openvswitch is maintained by coldpool

Which python version is being installed?

The system with the python packages about:

- python3
- libpython3_6m1_0 
- python3-base
- libpython2_7-1_0 
- python-base

There is no more python(2) installed/found in the latest SLES15 SP4 b101.1 system.

(In reply to Ben Chou from comment #3)
> The system with the python packages about:
> 
> - python3
> - libpython3_6m1_0 
> - python3-base
> - libpython2_7-1_0 
> - python-base
> 
> There is no more python(2) installed/found in the latest SLES15 SP4 b101.1
> system.

According to the POX README file:
POX officially requires Python 2.7 (though much of it will work fine
fine with Python 2.6), and should run under Linux, Mac OS, and Windows.
(And just about anywhere else -- we've run it on Android phones,
under FreeBSD, Haiku, and elsewhere.  All you need is Python!)
You can place a pypy distribution alongside pox.py (in a directory
named "pypy"), and POX will run with pypy (this can be a significant
performance boost!).
-eoq-

So it may have problems with python3.

Hm ...
https://openqa.suse.de/tests/8216250/asset/hdd/SLES-15-SP4-x86_64-Build101.1@64bit-gnome.qcow2
has

/usr/bin/python2             /usr/bin/python3.8           /usr/bin/python3-unidiff
/usr/bin/python2.7           /usr/bin/python3.8-config    /usr/bin/python-coverage
/usr/bin/python2.7-coverage  /usr/bin/python3.8-coverage  /usr/bin/pythontex
/usr/bin/python2-coverage    /usr/bin/python3-config
/usr/bin/python3             /usr/bin/python3-coverage

while https://openqa.suse.de/tests/8184524/asset/hdd/SLES-15-SP4-x86_64-Build98.1@64bit-gnome.qcow2
has (only)

/usr/bin/python3  /usr/bin/python3.6  /usr/bin/python3.6m

So I guess it must have something to do with POX not supporting python3.

(In reply to Josef Möllers from comment #5)

> So I guess it must have something to do with POX not supporting python3.

Sorry for the noise. Some documentation says "POX requires Python 2.7." some says "POX 
officially requires Python 3". Very confusing.

Nonetheless: can you please describe in more detail the steps required to reproduce the issue? We, the "coldpool" team, are not the maintainer of the packages we look after and so have little intimate knowledge of the packages.

I have installed openvswitch-2.14.2-150400.22.15.x86_64 and know how to start the service, but how exactly do I "Create vswitch, virtual tap devices and add them to switch" and the following steps? Searching the internet did not anything usable.

Thanks in advance.

Hi Josef,

Sorry for the late.

I should provide our original test case[1] in advance for your reference. There are some detailed steps about creating virtual TAP devices and add them to vswitch in step 4.

Currently, the following python packages were installed in our openQA test cases. 
- python3
- libpython3_6m1_0 
- python3-base
- libpython2_7-1_0 
- python-base

But it still test Fail in new build: [2]
Previous build test Passed : [3]


[1] https://bugzilla.suse.com/tr_show_case.cgi?case_id=1769964
[2] https://openqa.suse.de/tests/8216250#step/openvswitch_ssl/42
[3] https://openqa.suse.de/tests/8169003#step/openvswitch_ssl/40

Please note that libpython2_7-1_0 and python-base shouldn't be used any longer. They will be removed from the media, as python2 won't be provided with SLE 15 SP4.

Thanks, Ben, for the links, especially [1]!

Created attachment 856901 [details]
log file of attempt to reproduce the issue.

Thanks, Ben, for the description.

I tried everything and it worked, until the pox command:
# git clone -b dart https://github.com/noxrepo/pox
Cloning into 'pox'...
remote: Enumerating objects: 12775, done.
remote: Total 12775 (delta 0), reused 0 (delta 0), pack-reused 12775
Receiving objects: 100% (12775/12775), 4.84 MiB | 2.32 MiB/s, done.
Resolving deltas: 100% (8249/8249), done.
# cd pox
# ./pox.py openflow.of_01 --port=6634 \
    --private-key=/etc/openvswitch/ct-privkey.pem \
    --certificate=/etc/openvswitch/ct-cert.pem \
    --ca-cert=/etc/openvswitch/cacert.pem
# ./pox.py openflow.of_01 --port=6634 \
>     --private-key=/etc/openvswitch/ct-privkey.pem \
>     --certificate=/etc/openvswitch/ct-cert.pem \
>     --ca-cert=/etc/openvswitch/cacert.pem
Traceback (most recent call last):
  File "./pox.py", line 42, in <module>
    from pox.boot import boot
  File "/root/git/pox/pox/boot.py", line 55, in <module>
    import pox.core
  File "/root/git/pox/pox/core.py", line 159, in <module>
    import pox.lib.recoco as recoco
  File "/root/git/pox/pox/lib/recoco/__init__.py", line 1, in <module>
    from recoco import *
ModuleNotFoundError: No module named 'recoco'


I then prepended PYTHONPATH=./pox/lib/ to the command only to get
Traceback (most recent call last):
  File "./pox.py", line 42, in <module>
    from pox.boot import boot
  File "/root/git/pox/pox/boot.py", line 58, in <module>
    import pox.openflow
  File "/root/git/pox/pox/openflow/__init__.py", line 37, in <module>
    from pox.lib.util import dpidToStr
  File "/root/git/pox/pox/lib/util.py", line 502, in <module>
    _scalar_types = (int, long, basestring, float, bool)
NameError: name 'long' is not defined


What am I doing wrong here?

I have atteched my log file.

I'm sorry, but I still cannot reproduce the issue.

It seems that pox (dart) is still based upon python2, eg
file /root/git/pox/pox/lib/util.py, line 502:
_scalar_types = (int, long, basestring, float, bool)
python3 has neither "long" nor "basestring". They are replaced by "int" and "str".

So I just cloned pox:
# git clone http://github.com/noxrepo/pox
and ran that:
# ./pox.py openflow.of_01 --port=6634 \
     --private-key=/etc/openvswitch/ct-privkey.pem \
     --certificate=/etc/openvswitch/ct-cert.pem \
     --ca-cert=/etc/openvswitch/cacert.pem
POX 0.7.0 (gar) / Copyright 2011-2020 James McCauley, et al.
WARNING:version:Support for Python 3 is experimental.
INFO:core:POX 0.7.0 (gar) is up.

I then continued with the reproduction:
7, Set SSL for openvswitch and connect to open-flow controller (POX)
# ovs-vsctl set-ssl /etc/openvswitch/sc-privkey.pem /etc/openvswitch/sc-cert.pem /etc/openvswitch/cacert.pem
-> No output on either side ("pox" and "ovs-vsctl")
Set controller for the vswitch:
# ovs-vsctl set-controller ovsbr0 "ssl:127.0.0.1:6634"

... this causes these error messages to be printed:
Task <OpenFlow_01_Task 1 tid:2> caused an exception and was de-scheduled
Traceback (most recent call last):
  File "/root/git/pox/pox/openflow/of_01.py", line 1120, in run
    new_sock.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
OSError: [Errno 0] Error

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/root/git/pox/pox/lib/recoco/recoco.py", line 317, in cycle
    rv = t.execute()
  File "/root/git/pox/pox/lib/recoco/recoco.py", line 111, in execute
    return self.gen.send(v)
  File "/root/git/pox/pox/openflow/of_01.py", line 1154, in run
    sock_error = sys.exc_info()[1][0]
TypeError: 'OSError' object is not subscriptable


I waited some time but nothing else was shown, even after a restart of openvswitch:
# systemctl restart openvswitch

# ovs-vsctl show
dbe59503-06ea-4d8a-a127-ee9625a496de
    Bridge ovsbr0
        Controller "ssl:127.0.0.1:6634"
        Port vport1
            Interface vport1
        Port vport2
            Interface vport2
        Port ovsbr0
            Interface ovsbr0
                type: internal
    ovs_version: "2.14.2"

NB "pox" (gar) has this line:
_scalar_types = (int, str, float, bool)

I'm not a python expert, but I think that "dart" is NOT the correct version to be used with python3!?!

I'll continue investigation, though.

Ping Ben,
Have you tried switching to a newer version of pox?

Hello Josef,

Sorry for late, I am busy on other tasks these days.
I will send a PR to openQA and use the latest version and trigger the newer build test again. 
Thanks for the help.

A note regarding the python version. The installation had

- libpython2_7-1_0 
- python-base

installed and therefore python2. With the RC1 candidate these packages have been removed from the media and builds starting with 117.1 won't install python2 any longer.

Hello Josef and Radoslav,

We (Shawn and I) try to apply for the POX 0.7.0 (gar) is up after we clone the latest default branch.

After doing some more tests, the test result is the same as Comment#12 from Josef.

==================

10:/etc/openvswitch/pox # ./pox.py openflow.of_01 --port=6634 \
>     --private-key=/etc/openvswitch/ct-privkey.pem \
>     --certificate=/etc/openvswitch/ct-cert.pem \
>     --ca-cert=/etc/openvswitch/cacert.pem
POX 0.7.0 (gar) / Copyright 2011-2020 James McCauley, et al.
WARNING:version:Support for Python 3 is experimental.
INFO:core:POX 0.7.0 (gar) is up.

Task <OpenFlow_01_Task 1 tid:2> caused an exception and was de-scheduled
Traceback (most recent call last):
  File "/etc/openvswitch/pox/pox/openflow/of_01.py", line 1120, in run
    new_sock.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
OSError: [Errno 0] Error

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/etc/openvswitch/pox/pox/lib/recoco/recoco.py", line 317, in cycle
    rv = t.execute()
  File "/etc/openvswitch/pox/pox/lib/recoco/recoco.py", line 111, in execute
    return self.gen.send(v)
  File "/etc/openvswitch/pox/pox/openflow/of_01.py", line 1154, in run
    sock_error = sys.exc_info()[1][0]
TypeError: 'OSError' object is not subscriptable

============

I'm not a python expert either, and I agree with Josef that "dart" is NOT the correct version to be used with python3. 

So I think this original issue could be able to close as the "dart" could not be tested anymore.

On the other hand, it will be launching another research for python3 and POX 0.7.0 (gar) testing.

Further investigate topic:
- Do we support POX 0.7.0 test in SLE15SP4 (as the test case can be passed on python2.7 + POX 0.3.0)
- Test cases need to be updated as python 3 as the default version
- Need to figure out if POX 0.7.0 can work well in non-FIPS mode

Thank you.

Thanks Ben,
I'm assigning this bug to you then so you can close it when the POX version issue has been sorted out.
Feel free to reassign back to me if you feel this is unwarranted.

I am researching this bug with Ben and I'm here to share some new updates:

• Met the same issue when using pox0.7.0 with python3 as Josef did, and this issue appears to be the same and reproducible under both fips and non-fips mode in sle15-sp4:

# ./pox.py openflow.of_01 --port=6634 --private-key=/etc/openvswitch/ct-privkey.pem --certificate=/etc/openvswitch/ct-cert.pem --ca-cert=/etc/openvswitch/cacert.pem
POX 0.7.0 (gar) / Copyright 2011-2020 James McCauley, et al.
WARNING:version:Support for Python 3 is experimental.
INFO:core:POX 0.7.0 (gar) is up.
Task <OpenFlow_01_Task 1 tid:2> caused an exception and was de-scheduled
Traceback (most recent call last):
  File "/etc/openvswitch/pox/pox/openflow/of_01.py", line 1120, in run
    new_sock.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib64/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
OSError: [Errno 0] Error

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/etc/openvswitch/pox/pox/lib/recoco/recoco.py", line 317, in cycle
    rv = t.execute()
  File "/etc/openvswitch/pox/pox/lib/recoco/recoco.py", line 111, in execute
    return self.gen.send(v)
  File "/etc/openvswitch/pox/pox/openflow/of_01.py", line 1154, in run
    sock_error = sys.exc_info()[1][0]
TypeError: 'OSError' object is not subscriptable

Thanks Shawn's comment.

@Josef 
Base on the comment#19. I think the problem is not introduced by FIPS mode. It can be reproduced on non-FIPS mode too. Would you mind we can report another bug to track the latest status and close this one? 

Thank you.

(In reply to Ben Chou from comment #20)
> Thanks Shawn's comment.
> 
> @Josef 
> Base on the comment#19. I think the problem is not introduced by FIPS mode.
> It can be reproduced on non-FIPS mode too. Would you mind we can report
> another bug to track the latest status and close this one? 


IMHO I'm not really involved ATM, so ... yes, feel free to do that.

Closing this bug as requested by Ben

Base on comment19,

The original error is not reproduced anymore after applying python3 and the latest POX. We can close this one now. Set as verified.

Thank you.

This is an autogenerated message for openQA integration by the openqa_review script:

This bug is still referenced in a failing openQA test: fips_env_mode_tests_crypt_tool
https://openqa.suse.de/tests/8686323#step/gpg/1

To prevent further reminder comments one of the following options should be followed:
1. The test scenario is fixed by applying the bug fix to the tested product or the test is adjusted
2. The openQA job group is moved to "Released" or "EOL" (End-of-Life)
3. The bugref in the openQA scenario is removed or replaced, e.g. `label:wontfix:boo1234`

Expect the next reminder at the earliest in 28 days if nothing changes in this ticket.

This is an autogenerated message for openQA integration by the openqa_review script:

This bug is still referenced in a failing openQA test: fips_env_mode_tests_crypt_tool
https://openqa.suse.de/tests/8763846#step/gpg/1

To prevent further reminder comments one of the following options should be followed:
1. The test scenario is fixed by applying the bug fix to the tested product or the test is adjusted
2. The openQA job group is moved to "Released" or "EOL" (End-of-Life)
3. The bugref in the openQA scenario is removed or replaced, e.g. `label:wontfix:boo1234`

Expect the next reminder at the earliest in 56 days if nothing changes in this ticket.