commit ee759f62b41a8afd7ac88b4e4a20d31d7959c12f
Author: Dan Smith <email address hidden>
Date: Thu Dec 8 12:25:37 2016 -0800
Cleanup after any failed libvirt spawn
When we go to spawn a libvirt domain, we catch a few types of exceptions
and perform cleanup before failing the operation. For some reason, we
don't do this universally, which means that we leave things like network
devices laying around (from plug_vifs()). If a delete comes later, it
should clean those things up. However, if a subsequent failure prevents
that, and especially if we do a local delete at the API, we'll leak those
interfaces.
As seen in at least one real-world situation, this can cause us to leak
interfaces until we have tens of thousands of them on the system, which
then causes secondary failures.
Since we run the cleanup() routine for certain failures, it certainly
seems appropriate to run it always and not leave residue until a
successful delete is performed.
Closes-Bug: #1648840
Change-Id: Iab5afdf1b5b8d107ea0e5895c24d50712e7dc7b1
(cherry picked from commit 5e7f765266e0b94807e019b645c8be89770e7428)
Reviewed: https:/ /review. openstack. org/409706 /git.openstack. org/cgit/ openstack/ nova/commit/ ?id=ee759f62b41 a8afd7ac88b4e4a 20d31d7959c12f
Committed: https:/
Submitter: Jenkins
Branch: stable/newton
commit ee759f62b41a8af d7ac88b4e4a20d3 1d7959c12f
Author: Dan Smith <email address hidden>
Date: Thu Dec 8 12:25:37 2016 -0800
Cleanup after any failed libvirt spawn
When we go to spawn a libvirt domain, we catch a few types of exceptions
and perform cleanup before failing the operation. For some reason, we
don't do this universally, which means that we leave things like network
devices laying around (from plug_vifs()). If a delete comes later, it
should clean those things up. However, if a subsequent failure prevents
that, and especially if we do a local delete at the API, we'll leak those
interfaces.
As seen in at least one real-world situation, this can cause us to leak
interfaces until we have tens of thousands of them on the system, which
then causes secondary failures.
Since we run the cleanup() routine for certain failures, it certainly
seems appropriate to run it always and not leave residue until a
successful delete is performed.
Closes-Bug: #1648840 07ea0e5895c24d5 0712e7dc7b1 807e019b645c8be 89770e7428)
Change-Id: Iab5afdf1b5b8d1
(cherry picked from commit 5e7f765266e0b94