Bug #4905

Opennebula 5.2 - Xen Deployment Failure during network initialization

Added by Alberto Picon Couselo 9 months ago. Updated 8 months ago.

Status:PendingStart date:11/08/2016
Priority:HighDue date:
Assignee:-% Done:

0%

Category:Drivers - Network
Target version:-
Resolution: Pull request:
Affected Versions:OpenNebula 5.2

Description

Hi, all.

We have upgraded Opennebula from 4.14.2 to 5.2 version. We have installed the Xen add-on without issues.

Xen hosts and VMs are correctly monitored. We are able to shutdown running VMs.

However when we try to deploy a new image, the deployment fails with the following errors:

Mon Nov 7 18:50:18 2016 [Z0][TM][D]: Message received: TRANSFER SUCCESS 333 -
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo brctl addbr brdctfrnt1".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo ip link set brdctfrnt1 up".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo ip link add link eth1 name eth1.10xx type vlan id 1033".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo ip link set eth1.10xx up".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo brctl addif brdctfrnt1 eth1.10xx".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo brctl addbr brdctcre1".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo ip link set brdctcre1 up".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo ip link add link eth1 name eth1.10xx type vlan id 1031".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo ip link set eth1.10xx up".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 pre: Executed "sudo brctl addif brdctcre1 eth1.10xx".
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 ExitCode: 0
Mon Nov 7 18:50:19 2016 [Z0][VMM][D]: Message received: LOG I 333 Successfully execute network driver operation: pre.
Mon Nov 7 18:50:20 2016 [Z0][VMM][D]: Message received: LOG D 333 deploy: Credits set to 205
Mon Nov 7 18:50:20 2016 [Z0][VMM][D]: Message received: LOG I 333 ExitCode: 0
Mon Nov 7 18:50:20 2016 [Z0][VMM][D]: Message received: LOG I 333 Successfully execute virtualization driver operation: deploy.
Mon Nov 7 18:50:20 2016 [Z0][VMM][D]: Message received: LOG I 333 Command execution fail: /var/tmp/one/vnm/802.1Q/post <base64code>
Mon Nov 7 18:50:20 2016 [Z0][VMM][D]: Message received: LOG I 333 iptables v1.4.14: interface name `--physdev-is-bridged' must be shorter than IFNAMSIZ (15)
Mon Nov 7 18:50:20 2016 [Z0][VMM][D]: Message received: LOG I 333 Try `iptables -h' or 'iptables --help' for more information.
Mon Nov 7 18:50:20 2016 [Z0][VMM][D]: Message received: LOG E 333 post: Command Error: sudo iptables -I opennebula -m physdev --physdev-out --physdev-is-bridged -j one-333-0-i
Mon Nov 7 18:50:20 2016 [Z0][VMM][D]: Message received: LOG E 333 post: /var/tmp/one/vnm/802.1Q/../command.rb:61:in `run!'/var/tmp/one/vnm/802.1Q/../command.rb:58:in `each'/var/tmp/one/vnm/802.1Q/../command.rb:58:in `run!'/var/tmp/one/vnm/802.1Q/../security_groups_iptables.rb:289:in `nic_pre'/var/tmp/one/vnm/802.1Q/../sg_driver.rb:92:in `activate'/var/tmp/one/vnm/802.1Q/../sg_driver.rb:84:in `each'/var/tmp/one/vnm/802.1Q/../sg_driver.rb:84:in `activate'/var/tmp/one/vnm/802.1Q/post:32
Mon Nov 7 18:50:20 2016 [Z0][VMM][D]: Message received: LOG I 333 ExitCode: 1
Mon Nov 7 18:50:22 2016 [Z0][VMM][D]: Message received: LOG I 333 ExitCode: 0
Mon Nov 7 18:50:22 2016 [Z0][VMM][D]: Message received: LOG I 333 Successfully execute virtualization driver operation: cancel.
Mon Nov 7 18:50:22 2016 [Z0][VMM][D]: Message received: LOG I 333 Failed to execute network driver operation: post.
Mon Nov 7 18:50:22 2016 [Z0][VMM][D]: Message received: DEPLOY FAILURE 333 802.1Q: -

post: Command Error: sudo iptables -I opennebula -m physdev --physdev-out --physdev-is-bridged -j one-333-0-i

It seems that Opennebula is trying to apply security-groups-iptables commands. We have checked that the "MAC spoofing" and "IPTables filtering" options of the VM Network are disabled.

Is there a work around to this issue? We are currently migrating from Xen to KVM, but we need Opennebula Xen Support for the moment.

Best Regards and thank you for your help

History

#1 Updated by Laurent Grawet 8 months ago

Hi,

Are you using Ubuntu 14.04?
It looks like you are hit by the same bug as me, "xl network-list $domid" is now returning a null mac address with recent Ubuntu 14.04 updates:
https://github.com/OpenNebula/addon-xen/pull/10

Try the patch in the pull request. This is not a fix, just a temporary workaround to do some debugging.

Also available in: Atom PDF