yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1922053] Related fix merged to nova (master)

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <1922053@xxxxxxxxxxxxxxxxxx>
Date: Thu, 15 Apr 2021 09:44:07 -0000
Reply-to: Bug 1922053 <1922053@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://review.opendev.org/c/openstack/nova/+/784129
Committed: https://opendev.org/openstack/nova/commit/db333070b61caef62ea5b68e5bf75f92d879db74
Submitter: "Zuul (22348)"
Branch:    master

commit db333070b61caef62ea5b68e5bf75f92d879db74
Author: Lee Yarwood <lyarwood@xxxxxxxxxx>
Date:   Wed Mar 31 12:23:23 2021 +0100

    Add regression test for bug #1922053
    
    Related-Bug: #1922053
    Change-Id: I7fa75a0d2e2555d99c3d2c16b333a21462837580


** Changed in: nova
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1922053

Title:
  Operators can force up compute services with `done` evacuation
  migration records still active against the host

Status in OpenStack Compute (nova):
  Fix Released

Bug description:
  Description
  ===========

  Another PEBKAC issue but the current evacuation flow allows an admin
  to force down, evacuate and unset forced down *without* ever
  restarting the compute service. While it is clearly documented that
  operators need to fence the source compute service ahead of evacuation
  (see below) that should cause a service restart it isn't enforced
  anywhere in the current flow:

  https://docs.openstack.org/api-ref/compute/?expanded=evacuate-server-
  evacuate-action-detail#evacuate-server-evacuate-action

  This leaves evacuation migration records marked as done instead of
  completed as the source host is never given a chance to clean up. The
  request to unset forced down should be rejected until this happens and
  the evacuation migration records are marked as completed.

  This ultimately could lead to the running instance being destroyed
  (stopped) when the evacuation cleanup logic is executed.

  Steps to reproduce
  ==================

  - Mark a given host as forced down
  - Evacuate instances from this host
  - Unset forced down on the host
  - Check that the migration records associated with the evacuations are still marked as done

  Expected result
  ===============

  The request to unset forced down is rejected until the service is
  restarted and evacuation  migration records moved to completed.

  Actual result
  =============

  The request to unset forced down is allowed and evacuation migration
  records remained marked as done.

  Environment
  ===========
  1. Exact version of OpenStack you are running. See the following
    list for all releases: http://docs.openstack.org/releases/

     Master

  2. Which hypervisor did you use?
     (For example: Libvirt + KVM, Libvirt + XEN, Hyper-V, PowerKVM, ...)
     What's the version of that?

     N/A

  2. Which storage type did you use?
     (For example: Ceph, LVM, GPFS, ...)
     What's the version of that?

     N/A

  3. Which networking type did you use?
     (For example: nova-network, Neutron with OpenVSwitch, ...)

     N/A

  Logs & Configs
  ==============

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1922053/+subscriptions

References

[Bug 1922053] [NEW] Operators can unset forced-down with `done` evacuation migration records against the host
From: Lee Yarwood, 2021-03-31