neutron

[OVN] "DHCP_Options" is not updated when the metadata port IPs are

Bug #1942794 reported by Rodolfo Alonso
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Medium
Rodolfo Alonso

Bug Description

In OVN, the DHCP server will inject into the VM the routes defined in "DHCP_Options" register. There is "DHCP_Option" per subnet with DHCP enabled.

The "DHCP_Options.options.classless_static_route" is a set of static routes defined in the root namespace of the VM. If the OVN metadata is enabled, a static route will be created to send traffic to the metadata IP "169.254.169.254/32", using the metadata port IP.

Currently, if the user manually changes this IP address (the metadata port should have only one IP address per subnet), this is not updated in the corresponding "DHCP_Option" register.

Related Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1994591

See original description
Rodolfo Alonso (rodolfo-alonso-hernandez)
Changed in neutron:
assignee: nobody → Rodolfo Alonso (rodolfo-alonso-hernandez)
importance: Undecided → Medium
description: updated
Lajos Katona (lajos-katona)
tags: added: ovn
Revision history for this message
Lajos Katona (lajos-katona) wrote :

To be sure I checked and with ovs we are Ok, so it seems that it is an OVN only issue (I have no environment for linuxbridge)

Rodolfo Alonso (rodolfo-alonso-hernandez)
summary: - "DHCP_Options" is not updated when the metadata port IPs are
+ [OVN] "DHCP_Options" is not updated when the metadata port IPs are
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/neutron/+/807692

Changed in neutron:
status: New → In Progress
Rodolfo Alonso (rodolfo-alonso-hernandez)
tags: added: dhcp
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/xena)

Fix proposed to branch: stable/xena
Review: https://review.opendev.org/c/openstack/neutron/+/813408

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/wallaby)

Fix proposed to branch: stable/wallaby
Review: https://review.opendev.org/c/openstack/neutron/+/813409

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/c/openstack/neutron/+/813410

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/c/openstack/neutron/+/813411

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/807692
Committed: https://opendev.org/openstack/neutron/commit/bd0ded15ca21161c0f20679477445f4e31128267
Submitter: "Zuul (22348)"
Branch: master

commit bd0ded15ca21161c0f20679477445f4e31128267
Author: Rodolfo Alonso Hernandez <email address hidden>
Date: Tue Sep 7 08:52:21 2021 +0000

    [OVN] Update the DHCP options when the metadata port is modified

    Always update the DHCP options when the metadata port is created,
    updated or deleted. If the metadata port IP addresses are updated,
    the DHCP options register should be too, modifying the static routes
    defined in "DHCP_Options.options.classless_static_route".

    These static routes will be injected in the VM in the DHCP request.
    The IP address of the metadata port should match with the static
    route redirecting the traffic to the metadata IP address
    "169.254.169.254/32":

      $ ip r
      default via 10.0.0.1 dev eth0
      10.0.0.0/28 dev eth0 scope link src 10.0.0.7
      169.254.169.254 via 10.0.0.2 dev eth0 # 10.0.0.2 is the metadata
                                             # port IP address

    Closes-Bug: #1942794
    Change-Id: Id5d4909caa521a899b97d83bdc1963b010e97dac

Changed in neutron:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/victoria)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/813410
Committed: https://opendev.org/openstack/neutron/commit/f4dd0b80ac166278239ed0c43e35dacfaea81d0b
Submitter: "Zuul (22348)"
Branch: stable/victoria

commit f4dd0b80ac166278239ed0c43e35dacfaea81d0b
Author: Rodolfo Alonso Hernandez <email address hidden>
Date: Tue Sep 7 08:52:21 2021 +0000

    [OVN] Update the DHCP options when the metadata port is modified

    Always update the DHCP options when the metadata port is created,
    updated or deleted. If the metadata port IP addresses are updated,
    the DHCP options register should be too, modifying the static routes
    defined in "DHCP_Options.options.classless_static_route".

    These static routes will be injected in the VM in the DHCP request.
    The IP address of the metadata port should match with the static
    route redirecting the traffic to the metadata IP address
    "169.254.169.254/32":

      $ ip r
      default via 10.0.0.1 dev eth0
      10.0.0.0/28 dev eth0 scope link src 10.0.0.7
      169.254.169.254 via 10.0.0.2 dev eth0 # 10.0.0.2 is the metadata
                                             # port IP address
    Conflicts:
          neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py
          neutron/tests/unit/fake_resources.py

    Closes-Bug: #1942794
    Change-Id: Id5d4909caa521a899b97d83bdc1963b010e97dac
    (cherry picked from commit bd0ded15ca21161c0f20679477445f4e31128267)
    (cherry picked from commit 7efce62b4fc5cbf512a8fe71366910e37b053614)

tags: added: in-stable-victoria
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/xena)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/813408
Committed: https://opendev.org/openstack/neutron/commit/45f070baa17d06fde1d2ee1b53539f35ca6a9d07
Submitter: "Zuul (22348)"
Branch: stable/xena

commit 45f070baa17d06fde1d2ee1b53539f35ca6a9d07
Author: Rodolfo Alonso Hernandez <email address hidden>
Date: Tue Sep 7 08:52:21 2021 +0000

    [OVN] Update the DHCP options when the metadata port is modified

    Always update the DHCP options when the metadata port is created,
    updated or deleted. If the metadata port IP addresses are updated,
    the DHCP options register should be too, modifying the static routes
    defined in "DHCP_Options.options.classless_static_route".

    These static routes will be injected in the VM in the DHCP request.
    The IP address of the metadata port should match with the static
    route redirecting the traffic to the metadata IP address
    "169.254.169.254/32":

      $ ip r
      default via 10.0.0.1 dev eth0
      10.0.0.0/28 dev eth0 scope link src 10.0.0.7
      169.254.169.254 via 10.0.0.2 dev eth0 # 10.0.0.2 is the metadata
                                             # port IP address

    Closes-Bug: #1942794
    Change-Id: Id5d4909caa521a899b97d83bdc1963b010e97dac
    (cherry picked from commit bd0ded15ca21161c0f20679477445f4e31128267)

tags: added: in-stable-xena
tags: added: in-stable-wallaby
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/wallaby)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/813409
Committed: https://opendev.org/openstack/neutron/commit/7efce62b4fc5cbf512a8fe71366910e37b053614
Submitter: "Zuul (22348)"
Branch: stable/wallaby

commit 7efce62b4fc5cbf512a8fe71366910e37b053614
Author: Rodolfo Alonso Hernandez <email address hidden>
Date: Tue Sep 7 08:52:21 2021 +0000

    [OVN] Update the DHCP options when the metadata port is modified

    Always update the DHCP options when the metadata port is created,
    updated or deleted. If the metadata port IP addresses are updated,
    the DHCP options register should be too, modifying the static routes
    defined in "DHCP_Options.options.classless_static_route".

    These static routes will be injected in the VM in the DHCP request.
    The IP address of the metadata port should match with the static
    route redirecting the traffic to the metadata IP address
    "169.254.169.254/32":

      $ ip r
      default via 10.0.0.1 dev eth0
      10.0.0.0/28 dev eth0 scope link src 10.0.0.7
      169.254.169.254 via 10.0.0.2 dev eth0 # 10.0.0.2 is the metadata
                                             # port IP address
    Conflicts:
          neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py
          neutron/tests/unit/fake_resources.py

    Closes-Bug: #1942794
    Change-Id: Id5d4909caa521a899b97d83bdc1963b010e97dac
    (cherry picked from commit bd0ded15ca21161c0f20679477445f4e31128267)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/ussuri)

Reviewed: https://review.opendev.org/c/openstack/neutron/+/813411
Committed: https://opendev.org/openstack/neutron/commit/8b7597ea9d9fae1191062afac30559014d080c29
Submitter: "Zuul (22348)"
Branch: stable/ussuri

commit 8b7597ea9d9fae1191062afac30559014d080c29
Author: Rodolfo Alonso Hernandez <email address hidden>
Date: Tue Sep 7 08:52:21 2021 +0000

    [OVN] Update the DHCP options when the metadata port is modified

    Always update the DHCP options when the metadata port is created,
    updated or deleted. If the metadata port IP addresses are updated,
    the DHCP options register should be too, modifying the static routes
    defined in "DHCP_Options.options.classless_static_route".

    These static routes will be injected in the VM in the DHCP request.
    The IP address of the metadata port should match with the static
    route redirecting the traffic to the metadata IP address
    "169.254.169.254/32":

      $ ip r
      default via 10.0.0.1 dev eth0
      10.0.0.0/28 dev eth0 scope link src 10.0.0.7
      169.254.169.254 via 10.0.0.2 dev eth0 # 10.0.0.2 is the metadata
                                             # port IP address
    Conflicts:
          neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py
          neutron/tests/functional/plugins/ml2/drivers/ovn/mech_driver/test_mech_driver.py
          neutron/tests/unit/fake_resources.py

    Closes-Bug: #1942794
    Change-Id: Id5d4909caa521a899b97d83bdc1963b010e97dac
    (cherry picked from commit bd0ded15ca21161c0f20679477445f4e31128267)
    (cherry picked from commit 7efce62b4fc5cbf512a8fe71366910e37b053614)
    (cherry picked from commit f4dd0b80ac166278239ed0c43e35dacfaea81d0b)

tags: added: in-stable-ussuri
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 16.4.2

This issue was fixed in the openstack/neutron 16.4.2 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 19.1.0

This issue was fixed in the openstack/neutron 19.1.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 17.3.0

This issue was fixed in the openstack/neutron 17.3.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 18.2.0

This issue was fixed in the openstack/neutron 18.2.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron-tempest-plugin (master)

Related fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/827827

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron-tempest-plugin (master)

Reviewed: https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/827827
Committed: https://opendev.org/openstack/neutron-tempest-plugin/commit/32a7fbeb0fd90f7efd1d3c2b94ada0bc5a2198dd
Submitter: "Zuul (22348)"
Branch: master

commit 32a7fbeb0fd90f7efd1d3c2b94ada0bc5a2198dd
Author: Eduardo Olivares <email address hidden>
Date: Fri Feb 4 10:22:42 2022 +0100

    Add test to verify DHCP port IP address modification

    When the IP address from a subnet DHCP port is changed, the route to the
    metadata provisioned for that port should be modified accordingly
    In case this route is not correctly updated, the server will not be
    able to obtain metadata information - hence, it will not get the
    ssh authorized keys

    This new test only applies to OVN

    Related-Bug: #1942794

    Change-Id: I76e75db469e2518ed90561430aa9c8c68846dae5

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 20.0.0.0rc1

This issue was fixed in the openstack/neutron 20.0.0.0rc1 release candidate.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/networking-ovn train-eol

This issue was fixed in the openstack/networking-ovn train-eol release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.