[Bug 1681758] Re: nova-lxd driver does not work with neutron firewall disabled
OpenStack Infra
1681758 at bugs.launchpad.net
Thu Jul 13 10:17:48 UTC 2017
Reviewed: https://review.openstack.org/474241
Committed: https://git.openstack.org/cgit/openstack/nova-lxd/commit/?id=78b6c14f2cf375493f3fc268d589f2ba23f4f346
Submitter: Jenkins
Branch: master
commit 78b6c14f2cf375493f3fc268d589f2ba23f4f346
Author: James Page <james.page at ubuntu.com>
Date: Wed Jun 14 15:57:47 2017 +0100
vif: redux interface wiring approach
The nova-lxd driver has to take a slightly different approach
to virtual interface wiring due to a lack of an equivalent to
'launch and pause' in LXD.
For some interface types, the last mile tap device needs to
be present for vif plugging to complete successfully which
occurs prior to the instance being launched; This change
refactors the vif module to create veth pairs directly
in nova-lxd, rather than delegating this to LXD as part of
a bridged network interface type. This allows vif plugging
to complete prior to the instance being created in LXD.
The side effect of this change is that all currently supported
interface types are now configured as 'physical' interfaces
in LXD profiles for instances - wiring to bridges is handled
directly by the nova-lxd driver instead.
This change has been validated with:
ovs driver + iptables hybrid firewall driver
ovs driver + openvswitch native firewall driver
linuxbridge driver + iptables hybrid firewall driver
The VIF wiring approach is described in detail in the VIF
wiring documentation included in this change.
Closes-Bug: 1681758
Change-Id: Ic268e989d1ee19f696298fb1e0db729a00352a12
** Changed in: nova-lxd
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1681758
Title:
nova-lxd driver does not work with neutron firewall disabled
Status in OpenStack Charm Test Infra:
New
Status in Ubuntu Cloud Archive:
Triaged
Status in nova-lxd:
Fix Released
Status in nova-lxd package in Ubuntu:
Triaged
Bug description:
In a deployment where the firewall is disabled in the neutron-
openvswitch-agent (don't ask); the agent switches to using non-hybrid
ports (no bridge required to apply security group rules).
In this configuration, neutron will expect the tap device to have been
plugged directly into the br-int bridge prior to attempting networking
binding; however the nova-lxd driver does not do this, so binding
fails and instance launch errors after the network binding event times
out.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: python-nova-lxd 15.0.0-0ubuntu1~cloud0 [modified: usr/lib/python2.7/dist-packages/nova/virt/lxd/driver.py usr/lib/python2.7/dist-packages/nova/virt/lxd/storage.py] [origin: Canonical]
ProcVersionSignature: Ubuntu 4.4.0-72.93-generic 4.4.49
Uname: Linux 4.4.0-72-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.20.1-0ubuntu2.5
Architecture: amd64
CrashDB:
{
"impl": "launchpad",
"project": "cloud-archive",
"bug_pattern_url": "http://people.canonical.com/~ubuntu-archive/bugpatterns/bugpatterns.xml",
}
Date: Tue Apr 11 10:11:15 2017
PackageArchitecture: all
ProcEnviron:
TERM=screen-256color-bce
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: nova-lxd
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/charm-test-infra/+bug/1681758/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list