Ubuntu
ovn-octavia-provider package

ovn-octavia-provider: Cannot create listener due to alowed_cidrs validation

Bug #1896603 reported by Michal Dulko
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu Cloud Archive
Fix Released
Critical
Unassigned
Victoria
Fix Released
Critical
Unassigned
octavia
Fix Released
Critical
Brian Haley
ovn-octavia-provider (Ubuntu)
Fix Released
Critical
Unassigned
Groovy
Fix Released
Critical
Unassigned
Hirsute
Fix Released
Critical
Unassigned

Bug Description

[Impact]

 * Users cannot add listeners to an Octavia loadbalancer if it was created using the ovn provider
 * This makes the ovn provider unusable in Victoria and will force people to use the more painful alternative of using the Amphora driver

[Test Case]

$ openstack loadbalancer create --provider ovn --vip-subnet-id f92fa6ca-0f29-4b61-aeb6-db052caceff5 --name test-lb
$ openstack loadbalancer show test-lb -c provisioning_status (Repeat until it shows as ACTIVE)
$ openstack loadbalancer listener create --name listener1 --protocol TCP --protocol-port 80 test-lb
Provider 'ovn' does not support a requested option: OVN provider does not support allowed_cidrs option (HTTP 501) (Request-ID: req-52a10944-951d-4414-8441-fe743444ed7c)

Alternatively run the focal-victoria-ha-ovn functional test in the octavia charm

[Where problems could occur]

 * Problems would be isolated to the managment of octavia loadbalancers within an openstack cloud. Specifically the patch fixes the checking of the allowed_cidr option when a listener is created or updated.

[Other Info]

See original description
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to ovn-octavia-provider (master)

Fix proposed to branch: master
Review: https://review.opendev.org/753302

Changed in neutron:
assignee: nobody → Brian Haley (brian-haley)
status: New → In Progress
Brian Haley (brian-haley)
Changed in neutron:
importance: Undecided → Critical
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to ovn-octavia-provider (master)

Reviewed: https://review.opendev.org/753302
Committed: https://git.openstack.org/cgit/openstack/ovn-octavia-provider/commit/?id=76b20882aa9fef3c693e45c2b504224a44e84ce8
Submitter: Zuul
Branch: master

commit 76b20882aa9fef3c693e45c2b504224a44e84ce8
Author: Brian Haley <email address hidden>
Date: Tue Sep 22 08:34:29 2020 -0400

    Fix the check for allowed_cidrs in listeners

    The allowed_cidrs value could be an empty list if the
    request involves the sdk, so change the check to
    account for that.

    Change-Id: I2df7e5a944cbd40c60943ad105f6e09f7afa85a9
    Closes-bug: #1896603

Changed in neutron:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to ovn-octavia-provider (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/754247

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to ovn-octavia-provider (stable/victoria)

Reviewed: https://review.opendev.org/754247
Committed: https://git.openstack.org/cgit/openstack/ovn-octavia-provider/commit/?id=d43719bf3ccf4292740b140d33a5365bd2ce3fbf
Submitter: Zuul
Branch: stable/victoria

commit d43719bf3ccf4292740b140d33a5365bd2ce3fbf
Author: Brian Haley <email address hidden>
Date: Tue Sep 22 08:34:29 2020 -0400

    Fix the check for allowed_cidrs in listeners

    The allowed_cidrs value could be an empty list if the
    request involves the sdk, so change the check to
    account for that.

    Change-Id: I2df7e5a944cbd40c60943ad105f6e09f7afa85a9
    Closes-bug: #1896603
    (cherry picked from commit 76b20882aa9fef3c693e45c2b504224a44e84ce8)

tags: added: in-stable-victoria
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to ovn-octavia-provider (stable/ussuri)

Fix proposed to branch: stable/ussuri
Review: https://review.opendev.org/757170

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on ovn-octavia-provider (stable/ussuri)

Change abandoned by Brian Haley (<email address hidden>) on branch: stable/ussuri
Review: https://review.opendev.org/757170
Reason: merged into parent patch

Liam Young (gnuoy)
description: updated
Revision history for this message
Liam Young (gnuoy) wrote :

https://code.launchpad.net/~gnuoy/ubuntu/+source/ovn-octavia-provider/+git/ovn-octavia-provider/+merge/397023

Corey Bryant (corey.bryant)
Changed in ovn-octavia-provider (Ubuntu Groovy):
importance: Undecided → Critical
status: New → Triaged
Changed in ovn-octavia-provider (Ubuntu Hirsute):
status: New → Triaged
importance: Undecided → Critical
Corey Bryant (corey.bryant)
Changed in ovn-octavia-provider (Ubuntu Hirsute):
status: Triaged → Fix Released
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Liam, thanks for the patch. This has been uploaded to the groovy unapproved queue where it is awaiting SRU team review.
https://launchpad.net/ubuntu/groovy/+queue?queue_state=1&queue_text=ovn-octavia-provider

Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Michal, or anyone else affected,

Accepted ovn-octavia-provider into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ovn-octavia-provider/0.3.0-0ubuntu2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-groovy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in ovn-octavia-provider (Ubuntu Groovy):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-groovy
Mathew Hodson (mhodson)
affects: neutron → octavia
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Hello Michal, or anyone else affected,

Accepted ovn-octavia-provider into victoria-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:victoria-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-victoria-needed to verification-victoria-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-victoria-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-victoria-needed
Revision history for this message
Liam Young (gnuoy) wrote :

I have tested the package in groovy proposed (0.3.0-0ubuntu2) and it passed. I verified it by deploying the octavia charm and running its groovy victoria functional tests which create an ovn loadbalancer and check it is fuctional.

The log of the test run is here:

https://openstack-ci-reports.ubuntu.com/artifacts/test_charm_pipeline_func_smoke/openstack/charm-octavia/775364/4/22201/consoleText.test_charm_func_smoke_21480.txt

tags: added: verification-done-groovy
removed: verification-needed-groovy
Revision history for this message
Liam Young (gnuoy) wrote :

I have tested the package in victoria proposed (0.3.0-0ubuntu2) and it passed. I verified it by deploying the octavia charm and running its focal victoria functional tests which create an ovn loadbalancer and check it is functional.

The log of the test run is here:

https://openstack-ci-reports.ubuntu.com/artifacts/test_charm_pipeline_func_smoke/openstack/charm-octavia/775364/4/22201/consoleText.test_charm_func_smoke_21480.txt

tags: added: verification-victoria-done
removed: verification-victoria-needed
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for ovn-octavia-provider has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ovn-octavia-provider - 0.3.0-0ubuntu2

---------------
ovn-octavia-provider (0.3.0-0ubuntu2) groovy; urgency=medium

  [ Corey Bryant ]
  * d/gbp.conf: Create stable/victoria branch.

  [ Liam Young ]
  * d/p/fix-ovn-listeners.patch: Correctly process allowed_cidrs option
    when creating listeners (LP: #1896603).

 -- Liam Young <email address hidden> Wed, 27 Jan 2021 14:16:45 +0000

Changed in ovn-octavia-provider (Ubuntu Groovy):
status: Fix Committed → Fix Released
Revision history for this message
Corey Bryant (corey.bryant) wrote :

The verification of the Stable Release Update for ovn-octavia-provider has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

This bug was fixed in the package ovn-octavia-provider - 0.3.0-0ubuntu2~cloud0
---------------

 ovn-octavia-provider (0.3.0-0ubuntu2~cloud0) focal-victoria; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 ovn-octavia-provider (0.3.0-0ubuntu2) groovy; urgency=medium
 .
   [ Corey Bryant ]
   * d/gbp.conf: Create stable/victoria branch.
 .
   [ Liam Young ]
   * d/p/fix-ovn-listeners.patch: Correctly process allowed_cidrs option
     when creating listeners (LP: #1896603).

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/ovn-octavia-provider 1.0.0

This issue was fixed in the openstack/ovn-octavia-provider 1.0.0 release.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.