← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #75222

[Bug 1793527] Re: [dvr_no_external][ha][dataplane down]centralized floating IP nat rules not install in every HA node

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.openstack.org/604094
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=ee7660f593f0f997fff457021b3d5feb5c71906d
Submitter: Zuul
Branch:    master

commit ee7660f593f0f997fff457021b3d5feb5c71906d
Author: LIU Yulong <i@xxxxxxxxxxxx>
Date:   Thu Sep 20 21:30:09 2018 +0800

    Install centralized floating IP nat rules to all ha nodes
    
    For L3 DVR HA router, the centralized floating IP nat rules are not
    installed in every HA node snat namespace. So, install the rules to
    all the router snat-namespace on every scheduled HA router host.
    
    Closes-Bug: #1793527
    Change-Id: I08132510b3ed374a3f85146498f3624a103873d7


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1793527

Title:
  [dvr_no_external][ha][dataplane down]centralized floating IP nat rules
  not install in every HA node

Status in neutron:
  Fix Released

Bug description:
  ENV:
  master
  devstack multinode install:
  1 controller node
  2 compute  nodes -> dvr_no_external  (compute1, compute2)
  2 network   nodes -> dvr_snat              (network1, network2)

  Problem:
  For L3 DVR HA router, the centralized floating IPs nat rules are not installed in every HA node snat namespace.

  How to reproduce:
  1. create DVR_HA router connecting user private network and public external network
  2. create a VM in dvr_no_external compute in private network
  3. create floating IP and associate to the VM port

  Then, only in the `master` node snat-namespace has the iptables rules.
  Even the DVR_HA router has state change(backup -> master, master -> backup), the iptables rules are still not re-created in the new `master` snat-namespace.

  All centralized floating IPs  can be unreachable after a HA router
  state change.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1793527/+subscriptions

References

  Thread PreviousDate PreviousThread Next