← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #42841

[Bug 1203611] Re: The default configuration "use_ipv6=True" in IptablesFirewallDriver cause the error when some OS release block ipv6 module

  Thread PreviousDate PreviousThread Next 
[Expired for neutron because there has been no activity for 60 days.]

** Changed in: neutron
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1203611

Title:
  The default configuration "use_ipv6=True" in IptablesFirewallDriver
  cause the error when some OS release block ipv6 module

Status in neutron:
  Expired

Bug description:
  Some OS release prevent(blacklist) ipv6 module from loading as default, like rhel6.4 I used, 
  $ cat /etc/modprobe.d/disable-ipv6.conf 
  install ipv6 /bin/true
  blacklist ipv6
  install ip6_tables /bin/true
  blacklist ip6_tables

  but IptablesFirewallDriver use "use_ipv6=True" as default configuration
  class IptablesFirewallDriver(firewall.FirewallDriver):
      def __init__(self):
          self.iptables = iptables_manager.IptablesManager(
              root_helper=cfg.CONF.AGENT.root_helper,
              use_ipv6=True)
          # list of port which has security group
          self.filtered_ports = {}
          self._add_fallback_chain_v4v6()

  So it throws the following errors when booting quantum-openvswitch-agent process, 
  and I think it doesn't make sense to set the variable use_ipv6=True  because maybe some users don't want to use ipv6 feature.

  enstack/neutron/neutron/agent/linux/utils.py:59
  2013-07-18 18:41:56.322 4710 DEBUG neutron.openstack.common.lockutils [-] Released file lock "iptables" at /bak/openstack/data/neutron/lock/neutron-iptables for method "_apply"... inner /bak/openstack/neutron/neutron/openstack/common/lockutils.py:239
  2013-07-18 18:41:56.322 4710 ERROR neutron.plugins.openvswitch.agent.ovs_neutron_agent [-] Error in agent event loop
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent Traceback (most recent call last):
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py", line 748, in rpc_loop
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     sync = self.process_network_ports(port_info)
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py", line 696, in process_network_ports
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     resync_a = self.treat_devices_added(port_info['added'])
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py", line 641, in treat_devices_added
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     self.sg_agent.prepare_devices_filter(devices)
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/agent/securitygroups_rpc.py", line 111, in prepare_devices_filter
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     self.firewall.prepare_port_filter(device)
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/usr/lib64/python2.6/contextlib.py", line 23, in __exit__
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     self.gen.next()
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/agent/firewall.py", line 107, in defer_apply
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     self.filter_defer_apply_off()
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/agent/linux/iptables_firewall.py", line 313, in filter_defer_apply_off
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     self.iptables.defer_apply_off()
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/agent/linux/iptables_manager.py", line 329, in defer_apply_off
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     self._apply()
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/openstack/common/lockutils.py", line 233, in inner
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     retval = f(*args, **kwargs)
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/agent/linux/iptables_manager.py", line 365, in _apply
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     root_helper=self.root_helper)
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent   File "/bak/openstack/neutron/neutron/agent/linux/utils.py", line 61, in execute
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent     raise RuntimeError(m)
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent RuntimeError: 
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip6tables-restore', '-c']
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent Exit code: 2
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent Stdout: ''
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent Stderr: "ip6tables-restore v1.4.7: ip6tables-restore: unable to initialize table 'filter'\n\nError occurred at line: 2\nTry `ip6tables-restore -h' or 'ip6tables-restore --help' for more information.\n"
  2013-07-18 18:41:56.322 4710 TRACE neutron.plugins.openvswitch.agent.ovs_neutron_agent 

  
  RuntimeError: 
  Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip6tables-restore', '-c']
  Exit code: 2
  Stdout: ''
  Stderr: "ip6tables-restore v1.4.7: ip6tables-restore: unable to initialize table 'filter'\n\nError occurred at line: 2\nTry `ip6tables-restore -h' or 'ip6tables-restore --help' for more information.\n"

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1203611/+subscriptions
  Thread PreviousDate PreviousThread Next