Thanks, that was an important missing piece of information.
This way I managed to reproduce the problem (independently of the firewall_driver):
in shell #1 monitoring the backend qos settings:
watch "openstack server show vm1 -f value -c OS-EXT-SRV-ATTR:instance_name | xargs -r virsh dumpxml | xmlstarlet sel -t -v '//interface/target/@dev' | xargs -r sudo ovs-vsctl list interface | egrep ingress_policing
in shell #2 trying stuff like this (a few times):
for i in 1 2 3 ; do openstack server reboot --hard --wait vm1 ; done
At the end of one of these triple hard reboots the backend was left unconfigured:
ingress_policing_burst: 0 ingress_policing_rate: 0
I'm setting the importance to high because it seems to me this behavior could be abused by a malicious user (though I don't see a security hole).
Thanks, that was an important missing piece of information.
This way I managed to reproduce the problem (independently of the firewall_driver):
in shell #1 monitoring the backend qos settings:
watch "openstack server show vm1 -f value -c OS-EXT- SRV-ATTR: instance_ name | xargs -r virsh dumpxml | xmlstarlet sel -t -v '//interface/ target/ @dev' | xargs -r sudo ovs-vsctl list interface | egrep ingress_policing
in shell #2 trying stuff like this (a few times):
for i in 1 2 3 ; do openstack server reboot --hard --wait vm1 ; done
At the end of one of these triple hard reboots the backend was left unconfigured:
ingress_ policing_ burst: 0 policing_ rate: 0
ingress_
I'm setting the importance to high because it seems to me this behavior could be abused by a malicious user (though I don't see a security hole).