container name already taken logic seems to be broken for neutron templates

Bug #2035284 reported by Miro Tomaska
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
New
Undecided
Miro Tomaska

Bug Description

I think there is a logic issue inside the neutron puppet templates when detecing if the container already exists. This was discovered while debugging another issue in ovn_metata_agent(parent process starting haproxy side-cart via puppet haproxy wrapper).

Exception:
echo 'Starting a new child container neutron-haproxy-ovnmeta-4115c9d0-006f-41e3-b110-6defb9ac3b28'
+ nsenter --net=/run/netns/ovnmeta-4115c9d0-006f-41e3-b110-6defb9ac3b28 --preserve-credentials -m -t 1 podman run --detach --log-driver k8s-file --log-opt path=/var/log/containers/stdouts/neutron-haproxy-ovnmeta-4115c9d0-006f-41e3-b110-6defb9ac3b28.log -v /var/lib/config-data/puppet-generated/neutron/etc/neutron:/etc/neutron:ro -v /run/netns:/run/netns:shared -v /var/lib/neutron:/var/lib/neutron:shared -v /dev/log:/dev/log --net host --pid host --cgroupns host --privileged -u root --name neutron-haproxy-ovnmeta-4115c9d0-006f-41e3-b110-6defb9ac3b28 undercloud-0.ctlplane.redhat.local:8787/rh-osbs/rhosp17-openstack-neutron-metadata-agent-ovn:17.1_20230228.3 /bin/bash -c 'HAPROXY="$(if [ -f /usr/sbin/haproxy-systemd-wrapper ]; then echo "/usr/sbin/haproxy -Ds"; else echo "/usr/sbin/haproxy -Ws"; fi)"; exec $HAPROXY -f /var/lib/neutron/ovn-metadata-proxy/4115c9d0-006f-41e3-b110-6defb9ac3b28.conf'
Error: creating container storage: the container name "neutron-haproxy-ovnmeta-4115c9d0-006f-41e3-b110-6defb9ac3b28" is already in use by 89a6a28e50e7ac8fbdecd53a1bf753cb9aaad64336d0156a2d3f07e66ebec6d4. You have to remove that container to be able to reuse that name: that name is already in use

The haproxy has the logic[1] to handle such scenario but it doesnt look to be working. I suspect is due to extra $ chanracter in the grep -q "${NAME}$" on Line 40 [1]. Unless I am not understanding something... the $ at the end should be removed.

Additionaly, this logic can be actually replaced by `run --replace` argument for the podman case. Docker does not seem to have equivalent to `podman run --replace`

I will propose a patch to fix this

[1] https://opendev.org/openstack/puppet-tripleo/src/commit/019ec495180d2065a172861554df2ba2a76b5b17/templates/neutron/haproxy.epp#L40-L41
[2] https://docs.podman.io/en/latest/markdown/podman-run.1.html#replace

Miro Tomaska (mtomaska)
Changed in tripleo:
assignee: nobody → Miro Tomaska (mtomaska)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to puppet-tripleo (stable/wallaby)

Fix proposed to branch: stable/wallaby
Review: https://review.opendev.org/c/openstack/puppet-tripleo/+/894931

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.