Bug #3807: Iptables chain removed when detaching nic - OpenNebula - OpenNebula Development pages

Bug #3807

Iptables chain removed when detaching nic

Added by Mohd Nizam Mohd Mydin about 6 years ago. Updated about 6 years ago.

Status:

Closed

Start date:

05/13/2015

Priority:

Normal

Due date:

Assignee:

Jaime Melis

% Done:

Category:

Drivers - Network

Target version:

Release 4.14

Resolution:

fixed

Pull request:

Affected Versions:

OpenNebula 4.12

Description

To re-create the issue:

1. Instantiate a vm (1 NIC) => secgroup will be populated under iptables, the chains of one-<vmid>-0-i and one-<vmid>-0-o will be created.
2. Add a additional NIC to the vm => chains for the new NIC is created, one-<vmid>-1-i and one-<vmid>-1-o
3. Remove any single of those NIC => this is where the issue occur, both chains will be deleted.

clean - ovswitch Clean Method (1.4 KB) Sébastien LEFEUVRE, 05/27/2015 10:43 AM

OpenvSwitch.rb - ovswitch functions (6.1 KB) Sébastien LEFEUVRE, 05/27/2015 10:43 AM

post - ovswitch Post Method (1.43 KB) Sébastien LEFEUVRE, 05/27/2015 10:43 AM

one_vmm_exec.rb - NIC functions when vmm exec (29.1 KB) Sébastien LEFEUVRE, 05/27/2015 10:43 AM

Associated revisions

Revision dc318dd0
Added by Jaime Melis about 6 years ago

Bug #3807: Remove only rules for ATTACH=YES nics when
doing a detach (deactivate method)

History

#1 Updated by Ruben S. Montero about 6 years ago

Assignee set to Jaime Melis
Target version set to Release 4.14

#2 Updated by Ruben S. Montero about 6 years ago

it also affects OpenvSwtich driver

#3 Updated by Sébastien LEFEUVRE about 6 years ago

File clean added
File OpenvSwitch.rb added
File post added
File one_vmm_exec.rb added

I attach below the files updated that fix the bug of attach/detach NIC for each VMs using OpenVswitch Driver.

#4 Updated by Sébastien LEFEUVRE about 6 years ago

Sébastien LEFEUVRE wrote:

I attach below the files updated that fix the bug of attach/detach NIC for each VMs using OpenVswitch Driver refer to https://forum.opennebula.org/t/how-to-manage-openvswitch-flows-with-opennebula/701.

#5 Updated by Jaime Melis about 6 years ago

Status changed from Pending to Closed
Resolution set to fixed

Hi Sebastian, thank you for your patch. We believe that it has been solved in a slighty less intrusive way in the commit dc318dd0. As far as I can tell the final behaviour would be the same both with your path and with the commit dc318dd0. The main difference is:

[your patch] => the ruby driver (one_vmm_exec.rb) detects what the currently ATTACH=YES nic is, and passes it as an argument to the networking drivers (OpenvSwitch.rb)
[dc318dd0] => as the VM XML is already available inside the networking drivers, we can directly check if ATTACH=YES is present in one interface. If it is, we just process that interface, otherwise, we process all. In addition this commit fixes all the other drivers besides OpenvSwitch.rb

We will keep patch dc318dd0 for simplicity (hope you agree), but thanks a lot for your contribution :)

Also available in: Atom PDF

OpenNebula

Issues

Custom queries