[dvr_no_external][ha][dataplane down]centralized floating IP nat rules not install in every HA node
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Undecided
|
LIU Yulong |
Bug Description
ENV:
master
devstack multinode install:
1 controller node
2 compute nodes -> dvr_no_external (compute1, compute2)
2 network nodes -> dvr_snat (network1, network2)
Problem:
For L3 DVR HA router, the centralized floating IPs nat rules are not installed in every HA node snat namespace.
How to reproduce:
1. create DVR_HA router connecting user private network and public external network
2. create a VM in dvr_no_external compute in private network
3. create floating IP and associate to the VM port
Then, only in the `master` node snat-namespace has the iptables rules.
Even the DVR_HA router has state change(backup -> master, master -> backup), the iptables rules are still not re-created in the new `master` snat-namespace.
All centralized floating IPs can be unreachable after a HA router state change.
Changed in neutron: | |
assignee: | nobody → LIU Yulong (dragon889) |
summary: |
- [dvr_no_external][ha] centralized floating IP nat rules not install in - every HA node + [dvr_no_external][ha][dataplane down]centralized floating IP nat rules + not install in every HA node |
description: | updated |
tags: | added: l3-dvr-backlog |
tags: | added: neutron-proactive-backport-potential |
Fix proposed to branch: master /review. openstack. org/604094
Review: https:/