Bug 1895702
Summary: | Nova – VM is created in spite of the fact that used port is missing fixed IP | ||
---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | Arkady Shtempler <ashtempl> |
Component: | openstack-neutron | Assignee: | RHOS Maint <rhos-maint> |
Status: | CLOSED NOTABUG | QA Contact: | Eran Kuris <ekuris> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 16.1 (Train) | CC: | amuller, ccamposr, chrisw, dasmith, eglynn, ekuris, jhakimra, kchamart, sbauza, scohen, sgordon, smooney, vromanso |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-12-01 12:38:04 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Arkady Shtempler
2020-11-08 14:35:45 UTC
we already do have an api check that prevents you form creating a vm with a port that does not have an ip. we even have request to allow creating vms with port with out a fixed ip so that l2 only applciation that dont use ip can be supported. you should see Port 6370c969-73ca-41df-8c15-d91f10d44a59 requires a FixedIP in order to be used. (HTTP 400) from the server create in this case. if you create the port with --no-fixed-ip you will get that error form nova https://review.opendev.org/#/c/669411/1 was the patch to allow using adress less port but we have not merged it as such the current check in the code https://github.com/openstack/nova/blob/eb279e9a5676f4142cce4700c3097ecc14161895/nova/network/neutron.py#L2253-L2255 should be preventing you from booting the vm. the only way to bypass that is fi you are using reouted networks and have ip_allocation=deferred set https://github.com/openstack/nova/blob/eb279e9a5676f4142cce4700c3097ecc14161895/nova/network/neutron.py#L2248 so it sound like there is a neutorn bug and it set the ip_alloction to deferred or you are using routed network and you have not waited for the server to finish booting and the ip adress has not been assigned yet. can you provide logs for this and also confirm if you are using routed netwoks beacuse form looking at the code i dont see how the server could have gone to active state. Given nova has code to explicitly block instances with no fixed ip im more this to the networking dfg. There is only one way to bypass that check which is to set the port allocation policy to defer neutron should only do that if the prot is attached to a routed network segnment so in this case the port which was created before any subnet should not have ip allocation policy defere. if it does have deferre and neutron wants to allow that it ok but in that case it need to assign the ip to the port when we bind it which it is clearly not doing based on the failure that was reported when adding the floating ip. if you need more input form the compute dfg let me know. After debugging the error is trying to attach a FIP to a port with only ipv6 and it isn't supported: 207 openstack network create net3 208 openstack port create --network net3 port_3 209 openstack subnet create --ipv6-ra-mode slaac --ipv6-address-mode slaac --dns-nameserver 2001:4860:4860::8888 --ip-version 6 --network net3 --use-prefix-delegation USE_PREFIX_DELEGATION sub3 210 openstack flavor list 211 openstack image list 212 openstack server create --flavor m1.micro --image cirros-0.4.0-x86_64-disk.img --port port_3 vm3 (overcloud) [stack@undercloud-0 ~]$ openstack server list +--------------------------------------+------+--------+----------------------------+------------------------------+--------+ | ID | Name | Status | Networks | Image | Flavor | +--------------------------------------+------+--------+----------------------------+------------------------------+--------+ | 1eba1c60-0a2d-4e4a-a8fd-edf1c83231c8 | vm3 | ACTIVE | net3=::f816:3eff:fe65:1d59 | cirros-0.4.0-x86_64-disk.img | | | 7d59ad89-56c4-4fb1-8021-db3526a95f76 | vm1 | ACTIVE | net2=10.1.3.33 | cirros | | +--------------------------------------+------+--------+----------------------------+------------------------------+--------+ (overcloud) [stack@undercloud-0 ~]$ openstack server add floating ip usage: openstack server add floating ip [-h] [--fixed-ip-address <ip-address>] <server> <ip-address> openstack server add floating ip: error: the following arguments are required: <server>, <ip-address> (overcloud) [stack@undercloud-0 ~]$ openstack server add floating ip vm3 10.0.0.229 BadRequestException: 400: Client Error for url: http://10.0.0.120:9696/v2.0/floatingips/291ada91-9569-4b5e-a025-15e3c6689547, Bad floatingip request: Cannot add floating IP to port 73baa2e8-8f9b-43ae-aa41-867ab6e9eb7e that has no fixed IPv4 addresses. This error is the expected behavior with ipv6: NAT & Floating IPs¶ At the current time OpenStack Networking does not provide any facility to support any flavor of NAT with IPv6. Unlike IPv4 there is no current embedded support for floating IPs with IPv6. It is assumed that the IPv6 addressing amongst the projects is using GUAs with no overlap across the projects. https://docs.openstack.org/ocata/networking-guide/config-ipv6.html |