Public bug reported: Originally reported at: https://bugzilla.redhat.com/show_bug.cgi?id=2093901
Prerequisites: 1. OVN 21.09+ that includes https://github.com/ovn-org/ovn/commit/3ae8470edc648b7401433a22a9f15053cc7e666d 2. Existing metadata namespace created by OVN agent before commit https://review.opendev.org/c/openstack/neutron/+/768462 Steps to reproduce: 1. Neutron OVN metadata agent updated to include the patch from prereq (2). 2. Neutron OVN metadata agent is restarted. It will create a new network namespace to host the metadata vif. It will also remove the old vif. 3. curl http://169.254.169.254/latest/meta-data/ from a VM that is hosted on the same node. It fails. This happens because the agent first creates new vif, then deletes the old vif. Which puts OVN into a situation where 2 interfaces exist in parallel assigned to the same LSP. This scenario is considered invalid by OVN core team. There's a patch up for review for OVN core to handle the situation more gracefully: https://patchwork.ozlabs.org/project/ovn/patch/[email protected]/ This patch will not leave metadata service broken, but it will trigger full recompute in OVN. So we should not rely on its mechanics. Instead Neutron should make sure that no two vifs carry the same iface-id at the same time. The reason why this was not a problem with OVN 21.06 or earlier is because the patch referred in prereq (1) changed the behavior in this invalid / undefined scenario. ** Affects: neutron Importance: Undecided Assignee: Ihar Hrachyshka (ihar-hrachyshka) Status: In Progress -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1997092 Title: Metadata service broken after minor neutron update when OVN 21.09+ is used Status in neutron: In Progress Bug description: Originally reported at: https://bugzilla.redhat.com/show_bug.cgi?id=2093901 Prerequisites: 1. OVN 21.09+ that includes https://github.com/ovn-org/ovn/commit/3ae8470edc648b7401433a22a9f15053cc7e666d 2. Existing metadata namespace created by OVN agent before commit https://review.opendev.org/c/openstack/neutron/+/768462 Steps to reproduce: 1. Neutron OVN metadata agent updated to include the patch from prereq (2). 2. Neutron OVN metadata agent is restarted. It will create a new network namespace to host the metadata vif. It will also remove the old vif. 3. curl http://169.254.169.254/latest/meta-data/ from a VM that is hosted on the same node. It fails. This happens because the agent first creates new vif, then deletes the old vif. Which puts OVN into a situation where 2 interfaces exist in parallel assigned to the same LSP. This scenario is considered invalid by OVN core team. There's a patch up for review for OVN core to handle the situation more gracefully: https://patchwork.ozlabs.org/project/ovn/patch/[email protected]/ This patch will not leave metadata service broken, but it will trigger full recompute in OVN. So we should not rely on its mechanics. Instead Neutron should make sure that no two vifs carry the same iface-id at the same time. The reason why this was not a problem with OVN 21.06 or earlier is because the patch referred in prereq (1) changed the behavior in this invalid / undefined scenario. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1997092/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
