fixed_ip allocation which is not included within allocation_pools makes error when delete port or re-create port

Yes, this is a bug. The IP allocation should not be permitted.
Thanks
Gary

Fix proposed to branch: master
Review: https://review.openstack.org/15829

Hi Gary

The definition of the allocation_pools is

http://wiki.openstack.org/Quantum/APIv2-specification#Subnet
Sub-ranges of CIDR available for dynamic allocation to ports [ { "start": "10.0.0.2", "end": "10.0.0.254"} ].

so user can specify ip address which is outside of allocation_pools.

Hi,
It says "When IP addresses are associated to a port, this also implies the port is associated with a subnet, as the IP address was taken from the allocation pool for a specific subnet. " My understanding is that the IP address must be taken from the allocation pool if it is defined.
Thanks
Gary

Sounds like we have some conflicting text, but the intent as I understood it was that allocation_pools referred to what IPs might be automatically allocated when the creator of a port did not specify any specific fixed_ips. However, any unallocated IP in the subnet could be specified explicitly when creating a port, even if it was not in the allocation_pool. This allowed one to retain a particular subset of the subnet IPs for static allocation.

The allocation pool, to my understanding, was created for automatic allocation, ie: for those cases where the IP is no explicitly specified. I think there's nothing wrong with out-of-pool explicit allocation.

We might think about allowing the policy engine to restrict this capability to some specific users, but that is probably another story.

The API doc is definitely not clear on this regard. My idea at this stage is to convert this bug into a doc bug.

OK, thanks. I'll update the code to ensure that there is no exception when the port is deleted.
Thanks
Gary

Hi,
I have update the code to treat the deletio correctly. Thank Nachi for raising your concerns.
Thanks
Gary

Ok, we'll use this bug to make sure that the code maps to this new clarification. I filed a separeate doc but and tagged it: https://bugs.launchpad.net/openstack-manuals/+bug/1078013

Reviewed: https://review.openstack.org/15829
Committed: http://github.com/openstack/quantum/commit/c8375cfad251176edfd44956a1d44e56126908b3
Submitter: Jenkins
Branch: master

commit c8375cfad251176edfd44956a1d44e56126908b3
Author: Gary Kotton <email address hidden>
Date: Wed Nov 7 00:44:35 2012 +0000

    Ensure that fixed port IP address is in valid allocation range.

    Fixes bug 1077292

    Change-Id: I587655bece83d0f6aa665e522efbc0ecd5ef1734

Fix proposed to branch: stable/folsom
Review: https://review.openstack.org/16188

Reviewed: https://review.openstack.org/16188
Committed: http://github.com/openstack/quantum/commit/aca8b4a0f8c1d8d7191a58eef9feaab8169e8d64
Submitter: Jenkins
Branch: stable/folsom

commit aca8b4a0f8c1d8d7191a58eef9feaab8169e8d64
Author: Gary Kotton <email address hidden>
Date: Wed Nov 7 00:44:35 2012 +0000

    Ensure that fixed port IP address is in valid allocation range.

    Fixes bug 1077292

    Change-Id: I587655bece83d0f6aa665e522efbc0ecd5ef1734

Hello Itsuro, or anyone else affected,

Accepted quantum into quantal-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/quantum/2012.2.1-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

This bug was fixed in the package quantum - 2012.2.1-0ubuntu1

---------------
quantum (2012.2.1-0ubuntu1) quantal-proposed; urgency=low

  * Resynchronize with stable/folsom (1e774867) (LP: #1085255):
    - [aeabb42] There are routing problems when the dnsmasq port does not come
      first in the routing table (LP: #1083238)
    - [04aab72] Quantum linux bridge not optimized with libvirt (LP: #1078210)
    - [ca7fc10] getting quotas from database has severe performance implications
      (LP: #1075369)
    - [66605e8] failed to update an external network into non external network
      (LP: #1083387)
    - [c60051a] Quantum test suite leaks memory like a sieve (LP: #1065276)
    - [3179dfc] clear_db() does incomplete db teardown (LP: #1080988)
    - [c1e19d7] Unauthorized command: cat /proc/None/cmdline (LP: #1077651)
    - [af9e076] At times a instance will not receive an IP address from the DHCP
      agent (LP: #1081664)
    - [e0d1a7d] allow multiple floating-ip on single port if they use different
      fixed ips and/or external nets (LP: #1057844)
    - [8471d79] Delete port fails to gateway ip (LP: #1079980)
    - [aca8b4a] fixed_ip allocation which is not included within
      allocation_pools makes error when delete port or re-create port
      (LP: #1077292)
    - [eacc9d3] Mapping same bridge to different phyiscal networks succeed
      (LP: #1067669)
    - [51b4c82] python-quantum: not region aware (LP: #1080793)
    - [6f0a486] delete floatingip should be in one transaction to delete port
      (LP: #1080516)
    - [db6cda7] Remove qpid configuration variables no longer supported
    - [a112840] Allow NVP plugin to use per-tenant quota extension
    - [82b1a55] Quantum service does not restart after reboot (LP: #1073999)
    - [c01a839] There are some cases that L3 API with an invalid parameter
      returns 500. (LP: #1064765)
    - [26b383f] external network can be plugged also as internal network for one
      router (LP: #1053633)
    - [49f649c] There is a lot of cases that API with an invalid parameter
      returns 500. (LP: #1062046)
    - [4546a18] When create subnet, you con set up the value as cidr (the value
      isn't cidr form). (LP: #1067959)
    - [9ba453a] killfilter should handle updated/deleted executables
      (LP: #1073768)
    - [7c8a55c] a port which is not able to delete is made when floatingip
      create fails. (LP: #1064748)
    - [c9b84cf] Linux bridge port update causes exception (LP: #1072713)
    - [cb57932] I can't add interface to router, if there is another port in
      non-shared network of other tenant (LP: #1057558)
    - [574e278] Ryu plugin does not support Security Groups (LP: #1059393)
    - [607f486] tap device added to integration bridge without tag
      (LP: #1064070)
    - [21a0fdf] L3 agent external network flag (LP: #1056720)
    - [5cbaff4] router create with external_gateway_info fails with 500 always.
      (LP: #1064235)
    - [63b81f6] l3 db operations failed in multiple transactions (LP: #1070335)
    - [bff17fb] Ensure that the SqlSoup import is still supported.
    - [e091a29] l3_nat_agent was renamed to l3_agent
    - [9030969] remove default value of 'local_ip' of 10...