[Yahoo-eng-team] [Bug 1489690] [NEW] neutron-openvswitch-agent leak sg iptables rules

Zhangqi Chen Thu, 27 Aug 2015 20:51:06 -0700

Public bug reported:

In function 'treat_devices_added_or_updated', port not exist at 'br-int' will 
be added into 'skipped_devices', and return to parent function 
'process_network_ports', and 'process_network_ports' will remove these ports 
from port_info['current'].
If a port updated due to 'sg_member', and the port deleted just in function 
'treat_devices_added_or_updated', so the port aded into 'skipped_devices', then 
it removed from port_info['current']. When next 'scan_port', the port not in 
'registered_ports', so it not added into port_info['removed'], it's chains and 
rules will never been removed. These waste chains and rules stay in iptables 
util ovs-agent restart or compute node restart.


** Affects: neutron
     Importance: Undecided
     Assignee: Zhangqi Chen (chenzhangqi79)
         Status: New


** Tags: sg-fw

** Changed in: neutron
     Assignee: (unassigned) => Zhangqi Chen (chenzhangqi79)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1489690

Title:
  neutron-openvswitch-agent leak sg iptables rules

Status in neutron:
  New

Bug description:
  In function 'treat_devices_added_or_updated', port not exist at 'br-int' will 
be added into 'skipped_devices', and return to parent function 
'process_network_ports', and 'process_network_ports' will remove these ports 
from port_info['current'].
  If a port updated due to 'sg_member', and the port deleted just in function 
'treat_devices_added_or_updated', so the port aded into 'skipped_devices', then 
it removed from port_info['current']. When next 'scan_port', the port not in 
'registered_ports', so it not added into port_info['removed'], it's chains and 
rules will never been removed. These waste chains and rules stay in iptables 
util ovs-agent restart or compute node restart.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1489690/+subscriptions

-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp

[Yahoo-eng-team] [Bug 1489690] [NEW] neutron-openvswitch-agent leak sg iptables rules

Reply via email to