"cannot be deleted directly via the port API" is by design it seems:
https://bugs.launchpad.net/neutron/+bug/1425504
However, deleting via a subnet should be possible.
Client debug log revealed the issue (I also had a static route
configured to 192.168.200.0/24 on pubrouter via neutron extra routes
extension)
openstack router remove subnet 4f9ca9ef-303b-4082-abbc-e50782d9b800
6694cc70-7667-4583-8eec-1decb19063c9 --debug
http://10.232.1.207:9696 "PUT
/v2.0/routers/4f9ca9ef-303b-4082-abbc-e50782d9b800/remove_router_interface
HTTP/1.1" 409 257
RESP: [409] Content-Type: application/json Content-Length: 257
X-Openstack-Request-Id: req-afac4d67-d309-4bcd-83d6-bfd08d6a6d9b Date: Thu, 29
Mar 2018 19:30:24 GMT Connection: keep-alive
RESP BODY: {"NeutronError": {"message": "Router interface for subnet
6694cc70-7667-4583-8eec-1decb19063c9 on router
4f9ca9ef-303b-4082-abbc-e50782d9b800 cannot be deleted, as it is required by
one or more routes.", "type": "RouterInterfaceInUseByRoute", "detail": ""}}
openstack router show pubrouter -c routes -f value
destination='8.8.8.8/32', gateway='192.168.200.10'
openstack router set --no-route pubrouter
After that a route got deleted
openstack router remove subnet 4f9ca9ef-303b-4082-abbc-e50782d9b800
6694cc70-7667-4583-8eec-1decb19063c9 --debug
PUT call to network for
http://10.232.1.207:9696/v2.0/routers/4f9ca9ef-303b-4082-abbc-e50782d9b800/remove_router_interface
used request id req-cf7a0614-5fd5-4842-aef4-422be3ab96b1
Manager RegionOne ran task network.PUT.routers.remove_router_interface in
4.53609895706s
However, policy rules for 192.168.200.0/24 were kept but were deleted
for 192.168.100.0/24 which should not have happened.
juju run --application
neutron-gateway-l2,neutron-gateway-l1,neutron-openvswitch-l1,neutron-openvswitch-l2
'sudo ip netns exec qrouter-4f9ca9ef-303b-4082-abbc-e50782d9b800 ip rule'
- Stdout: "0:\tfrom all lookup local \n32766:\tfrom all lookup main
\n32767:\tfrom
all lookup default \n8:\tfrom 192.168.200.0/24 lookup 16 \n"
UnitId: neutron-gateway-l1/0
- Stdout: "0:\tfrom all lookup local \n32766:\tfrom all lookup main
\n32767:\tfrom
all lookup default \n8:\tfrom 192.168.200.0/24 lookup 16 \n"
UnitId: neutron-openvswitch-l1/0
- Stdout: "0:\tfrom all lookup local \n32766:\tfrom all lookup main
\n32767:\tfrom
all lookup default \n8:\tfrom 192.168.200.0/24 lookup 16 \n"
UnitId: neutron-openvswitch-l1/1
- Stdout: "0:\tfrom all lookup local \n32766:\tfrom all lookup main
\n32767:\tfrom
all lookup default \n8:\tfrom 192.168.200.0/24 lookup 16 \n"
UnitId: neutron-openvswitch-l1/2
- Stdout: "0:\tfrom all lookup local \n32766:\tfrom all lookup main
\n32767:\tfrom
all lookup default \n8:\tfrom 192.168.200.0/24 lookup 16 \n"
UnitId: neutron-openvswitch-l2/0
- Stdout: "0:\tfrom all lookup local \n32766:\tfrom all lookup main
\n32767:\tfrom
all lookup default \n8:\tfrom 192.168.200.0/24 lookup 16 \n"
UnitId: neutron-openvswitch-l2/1
- Stdout: "0:\tfrom all lookup local \n32766:\tfrom all lookup main
\n32767:\tfrom
all lookup default \n8:\tfrom 192.168.200.0/24 lookup 16 \n"
UnitId: neutron-gateway-l2/0
Disabling and re-enabling the router brought the right policy rule back:
ip netns exec qrouter-4f9ca9ef-303b-4082-abbc-e50782d9b800 ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
8: from 192.168.100.0/24 lookup 16
And adding 192.168.200.0/24 again only created qr- ports but not policy
rules for 192.168.200.0/24.
The logs for neutron-l3-agent were full of this:
https://paste.ubuntu.com/p/symM9Js9nJ/
So after disabling the router, restarting l3 agent, and enabling the
router everything went back to normal. And removing a subnet from a
router resulted in both interfaces and policy rules being deleted.
There are clearly some idempotency and ordering problems.
I was able to reproduce incorrect policy rule deletion more than twice.
So I will mark this bug as invalid as the original issue with subnet
removal was due to a static route presence but create a new one for
policy rules.
** Changed in: neutron (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1759918
Title:
[dvr] router remove subnet silently fails
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1759918/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs