Juniper Openstack

TempestOSP8,OSP10 Rhel7: neutron ports do not lists with router id as device id

  1. Series r3.2
  2. Bug #1509101
Bug #1509101 reported by Nagendra Prasath
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
R3.0.2.x
Won't Fix
Undecided
Unassigned
R3.0.3.x
Won't Fix
Undecided
Unassigned
R3.1
Won't Fix
Undecided
Unassigned
R3.2
Fix Committed
Medium
Édouard Thuleau
Juniper Openstack r3.2.5.0
R3.2.3.x
Won't Fix
Medium
Édouard Thuleau
R4.0
Fix Committed
Medium
Édouard Thuleau
Juniper Openstack r4.0.1.0 "r4.0.1.0"
Trunk
Fix Committed
Medium
Édouard Thuleau
Juniper Openstack r4.1.0.0-fcs "r4.1"

Bug Description

With a public subnet as a newly created router's gateway, the ports created are not listed when using router's ID as device ID. However when using uuid its lists them

Created Router:
[root@b4s10 temp(keystone_admin)]# neutron router-show router--73152947
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | False |
| contrail:fq_name | default-domain |
| | Private |
| | router--73152947 |
| external_gateway_info | {"network_id": "2873c503-4e70-4ba7-8a3e-892c13fa22d2", "enable_snat": true} |
| id | 51ec162c-e609-405b-9a43-16576a813646 |
| name | router--73152947 |
| status | ACTIVE |
| tenant_id | 13df8b8a797440fb95b93cc0053881ec |
+-----------------------+-----------------------------------------------------------------------------+
[root@b4s10 temp(keystone_admin)]#

Public Network:
[root@b4s10 temp(keystone_admin)]# neutron net-show private-cert-net2
+-------------------------+---------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------------+---------------------------------------------------------------------------------------------------------------+
| admin_state_up | True |
| contrail:fq_name | default-domain |
| | Private |
| | private-cert-net2 |
| contrail:instance_count | 0 |
| contrail:subnet_ipam | {"subnet_cidr": "12.1.1.0/24", "ipam_fq_name": ["default-domain", "default-project", "default-network-ipam"]} |
| id | 8ad85f22-1f6e-480d-a28c-f8314ca1a13b |
| name | private-cert-net2 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | d347ea57-176a-4517-83e6-80e0ae283b5b |
| tenant_id | 13df8b8a797440fb95b93cc0053881ec |
+-------------------------+---------------------------------------------------------------------------------------------------------------+
[root@b4s10 temp(keystone_admin)]#

Using router-id as device-id: (No ports are listed)
[root@b4s8 ~]# neutron port-list --device-id 51ec162c-e609-405b-9a43-16576a813646

[root@b4s8 ~]#

Lets try with UUID of the VM from refs:

Find port ID created in the router:

[root@b4s10 temp(keystone_admin)]# neutron port-list | grep 51ec162c-e609-405b-9a43-16576a813646
| 78f5d7b5-c12c-4a94-aa39-7bd6c4679d09 | default-domain__Private__si_51ec162c-e609-405b-9a43-16576a813646__2__right__1 | 02:39:6f:f9:28:39 | {"subnet_id": "0dbe35db-fc50-4687-850d-284603572fa9", "ip_address": "10.1.1.4"} |
| 345ae486-8120-41f4-b3df-f264c7ab1ebb | default-domain__Private__si_51ec162c-e609-405b-9a43-16576a813646__1__right__1 | 02:39:6f:f9:28:39 | {"subnet_id": "0dbe35db-fc50-4687-850d-284603572fa9", "ip_address": "10.1.1.4"} |
[root@b4s10 temp(keystone_admin)]#

Find UUID from Port-ID
[root@b4s8 ~]# #curl -uadmin:c0ntrail123 http://127.0.0.1:8095/virtual-machine-interface/345ae486-8120-41f4-b3df-f264c7ab1ebb | python -m json.tool

Using UUID of the SI for device-id:
[root@b4s8 ~]# neutron port-list --device-id 59907971-a9c6-406d-b886-5006339580d2
+--------------------------------------+-------------------------------------------------------------------------------+-------------------+-----------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+-------------------------------------------------------------------------------+-------------------+-----------------------------------------------------------------------------------+
| 345ae486-8120-41f4-b3df-f264c7ab1ebb | default-domain__Private__si_51ec162c-e609-405b-9a43-16576a813646__1__right__1 | 02:39:6f:f9:28:39 | {"subnet_id": "0dbe35db-fc50-4687-850d-284603572fa9", "ip_address": "10.1.1.4"} |
| e1e4f132-10d5-41da-9241-8d2764b08164 | default-domain__Private__si_51ec162c-e609-405b-9a43-16576a813646__1__left__2 | 02:b4:65:4a:a8:0b | {"subnet_id": "51ae65d1-4140-409b-8d2e-268e6d3a387d", "ip_address": "100.64.0.4"} |
+--------------------------------------+-------------------------------------------------------------------------------+-------------------+-----------------------------------------------------------------------------------+
[root@b4s8 ~]#

Revision history for this message
Nagendra Prasath (npchandran) wrote :

Duplicate of https://bugs.launchpad.net/juniperopenstack/+bug/1462678

information type: Proprietary → Public
Ashish Ranjan (aranjan-n)
tags: added: rhosp-tempest
Nagendra Prasath (npchandran)
tags: added: osp7-cert osp8-cert rhos-tempest
removed: rhosp-tempest
Nagendra Prasath (npchandran)
no longer affects: juniperopenstack/r3.0
shajuvk (shajuvk)
summary: - Tempest Rhel7: neutron ports do not lists with router id as device id
+ TempestOSP8,OSP10 Rhel7: neutron ports do not lists with router id as
+ device id
Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/33705
Submitter: ?douard Thuleau (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/33705
Committed: http://github.com/Juniper/contrail-controller/commit/b5d159ac23c6e3ee71b0eea22afb3afe267e86d5
Submitter: Zuul (<email address hidden>)
Branch: master

commit b5d159ac23c6e3ee71b0eea22afb3afe267e86d5
Author: Édouard Thuleau <email address hidden>
Date: Mon Jul 17 21:53:35 2017 +0200

[VNC OpenStack] Use first VMI of the first SI's VM as router gateway interface

Contrail model diverges strongly from the Neutron model regarding the
way router gateway is implemented. Contrail uses a service instance to
insert a SNAT service between private and public networks. And
instantiates two VM with VMIs on that networks.
That patch proposes to use the first right VMI of the first SI's VM as
Neutron port for a router's gateway interface. It also limits the
visibility of that router gateway interface to admin users as it's done
in Neutron [1].

[1] https://github.com/openstack/neutron/blob/master/neutron/db/l3_db.py#L350

Change-Id: Ic6141c6dce8e56f95c81c492bc2e59fadea67ced
Closes-Bug: #1509101

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R4.0

Review in progress for https://review.opencontrail.org/33931
Submitter: ?douard Thuleau (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.2

Review in progress for https://review.opencontrail.org/33932
Submitter: ?douard Thuleau (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/33931
Committed: http://github.com/Juniper/contrail-controller/commit/93d2acaeb2e2cc1e3c8ca1a1db8a30e58c7f8b32
Submitter: Zuul (<email address hidden>)
Branch: R4.0

commit 93d2acaeb2e2cc1e3c8ca1a1db8a30e58c7f8b32
Author: Édouard Thuleau <email address hidden>
Date: Mon Jul 17 21:53:35 2017 +0200

[VNC OpenStack] Use first VMI of the first SI's VM as router gateway interface

Contrail model diverges strongly from the Neutron model regarding the
way router gateway is implemented. Contrail uses a service instance to
insert a SNAT service between private and public networks. And
instantiates two VM with VMIs on that networks.
That patch proposes to use the first right VMI of the first SI's VM as
Neutron port for a router's gateway interface. It also limits the
visibility of that router gateway interface to admin users as it's done
in Neutron [1].

[1] https://github.com/openstack/neutron/blob/master/neutron/db/l3_db.py#L350

Change-Id: Ic6141c6dce8e56f95c81c492bc2e59fadea67ced
Closes-Bug: #1509101
(cherry picked from commit b5d159ac23c6e3ee71b0eea22afb3afe267e86d5)

Revision history for this message
Andrey Pavlov (apavlov-e) wrote :

R4.0 OSPD10, build CB-25 rhel7+newton

tempest.api.network.test_routers.RoutersIpV6Test.test_update_router_set_gateway ... FAILED
tempest.api.network.test_routers.RoutersTest.test_update_router_set_gateway ... FAILED

Traceback (most recent call last):
  File "tempest/api/network/test_routers.py", line 210, in test_update_router_set_gateway
    self._verify_gateway_port(router['id'])
  File "tempest/api/network/test_routers.py", line 189, in _verify_gateway_port
    self.assertEqual(len(list_body['ports']), 1)
  File "/usr/lib/python2.7/site-packages/testtools/testcase.py", line 350, in assertEqual
    self.assertThat(observed, matcher, message)
  File "/usr/lib/python2.7/site-packages/testtools/testcase.py", line 435, in assertThat
    raise mismatch_error
testtools.matchers._impl.MismatchError: 0 != 1

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R3.2

Review in progress for https://review.opencontrail.org/33932
Submitter: ?douard Thuleau (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/33932
Committed: http://github.com/Juniper/contrail-controller/commit/66058bf0cc73a0c4e2b121e4aa32cb1b7515b2bc
Submitter: Zuul (<email address hidden>)
Branch: R3.2

commit 66058bf0cc73a0c4e2b121e4aa32cb1b7515b2bc
Author: Édouard Thuleau <email address hidden>
Date: Mon Jul 17 21:53:35 2017 +0200

[VNC OpenStack] Use first VMI of the first SI's VM as router gateway interface

Contrail model diverges strongly from the Neutron model regarding the
way router gateway is implemented. Contrail uses a service instance to
insert a SNAT service between private and public networks. And
instantiates two VM with VMIs on that networks.
That patch proposes to use the first right VMI of the first SI's VM as
Neutron port for a router's gateway interface. It also limits the
visibility of that router gateway interface to admin users as it's done
in Neutron [1].

[1] https://github.com/openstack/neutron/blob/master/neutron/db/l3_db.py#L350

Change-Id: Ic6141c6dce8e56f95c81c492bc2e59fadea67ced
Closes-Bug: #1509101
(cherry picked from commit b5d159ac23c6e3ee71b0eea22afb3afe267e86d5)

Revision history for this message
Édouard Thuleau (ethuleau) wrote :

In Contrail, all the stuff (service instance, scheduling, virtual machines, virtual machine interfaces, network namespaces...) to implement neutron router gateway (SNAT) is not instantiate until the router have at least one interface on a private network.
As tempest tests only set the router gateway and the proposed patch above uses the first right VMI of the first SI's VM as neutron port for the router gateway, no port is returned and tests failed.

Revision history for this message
Sachin Bansal (sbansal) wrote :

Based on comment from Edouard, I think the problem reported in the bug description is fixed. That is, if there is SNAT instance created, we will list its port when filtered by device-id. However, we can/should create a separate bug to track the problem of not creating SNAT instance when there are no client interfaces attached to the router.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.