midonet doesn't delete update dnsmasq when `router-gateway-set` with incompatible network fails
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
networking-midonet |
Opinion
|
Low
|
Unassigned |
Bug Description
We are facing an issue where a user can attempt to attach an incompatible (external provider) network to a router, which returns an error to the client, but doesn't clean up the IP entry in neutron-
Steps:
1. `neutron router-create test-break`
2. `neutron router-gateway-set test-break public` where public is an external provider network, not a floating IP network
3. neutron will return
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Bad router request: Incompatible network.
4. check dnsmaq host file, you will see the IP that was supposed to be assigned to the router port in it.
5. Spin up some VMs. if the VM gets the IP address in [4], neutron-dhcp-agent will throw an error
2018-01-
VMs which gets assigned this IP will not be usable. This bug can result in a user exhausting our IPs very quickly.
Restart neutron-dhcp-agent will clear up the entries. However, it'll be good if midonet can remove the IP from neutron-dhcp-agent?
Changed in networking-midonet: | |
status: | Expired → New |
wrt the "Incompatible network" error, i guess your "public" network doesn't have "midonet" provider network type. is it the case?
usually you don't need neutron-dhcp-agent in a neutron+midonet deployment.
do you have some special requirements which needs the agent?
due to the surrounding transaction we have in update_router, we rollback the db while not undoing the side effects of create_port for the gw port. (like rpc for dhcp agents)
it would cause the inconsistency.
probably a real fix involves turning our l3 plugin into an l3 flavor. (bug 1643830)
an easy workaround would be to check the incompatibility check earlier.