yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1489690] Re: neutron-openvswitch-agent leak sg iptables rules

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1489690@xxxxxxxxxxxxxxxxxx>
Date: Sat, 06 Feb 2016 04:17:54 -0000
Reply-to: Bug 1489690 <1489690@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

[Expired for neutron because there has been no activity for 60 days.]

** Changed in: neutron
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1489690

Title:
  neutron-openvswitch-agent leak sg iptables rules

Status in neutron:
  Expired

Bug description:
  In function 'treat_devices_added_or_updated', port not exist at 'br-
  int' will be added into 'skipped_devices', and return to parent
  function 'process_network_ports', and 'process_network_ports' will
  remove these ports from port_info['current'].

  If a port updated due to security group changing, and the port deleted
  just in function 'treat_devices_added_or_updated', so the port aded
  into 'skipped_devices', then it removed from port_info['current'].
  When next 'scan_port', the port not in 'registered_ports', so it not
  added into port_info['removed'], it's chains and rules will never been
  removed. These waste chains and rules stay in iptables util ovs-agent
  restart or compute node restart.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1489690/+subscriptions

References

[Bug 1489690] [NEW] neutron-openvswitch-agent leak sg iptables rules
From: Zhangqi Chen, 2015-08-28