When in a subordinate relation with neutron-gateway, breaks the latter
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron-openvswitch (Juju Charms Collection) |
Fix Released
|
Medium
|
James Page |
Bug Description
This is not so much actually a bug, but rather a design issue that makes it very easy for people to break something, with an innocent mistake, in a way that is rather difficult to recover from.
This charm is meant to be subordinate only to nova-compute, not to neutron-gateway. However, due to the way subordinate charms are wired, it is *possible* to build such a relationship with a simple
juju add-relation neutron-openvswitch neutron-gateway
When neutron-openvswitch thus becomes subordinate to neutron-gateway, the neutron-gateway node oscillates between having neutron-dhcp-agent, neutron-vpn-agent and neutron-
Needless to say, this puts the user in a world of pain. Pretty much all their networking will break, and there is no way to remove a subordinate charm relationship other than killing and redeploying the principal charm altogether. Since neutron-gateway is deployed to the bare metal, rather than a container, this means a physical re-installation, which even with MAAS can be painfully time-consuming. And until such a redeployment has completed, their cloud is largely non-functional.
I don't have a particularly good suggestion on how this could be addressed, other than perhaps teaching the principal charm a blacklist of charms it does *not* want as subordinates. Any other ideas?
Related branches
- Liam Young (community): Approve
-
Diff: 13 lines (+0/-3)1 file modifiedmetadata.yaml (+0/-3)
Changed in neutron-openvswitch (Juju Charms Collection): | |
status: | Triaged → In Progress |
assignee: | nobody → James Page (james-page) |
Changed in neutron-openvswitch (Juju Charms Collection): | |
status: | In Progress → Fix Committed |
tags: | added: openstack |
Changed in neutron-openvswitch (Juju Charms Collection): | |
status: | Fix Committed → Fix Released |
I think this might actually be quite trivial to resolve; the nova-compute integration uses a explicitly declared container scoped relation; the reason its possible to relate neutron-openvswitch to neutron-gateway is due to the additional:
requires:
container:
interface: juju-info
scope: container
relation declared which is superfluous - we should be able to drop this at which point:
$ juju add-relation neutron-openvswitch neutron-gateway
ERROR no relations found