Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1489070 - iptables manager may fail to apply firewall rules if another iptables* process is being executed
iptables manager may fail to apply firewall rules if another iptables* proces...
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-neutron (Show other bugs)
12.0 (Pike)
Unspecified Unspecified
urgent Severity urgent
: async
: 10.0 (Newton)
Assigned To: Ihar Hrachyshka
Toni Freger
: Triaged, ZStream
: 1491803 (view as bug list)
Depends On: 1489066 1489071 1489072 1489074 1489081
Blocks: 1489069 1504790 1504791 1505518 1505520 1505522 1505524 1505525 1505526 1505529
  Show dependency treegraph
 
Reported: 2017-09-06 12:03 EDT by Ihar Hrachyshka
Modified: 2017-12-25 05:03 EST (History)
16 users (show)

See Also:
Fixed In Version: openstack-neutron-9.4.1-2.el7ost
Doc Type: Known Issue
Doc Text:
The new iptables version that ships with RHEL 7.4 includes a new --wait parameter. This parameter allows iptables commands issued in parallel to wait until a lock is released by the prior command. For OpenStack, the neutron service provides the iptables locking but only on the routers level. As such, when processing routers (for example, during a fullsync after the l3 agent is started), some iptables commands issued by neutron may fail because they are experiencing this lock and require the --wait parameter that is not available in neutron yet. Any routers affected by this will cause malfunctions of some floating IPs, or some instances may not access the metadata API during cloud-init. We recommend that you do not upgrade to RHEL 7.4 until neutron is released with a fix that adopts the new iptables --wait parameter.
Story Points: ---
Clone Of: 1489066
: 1504790 1504791 (view as bug list)
Environment:
Last Closed: 2017-10-16 16:02:49 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Launchpad 1712185 None None None 2017-09-06 12:03 EDT
Red Hat Knowledge Base (Solution) 3204701 None None None 2017-10-03 08:50 EDT
OpenStack gerrit 495974 None None None 2017-09-06 12:03 EDT
Red Hat Product Errata RHBA-2017:2896 normal SHIPPED_LIVE openstack-neutron bug fix advisory 2017-10-16 20:02:25 EDT

  None (edit)
Comment 1 Jakub Libosvar 2017-09-25 10:26:33 EDT 
*** Bug 1491803 has been marked as a duplicate of this bug. ***
Comment 14 Toni Freger 2017-10-16 07:21:22 EDT 
Tested on latest OSP10 with openstack-neutron-9.4.1-2.el7ost
Tempest ran for several hours no errors were found in l3/dhcp/ovs agents.
Comment 16 errata-xmlrpc 2017-10-16 16:02:49 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2896
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.