neutron

Floating IP agent gateway IP addresses not released when deleting dead DVR L3 agents

Bug #1891360 reported by Pierre Riteau
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Wishlist
Slawek Kaplonski

Bug Description

We have a system with some dead DVR hypervisors. Ports of type network:floatingip_agent_gateway are still associated with them and in ACTIVE state. Deleting the L3 agent doesn't delete the ports, which means extra floating IPs are still consumed.

* Version

OpenStack Train deployed with Kolla-Ansible
CentOS 7 binary containers on CentOS 7 hosts
RPM: openstack-neutron-15.0.2-1.el7.noarch

* Environment: Neutron ML2 OVS + DVR

Revision history for this message
LIU Yulong (dragon889) wrote :

IMO, you could delete those stale ports manually.

Revision history for this message
Pierre Riteau (priteau) wrote :

That's what I did of course, but IMHO Neutron should do it.

Slawek Kaplonski (slaweq)
Changed in neutron:
status: New → Confirmed
importance: Undecided → Wishlist
tags: added: api l3-dvr-backlog
Slawek Kaplonski (slaweq)
tags: added: low-hanging-fruit
Dan Radez (dradez)
Changed in neutron:
assignee: nobody → Dan Radez (dradez)
Revision history for this message
Dan Radez (dradez) wrote :

This appears to be related to:
https://src.fedoraproject.org/rpms/dnsmasq/c/744ba31be775c11b1f52104d6285509b06b81035?branch=master

I'm cleaning my env to do a final verification. Seems that dnsmasq will only listen on lo with this in place.

Maybe we can add interface= to the neutron dnsmasq command to ensure that we always listen on all interfaces no matter what the system config states?

Revision history for this message
Pierre Riteau (priteau) wrote :

@Dan: Is your comment for this bug? I don't see the link between dnsmasq and this issue.

Revision history for this message
Dan Radez (dradez) wrote :

@Pierre, nope, sry about that.
Commented on the wrong bug :(

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.opendev.org/755330

Changed in neutron:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/neutron/+/787691

Slawek Kaplonski (slaweq)
Changed in neutron:
assignee: Dan Radez (dradez) → Slawek Kaplonski (slaweq)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/787691
Committed: https://opendev.org/openstack/neutron/commit/8cc7c0cf7a5196103b097fae67eccbd5dc3980ac
Submitter: "Zuul (22348)"
Branch: master

commit 8cc7c0cf7a5196103b097fae67eccbd5dc3980ac
Author: Slawek Kaplonski <email address hidden>
Date: Fri Apr 23 10:45:14 2021 +0200

    Remove FIP agent's gw port when L3 agent is deleted

    Floating IP agent gateway ports are created for each external network
    for each node where DVR L3 agent is running and where there is some FIP
    from the ext_net.
    But even, if L3 agent is removed (e.g. when scaling down the cluster),
    such floating IP gateway port is never removed so it consumes IP address
    from the external network.

    With this patch when the DVR L3 agent is deleted, all such fip gateway
    ports owned by that agent will be deleted.
    When new L3 agent is created (registered in the DB), Neutron will check
    if there are any floating IPs on that host and will recreate such FIP
    gateway ports for it.

    Closes-Bug: #1891360
    Change-Id: If6ef990baf039c556d7420962ac4c54608711f06

Changed in neutron:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/wallaby)

Fix proposed to branch: stable/wallaby
Review: https://review.opendev.org/c/openstack/neutron/+/797757

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/c/openstack/neutron/+/797758

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/neutron/+/797759

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/train)

Fix proposed to branch: stable/train
Review: https://review.opendev.org/c/openstack/neutron/+/797760

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/stein)

Fix proposed to branch: stable/stein
Review: https://review.opendev.org/c/openstack/neutron/+/797807

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/rocky)

Fix proposed to branch: stable/rocky
Review: https://review.opendev.org/c/openstack/neutron/+/797761

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/queens)

Fix proposed to branch: stable/queens
Review: https://review.opendev.org/c/openstack/neutron/+/797762

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/wallaby)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/797757
Committed: https://opendev.org/openstack/neutron/commit/170e6306e20399f60815d7d6e87983de004b83e9
Submitter: "Zuul (22348)"
Branch: stable/wallaby

commit 170e6306e20399f60815d7d6e87983de004b83e9
Author: Slawek Kaplonski <email address hidden>
Date: Fri Apr 23 10:45:14 2021 +0200

    Remove FIP agent's gw port when L3 agent is deleted

    Floating IP agent gateway ports are created for each external network
    for each node where DVR L3 agent is running and where there is some FIP
    from the ext_net.
    But even, if L3 agent is removed (e.g. when scaling down the cluster),
    such floating IP gateway port is never removed so it consumes IP address
    from the external network.

    With this patch when the DVR L3 agent is deleted, all such fip gateway
    ports owned by that agent will be deleted.
    When new L3 agent is created (registered in the DB), Neutron will check
    if there are any floating IPs on that host and will recreate such FIP
    gateway ports for it.

    Closes-Bug: #1891360
    Change-Id: If6ef990baf039c556d7420962ac4c54608711f06
    (cherry picked from commit 8cc7c0cf7a5196103b097fae67eccbd5dc3980ac)

tags: added: in-stable-wallaby
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/train)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/797760
Committed: https://opendev.org/openstack/neutron/commit/4bdfc711453e9b6af955be62a28ef9fcc46a5040
Submitter: "Zuul (22348)"
Branch: stable/train

commit 4bdfc711453e9b6af955be62a28ef9fcc46a5040
Author: Slawek Kaplonski <email address hidden>
Date: Fri Apr 23 10:45:14 2021 +0200

    Remove FIP agent's gw port when L3 agent is deleted

    Floating IP agent gateway ports are created for each external network
    for each node where DVR L3 agent is running and where there is some FIP
    from the ext_net.
    But even, if L3 agent is removed (e.g. when scaling down the cluster),
    such floating IP gateway port is never removed so it consumes IP address
    from the external network.

    With this patch when the DVR L3 agent is deleted, all such fip gateway
    ports owned by that agent will be deleted.
    When new L3 agent is created (registered in the DB), Neutron will check
    if there are any floating IPs on that host and will recreate such FIP
    gateway ports for it.

    Closes-Bug: #1891360
    Change-Id: If6ef990baf039c556d7420962ac4c54608711f06
    (cherry picked from commit 8cc7c0cf7a5196103b097fae67eccbd5dc3980ac)

tags: added: in-stable-train
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/victoria)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/797758
Committed: https://opendev.org/openstack/neutron/commit/dcf050951d71a3c2f3e3d997c6b171fa4483bc20
Submitter: "Zuul (22348)"
Branch: stable/victoria

commit dcf050951d71a3c2f3e3d997c6b171fa4483bc20
Author: Slawek Kaplonski <email address hidden>
Date: Fri Apr 23 10:45:14 2021 +0200

    Remove FIP agent's gw port when L3 agent is deleted

    Floating IP agent gateway ports are created for each external network
    for each node where DVR L3 agent is running and where there is some FIP
    from the ext_net.
    But even, if L3 agent is removed (e.g. when scaling down the cluster),
    such floating IP gateway port is never removed so it consumes IP address
    from the external network.

    With this patch when the DVR L3 agent is deleted, all such fip gateway
    ports owned by that agent will be deleted.
    When new L3 agent is created (registered in the DB), Neutron will check
    if there are any floating IPs on that host and will recreate such FIP
    gateway ports for it.

    Closes-Bug: #1891360
    Change-Id: If6ef990baf039c556d7420962ac4c54608711f06
    (cherry picked from commit 8cc7c0cf7a5196103b097fae67eccbd5dc3980ac)

tags: added: in-stable-victoria
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/ussuri)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/797759
Committed: https://opendev.org/openstack/neutron/commit/96259e96c76475f11ec91d41749d1aca56598427
Submitter: "Zuul (22348)"
Branch: stable/ussuri

commit 96259e96c76475f11ec91d41749d1aca56598427
Author: Slawek Kaplonski <email address hidden>
Date: Fri Apr 23 10:45:14 2021 +0200

    Remove FIP agent's gw port when L3 agent is deleted

    Floating IP agent gateway ports are created for each external network
    for each node where DVR L3 agent is running and where there is some FIP
    from the ext_net.
    But even, if L3 agent is removed (e.g. when scaling down the cluster),
    such floating IP gateway port is never removed so it consumes IP address
    from the external network.

    With this patch when the DVR L3 agent is deleted, all such fip gateway
    ports owned by that agent will be deleted.
    When new L3 agent is created (registered in the DB), Neutron will check
    if there are any floating IPs on that host and will recreate such FIP
    gateway ports for it.

    Closes-Bug: #1891360
    Change-Id: If6ef990baf039c556d7420962ac4c54608711f06
    (cherry picked from commit 8cc7c0cf7a5196103b097fae67eccbd5dc3980ac)

tags: added: in-stable-ussuri
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/stein)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/797807
Committed: https://opendev.org/openstack/neutron/commit/ef476bb875e64164a046f3787ca7ca77aaef2bcf
Submitter: "Zuul (22348)"
Branch: stable/stein

commit ef476bb875e64164a046f3787ca7ca77aaef2bcf
Author: Slawek Kaplonski <email address hidden>
Date: Fri Apr 23 10:45:14 2021 +0200

    Remove FIP agent's gw port when L3 agent is deleted

    Floating IP agent gateway ports are created for each external network
    for each node where DVR L3 agent is running and where there is some FIP
    from the ext_net.
    But even, if L3 agent is removed (e.g. when scaling down the cluster),
    such floating IP gateway port is never removed so it consumes IP address
    from the external network.

    With this patch when the DVR L3 agent is deleted, all such fip gateway
    ports owned by that agent will be deleted.
    When new L3 agent is created (registered in the DB), Neutron will check
    if there are any floating IPs on that host and will recreate such FIP
    gateway ports for it.

    Conflicts:
        neutron/tests/unit/db/test_l3_dvr_db.py

    Closes-Bug: #1891360
    Change-Id: If6ef990baf039c556d7420962ac4c54608711f06
    (cherry picked from commit 8cc7c0cf7a5196103b097fae67eccbd5dc3980ac)

tags: added: in-stable-stein
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/queens)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/797762
Committed: https://opendev.org/openstack/neutron/commit/5d932209f6e55ea8d7f76c359559d9d2c8091a5e
Submitter: "Zuul (22348)"
Branch: stable/queens

commit 5d932209f6e55ea8d7f76c359559d9d2c8091a5e
Author: Slawek Kaplonski <email address hidden>
Date: Fri Apr 23 10:45:14 2021 +0200

    Remove FIP agent's gw port when L3 agent is deleted

    Floating IP agent gateway ports are created for each external network
    for each node where DVR L3 agent is running and where there is some FIP
    from the ext_net.
    But even, if L3 agent is removed (e.g. when scaling down the cluster),
    such floating IP gateway port is never removed so it consumes IP address
    from the external network.

    With this patch when the DVR L3 agent is deleted, all such fip gateway
    ports owned by that agent will be deleted.
    When new L3 agent is created (registered in the DB), Neutron will check
    if there are any floating IPs on that host and will recreate such FIP
    gateway ports for it.

    Conflicts:
        neutron/tests/unit/db/test_l3_dvr_db.py

    Closes-Bug: #1891360
    Change-Id: If6ef990baf039c556d7420962ac4c54608711f06
    (cherry picked from commit 8cc7c0cf7a5196103b097fae67eccbd5dc3980ac)

tags: added: in-stable-queens
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/rocky)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/797761
Committed: https://opendev.org/openstack/neutron/commit/8eaa61e916da62d4246a964e7bbcb81b9d5a8506
Submitter: "Zuul (22348)"
Branch: stable/rocky

commit 8eaa61e916da62d4246a964e7bbcb81b9d5a8506
Author: Slawek Kaplonski <email address hidden>
Date: Fri Apr 23 10:45:14 2021 +0200

    Remove FIP agent's gw port when L3 agent is deleted

    Floating IP agent gateway ports are created for each external network
    for each node where DVR L3 agent is running and where there is some FIP
    from the ext_net.
    But even, if L3 agent is removed (e.g. when scaling down the cluster),
    such floating IP gateway port is never removed so it consumes IP address
    from the external network.

    With this patch when the DVR L3 agent is deleted, all such fip gateway
    ports owned by that agent will be deleted.
    When new L3 agent is created (registered in the DB), Neutron will check
    if there are any floating IPs on that host and will recreate such FIP
    gateway ports for it.

    Conflicts:
        neutron/tests/unit/db/test_l3_dvr_db.py

    Closes-Bug: #1891360
    Change-Id: If6ef990baf039c556d7420962ac4c54608711f06
    (cherry picked from commit 8cc7c0cf7a5196103b097fae67eccbd5dc3980ac)

tags: added: in-stable-rocky
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 16.4.0

This issue was fixed in the openstack/neutron 16.4.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 17.2.0

This issue was fixed in the openstack/neutron 17.2.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 18.1.0

This issue was fixed in the openstack/neutron 18.1.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 19.0.0.0rc1

This issue was fixed in the openstack/neutron 19.0.0.0rc1 release candidate.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron queens-eol

This issue was fixed in the openstack/neutron queens-eol release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron rocky-eol

This issue was fixed in the openstack/neutron rocky-eol release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron stein-eol

This issue was fixed in the openstack/neutron stein-eol release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron train-eol

This issue was fixed in the openstack/neutron train-eol release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.