[Bug 2077424] [NEW] neutron missing dependency on iptables

Jan Graichen Tue, 20 Aug 2024 06:40:36 -0700

Public bug reported:

Neutron agents are missing a package dependency on iptables, since
iptables is not installed by default:


neutron-l3-agent:

  Aug 20 13:16:34 gateway1a neutron-l3-agent[1498]: 
    Failed to process floating IPs.
    Traceback (most recent call last):
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
434, in defer_apply
        yield
      File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", 
line 1040, in process_external
        self._process_external_gateway(ex_gw_port)
      File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", 
line 938, in _process_external_gateway
        self._handle_router_snat_rules(gw_port, interface_name)
      File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", 
line 1011, in _handle_router_snat_rules
        self._add_snat_rules(ex_gw_port,
      File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", 
line 996, in _add_snat_rules
        rules = self.external_gateway_nat_fip_rules(
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", 
line 955, in external_gateway_nat_fip_rules
        if self.iptables_manager.random_fully:
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
502, in random_fully
        version = self._get_version()
                  ^^^^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
492, in _get_version
        version = str(linux_utils.execute(
                      ^^^^^^^^^^^^^^^^^^^^
      File "/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 
131, in execute
        _stdout, _stderr, returncode = priv_utils.execute_process(
                                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File "/usr/lib/python3/dist-packages/oslo_privsep/priv_context.py", line 
271, in _wrap
        return self.channel.remote_call(name, args, kwargs,
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File "/usr/lib/python3/dist-packages/oslo_privsep/daemon.py", line 215, 
in remote_call
        raise exc_type(*result[2])
    FileNotFoundError: [Errno 2] No such file or directory
    
    During handling of the above exception, another exception occurred:
    
    Traceback (most recent call last):
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
437, in defer_apply
        self.defer_apply_off()
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
451, in defer_apply_off
        self._apply()
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
469, in _apply
        first = self._apply_synchronized()
                ^^^^^^^^^^^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
593, in _apply_synchronized
        with excutils.save_and_reraise_exception() as ctx:
      File "/usr/lib/python3/dist-packages/oslo_utils/excutils.py", line 227, 
in __exit__
        self.force_reraise()
      File "/usr/lib/python3/dist-packages/oslo_utils/excutils.py", line 200, 
in force_reraise
        raise self.value
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
586, in _apply_synchronized
        save_output = linux_utils.execute(args, run_as_root=True,
                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File "/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 
156, in execute
        raise exceptions.ProcessExecutionError(msg,
    neutron_lib.exceptions.ProcessExecutionError: Exit code: 1; Cmd: ['ip', 
'netns', 'exec', 'qrouter-47f6ed06-b839-4672-af8e-811d66b33581', 
'iptables-save']; Stdin: ; Stdout: ; Stderr: exec of "iptables-save" failed: No 
such file or dir>
    
    
    During handling of the above exception, another exception occurred:
    
    Traceback (most recent call last):
      File "/usr/lib/python3/dist-packages/neutron/agent/l3/router_info.py", 
line 1038, in process_external
        with self.iptables_manager.defer_apply():
      File "/usr/lib/python3.12/contextlib.py", line 158, in __exit__
        self.gen.throw(value)
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
444, in defer_apply
        raise l3_exc.IpTablesApplyException(msg)
    neutron_lib.exceptions.l3.IpTablesApplyException: Failure applying iptables 
rules


neutron-linuxbridge-agent:

  Aug 20 13:17:42 gateway1a neutron-linuxbridge-agent[11326]: 
    Error starting thread.
    Traceback (most recent call last):
      File 
"/usr/lib/python3/dist-packages/neutron/agent/securitygroups_rpc.py", line 127, 
in init_firewall
        self.firewall = firewall_class(
                        ^^^^^^^^^^^^^^^
    TypeError: IptablesFirewallDriver.__init__() got an unexpected keyword 
argument 'integration_bridge'
    
    During handling of the above exception, another exception occurred:
    
    Traceback (most recent call last):
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 54, 
in get_conntrack
        return CONTRACK_MGRS[namespace]
                ~~~~~~~~~~~~~^^^^^^^^^^^
    KeyError: None
    
    During handling of the above exception, another exception occurred:
    
    Traceback (most recent call last):
      File "/usr/lib/python3/dist-packages/oslo_service/service.py", line 810, 
in run_service
        service.start()
      File "/usr/lib/python3/dist-packages/osprofiler/profiler.py", line 159, 
in wrapper
        result = f(*args, **kwargs)
                  ^^^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/plugins/ml2/drivers/agent/_common_agent.py",
 line 87, in start
        self.setup_rpc()
      File "/usr/lib/python3/dist-packages/osprofiler/profiler.py", line 159, 
in wrapper
        result = f(*args, **kwargs)
                  ^^^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/plugins/ml2/drivers/agent/_common_agent.py",
 line 164, in setup_rpc
        self.sg_agent = agent_sg_rpc.SecurityGroupAgentRpc(
                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/agent/securitygroups_rpc.py", line 76, 
in __init__
        self.init_firewall(defer_refresh_firewall, integration_bridge)
      File 
"/usr/lib/python3/dist-packages/neutron/agent/securitygroups_rpc.py", line 130, 
in init_firewall
        self.firewall = firewall_class()
                        ^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_firewall.py", line 
77, in __init__
        self.ipconntrack = ip_conntrack.get_conntrack(
                            ^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File "/usr/lib/python3/dist-packages/oslo_concurrency/lockutils.py", line 
412, in inner
        return f(*args, **kwargs)
                ^^^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 56, 
in get_conntrack
        ipconntrack = IpConntrackManager(get_rules_for_table_func,
                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 75, 
in __init__
        self._populate_initial_zone_map()
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/ip_conntrack.py", line 190, 
in _populate_initial_zone_map
        rules = self.get_rules_for_table_func('raw')
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File 
"/usr/lib/python3/dist-packages/neutron/agent/linux/iptables_manager.py", line 
486, in get_rules_for_table
        return linux_utils.execute(args, run_as_root=True,
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File "/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 
131, in execute
        _stdout, _stderr, returncode = priv_utils.execute_process(
                                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File "/usr/lib/python3/dist-packages/oslo_privsep/priv_context.py", line 
271, in _wrap
        return self.channel.remote_call(name, args, kwargs,
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
      File "/usr/lib/python3/dist-packages/oslo_privsep/daemon.py", line 215, 
in remote_call
        raise exc_type(*result[2])
    FileNotFoundError: [Errno 2] No such file or directory

ProblemType: Bug
DistroRelease: Ubuntu 24.04
Package: neutron-linuxbridge-agent 2:24.0.0-0ubuntu1
ProcVersionSignature: Ubuntu 6.8.0-40.40-generic 6.8.12
Uname: Linux 6.8.0-40-generic x86_64
NonfreeKernelModules: zfs
ApportVersion: 2.28.1-0ubuntu3.1
Architecture: amd64
CasperMD5CheckResult: unknown
Date: Tue Aug 20 13:28:31 2024
PackageArchitecture: all
ProcEnviron:
 LANG=en_US.UTF-8
 PATH=(custom, no user)
 SHELL=/bin/bash
 TERM=xterm-256color
 XDG_RUNTIME_DIR=<set>
SourcePackage: neutron
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: neutron (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug noble

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2077424

Title:
  neutron missing dependency on iptables

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/2077424/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2077424] [NEW] neutron missing dependency on iptables

Reply via email to