linux中修改虚机IP的方法与问题

作者：简简单单 2014-12-02

前段时间，实现这么一个功能，界面上提供修改虚机IP地址的操作，后台neutron用port update方法。
neutron client的port update接口和其他资源的update方法不太一样，参数没指定正确，会导致一个port上出现两个fixed ip。

接下来就是考虑floating ip的问题。

如果虚机绑定了浮动ip，修改虚机的fixed ip，在l3 namespace里还是会保存原来的iptables规则。因此，在port update之前要判断floating ip的存在关系，需要解绑和绑定的操作。

修改完成后，测试。发现api请求的时间居然快30s。port update会给每个计算节点发送cast的rpc消息，而在消息队列那边，同事改了代码，在cast消息中sleep了1s左右，因此到ml2 plugin的port update方法完成，耗费了很长的时间。

切回到内部环境测试后，使用neutron来看port的状态，确实已经更新。但是前端并没有及时的显示，也就是说nova那边并没有及时的获取这种状态。当时以为和rpc的sleep有关，就没仔细想这个问题。

后来老大问了这个问题，并且给出了nova的ExternalEventAPI。
ExternalEventAPI

我也赶紧看了下neutron这边的代码，在neutron的NeutronDbPluginV2类中，使用SQLAlchemy的事件监听来监听Port数据库的变化，然后给nova发送notifier。

代码如下

复制代码

class NeutronDbPluginV2(neutron_plugin_base_v2.NeutronPluginBaseV2,
                        CommonDbMixin):
    """V2 Neutron plugin interface implementation using SQLAlchemy models.

    Whenever a non-read call happens the plugin will call an event handler
    class method (e.g., network_created()). The result is that this class
    can be sub-classed by other classes that add custom behaviors on certain
    events.
    """

    def __init__(self):
        db.configure_db()
        if cfg.CONF.notify_nova_on_port_status_changes:
            # NOTE(arosen) These event listners are here to hook into when
            # port status changes and notify nova about their change.
            self.nova_notifier = nova.Notifier()
            event.listen(models_v2.Port, 'after_insert',
                         self.nova_notifier.send_port_status)
            event.listen(models_v2.Port, 'after_update',
                         self.nova_notifier.send_port_status)
            event.listen(models_v2.Port.status, 'set',
                         self.nova_notifier.record_port_status_changed)

可见自己对代码还没有很熟悉，而且只关注自己这块，不注意和其他组件的交互。

接着和nova这边的同事一起调试，在neutron server的日志中有报错：

代码如下

复制代码

2014-11-28 10:48:21.137 17163 DEBUG neutron.notifiers.nova [req-6b23770b-4f0d-4e85-ba21-1c47f191e136 None] Sending events: [{'status': 'completed', 'tag': u'ddc6cb03-1963-4f7e-bf07-e55acbada573', 'name': 'network-vif-plugged', 'server_uuid': u'fcb2531c-878c-4934-ac7b-9f792071756d'}] send_events /usr/lib/python2.6/site-packages/neutron/notifiers/nova.py:218
2014-11-28 10:48:21.138 17163 INFO requests.packages.urllib3.connectionpool [-] Resetting dropped connection: 10.100.100.10
2014-11-28 10:48:21.168 17163 DEBUG requests.packages.urllib3.connectionpool [-] "POST /v2/6d381a3f7609474d9cb9b5421cf89943/os-server-external-events HTTP/1.1" 403 131 _make_request /usr/lib/python2.6/site-packages/requests/packages/urllib3/connectionpool.py:362
2014-11-28 10:48:21.169 17163 ERROR neutron.notifiers.nova [req-6b23770b-4f0d-4e85-ba21-1c47f191e136 None] Failed to notify nova on events: [{'status': 'completed', 'tag': u'ddc6cb03-1963-4f7e-bf07-e55acbada573', 'name': 'network-vif-plugged', 'server_uuid': u'fcb2531c-878c-4934-ac7b-9f792071756d'}]
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova Traceback (most recent call last):
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova   File "/usr/lib/python2.6/site-packages/neutron/notifiers/nova.py", line 221, in send_events
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova     batched_events)
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova   File "/usr/lib/python2.6/site-packages/novaclient/v1_1/contrib/server_external_events.py", line 39, in create
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova     return_raw=True)
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova   File "/usr/lib/python2.6/site-packages/novaclient/base.py", line 152, in _create
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova     _resp, body = self.api.client.post(url, body=body)
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova   File "/usr/lib/python2.6/site-packages/novaclient/client.py", line 286, in post
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova     return self._cs_request(url, 'POST', **kwargs)
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova   File "/usr/lib/python2.6/site-packages/novaclient/client.py", line 260, in _cs_request
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova     **kwargs)
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova   File "/usr/lib/python2.6/site-packages/novaclient/client.py", line 242, in _time_request
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova     resp, body = self.request(url, method, **kwargs)
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova   File "/usr/lib/python2.6/site-packages/novaclient/client.py", line 236, in request
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova     raise exceptions.from_response(resp, body, url, method)
2014-11-28 10:48:21.169 17163 TRACE neutron.notifiers.nova Forbidden: Policy doesn't allow compute_extension:os-server-external-events:create to be performed. (HTTP 403) (Request-ID: req-054895f0-fda1-4628-b288-d39d292db381)
接下来同事调试，nova那边使用keystone v3的接口，在nova的policy文件中，对应os-server-external-events:create需要admin的api操作：
“compute_extension:os-server-external-events:create”: “rule:admin_api”,
“compute_extension:v3:os-server-external-events:create”: “rule:admin_api”,