Bug #1169706 “list floating IPs does not honor port_id filter” : Bugs : neutron

list floating IPs does not honor port_id filter

Bug #1169706 reported by Jack McCann
34
This bug affects 7 people
Affects Status Importance Assigned to Milestone
neutron
Fix Released
High
Sylvain Afchain
Grizzly
Fix Released
High
Gary Kotton

Bug Description

When listing floating IPs, the port_id filter is not honored. This appears to be due to a mismatch between the attribute name 'port_id' and the database column name 'fixed_port_id'.

Note that this has interesting effects on the 'nova list' command. Nova is making a 'list floating IPs' call as 'admin' user, passing in a 'port_id' filter. Because quantum ignores the filter, nova gets back all floating IPs visible to 'admin' user, instead of just the floating IPs assigned to the port.

Potential fix in quantum/db/l3_db.py:

# Maps API field to DB column
API_TO_DB_COL = {'port_id': 'fixed_port_id'}

    def get_floatingips(self, context, filters=None, fields=None,
             :
         # Maps API filter keys to DB column name
         if filters is not None:
             for f in set(filters.keys()).\
                     intersection(set(API_TO_DB_COL.keys())):
                 filters[API_TO_DB_COL[f]] = filters.pop(f)

        return self._get_collection(context, FloatingIP,
             :

Gary Kotton (garyk)
tags: added: grizzly-backport-potential
Changed in quantum:
assignee: nobody → Sylvain Afchain (sylvain-afchain)
Revision history for this message
Gary Kotton (garyk) wrote :

Hi,
Can you please explain how to produce the problem. From what I see is that the IP's are updated in nova (it takes a while - not exactly sure why).
Thanks
Gary

Changed in quantum:
status: New → Incomplete
Revision history for this message
Brian Haley (brian-haley) wrote :

Sorry if there was some context left off here.

The way to reproduce this is to have two tenants use the same over-lapping IP range for their subnet. Spin-up an instance in each and assign a floating IP to each. Assuming that both of the fixed IPs are the same, running 'nova list' for either tenant will show both floating IPs assigned to their instance, even though only one is.

For example, this VM only has one floating IP associated with it, but seven are listed:

$ nova list
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
ID Name Status Networks

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
eadb91e3-2d4e-47c1-b58f-fc06cf5b0a56 haleyb-proj1-serv1 ACTIVE haleyb-proj1-net=10.10.10.2, 15.184.40.153, 15.184.40.195, 15.184.40.59, 15.184.40.198, 15.184.40.199, 15.184.40.180, 15.184.40.164

But as an admin I can see that these IPs are really assigned to other tenants:

admin$ quantum floatingip-list | grep '10.10.10.2'
25713af4-f8ea-45de-b863-c04b78c5035f 10.10.10.2 15.184.40.153 40104a3c-f5fe-4e7b-a9c9-a6d4250d7204
2c35a46d-6f3b-4a92-8f63-5820a18182cf 10.10.10.2 15.184.40.195 471c6b97-a5a4-4850-95d3-b087e1a44f8d
3fcef610-d0ec-46f5-aa25-5b5fabe7e110 10.10.10.2 15.184.40.59 2e336c91-bf14-48b1-a87f-57eb8401e34d
4dd60434-05e6-4411-85fa-7c388007e89c 10.10.10.2 15.184.40.198 5ab7f6f5-8a13-4f64-ae71-e75c2393f4b2
51257413-3cb3-49a2-8313-d803a5f2d539 10.10.10.2 15.184.40.199 9a33cc2c-d85d-43c8-93ea-6fe15dd88f11
5485e0c0-85b2-4054-b8b0-13fe500da107 10.10.10.2 15.184.40.180 6c03a9a2-b1b7-4686-9b87-166d6de2c204
eb6d90ce-e679-4538-aabc-71279bed7236 10.10.10.2 15.184.40.164 ae4c0df7-a154-4e5b-bbca-5ddfddc539f4

I know Sylvain assigned this to himself, but we should be able to send out a patch for review as we have one that works.

Revision history for this message
Brian Haley (brian-haley) wrote :

That cut/paste was really bad, but hopefully useful...

tags: added: sg-fw
Revision history for this message
Sylvain Afchain (sylvain-afchain) wrote :

Brian, If you want you can send out your patch, it's ok for me.

Revision history for this message
Jack McCann (jack-mccann) wrote :

This can also be reproduced with Quantum CLI.

Create two ports each with a floating IP:

ubuntu@dstack0425b:~/devstack$ quantum floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 078ac593-7491-4e99-ba8b-9129a218f754 | 10.0.0.3 | 172.24.4.228 | 64a62d55-e57a-4341-b505-ea4563c212a3 |
| 4791b932-9293-4c57-bb50-60bbeb93c0b4 | 10.0.0.4 | 172.24.4.227 | d1c9d656-4dc7-4bf3-87c8-61ae17da3d5e |
+--------------------------------------+------------------+---------------------+--------------------------------------+

Then try to use the port_id filter (it does not work):

ubuntu@dstack0425b:~/devstack$ quantum floatingip-list -- --port_id 64a62d55-e57a-4341-b505-ea4563c212a3
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 078ac593-7491-4e99-ba8b-9129a218f754 | 10.0.0.3 | 172.24.4.228 | 64a62d55-e57a-4341-b505-ea4563c212a3 |
| 4791b932-9293-4c57-bb50-60bbeb93c0b4 | 10.0.0.4 | 172.24.4.227 | d1c9d656-4dc7-4bf3-87c8-61ae17da3d5e |
+--------------------------------------+------------------+---------------------+--------------------------------------+

However, if you use the DB column name fixed_port_id, the filter works:

ubuntu@dstack0425b:~/devstack$ quantum floatingip-list -- --fixed_port_id 64a62d55-e57a-4341-b505-ea4563c212a3
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 078ac593-7491-4e99-ba8b-9129a218f754 | 10.0.0.3 | 172.24.4.228 | 64a62d55-e57a-4341-b505-ea4563c212a3 |
+--------------------------------------+------------------+---------------------+--------------------------------------+

Quantum should accept the attribute name "port_id" as the filter.

Changed in quantum:
status: Incomplete → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to quantum (master)

Fix proposed to branch: master
Review: https://review.openstack.org/27550

Changed in quantum:
importance: Undecided → Medium
importance: Medium → High
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to quantum (master)

Reviewed: https://review.openstack.org/27550
Committed: http://github.com/openstack/quantum/commit/f639788c59c8bbb5c6a08c7f193fd1d23c7ce956
Submitter: Jenkins
Branch: master

commit f639788c59c8bbb5c6a08c7f193fd1d23c7ce956
Author: openstack <email address hidden>
Date: Fri Apr 26 14:31:06 2013 +0200

    Fix port_id filter not honored

    Add dict. to map API params to DB columns

    Change-Id: I5f10eea77533e91afeb690e39301d7282e1b1620
    Fixes: bug #1169706

Changed in quantum:
status: In Progress → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to quantum (stable/grizzly)

Fix proposed to branch: stable/grizzly
Review: https://review.openstack.org/27985

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to quantum (stable/grizzly)

Reviewed: https://review.openstack.org/27985
Committed: http://github.com/openstack/quantum/commit/e5767362beb9a15c4d5130770fe27cd00e6d623d
Submitter: Jenkins
Branch: stable/grizzly

commit e5767362beb9a15c4d5130770fe27cd00e6d623d
Author: openstack <email address hidden>
Date: Fri Apr 26 14:31:06 2013 +0200

    Fix port_id filter not honored

    Add dict. to map API params to DB columns

    Change-Id: I5f10eea77533e91afeb690e39301d7282e1b1620
    Fixes: bug #1169706

tags: added: in-stable-grizzly
Changed in quantum:
milestone: none → havana-1
tags: removed: grizzly-backport-potential
Aaron Rosen (arosen)
tags: removed: sg-fw
Thierry Carrez (ttx)
Changed in quantum:
status: Fix Committed → Fix Released
Alan Pevec (apevec)
tags: removed: in-stable-grizzly
Thierry Carrez (ttx)
Changed in neutron:
milestone: havana-1 → 2013.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Loading subscribers...

Remote bug watches

Bug watches keep track of this bug in other bug trackers.