yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1564335] Re: [Pluggable IPAM] delete subnet in ml2 plugin does not comply with pluggable ipam (deletes ip allocations directly from db)

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1564335@xxxxxxxxxxxxxxxxxx>
Date: Fri, 22 Jul 2016 23:17:00 -0000
Reply-to: Bug 1564335 <1564335@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.openstack.org/323345
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=dc19411ebf2cab7075dd5abe809797fb7253757c
Submitter: Jenkins
Branch:    master

commit dc19411ebf2cab7075dd5abe809797fb7253757c
Author: Pavel Bondar <pbondar@xxxxxxxxxxxx>
Date:   Tue May 31 15:12:00 2016 +0300

    Allow auto-addressed ips deletion on port update
    
    By default ips for auto-addressed subnets can not be removed from port
    using port_update workflow. But during subnet_delete it has to be done
    via update_port to make sure that ipam drivers received appropriate call
    to deallocate ip addresses prior to subnet deletion.
    
    'fixed_ips' property is tweeked to allow deletion ips from
    auto-addressed subnet. 'delete_subnet' boolean is added to mark subnet
    that is going to be deleted. This flag is analysed in
    _get_changed_ips_for_port to skip re-adding slaac subnets for the port.
    
    Closes-Bug: #1564335
    Change-Id: Iec171efe8b64f8a6dc6cb003b97c11667c5e0048


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1564335

Title:
   [Pluggable IPAM] delete subnet in ml2 plugin does not comply with
  pluggable ipam (deletes ip allocations directly from db)

Status in neutron:
  Fix Released

Bug description:
  In ml2 plugin delete_subnet workflow  ip allocations get deleted [1] directly from database (IPAllocation model).
  It conflicts with expected workflow for pluggable ipam because ipam driver in this case is not aware of ip deallocation event.

  There is a call to update_port [2] but looks like it never worked
  correctly because by the time this code is called ip address is
  already removed from database by [1]. So calling update_port in this
  case does not trigger correct deallocate event to ipam driver.

  For reference ipam driver this issue is not visible, because right
  after deleting ips directly from db ipam.delete_subnet is called.
  Deleting ipam subnet cleans up all undeleted ip allocations by FK. And
  this is the reason why it was not seen until now.

  But issue can affect third-party ipam provides. Here is the scenario where it was found (Infoblox IPAM driver):
  There is a subnet shared between OpenStack and other applications.
  On attempt to delete such subnet ipam provider skips subnet deletion, since it is used by other applications,
  but all ports allocated by neutron for this subnet are expected to be deallocated at this point.
  Observed that dhcp port is left in allocated state on ipam provider side, because ipam driver did not receive deallocate ip address call.

  Proper way to deallocate ip before subnet deletion is to use
  update_port for each ip deallocation instead of deleting ip
  allocations directly from database.

  [1] https://github.com/openstack/neutron/blob/98c93a050b56bb5425d0b18456a20cf35a4ff449/neutron/plugins/ml2/plugin.py#L960
  [2] https://github.com/openstack/neutron/blob/98c93a050b56bb5425d0b18456a20cf35a4ff449/neutron/plugins/ml2/plugin.py#L1020

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1564335/+subscriptions

References

[Bug 1564335] [NEW] [Pluggable IPAM] delete subnet in ml2 plugin does not comply with pluggable ipam (deletes ip allocations directly from db)
From: Pavel Bondar, 2016-03-31