create/update_port failure resulting in Lock wait timeout

Bug #1371732 reported by Ed Bak
18
This bug affects 3 people
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Critical
Carl Baldwin

Bug Description

create_port can fail with a Lock wait timeout error.

The transaction performed in create_port/update_port makes a call to _process_port_bindings which then calls dvr_update_router_addvm. The notification made within dvr_update_router_addvm can hang. The transaction lock is held through the entire hang preventing other create_port threads from getting the lock and then timing out with a "Lock wait timeout."

2014-09-19 04:16:53.332 3391 TRACE neutron.api.v2.resource OperationalError: (OperationalError) (1205, 'Lock wait timeout exceeded; try restarting transaction') 'SELECT ipavailabilityranges.allocation_pool_id AS ipavailabilityranges_allocation_pool_id, ipavailabilityranges.first_ip AS ipavailabilityranges_first_ip, ipavailabilityranges.last_ip AS ipavailabilityranges_last_ip \nFROM ipavailabilityranges INNER JOIN ipallocationpools ON ipallocationpools.id = ipavailabilityranges.allocation_pool_id \nWHERE ipallocationpools.subnet_id = %s \n LIMIT %s FOR UPDATE' ('550ee3a3-6c4d-4a4a-b173-b7603e43356a', 1)

tags: added: l3-dvr-backlog
Changed in neutron:
importance: Undecided → Critical
Changed in neutron:
assignee: nobody → Carl Baldwin (carl-baldwin)
Changed in neutron:
milestone: none → juno-rc1
Revision history for this message
Carl Baldwin (carl-baldwin) wrote :

I put up this patch [1] to test the theory that removing the RPC call from the transaction will eliminate the lock wait timeout exceptions.

[1] https://review.openstack.org/#/c/122805/

Revision history for this message
Armando Migliaccio (armando-migliaccio) wrote :

We are looking at change: https://review.openstack.org/#/c/122785/ as a potential culprit, but we're still confirming the theory.

Changed in neutron:
status: New → Confirmed
Changed in neutron:
status: Confirmed → In Progress
summary: - create_port failure resulting in Lock wait timeout
+ create/update_port failure resulting in Lock wait timeout
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/122805
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=411836b5411411a6046043e0264aaa7b6f5760f0
Submitter: Jenkins
Branch: master

commit 411836b5411411a6046043e0264aaa7b6f5760f0
Author: Carl Baldwin <email address hidden>
Date: Fri Sep 19 17:37:17 2014 +0000

    Remove RPC notification from transaction in create/update port

    Removing notifications to the L3 agent from within the transaction in
    create_port and update_port eliminates many lock wait timeouts in the
    dvr check queue job and in scale testing locally.

    Since this patch leaves context unused in _process_port_binding, the
    argument is removed from the method.

    Closes-Bug: #1371732

    Change-Id: Ibd86611ad3e7eff085d769bdff777a5870f30c58

Changed in neutron:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in neutron:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in neutron:
milestone: juno-rc1 → 2014.2
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (feature/lbaasv2)

Fix proposed to branch: feature/lbaasv2
Review: https://review.openstack.org/130864

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (feature/lbaasv2)
Download full text (72.6 KiB)

Reviewed: https://review.openstack.org/130864
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=c089154a94e5872efc95eab33d3d0c9de8619fe4
Submitter: Jenkins
Branch: feature/lbaasv2

commit 62588957fbeccfb4f80eaa72bef2b86b6f08dcf8
Author: Kevin Benton <email address hidden>
Date: Wed Oct 22 13:04:03 2014 -0700

    Big Switch: Switch to TLSv1 in server manager

    Switch to TLSv1 for the connections to the backend
    controllers. The default SSLv3 is no longer considered
    secure.

    TLSv1 was chosen over .1 or .2 because the .1 and .2 weren't
    added until python 2.7.9 so TLSv1 is the only compatible option
    for py26.

    Closes-Bug: #1384487
    Change-Id: I68bd72fc4d90a102003d9ce48c47a4a6a3dd6e03

commit 17204e8f02fdad046dabdb8b31397289d72c877b
Author: OpenStack Proposal Bot <email address hidden>
Date: Wed Oct 22 06:20:15 2014 +0000

    Imported Translations from Transifex

    For more information about this automatic import see:
    https://wiki.openstack.org/wiki/Translations/Infrastructure

    Change-Id: I58db0476c810aa901463b07c42182eef0adb5114

commit d712663b99520e6d26269b0ca193527603178742
Author: Carl Baldwin <email address hidden>
Date: Mon Oct 20 21:48:42 2014 +0000

    Move disabling of metadata and ipv6_ra to _destroy_router_namespace

    I noticed that disable_ipv6_ra is called from the wrong place and that
    in some cases it was called with a bogus router_id because the code
    made an incorrect assumption about the context. In other case, it was
    never called because _destroy_router_namespace was being called
    directly. This patch moves the disabling of metadata and ipv6_ra in
    to _destroy_router_namespace to ensure they get called correctly and
    avoid duplication.

    Change-Id: Ia76a5ff4200df072b60481f2ee49286b78ece6c4
    Closes-Bug: #1383495

commit f82a5117f6f484a649eadff4b0e6be9a5a4d18bb
Author: OpenStack Proposal Bot <email address hidden>
Date: Tue Oct 21 12:11:19 2014 +0000

    Updated from global requirements

    Change-Id: Idcbd730f5c781d21ea75e7bfb15959c8f517980f

commit be6bd82d43fbcb8d1512d8eb5b7a106332364c31
Author: Angus Lees <email address hidden>
Date: Mon Aug 25 12:14:29 2014 +1000

    Remove duplicate import of constants module

    .. and enable corresponding pylint check now the only offending instance
    is fixed.

    Change-Id: I35a12ace46c872446b8c87d0aacce45e94d71bae

commit 9902400039018d77aa3034147cfb24ca4b2353f6
Author: rajeev <email address hidden>
Date: Mon Oct 13 16:25:36 2014 -0400

    Fix race condition on processing DVR floating IPs

    Fip namespace and agent gateway port can be shared by multiple dvr routers.
    This change uses a set as the control variable for these shared resources
    and ensures that Test and Set operation on the control variable are
    performed atomically so that race conditions do not occur among
    multiple threads processing floating IPs.
    Limitation: The scope of this change is limited to addressing the race
    condition described in the bug report. It may not address other issues
    such as pre-existing issue wit...

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.