So let's analyze what can cause a compute managers failed_builds to get incremented and point out that some of them should not be causing failed_builds to get incremented (which then can have the 'nice' effect of auto-disabling a nova-compute service).
So the return code of self._do_build_and_run_instance returns a result code; the catch of all exceptions also triggers the setting of a result code to failed; when this is failed it will cause the failed_build counter to get incremented.
Some unrelated to nova-compute exceptions that from reading the code can trigger this to happen:
- Unable to base64 decode injected files.
- Failure of notify_about_instance_create to actually send (some inner exception perhaps?)
- exception.NoMoreNetworks, exception.NoMoreFixedIps
- exception.FlavorDiskTooSmall, exception.FlavorMemoryTooSmall,
exception.ImageNotActive, exception.ImageUnacceptable,
exception.InvalidDiskInfo, exception.InvalidDiskFormat,
cursive_exception.SignatureVerificationError,
exception.VolumeEncryptionNotSupported, exception.InvalidInput,
exception.RequestedVRamTooHigh --- these bubble up as BuildAbortException
- exception.InstanceNotFound, exception.UnexpectedDeletingTaskStateError
- Anything that pops out of _build_resources
- Failed to allocate network
And many more?
I just want to add my concern over the impact of this bug. I work with Josh and observed how this was discovered. We had a misconfigured image service for a little while, which left behind an image that could not be booted. As a result, all of our hypervisors in our staging environment except one were disabled. That's not what was intended by this setting. The only failures that should increment this counter are those that are *specifically* faults caused by the compute node itself and if that can't be determined 100% of the time, the counter must not be incremented, as it would allow users to DoS the entire cloud simply by uploading an image that has a root disk that is too big for a flavor.