StarlingX

Deleting system network(s) and/or system address-pool(s) should be rejected after initial controller-0 unlock

Bug #1820115 reported by Chris Winnicki on 2019-03-14

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	StarlingX	Fix Released	Medium	Le, Huifeng

Bug Description

Title
-----
Deleting system network(s) and/or system address-pool(s) should be rejected after initial controller-0 unlock

Brief Description
-----------------
Attempting to delete system network(s) and/or system address-pool(s) should be rejected after initial controller-0 unlock

Severity
--------
Major

Steps to Reproduce
------------------
Install All-in-one Duplex or Standard system

* For example, attmpt to delete cluster-host network

Expected Behavior
------------------
The above action should be rejected

Actual Behavior
----------------
Deletion of system network is successful

System Configuration
--------------------
System mode: All-in-one Duplex, Standard

Reproducibility
---------------
100%

Branch/Pull Time/Commit
-----------------------
### StarlingX
### Built from master
###

OS="centos"
SW_VERSION="19.01"
BUILD_TARGET="Host Installer"
BUILD_TYPE="Formal"
BUILD_ID="20190305T060000Z"

JOB="STX_build_master_master"
<email address hidden>"
BUILD_NUMBER="6"
BUILD_HOST="starlingx_mirror"
BUILD_DATE="2019-03-05 06:00:00 +0000"

Timestamp/Logs
--------------
Mar 14 11:39

Last time install passed
------------------------
n/a

Tags:

Ghada Khalil (gkhalil) on 2019-03-14

tags:

added: stx.networking

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2019-03-15:

Marking as release gating; related to the cluster networking feature.

Changed in starlingx:
assignee:	nobody → Forrest Zhao (forrest.zhao)
importance:	Undecided → Medium
status:	New → Triaged
tags:	added: stx.2019.05

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2019-03-15:

Please include Teresa Ho on the code inspection. Any questions during investigation can also be directed to her.

Revision history for this message

Le, Huifeng (hle2) wrote on 2019-03-18:

Chris, for one question: is this new issue or regression issue?

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2019-03-18:

This is related to SB: https://storyboard.openstack.org/#!/story/2004273

Revision history for this message

Le, Huifeng (hle2) wrote on 2019-03-21:

@Teresa, @Ghada,

By looking through the code, I think this issue is caused by missing operation check for system network-delete.

api/controllers/v1/network.py
@cutils.synchronized(LOCK_NAME)
    @wsme_pecan.wsexpose(None, types.uuid, status_code=204)
    def delete(self, network_uuid):
        """Delete a network."""
        pecan.request.dbapi.network_destroy(network_uuid)

So the questions are:
(1) Add validation in API server (before call dbapi.network_destroy) or shell ???
(2) What the logic for validation?
e.g. the cluster network can only be deleted if all hosts (include controllers and workers) are locked? any other requirements to be checked?
(3) What the validation requirement? e.g. need check for infra_network, mgmt network and cluster-host network or only cluster network is enough?

Since this feature is related with the operation pre-condition check, Teresa should have better knowledge than us, Maybe Teresa is more suitable to fix this issue?

Revision history for this message

Teresa Ho (teresaho) wrote on 2019-03-28:

(1) The validation should be done in the API server, not the shell.
(2)&(3) The deletion of any of the networks should be blocked after the first controller is unlocked.

Ken Young (kenyis) on 2019-04-05

tags:

added: stx.2.0
removed: stx.2019.05

Ghada Khalil (gkhalil) on 2019-04-09

tags:

added: stx.retestneeded

Forrest Zhao (forrest.zhao) on 2019-04-18

Changed in starlingx:
assignee:	Forrest Zhao (forrest.zhao) → Kailun Qin (kailun.qin)

Revision history for this message

Kailun Qin (kailun.qin) wrote on 2019-04-18:

@Teresa, @Ghada,
Do we have a fix already available to this issue? If so, would you please kindly add the review link? Thanks.

Forrest Zhao (forrest.zhao) on 2019-04-18

Changed in starlingx:
assignee:	Kailun Qin (kailun.qin) → Le, Huifeng (hle2)

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2019-04-18:

@Kailun, There is no fix yet. Huifeng is assigned this bug.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-05-22: Fix merged to config (master)

Reviewed: https://review.opendev.org/657557
Committed: https://git.openstack.org/cgit/starlingx/config/commit/?id=bc39f1ea3c2f2c7e86c0b1c52c98089e3b67a403
Submitter: Zuul
Branch: master

commit bc39f1ea3c2f2c7e86c0b1c52c98089e3b67a403
Author: yizhou xu <email address hidden>
Date: Tue May 7 17:10:31 2019 +0800

Rejected deleting network & address-pool after unlock

This commit added a semantic check to block deleting network
if initial controller-0 unlock.

    Change-Id: I9c46df57bb2e7ff8987bf5aa2f50706bf07b3e65
    Story: 2004273
    Closes-Bug: #1820115

Changed in starlingx:
status:	Triaged → Fix Released

Revision history for this message

Chris Winnicki (chriswinnicki) wrote on 2019-06-19:

#10

Retested
Verdict: Passed

Build used:
### StarlingX
### Built from master
###

OS="centos"
SW_VERSION="19.01"
BUILD_TARGET="Host Installer"
BUILD_TYPE="Formal"
BUILD_ID="20190617T233000Z"

JOB="STX_build_master_master"
<email address hidden>"
BUILD_NUMBER="150"
BUILD_HOST="starlingx_mirror"
BUILD_DATE="2019-06-17 23:30:00 +0000"

tags:

removed: stx.retestneeded

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.