yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1845145] Re: [L3] add abilitiy for iptables_manager to ensure rule was added only once

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Brian Haley <1845145@xxxxxxxxxxxxxxxxxx>
Date: Fri, 01 Dec 2023 22:38:29 -0000
Reply-to: Bug 1845145 <1845145@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Since the patch on master was abandoned manually I am going to close
this.

** Changed in: neutron
       Status: In Progress => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1845145

Title:
  [L3] add abilitiy for iptables_manager to ensure rule was added only
  once

Status in neutron:
  Won't Fix

Bug description:
  iptables_manager should have abilitiy to ensure rule was added only
  once. In function [1], it just adds the new rule to the cache list no
  matter if it is duplicated. And finally, warning LOG [2] will be
  raised. Sometimes, there will have multiple threads to add rule for
  one same resource, it may be not easy for users to ensure that their
  rule generation code was run as expected. So rule will be duplicated
  in cache. And during the removal procedure, cache has duplicated
  rules, remove one then there still has same rule remained. As a
  result, the linux netfilter rule may have nothing changed after user's
  removal action.

  [1] https://github.com/openstack/neutron/blob/master/neutron/agent/linux/iptables_manager.py#L205-L225
  [2] https://github.com/openstack/neutron/blob/master/neutron/agent/linux/iptables_manager.py#L718-L725

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1845145/+subscriptions

References

[Bug 1845145] [NEW] [L3] add abilitiy for iptables_manager to ensure rule was added only once
From: LIU Yulong, 2019-09-24