yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #96450
[Bug 2115776] Re: Neutron fails to delete records for a VM or FIP when there is A and AAAA records with the same name
Reviewed: https://review.opendev.org/c/openstack/neutron/+/959543
Committed: https://opendev.org/openstack/neutron/commit/9320cd392f88a68a365bca154b3079b7317103c6
Submitter: "Zuul (22348)"
Branch: master
commit 9320cd392f88a68a365bca154b3079b7317103c6
Author: Helen Chen <ichen@xxxxxxxxxx>
Date: Tue Sep 9 16:15:57 2025 -0400
Fix bug/2115776 where Neutron deletes A/AAAA records
Enable the deletion of all the Designate recordssets for the same
dns_name and dns_domain associated with the specified IP
addresses.
This change enables in the Designate driver the separate deletion
of two recordsets associated to the same dns-name and dns-domain
that were created by a sequence of one port create/update and one
floating ip create/update. Before this change, the assumption when
deleting recordsets associated to the same same dns-name and
dns-domain was that they were created in a single operation.
Consequently, the change handles each deletion operation of the
dns_name in the dns_domain based on the IP addresses specified
in the input argument.
Existing unit tests in test_dns_integration.py and
test_dns_domain_keywords.py failed with this change. These existing
test cases are updated in this commit such that the IP addresses
in the mock recordsets are strings, instead of netaddr.IPAddress()
objects, to match recordset['records'] data type in
_get_ids_ips_to_delete(). The unit tests passed with mismatched
types in the past because the check between recordset and input
argument records compared the size of two sets rather than the
values of the data.
A new unit test test_delete_single_record_from_two_records() is
added to test that the designate driver handles the use case where
only a subset of A or AAAA records are deleted.
test_delete_single_record_from_two_records() was generated with the
assistance of Claude Code, copying from test_delete_record_set()
with a small modification to delete only one of the records.
Assisted-by: Claude Code
Depends-on: https://review.opendev.org/c/openstack/neutron-tempest-plugin/+/960659
Closes-Bug: #2115776
Change-Id: I42f1d504a063f1d8542c861b3b7caffe56c47bf1
Signed-off-by: Helen Chen <ichen@xxxxxxxxxx>
** Changed in: neutron
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2115776
Title:
Neutron fails to delete records for a VM or FIP when there is A and
AAAA records with the same name
Status in neutron:
Fix Released
Bug description:
In Caracal on 22.04:
designate-* 1:18.0.0-0ubuntu1~cloud0
neutron-* 2:24.1.0-0ubuntu1~cloud0
[Scenario]
1. You have a network with --dns-domain set to a zone that exists in Designate
2. Within this network you create an IPv6 subnet with --dns-publish-fixed-ip set
3. In addition, you have set it up so that floating IPs will be automatically registered in Designate when added to an instance.
This whole scenario is basically Use case 1 and 3a from
https://docs.openstack.org/neutron/latest/admin/config-dns-int-ext-
serv.html
[The issue]
With this given scenario, you'll get both an A and an AAAA record with the same name (which is completly normal and wanted). When the VM is deleted, the DNS records fails to delete with a neutron_lib.exceptions.dns.DuplicateRecordSet exception.
https://paste.openstack.org/show/bPOZX1GHmL6CFu8KVYHk/
If I've read the code correctly,
https://github.com/openstack/neutron/blob/stable/2024.1/neutron/services/externaldns/drivers/designate/driver.py#L159
neutron will first lookup all records registered for an IP, then
double check that the set of IPs registered on the names returned
corresponds with the original IP. This will then fail when we i.e
lookup 1.2.3.4, get vm.example.com., resolves vm.example.com, and get
both 1.2.3.4 and 2001:db8::dead:beef back.
[Expected behaviour]
Neutron should understand that it's perfectly fine to dualstack, and have A/AAAA records with the same name, and act accordingly when trying to delete records.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2115776/+subscriptions
References
