Description of problem: From https://review.openstack.org/#/c/519354/: The script called destroy-patch-ports will break connection between the integration bridge and provider bridges configured in Neutron config files. See https://bugzilla.redhat.com/show_bug.cgi?id=1490281 for more details about the reason. With systemd, we have control over dependencies between services, therefore we can tell that destroy-patch-ports service must be run before neutron-openvswitch-agent. But we do not have this ability using docker. That's why this patch simply calls the script before each start of the agent. To avoid unnecessary breakage of patch ports, the script was enhanced to check a canary flow on integration bridge and in case the flow is there, it will not delete the patch ports. Presence of canary flow on integration bridge means that bridge has been already configured. It also implies provider bridges are configured too and thus they can't cause the ARP storm as described in Red Hat Bugzilla 1490281. Version-Release number of selected component (if applicable): openstack-tripleo-heat-templates-8.0.0-0.20180122224017.el7ost.noarch How reproducible: always Steps to Reproduce: 1. reboot all controllers at once 2. wait for them to come back online Actual results: ARP Storm at controllers Expected results: No network issues Additional info:
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2018:2086