*** This bug is a security vulnerability *** Public security bug reported:
The Octavia has the following issue: when we try to create a Listener with "protocol UDP" which is not supported, the LB ans Listener enter into ERROR state and Loadbalancer goes immutable and the resources related to the LB can never be deleted. Here is the state after the Listener creation with UDP as protocol option for a LB created on OCTAVIA. /usr/local/lib/python2.7/dist-packages/psycopg2/__init__.py:144: UserWarning: The psycopg2 wheel package will be renamed from release 2.8; in order to kee p installing from binary please use "pip install psycopg2-binary" instead. For details see: <http://initd.org/psycopg/docs/install.html#binary-install-fro m-pypi>. """) +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | connection_limit | -1 | | created_at | 2019-02-14T12:41:31 | | default_pool_id | None | | default_tls_container_ref | None | | description | | | id | c912df7d-0f5a-4fbf-bee6-34b9347b136b | | insert_headers | None | | l7policies | | | loadbalancers | a9266c7a-8442-4d98-b4af-6ac12ccc21c9 | | name | | | operating_status | ERROR | | project_id | 3010a9f826944cc2919536a94a501e80 | | protocol | UDP | | protocol_port | 80 | | provisioning_status | ERROR | | sni_container_refs | [] | | timeout_client_data | 50000 | | timeout_member_connect | 5000 | | timeout_member_data | 50000 | | timeout_tcp_inspect | 0 | | updated_at | 2019-02-14T12:41:55 | +---------------------------+--------------------------------------+ nicira@utu1604template:~/devstack$ openstack loadbalancer show a9266c7a-8442-4d98-b4af-6ac12ccc21c9 /usr/local/lib/python2.7/dist-packages/psycopg2/__init__.py:144: UserWarning: The psycopg2 wheel package will be renamed from release 2.8; in order to keep installing from binary please use "pip install psycopg2-binary" instead. For details see: <http://initd.org/psycopg/docs/install.html#binary-install-from-pypi>. """) +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | admin_state_up | True | | created_at | 2019-02-14T12:38:50 | | description | | | flavor | | | id | a9266c7a-8442-4d98-b4af-6ac12ccc21c9 | | listeners | c912df7d-0f5a-4fbf-bee6-34b9347b136b | | name | lb-1 | | operating_status | ERROR | | pools | | | project_id | 3010a9f826944cc2919536a94a501e80 | | provider | vmwareedge | | provisioning_status | ERROR | | updated_at | 2019-02-14T12:41:55 | | vip_address | 27.0.0.92 | | vip_network_id | 0ff2733a-bd7a-42e5-ae7d-5a11314e6aa5 | | vip_port_id | fa369c3f-9039-4b29-bd34-614485720fab | | vip_qos_policy_id | None | | vip_subnet_id | e33f5c09-4822-439b-86ac-3706f2cc81aa | +---------------------+--------------------------------------+ and Loadbalancer is immutable and im unable to delete the resources nicira@utu1604template:~/devstack$ ^C nicira@utu1604template:~/devstack$ openstack loadbalancer listener delete c912df7d-0f5a-4fbf-bee6-34b9347b136b /usr/local/lib/python2.7/dist-packages/psycopg2/__init__.py:144: UserWarning: The psycopg2 wheel package will be renamed from release 2.8; in order to keep installing from binary please use "pip install psycopg2-binary" instead. For details see: <http://initd.org/psycopg/docs/install.html#binary-install-from-pypi>. """) Load Balancer a9266c7a-8442-4d98-b4af-6ac12ccc21c9 is immutable and cannot be updated. (HTTP 409) (Request-ID: req-0441120d-1ffa-48d1-90d1-a965c91b0eb7) ** Affects: octavia Importance: Undecided Status: New ** Project changed: neutron => octavia ** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1817692 Title: [OCTAVIA] LB resources created with invalid option are remained as Stale on db Status in octavia: New Bug description: The Octavia has the following issue: when we try to create a Listener with "protocol UDP" which is not supported, the LB ans Listener enter into ERROR state and Loadbalancer goes immutable and the resources related to the LB can never be deleted. Here is the state after the Listener creation with UDP as protocol option for a LB created on OCTAVIA. /usr/local/lib/python2.7/dist-packages/psycopg2/__init__.py:144: UserWarning: The psycopg2 wheel package will be renamed from release 2.8; in order to kee p installing from binary please use "pip install psycopg2-binary" instead. For details see: <http://initd.org/psycopg/docs/install.html#binary-install-fro m-pypi>. """) +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | connection_limit | -1 | | created_at | 2019-02-14T12:41:31 | | default_pool_id | None | | default_tls_container_ref | None | | description | | | id | c912df7d-0f5a-4fbf-bee6-34b9347b136b | | insert_headers | None | | l7policies | | | loadbalancers | a9266c7a-8442-4d98-b4af-6ac12ccc21c9 | | name | | | operating_status | ERROR | | project_id | 3010a9f826944cc2919536a94a501e80 | | protocol | UDP | | protocol_port | 80 | | provisioning_status | ERROR | | sni_container_refs | [] | | timeout_client_data | 50000 | | timeout_member_connect | 5000 | | timeout_member_data | 50000 | | timeout_tcp_inspect | 0 | | updated_at | 2019-02-14T12:41:55 | +---------------------------+--------------------------------------+ nicira@utu1604template:~/devstack$ openstack loadbalancer show a9266c7a-8442-4d98-b4af-6ac12ccc21c9 /usr/local/lib/python2.7/dist-packages/psycopg2/__init__.py:144: UserWarning: The psycopg2 wheel package will be renamed from release 2.8; in order to keep installing from binary please use "pip install psycopg2-binary" instead. For details see: <http://initd.org/psycopg/docs/install.html#binary-install-from-pypi>. """) +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | admin_state_up | True | | created_at | 2019-02-14T12:38:50 | | description | | | flavor | | | id | a9266c7a-8442-4d98-b4af-6ac12ccc21c9 | | listeners | c912df7d-0f5a-4fbf-bee6-34b9347b136b | | name | lb-1 | | operating_status | ERROR | | pools | | | project_id | 3010a9f826944cc2919536a94a501e80 | | provider | vmwareedge | | provisioning_status | ERROR | | updated_at | 2019-02-14T12:41:55 | | vip_address | 27.0.0.92 | | vip_network_id | 0ff2733a-bd7a-42e5-ae7d-5a11314e6aa5 | | vip_port_id | fa369c3f-9039-4b29-bd34-614485720fab | | vip_qos_policy_id | None | | vip_subnet_id | e33f5c09-4822-439b-86ac-3706f2cc81aa | +---------------------+--------------------------------------+ and Loadbalancer is immutable and im unable to delete the resources nicira@utu1604template:~/devstack$ ^C nicira@utu1604template:~/devstack$ openstack loadbalancer listener delete c912df7d-0f5a-4fbf-bee6-34b9347b136b /usr/local/lib/python2.7/dist-packages/psycopg2/__init__.py:144: UserWarning: The psycopg2 wheel package will be renamed from release 2.8; in order to keep installing from binary please use "pip install psycopg2-binary" instead. For details see: <http://initd.org/psycopg/docs/install.html#binary-install-from-pypi>. """) Load Balancer a9266c7a-8442-4d98-b4af-6ac12ccc21c9 is immutable and cannot be updated. (HTTP 409) (Request-ID: req-0441120d-1ffa-48d1-90d1-a965c91b0eb7) To manage notifications about this bug go to: https://bugs.launchpad.net/octavia/+bug/1817692/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
