yahoo-eng-team team mailing list archive

Thread
Date
[Bug 2099450] Re: Incorrect ovsdb_connection validation

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: OpenStack Infra <2099450@xxxxxxxxxxxxxxxxxx>
Date: Mon, 24 Feb 2025 13:10:50 -0000
Reply-to: Bug 2099450 <2099450@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
Reviewed:  https://review.opendev.org/c/openstack/neutron/+/942412
Committed: https://opendev.org/openstack/neutron/commit/dad75a8202b410a4597a2ffd6c9659115d64bdc1
Submitter: "Zuul (22348)"
Branch:    master

commit dad75a8202b410a4597a2ffd6c9659115d64bdc1
Author: Takashi Kajinami <kajinamit@xxxxxxxxxxxxxxx>
Date:   Fri Feb 21 14:16:58 2025 +0900

    Fix wrong rejex for [ovs] ovsdb_connection
    
    The change 03a976d933865b45f481ba1539b61e199aab7446 introduced
    the wrong regex which rejects usage of unix domain socket.
    
    Also 'tls' is not a protocol actually accepted.
    
    Closes-Bug: #2099450
    Change-Id: I119f33a85df6f95c8cdc937fa2bb02b425a34de3


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2099450

Title:
  Incorrect ovsdb_connection validation

Status in neutron:
  Fix Released

Bug description:
  Hi,

  Our CI which is testing against "master" has caught the following:

  ```
  2025-02-21 00:44:05.008 188 INFO neutron.common.config [-] /var/lib/openstack/bin/neutron-ovn-metadata-agent version 26.0.0.0b3.dev235
  2025-02-21 00:44:05.013 188 CRITICAL neutron [-] Unhandled error: oslo_config.cfg.ConfigFileValueError: Value for option ovsdb_connection from LocationInfo(location=<Locations.user: (4, True)>, detail='/etc/neutron/ovn_metadata_agent.ini') is not valid: Value 'unix:/run/openvswitch/db.sock' doesn't match regex '^(tcp|tls|ssl):.+'
  2025-02-21 00:44:05.013 188 ERROR neutron Traceback (most recent call last):
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/oslo_config/cfg.py", line 2931, in _do_get
  2025-02-21 00:44:05.013 188 ERROR neutron     return (convert(val), alt_loc)
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/oslo_config/cfg.py", line 2900, in convert
  2025-02-21 00:44:05.013 188 ERROR neutron     return self._convert_value(
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/oslo_config/cfg.py", line 3028, in _convert_value
  2025-02-21 00:44:05.013 188 ERROR neutron     return opt.type(value)
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/oslo_config/types.py", line 154, in __call__
  2025-02-21 00:44:05.013 188 ERROR neutron     raise ValueError("Value %r doesn't match regex %r" %
  2025-02-21 00:44:05.013 188 ERROR neutron ValueError: Value 'unix:/run/openvswitch/db.sock' doesn't match regex '^(tcp|tls|ssl):.+'
  2025-02-21 00:44:05.013 188 ERROR neutron 
  2025-02-21 00:44:05.013 188 ERROR neutron During handling of the above exception, another exception occurred:
  2025-02-21 00:44:05.013 188 ERROR neutron 
  2025-02-21 00:44:05.013 188 ERROR neutron Traceback (most recent call last):
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/bin/neutron-ovn-metadata-agent", line 8, in <module>
  2025-02-21 00:44:05.013 188 ERROR neutron     sys.exit(main())
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/neutron/cmd/agents/ovn_metadata.py", line 24, in main
  2025-02-21 00:44:05.013 188 ERROR neutron     metadata_agent.main()
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/neutron/agent/ovn/metadata_agent.py", line 42, in main
  2025-02-21 00:44:05.013 188 ERROR neutron     utils.log_opt_values(LOG)
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/neutron/common/utils.py", line 133, in log_opt_values
  2025-02-21 00:44:05.013 188 ERROR neutron     cfg.CONF.log_opt_values(log, logging.DEBUG)
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/oslo_config/cfg.py", line 2826, in log_opt_values
  2025-02-21 00:44:05.013 188 ERROR neutron     _sanitize(opt, getattr(group_attr, opt_name)))
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/oslo_config/cfg.py", line 3377, in __getattr__
  2025-02-21 00:44:05.013 188 ERROR neutron     return self._conf._get(name, self._group)
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/oslo_config/cfg.py", line 2868, in _get
  2025-02-21 00:44:05.013 188 ERROR neutron     value, loc = self._do_get(name, group, namespace)
  2025-02-21 00:44:05.013 188 ERROR neutron   File "/var/lib/openstack/lib/python3.10/site-packages/oslo_config/cfg.py", line 2947, in _do_get
  2025-02-21 00:44:05.013 188 ERROR neutron     raise ConfigFileValueError(message)
  2025-02-21 00:44:05.013 188 ERROR neutron oslo_config.cfg.ConfigFileValueError: Value for option ovsdb_connection from LocationInfo(location=<Locations.user: (4, True)>, detail='/etc/neutron/ovn_metadata_agent.ini') is not valid: Value 'unix:/run/openvswitch/db.sock' doesn't match regex '^(tcp|tls|ssl):.+'
  2025-02-21 00:44:05.013 188 ERROR neutron 
  ```

  Now, this file has the following contents:

  ```
  [DEFAULT]
  metadata_proxy_shared_secret = 0ZkuhKWVMhNIrMBXYasBP5sHnZzqBZGA
  metadata_proxy_socket = /var/lib/neutron/openstack-helm/metadata_proxy
  metadata_workers = 2
  nova_metadata_host = nova-metadata.openstack.svc.cluster.local
  nova_metadata_port = 8775
  [cache]
  backend = dogpile.cache.memcached
  enabled = true
  memcache_servers = memcached.openstack.svc.cluster.local:11211
  [ovs]
  ovsdb_connection = unix:/run/openvswitch/db.sock
  ```

  So in this case, it seems to not be picking up this:

  https://github.com/openstack/neutron/blob/03a976d933865b45f481ba1539b61e199aab7446/neutron/conf/agent/ovn/metadata/config.py

  but instead picking up this:

  https://github.com/openstack/neutron/blob/03a976d933865b45f481ba1539b61e199aab7446/neutron/conf/agent/ovsdb_api.py#L23

  The neutron metadata ovn agent _should_ be able to talk over the unix
  socket on the local system to ovs, so it shouldn't be an issue for
  that to be set, i think this is probably just something that was
  missed in this commit:

  https://review.opendev.org/c/openstack/neutron/+/931562

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2099450/+subscriptions
References

[Bug 2099450] [NEW] Incorrect ovsdb_connection validation
From: Mohammed Naser, 2025-02-21