[openstack-dev] [neutron] "ip netns exec" creates new filesystem namespace

Chris Friesen chris.friesen at windriver.com
Sun May 31 14:58:58 UTC 2015


As a public service announcement I thought I'd mention something that we 
recently spent quite a few hours tracking down.

When neutron runs "ip netns exec" to run dnsmasq or neutron-ns-metadata-proxy, 
this causes the creation of a new filesystem namespace (in addition to setting 
the network namespace), which means that any devices that are mounted will be 
mounted in the new filesystem namespace as well, causing their refcounts to be 
incremented.  The new filesystem namespace exists as long as the executable 
started by the command.

So if you have something like a drbd block device that you want to demote (or 
any number of other similar scenarios) you have to go into all of the filesystem 
namespaces and unmount that block device in each namespace before the refcount 
actually drops back to zero.

Chris



More information about the OpenStack-dev mailing list