yahoo-eng-team team mailing list archive

Thread
Date
[Bug 1311804] Re: ip netns list starts without root_helper

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Kevin Benton <1311804@xxxxxxxxxxxxxxxxxx>
Date: Mon, 28 Jul 2014 19:43:03 -0000
Reply-to: Bug 1311804 <1311804@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug should not have been closed for neutron. The performance
argument is weak because this code is only called during interface
creation. The trade-off for a tiny bit of performance in infrequent code
for neutron completely breaking in some environments is unacceptable
IMO. This already wasted an afternoon on my part any I'm relatively
familiar with the neutron code. This would be nearly impossible to debug
for a deployer.

** Changed in: neutron
       Status: Invalid => Confirmed

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1311804

Title:
  ip netns list starts without root_helper

Status in Fuel: OpenStack installer that works:
  Invalid
Status in Fuel for OpenStack 4.1.x series:
  Invalid
Status in OpenStack Neutron (virtual network service):
  In Progress

Bug description:
  CENTOS 6.5
  Reproduced on typical Openstack installation in any segmentation type with one L3-agent.

  In ip_lib in IpNetnsComand losted root_helper.
  Without it L3 agent can't create interfaces inside network namespace, because in Centos 'ip netns list' returns empty list if start without root privileges.

  [root@node-2 ~]# uname -a
  Linux node-2.domain.tld 2.6.32-431.11.2.el6.x86_64 #1 SMP Tue Mar 25 19:59:55 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
  [root@node-2 ~]# ip netns list
  haproxy
  qrouter-b582586e-70e3-4a38-8b19-039f30ce87a9
  [root@node-2 ~]# su -m neutron -c 'ip netns list'
  [root@node-2 ~]#

  in the log below exception happens because namespace already exists
  (see full log in attach), but can't detected by ip netns list without
  root_wrapper.

  2014-04-23 16:15:44.760 28240 DEBUG neutron.agent.linux.utils [req-d0f812f6-d987-45f5-9cff-11f1fa52fed6 None] Running command: ['ip', '-o', 'netns', 'list'] create_process /
  usr/lib/python2.6/site-packages/neutron/agent/linux/utils.py:48
  2014-04-23 16:15:44.781 28240 DEBUG neutron.agent.linux.utils [req-d0f812f6-d987-45f5-9cff-11f1fa52fed6 None]
  Command: ['ip', '-o', 'netns', 'list']
  Exit code: 0
  Stdout: ''
  Stderr: '' execute /usr/lib/python2.6/site-packages/neutron/agent/linux/utils.py:74
  2014-04-23 16:15:44.782 28240 DEBUG neutron.agent.linux.utils [req-d0f812f6-d987-45f5-9cff-11f1fa52fed6 None] Running command: ['sudo', 'neutron-rootwrap', '/etc/neutron/roo
  twrap.conf', 'ip', 'netns', 'add', 'qrouter-b582586e-70e3-4a38-8b19-039f30ce87a9'] create_process /usr/lib/python2.6/site-packages/neutron/agent/linux/utils.py:48
  2014-04-23 16:15:44.864 28240 DEBUG neutron.agent.linux.utils [req-d0f812f6-d987-45f5-9cff-11f1fa52fed6 None]
  Command: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'add', 'qrouter-b582586e-70e3-4a38-8b19-039f30ce87a9']
  Exit code: 255
  Stdout: ''
  Stderr: 'Could not create /var/run/netns/qrouter-b582586e-70e3-4a38-8b19-039f30ce87a9: File exists\n' execute /usr/lib/python2.6/site-packages/neutron/agent/linux/utils.py:7
  4
  Traceback (most recent call last):
    File "/usr/lib/python2.6/site-packages/eventlet/greenpool.py", line 80, in _spawn_n_impl
      func(*args, **kwargs)
    File "/usr/lib/python2.6/site-packages/neutron/agent/l3_agent.py", line 438, in process_router
      p['ip_cidr'], p['mac_address'])
    File "/usr/lib/python2.6/site-packages/neutron/agent/l3_agent.py", line 707, in internal_network_added
      prefix=INTERNAL_DEV_PREFIX)
    File "/usr/lib/python2.6/site-packages/neutron/agent/linux/interface.py", line 195, in plug
      namespace_obj = ip.ensure_namespace(namespace)
    File "/usr/lib/python2.6/site-packages/neutron/agent/linux/ip_lib.py", line 136, in ensure_namespace
      ip = self.netns.add(name)
    File "/usr/lib/python2.6/site-packages/neutron/agent/linux/ip_lib.py", line 446, in add
      self._as_root('add', name, use_root_namespace=True)
    File "/usr/lib/python2.6/site-packages/neutron/agent/linux/ip_lib.py", line 217, in _as_root
      kwargs.get('use_root_namespace', False))
    File "/usr/lib/python2.6/site-packages/neutron/agent/linux/ip_lib.py", line 70, in _as_root
      namespace)
    File "/usr/lib/python2.6/site-packages/neutron/agent/linux/ip_lib.py", line 81, in _execute
      root_helper=root_helper)
    File "/usr/lib/python2.6/site-packages/neutron/agent/linux/utils.py", line 76, in execute
      raise RuntimeError(m)
  RuntimeError:
  Command: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'add', 'qrouter-b582586e-70e3-4a38-8b19-039f30ce87a9']
  Exit code: 255

To manage notifications about this bug go to:
https://bugs.launchpad.net/fuel/+bug/1311804/+subscriptions
References

[Bug 1311804] [NEW] ip netns list starts without root_helper
From: Sergey Vasilenko, 2014-04-23