- Issued:
- 2015-04-07
- Updated:
- 2015-04-07
RHBA-2015:0785 - Bug Fix Advisory
Synopsis
openstack-neutron bug fix advisory
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated OpenStack Networking packages that resolve various issues are now
available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for
RHEL 7.
Description
Red Hat Enterprise Linux OpenStack Platform provides the facilities for
building a private or public infrastructure-as-a-service (IaaS) cloud
running on commonly available physical hardware. This advisory includes
packages for:
- OpenStack Networking service
OpenStack Networking (neutron) is a virtual network service for OpenStack.
Just as OpenStack Compute (nova) provides an API to dynamically request and
configure virtual servers, OpenStack Networking provides an API to
dynamically request and configure virtual networks. These networks connect
'interfaces' from other OpenStack services (e.g. virtual NICs from Compute
VMs). The OpenStack Networking API supports extensions to provide advanced
network capabilities (e.g. QoS, ACLs, network monitoring, etc.)
This update addresses the following issues:
- Prior to this update, the 'NeutronScale OCF' agent wasn't unable to provide
specific clone status per host, due to a design flaw. Consequently, when
starting only one clone in a host of the cluster, a status request for a
different clone in the same host would also be positive; The startup status of
all clones became unreliable, as that is the mechanism Pacemaker uses to start
the clones.
This update addresses this issue by marking which specific clones are started in
a host, and only returning an 'OK' status for the clones that are actually
started.
As a result, all OpenStack Networking scale/neutron agent clones start reliably.
(BZ#1200630)
- Previously, when OpenStack Networking (neutron) attempted to concurrently
allocate a tunnel ID to new GRE or VXLAN networks, a flawed retry mechanism
meant that it would attempt to allocate the same tunnel ID repeatedly.
Consequently, attempts to create networks concurrently would fail.
This update resolves this issue by causing the retry mechanism to perform
retries with different tunnel IDs. As a result, concurrent network creations
with tunnel-based networks are expected to see higher success rates.
(BZ#1194432)
- Tenant networks can now be created that use the 'dnsmasq' process inside the
DHCP agent to serve additional configuration to IPv6 DHCP clients, including
addressing and support for IPv6 stateful subnets.
Note that the default gateway is still set by Router Advertisement messages sent
by the L3 agent. Important: This feature requires dnsmasq-2.66-13.el7_1 or
later. (BZ#1044271)
- Stateful DHCPv6 is currently nonfunctional in the Red Hat Enterprise Linux
OpenStack Platform 6 (Juno) GA as a result of upstream bug 1377843. Further
details are available at https://bugs.launchpad.net/neutron/+bug/1377843. (BZ#1174215)
- Previously, an incomplete backport operation skipped a function import
required by the Process Monitor exit handler. Consequently, an exception
appeared in the logs during exit if 'check_child_processes_action' was
configured as 'exit', and a monitored subprocess died.
With this update, the correct imports were added, and agents will exit cleanly
when the 'exit' action is configured and a monitored subprocess dies.
(BZ#1190775)
Solution
Before applying this update, ensure all previously released errata relevant to
your system have been applied.
Red Hat Enterprise Linux OpenStack Platform 6 runs on Red Hat Enterprise Linux
7.1.
This update is available through 'yum update' on systems registered through Red
Hat Subscription Manager. For more information about Red Hat Subscription
Manager, see:
https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html
Red Hat Enterprise Linux OpenStack Platform 6 documentation is available at:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform
The Release Notes include:
- Technology Previews, Recommended Practices, and Known Issues.
- The channels required for Red Hat Enterprise Linux OpenStack Platform 6,
including which channels need to be enabled and disabled.
Affected Products
- Red Hat OpenStack 6.0 x86_64
Fixes
- BZ - 1044271 - [RFE][neutron]: Support IPv6 DHCPv6 Stateful mode in dnsmasq
- BZ - 1174215 - IP addresses are not properly reported with IPv6 stateful subnets
- BZ - 1190775 - process monitor patches introduced bad exit handlers for dhcp and l3 agent
- BZ - 1194432 - Failure to allocate tunnel id when creating networks concurrently
- BZ - 1200630 - status action for NeutronScale agent is unreliable
CVEs
(none)
References
(none)
Red Hat OpenStack 6.0
SRPM | |
---|---|
x86_64 | |
openstack-neutron-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 71365d6e81ae6b6e22401376ae38b912f65a07d0f5b38e21e3d2a82b0acaed51 |
openstack-neutron-bigswitch-2014.2.2-5.el7ost.noarch.rpm | SHA-256: fb2314f2415df28a2b345bb8002be7440930cecf089093b92b29262cd1fc1674 |
openstack-neutron-brocade-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 8da17f95f530056218e2671e4704cd582bacf4fde4098f0629bef584e08d6aba |
openstack-neutron-cisco-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 09b26e81980f5f2298c5aae05c2c4eecd49d3c65728923e6cbfcd82700390213 |
openstack-neutron-embrane-2014.2.2-5.el7ost.noarch.rpm | SHA-256: e70976c050e15eafe7bba74c692baad418874c2371235ba37b9ddd2760ebfab1 |
openstack-neutron-hyperv-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 591ca185b96f5e51359b45893d1f30e67899cee6af0fbee61db8859f21c56ee8 |
openstack-neutron-ibm-2014.2.2-5.el7ost.noarch.rpm | SHA-256: a1b8ff579005343c8b76778523683ca3e84c006a7b470b53d17880b2547ddbc1 |
openstack-neutron-linuxbridge-2014.2.2-5.el7ost.noarch.rpm | SHA-256: db36c4b0a75f74db7ac7eda74b84d3ed839febdf445505613732e57cb2637c5c |
openstack-neutron-mellanox-2014.2.2-5.el7ost.noarch.rpm | SHA-256: d6a60b41c460cb1014b133e47ca7984a46c1e5a0e9f0c4a21086025f2ebc410a |
openstack-neutron-metaplugin-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 996b4a478f422658c72e706dc13335ea9ddcb2e74f0613c542b30e6130a697e8 |
openstack-neutron-metering-agent-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 2ba57b78586100a2bdba0f3882a6c3459aa9e51d8bc4a194dfd22ecccdf31fb7 |
openstack-neutron-midonet-2014.2.2-5.el7ost.noarch.rpm | SHA-256: b1baaa03555f61cc75246c925e68484c205cb8125bfa37a406fe0c46f8bea8eb |
openstack-neutron-ml2-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 16be20617b4d3c81b1a72bd1c1d9edefd28cf79264757bf5c28177b6e9795329 |
openstack-neutron-nec-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 31714d9c515f77673f9c16460198520e91231ca4df89ba02b0d0359ec819b050 |
openstack-neutron-nuage-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 4452f3c3330e0c977ea9dbed6616f97dd5dcb74398ff6a0f357e8b580935ec65 |
openstack-neutron-ofagent-2014.2.2-5.el7ost.noarch.rpm | SHA-256: abe2caef6d61eb3a7a4041143c4f367727686dfbd63d5e7702e7984d9ced80cd |
openstack-neutron-oneconvergence-nvsd-2014.2.2-5.el7ost.noarch.rpm | SHA-256: d3a8639e26e118ebf0e15ae3929f1c3fa9a1108d3bf715ae2dafe7ab0c9605bd |
openstack-neutron-opencontrail-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 59793ea43b35a600b8f822ca4e70b9d89fc836a4ab9ee9fc5d4ccd0714efbb56 |
openstack-neutron-openvswitch-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 0ff5c71938b1402dfe6864a4959d737716703959b48aa22a6b88c256fcc98648 |
openstack-neutron-plumgrid-2014.2.2-5.el7ost.noarch.rpm | SHA-256: b2c876ad33732cb767234a91bfe3ad6fa0ed9c63ce6495e3058f749cc5a1131d |
openstack-neutron-ryu-2014.2.2-5.el7ost.noarch.rpm | SHA-256: efd8024e8144b8ecac66c1f6dd73230ed8aa1a7255dfb260a38d04cb1f588c8b |
openstack-neutron-sriov-nic-agent-2014.2.2-5.el7ost.noarch.rpm | SHA-256: be5a098494ca93eea0df3d7d12aefdcbd3e0ed4dd376438a68f0ccf2c8fc7b55 |
openstack-neutron-vmware-2014.2.2-5.el7ost.noarch.rpm | SHA-256: a2d95b2897b26b682948597eca80b13efb355af339b4166518f5535d50392dc0 |
openstack-neutron-vpn-agent-2014.2.2-5.el7ost.noarch.rpm | SHA-256: 857f19ff7edff71c9c0f050874fbd683c570f117093ac47b8e809d41a3ec10f0 |
python-neutron-2014.2.2-5.el7ost.noarch.rpm | SHA-256: d1b8b3786a4ddd7dc50e2fddc3042fca5ce1e533d9fab7da21fd88bfbdba80a6 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.