kolla-ansible

Neutron OVN Metadata agent fails on kolla redeploy/reconfigure with podman

Bug #2060840 reported by Caleb Sjostedt
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
kolla-ansible
New
Undecided
Unassigned

Bug Description

When running OVN using podman as the container engine, the metadata service will fail to bind to netns on compute nodes running the metadata service after a kolla deploy/reconfigure of neutron. This happens if the /var/run/netns directory is not empty.

How to reproduce:
1. Deploy openstack with podman as the container engine, ovn as the network, and ``neutron_ovn_distributed_fip`` turned on
2. After the initial deploy, run deploy/reconfigure again and the metadata service on compute nodes should stop responding.

Environment
OS: Ubuntu 22.04 LTS
Kernel: 5.15.0-92-generic
Podman version: 3.4.4
Kolla Ansible version: stable/2023.2
Image source: Official Kolla images

Relevant globals vars:
```globals.yml

neutron_plugin_agent: "ovn"
enable_neutron_dvr: "yes"
enable_neutron_agent_ha: "yes"
enable_neutron_provider_networks: "yes"
enable_neutron_trunk: "yes"
enable_neutron_port_forwarding: "yes"
enable_nova_ssh: "yes"

##############################
# Neutron - networking options
##############################
# Enable distributed floating ip for OVN deployments
neutron_ovn_distributed_fip: "yes"

# Enable DHCP agent(s) to use with OVN
neutron_ovn_dhcp_agent: "yes"
```

Podman container log:
```
Mar 05 06:03:28 compute-1c podman[1526183]: 2024-03-05 06:03:28.531860924 +0000 UTC m=+0.081029044 container exec 798503ec5e3d95875bce00881ed63ad1eea348bcf61601438a5c3815
4d16e1e0 (image=quay.io/openstack.kolla/neutron-metadata-agent:2023.2-ubuntu-jammy, name=neutron_ovn_metadata_agent, org.opencontainers.image.version=22.04, build-date=20
240227, kolla_version=17.2.1, maintainer=Kolla Project (https://launchpad.net/kolla), name=neutron-metadata-agent, org.opencontainers.image.ref.name=ubuntu)
Mar 05 06:03:28 compute-1c conmon[1526172]: ++ . /usr/local/bin/kolla_neutron_extend_start
Mar 05 06:03:28 compute-1c conmon[1526172]: + echo 'Running command: '\''neutron-ovn-metadata-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/neu
tron_ovn_metadata_agent.ini'\'''
Mar 05 06:03:28 compute-1c podman[1526118]: ++ . /usr/local/bin/kolla_neutron_extend_start
Mar 05 06:03:28 compute-1c podman[1526118]: + echo 'Running command: '\''neutron-ovn-metadata-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/neu
tron_ovn_metadata_agent.ini'\'''
Mar 05 06:03:28 compute-1c podman[1526118]: Running command: 'neutron-ovn-metadata-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/neutron_ovn_me
tadata_agent.ini'
Mar 05 06:03:28 compute-1c podman[1526118]: + exec neutron-ovn-metadata-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/neutron_ovn_metadata_agen
t.ini
Mar 05 06:03:28 compute-1c conmon[1526172]: Running command: 'neutron-ovn-metadata-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/neutron_ovn_me
tadata_agent.ini'
Mar 05 06:03:28 compute-1c conmon[1526172]: + exec neutron-ovn-metadata-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/neutron_ovn_metadata_agen
t.ini
Mar 05 06:03:28 compute-1c podman[1526183]: 2024-03-05 06:03:28.573008493 +0000 UTC m=+0.122176633 container exec_died 798503ec5e3d95875bce00881ed63ad1eea348bcf61601438a5
c38154d16e1e0 (image=quay.io/openstack.kolla/neutron-metadata-agent:2023.2-ubuntu-jammy, name=neutron_ovn_metadata_agent, execID=e9a37a8cb7c70562e905b715df87a343091cce911
14f190ef39226fc6f7e2bde)
Mar 05 06:03:28 compute-1c podman[1526183]: unhealthy
Mar 05 06:03:28 compute-1c systemd[1]: 798503ec5e3d95875bce00881ed63ad1eea348bcf61601438a5c38154d16e1e0.service: Main process exited, code=exited, status=1/FAILURE
Mar 05 06:03:28 compute-1c systemd[1]: 798503ec5e3d95875bce00881ed63ad1eea348bcf61601438a5c38154d16e1e0.service: Failed with result 'exit-code'.
```

Revision history for this message
Caleb Sjostedt (gr4ytech) wrote :
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.