neutron

DVR: Migrate centralized unbound floatingip to the respective host when the port is bound

Bug #1718788 reported by Swaminathan Vasudevan
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
neutron
Fix Released
High
Swaminathan Vasudevan

Bug Description

When unbound ports are associated with floatingIP in DVR, it implements the floatingIP in the dvr_snat node under the snat_namespace.
When the private ports are bound to a specific host, the floatingIPs are not moved or migrated to their respective hosts.

This can be reproduced by
1. Create a network
2. Create a subnet
3. Create a router and associate the subnet to the router
4. Assign a gateway to the router.
5. Then create a port on the given network with a specific IP.
6. Now create a FloatingIP on the external network.
7. Associate the FloatingIP to the created port.
8. At this point the port is not bound and so the floatingIP gets implemented in the Snat_namespace in the dvr_snat node.
9. Then within a few seconds, we create a VM with the given port-id instead of network-id.
10. Now when the VM is built then the port gets bound.
11. Now the floatingIP is not seen on the host where the VM resides.

Theoretically the FloatingIP should be migrated to the host where it is currently bound.

Swaminathan Vasudevan (swaminathan-vasudevan)
Changed in neutron:
status: New → Confirmed
assignee: nobody → Swaminathan Vasudevan (swaminathan-vasudevan)
OpenStack Infra (hudson-openstack)
Changed in neutron:
status: Confirmed → In Progress
Revision history for this message
Swaminathan Vasudevan (swaminathan-vasudevan) wrote :

https://review.openstack.org/#/c/505324/ In progress.

Changed in neutron:
importance: Undecided → High
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/505324
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=27fcf86bcbf4a66f52385f0efea956f13c38d7b2
Submitter: Jenkins
Branch: master

commit 27fcf86bcbf4a66f52385f0efea956f13c38d7b2
Author: Swaminathan Vasudevan <email address hidden>
Date: Tue Sep 19 06:54:14 2017 -0700

    DVR: Fix unbound fip port migration to bound port

    With the current change in allowing the unbound fip
    to be associated with the snat node, we are seeing
    that all floating IPs that are associated with an
    unbound port are created at the snat node.
    This is also applicable for floating IPs that are
    created just before associating the port to a VM.
    We have seen such scenarios in the test cases.

    This is the right behavior as per design. But when
    the port is bound to a host, the floating IP should
    be migrated to the respective host.

    This patch fixes the issue by sending notification to
    the respective node, when the port is bound and also
    clear the fip from the snat node.

    Closes-Bug: #1718788
    Change-Id: I6b1f3ffc3c3336035632f6a82d3a87b3be57b403

Changed in neutron:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/pike)

Fix proposed to branch: stable/pike
Review: https://review.openstack.org/513816

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 12.0.0.0b1

This issue was fixed in the openstack/neutron 12.0.0.0b1 development milestone.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/pike)

Reviewed: https://review.openstack.org/513816
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=c3f395db6705c1054a16fc0f730f59446a4229f8
Submitter: Zuul
Branch: stable/pike

commit c3f395db6705c1054a16fc0f730f59446a4229f8
Author: Swaminathan Vasudevan <email address hidden>
Date: Tue Sep 19 06:54:14 2017 -0700

    DVR: Fix unbound fip port migration to bound port

    With the current change in allowing the unbound fip
    to be associated with the snat node, we are seeing
    that all floating IPs that are associated with an
    unbound port are created at the snat node.
    This is also applicable for floating IPs that are
    created just before associating the port to a VM.
    We have seen such scenarios in the test cases.

    This is the right behavior as per design. But when
    the port is bound to a host, the floating IP should
    be migrated to the respective host.

    This patch fixes the issue by sending notification to
    the respective node, when the port is bound and also
    clear the fip from the snat node.

    Closes-Bug: #1718788
    Change-Id: I6b1f3ffc3c3336035632f6a82d3a87b3be57b403
    (cherry picked from commit 27fcf86bcbf4a66f52385f0efea956f13c38d7b2)

tags: added: in-stable-pike
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 11.0.2

This issue was fixed in the openstack/neutron 11.0.2 release.

Ihar Hrachyshka (ihar-hrachyshka)
tags: added: neutron-proactive-backport-potential
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.