yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #96508
[Bug 2092971] Re: Metadata service does not work when port security is disabled
I am changing this bug to invalid. This does not reproduce on master or
released version. It could be this was issue on my end. Currently when
port security is disabled the OVN NB lrp addresses value is directory
copied to mac column. The addresses column is always in format [ip,
unknown] and not just [unknown]
** Changed in: neutron
Status: In Progress => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2092971
Title:
Metadata service does not work when port security is disabled
Status in neutron:
Invalid
Bug description:
While I was experimenting with metadata service I discovered that ovn
metadata agent fails to spawn a haproxy service when port security is
disabled.
This happens because here [1] we look into vif_port mac column for an
IP address. However, when port security is disabled, OVN will set it
to [unknown]. As per OVN documentation [2] this column is not
guranteed to contain MAC and IPs
mac: set of strings
This column is a misnomer as it may contain MAC addresses
and IP addresses.
Example of a VIF port with security disabled (I am omiting some
columns/data):
_uuid : 43a5e506-2361-4cdb-a2fb-2ce0636cf34a
chassis : 5f37d656-e7ab-4ea9-8a9a-52633fb2b43e
datapath : ef68b5d5-a133-4dcd-98ba-6aac76dcf148
external_ids : {"neutron:cidrs"="2001:db8:0:1:f816:3eff:feef:f2ad/64", .....}
logical_port : "19b7a707-4762-400b-9fd9-6e90cf5bfbde"
mac : [unknown]
port_security : []
type : ""
When the port security is enabled the mac column looks like this:
mac : ["fa:16:3e:ef:f2:ad 2001:db8:0:1:f816:3eff:feef:f2ad"]
port_security : ["fa:16:3e:ef:f2:ad 2001:db8:0:1:f816:3eff:feef:f2ad"]
It appears that more reliable way of getting an IP would be extracting
it from external_ids column under the neutron:cidrs key.
This eventually just manifests as this[3] log in the agents logs.
[1]
https://github.com/openstack/neutron/blob/0c29e730db2629c084de0c114a0d1e8e6939ac25/neutron/agent/ovn/metadata/agent.py#L619-L622
[2] https://man7.org/linux/man-pages/man5/ovn-
sb.5.html#Port_Binding_TABLE
[3]
https://github.com/openstack/neutron/blob/0c29e730db2629c084de0c114a0d1e8e6939ac25/neutron/agent/ovn/metadata/agent.py#L627-L630
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2092971/+subscriptions
References