yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #96605
[Bug 2127157] [NEW] ovn-vpn-agent fails to delete vpn service
Public bug reported:
Greetings,
while deploying the ovn vpnaas implementation of neutron and testing its
functionality we found that the ovn-vpn-agent fails to remove a vpn
service.
We found that the reason for this is that the destroy_process function of the ovn_ipsec implementation calls the parent destroy_process function [1].
The parent implementation of the destroy_process function calls remove_nat_rules [2] which throws an exception in ovn environments. Calling remove_nat_rules in the ovn implementation does not make sense as all nat flows are managed by ovn and not iptables.
[1] https://github.com/openstack/neutron-vpnaas/blob/stable/2025.1/neutron_vpnaas/services/vpn/device_drivers/ovn_ipsec.py#L287
[2] https://github.com/openstack/neutron-vpnaas/blob/stable/2025.1/neutron_vpnaas/services/vpn/device_drivers/ipsec.py#L1019
Exception that is thrown:
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server [None req-7a030937-580b-440f-9509-b41cbfde6c5a d6664669b3ec454088014399dd707bbd 0f93b28d753f44e18053f124519c5004 - - ca8664bbcbd0457cae12>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server Traceback (most recent call last):
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_messaging/rpc/server.py", line 174, in _process_incoming
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server res = self.dispatcher.dispatch(message)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_messaging/rpc/dispatcher.py", line 309, in dispatch
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return self._do_dispatch(endpoint, method, ctxt, args)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_messaging/rpc/dispatcher.py", line 229, in _do_dispatch
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server result = func(ctxt, **new_args)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_log/helpers.py", line 67, in wrapper
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return method(*args, **kwargs)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 966, in vpnservice_u>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server self.sync(context, [router] if router else [])
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_log/helpers.py", line 67, in wrapper
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return method(*args, **kwargs)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_concurrency/lockutils.py", line 415, in inner
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return f(*args, **kwargs)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 1156, in sync
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server self._delete_vpn_processes(sync_router_ids, router_ids)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 1186, in _delete_vpn>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server self.destroy_process(process_id)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ovn_ipsec.py", line 287, in destroy_>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server super().destroy_process(process_id)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 1019, in destroy_pro>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server self.remove_nat_rules(process_id)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_log/helpers.py", line 67, in wrapper
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return method(*args, **kwargs)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 953, in remove_nat_r>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server iptables_manager = self.get_router_based_iptables_manager(router)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server TypeError: 'NoneType' object is not callable
** Affects: neutron
Importance: Undecided
Status: New
** Tags: vpnaas
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2127157
Title:
ovn-vpn-agent fails to delete vpn service
Status in neutron:
New
Bug description:
Greetings,
while deploying the ovn vpnaas implementation of neutron and testing
its functionality we found that the ovn-vpn-agent fails to remove a
vpn service.
We found that the reason for this is that the destroy_process function of the ovn_ipsec implementation calls the parent destroy_process function [1].
The parent implementation of the destroy_process function calls remove_nat_rules [2] which throws an exception in ovn environments. Calling remove_nat_rules in the ovn implementation does not make sense as all nat flows are managed by ovn and not iptables.
[1] https://github.com/openstack/neutron-vpnaas/blob/stable/2025.1/neutron_vpnaas/services/vpn/device_drivers/ovn_ipsec.py#L287
[2] https://github.com/openstack/neutron-vpnaas/blob/stable/2025.1/neutron_vpnaas/services/vpn/device_drivers/ipsec.py#L1019
Exception that is thrown:
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server [None req-7a030937-580b-440f-9509-b41cbfde6c5a d6664669b3ec454088014399dd707bbd 0f93b28d753f44e18053f124519c5004 - - ca8664bbcbd0457cae12>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server Traceback (most recent call last):
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_messaging/rpc/server.py", line 174, in _process_incoming
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server res = self.dispatcher.dispatch(message)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_messaging/rpc/dispatcher.py", line 309, in dispatch
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return self._do_dispatch(endpoint, method, ctxt, args)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_messaging/rpc/dispatcher.py", line 229, in _do_dispatch
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server result = func(ctxt, **new_args)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_log/helpers.py", line 67, in wrapper
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return method(*args, **kwargs)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 966, in vpnservice_u>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server self.sync(context, [router] if router else [])
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_log/helpers.py", line 67, in wrapper
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return method(*args, **kwargs)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_concurrency/lockutils.py", line 415, in inner
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return f(*args, **kwargs)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 1156, in sync
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server self._delete_vpn_processes(sync_router_ids, router_ids)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 1186, in _delete_vpn>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server self.destroy_process(process_id)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ovn_ipsec.py", line 287, in destroy_>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server super().destroy_process(process_id)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 1019, in destroy_pro>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server self.remove_nat_rules(process_id)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/oslo_log/helpers.py", line 67, in wrapper
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server return method(*args, **kwargs)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server File "/var/lib/kolla/venv/lib64/python3.9/site-packages/neutron_vpnaas/services/vpn/device_drivers/ipsec.py", line 953, in remove_nat_r>
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server iptables_manager = self.get_router_based_iptables_manager(router)
Oct 08 09:54:20 az2-snat-1 neutron_ovn_vpn_agent[808241]: 2025-10-08 09:54:20.033 2 ERROR oslo_messaging.rpc.server TypeError: 'NoneType' object is not callable
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2127157/+subscriptions
