yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1753540] Re: When isolated metadata is enabled, metadata proxy doesn't get automatically started/stopped when needed

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1753540@xxxxxxxxxxxxxxxxxx>
Date: Wed, 07 Mar 2018 19:23:03 -0000
Reply-to: Bug 1753540 <1753540@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.openstack.org/549822
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=9362d4f1f21df2a27c818bb0c2918241eb67e3d0
Submitter: Zuul
Branch:    master

commit 9362d4f1f21df2a27c818bb0c2918241eb67e3d0
Author: Daniel Alvarez <dalvarez@xxxxxxxxxx>
Date:   Mon Mar 5 18:05:54 2018 +0100

    Spawn/stop metadata proxies upon adding/deleting router interfaces
    
    When a network becomes isolated and isolated_metadata_enabled=True, the DHCP
    agent won't spawn the required metadata proxy instance unless the agent gets
    restarted. Similarly, it won't stop them when the network is no longer
    isolated.
    
    This patch fixes it by updating the isolated metadata proxy on port_update_end
    and port_delete_end methods which are invoked every time a router interface
    port is added, updated or deleted.
    
    Change-Id: I5c197a5755135357c6465dfe4803019a2ad52c14
    Closes-Bug: #1753540
    Signed-off-by: Daniel Alvarez <dalvarez@xxxxxxxxxx>


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1753540

Title:
  When isolated metadata is enabled, metadata proxy doesn't get
  automatically started/stopped when needed

Status in neutron:
  Fix Released

Bug description:
  When enabled_isolated_metadata option is set to True in DHCP agent
  configuration, the metadata proxy instances won't get started
  dynamically when the network gets isolated. Similarly, when a subnet
  is added to the router, they don't get stopped if they were already
  running.

  100% reproducible:

  With enable_isolated_metadata=True:

  1. Create a network, a subnet and a router.
  2. Check that there's a proxy instance running in the DHCP namespace for this network:

  neutron   800009       1  0 17:01 ?        00:00:00 haproxy -f
  /var/lib/neutron/ns-metadata-
  proxy/9d1c7905-a887-419a-a885-9b07c20c2012.conf

  3. Attach the subnet to the router.
  4. Verify that the proxy instance is still running.
  5. Restart DHCP agent
  6. Verify that the proxy instance went away (since the network is not isolated).
  7. Remove the subnet from the router.
  8. Verify that the proxy instance has not been spawned.

  At this point, booting any VM on the network will fail since it won't be able to fetch metadata.
  However, any update on the network/subnet will trigger the agent to refresh the status of the isolated metadata proxy:

  For example: openstack network set <net_uuid> --name foo 
  would trigger that DHCP agent spawns the proxy for that network.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1753540/+subscriptions

References

[Bug 1753540] [NEW] When isolated/force metadata is enabled, metadata proxy doesn't get automatically started/stopped when needed
From: Daniel Alvarez, 2018-03-05