DragonFlow

sg test bug 2

Bug #1568506 reported by Yuli
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
DragonFlow
Fix Released
High
Yuli

Bug Description

Hello

I am testig code on one a single box instlllation.
I have created one custom security group rule.

The code works incorrectly. it isd not able to add custom fw rules.
I am getting the following message:

Only one security group is loaded:
df-controller.log:2016-04-10 15:18:48.482 INFO dragonflow.controller.sg_app [-] allocate a number 0 to the security group 38d494d1-f2bb-43bc-b8b9-76cf18cd06e7

shlomo@ubuntu:~/devstack$ neutron security-group-list
+--------------------------------------+---------+----------------------------------------------------------------------+
| id | name | security_group_rules |
+--------------------------------------+---------+----------------------------------------------------------------------+
| 22f6823b-c877-46d0-89f3-6989d1e448ad | sg1 | egress, IPv4 |
| | | egress, IPv6 |
| | | ingress, IPv4, 111/tcp, remote_ip_prefix: 0.0.0.0/0 |
| | | ingress, IPv4, 22/tcp, remote_ip_prefix: 0.0.0.0/0 |
| | | ingress, IPv4, 80/tcp, remote_ip_prefix: 0.0.0.0/0 |
| 38d494d1-f2bb-43bc-b8b9-76cf18cd06e7 | default | egress, IPv4 |
| | | egress, IPv6 |
| | | ingress, IPv4, remote_group_id: 38d494d1-f2bb-43bc-b8b9-76cf18cd06e7 |
| | | ingress, IPv6, remote_group_id: 38d494d1-f2bb-43bc-b8b9-76cf18cd06e7 |
| 434a169b-8715-4e56-bdcd-8f3c84b77383 | default | egress, IPv4 |
| | | egress, IPv6 |
| | | ingress, IPv4, remote_group_id: 434a169b-8715-4e56-bdcd-8f3c84b77383 |
| | | ingress, IPv6, remote_group_id: 434a169b-8715-4e56-bdcd-8f3c84b77383 |
| a5938e6f-1bbf-40fe-99aa-079244fdde1c | default | egress, IPv4 |
| | | egress, IPv6 |
| | | ingress, IPv4, remote_group_id: a5938e6f-1bbf-40fe-99aa-079244fdde1c |
| | | ingress, IPv6, remote_group_id: a5938e6f-1bbf-40fe-99aa-079244fdde1c |
+--------------------------------------+---------+----------------------------------------------------------------------+

2016-04-10 15:21:28.079 INFO dragonflow.controller.sg_app [-] this security group 22f6823b-c877-46d0-89f3-6989d1e448ad wasn't associated with a local port
2016-04-10 15:21:28.079 INFO dragonflow.controller.sg_app [-] this security group 22f6823b-c877-46d0-89f3-6989d1e448ad wasn't associated with a local port
2016-04-10 15:21:28.080 INFO dragonflow.controller.sg_app [-] this security group 22f6823b-c877-46d0-89f3-6989d1e448ad wasn't associated with a local port
2016-04-10 15:21:28.082 INFO dragonflow.controller.sg_app [-] this security group a5938e6f-1bbf-40fe-99aa-079244fdde1c wasn't associated with a local port
2016-04-10 15:21:28.082 INFO dragonflow.controller.sg_app [-] this security group a5938e6f-1bbf-40fe-99aa-079244fdde1c wasn't associated with a local port
2016-04-10 15:21:28.083 INFO dragonflow.controller.sg_app [-] this security group a5938e6f-1bbf-40fe-99aa-079244fdde1c wasn't associated with a local port
2016-04-10 15:21:28.084 INFO dragonflow.controller.sg_app [-] this security group a5938e6f-1bbf-40fe-99aa-079244fdde1c wasn't associated with a local port
2016-04-10 15:21:28.084 INFO dragonflow.controller.sg_app [-] this security group 38d494d1-f2bb-43bc-b8b9-76cf18cd06e7 wasn't associated with a local port
2016-04-10 15:21:28.085 INFO dragonflow.controller.sg_app [-] this security group 38d494d1-f2bb-43bc-b8b9-76cf18cd06e7 wasn't associated with a local port
2016-04-10 15:21:28.086 INFO dragonflow.controller.sg_app [-] this security group 38d494d1-f2bb-43bc-b8b9-76cf18cd06e7 wasn't associated with a local port
2016-04-10 15:21:28.087 INFO dragonflow.controller.sg_app [-] this security group 38d494d1-f2bb-43bc-b8b9-76cf18cd06e7 wasn't associated with a local port
2016-04-10 15:22:58.702 INFO dragonflow.controller.sg_app [-] this security group 22f6823b-c877-46d0-89f3-6989d1e448ad wasn't associated with a local port

Revision history for this message
Yuli (stremovsky) wrote :

2016-04-10 15:22:58.702 INFO dragonflow.controller.df_local_controller [-] Adding new secgroup rule = {u'remote_group_id': None, u'direction': u'ingress', u'protocol': u'tcp', u'description': u'', u'ethertype': u'IPv4', u'remote_ip_prefix': u'0.0.0.0/0', u'port_range_max': 111, u'security_group_id': u'22f6823b-c877-46d0-89f3-6989d1e448ad', u'port_range_min': 111, u'tenant_id': u'9c7a73c51a1f49e3a91a3c5d281d182e', u'id': u'b1fafaad-2fe2-4c07-bbaa-548efc90323d'}
2016-04-10 15:22:58.702 INFO dragonflow.controller.sg_app [-] add a rule b1fafaad-2fe2-4c07-bbaa-548efc90323d to security group 22f6823b-c877-46d0-89f3-6989d1e448ad
2016-04-10 15:22:58.702 INFO dragonflow.controller.sg_app [-] this security group 22f6823b-c877-46d0-89f3-6989d1e448ad wasn't associated with a local port

Revision history for this message
Yuli (stremovsky) wrote :
Download full text (4.1 KiB)

2016-04-10 16:23:43.799 INFO dragonflow.controller.topology [-] Adding new local Logical Port = {u'parent_name': None, u'macs': [u'fa:16:3e:6a:c9:79'], u'name': u'9b9ebcc2-aa7f-4271-81e1-167b2f3e4569', u'chassis': u'ubuntu', u'lswitch': u'1423cf56-4287-465d-ad62-4cc405327a5a', u'enabled': True, u'topic': u'9c7a73c51a1f49e3a91a3c5d281d182e', u'ips': [u'10.0.0.4', u'fd2e:8916:d8c2:0:f816:3eff:fe6a:c979'], u'device_owner': u'compute:nova', u'port_security': [u'fa:16:3e:6a:c9:79'], u'sgids': [u'38d494d1-f2bb-43bc-b8b9-76cf18cd06e7'], u'tunnel_key': 104, u'external_ids': {u'neutron:port_name': u''}, u'tag': None}{'ofport': 43, 'is_local': True, 'local_network_id': 1}
2016-04-10 16:23:43.799 ERROR dragonflow.controller.topology [-] App failed to process vm port online event {u'parent_name': None, u'macs': [u'fa:16:3e:6a:c9:79'], u'name': u'9b9ebcc2-aa7f-4271-81e1-167b2f3e4569', u'chassis': u'ubuntu', u'lswitch': u'1423cf56-4287-465d-ad62-4cc405327a5a', u'enabled': True, u'topic': u'9c7a73c51a1f49e3a91a3c5d281d182e', u'ips': [u'10.0.0.4', u'fd2e:8916:d8c2:0:f816:3eff:fe6a:c979'], u'device_owner': u'compute:nova', u'port_security': [u'fa:16:3e:6a:c9:79'], u'sgids': [u'38d494d1-f2bb-43bc-b8b9-76cf18cd06e7'], u'tunnel_key': 104, u'external_ids': {u'neutron:port_name': u''}, u'tag': None}{'ofport': 43, 'is_local': True, 'local_network_id': 1}
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology Traceback (most recent call last):
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology File "/opt/stack/dragonflow/dragonflow/controller/topology.py", line 156, in _vm_port_updated
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology self.controller.logical_port_updated(lport)
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology File "/opt/stack/dragonflow/dragonflow/controller/df_local_controller.py", line 189, in logical_port_updated
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology self.vswitch_api.get_local_ports_to_ofport_mapping())
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology File "/opt/stack/dragonflow/dragonflow/db/drivers/ovsdb_vswitch_impl.py", line 212, in get_local_ports_to_ofport_mapping
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology br_int = idlutils.row_by_value(self.idl, 'Bridge', 'name', 'br-int')
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology File "/opt/stack/neutron/neutron/agent/ovsdb/native/idlutils.py", line 60, in row_by_value
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology raise RowNotFound(table=table, col=column, match=match)
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology RowNotFound: Cannot find Bridge with name=br-int
2016-04-10 16:23:43.799 TRACE dragonflow.controller.topology
2016-04-10 16:23:47.781 DEBUG ryu.controller.controller [-] Datapath in process of terminating; send() to ('10.100.100.8', 47443) discarded. from (pid=10522) send /usr/local/lib/python2.7/dist-packages/ryu/controller/controller.py:277
2016-04-10 16:23:49.714 DEBUG ryu.controller.controller [-] connected socket:<eventlet.greenio.base.GreenSocket object at 0x7f97baa7d750> address:('10.100.100.8', 53922) from (pid=10522) datapa...

Read more...

Revision history for this message
Yuli (stremovsky) wrote :

  /opt/stack/dragonflow/dragonflow/controller/dispatcher.py(43)dispatch()
     41 handler = getattr(app, method, None)
     42 if handler is not None:
---> 43 handler(*args, **kwargs)

  /opt/stack/dragonflow/dragonflow/controller/l2_app.py(81)switch_features_handler()
     80
---> 81 self._install_flows_on_switch_up()
     82

  /opt/stack/dragonflow/dragonflow/controller/l2_app.py(501)_install_flows_on_switch_up()
    499 self.add_local_port(port)
    500 else:
--> 501 self.add_remote_port(port)

> /opt/stack/dragonflow/dragonflow/controller/l2_app.py(474)add_remote_port()
    473 # Egress classifier for port
--> 474 match = parser.OFPMatch(reg7=tunnel_key)
    475 actions = []

ipdb>

Revision history for this message
Yuli (stremovsky) wrote :

        for port in self.db_store.get_ports():
            if port.get_external_value('is_local'):
                self.add_local_port(port)
            else:
                self.add_remote_port(port)

I have no ports with is_local field

Revision history for this message
Yuli (stremovsky) wrote :

df-controller.log:2016-04-10 15:35:18.507 INFO dragonflow.controller.df_local_controller [-] Logical Local Port {u'parent_name': None, u'macs': [u'fa:16:3e:6e:c3:f8'], u'name': u'507e8272-507d-430c-8a7d-d985fe29c7ff', u'chassis': u'ubuntu', u'lswitch': u'1423cf56-4287-465d-ad62-4cc405327a5a', u'enabled': True, u'topic': u'9c7a73c51a1f49e3a91a3c5d281d182e', u'ips': [u'10.0.0.1'], u'device_owner': u'network:router_interface', u'port_security': [u'fa:16:3e:6e:c3:f8'], u'sgids': None, u'tunnel_key': 7, u'external_ids': {u'neutron:port_name': u''}, u'tag': None, u'security_groups': None}{'local_network_id': 1} was not created yet
df-controller.log:2016-04-10 16:18:24.633 INFO dragonflow.controller.df_local_controller [-] Logical Local Port {u'parent_name': None, u'macs': [u'fa:16:3e:88:2f:a3'], u'name': u'4318e1dc-be5e-44d3-97f6-89fc182174ba', u'chassis': u'ubuntu', u'lswitch': u'1423cf56-4287-465d-ad62-4cc405327a5a', u'enabled': True, u'topic': u'9c7a73c51a1f49e3a91a3c5d281d182e', u'ips': [u'fd2e:8916:d8c2::1'], u'device_owner': u'network:router_interface', u'port_security': [u'fa:16:3e:88:2f:a3'], u'sgids': None, u'tunnel_key': 5, u'external_ids': {u'neutron:port_name': u''}, u'tag': None, u'security_groups': None}{'local_network_id': 1} was not created yet

Yuli (stremovsky)
Changed in dragonflow:
importance: Undecided → High
Yuli (stremovsky)
Changed in dragonflow:
assignee: nobody → Omer Anson (omer-anson)
Omer Anson (omer-anson)
Changed in dragonflow:
assignee: Omer Anson (omer-anson) → Yuli (stremovsky)
OpenStack Infra (hudson-openstack)
Changed in dragonflow:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to dragonflow (master)

Reviewed: https://review.openstack.org/304152
Committed: https://git.openstack.org/cgit/openstack/dragonflow/commit/?id=9462a440d01d1c23f9e51f6271804178f248c36a
Submitter: Jenkins
Branch: master

commit 9462a440d01d1c23f9e51f6271804178f248c36a
Author: Yuli <email address hidden>
Date: Mon Apr 11 17:07:52 2016 +0300

    Fix empty ofport value

    Closes-bug: #1568506
    Change-Id: I98a10950c9d91bfe6c033d52fdcb66e29301dee5

Changed in dragonflow:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.