openvswitch.agent.ovs_neutron_agent fails to Cmd: ['iptables-restore', '-n']
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Invalid
|
Undecided
|
Unassigned | ||
tripleo |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Description
===========
Wallaby deployment via undercloud/
Neutron constantly reports inability to update iptables that in turn makes baremetal to fail to boot from PXE
From the review it seems that /usr/bin/
In the info I can see that neutron user has the following subset of commands it's able to run:
...
(root) NOPASSWD: /usr/bin/
(root) NOPASSWD: /usr/bin/
(root) NOPASSWD: /usr/bin/
(root) NOPASSWD: /usr/bin/
But the issue is the fact that command isn't found as it was moved to /usr/sbin/
Steps to reproduce
==================
1. Deploy undercloud
2. Deploy networks and VIP
3. Add and introspect a node
4. Execute overcloud node provision ... that will timeout
Expected result
===============
Successful overcloud node baremetal provisioning
Logs & Configs
==============
2023-08-31 18:21:28.613 4413 ERROR neutron.
2023-08-31 18:21:28.613 4413 ERROR neutron.
2023-08-31 18:21:28.613 4413 ERROR neutron.
2023-08-31 18:21:28.613 4413 ERROR neutron.
Environment
===========
Centos 9 Stream and undercloud deployment tool
tags: | added: tripleo-common |
Changed in neutron: | |
status: | New → Invalid |
Additional info - from what I see the affected image is /quay.io/ repository/ tripleowallaby/ openstack- neutron- server
https:/
Step: openstack- tripleo- common- containers/ container- images/ kolla/neutron- base/neutron_ sudoers /etc/sudoers. d/neutron_ sudoers
cp /usr/share/
The source file and execution should be updated with the new command location or maybe link should be created to have both commands available