yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1348812] [NEW] l3 agent not using root_helper to check namespace

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Kevin Benton <1348812@xxxxxxxxxxxxxxxxxx>
Date: Fri, 25 Jul 2014 21:09:39 -0000
Reply-to: Bug 1348812 <1348812@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

The L3 agent is not using the root helper when checking to see that a
namespace already exists. This causes it get no listed namespaces if
using an unprivileged account and try to create a duplicate namespace,
which then fails because it already exists and raises a runtime error
like the one below.


Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/eventlet/greenpool.py", line 80, in _spawn_n_impl
    func(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/neutron/agent/l3_agent.py", line 434, in process_router
    p['ip_cidr'], p['mac_address'])
  File "/usr/lib/python2.7/dist-packages/neutron/agent/l3_agent.py", line 710, in internal_network_added
    prefix=INTERNAL_DEV_PREFIX)
  File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/interface.py", line 195, in plug
    namespace_obj = ip.ensure_namespace(namespace)
  File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 137, in ensure_namespace
    ip = self.netns.add(name)
  File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 447, in add
    self._as_root('add', name, use_root_namespace=True)
  File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 218, in _as_root
    kwargs.get('use_root_namespace', False))
  File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 71, in _as_root
    namespace)
  File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 82, in _execute
    root_helper=root_helper)
  File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/utils.py", line 76, in execute
    raise RuntimeError(m)
RuntimeError:
Command: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'add', 'qrouter-d24d57d0-2155-4011-80d4-f4dbd382c897']
Exit code: 1
Stdout: ''
Stderr: 'Could not create /var/run/netns/qrouter-d24d57d0-2155-4011-80d4-f4dbd382c897: File exists\n'

** Affects: neutron
     Importance: Undecided
     Assignee: Kevin Benton (kevinbenton)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => Kevin Benton (kevinbenton)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1348812

Title:
  l3 agent not using root_helper to check namespace

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  The L3 agent is not using the root helper when checking to see that a
  namespace already exists. This causes it get no listed namespaces if
  using an unprivileged account and try to create a duplicate namespace,
  which then fails because it already exists and raises a runtime error
  like the one below.

  
  Traceback (most recent call last):
    File "/usr/lib/python2.7/dist-packages/eventlet/greenpool.py", line 80, in _spawn_n_impl
      func(*args, **kwargs)
    File "/usr/lib/python2.7/dist-packages/neutron/agent/l3_agent.py", line 434, in process_router
      p['ip_cidr'], p['mac_address'])
    File "/usr/lib/python2.7/dist-packages/neutron/agent/l3_agent.py", line 710, in internal_network_added
      prefix=INTERNAL_DEV_PREFIX)
    File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/interface.py", line 195, in plug
      namespace_obj = ip.ensure_namespace(namespace)
    File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 137, in ensure_namespace
      ip = self.netns.add(name)
    File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 447, in add
      self._as_root('add', name, use_root_namespace=True)
    File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 218, in _as_root
      kwargs.get('use_root_namespace', False))
    File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 71, in _as_root
      namespace)
    File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/ip_lib.py", line 82, in _execute
      root_helper=root_helper)
    File "/usr/lib/python2.7/dist-packages/neutron/agent/linux/utils.py", line 76, in execute
      raise RuntimeError(m)
  RuntimeError:
  Command: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'add', 'qrouter-d24d57d0-2155-4011-80d4-f4dbd382c897']
  Exit code: 1
  Stdout: ''
  Stderr: 'Could not create /var/run/netns/qrouter-d24d57d0-2155-4011-80d4-f4dbd382c897: File exists\n'

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1348812/+subscriptions

Follow ups

[Bug 1348812] Re: l3 agent not using root_helper to check namespace
From: Kevin Benton, 2014-07-28
[Bug 1348812] [NEW] l3 agent not using root_helper to check namespace
From: Kevin Benton, 2014-07-25

References

[Bug 1348812] [NEW] l3 agent not using root_helper to check namespace
From: Kevin Benton, 2014-07-25