Cannot start VM or add network filters when use_ipv6 is not set

Bug #773308 reported by Édouard Thuleau on 2011-04-29
This bug report is a duplicate of:  Bug #773412: Check for use of IPv6 missing. Edit Remove
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Undecided
Unassigned

Bug Description

With Nova bzr1034 on ubuntu LTS 10.04, starting instances fails when the flag use_ipv6 is false :

2011-04-29 14:51:57,873 INFO nova [-] called setup_basic_filtering in nwfilter
2011-04-29 14:51:57,873 INFO nova [-] ensuring static filters
2011-04-29 14:51:57,968 ERROR nova.exception [-] Uncaught exception
(nova.exception): TRACE: Traceback (most recent call last):
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/exception.py", line 115, in _wrap
(nova.exception): TRACE: return f(*args, **kw)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 623, in spawn
(nova.exception): TRACE: self.firewall_driver.prepare_instance_filter(instance, network_info)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2001, in prepare_instance_filter
(nova.exception): TRACE: self.add_filters_for_instance(instance, network_info)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2033, in add_filters_for_instance
(nova.exception): TRACE: network_info)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2017, in _filters_for_instance
(nova.exception): TRACE: return ipv4_rules, ipv6_rules
(nova.exception): TRACE: UnboundLocalError: local variable 'ipv6_rules' referenced before assignment
(nova.exception): TRACE:
2011-04-29 14:51:57,969 ERROR nova.compute.manager [-Y1USWZDF9C-JS7XSA79 user1 simple] Instance '28' failed to spawn. Is virtualization enabled in the BIOS?
(nova.compute.manager): TRACE: Traceback (most recent call last):
(nova.compute.manager): TRACE: File "/usr/lib/pymodules/python2.6/nova/compute/manager.py", line 240, in run_instance
(nova.compute.manager): TRACE: self.driver.spawn(instance_ref)
(nova.compute.manager): TRACE: File "/usr/lib/pymodules/python2.6/nova/exception.py", line 121, in _wrap
(nova.compute.manager): TRACE: raise Error(str(e))
(nova.compute.manager): TRACE: Error: local variable 'ipv6_rules' referenced before assignment
(nova.compute.manager): TRACE:

I change the code to pass this error and start instances, but when I try to add filter rule, I get another error :

2011-04-29 16:06:05,134 DEBUG nova.utils [-] Attempting to grab semaphore "iptables" for method "do_refresh_security_group_rules"... from (pid=18530) inner /usr/lib/pymodules/python2.6/nova/utils.py:591
2011-04-29 16:06:05,134 DEBUG nova.utils [-] Attempting to grab file lock "iptables" for method "do_refresh_security_group_rules"... from (pid=18530) inner /usr/lib/pymodules/python2.6/nova/utils.py:596
2011-04-29 16:06:05,167 ERROR nova.exception [-] Uncaught exception
(nova.exception): TRACE: Traceback (most recent call last):
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/exception.py", line 115, in _wrap
(nova.exception): TRACE: return f(*args, **kw)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/compute/manager.py", line 187, in refresh_security_group_rules
(nova.exception): TRACE: return self.driver.refresh_security_group_rules(security_group_id)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 1380, in refresh_security_group_rules
(nova.exception): TRACE: self.firewall_driver.refresh_security_group_rules(security_group_id)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2164, in refresh_security_group_rules
(nova.exception): TRACE: self.do_refresh_security_group_rules(security_group)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/utils.py", line 604, in inner
(nova.exception): TRACE: retval = f(*args, **kwargs)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2171, in do_refresh_security_group_rules
(nova.exception): TRACE: self.add_filters_for_instance(instance)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2035, in add_filters_for_instance
(nova.exception): TRACE: network_info)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2008, in _filters_for_instance
(nova.exception): TRACE: ips_v4 = [ip['ip'] for (_n, mapping) in network_info
(nova.exception): TRACE: TypeError: 'NoneType' object is not iterable
(nova.exception): TRACE:
2011-04-29 16:06:05,168 ERROR nova [-] Exception during message handling
(nova): TRACE: Traceback (most recent call last):
(nova): TRACE: File "/usr/lib/pymodules/python2.6/nova/rpc.py", line 198, in _receive
(nova): TRACE: rval = node_func(context=ctxt, **node_args)
(nova): TRACE: File "/usr/lib/pymodules/python2.6/nova/exception.py", line 121, in _wrap
(nova): TRACE: raise Error(str(e))
(nova): TRACE: Error: 'NoneType' object is not iterable
(nova): TRACE:

Here the fix I made to start instances :

nova/virt/libvirt_conn.py
2012,2013c2012,2014
< ips_v6 = [ip['ip'] for (_n, mapping) in network_info
< for ip in mapping['ip6s']]
---
> if FLAGS.use_ipv6:
> ips_v6 = [ip['ip'] for (_n, mapping) in network_info
> for ip in mapping['ip6s']]
2015,2016c2016,2019
< ipv6_rules = self._create_filter(ips_v6, chain_name)
< return ipv4_rules, ipv6_rules
---
> ipv6_rules = self._create_filter(ips_v6, chain_name)
> return ipv4_rules, ipv6_rules
>
> return ipv4_rules, None

Related branches

Same problem on Ubuntu Natty (11.04). I applied Edouard's suggested changes, restarted nova-compute (the changes did not seem to work without restarting) and can now start instances.

Kevin Bringard (kbringard) wrote :

A very similar error appears to be happening when attempting to apply euca-authorize rules to running nodes.

If I start a new node in a group with existing rules, everything works as expected. However if I have a VM running in a group (let's say default), and I attempt to update or create a new rule in that group I receive the following exception in the nova-compute.log:

2011-05-11 19:56:48,889 ERROR nova.exception [-] Uncaught exception
(nova.exception): TRACE: Traceback (most recent call last):
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/exception.py", line 87, in _wrap
(nova.exception): TRACE: return f(*args, **kw)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/compute/manager.py", line 205, in refresh_security_group_rules
(nova.exception): TRACE: return self.driver.refresh_security_group_rules(security_group_id)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 1382, in refresh_security_group_rules
(nova.exception): TRACE: self.firewall_driver.refresh_security_group_rules(security_group_id)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2173, in refresh_security_group_rules
(nova.exception): TRACE: self.do_refresh_security_group_rules(security_group)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/utils.py", line 604, in inner
(nova.exception): TRACE: retval = f(*args, **kwargs)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2180, in do_refresh_security_group_rules
(nova.exception): TRACE: self.add_filters_for_instance(instance)
(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2044, in add_filters_for_instance(nova.exception): TRACE: network_info)(nova.exception): TRACE: File "/usr/lib/pymodules/python2.6/nova/virt/libvirt_conn.py", line 2018, in _filters_for_instance
(nova.exception): TRACE: ips_v4 = [ip['ip'] for (_n, mapping) in network_info(nova.exception): TRACE: TypeError: 'NoneType' object is not iterable
(nova.exception): TRACE:
2011-05-11 19:56:48,890 ERROR nova [-] Exception during message handling
(nova): TRACE: Traceback (most recent call last):
(nova): TRACE: File "/usr/lib/pymodules/python2.6/nova/rpc.py", line 198, in _receive
(nova): TRACE: rval = node_func(context=ctxt, **node_args)
(nova): TRACE: File "/usr/lib/pymodules/python2.6/nova/exception.py", line 93, in _wrap
(nova): TRACE: raise Error(str(e))
(nova): TRACE: Error: 'NoneType' object is not iterable
(nova): TRACE:

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers