Second euca-run-instance request in same security group causes eucalyptus to remove network assoicated with security group

I was able to repeat this behavior with ADDRSPERNET set to 128. The system seems more prone to this behavior when a user makes requests for large numbers of VMs in a security group and then attempts to add more. Not sure if this bug manifests based on the size of requests or how many IPs are already allocated in a given security group.

Thierry says that he'll try to reproduce i.

Won't have time to reproduce today or next week (away from cloud setup), so i'll put it back in the pool for anyone to pick. Not pre-release material anyway, potential SRU target.

This also Effects 1.6.2 CentOS release. When ADDRPERNET is set to 256 it causes same behavior with this error:

[Wed Aug 11 08:22:12 2010][005109][EUCADEBUG ] RunInstances(): params: userId=admin, emiId=emi-54A01BEF, kernelId=eki-5A861EB7, ramdiskId=UNSET, emiURL=http://192.168.1.11:8773/services/Walrus/x86_64-CentOS-5.4/managed-public-nil-nil-x86_64-CentOS-5.4-v1.2-2.0.manifest.xml, kernelURL=http://192.168.1.11:8773/services/Walrus/Kernels-x86_64/nil-public-nil-nil-x86_64-vmlinuz-2.6.18-xenU-ec2-v1.2-1.0.manifest.xml, ramdiskURL=UNSET, instIdsLen=1, netNamesLen=1, macAddrsLen=1, networkIndexListLen=1, minCount=1, maxCount=1, ownerId=admin, reservationId=r-43C4087C, keyName=, vlan=10, userData=, launchIndex=0, targetNode=UNSET
[Wed Aug 11 08:22:12 2010][005109][EUCADEBUG ] RunInstances(): running instance i-3816057B with emiId emi-54A01BEF...
[Wed Aug 11 08:22:12 2010][005109][EUCAERROR ] vnetAddHost(): failed to add host d0:0d:38:16:05:7B on vlan 10
[Wed Aug 11 08:22:12 2010][005109][EUCADEBUG ] RunInstances(): assigning MAC/IP: d0:0d:38:16:05:7B/0.0.0.0/0.0.0.0/5
[Wed Aug 11 08:22:12 2010][005109][EUCAERROR ] RunInstances(): could not find/initialize any free network address, failing doRunInstances()
[Wed Aug 11 08:22:12 2010][005109][EUCADEBUG ] RunInstances(): done

Actually this shows itself when at 64 or 128 also.

@all: could we have logs from all Eucalyptus components showing the issue? Please attach them here. Thank you

Not sure about logs from all Eucalyptus components. This problem seems to be centered in the cluster controller code. I think the telling log lines I've seen after the second "euca-run-instances" command are:

[Thu Apr 15 14:29:46 2010][001328][EUCAINFO ] RunInstances(): called
[Thu Apr 15 14:29:46 2010][001328][EUCAERROR ] vnetAddHost(): failed to add host d0:0d:3B:E6:07:11 on vlan 10
[Thu Apr 15 14:29:46 2010][001328][EUCAERROR ] RunInstances(): could not find/initialize any free network address, failing doRunInstances()

Once the cluster controller fails to issue network addresses for the new instances it doesn't bother to farm them out to the node controllers. Those instances are never started on any of the NCs.

It almost seems like the cluster controller forgets about the available network addresses on a given network and won't allocate addresses for new instances. The most distressing thing is (and this doesn't happen every time) the network associated with a given security group is deallocated by the cluster controller. Its rule chain is removed from iptables and I've even seen other users get issued the same slice of network addresses for their new security groups. All this while instances in the old security group are still in a running state.

I can confirm Aimon's comment. We have seen this behavior with ADDRSPERNET set to 256, 128, and 64.

I wanted to add that we have since upgraded to 1.6.2-0ubuntu30.3 and still witness this behavior regularly.

RC bugs need to be assigned to someone -- assigning to Carlos for verification (or tracking Eucalyptus verification)

If someone has logs from all components they would be helpful, actually. (Although it may *seem* like a CC problem, it *may* originate in the CLC.) Also, if it is easy for someone to check if the problem has been solved (as I suspect it has) in 2.0.0, currently in Maverick, that would help a lot. Thanks!

I am not able to recreate this problem with 2.0.0-lp code (revno 1342), so I am closing the bug. Marking "Fix Committed" even though we haven't confirmed it. It may well be a genuine problem in 1.6.2/Lucid, though.

Specifically, I ran multiple times, 24 instances followed by 24 instances in the same (non-default) group, with VNET_ADDRPERNET=128 and VNET_MODE="MANAGED-NOVLAN" using Eucalyptus built from source. All instances started.

I meant revno 1236, sorry.

Marking Incomplete for the Lucid/Eucalyptus task -- we still need the logs, as I and Dmitrri requested earlier on; marking triaged for the Maverick/Eucalyptus task: I have been unable to reproduce it on Maverick, but will keep on trying.

Note that this may well be a volume-related issue: I cannot reproduce Piotr's results, but I also do not have a cloud with a few hundred nodes to test on.

We were not able to reproduce this on maverick / 2.0. Please set it back to Triaged if anyone can.

Hi Here is Log from CLC that corresponds to CC log you have seen above (see attached). An interesting note about the attached log. There is only one successful vm in the secgroup. All other fail with the attached and above errors. When I create another secgroup, the new one behaves normally and I can launch VMs.

Aimon

Forgot the log.

I'm not able to reproduce it with 2.0.3. Aimon, if you still see this issue, please open a new bug.

lucid has seen the end of its life and is no longer receiving any updates. Marking the lucid task for this ticket as "Won't Fix".