yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #94124
[Bug 2069482] [NEW] [OVN] VMs cannot access metadata when connected to a network with only IPv6 subnets
Public bug reported:
VMs cannot access the metadata service when connected to a network with
only IPv6 subnets.
Neutron branch: master
Steps to reproduce:
1) Create a network with a single IPv6 subnet:
$ openstack network create ipv6-net-dhcpv6-slaac
$ openstack subnet create --subnet-range fdba:e036:9e22::/64 --ip-version 6 --gateway dba:e036:9e22::1 --ipv6-ra-mode slaac --ipv6-address-mode slaac --network ipv6-net-dhcpv6-slaac ipv6-subnet-dhcpv6-slaac
2) Create a VM using this network:
$ openstack server create --key-name my_key --flavor m1.small --image
ubuntu-20.04-minimal-cloudimg-amd64 --network ipv6-net-dhcpv6-slaac
--security-group sg1 my-vm-slaac
3) The following message is added to the metadata agent log file:
Jun 14 22:00:32 central neutron-ovn-metadata-agent[89379]: DEBUG
neutron.agent.ovn.metadata.agent [-] No valid VIF ports were found for
network 191a0539-edbc-4037-b973-dfa77e3208f6, tearing the namespace down
if needed {{(pid=89379) _get_provision_params
/opt/stack/neutron/neutron/agent/ovn/metadata/agent.py:720}}
which is produced here:
https://github.com/openstack/neutron/blob/79b2d709c80217830fed8ad73dcf6fbd3eea91b4/neutron/agent/ovn/metadata/agent.py#L719-L723
4) When an IPv4 subnet is added to the network and the VM is recreated,
the metadata service is accessible to it over IPv6:
$ openstack subnet create --network ipv6-net-dhcpv6-slaac ipv4-subnet-dhcpv6-slaac --subnet-range 10.2.0.0/24
$ openstack server delete my-vm-slaac
$ openstack server create --key-name my_key --flavor m1.small --image ubuntu-20.04-minimal-cloudimg-amd64 --network ipv6-net-dhcpv6-slaac --security-group sg1 my-vm-slaac
>From the VM:
ubuntu@my-vm-slaac:~$ curl http://[fe80::a9fe:a9fe%ens3]
1.0
2007-01-19
2007-03-01
2007-08-29
2007-10-10
2007-12-15
2008-02-01
2008-09-01
2009-04-04
latest
ubuntu@my-vm-slaac:~$ curl http://[fe80::a9fe:a9fe%ens3]/openstack
2012-08-10
2013-04-04
2013-10-17
2015-10-15
2016-06-30
2016-10-06
2017-02-22
2018-08-27
2020-10-14
latest
How reproducible: 100%
** Affects: neutron
Importance: High
Assignee: Miguel Lavalle (minsel)
Status: New
** Changed in: neutron
Importance: Undecided => High
** Changed in: neutron
Assignee: (unassigned) => Miguel Lavalle (minsel)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2069482
Title:
[OVN] VMs cannot access metadata when connected to a network with only
IPv6 subnets
Status in neutron:
New
Bug description:
VMs cannot access the metadata service when connected to a network
with only IPv6 subnets.
Neutron branch: master
Steps to reproduce:
1) Create a network with a single IPv6 subnet:
$ openstack network create ipv6-net-dhcpv6-slaac
$ openstack subnet create --subnet-range fdba:e036:9e22::/64 --ip-version 6 --gateway dba:e036:9e22::1 --ipv6-ra-mode slaac --ipv6-address-mode slaac --network ipv6-net-dhcpv6-slaac ipv6-subnet-dhcpv6-slaac
2) Create a VM using this network:
$ openstack server create --key-name my_key --flavor m1.small --image
ubuntu-20.04-minimal-cloudimg-amd64 --network ipv6-net-dhcpv6-slaac
--security-group sg1 my-vm-slaac
3) The following message is added to the metadata agent log file:
Jun 14 22:00:32 central neutron-ovn-metadata-agent[89379]: DEBUG
neutron.agent.ovn.metadata.agent [-] No valid VIF ports were found for
network 191a0539-edbc-4037-b973-dfa77e3208f6, tearing the namespace
down if needed {{(pid=89379) _get_provision_params
/opt/stack/neutron/neutron/agent/ovn/metadata/agent.py:720}}
which is produced here:
https://github.com/openstack/neutron/blob/79b2d709c80217830fed8ad73dcf6fbd3eea91b4/neutron/agent/ovn/metadata/agent.py#L719-L723
4) When an IPv4 subnet is added to the network and the VM is
recreated, the metadata service is accessible to it over IPv6:
$ openstack subnet create --network ipv6-net-dhcpv6-slaac ipv4-subnet-dhcpv6-slaac --subnet-range 10.2.0.0/24
$ openstack server delete my-vm-slaac
$ openstack server create --key-name my_key --flavor m1.small --image ubuntu-20.04-minimal-cloudimg-amd64 --network ipv6-net-dhcpv6-slaac --security-group sg1 my-vm-slaac
From the VM:
ubuntu@my-vm-slaac:~$ curl http://[fe80::a9fe:a9fe%ens3]
1.0
2007-01-19
2007-03-01
2007-08-29
2007-10-10
2007-12-15
2008-02-01
2008-09-01
2009-04-04
latest
ubuntu@my-vm-slaac:~$ curl http://[fe80::a9fe:a9fe%ens3]/openstack
2012-08-10
2013-04-04
2013-10-17
2015-10-15
2016-06-30
2016-10-06
2017-02-22
2018-08-27
2020-10-14
latest
How reproducible: 100%
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2069482/+subscriptions
Follow ups
