Restarting containers leads to 'dangling' veth interfaces
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Fix Released
|
Medium
|
Major Hayden | ||
Kilo |
Fix Released
|
Medium
|
Major Hayden | ||
Trunk |
Fix Released
|
Medium
|
Major Hayden |
Bug Description
We've seen an issue where veth interfaces are left up on the host after stopping LXC containers. The veth will still be connected to the bridge and have the proper MAC address assigned. In some cases, the veths still respond to traffic sent to the IP of the network interface that was configured in the container.
Some cleaned themselves up on their own, but they occasionally required an `ip link del <veth>` to reap them. There are some LXC mailing list threads that suggest this might be related to half-open TCP connections and that a script must be run as the container goes down to forcefully remove the veths.
I'm currently testing this scenario and working on a patch that makes it easier to identify these dangling veth interfaces:
https:/
https:/
Changed in openstack-ansible: | |
assignee: | nobody → Major Hayden (rackerhacker) |
Changed in openstack-ansible: | |
status: | New → Confirmed |
status: | Confirmed → In Progress |
Changed in openstack-ansible: | |
milestone: | none → 11.2.0 |
Changed in openstack-ansible: | |
importance: | Undecided → Medium |
Shifting milestone to 12.0.0 as it's too late for inclusion to 11.2.0 and I don't think this should be in a hotfix version either. If a decision is made to backport a fix then that can be targeted at a later date.