Deleted floating ips can cause instance delete to fail

Bug #1038266 reported by Vish Ishaya on 2012-08-17
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
High
Vish Ishaya
Essex
High
Vish Ishaya
nova (Ubuntu)
Undecided
Unassigned
Precise
Undecided
Unassigned

Bug Description

If there is a deleted floating ip in the database, with the same address as an ip that as associated to an instance, deleting that instance will fail. This is due to nova turning on read_deleted too liberally.

Related branches

Changed in nova:
status: New → In Progress
importance: Undecided → High
milestone: none → folsom-rc1
assignee: nobody → Vish Ishaya (vishvananda)

Reviewed: https://review.openstack.org/11596
Committed: http://github.com/openstack/nova/commit/1f98e28a80077760394201f79de04a0924b9ad3f
Submitter: Jenkins
Branch: master

commit 1f98e28a80077760394201f79de04a0924b9ad3f
Author: Vishvananda Ishaya <email address hidden>
Date: Fri Aug 17 15:03:46 2012 -0700

    Makes sure instance deletion ok with deleted data

    Commit 5ad1dea4 added changed the network deallocation code to
    work with deleted instances. This was done by setting the context
    to read deleted records. Unfortunately this was done a little too
    broadly, leading to a new bug where a deleted floating_ip will
    cause an instance to not be able to be deleted.

    This fixes the issue by limiting the use of read_deleted context
    to only the places it is trying to access the instance record. It
    adds a test to verify that the code works with a duplicate
    deleted floating_ip and updates the existing test for a deleted
    instance to exercise the entire code path.

    Fixes bug 1038266

    Change-Id: I1aef94369e5bcf951e78e89b1eded5305cf36b53

Changed in nova:
status: In Progress → Fix Committed

Reviewed: https://review.openstack.org/11597
Committed: http://github.com/openstack/nova/commit/ae280ca43eafeee48b1466ccd45db979c86ae5ce
Submitter: Jenkins
Branch: stable/essex

commit ae280ca43eafeee48b1466ccd45db979c86ae5ce
Author: Vishvananda Ishaya <email address hidden>
Date: Fri Aug 17 15:03:46 2012 -0700

    Makes sure instance deletion ok with deleted data

    Commit 5ad1dea4 added changed the network deallocation code to
    work with deleted instances. This was done by setting the context
    to read deleted records. Unfortunately this was done a little too
    broadly, leading to a new bug where a deleted floating_ip will
    cause an instance to not be able to be deleted.

    This fixes the issue by limiting the use of read_deleted context
    to only the places it is trying to access the instance record. It
    adds a test to verify that the code works with a duplicate
    deleted floating_ip and updates the existing test for a deleted
    instance to exercise the entire code path.

    Fixes bug 1038266

    Change-Id: I1aef94369e5bcf951e78e89b1eded5305cf36b53
    (cherry-picked from commit 1f98e28a80077760394201f79de04a0924b9ad3f)

Dave Walker (davewalker) on 2012-08-29
Changed in nova (Ubuntu):
status: New → Fix Released
Changed in nova (Ubuntu Precise):
status: New → Confirmed

Please find the attached test log from the Ubuntu Server Team's CI infrastructure. As part of the verification process for this bug, Nova has been deployed and configured across multiple nodes using precise-proposed as an installation source. After successful bring-up and configuration of the cluster, a number of exercises and smoke tests have be invoked to ensure the updated package did not introduce any regressions. A number of test iterations were carried out to catch any possible transient errors.

Please Note the list of installed packages at the top and bottom of the report.

For records of upstream test coverage of this update, please see the Jenkins links in the comments of the relevant upstream code-review(s):

Trunk review: https://review.openstack.org/11596
Stable review: https://review.openstack.org/11597

As per the provisional Micro Release Exception granted to this package by the Technical Board, we hope this contributes toward verification of this update.

Adam Gandelman (gandelman-a) wrote :

Test coverage log.

tags: added: verification-done
Launchpad Janitor (janitor) wrote :
Download full text (5.4 KiB)

This bug was fixed in the package nova - 2012.1.3+stable-20120827-4d2a4afe-0ubuntu1

---------------
nova (2012.1.3+stable-20120827-4d2a4afe-0ubuntu1) precise-proposed; urgency=low

  * New upstream snapshot, fixes FTBFS in -proposed. (LP: #1041120)
  * Resynchronize with stable/essex (4d2a4afe):
    - [5d63601] Inappropriate exception handling on kvm live/block migration
      (LP: #917615)
    - [ae280ca] Deleted floating ips can cause instance delete to fail
      (LP: #1038266)

nova (2012.1.3+stable-20120824-86fb7362-0ubuntu1) precise-proposed; urgency=low

  * New upstream snapshot. (LP: #1041120)
  * Dropped, superseded by new snapshot:
    - debian/patches/CVE-2012-3447.patch: [d9577ce]
    - debian/patches/CVE-2012-3371.patch: [25f5bd3]
    - debian/patches/CVE-2012-3360+3361.patch: [b0feaff]
  * Resynchronize with stable/essex (86fb7362):
    - [86fb736] Libvirt driver reports incorrect error when volume-detach fails
      (LP: #1029463)
    - [272b98d] nova delete lxc-instance umounts the wrong rootfs (LP: #971621)
    - [09217ab] Block storage connections are NOT restored on system reboot
      (LP: #1036902)
    - [d9577ce] CVE-2012-3361 not fully addressed (LP: #1031311)
    - [e8ef050] pycrypto is unused and the existing code is potentially insecure
      to use (LP: #1033178)
    - [3b4ac31] cannot umount guestfs (LP: #1013689)
    - [f8255f3] qpid_heartbeat setting in ineffective (LP: #1030430)
    - [413c641] Deallocation of fixed IP occurs before security group refresh
      leading to potential security issue in error / race conditions
      (LP: #1021352)
    - [219c5ca] Race condition in network/deallocate_for_instance() leads to
      security issue (LP: #1021340)
    - [f2bc403] cleanup_file_locks does not remove stale sentinel files
      (LP: #1018586)
    - [4c7d671] Deleting Flavor currently in use by instance creates error
      (LP: #994935)
    - [7e88e39] nova testsuite errors on newer versions of python-boto (e.g.
      2.5.2) (LP: #1027984)
    - [80d3026] NoMoreFloatingIps: Zero floating ips available after repeatedly
      creating and destroying instances over time (LP: #1017418)
    - [4d74631] Launching with source groups under load produces lazy load error
      (LP: #1018721)
    - [08e5128] API 'v1.1/{tenant_id}/os-hosts' does not return a list of hosts
      (LP: #1014925)
    - [801b94a] Restarting nova-compute removes ip packet filters (LP: #1027105)
    - [f6d1f55] instance live migration should create virtual_size disk image
      (LP: #977007)
    - [4b89b4f] [nova][volumes] Exceeding volumes, gigabytes and floating_ips
      quotas returns general uninformative HTTP 500 error (LP: #1021373)
    - [6e873bc] [nova][volumes] Exceeding volumes, gigabytes and floating_ips
      quotas returns general uninformative HTTP 500 error (LP: #1021373)
    - [7b215ed] Use default qemu-img cluster size in libvirt connection driver
    - [d3a87a2] Listing flavors with marker set returns 400 (LP: #956096)
    - [cf6a85a] nova-rootwrap hardcodes paths instead of using
      /sbin:/usr/sbin:/usr/bin:/bin (LP: #1013147)
    - [2efc87c] affinity filters don't work if scheduler_hints is None
      (LP: #1007573)
  ...

Read more...

Changed in nova (Ubuntu Precise):
status: Confirmed → Fix Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Thierry Carrez (ttx) on 2012-09-19
Changed in nova:
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2012-09-27
Changed in nova:
milestone: folsom-rc1 → 2012.2
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers