Neutron-metering-agent failed to get traffic counters when xtables is locked

Bug #1528868 reported by Sergey Belous on 2015-12-23
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Low
Sergey Belous

Bug Description

In some cases, if we try to show iptables on router namespace manualy, where exist some rules created by meter-agent, we can see the following traces in meter-agent logs:

2015-12-17 08:49:14.709 ERROR neutron.agent.linux.utils [-] Exit code: 4; Stdin: ; Stdout: ; Stderr: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?

2015-12-17 08:49:14.710 ERROR neutron.services.metering.drivers.iptables.iptables_driver [-] Failed to get traffic counters, router: {u'status': u'ACTIVE', u'name': u'router1', u'gw_port_id': u'00e8ce89-0ebe-4e8a-b1ca-c2993210a8db', u'admin_state_up': True, u'tenant_id': u'f8267bb3db654ca2a26a07d9757ec280', u'_metering_labels': [{u'rules': [{u'remote_ip_prefix': u'0.0.0.0/0', u'direction': u'egress', u'metering_label_id': u'ef4f1dab-cafe-4058-aa6a-85a79a10c67e', u'id': u'986d6cfe-719b-43a7-96d1-79e97eb93567', u'excluded': False}], u'id': u'ef4f1dab-cafe-4058-aa6a-85a79a10c67e'}], u'id': u'8aef2cba-45b1-42f3-b7a4-8ea992d6cded'}
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver Traceback (most recent call last):
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver File "/opt/stack/neutron/neutron/services/metering/drivers/iptables/iptables_driver.py", line 354, in get_traffic_counters
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver chain, wrap=False, zero=True)
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver File "/opt/stack/neutron/neutron/agent/linux/iptables_manager.py", line 661, in get_traffic_counters
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver current_table = self.execute(args, run_as_root=True)
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver File "/opt/stack/neutron/neutron/agent/linux/utils.py", line 140, in execute
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver raise RuntimeError(msg)
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver RuntimeError: Exit code: 4; Stdin: ; Stdout: ; Stderr: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver
2015-12-17 08:49:14.710 TRACE neutron.services.metering.drivers.iptables.iptables_driver

Steps to reproduce:
1. Create neutron-meter-label
2. Find router's namespace, where rules added by meter-agent
3. run:
sudo watch -n 1 ip net e %namespace-name% iptables -L -v -x -n
4. See logs of meter-agent

Sergey Belous (sbelous) on 2015-12-23
Changed in neutron:
assignee: nobody → Sergey Belous (sbelous)
guiyanxing (guiyanxing) wrote :

 I can't reproduce it in devstack enviroment.

Fix proposed to branch: master
Review: https://review.openstack.org/306452

Changed in neutron:
status: New → In Progress
Changed in neutron:
importance: Undecided → Low

Change abandoned by Sergey Belous (<email address hidden>) on branch: master
Review: https://review.openstack.org/306452
Reason: This fix works only for post-2014 versions of iptables.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers