", "astute_sha": "cbae24e9904be2ff8d1d49c0c48d1bdc33574228", "fuel-ostf_sha": "f899e16c4ce9a60f94e7128ecde1324ea41d09d4", "release": "6.1", "fuelmain_sha": "bcc909ffc5dd5156ba54cae348b6a07c1b607b24"}

Changed in fuel:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.