yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #27369
[Bug 1415835] [NEW] VM boot is broken with providing port-id from Neutron
Public bug reported:
Commit https://review.openstack.org/#/c/124059/ has introduced bug,
where Nova can not boot VM.
Steps to reproduce:
1) Create port in Neutron
2) Boot Vm without security group, but with port:
nova --debug boot tt --image=25a15f92-6bbe-43d6-8da5-b015966a4bd1
--flavor=100 --nic port-id=01e02c22-6ea3-4fe6-8cfe-407a06b634a0
...
REQ: curl -i
'http://172.18.198.52:8774/v2/35b86f321c03497fbfa1c0fdf98a3426/servers'
-X POST -H "Accept: application/json" -H "Content-Type:
application/json" -H "User-Agent: python-novaclient" -H "X-Auth-Project-
Id: demo" -H "X-Auth-Token:
{SHA1}696ac31a35c12934a64485459b0a95a48a9ab4dd" -d '{"server": {"name":
"tt", "imageRef": "25a15f92-6bbe-43d6-8da5-b015966a4bd1", "flavorRef":
"100", "max_count": 1, "min_count": 1, "networks": [{"port":
"01e02c22-6ea3-4fe6-8cfe-407a06b634a0"}]}}'
...
Trace as a result:
2015-01-29 12:14:03.338 ERROR nova.compute.manager [-] Instance failed network setup after 1 attempt(s)
2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last):
2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
2015-01-29 12:14:03.338 TRACE nova.compute.manager dhcp_options=dhcp_options)
2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
2015-01-29 12:14:03.338 TRACE nova.compute.manager raise exception.SecurityGroupNotAllowedTogetherWithPort()
2015-01-29 12:14:03.338 TRACE nova.compute.manager SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
2015-01-29 12:14:03.338 TRACE nova.compute.manager
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/poll.py", line 115, in wait
listener.cb(fileno)
File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
result = function(*args, **kwargs)
File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
dhcp_options=dhcp_options)
File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
raise exception.SecurityGroupNotAllowedTogetherWithPort()
SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
Removing descriptor: 19
2015-01-29 12:14:03.529 DEB
2015-01-29 12:14:03.710 INFO nova.virt.libvirt.driver [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Using config drive
2015-01-29 12:14:03.763 ERROR nova.compute.manager [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Instance failed to spawn
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Traceback (most recent call last):
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2303, in _build_resources
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] yield resources
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2173, in _build_and_run_instance
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] flavor=flavor)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2309, in spawn
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] admin_pass=admin_password)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2783, in _create_image
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] content=files, extra_md=extra_md, network_info=network_info)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/metadata/base.py", line 159, in __init__
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] ec2utils.get_ip_info_for_instance_from_nw_info(network_info)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/ec2/ec2utils.py", line 152, in get_ip_info_for_instance_from_nw_info
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] fixed_ips = nw_info.fixed_ips()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 450, in _sync_wrapper
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 482, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self[:] = self._gt.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] return self._exit_event.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] current.throw(*self._exc)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] result = function(*args, **kwargs)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] dhcp_options=dhcp_options)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] raise exception.SecurityGroupNotAllowedTogetherWithPort()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800]
Reason of bug - Nova raises error in case security group is provided.
And it is always provided, because Nova pushes in "default" security
group in case None is provided with request, see:
https://github.com/openstack/nova/blob/37af08116249dee64a7d688b06fff509422911ac/nova/api/openstack/compute/servers.py#L515
** Affects: nova
Importance: Undecided
Status: New
** Description changed:
Commit https://review.openstack.org/#/c/124059/ has introduced bug,
where Nova can not boot VM.
Steps to reproduce:
1) Create port in Neutron
- 2) Boot Vm without security group:
+ 2) Boot Vm without security group, but with port:
nova --debug boot tt --image=25a15f92-6bbe-43d6-8da5-b015966a4bd1
--flavor=100 --nic port-id=01e02c22-6ea3-4fe6-8cfe-407a06b634a0
...
REQ: curl -i
'http://172.18.198.52:8774/v2/35b86f321c03497fbfa1c0fdf98a3426/servers'
-X POST -H "Accept: application/json" -H "Content-Type:
application/json" -H "User-Agent: python-novaclient" -H "X-Auth-Project-
Id: demo" -H "X-Auth-Token:
{SHA1}696ac31a35c12934a64485459b0a95a48a9ab4dd" -d '{"server": {"name":
"tt", "imageRef": "25a15f92-6bbe-43d6-8da5-b015966a4bd1", "flavorRef":
"100", "max_count": 1, "min_count": 1, "networks": [{"port":
"01e02c22-6ea3-4fe6-8cfe-407a06b634a0"}]}}'
...
Trace as a result:
2015-01-29 12:14:03.338 ERROR nova.compute.manager [-] Instance failed network setup after 1 attempt(s)
2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last):
2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
2015-01-29 12:14:03.338 TRACE nova.compute.manager dhcp_options=dhcp_options)
2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
2015-01-29 12:14:03.338 TRACE nova.compute.manager raise exception.SecurityGroupNotAllowedTogetherWithPort()
2015-01-29 12:14:03.338 TRACE nova.compute.manager SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
- 2015-01-29 12:14:03.338 TRACE nova.compute.manager
+ 2015-01-29 12:14:03.338 TRACE nova.compute.manager
Traceback (most recent call last):
- File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/poll.py", line 115, in wait
- listener.cb(fileno)
- File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
- result = function(*args, **kwargs)
- File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
- dhcp_options=dhcp_options)
- File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
- raise exception.SecurityGroupNotAllowedTogetherWithPort()
+ File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/poll.py", line 115, in wait
+ listener.cb(fileno)
+ File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
+ result = function(*args, **kwargs)
+ File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
+ dhcp_options=dhcp_options)
+ File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
+ raise exception.SecurityGroupNotAllowedTogetherWithPort()
SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
Removing descriptor: 19
2015-01-29 12:14:03.529 DEB
-
2015-01-29 12:14:03.710 INFO nova.virt.libvirt.driver [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Using config drive
2015-01-29 12:14:03.763 ERROR nova.compute.manager [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Instance failed to spawn
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Traceback (most recent call last):
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2303, in _build_resources
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] yield resources
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2173, in _build_and_run_instance
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] flavor=flavor)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2309, in spawn
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] admin_pass=admin_password)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2783, in _create_image
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] content=files, extra_md=extra_md, network_info=network_info)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/metadata/base.py", line 159, in __init__
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] ec2utils.get_ip_info_for_instance_from_nw_info(network_info)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/ec2/ec2utils.py", line 152, in get_ip_info_for_instance_from_nw_info
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] fixed_ips = nw_info.fixed_ips()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 450, in _sync_wrapper
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 482, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self[:] = self._gt.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] return self._exit_event.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] current.throw(*self._exc)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] result = function(*args, **kwargs)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] dhcp_options=dhcp_options)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] raise exception.SecurityGroupNotAllowedTogetherWithPort()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
- 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800]
+ 2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800]
Reason of bug - Nova raises error in case security group is provided.
And it is always provided, because nova pushes default security group is
None is provided with request, see:
https://github.com/openstack/nova/blob/37af08116249dee64a7d688b06fff509422911ac/nova/api/openstack/compute/servers.py#L515
** Description changed:
Commit https://review.openstack.org/#/c/124059/ has introduced bug,
where Nova can not boot VM.
Steps to reproduce:
1) Create port in Neutron
2) Boot Vm without security group, but with port:
nova --debug boot tt --image=25a15f92-6bbe-43d6-8da5-b015966a4bd1
--flavor=100 --nic port-id=01e02c22-6ea3-4fe6-8cfe-407a06b634a0
...
REQ: curl -i
'http://172.18.198.52:8774/v2/35b86f321c03497fbfa1c0fdf98a3426/servers'
-X POST -H "Accept: application/json" -H "Content-Type:
application/json" -H "User-Agent: python-novaclient" -H "X-Auth-Project-
Id: demo" -H "X-Auth-Token:
{SHA1}696ac31a35c12934a64485459b0a95a48a9ab4dd" -d '{"server": {"name":
"tt", "imageRef": "25a15f92-6bbe-43d6-8da5-b015966a4bd1", "flavorRef":
"100", "max_count": 1, "min_count": 1, "networks": [{"port":
"01e02c22-6ea3-4fe6-8cfe-407a06b634a0"}]}}'
...
Trace as a result:
2015-01-29 12:14:03.338 ERROR nova.compute.manager [-] Instance failed network setup after 1 attempt(s)
2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last):
2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
2015-01-29 12:14:03.338 TRACE nova.compute.manager dhcp_options=dhcp_options)
2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
2015-01-29 12:14:03.338 TRACE nova.compute.manager raise exception.SecurityGroupNotAllowedTogetherWithPort()
2015-01-29 12:14:03.338 TRACE nova.compute.manager SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
2015-01-29 12:14:03.338 TRACE nova.compute.manager
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/poll.py", line 115, in wait
listener.cb(fileno)
File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
result = function(*args, **kwargs)
File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
dhcp_options=dhcp_options)
File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
raise exception.SecurityGroupNotAllowedTogetherWithPort()
SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
Removing descriptor: 19
2015-01-29 12:14:03.529 DEB
2015-01-29 12:14:03.710 INFO nova.virt.libvirt.driver [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Using config drive
2015-01-29 12:14:03.763 ERROR nova.compute.manager [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Instance failed to spawn
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Traceback (most recent call last):
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2303, in _build_resources
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] yield resources
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2173, in _build_and_run_instance
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] flavor=flavor)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2309, in spawn
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] admin_pass=admin_password)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2783, in _create_image
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] content=files, extra_md=extra_md, network_info=network_info)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/metadata/base.py", line 159, in __init__
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] ec2utils.get_ip_info_for_instance_from_nw_info(network_info)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/ec2/ec2utils.py", line 152, in get_ip_info_for_instance_from_nw_info
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] fixed_ips = nw_info.fixed_ips()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 450, in _sync_wrapper
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 482, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self[:] = self._gt.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] return self._exit_event.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] current.throw(*self._exc)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] result = function(*args, **kwargs)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] dhcp_options=dhcp_options)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] raise exception.SecurityGroupNotAllowedTogetherWithPort()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800]
Reason of bug - Nova raises error in case security group is provided.
- And it is always provided, because nova pushes default security group is
- None is provided with request, see:
+ And it is always provided, because Nova pushes in "default" security
+ group in case None is provided with request, see:
https://github.com/openstack/nova/blob/37af08116249dee64a7d688b06fff509422911ac/nova/api/openstack/compute/servers.py#L515
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1415835
Title:
VM boot is broken with providing port-id from Neutron
Status in OpenStack Compute (Nova):
New
Bug description:
Commit https://review.openstack.org/#/c/124059/ has introduced bug,
where Nova can not boot VM.
Steps to reproduce:
1) Create port in Neutron
2) Boot Vm without security group, but with port:
nova --debug boot tt --image=25a15f92-6bbe-43d6-8da5-b015966a4bd1
--flavor=100 --nic port-id=01e02c22-6ea3-4fe6-8cfe-407a06b634a0
...
REQ: curl -i
'http://172.18.198.52:8774/v2/35b86f321c03497fbfa1c0fdf98a3426/servers'
-X POST -H "Accept: application/json" -H "Content-Type:
application/json" -H "User-Agent: python-novaclient" -H "X-Auth-
Project-Id: demo" -H "X-Auth-Token:
{SHA1}696ac31a35c12934a64485459b0a95a48a9ab4dd" -d '{"server":
{"name": "tt", "imageRef": "25a15f92-6bbe-43d6-8da5-b015966a4bd1",
"flavorRef": "100", "max_count": 1, "min_count": 1, "networks":
[{"port": "01e02c22-6ea3-4fe6-8cfe-407a06b634a0"}]}}'
...
Trace as a result:
2015-01-29 12:14:03.338 ERROR nova.compute.manager [-] Instance failed network setup after 1 attempt(s)
2015-01-29 12:14:03.338 TRACE nova.compute.manager Traceback (most recent call last):
2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
2015-01-29 12:14:03.338 TRACE nova.compute.manager dhcp_options=dhcp_options)
2015-01-29 12:14:03.338 TRACE nova.compute.manager File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
2015-01-29 12:14:03.338 TRACE nova.compute.manager raise exception.SecurityGroupNotAllowedTogetherWithPort()
2015-01-29 12:14:03.338 TRACE nova.compute.manager SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
2015-01-29 12:14:03.338 TRACE nova.compute.manager
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/eventlet/hubs/poll.py", line 115, in wait
listener.cb(fileno)
File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
result = function(*args, **kwargs)
File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
dhcp_options=dhcp_options)
File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
raise exception.SecurityGroupNotAllowedTogetherWithPort()
SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
Removing descriptor: 19
2015-01-29 12:14:03.529 DEB
2015-01-29 12:14:03.710 INFO nova.virt.libvirt.driver [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Using config drive
2015-01-29 12:14:03.763 ERROR nova.compute.manager [-] [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Instance failed to spawn
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] Traceback (most recent call last):
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2303, in _build_resources
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] yield resources
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 2173, in _build_and_run_instance
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] flavor=flavor)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2309, in spawn
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] admin_pass=admin_password)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/virt/libvirt/driver.py", line 2783, in _create_image
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] content=files, extra_md=extra_md, network_info=network_info)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/metadata/base.py", line 159, in __init__
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] ec2utils.get_ip_info_for_instance_from_nw_info(network_info)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/api/ec2/ec2utils.py", line 152, in get_ip_info_for_instance_from_nw_info
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] fixed_ips = nw_info.fixed_ips()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 450, in _sync_wrapper
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/model.py", line 482, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] self[:] = self._gt.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 175, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] return self._exit_event.wait()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/event.py", line 125, in wait
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] current.throw(*self._exc)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py", line 214, in main
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] result = function(*args, **kwargs)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/compute/manager.py", line 1677, in _allocate_network_async
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] dhcp_options=dhcp_options)
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] File "/opt/stack/nova/nova/network/neutronv2/api.py", line 457, in allocate_for_instance
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] raise exception.SecurityGroupNotAllowedTogetherWithPort()
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800] SecurityGroupNotAllowedTogetherWithPort: It's not allowed to specify security groups if port_id is provided on instance boot. Neutron should be used to configure security groups on port.
2015-01-29 12:14:03.763 TRACE nova.compute.manager [instance: c4892579-e32b-44ca-b8c7-72f3e04c6800]
Reason of bug - Nova raises error in case security group is provided.
And it is always provided, because Nova pushes in "default" security
group in case None is provided with request, see:
https://github.com/openstack/nova/blob/37af08116249dee64a7d688b06fff509422911ac/nova/api/openstack/compute/servers.py#L515
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1415835/+subscriptions
Follow ups
References
