listener provisioning status in ERROR when port is 1025 and allowed_cidr is explicitly set to 0.0.0.0/0
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Cloud Archive |
Fix Released
|
Undecided
|
Unassigned | ||
Ussuri |
Fix Released
|
High
|
Unassigned | ||
Victoria |
Fix Released
|
High
|
Unassigned | ||
Wallaby |
Fix Released
|
High
|
Unassigned | ||
Xena |
Fix Released
|
Undecided
|
Unassigned | ||
octavia (Ubuntu) |
Fix Released
|
High
|
Hemanth Nakkina | ||
Focal |
Fix Released
|
High
|
Unassigned | ||
Hirsute |
Fix Released
|
High
|
Unassigned | ||
Impish |
Fix Released
|
High
|
Unassigned |
Bug Description
Corresponding upstream story link: https:/
Created a loadbalancer and a listener with protocol tcp protocol_port 1025 and allowed_cidr 0.0.0.0/0, the listener ends up in provisioning status as ERROR.
Error message in Octavia worker log
neutronclient.
This is a very edge case only when protocol port is 1025 (same as peer port which is hardcoded to constants.
Reproducer:
openstack loadbalancer create --name lb1 --vip-subnet-id private_subnet
openstack loadbalancer listener create --name lb1-listener --protocol tcp --protocol-port 1025 --allowed-cidr 0.0.0.0/0 lb1
openstack loadbalancer listener show lb1-listener lb1
The culprit is [1] where the allowed_cidr for peer port should handle both None and 0.0.0.0/0 as 0.0.0.0/0 is the default value.
Tested on: Ubuntu Focal Ussuri Octavia packages
Fix available in Upstream until stable/train (not part of any point release)
https:/
#######
SRU:
[Impact]
Not able to create a Loadbalancer listener
[Test Case]
1. Create a Loadbalancer
openstack loadbalancer create --name lb1 --vip-subnet-id private_subnet
2. Create a listener
openstack loadbalancer listener create --name lb1-listener --protocol tcp --protocol-port 1025 --allowed-cidr 0.0.0.0/0 lb1
3. Check listener status
openstack loadbalancer listener show lb1-listener lb1
Listener is not in active status.
[Regression Potential]
This is a simple change and all the CI unit/functional
The fix can lead to some edge cases where the updated_ports end up in duplicate entries. However the updated_ports list is converted to set while determining new ports to be added which will discard the duplicates.
Changed in octavia (Ubuntu Impish): | |
status: | New → Fix Released |
Changed in octavia (Ubuntu): | |
assignee: | nobody → Hemanth Nakkina (hemanth-n) |
Changed in octavia (Ubuntu Hirsute): | |
status: | New → Triaged |
Changed in octavia (Ubuntu Focal): | |
status: | New → Triaged |
Changed in octavia (Ubuntu Hirsute): | |
importance: | Undecided → High |
Changed in octavia (Ubuntu Focal): | |
importance: | Undecided → High |
tags: | added: verification-ussuri-needed |
Changed in octavia (Ubuntu): | |
importance: | Undecided → High |
Changed in octavia (Ubuntu Impish): | |
importance: | Undecided → High |
Hi SRU team,
Debdiff's for hirsute/focal, UCA wallaby/ victoria/ focal are uploaded