[Rdo-list] Why is a bug fixed in RHOS/RHEL but not in Rawhide?

Kashyap Chamarthy kchamart at redhat.com
Thu Dec 18 12:28:30 UTC 2014


On Thu, Dec 18, 2014 at 11:32:21AM +0000, Richard W.M. Jones wrote:
> On Thu, Dec 18, 2014 at 12:19:10PM +0100, Kashyap Chamarthy wrote:

[. . .]

> > > The bug still happens in a freshly created Rawhide VM that just runs
> > > 'packstack --allinone'.  Any idea who/what it is that adds
> > > net.bridge.bridge-nf-call-* rules into /etc/sysctl.conf? 
> > 
> > Looking up Bugzilla, seems like it's needed to get Neutron networking
> > security groups working correctly, this is the bug
> > 
> >     https://bugzilla.redhat.com/show_bug.cgi?id=981144 -- need to set
> >     net.bridge.bridge-nf-call-iptables=1 for --allinone installation
> > 
> > which says
> > 
> >     For the single node deployment with "packstack --allinone",
> >     following kernel parms should be set so that the security group
> >     works correctly.
> >     
> >     net.bridge.bridge-nf-call-ip6tables = 1
> >     net.bridge.bridge-nf-call-iptables = 1
> >     net.bridge.bridge-nf-call-arptables = 1
> 
> I believe the underlying problem is that 'br_netfilter' (a kernel
> module) is not getting loaded.  This module is what creates
> /proc/sys/net/bridge/bridge-nf-* files.
> 
> If I load the module manually before running packstack then I can get
> around this problem.
> 
> There are a few possibilities here:
> 
>  - Because I'm starting from @Core (ie. a minimal package set), it
>    could be that some other program that would normally be installed
>    and which would load this module is not installed.  ie. A missing
>    dependency.
> 
>  - Something in Rawhide previously loaded/required this module, but
>    now doesn't.
> 
>  - Something specific to aarch64 (this one seems unlikely).
> 
> On a similar topic, here is a another bug which causes me some concern
> about the state of RDO in Rawhide:
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=1175472
 
(Just to update others reading the thread). 

This is being discussed on IRC, Flavio (Glance developer) says it's
possibly a 'failed upgrade'. 

-- 
/kashyap




More information about the dev mailing list