Public bug reported:
Environment:
XenServer 7.0
Neutron (latest upstream)
Devstack
With the above environment, When I firt set a security group for VM,
ping the VM's floating ip, remove the security group from the VM, I
found there are exceptions in q-agt.log (q-agt running in compute node,
targeted for Dom0 when XenServer is used as hypervisor).
2016-07-15 11:15:56.231 ERROR neutron.agent.linux.ip_conntrack
[req-fe62ea80-4965-4d5a-bed5-56fa3b917ed5 None None] Failed execute conntrack
command ('conntrack', '-D', '-f', 'ipv4', '-d', '10.0.0.9', '-w', 2)
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack Traceback (most
recent call last):
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/opt/stack/neutron/neutron/agent/linux/ip_conntrack.py", line 72, in
_delete_conntrack_state
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack
extra_ok_codes=[1])
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/opt/stack/neutron/neutron/agent/linux/utils.py", line 138, in execute
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack raise
RuntimeError(msg)
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack RuntimeError:
Exit code: 96; Stdin: ; Stdout: ; Stderr: Traceback (most recent call last):
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/opt/stack/neutron/bin/neutron-rootwrap-xen-dom0", line 120, in run_command
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack {'cmd':
json.dumps(user_args), 'cmd_input': json.dumps(cmd_input)})
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/usr/local/lib/python2.7/dist-packages/XenAPI.py", line 229, in __call__
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack return
self.__send(self.__name, args)
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/usr/local/lib/python2.7/dist-packages/XenAPI.py", line 133, in xenapi_request
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack result =
_parse_result(getattr(self, methodname)(*full_params))
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/usr/local/lib/python2.7/dist-packages/XenAPI.py", line 203, in _parse_result
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack raise
Failure(result['ErrorDescription'])
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack Failure:
['XENAPI_PLUGIN_FAILURE', 'run_command', 'PluginError', "Dom0 execution of
'conntrack' is not permitted"]
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack
** Affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1603400
Title:
neutron-ovs-agent in compute node with XenServer doesn't support
conntrack
Status in neutron:
New
Bug description:
Environment:
XenServer 7.0
Neutron (latest upstream)
Devstack
With the above environment, When I firt set a security group for VM,
ping the VM's floating ip, remove the security group from the VM, I
found there are exceptions in q-agt.log (q-agt running in compute
node, targeted for Dom0 when XenServer is used as hypervisor).
2016-07-15 11:15:56.231 ERROR neutron.agent.linux.ip_conntrack
[req-fe62ea80-4965-4d5a-bed5-56fa3b917ed5 None None] Failed execute conntrack
command ('conntrack', '-D', '-f', 'ipv4', '-d', '10.0.0.9', '-w', 2)
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack Traceback
(most recent call last):
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/opt/stack/neutron/neutron/agent/linux/ip_conntrack.py", line 72, in
_delete_conntrack_state
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack
extra_ok_codes=[1])
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/opt/stack/neutron/neutron/agent/linux/utils.py", line 138, in execute
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack raise
RuntimeError(msg)
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack RuntimeError:
Exit code: 96; Stdin: ; Stdout: ; Stderr: Traceback (most recent call last):
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/opt/stack/neutron/bin/neutron-rootwrap-xen-dom0", line 120, in run_command
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack {'cmd':
json.dumps(user_args), 'cmd_input': json.dumps(cmd_input)})
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/usr/local/lib/python2.7/dist-packages/XenAPI.py", line 229, in __call__
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack return
self.__send(self.__name, args)
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/usr/local/lib/python2.7/dist-packages/XenAPI.py", line 133, in xenapi_request
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack result =
_parse_result(getattr(self, methodname)(*full_params))
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack File
"/usr/local/lib/python2.7/dist-packages/XenAPI.py", line 203, in _parse_result
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack raise
Failure(result['ErrorDescription'])
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack Failure:
['XENAPI_PLUGIN_FAILURE', 'run_command', 'PluginError', "Dom0 execution of
'conntrack' is not permitted"]
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack
2016-07-15 11:15:56.231 TRACE neutron.agent.linux.ip_conntrack
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1603400/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
