neutron

Router ports without IP addresses shouldn't be allowed to deletion using port's API directly

Bug #2025056 reported by Slawek Kaplonski on 2023-06-26

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	In Progress	Medium	Slawek Kaplonski

Bug Description

Long time ago there was bug https://bugs.launchpad.net/neutron/+bug/1104337 and as fix for this bug there was patch https://review.opendev.org/c/openstack/neutron/+/20424 proposed. This patch allowed to remove router ports without fixed IPs directly using "port delete" command.
But it may cause error 500 if port really belongs to an existing router. Steps to reproduce the issue:

1. Create network (external) and do NOT create subnet for it,
2. Create router,
3. Set network from p. 1 as external gateway for the router,
4. Try to delete external gateway's port using "openstack port delete" command - it will fail with error 500. Stacktrace in neutron server log is as below:

2023-06-22 05:41:06.672 16 DEBUG neutron.db.l3_db [req-a261d22f-9243-4b22-8d40-a5e7bcd63453 abd0fab2837040f383c986b6a723fbec 39e32a986a4d4f42bce967634a308f99 - default default] Port 9978f00d-4be2-474d-89a7-07d9b1e797df has owner network:router_gateway, but no IP address, so it can be deleted prevent_l3_port_deletion /usr/lib/python3.9/site-packages/neutron/db/l3_db.py:1675
2023-06-22 05:41:07.085 16 DEBUG neutron.plugins.ml2.plugin [req-a261d22f-9243-4b22-8d40-a5e7bcd63453 abd0fab2837040f383c986b6a723fbec 39e32a986a4d4f42bce967634a308f99 - default default] Calling delete_port for 9978f00d-4be2-474d-89a7-07d9b1e797df owned by network:router_gateway delete_port /usr/lib/python3.9/site-packages/neutron/plugins/ml2/plugin.py:2069
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation [req-a261d22f-9243-4b22-8d40-a5e7bcd63453 abd0fab2837040f383c986b6a723fbec 39e32a986a4d4f42bce967634a308f99 - default default] DELETE failed.: oslo_db.exception.DBReferenceError: (pymysql.err.IntegrityError) (1451, 'Cannot delete or update a parent row: a foreign key constraint fails (`ovs_neutron`.`routers`, CONSTRAINT `routers_ibfk_1` FOREIGN KEY (`gw_port_id`) REFERENCES `ports` (`id`))')
[SQL: DELETE FROM ports WHERE ports.id = %(id)s]
[parameters: {'id': '9978f00d-4be2-474d-89a7-07d9b1e797df'}]
(Background on this error at: http://sqlalche.me/e/13/gkpj)
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation Traceback (most recent call last):
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib64/python3.9/site-packages/sqlalchemy/engine/base.py", line 1276, in _execute_context
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation self.dialect.do_execute(
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib64/python3.9/site-packages/sqlalchemy/engine/default.py", line 609, in do_execute
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation cursor.execute(statement, parameters)
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib/python3.9/site-packages/pymysql/cursors.py", line 163, in execute
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation result = self._query(query)
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib/python3.9/site-packages/pymysql/cursors.py", line 321, in _query
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation conn.query(q)
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib/python3.9/site-packages/pymysql/connections.py", line 505, in query
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation self._affected_rows = self._read_query_result(unbuffered=unbuffered)
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib/python3.9/site-packages/pymysql/connections.py", line 724, in _read_query_result
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation result.read()
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib/python3.9/site-packages/pymysql/connections.py", line 1069, in read
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation first_packet = self.connection._read_packet()
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib/python3.9/site-packages/pymysql/connections.py", line 676, in _read_packet
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation packet.raise_for_error()
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib/python3.9/site-packages/pymysql/protocol.py", line 223, in raise_for_error
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation err.raise_mysql_exception(self._data)
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation File "/usr/lib/python3.9/site-packages/pymysql/err.py", line 107, in raise_mysql_exception
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation raise errorclass(errno, errval)
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation pymysql.err.IntegrityError: (1451, 'Cannot delete or update a parent row: a foreign key constraint fails (`ovs_neutron`.`routers`, CONSTRAINT `routers_ibfk_1` FOREIGN KEY (`gw_port_id`) REFERENCES `ports` (`id`))')
2023-06-22 05:41:07.360 16 ERROR neutron.pecan_wsgi.hooks.translation
2023-06-22 05:41:07.381 16 DEBUG neutron.pecan_wsgi.hooks.notifier [req-a261d22f-9243-4b22-8d40-a5e7bcd63453 abd0fab2837040f383c986b6a723fbec 39e32a986a4d4f42bce967634a308f99 - default default] No notification will be sent due to unsuccessful status code: 500 after /usr/lib/python3.9/site-packages/neutron/pecan_wsgi/hooks/notifier.py:78
2023-06-22 05:41:07.384 16 INFO neutron.wsgi [req-a261d22f-9243-4b22-8d40-a5e7bcd63453 abd0fab2837040f383c986b6a723fbec 39e32a986a4d4f42bce967634a308f99 - default default] 10.0.10.1,172.25.1.181 "DELETE /v2.0/ports/9978f00d-4be2-474d-89a7-07d9b1e797df HTTP/1.1" status: 500 len: 344 time: 0.8368094

Originally it was done to allow cleanup of the routers and ports for which subnet was deleted first. But this is not possible currently so we shouldn't allow deletion of the ports without fixeds IPs.

Of course having ports without IP address connected to the router isn't maybe something very common and really useful but currently we do allow that in our API so it will be easier to block deletion of such ports rather than change API and prevent creation of such ports at all.

Tags:

Revision history for this message

Brian Haley (brian-haley) wrote on 2023-06-26:

Somehow https://review.opendev.org/c/openstack/neutron/+/886983 link was not added automatically.

Changed in neutron:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-07-28: Fix included in openstack/neutron 20.4.0

This issue was fixed in the openstack/neutron 20.4.0 release.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2023-08-31: Fix included in openstack/neutron 23.0.0.0b3

This issue was fixed in the openstack/neutron 23.0.0.0b3 development milestone.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.