[Bug 2077424] [NEW] neutron missing dependency on iptables
Jan Graichen
2077424 at bugs.launchpad.net
Tue Aug 20 13:32:57 UTC 2024
Public bug reported:
Neutron agents are missing a package dependency on iptables, since
iptables is not installed by default:
neutron-l3-agent:
Aug 20 13:16:34 gateway1a neutron-l3-agent[1498]:
Failed to process floating IPs.
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 434, in defer_apply
yield
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 1040, in process_external
self._process_external_gateway(ex_gw_port)
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 938, in _process_external_gateway
self._handle_router_snat_rules(gw_port, interface_name)
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 1011, in _handle_router_snat_rules
self._add_snat_rules(ex_gw_port,
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 996, in _add_snat_rules
rules = self.external_gateway_nat_fip_rules(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 955, in external_gateway_nat_fip_rules
if self.iptables_manager.random_fully:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 502, in random_fully
version = self._get_version()
^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 492, in _get_version
version = str(linux_utils.execute(
^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 131, in execute
_stdout, _stderr, returncode = priv_utils.execute_process(
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_privsep/priv_context.py", line 271, in _wrap
return self.channel.remote_call(name, args, kwargs,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_privsep/daemon.py", line 215, in remote_call
raise exc_type(*result[2])
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 437, in defer_apply
self.defer_apply_off()
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 451, in defer_apply_off
self._apply()
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 469, in _apply
first = self._apply_synchronized()
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 593, in _apply_synchronized
with excutils.save_and_reraise_exception() as ctx:
File "/usr/lib/python3/dist-packages/oslo_utils/excutils.py", line 227, in __exit__
self.force_reraise()
File "/usr/lib/python3/dist-packages/oslo_utils/excutils.py", line 200, in force_reraise
raise self.value
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 586, in _apply_synchronized
save_output = linux_utils.execute(args, run_as_root=True,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 156, in execute
raise exceptions.ProcessExecutionError(msg,
neutron_lib.exceptions.ProcessExecutionError: Exit code: 1; Cmd: ['ip', 'netns', 'exec', 'qrouter-47f6ed06-b839-4672-af8e-811d66b33581', 'iptables-save']; Stdin: ; Stdout: ; Stderr: exec of "iptables-save" failed: No such file or dir>
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 1038, in process_external
with self.iptables_manager.defer_apply():
File "/usr/lib/python3.12/contextlib.py", line 158, in __exit__
self.gen.throw(value)
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 444, in defer_apply
raise l3_exc.IpTablesApplyException(msg)
neutron_lib.exceptions.l3.IpTablesApplyException: Failure applying iptables rules
neutron-linuxbridge-agent:
Aug 20 13:17:42 gateway1a neutron-linuxbridge-agent[11326]:
Error starting thread.
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/securitygroups_rpc.py", line 127, in init_firewall
self.firewall = firewall_class(
^^^^^^^^^^^^^^^
TypeError: IptablesFirewallDriver.__init__() got an unexpected keyword argument 'integration_bridge'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 54, in get_conntrack
return CONTRACK_MGRS[namespace]
~~~~~~~~~~~~~^^^^^^^^^^^
KeyError: None
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/oslo_service/service.py", line 810, in run_service
service.start()
File "/usr/lib/python3/dist-packages/osprofiler/profiler.py", line 159, in wrapper
result = f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/plugins/ml2/drivers/agent/_common_agent.py", line 87, in start
self.setup_rpc()
File "/usr/lib/python3/dist-packages/osprofiler/profiler.py", line 159, in wrapper
result = f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/plugins/ml2/drivers/agent/_common_agent.py", line 164, in setup_rpc
self.sg_agent = agent_sg_rpc.SecurityGroupAgentRpc(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/securitygroups_rpc.py", line 76, in __init__
self.init_firewall(defer_refresh_firewall, integration_bridge)
File "/usr/lib/python3/dist-packages/neutron/agent/securitygroups_rpc.py", line 130, in init_firewall
self.firewall = firewall_class()
^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_firewall.py", line 77, in __init__
self.ipconntrack = ip_conntrack.get_conntrack(
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_concurrency/lockutils.py", line 412, in inner
return f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 56, in get_conntrack
ipconntrack = IpConntrackManager(get_rules_for_table_func,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 75, in __init__
self._populate_initial_zone_map()
File "/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 190, in _populate_initial_zone_map
rules = self.get_rules_for_table_func('raw')
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 486, in get_rules_for_table
return linux_utils.execute(args, run_as_root=True,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 131, in execute
_stdout, _stderr, returncode = priv_utils.execute_process(
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_privsep/priv_context.py", line 271, in _wrap
return self.channel.remote_call(name, args, kwargs,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_privsep/daemon.py", line 215, in remote_call
raise exc_type(*result[2])
FileNotFoundError: [Errno 2] No such file or directory
ProblemType: Bug
DistroRelease: Ubuntu 24.04
Package: neutron-linuxbridge-agent 2:24.0.0-0ubuntu1
ProcVersionSignature: Ubuntu 6.8.0-40.40-generic 6.8.12
Uname: Linux 6.8.0-40-generic x86_64
NonfreeKernelModules: zfs
ApportVersion: 2.28.1-0ubuntu3.1
Architecture: amd64
CasperMD5CheckResult: unknown
Date: Tue Aug 20 13:28:31 2024
PackageArchitecture: all
ProcEnviron:
LANG=en_US.UTF-8
PATH=(custom, no user)
SHELL=/bin/bash
TERM=xterm-256color
XDG_RUNTIME_DIR=<set>
SourcePackage: neutron
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: neutron (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug noble
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to neutron in Ubuntu.
https://bugs.launchpad.net/bugs/2077424
Title:
neutron missing dependency on iptables
Status in neutron package in Ubuntu:
New
Bug description:
Neutron agents are missing a package dependency on iptables, since
iptables is not installed by default:
neutron-l3-agent:
Aug 20 13:16:34 gateway1a neutron-l3-agent[1498]:
Failed to process floating IPs.
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 434, in defer_apply
yield
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 1040, in process_external
self._process_external_gateway(ex_gw_port)
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 938, in _process_external_gateway
self._handle_router_snat_rules(gw_port, interface_name)
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 1011, in _handle_router_snat_rules
self._add_snat_rules(ex_gw_port,
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 996, in _add_snat_rules
rules = self.external_gateway_nat_fip_rules(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 955, in external_gateway_nat_fip_rules
if self.iptables_manager.random_fully:
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 502, in random_fully
version = self._get_version()
^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 492, in _get_version
version = str(linux_utils.execute(
^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 131, in execute
_stdout, _stderr, returncode = priv_utils.execute_process(
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_privsep/priv_context.py", line 271, in _wrap
return self.channel.remote_call(name, args, kwargs,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_privsep/daemon.py", line 215, in remote_call
raise exc_type(*result[2])
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 437, in defer_apply
self.defer_apply_off()
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 451, in defer_apply_off
self._apply()
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 469, in _apply
first = self._apply_synchronized()
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 593, in _apply_synchronized
with excutils.save_and_reraise_exception() as ctx:
File "/usr/lib/python3/dist-packages/oslo_utils/excutils.py", line 227, in __exit__
self.force_reraise()
File "/usr/lib/python3/dist-packages/oslo_utils/excutils.py", line 200, in force_reraise
raise self.value
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 586, in _apply_synchronized
save_output = linux_utils.execute(args, run_as_root=True,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 156, in execute
raise exceptions.ProcessExecutionError(msg,
neutron_lib.exceptions.ProcessExecutionError: Exit code: 1; Cmd: ['ip', 'netns', 'exec', 'qrouter-47f6ed06-b839-4672-af8e-811d66b33581', 'iptables-save']; Stdin: ; Stdout: ; Stderr: exec of "iptables-save" failed: No such file or dir>
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", line 1038, in process_external
with self.iptables_manager.defer_apply():
File "/usr/lib/python3.12/contextlib.py", line 158, in __exit__
self.gen.throw(value)
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 444, in defer_apply
raise l3_exc.IpTablesApplyException(msg)
neutron_lib.exceptions.l3.IpTablesApplyException: Failure applying iptables rules
neutron-linuxbridge-agent:
Aug 20 13:17:42 gateway1a neutron-linuxbridge-agent[11326]:
Error starting thread.
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/securitygroups_rpc.py", line 127, in init_firewall
self.firewall = firewall_class(
^^^^^^^^^^^^^^^
TypeError: IptablesFirewallDriver.__init__() got an unexpected keyword argument 'integration_bridge'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 54, in get_conntrack
return CONTRACK_MGRS[namespace]
~~~~~~~~~~~~~^^^^^^^^^^^
KeyError: None
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/oslo_service/service.py", line 810, in run_service
service.start()
File "/usr/lib/python3/dist-packages/osprofiler/profiler.py", line 159, in wrapper
result = f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/plugins/ml2/drivers/agent/_common_agent.py", line 87, in start
self.setup_rpc()
File "/usr/lib/python3/dist-packages/osprofiler/profiler.py", line 159, in wrapper
result = f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/plugins/ml2/drivers/agent/_common_agent.py", line 164, in setup_rpc
self.sg_agent = agent_sg_rpc.SecurityGroupAgentRpc(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/securitygroups_rpc.py", line 76, in __init__
self.init_firewall(defer_refresh_firewall, integration_bridge)
File "/usr/lib/python3/dist-packages/neutron/agent/securitygroups_rpc.py", line 130, in init_firewall
self.firewall = firewall_class()
^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_firewall.py", line 77, in __init__
self.ipconntrack = ip_conntrack.get_conntrack(
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_concurrency/lockutils.py", line 412, in inner
return f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 56, in get_conntrack
ipconntrack = IpConntrackManager(get_rules_for_table_func,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 75, in __init__
self._populate_initial_zone_map()
File "/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 190, in _populate_initial_zone_map
rules = self.get_rules_for_table_func('raw')
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 486, in get_rules_for_table
return linux_utils.execute(args, run_as_root=True,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 131, in execute
_stdout, _stderr, returncode = priv_utils.execute_process(
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_privsep/priv_context.py", line 271, in _wrap
return self.channel.remote_call(name, args, kwargs,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/oslo_privsep/daemon.py", line 215, in remote_call
raise exc_type(*result[2])
FileNotFoundError: [Errno 2] No such file or directory
ProblemType: Bug
DistroRelease: Ubuntu 24.04
Package: neutron-linuxbridge-agent 2:24.0.0-0ubuntu1
ProcVersionSignature: Ubuntu 6.8.0-40.40-generic 6.8.12
Uname: Linux 6.8.0-40-generic x86_64
NonfreeKernelModules: zfs
ApportVersion: 2.28.1-0ubuntu3.1
Architecture: amd64
CasperMD5CheckResult: unknown
Date: Tue Aug 20 13:28:31 2024
PackageArchitecture: all
ProcEnviron:
LANG=en_US.UTF-8
PATH=(custom, no user)
SHELL=/bin/bash
TERM=xterm-256color
XDG_RUNTIME_DIR=<set>
SourcePackage: neutron
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/2077424/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list