Hi ,
Adding more info
create_firewall(self, agent_mode, apply_list, firewall) and
update_firewall(self, agent_mode, apply_list, firewall) api's are
getting called with empty apply list
apply_list is generated by the _get_router_info_list_for_tenant. The
rootcause for returning empty list is due to empty self.router_info.
If kill the firewall agent and start the firewall agent again ,then
router_info is getting updated with existing router , then
update_firewall is getting called with
non empty apply list so firewall rules are getting applied to existing
routers. But new firewall updates are still not getting updated as the
apply_list is empty.
So basically to apply the firewall rules i am ending up to restart the
firewall_agent repeatedly
The agent which i am using vyatta firewall
agent(neutron_fwaas/services/firewall/agents/vyatta)
I checked other agents code , the implementation is almost same in all
the agents.
It seems to be recent breakage as this was working fine in the last month.
i suspect recent changes in neutron or neutron-fwaas might have broken
this.
Can someone help me out on this issue
Thanks,
bharath
On Thursday 27 August 2015 09:26 PM, bharath wrote:
Hi,
while testing the fwaas , i found router_info is not getting updated.
list awlays seems to be empty and getting updated only after the
restart of fw agent.
This issue resulting empty list while calling
_get_router_info_list_for_tenant.
i can see some comments as *"for routers without an interface -
get_routers returns the router - but this is not yet populated in
router_info"*
but in my case even though routers have an interface still the
router_info is empty.
It seems to be recent breakage as this was working fine in the last month.
Thanks,
bharath
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: [email protected]?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
