Octavia CI jobs fail due to lack of service role for Neutron in Nova->Neutron interaction scenario:
/var/log/kolla/nova/nova-compute.log
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron [None req-f53d5776-5af7-4f4a-9b82-b48ae8b5dbba 101e441d03ec4f7193aeecf114c6129b d2e36b44e43b43828d11a13493badf9a - - default default] Unable to clear device ID for port '28f1c455-f7ed-466f-8d2b-271bc50dc721': nova.exception.Forbidden: ((((rule:update_port and rule:update_port:device_id) and rule:update_port:device_owner) and rule:update_port:binding:host_id) and rule:update_port:binding:profile) is disallowed by policy
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron Traceback (most recent call last):
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/nova/network/neutron.py", line 196, in wrapper
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron ret = obj(*args, **kwargs)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/neutronclient/v2_0/client.py", line 272, in _handle_fault_response
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron exception_handler_v20(status_code, error_body)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/neutronclient/v2_0/client.py", line 90, in exception_handler_v20
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron raise client_exc(message=error_message,
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron neutronclient.common.exceptions.Forbidden: ((((rule:update_port and rule:update_port:device_id) and rule:update_port:device_owner) and rule:update_port:binding:host_id) and rule:update_port:binding:profile) is disallowed by policy
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron Neutron server returns request_ids: ['req-c7c083c1-d69b-42e1-bebe-fe027b914c6f']
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron During handling of the above exception, another exception occurred:
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron Traceback (most recent call last):
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/nova/network/neutron.py", line 717, in _unbind_ports
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron port_client.update_port(port_id, port_req_body)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/nova/network/neutron.py", line 196, in wrapper
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron ret = obj(*args, **kwargs)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/neutronclient/v2_0/client.py", line 828, in update_port
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron return self._update_resource(self.port_path % (port), body=body,
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/nova/network/neutron.py", line 196, in wrapper
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron ret = obj(*args, **kwargs)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/neutronclient/v2_0/client.py", line 2548, in _update_resource
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron return self.put(path, **kwargs)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/nova/network/neutron.py", line 196, in wrapper
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron ret = obj(*args, **kwargs)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/neutronclient/v2_0/client.py", line 365, in put
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron return self.retry_request("PUT", action, body=body,
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/nova/network/neutron.py", line 196, in wrapper
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron ret = obj(*args, **kwargs)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/neutronclient/v2_0/client.py", line 333, in retry_request
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron return self.do_request(method, action, body=body,
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/nova/network/neutron.py", line 196, in wrapper
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron ret = obj(*args, **kwargs)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/neutronclient/v2_0/client.py", line 297, in do_request
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron self._handle_fault_response(status_code, replybody, resp)
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron File "/var/lib/kolla/venv/lib/python3.10/site-packages/nova/network/neutron.py", line 214, in wrapper
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron raise exception.Forbidden(str(e))
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron nova.exception.Forbidden: ((((rule:update_port and rule:update_port:device_id) and rule:update_port:device_owner) and rule:update_port:binding:host_id) and rule:update_port:binding:profile) is disallowed by policy
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron Neutron server returns request_ids: ['req-c7c083c1-d69b-42e1-bebe-fe027b914c6f']
2024-05-09 14:18:39.397 7 ERROR nova.network.neutron
Reviewed: https:/ /review. opendev. org/c/openstack /kolla- ansible/ +/918738 /opendev. org/openstack/ kolla-ansible/ commit/ 031859764a3f570 aa416de1de9edc8 cb34e829f0
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 031859764a3f570 aa416de1de9edc8 cb34e829f0
Author: Michal Nasiadka <email address hidden>
Date: Thu May 9 15:47:09 2024 +0200
neutron: add service role
After Neutron policy changes - Octavia jobs started
to fail on cascade LB deletion due to Neutron user
not having service role.
Closes-Bug: #2065337
Change-Id: I616bf3a3dbb4d9 63665b1621a9e5e 9d417b13942