get_bridge_physdev returns "device:" instead of "device" #4740
Conversation
GabrielBrascher
added
component:kvm
component:security-group
Severity:Critical
|
@GabrielBrascher |
|
Thanks for the ping @weizhouapache, updated base branch. |
|
@rhtyd I would like to stress that this issue also occurs on Ubuntu 18.04 systems and not only on 20.04 as @weizhouapache mentioned in the original commit. Two Ubuntu 18.04 systems running with VXLAN: root@hv-138-e14-33:~# bridge -o link show | grep vxlan500 28: vxlan500 state UNKNOWN : mtu 1500 master brvx-500 state forwarding priority 32 cost 100 root@hv-138-e14-25:~# bridge -o link show | grep vxlan500 9: vxlan500: mtu 1500 master brvx-500 state forwarding priority 32 cost 100 I checked their kernels: Linux hv-138-e14-33.ams02.cldin.net 5.4.0-60-generic Linux hv-138-e14-25.ams02.cldin.net 5.4.0-66-generic Distributor ID: Ubuntu Description: Ubuntu 18.04.5 LTS Release: 18.04 Codename: bionic This causes Instance to loose their network connectivity after a initial boot or migration. A very small fix which prevents major issues for (end-)users. I would urge to merge this in 4.13 and then 4.14 so that we can release 4.14.2 with this fix in there. |
|
Thanks for submitting @GabrielBrascher @wido and sharing under which circumstances this happens. Is this a case specific to VXLAN or VLAN as well? (agnostic of isolation method) |
|
@blueorangutan package |
|
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress. |
|
Packaging result: ✔centos7 ✖centos8 ✔debian. JID-2859 |
I think it's agnostic for the isolation method as these are just Linux bridges. Deeper inside the kernel there is the knowledge if this is VXLAN or not, but the bridge util just outputs information from the Linux bridges. |
|
@wido a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress. |
|
Packaging result: ✔centos7 ✖centos8 ✔debian. JID-2861 |
|
@blueorangutan test |
|
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests |
|
Trillian test result (tid-3645)
|
|
Test failures seem unrelated with the change, which is SG only. |
…t "device" (apache#4740) When running get_bridge_physdev(brname) from security_group.py it is returned the bridge device as brname: instead of the expected brname. We experienced this issue on CloudStack 4.13.1.0 with Security Groups enabled for Advanced Networking. Additionally, KVM nodes are running on Ubuntu 18.04. PR apache#4303 (merged in 4.15) added support for Ubuntu 20.04 which turned out to fix get_bridge_physdev(brname); however, we faced the very same issue with the previous CloudStack and Ubuntu versions. Even though we might not get a 4.13.2, and CloudStack 4.14.1.0 has just been released, this PR proposes merging the fix into branch 4.13 and then get it forwarded into 4.14. Thus, allowing users to have this fix referenced and also opening the possibility of addressing this in case of a potential 4.14.2.0.
5 participants
Description
When running get_bridge_physdev(brname) from
security_group.pyit is returned the bridge device asbrname:instead of the expectedbrname.We experienced this issue on CloudStack 4.13.1.0 with Security Groups enabled for Advanced Networking. Additionally, KVM nodes are running on Ubuntu 18.04.
PR #4303 (merged in 4.15) added support for Ubuntu 20.04 which turned out to fix
get_bridge_physdev(brname); however, we faced the very same issue with the previous CloudStack and Ubuntu versions.Even though we might not get a
4.13.2, and CloudStack4.14.1.0has just been released, this PR proposes merging the fix into branch4.13and then get it forwarded into4.14. Thus, allowing users to have this fix referenced and also opening the possibility of addressing this in case of a potential4.14.2.0.Types of changes
Feature/Enhancement Scale or Bug Severity
Bug Severity
How Has This Been Tested?
We had manually changed the
security_group.pyscript on our KVM nodes. All is working fine after applying this change.