yahoo-eng-team team mailing list archive

Thread
Date
[Bug 1284718] Re: interface-attach to external network a) works and b) results in undeletable instances

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1284718@xxxxxxxxxxxxxxxxxx>
Date: Tue, 08 Apr 2014 08:52:03 -0000
Reply-to: Bug 1284718 <1284718@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Reviewed:  https://review.openstack.org/85823
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=da66d50010d5b1ba1d7fc9c3d59d81b6c01bb0b0
Submitter: Jenkins
Branch:    milestone-proposed

commit da66d50010d5b1ba1d7fc9c3d59d81b6c01bb0b0
Author: Salvatore Orlando <salv.orlando@xxxxxxxxx>
Date:   Thu Apr 3 14:54:11 2014 -0700

    Require admin context for interfaces on ext network
    
    Currently any user can attach an interface to a neutron
    external network, if the neutron plugin supports the port
    binding extension.
    In this case, nova will create neutron ports using the admin
    client, thus bypassing neutron authZ checks for creating ports
    on external networks.
    
    This patch adds a check in nova to verify the API request has an
    admin context when a request for an interface is made on a
    neutron external network.
    
    Change-Id: I5fb0bdcbf19eb82746ea3b192c1f65899bfb3c0b
    Closes-Bug: 1284718
    (cherry picked from commit 7d1b4117fda7709307a35e56625cfa7709a6b795)


** Changed in: nova
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1284718

Title:
  interface-attach to external network a) works and b) results in
  undeletable instances

Status in OpenStack Compute (Nova):
  Fix Released
Status in OpenStack Security Advisories:
  Invalid
Status in “neutron” package in Ubuntu:
  New
Status in “nova” package in Ubuntu:
  New

Bug description:
  2013.2.1 release of OpenStack, Neutron OVS plugin.

  Users where able to add interfaces using the 'nova interface-attach'
  command to the external network definition within the OpenStack
  deployment.  This appears to work and the ports are listed in nova
  port-list <uuid>.  However when deleting these instances, nova-compute
  throws the following error; its also not possible to delete the
  offending ports from the user tenant; this has to be done from an
  admin tenant:

  neutron port-delete <port>
  nova delete <uuid>

  2014-02-25 13:03:57.639 40614 ERROR nova.openstack.common.rpc.amqp [req-fb76503b-fad2-4ead-bae5-18c870c7a419 4dc76d7ddf8349b7bf63791a3cd4d024 79699f6f71e245b186720f1e2bc03cf0] Exception during message handling
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp Traceback (most recent call last):
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/openstack/common/rpc/amqp.py", line 461, in _process_data
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     **args)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/openstack/common/rpc/dispatcher.py", line 172, in dispatch
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     result = getattr(proxyobj, method)(ctxt, **kwargs)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 353, in decorated_function
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     return function(self, context, *args, **kwargs)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/exception.py", line 90, in wrapped
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     payload)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/exception.py", line 73, in wrapped
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     return f(self, context, *args, **kw)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 243, in decorated_function
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     pass
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 229, in decorated_function
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     return function(self, context, *args, **kwargs)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 294, in decorated_function
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     function(self, context, *args, **kwargs)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 271, in decorated_function
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     e, sys.exc_info())
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 258, in decorated_function
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     return function(self, context, *args, **kwargs)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1802, in terminate_instance
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     do_terminate_instance(instance, bdms)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/openstack/common/lockutils.py", line 246, in inner
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     return f(*args, **kwargs)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1794, in do_terminate_instance
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     reservations=reservations)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/hooks.py", line 105, in inner
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     rv = f(*args, **kwargs)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1767, in _delete_instance
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     user_id=user_id)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1739, in _delete_instance
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     self._shutdown_instance(context, db_inst, bdms)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 1649, in _shutdown_instance
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     network_info = self._get_instance_nw_info(context, instance)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/compute/manager.py", line 876, in _get_instance_nw_info
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     instance)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/network/api.py", line 49, in wrapper
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     res = f(self, context, *args, **kwargs)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/network/neutronv2/api.py", line 456, in get_instance_nw_info
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     result = self._get_instance_nw_info(context, instance, networks)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/network/neutronv2/api.py", line 465, in _get_instance_nw_info
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     nw_info = self._build_network_info_model(context, instance, networks)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/network/neutronv2/api.py", line 1011, in _build_network_info_model
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     subnets)
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp   File "/usr/lib/python2.7/dist-packages/nova/network/neutronv2/api.py", line 964, in _nw_info_build_network
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp     label=network_name,
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp UnboundLocalError: local variable 'network_name' referenced before assignment
  2014-02-25 13:03:57.639 40614 TRACE nova.openstack.common.rpc.amqp

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1284718/+subscriptions
References

[Bug 1284718] [NEW] interface-attach to shared external network a) works and b) results in undeletable instances
From: James Page, 2014-02-25