yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1812118] Re: Neutron doesn't allow to update router external subnets

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1812118@xxxxxxxxxxxxxxxxxx>
Date: Sat, 19 Oct 2019 22:44:47 -0000
Reply-to: Bug 1812118 <1812118@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.opendev.org/670177
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=040b550a861ce321c87ac33e92836a502d9531d3
Submitter: Zuul
Branch:    master

commit 040b550a861ce321c87ac33e92836a502d9531d3
Author: Brian Haley <bhaley@xxxxxxxxxx>
Date:   Wed Jul 10 16:01:25 2019 -0400

    Use admin context when updating router gateway
    
    When a router gateway is updated and the subnet changes,
    we need to use the admin context in order for the operation
    to succeed.  Since the target network has already been
    verified to be external, this is OK. The other operations
    in this area such as create and delete already do the
    same thing.
    
    Added a fullstack test that moves a gateway between subnets
    and verifies it's reachable afterwards.
    
    Change-Id: Iead87ba6182d633f0f808032166e02e767fcffae
    Closes-bug: #1812118


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1812118

Title:
  Neutron doesn't allow to update router external subnets

Status in neutron:
  Fix Released

Bug description:
  Create a router with an external subnet, then try to update it:

  openstack router set --external-gateway 30e25ece-439b-4d9f-a3f7-816d0167d2cd --fixed-ip subnet=72808793-445e-4fe5-b653-097d720304e8 test
  NotFoundException: 404: Client Error for url: https://<url>/v2.0/routers/9f3edd38-f18b-482b-9060-20773423cb76, {"NeutronError": {"message": "Port 31c7ad44-41e6-4c2a-87fc-ea749a725690 could not be found.", "type": "PortNotFound", "detail": ""}}

  I expect that this is an issue:
  https://github.com/openstack/neutron/blob/b09b8868e93aea437055c041148ccbd095c5c249/neutron/db/l3_db.py#L508

  and the context should be: context.elevated(), but I'm not sure
  whether it is a security issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1812118/+subscriptions

References

[Bug 1812118] [NEW] Neutron doesn't allow to update router external subnets
From: kay, 2019-01-16