neutron

Router may be removed from dvr_snat agent by accident

Bug #1524908 reported by Oleg Bondarev
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Medium
Oleg Bondarev

Bug Description

This popped up during https://review.openstack.org/#/c/238478
 - when dvr serviceable port is deleted/migrated, dvr callback checks if there are any more dvr serviceable ports on the host and if there are no - removes the router from the agent on that host
 - in case dhcp port is deleted/migrated this may lead to router being deleted from dvr_snat agent, which includes snat namespace deletion

Need to check agent mode and only remove router from dvr agents running on compute nodes in this case.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/255989

Changed in neutron:
status: New → In Progress
Revision history for this message
Swaminathan Vasudevan (swaminathan-vasudevan) wrote :

Category Low.

tags: added: liberty-backport-potential
Revision history for this message
Carl Baldwin (carl-baldwin) wrote :

Another problem that wouldn't have happened if we didn't explicitly bind routers to compute hosts.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/255989
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=521e1c9face737a8d432be16ad63829aaf21384e
Submitter: Jenkins
Branch: master

commit 521e1c9face737a8d432be16ad63829aaf21384e
Author: Oleg Bondarev <email address hidden>
Date: Thu Dec 10 19:49:25 2015 +0300

    Do not remove router from dvr_snat agents on dvr port deletion

    When dvr serviceable port is deleted/migrated, dvr callback checks
    if there are any more dvr serviceable ports on the host and if
    there are no - removes the router from the agent on that host.
    To prevent snat namespace removal we need to check SNAT bindings
    and not remove router from l3 agent hosting SNAT.

    Closes-Bug: #1524908
    Change-Id: I8c76bccdf495702e4c550df2eadec93c63e32120

Changed in neutron:
status: In Progress → Fix Released
Oleg Bondarev (obondarev)
Changed in neutron:
importance: Undecided → Medium
Revision history for this message
Thierry Carrez (ttx) wrote : Fix included in openstack/neutron 8.0.0.0b3

This issue was fixed in the openstack/neutron 8.0.0.0b3 development milestone.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/liberty)

Fix proposed to branch: stable/liberty
Review: https://review.openstack.org/293777

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/liberty)

Reviewed: https://review.openstack.org/293777
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=3a22335834456d04e6f0b7fb296cb38a3eb4affb
Submitter: Jenkins
Branch: stable/liberty

commit 3a22335834456d04e6f0b7fb296cb38a3eb4affb
Author: Oleg Bondarev <email address hidden>
Date: Thu Dec 10 19:49:25 2015 +0300

    Do not remove router from dvr_snat agents on dvr port deletion

    When dvr serviceable port is deleted/migrated, dvr callback checks
    if there are any more dvr serviceable ports on the host and if
    there are no - removes the router from the agent on that host.
    To prevent snat namespace removal we need to check SNAT bindings
    and not remove router from l3 agent hosting SNAT.

    testcase test_dvr_deletens_if_no_ports_no_removeable_routers
    was removed because this change renders it invalid.

    See patch https://review.openstack.org/#/c/296851/

    Closes-Bug: #1524908
    Change-Id: I8c76bccdf495702e4c550df2eadec93c63e32120
    (cherry picked from commit 521e1c9face737a8d432be16ad63829aaf21384e)

tags: added: in-stable-liberty
Revision history for this message
Thierry Carrez (ttx) wrote : Fix included in openstack/neutron 7.1.0

This issue was fixed in the openstack/neutron 7.1.0 release.

Ihar Hrachyshka (ihar-hrachyshka)
tags: removed: liberty-backport-potential
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.