You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a router create request gets 409 response code with a IpAddressGenerationFailure error type on a particular subnet, it should try with another subnet_id.
One FIP network can contain a private subnet and a public subnet. When a subnet is not specified as argument, router creation picks up a FIP subnet in a random manner.
When end user specifies a particular subnet, s/he cannot be sure that a particular external subnet is not exhausted, because an API call to get a FIP availability on a particular external subnet works only from the project scope the external network belongs to. Besides this call is very heavy and there may be a race condition, when FIP availability is close to 1.
It is also impossible to allocate a FIP in advance and specify it, because router's FIP is allocated on system level, and preallocated FIP will cause an error: {"NeutronError": {"message": "IP address 1.2.3.4 already allocated in subnet a75e0bf8-9bbe-4ae7-9cd0-e18ca8f08ad3", "type": "IpAddressAlreadyAllocated", "detail": ""}}
Therefore it makes sense to provide a list of external subnets to be used and iterate over them in case of 409 response code.
Steps to Reproduce
resource"openstack_networking_router_v2""router_1" {
name="my_router"external_network_id="f55c8e3d-c798-4c6c-9f7e-eeb6600f6aed"external_fixed_ip {
subnet_id="069c4312-639d-442b-8608-88931b2b043d"# subnet with an exhausted FIPavailability
}
}
Important Factoids
external_fixed_ip is a list, therefore it allows to specify multiple external subnets, but all of them will be applied on a router and a 409 response code can be related to one of these external_fixed_ip's. It is impossible to determine the subnet from a neutron error message, because it contains only the network ID, not a subnet.
My proposal is to introduce a read-only external_subnet_ids argument in a openstack_networking_router_v2 resource and mark it conflicting with an external_fixed_ip argument. This argument will be used only during the router creation.
If all tries fail with a 409, then a resource should return an error:
To have a list of external subnets, we need to introduce the openstack_networking_network_ids_v2 data source like it is done for openstack_networking_port_ids_v2 or openstack_images_image_ids_v2. The openstack_networking_network_ids_v2 data source should be able to match subnet names by regexp, like it is already done in images_image_ids_v2.
References
Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:
Affected Resource(s)
Please list the resources as a list, for example:
Debug Output
Expected Behavior
If a router create request gets 409 response code with a
IpAddressGenerationFailure
error type on a particular subnet, it should try with another subnet_id.I expect to see something like this:
Actual Behavior
One FIP network can contain a private subnet and a public subnet. When a subnet is not specified as argument, router creation picks up a FIP subnet in a random manner.
When end user specifies a particular subnet, s/he cannot be sure that a particular external subnet is not exhausted, because an API call to get a FIP availability on a particular external subnet works only from the project scope the external network belongs to. Besides this call is very heavy and there may be a race condition, when FIP availability is close to 1.
It is also impossible to allocate a FIP in advance and specify it, because router's FIP is allocated on system level, and preallocated FIP will cause an error:
{"NeutronError": {"message": "IP address 1.2.3.4 already allocated in subnet a75e0bf8-9bbe-4ae7-9cd0-e18ca8f08ad3", "type": "IpAddressAlreadyAllocated", "detail": ""}}
Therefore it makes sense to provide a list of external subnets to be used and iterate over them in case of 409 response code.
Steps to Reproduce
Important Factoids
external_fixed_ip
is a list, therefore it allows to specify multiple external subnets, but all of them will be applied on a router and a 409 response code can be related to one of theseexternal_fixed_ip
's. It is impossible to determine the subnet from a neutron error message, because it contains only the network ID, not a subnet.My proposal is to introduce a read-only
external_subnet_ids
argument in aopenstack_networking_router_v2
resource and mark it conflicting with anexternal_fixed_ip
argument. This argument will be used only during the router creation.If all tries fail with a 409, then a resource should return an error:
To have a list of external subnets, we need to introduce the
openstack_networking_network_ids_v2
data source like it is done foropenstack_networking_port_ids_v2
oropenstack_images_image_ids_v2
. Theopenstack_networking_network_ids_v2
data source should be able to match subnet names by regexp, like it is already done inimages_image_ids_v2
.References
Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:
cc @dkistner @RaphaelVogel
The text was updated successfully, but these errors were encountered: