yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #89819
[Bug 1992161] [NEW] Unknown quota resource security_group_rule in neutron-rpc-server
Public bug reported:
When restarting our linuxbridge-agents, we see exceptions for some of the
networks: Unknown quota resources ['security_group_rule']. This stops the
linuxbridge-agent from fully bringing up that network.
Prerequisites:
* run api-server and rpc-server in different process
We have neutron-server running with uWSGI and start the neutron-rpc-server in another container.
Steps to reproduce:
* have a project with server/network/ports
* have an unused default security group
* delete the default security group
* restart the appropriate linuxbridge-agent
Version:
* Ussuri with custom patches on top: https://github.com/sapcc/neutron
Expected behavior:
linuxbridge-agent should bring up all networks even if the user deleted the
default security group.
Either don't create a default security-group when called via the
linuxbridge-agent instead of the API or make the quota available in the
rpc-server so the default security-group can be created.
Creating/updating a port or creating a network via API will create the default
security group and fix the problem on the linuxbridge-agent, too. I just don't
think that's acceptable to have the user/admin do some API actions in case the
user did something they maybe shouldn't have.
We've also seen the same exception from a dhcp-agent. Attached both a traceback
from linuxbridge as well as from dhcp-agent.
Trying to debug this, we found that no quota resources are registered in neutron-rpc-server. This can be seen when using the eventlet backdoor by these commands:
from neutron.quota import resource_registry;
resource_registry.get_all_resources()
** Affects: neutron
Importance: Undecided
Status: New
** Attachment added: "tracebacks from dhcp-agent and linuxbridge agent calling neutron-rpc-server"
https://bugs.launchpad.net/bugs/1992161/+attachment/5622035/+files/rpc-no-default-security-group-creation.txt
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1992161
Title:
Unknown quota resource security_group_rule in neutron-rpc-server
Status in neutron:
New
Bug description:
When restarting our linuxbridge-agents, we see exceptions for some of the
networks: Unknown quota resources ['security_group_rule']. This stops the
linuxbridge-agent from fully bringing up that network.
Prerequisites:
* run api-server and rpc-server in different process
We have neutron-server running with uWSGI and start the neutron-rpc-server in another container.
Steps to reproduce:
* have a project with server/network/ports
* have an unused default security group
* delete the default security group
* restart the appropriate linuxbridge-agent
Version:
* Ussuri with custom patches on top: https://github.com/sapcc/neutron
Expected behavior:
linuxbridge-agent should bring up all networks even if the user deleted the
default security group.
Either don't create a default security-group when called via the
linuxbridge-agent instead of the API or make the quota available in the
rpc-server so the default security-group can be created.
Creating/updating a port or creating a network via API will create the default
security group and fix the problem on the linuxbridge-agent, too. I just don't
think that's acceptable to have the user/admin do some API actions in case the
user did something they maybe shouldn't have.
We've also seen the same exception from a dhcp-agent. Attached both a traceback
from linuxbridge as well as from dhcp-agent.
Trying to debug this, we found that no quota resources are registered in neutron-rpc-server. This can be seen when using the eventlet backdoor by these commands:
from neutron.quota import resource_registry;
resource_registry.get_all_resources()
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1992161/+subscriptions
