yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #32384
[Bug 1448439] [NEW] fwaas iptables driver does not work with plugins without DVR support
Public bug reported:
fwaas iptables does not work with plugins without dvr extension support
because fwaas iptables expects router_info.router has "distributed"
attribute. The attribute is only populated when dvr extension is
supported. As the original intention, iptables firewall implemention
should work without dvr support.
-3614-4f0c-b112-2d06ce4c1511 for tenant 80ea3f02f2414ee89e520944a1da5a58) from (pid=15023) create_firewall /opt/stack/neutron-fwaas/neutron_fwaas/services/firewall/drivers/linux/iptables_fwaas.py:55
2015-04-25 18:36:30.838 ERROR neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas [req-732eb7ca-2d7c-4bb3-9265-f4633f197b06 demo 80ea3f02f2414ee89e520944a1da5a58] Failed to create firewall:
35021da7-3614-4f0c-b112-2d06ce4c1511
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas Traceback (most recent call last):
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas File "/opt/stack/neutron-fwaas/neutron_fwaas/services/firewall/drivers/linux/iptables_fwaas.py", line 58,
in create_firewall
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas self._setup_firewall(agent_mode, apply_list, firewall)
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas File "/opt/stack/neutron-fwaas/neutron_fwaas/services/firewall/drivers/linux/iptables_fwaas.py", line 153
, in _setup_firewall
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas agent_mode, router_info)
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas File "/opt/stack/neutron-fwaas/neutron_fwaas/services/firewall/drivers/linux/iptables_fwaas.py", line 76,
in _get_ipt_mgrs_with_if_prefix
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas if not router_info.router['distributed']:
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas KeyError: 'distributed'
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas
2015-04-25 18:36:30.839 ERROR neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent [req-732eb7ca-2d7c-4bb3-9265-f4633f197b06 demo 80ea3f02f2414ee89e520944a1da5a58] Firewall Driver Er
ror for create_firewall for firewall: 35021da7-3614-4f0c-b112-2d06ce4c1511
** Affects: neutron
Importance: High
Assignee: Akihiro Motoki (amotoki)
Status: In Progress
** Tags: kilo-backport-potential
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1448439
Title:
fwaas iptables driver does not work with plugins without DVR support
Status in OpenStack Neutron (virtual network service):
In Progress
Bug description:
fwaas iptables does not work with plugins without dvr extension
support because fwaas iptables expects router_info.router has
"distributed" attribute. The attribute is only populated when dvr
extension is supported. As the original intention, iptables firewall
implemention should work without dvr support.
-3614-4f0c-b112-2d06ce4c1511 for tenant 80ea3f02f2414ee89e520944a1da5a58) from (pid=15023) create_firewall /opt/stack/neutron-fwaas/neutron_fwaas/services/firewall/drivers/linux/iptables_fwaas.py:55
2015-04-25 18:36:30.838 ERROR neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas [req-732eb7ca-2d7c-4bb3-9265-f4633f197b06 demo 80ea3f02f2414ee89e520944a1da5a58] Failed to create firewall:
35021da7-3614-4f0c-b112-2d06ce4c1511
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas Traceback (most recent call last):
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas File "/opt/stack/neutron-fwaas/neutron_fwaas/services/firewall/drivers/linux/iptables_fwaas.py", line 58,
in create_firewall
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas self._setup_firewall(agent_mode, apply_list, firewall)
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas File "/opt/stack/neutron-fwaas/neutron_fwaas/services/firewall/drivers/linux/iptables_fwaas.py", line 153
, in _setup_firewall
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas agent_mode, router_info)
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas File "/opt/stack/neutron-fwaas/neutron_fwaas/services/firewall/drivers/linux/iptables_fwaas.py", line 76,
in _get_ipt_mgrs_with_if_prefix
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas if not router_info.router['distributed']:
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas KeyError: 'distributed'
2015-04-25 18:36:30.838 TRACE neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas
2015-04-25 18:36:30.839 ERROR neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent [req-732eb7ca-2d7c-4bb3-9265-f4633f197b06 demo 80ea3f02f2414ee89e520944a1da5a58] Firewall Driver Er
ror for create_firewall for firewall: 35021da7-3614-4f0c-b112-2d06ce4c1511
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1448439/+subscriptions
Follow ups
References
