Fip agent port created on compute nodes with "dvr_no_external" mode

A few additional items please:
- Could you please include the relevant log snippets, such as neutron server and the agent so that we can see if there's anything obvious.
- What operating system and devstack branch are you using?

These items will help us with some initial triage before spending a good deal of time reproducing.

I have read neutron source code and have found the reason:
When assigning a fip to a VM, a callback for fip update event is invoked[1].
Then a fip agent port for the host bound to the fixed port is created as follows:
[1]->[2]->[3]
[1]https://github.com/openstack/neutron/blob/master/neutron/db/l3_dvr_db.py#L321
[2]https://github.com/openstack/neutron/blob/master/neutron/db/l3_dvr_db.py#L840
[3]https://github.com/openstack/neutron/blob/master/neutron/db/l3_dvr_db.py#L865

The details of the fip agent port is as follows:
+-----------------------+---------------------------------------------------------------------------------+
| Field | Value |
+-----------------------+---------------------------------------------------------------------------------+
| admin_state_up | True |
| allowed_address_pairs | |
| binding:host_id | shz-server87 |
| binding:profile | {} |
| binding:vif_details | {} |
| binding:vif_type | binding_failed |
| binding:vnic_type | normal |
| created_at | 2017-10-17T02:09:27Z |
| description | |
| device_id | f83bc76a-917d-457b-a472-c34610621454 |
| device_owner | network:floatingip_agent_gateway |
| extra_dhcp_opts | |
| fixed_ips | {"subnet_id": "5ba473f5-44e2-411c-80e6-c13d15b6b1cc", "ip_address": "9.9.9.15"} |
| id | 46a91872-d25b-4ccc-9d04-0b8c894ace67 |
| mac_address | fa:16:3e:93:36:28 |
| name | |
| network_id | af256bab-acbc-419c-bdcf-3ba6708da4af |
| port_security_enabled | False |
| project_id | |
| qos_policy_id | |
| revision_number | 4 |
| security_groups | ...

This looks related to https://bugs.launchpad.net/neutron/+bug/1723828 and not sure it's a bug as it is expected behavior by design.

I'm sorry, I must have read this wrong when looking at the related bug, we shouldn't be creating a fip port on the compute node in this case. Thanks for finding it.

Fix proposed to branch: master
Review: https://review.openstack.org/513878

Change abandoned by sunzuohua (<email address hidden>) on branch: master
Review: https://review.openstack.org/512937
Reason: Change the branch name to avoid misunderstanding

Reviewed: https://review.openstack.org/513878
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=d2e14524c9704a65622fcbfec1cf7b81a2178b27
Submitter: Zuul
Branch: master

commit d2e14524c9704a65622fcbfec1cf7b81a2178b27
Author: zhsun <email address hidden>
Date: Sat Oct 21 07:36:58 2017 +0800

    Do not create fip agent port for dvr_no_external node

    Change-Id: I6c108806aaf41ee12594d9b0909b1a301c394c64
    Closes-Bug: #1723891

Fix proposed to branch: stable/pike
Review: https://review.openstack.org/516225

Change abandoned by sunzuohua (<email address hidden>) on branch: stable/pike
Review: https://review.openstack.org/516225

This issue was fixed in the openstack/neutron 12.0.0.0b2 development milestone.

Why is the bug classified as High impact? It's not clear whether it affects any user scenario. I am lowering the priority to Medium for now.

Reviewed: https://review.openstack.org/516225
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=2791ea0134a0e17f1dc3fc479587855c16f9beb0
Submitter: Zuul
Branch: stable/pike

commit 2791ea0134a0e17f1dc3fc479587855c16f9beb0
Author: zhsun <email address hidden>
Date: Sat Oct 21 07:36:58 2017 +0800

    Do not create fip agent port for dvr_no_external node

    Change-Id: I6c108806aaf41ee12594d9b0909b1a301c394c64
    Closes-Bug: #1723891
    (cherry picked from commit d2e14524c9704a65622fcbfec1cf7b81a2178b27)

This issue was fixed in the openstack/neutron 11.0.3 release.