netplugin icon indicating copy to clipboard operation
netplugin copied to clipboard

Published 20 hours ago verified publisher icon contiv

"Policy is being used" despite not being used by an EndpointGroup

Open truncj opened this issue 7 years ago • 3 comments

Ran into an issue while trying to add a policy to one of my EPGs, where it said the policy didn't exist. To try and fix the issue, I went through manually deleting the EPGs, ANPs, and then the Policies. But even though I had deleted the other objects, I still can't delete the rogue Policy.

ERRO[0000] Policy is being used [github.com/contiv/netplugin/netmaster/objApi.(*APIController).PolicyDelete apiController.go 1396]

screen shot 2017-06-05 at 12 01 48 pm screen shot 2017-06-05 at 12 05 23 pm

Any ideas on how to cleanup and avoid the issue?

truncj avatar Jun 05 '17 16:06 truncj

can you try netctl policy inspect <policy-name> And check EndpointGroups associated ?

rchirakk avatar Jun 05 '17 22:06 rchirakk

[root@netmaster ~]# netctl policy inspect testapp1-exp-policy Inspecting policy: testapp1-exp-policy tenant: default ERRO[0000] Key not found [github.com/contiv/netplugin/state.(*EtcdStateDriver).Read etcdstatedriver.go 121]

Looks like etcd is out of sync with the environment.

truncj avatar Jun 06 '17 13:06 truncj

check network netctl net inspect <network> and see if there are any endpoint groups (epg) associated. check contiv etcd cluster health etcdctl -C http://localhost:6666 cluster-health dump keys to check epg, etcdctl -C http://localhost:6666 ls --recursive

rchirakk avatar Jun 06 '17 20:06 rchirakk