yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #90388
[Bug 1996150] Re: Neutron fails to create network with enforced scopes and new RBAC policies
Reviewed: https://review.opendev.org/c/openstack/neutron-lib/+/864213
Committed: https://opendev.org/openstack/neutron-lib/commit/91759b17ea5d4d6563596612208e6014dee2ed88
Submitter: "Zuul (22348)"
Branch: master
commit 91759b17ea5d4d6563596612208e6014dee2ed88
Author: Slawek Kaplonski <skaplons@xxxxxxxxxx>
Date: Thu Nov 10 16:05:11 2022 +0100
Don't check context.system_scope to check project scope
During first attempt of the Secure RBAC implementation [1] to
function model_query_scope_is_project() there was added check
which was checking if context.system_scope is "all" in case when
scope enforcement was enabled. It was like that because that meant
that it is SYSTEM_* persona context (e.g. SYSTEM_ADMIN).
This is not needed now as later it was agreed to have only one ADMIN
user which will still behave like old, "legacy" ADMIN user.
[1] https://review.opendev.org/c/openstack/neutron-lib/+/781075
Closes-bug: #1996150
Change-Id: If3a97c4d3a0f4cb6b4d06434f74cbe9d933a07a4
** Changed in: neutron
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1996150
Title:
Neutron fails to create network with enforced scopes and new RBAC
policies
Status in neutron:
Fix Released
Bug description:
Error happened in test job run on
https://review.opendev.org/c/openstack/tempest/+/614484:
https://zuul.opendev.org/t/openstack/build/930366c016de49c4b7c26f69b371411a/log/controller/logs/screen-
q-svc.txt#4406
Traceback:
27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-server[94286]:
ERROR neutron.plugins.ml2.managers [None
req-1e9ba6eb-84f1-4091-bf3a-862d6e6cb127 admin admin] Mechanism driver
'ovn' failed in create_network_postcommit:
neutron_lib.exceptions.NetworkNotFound: Network
75ccd449-9526-4dc2-96c3-4f76ac9dcbe2 could not be found.
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers Traceback (most
recent call last):
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/opt/stack/neutron/neutron/plugins/ml2/managers.py", line 497, in
_call_on_drivers
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
getattr(driver.obj, method_name)(context)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/opt/stack/neutron/neutron/plugins/ml2/drivers/ovn/mech_driver/mech_driver.py",
line 562, in create_network_postcommit
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
self._ovn_client.create_network(context._plugin_context, network)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/opt/stack/neutron/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py",
line 1881, in create_network
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
self.create_metadata_port(context, network)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/opt/stack/neutron/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_client.py",
line 2355, in create_metadata_port
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
p_utils.create_port(self._plugin, context, port)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/neutron_lib/plugins/utils.py",
line 337, in create_port
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers return
core_plugin.create_port(
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/opt/stack/neutron/neutron/common/utils.py", line 704, in inner
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers return f(*args,
**kwargs)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/neutron_lib/db/api.py", line
226, in wrapped
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers return
f_with_retry(*args, **kwargs,
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/neutron_lib/db/api.py", line
142, in wrapped
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers setattr(e,
'_RETRY_EXCEEDED', True)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/oslo_utils/excutils.py", line
227, in __exit__
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
self.force_reraise()
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/oslo_utils/excutils.py", line
200, in force_reraise
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers raise self.value
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/neutron_lib/db/api.py", line
138, in wrapped
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers return f(*args,
**kwargs)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/oslo_db/api.py", line 154, in
wrapper
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers ectxt.value =
e.inner_exc
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/oslo_utils/excutils.py", line
227, in __exit__
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
self.force_reraise()
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/oslo_utils/excutils.py", line
200, in force_reraise
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers raise self.value
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/oslo_db/api.py", line 142, in
wrapper
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers return f(*args,
**kwargs)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/neutron_lib/db/api.py", line
190, in wrapped
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
context_reference.session.rollback()
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/oslo_utils/excutils.py", line
227, in __exit__
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
self.force_reraise()
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/oslo_utils/excutils.py", line
200, in force_reraise
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers raise self.value
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/usr/local/lib/python3.8/dist-packages/neutron_lib/db/api.py", line
184, in wrapped
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers return
f(*dup_args, **dup_kwargs)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/opt/stack/neutron/neutron/plugins/ml2/plugin.py", line 1570, in
create_port
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers result,
mech_context = self._create_port_db(context, port)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/opt/stack/neutron/neutron/plugins/ml2/plugin.py", line 1535, in
_create_port_db
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers port_db =
self.create_port_db(context, port)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers File
"/opt/stack/neutron/neutron/db/db_base_plugin_v2.py", line 1461, in
create_port_db
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers raise
exc.NetworkNotFound(net_id=network_id)
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
neutron_lib.exceptions.NetworkNotFound: Network
75ccd449-9526-4dc2-96c3-4f76ac9dcbe2 could not be found.
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.managers
Nov 04 05:49:27.934555 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR neutron.plugins.ml2.plugin [None
req-1e9ba6eb-84f1-4091-bf3a-862d6e6cb127 admin admin]
mechanism_manager.create_network_postcommit failed, deleting network
'75ccd449-9526-4dc2-96c3-4f76ac9dcbe2':
neutron.plugins.ml2.common.exceptions.MechanismDriverError
Nov 04 05:49:27.936779 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: DEBUG neutron_lib.callbacks.manager [None
req-1e9ba6eb-84f1-4091-bf3a-862d6e6cb127 admin admin] Publish
callbacks
['neutron.plugins.ml2.plugin.External_net_db_mixin._before_network_delete_handler-1373484']
for network (75ccd449-9526-4dc2-96c3-4f76ac9dcbe2), before_delete
{{(pid=94286) _notify_loop /usr/local/lib/python3.8/dist-
packages/neutron_lib/callbacks/manager.py:176}}
Nov 04 05:49:27.997508 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: ERROR root [None
req-1e9ba6eb-84f1-4091-bf3a-862d6e6cb127 admin admin] Original
exception being dropped: ['Traceback (most recent call last):\n', '
File "/opt/stack/neutron/neutron/plugins/ml2/plugin.py", line 1200, in
_after_create_network\n
self.mechanism_manager.create_network_postcommit(mech_context)\n', '
File "/opt/stack/neutron/neutron/plugins/ml2/managers.py", line 547,
in create_network_postcommit\n
self._call_on_drivers("create_network_postcommit", context)\n', '
File "/opt/stack/neutron/neutron/plugins/ml2/managers.py", line 513,
in _call_on_drivers\n raise ml2_exc.MechanismDriverError(\n',
'neutron.plugins.ml2.common.exceptions.MechanismDriverError\n']:
neutron_lib.exceptions.NetworkNotFound: Network
75ccd449-9526-4dc2-96c3-4f76ac9dcbe2 could not be found.
Nov 04 05:49:27.998066 ubuntu-focal-ovh-gra1-0031900066 neutron-
server[94286]: INFO neutron.pecan_wsgi.hooks.translation [None
req-1e9ba6eb-84f1-4091-bf3a-862d6e6cb127 admin admin] POST failed
(client error): The resource could not be found.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1996150/+subscriptions
References
