Public bug reported: >From what I understand, ExternalNetworkAttachForbidden is raised when a user tries to create an instance directly attached to an external network and that is forbidden.
I found two places in the code where this exception is caught: 1) https://opendev.org/openstack/nova/src/branch/master/nova/api/openstack/compute/servers.py#L813 server create API call 2) https://opendev.org/openstack/nova/src/branch/master/nova/compute/manager.py#L2656 instance build on compute node Tested on my Ussuri environment, this is caught only at 2), when the instance is being built on the compute node, which means the instance ends up in ERROR state with a fault looking like this: {'code': 500, 'created': '2023-04-04T11:41:55Z', 'message': 'Build of instance 616d6611-133b-4ebd-947f-f0b0eee7aa0f aborted: Failed to allocate the network(s), not rescheduling.', 'details': 'Traceback (most recent call last):\n File "/usr/lib/python3/dist- packages/nova/compute/manager.py", line 2467, in _build_and_run_instance\n self.driver.spawn(context, instance, image_meta,\n File "/usr/lib/python3/dist- packages/nova/virt/libvirt/driver.py", line 3738, in spawn\n xml = self._get_guest_xml(context, instance, network_info,\n File "/usr/lib/python3/dist-packages/nova/virt/libvirt/driver.py", line 6486, in _get_guest_xml\n network_info_str = str(network_info)\n File "/usr/lib/python3/dist-packages/nova/network/model.py", line 616, in __str__\n return self._sync_wrapper(fn, *args, **kwargs)\n File "/usr/lib/python3/dist-packages/nova/network/model.py", line 599, in _sync_wrapper\n self.wait()\n File "/usr/lib/python3/dist- packages/nova/network/model.py", line 631, in wait\n self[:] = self._gt.wait()\n File "/usr/lib/python3/dist- packages/eventlet/greenthread.py", line 181, in wait\n return self._exit_event.wait()\n File "/usr/lib/python3/dist- packages/eventlet/event.py", line 132, in wait\n current.throw(*self._exc)\n File "/usr/lib/python3/dist- packages/eventlet/greenthread.py", line 221, in main\n result = function(*args, **kwargs)\n File "/usr/lib/python3/dist- packages/nova/utils.py", line 676, in context_wrapper\n return func(*args, **kwargs)\n File "/usr/lib/python3/dist- packages/nova/compute/manager.py", line 1842, in _allocate_network_async\n six.reraise(*exc_info)\n File "/usr/lib/python3/dist-packages/six.py", line 703, in reraise\n raise value\n File "/usr/lib/python3/dist-packages/nova/compute/manager.py", line 1820, in _allocate_network_async\n nwinfo = self.network_api.allocate_for_instance(\n File "/usr/lib/python3/dist- packages/nova/network/neutron.py", line 1069, in allocate_for_instance\n nets = self._validate_requested_network_ids(\n File "/usr/lib/python3/dist-packages/nova/network/neutron.py", line 948, in _validate_requested_network_ids\n self._check_external_network_attach(context, nets)\n File "/usr/lib/python3/dist-packages/nova/network/neutron.py", line 615, in _check_external_network_attach\n raise exception.ExternalNetworkAttachForbidden(\nnova.exception.ExternalNetworkAttachForbidden: It is not allowed to create an interface on external network c865e91b-83a4-4954-a421-8d4792179b3c\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File "/usr/lib/python3/dist-packages/nova/compute/manager.py", line 2290, in _do_build_and_run_instance\n self._build_and_run_instance(context, instance, image,\n File "/usr/lib/python3/dist-packages/nova/compute/manager.py", line 2536, in _build_and_run_instance\n raise exception.BuildAbortException(instance_uuid=instance.uuid,\nnova.exception.BuildAbortException: Build of instance 616d6611-133b-4ebd-947f-f0b0eee7aa0f aborted: Failed to allocate the network(s), not rescheduling.\n'} If it was caught at 1), which looks like is what is/was initially intended?, I expect the error would be reported to the user much earlier, directly as a response to the server create API call? ** Affects: nova Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova). https://bugs.launchpad.net/bugs/2015330 Title: ExternalNetworkAttachForbidden exception caught too late Status in OpenStack Compute (nova): New Bug description: From what I understand, ExternalNetworkAttachForbidden is raised when a user tries to create an instance directly attached to an external network and that is forbidden. I found two places in the code where this exception is caught: 1) https://opendev.org/openstack/nova/src/branch/master/nova/api/openstack/compute/servers.py#L813 server create API call 2) https://opendev.org/openstack/nova/src/branch/master/nova/compute/manager.py#L2656 instance build on compute node Tested on my Ussuri environment, this is caught only at 2), when the instance is being built on the compute node, which means the instance ends up in ERROR state with a fault looking like this: {'code': 500, 'created': '2023-04-04T11:41:55Z', 'message': 'Build of instance 616d6611-133b-4ebd-947f-f0b0eee7aa0f aborted: Failed to allocate the network(s), not rescheduling.', 'details': 'Traceback (most recent call last):\n File "/usr/lib/python3/dist- packages/nova/compute/manager.py", line 2467, in _build_and_run_instance\n self.driver.spawn(context, instance, image_meta,\n File "/usr/lib/python3/dist- packages/nova/virt/libvirt/driver.py", line 3738, in spawn\n xml = self._get_guest_xml(context, instance, network_info,\n File "/usr/lib/python3/dist-packages/nova/virt/libvirt/driver.py", line 6486, in _get_guest_xml\n network_info_str = str(network_info)\n File "/usr/lib/python3/dist-packages/nova/network/model.py", line 616, in __str__\n return self._sync_wrapper(fn, *args, **kwargs)\n File "/usr/lib/python3/dist-packages/nova/network/model.py", line 599, in _sync_wrapper\n self.wait()\n File "/usr/lib/python3/dist- packages/nova/network/model.py", line 631, in wait\n self[:] = self._gt.wait()\n File "/usr/lib/python3/dist- packages/eventlet/greenthread.py", line 181, in wait\n return self._exit_event.wait()\n File "/usr/lib/python3/dist- packages/eventlet/event.py", line 132, in wait\n current.throw(*self._exc)\n File "/usr/lib/python3/dist- packages/eventlet/greenthread.py", line 221, in main\n result = function(*args, **kwargs)\n File "/usr/lib/python3/dist- packages/nova/utils.py", line 676, in context_wrapper\n return func(*args, **kwargs)\n File "/usr/lib/python3/dist- packages/nova/compute/manager.py", line 1842, in _allocate_network_async\n six.reraise(*exc_info)\n File "/usr/lib/python3/dist-packages/six.py", line 703, in reraise\n raise value\n File "/usr/lib/python3/dist- packages/nova/compute/manager.py", line 1820, in _allocate_network_async\n nwinfo = self.network_api.allocate_for_instance(\n File "/usr/lib/python3/dist-packages/nova/network/neutron.py", line 1069, in allocate_for_instance\n nets = self._validate_requested_network_ids(\n File "/usr/lib/python3/dist- packages/nova/network/neutron.py", line 948, in _validate_requested_network_ids\n self._check_external_network_attach(context, nets)\n File "/usr/lib/python3/dist-packages/nova/network/neutron.py", line 615, in _check_external_network_attach\n raise exception.ExternalNetworkAttachForbidden(\nnova.exception.ExternalNetworkAttachForbidden: It is not allowed to create an interface on external network c865e91b-83a4-4954-a421-8d4792179b3c\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n File "/usr/lib/python3/dist- packages/nova/compute/manager.py", line 2290, in _do_build_and_run_instance\n self._build_and_run_instance(context, instance, image,\n File "/usr/lib/python3/dist- packages/nova/compute/manager.py", line 2536, in _build_and_run_instance\n raise exception.BuildAbortException(instance_uuid=instance.uuid,\nnova.exception.BuildAbortException: Build of instance 616d6611-133b-4ebd-947f-f0b0eee7aa0f aborted: Failed to allocate the network(s), not rescheduling.\n'} If it was caught at 1), which looks like is what is/was initially intended?, I expect the error would be reported to the user much earlier, directly as a response to the server create API call? To manage notifications about this bug go to: https://bugs.launchpad.net/nova/+bug/2015330/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp