neutron

  1. Bug #1759971
  2. Comment #2

Comment 2 for bug 1759971

Revision history for this message
Dmitrii Shcherbakov (dmitriis) wrote : Re: [dvr][fast-exit] a route to a tenant network does not get created in fip namespace if an external network is attached after a tenant network have been attached

Tracing this again I can see that if external network is added after a tenant network ex_gw_port ("network:router_gateway") has a very limited amount of information as opposed to fip_agent_port ("network:floatingip_agent_gateway") which is retrieved from neutron service via an RPC call from neutron-l3-agent:

https://paste.ubuntu.com/p/YYFmbR3JFn/

# virtually no relevant information

> /usr/lib/python2.7/dist-packages/neutron/agent/l3/dvr_local_router.py(577)process_external()
-> if ex_gw_port:
(Pdb) ex_gw_port
{u'allowed_address_pairs': [], u'extra_dhcp_opts': [], u'updated_at': u'2018-04-01T23:50:55Z', u'device_owner': u'network:router_gateway', u'revision_number': 3, u'port_security_enabled': False, u'binding:profile': {}, u'fixed_ips': [], u'id': u'1e34db4a-c33c-4c41-b65c-2256a444a7d7', u'security_groups': [], u'binding:vif_details': {}, u'binding:vif_type': u'unbound', u'mac_address': u'fa:16:3e:b7:6b:17', u'project_id': u'', u'status': u'DOWN', u'binding:host_id': u'pillan', u'description': u'', u'tags': [], u'device_id': u'5edc73a3-3b60-4942-9026-4da0ce01e93d', u'name': u'', u'admin_state_up': True, u'network_id': u'1b78176f-c608-4283-9bdc-e09961805e29', u'tenant_id': u'', u'created_at': u'2018-04-01T23:50:55Z', u'binding:vnic_type': u'normal', u'ip_allocation': u'deferred'}
(Pdb) ex_gw_port.get('address_scopes')
(Pdb) l
572 import rpdb
573 rpdb.set_trace()
574 if self.agent_conf.agent_mode != (
575 n_const.L3_AGENT_MODE_DVR_NO_EXTERNAL):
576 ex_gw_port = self.get_ex_gw_port()
577 -> if ex_gw_port:
578 self.create_dvr_external_gateway_on_agent(ex_gw_port)
579 self.connect_rtr_2_fip()
580 super(DvrLocalRouter, self).process_external()

...

# address_scopes are present along with other information

(Pdb) fip_agent_port
{u'allowed_address_pairs': [], u'extra_dhcp_opts': [], u'updated_at': u'2018-04-01T23:53:47Z', u'device_owner': u'network:floatingip_agent_gateway', u'revision_number': 4, u'port_security_enabled': False, u'binding:profile': {}, u'binding:vnic_type': u'normal', u'fixed_ips': [{u'subnet_id': u'59084723-8290-4cdd-996f-14de3f6eeacb', u'prefixlen': 21, u'ip_address': u'10.232.17.5'}], u'id': u'84a55dbe-def4-4e60-8089-9ecfd74f890a', u'security_groups': [], u'binding:vif_details': {u'port_filter': True, u'datapath_type': u'system', u'ovs_hybrid_plug': False}, u'address_scopes': {u'4': u'd5d483bd-b1a1-4d11-8b98-a9697707321e', u'6': None}, u'binding:vif_type': u'ovs', u'mac_address': u'fa:16:3e:5a:6d:e0', u'project_id': u'', u'status': u'DOWN', u'subnets': [{u'dns_nameservers': [u'10.232.36.101'], u'ipv6_ra_mode': None, u'gateway_ip': u'10.232.16.1', u'cidr': u'10.232.16.0/21', u'id': u'59084723-8290-4cdd-996f-14de3f6eeacb', u'subnetpool_id': u'c7ba4af5-5aca-49e1-abbf-b7072d82d740'}], u'binding:host_id': u'ipotane', u'description': u'', u'tags': [], u'device_id': u'acee51b4-ed49-4fa3-a8de-81dee0f384ba', u'name': u'', u'admin_state_up': True, u'network_id': u'1b78176f-c608-4283-9bdc-e09961805e29', u'tenant_id': u'', u'created_at': u'2018-04-01T23:53:46Z', u'mtu': 1500, u'extra_subnets': [{u'dns_nameservers': [u'10.232.36.101'], u'ipv6_ra_mode': None, u'gateway_ip': u'10.232.40.100', u'cidr': u'10.232.40.0/21', u'id': u'ee6795c0-8f06-4fa6-9531-04168403c74f', u'subnetpool_id': u'c7ba4af5-5aca-49e1-abbf-b7072d82d740'}], u'ip_allocation': u'immediate'}
(Pdb) fip_agent_port.get('address_scopes')
{u'4': u'd5d483bd-b1a1-4d11-8b98-a9697707321e', u'6': None}

In contrast, when a tenant network is added after an external network the "network:router_gateway" port contains the relevant information

> /usr/lib/python2.7/dist-packages/neutron/agent/l3/dvr_local_router.py(577)process_external()
-> if ex_gw_port:
(Pdb) ex_gw_port
{u'allowed_address_pairs': [], u'extra_dhcp_opts': [], u'updated_at': u'2018-04-01T23:51:24Z', u'device_owner': u'network:router_gateway', u'revision_number': 13, u'port_security_enabled': False, u'binding:profile': {}, u'binding:vnic_type': u'normal', u'fixed_ips': [{u'subnet_id': u'ee6795c0-8f06-4fa6-9531-04168403c74f', u'prefixlen': 21, u'ip_address': u'10.232.41.8'}], u'id': u'1e34db4a-c33c-4c41-b65c-2256a444a7d7', u'security_groups': [], u'binding:vif_details': {u'port_filter': True, u'datapath_type': u'system', u'ovs_hybrid_plug': True}, u'address_scopes': {u'4': u'd5d483bd-b1a1-4d11-8b98-a9697707321e', u'6': None}, u'binding:vif_type': u'ovs', u'mac_address': u'fa:16:3e:b7:6b:17', u'project_id': u'', u'status': u'ACTIVE', u'subnets': [{u'dns_nameservers': [u'10.232.36.101'], u'ipv6_ra_mode': None, u'gateway_ip': u'10.232.40.100', u'cidr': u'10.232.40.0/21', u'id': u'ee6795c0-8f06-4fa6-9531-04168403c74f', u'subnetpool_id': u'c7ba4af5-5aca-49e1-abbf-b7072d82d740'}], u'binding:host_id': u'pillan', u'description': u'', u'tags': [], u'device_id': u'5edc73a3-3b60-4942-9026-4da0ce01e93d', u'name': u'', u'admin_state_up': True, u'network_id': u'1b78176f-c608-4283-9bdc-e09961805e29', u'tenant_id': u'', u'created_at': u'2018-04-01T23:50:55Z', u'mtu': 1500, u'extra_subnets': [{u'dns_nameservers': [u'10.232.36.101'], u'ipv6_ra_mode': None, u'gateway_ip': u'10.232.16.1', u'cidr': u'10.232.16.0/21', u'id': u'59084723-8290-4cdd-996f-14de3f6eeacb', u'subnetpool_id': u'c7ba4af5-5aca-49e1-abbf-b7072d82d740'}], u'ip_allocation': u'deferred'}

In connect_rtr_2_fip there is already a check for agent_gateway_port and it seems to contain identical information for the purposes of set_address_scope_interface_routes:

    def connect_rtr_2_fip(self):
        if self.fip_ns.agent_gateway_port and not self.rtr_fip_connect:
            ex_gw_port = self.get_ex_gw_port()
            self.fip_ns.create_rtr_2_fip_link(self)
            self.set_address_scope_interface_routes(ex_gw_port)