yahoo-eng-team team mailing list archive

Thread
Date

[Bug 2030804] Re: Missing ip rule causes FIP removal to fail

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <2030804@xxxxxxxxxxxxxxxxxx>
Date: Wed, 15 Nov 2023 14:11:58 -0000
Reply-to: Bug 2030804 <2030804@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Reviewed:  https://review.opendev.org/c/openstack/neutron/+/891236
Committed: https://opendev.org/openstack/neutron/commit/16875b5f92731a9cf2d7e819d406bfcc442339f3
Submitter: "Zuul (22348)"
Branch:    master

commit 16875b5f92731a9cf2d7e819d406bfcc442339f3
Author: Brian Haley <haleyb.dev@xxxxxxxxx>
Date:   Fri Aug 11 17:05:49 2023 -0400

    Catch non-existent entry failures better in ip_lib
    
    The privileged/agent/linux/ip_lib.py code was not always
    catching "entry does not exist" type errors when deleting
    entries, and most of the callers were not catching it either,
    which could lead to random failures.
    
    Add code in the IP route, rule and bridge fdb code to catch
    these errors and not raise on them, other exceptions will
    still be raised.
    
    Also fixed delete_neigh_entry() to not raise when the
    given namespace does not exist to make it like all the
    other calls in the file.
    
    Added or modified functional tests for above cases.
    
    Change-Id: I083649ab1b9a9057ee276a7f3ba069eb667db870
    Closes-bug: #2030804


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2030804

Title:
  Missing ip rule causes FIP removal to fail

Status in neutron:
  Fix Released

Bug description:
  Summary
  -------
  If the ip rule associated with a FIP is somehow lost or deleted, when Neutron L3 agent goes to remove the rule it will error and cause the entire FIP removal process to fail.

  
  High level description
  ----------------------
  Rather than erroring if an ip rule that should exist is no longer present, https://opendev.org/openstack/neutron/src/commit/c453813d0664259c4da0d132f224be2eebe70072/neutron/agent/l3/dvr_local_router.py#L216-L227 should handle this gracefully with a warning.

  
  Pre-conditions
  --------------
  - Neutron DVR mode is enabled
  - Subnets are created and attached to a router with an external gateway
  - A VM is created on the aforementioned subnet and a FIP is associated with it

  
  Step-by-step reproduction steps
  -------------------------------
  - Within the qrouter network namespace, run 'ip rule del $FIXED_IP lookup 16'
  - Disassociate the FIP from the VM and monitor Neutron L3 agent logs for errors

  
  Expected output
  ---------------
  Neutron L3 agent logs that the ip rule didn't exist and then continues as normal.

  
  Actual output
  -------------
  Neutron L3 agent throws an "pyroute2.netlink.exceptions.NetLinkError: (2, 'No such file or directory')" exception and does not complete FIP removal from the host.

  
  Version
  -------
  - OpenStack Zed

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2030804/+subscriptions