kolla

Add neutron-rootwrap-daemon to neutron_sudoers

Bug #1808457 reported by Gaëtan Trellu on 2018-12-14

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	kolla	Fix Released	Undecided	Gaëtan Trellu	kolla 8.0.0 "Stein"

Bug Description

There is no way to use neutron-rootwrap-daemon to improve Neutron rootwrap performance at scale with the current Neutron images.

Using neutron-rootwrap on huge environment could have a performance impact on many actions and be the root cause of failure during instance creation.

Operators should have the choice:
- neutron-rootwrap
- neutron-rootwrap-daemon

Discussion on this thread: http://lists.openstack.org/pipermail/openstack-operators/2018-May/015267.html

Without the change in neutron_sudoers we got this error:

2018-12-14 02:31:23.414 8 DEBUG neutron.agent.linux.utils [-] Running command (rootwrap daemon): ['ovs-vsctl', '--timeout=60', '--oneline', '--format=json', '--', '--may-exist', 'add-br', 'br-int', '--', 'set', 'Bridge', 'br-int', 'datapath_type=system', '--', 'add', 'Bridge', 'br-int', 'protocols', 'OpenFlow10', '--', 'set', 'Bridge', 'br-int', 'other_config:mac-table-size=50000'] execute_rootwrap_daemon /var/lib/kolla/venv/local/lib/python2.7/site-packages/neutron/agent/linux/utils.py:103
2018-12-14 02:31:23.866 8 DEBUG oslo_rootwrap.client [-] Popen for ['sudo', 'neutron-rootwrap-daemon', '/etc/neutron/rootwrap.conf'] command has been instantiated _initialize /var/lib/kolla/venv/local/lib/python2.7/site-packages/oslo_rootwrap/client.py:73
2018-12-14 02:31:23.870 8 ERROR neutron.agent.linux.utils [-] Rootwrap error running command: ['ovs-vsctl', '--timeout=60', '--oneline', '--format=json', '--', '--may-exist', 'add-br', 'br-int', '--', 'set', 'Bridge', 'br-int', 'datapath_type=system', '--', 'add', 'Bridge', 'br-int', 'protocols', 'OpenFlow10', '--', 'set', 'Bridge', 'br-int', 'other_config:mac-table-size=50000']: Exception: Failed to spawn rootwrap process.
2018-12-14 02:31:23.871 8 ERROR neutron.agent.ovsdb.impl_vsctl [-] Unable to execute ['ovs-vsctl', '--timeout=60', '--oneline', '--format=json', '--', '--may-exist', 'add-br', 'br-int', '--', 'set', 'Bridge', 'br-int', 'datapath_type=system', '--', 'add', 'Bridge', 'br-int', 'protocols', 'OpenFlow10', '--', 'set', 'Bridge', 'br-int', 'other_config:mac-table-size=50000']. Exception: Failed to spawn rootwrap process.
stderr:
sudo: no tty present and no askpass program specified

See original description

Tags:

Gaëtan Trellu (goldyfruit) on 2018-12-14

Changed in kolla:
assignee:	nobody → Gaëtan Trellu (goldyfruit)
description:	updated

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-12-14: Fix proposed to kolla (master)

Fix proposed to branch: master
Review: https://review.openstack.org/625141

Changed in kolla:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2018-12-19: Fix merged to kolla (master)

Reviewed: https://review.openstack.org/625141
Committed: https://git.openstack.org/cgit/openstack/kolla/commit/?id=4ed611a0bde7b44cb1a9c3c355c7f7a72e9afc94
Submitter: Zuul
Branch: master

commit 4ed611a0bde7b44cb1a9c3c355c7f7a72e9afc94
Author: Gaëtan Trellu <email address hidden>
Date: Thu Dec 13 21:58:52 2018 -0500

Add neutron-rootwrap-daemon to neutron_sudoers

There is no way to use neutron-rootwrap-daemon to improve Neutron
rootwrap performance at scale with the current Neutron images.

    Using neutron-rootwrap on huge environment could have a performance
    impact on many actions and be the root cause of failure during
    instance creation.

    Operators should have the choice:
      - neutron-rootwrap
      - neutron-rootwrap-daemon

Change-Id: I6c65cf6498364e670cc61419dc3a2c19f6fb412d
Closes-Bug: #1808457

Changed in kolla:
status:	In Progress → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-01-07: Fix included in openstack/kolla 8.0.0.0b1

This issue was fixed in the openstack/kolla 8.0.0.0b1 development milestone.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-01-08: Fix proposed to kolla (stable/rocky)

Fix proposed to branch: stable/rocky
Review: https://review.openstack.org/629282

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-03-26: Fix merged to kolla (stable/rocky)

Reviewed: https://review.openstack.org/629282
Committed: https://git.openstack.org/cgit/openstack/kolla/commit/?id=1b2c0c819164a53d680d048ace0242e885938716
Submitter: Zuul
Branch: stable/rocky

commit 1b2c0c819164a53d680d048ace0242e885938716
Author: Gaëtan Trellu <email address hidden>
Date: Thu Dec 13 21:58:52 2018 -0500

Add neutron-rootwrap-daemon to neutron_sudoers

There is no way to use neutron-rootwrap-daemon to improve Neutron
rootwrap performance at scale with the current Neutron images.

    Using neutron-rootwrap on huge environment could have a performance
    impact on many actions and be the root cause of failure during
    instance creation.

    Operators should have the choice:
      - neutron-rootwrap
      - neutron-rootwrap-daemon

    Change-Id: I6c65cf6498364e670cc61419dc3a2c19f6fb412d
    Closes-Bug: #1808457
    (cherry picked from commit 4ed611a0bde7b44cb1a9c3c355c7f7a72e9afc94)

tags:

added: in-stable-rocky

Mark Goddard (mgoddard) on 2019-03-29

Changed in kolla:
milestone:	none → 8.0.0

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2019-04-11: Fix included in openstack/kolla 7.0.2

This issue was fixed in the openstack/kolla 7.0.2 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.