From d4cbd2d7adcf4bba95a885c87d2c6e4dc9c1b012 Mon Sep 17 00:00:00 2001 From: James Denton Date: Thu, 22 Dec 2022 05:55:48 -0600 Subject: [PATCH] Create separate lock path for neutron-ovn-metadata-agent root user/group ownership of the neutron-ovn-metadata service caused the neutron lock dir to be owned by root:root, which caused issues with neutron-server's ability to write the OVN hash ring lock file to /run/lock/neutron and prevented the creation of networks. It appears neutron-ovn-metadata-agent needs access to the OVS DB schema via unix:/var/run/openvswitch/db.sock, which is owned by root, so a separate lock path has been created for the metadata agent to workaround this. FWIW, this issue manifested with upstream Neutron commit 536498a29a4e7662a4d0b1bb923e2521509ad77a. Change-Id: Ib6d69bb2ce340b50140216e2abf236a1da93e46b --- vars/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/vars/main.yml b/vars/main.yml index 46438387..8fb6a464 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -495,6 +495,7 @@ neutron_services: group: neutron_ovn_controller systemd_user_name: root systemd_group_name: root + systemd_lock_dir: /run/lock/neutron-ovn-metadata service_name: neutron-ovn-metadata-agent service_en: "{{ neutron_plugin_type == 'ml2.ovn' }}" service_conf_path: "{{ neutron_conf_version_dir }}"