Iptables calls cause faults during deployment
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Fuel for OpenStack |
Fix Released
|
High
|
Alex Schultz | ||
7.0.x |
Fix Released
|
High
|
Denis Meltsaykin | ||
8.0.x |
Fix Released
|
High
|
Anton Chevychalov | ||
Mitaka |
Fix Released
|
High
|
Alex Schultz |
Bug Description
The iptables calls try to reach external and unreachable DNS servers. These calls cause errors in the deployment. It could be prevented if the calls would contain switches -n and -w.
Please add these switches (-n -w) to the iptables calls in the files located in fuel/library/
nova-network: ocf_run iptables -t filter -F $filter_chain
nova-network: ocf_run iptables -t nat -F $nat_chain
nova-network: ocf_run iptables -t mangle -F $prefix-POSTROUTING
ns_haproxy: iptables -n -t nat -L | grep -q masquerade-
ns_haproxy: ocf_run iptables -n -t nat -A POSTROUTING -s "${OCF_
ns_vrouter: iptables -n -t nat -L | grep -q masquerade-
ns_vrouter: ocf_run iptables -n -t nat -A POSTROUTING -s "${OCF_
rabbitmq: until $(iptables -nvL | grep -q 'temporary RMQ block') || [ $tries -eq 0 ]; do
rabbitmq: iptables -I INPUT -p tcp -m tcp --dport ${OCF_RESKEY_
rabbitmq: for i in $(iptables -nvL --line-numbers | awk '/temporary RMQ block/ {print $1}'); do
rabbitmq: iptables -D INPUT -p tcp -m tcp --dport ${OCF_RESKEY_
It can cause errors during deployment a new environment and on an already installed one.
How to reproduce:
Make the DNS service unreachable and start to stop/start CRM resources.
The description of the case enlists the files and the calls where the changes should be done. To find them:
fuel/library/
MOS7.0 drop_w23.
VERSION:
feature_groups:
- mirantis
production: "docker"
release: "7.0"
openstack_
api: "1.0"
build_number: "852"
build_id: "852"
nailgun_sha: "864ff12f07568f
python-
fuel-agent_sha: "d02d30e61fdcbc
fuel-
astute_sha: "bc04aee030d019
fuel-library_sha: "c29ab66b03223e
fuel-ostf_sha: "fce90d4add96ca
fuelmain_sha: "f45ec7e3571999
Please provide a backport for MOS 7.0
Changed in mos: | |
importance: | Undecided → High |
tags: | added: sla1 |
tags: | added: area-library |
tags: | added: 9.1-proposed |
tags: | added: on-verification |
no longer affects: | fuel/newton |
tags: | added: on-verification |
master: https:/ /review. openstack. org/#/c/ 348074/ /review. openstack. org/#/c/ 348073/
stable/mitaka: https:/