neutron

Floating IP QoS don't work in DVR router

Bug #1758316 reported by Slawek Kaplonski
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
High
LIU Yulong

Bug Description

It looks that QoS for FIP in DVR router doesn't work.
Scenario test is failing all the time with error like: http://logs.openstack.org/63/555263/3/check/neutron-tempest-plugin-dvr-multinode-scenario/e7c012f/logs/testr_results.html.gz

From what I found in job logs it looks that qos is applied in "snat-XXX" namespace on subnode-2:
http://logs.openstack.org/63/555263/3/check/neutron-tempest-plugin-dvr-multinode-scenario/e7c012f/logs/subnode-2/screen-q-l3.txt.gz#_Mar_23_09_20_07_420244

but transfer to VM is not limited as expected.

LIU Yulong (dragon889)
Changed in neutron:
assignee: nobody → LIU Yulong (dragon889)
Revision history for this message
LIU Yulong (dragon889) wrote :

After read the log from the `Bug Description`,
it seems that the floating IP never processed
in `dvr` node.

And also checked some other zuul logs, the
test nodes were all in `dvr_snat` mode.

Revision history for this message
LIU Yulong (dragon889) wrote :

I'm setting up a 5 node devstack environment to try to reproduce this.

Revision history for this message
LIU Yulong (dragon889) wrote :

After many logs rechecking, I think this is because the dvr and dvr_snat are both compute node:
https://github.com/openstack-infra/devstack-gate/blob/master/devstack-vm-gate.sh#L843

In the `Bug Description` LOG where the test vm was scheduled to the dvr_snat aka subnode-2:
http://logs.openstack.org/63/555263/3/check/neutron-tempest-plugin-dvr-multinode-scenario/e7c012f/logs/subnode-2/screen-n-cpu.txt.gz#_Mar_23_09_14_47_604613

That's why the tc rules were applied in "snat-namespace":
http://logs.openstack.org/63/555263/3/check/neutron-tempest-plugin-dvr-multinode-scenario/e7c012f/logs/subnode-2/screen-q-l3.txt.gz#_Mar_23_09_20_07_568567

DVR edge (or DVR edge ha) router will set the rules to snat-namespace:
https://github.com/openstack/neutron/blob/master/neutron/agent/l3/extensions/fip_qos.py#L223

I think, for dvr fip qos in such mixed deployment scenarios, we can install the rules again in the qrouter-namespce for dvr_snat node.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/558724

Changed in neutron:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/queens)

Fix proposed to branch: stable/queens
Review: https://review.openstack.org/566867

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/558724
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=35365ead42eec24027140d3cfd9dfeb40316e8d6
Submitter: Zuul
Branch: master

commit 35365ead42eec24027140d3cfd9dfeb40316e8d6
Author: LIU Yulong <email address hidden>
Date: Wed Apr 4 15:33:00 2018 +0800

    [L3][QoS] Cover mixed dvr_snat and compute node dvr router

    The dvr_snat node can also run the nova-compute which will
    make the fip_qos l3 agent extension failed to install the
    qos tc rules for the dvr router floating IPs.

    To cover such mixed deployment, the tc rules for floating IP
    qos will be processed again in qrouter-namespace of the
    dvr_snat node, and the device is rfp-device.

    Change-Id: I9eca25201e0647d4da77b325fba03cca1db5bb4d
    Closes-Bug: #1758316

Changed in neutron:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/queens)

Reviewed: https://review.openstack.org/566867
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=781b78285db5115e604ea7bfcab5435c5ff83063
Submitter: Zuul
Branch: stable/queens

commit 781b78285db5115e604ea7bfcab5435c5ff83063
Author: LIU Yulong <email address hidden>
Date: Wed Apr 4 15:33:00 2018 +0800

    [L3][QoS] Cover mixed dvr_snat and compute node dvr router

    The dvr_snat node can also run the nova-compute which will
    make the fip_qos l3 agent extension failed to install the
    qos tc rules for the dvr router floating IPs.

    To cover such mixed deployment, the tc rules for floating IP
    qos will be processed again in qrouter-namespace of the
    dvr_snat node, and the device is rfp-device.

    Conflicts:
        neutron/tests/functional/agent/l3/extensions/test_fip_qos_extension.py

    Change-Id: I9eca25201e0647d4da77b325fba03cca1db5bb4d
    Closes-Bug: #1758316
    (cherry picked from commit 35365ead42eec24027140d3cfd9dfeb40316e8d6)

tags: added: in-stable-queens
Bernard Cafarelli (bcafarel)
tags: added: neutron-proactive-backport-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 13.0.0.0b2

This issue was fixed in the openstack/neutron 13.0.0.0b2 development milestone.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 12.0.3

This issue was fixed in the openstack/neutron 12.0.3 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.