iptables-restore failed
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
High
|
Soren Hansen |
Bug Description
I tried to spawn 10 instances (using two nova-compute nodes) and got the following error for 1 instance. In front of the error I saw a lot of calls to iptables-save. I guess iptables-restore is called to fast after the last iptables-save (appr. 15ms later).
[...]
2011-02-21 07:58:11,340 INFO nova.root [-] new_filter: # Generated by iptables-save v1.4.6 on Mon Feb 21 07:58:11 2011
[...]
2011-02-21 08:10:17,011 INFO nova.root [-] new_filter: # Generated by iptables-save v1.4.6 on Mon Feb 21 08:10:16 2011
[...]
2011-02-21 08:10:17,623 INFO nova.root [-] new_filter: # Generated by iptables-save v1.4.6 on Mon Feb 21 08:10:17 2011
[...]
2011-02-21 08:10:19,403 INFO nova.root [-] new_filter: # Generated by iptables-save v1.4.6 on Mon Feb 21 08:10:18 2011
[...]
2011-02-21 08:10:19,868 INFO nova.root [-] new_filter: # Generated by iptables-save v1.4.6 on Mon Feb 21 08:10:18 2011
[...]
2011-02-21 08:10:20,339 INFO nova.root [-] new_filter: # Generated by iptables-save v1.4.6 on Mon Feb 21 08:10:18 2011
2011-02-21 08:10:20,354 ERROR nova.exception [-] Uncaught exception
(nova.exception): TRACE: Traceback (most recent call last):
(nova.exception): TRACE: File "/usr/lib64/
(nova.exception): TRACE: return f(*args, **kw)
(nova.exception): TRACE: File "/usr/lib64/
(nova.exception): TRACE: self.firewall_
(nova.exception): TRACE: File "/usr/lib64/
(nova.exception): TRACE: self.apply_
(nova.exception): TRACE: File "/usr/lib64/
(nova.exception): TRACE: process_
(nova.exception): TRACE: File "/usr/lib64/
(nova.exception): TRACE: cmd=cmd)
(nova.exception): TRACE: ProcessExecutio
(nova.exception): TRACE: Command: sudo iptables-restore
(nova.exception): TRACE: Exit code: 1
(nova.exception): TRACE: Stdout: ''
(nova.exception): TRACE: Stderr: 'iptables-restore: line 63 failed\n'
(nova.exception): TRACE:
2011-02-21 08:10:20,403 ERROR nova.compute.
(nova.compute.
(nova.compute.
(nova.compute.
(nova.compute.
(nova.compute.
(nova.compute.
(nova.compute.
(nova.compute.
(nova.compute.
(nova.compute.
(nova.compute.
INSTANCE i-0000002a ami-2a1izx00 192.168.3.10 192.168.3.10 failed to spawn testing (testing, ares) 6 m1.tiny 2011-02-21 07:10:16 nova
Related branches
- justinsb (community): Approve
- Todd Willey (community): Approve
- Vish Ishaya (community): Approve
- Christian Berendt (community): Approve
- Rick Harris: Pending requested
-
Diff: 1192 lines (+672/-291)5 files modifiednova/network/linux_net.py (+349/-119)
nova/tests/test_network.py (+142/-0)
nova/tests/test_virt.py (+36/-18)
nova/utils.py (+36/-26)
nova/virt/libvirt_conn.py (+109/-128)
summary: |
- iptables-restored failed + iptables-restore failed |
Changed in nova: | |
status: | Triaged → In Progress |
Changed in nova: | |
status: | In Progress → Fix Committed |
Changed in nova: | |
milestone: | none → 2011.2 |
status: | Fix Committed → Fix Released |
Thanks for the bug report. I'm reworking our iptables handing to address this exact issue. I expect to finish this today.