Disable config option use_random_fully does not work
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Summary.
We use neutron ml2/ovs plugin. Version of neutron is Ussuri. We set config option use_random_
After reboot neutron-l3-agent only one router configured without iptables option "--random-fully" in SNAT configuration, all other routers, including newly created ones, continue to be configured with option "--random-fully"
How to reproduce.
1) Create 2 routers in different projectes.
2) Create 2 floating ip and allocate them to this routers.
3) Set use_random_
4) Reboot l3-agent
As result one router will be configured without --random-fully option, another one with it. And newly created routers with floating ip also will be configured with --random-fully
Reason of this behavior.
For configuration routers(linux namespaces) l3 agent creats separate instance of IptablesManager class witch have property for check of usage random-fully option
https:/
Step 1.
When neutron l3 agent call this property first time on first instance of IptablesManager, this property sets to class variable _random_fully value True,
https:/
then check configuration and set instance variable _random_fully value False and return False.
https:/
Step 2.
After neutron l3 agent calls on second instance of IptablesManager property random_fully.
And on line
https:/
according to MRO algorithm founded variable _random_fully in class not in instance.
On previous step that variable was set to True. So property returns True.
As result we have one router configured correctly, and all the others not(according to config).
We need to disable the use of "--random-full" option, as this is critical for some applications.
description: | updated |
Changed in neutron: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
description: | updated |
Fix proposed to branch: master /review. opendev. org/c/openstack /neutron/ +/883239
Review: https:/