From 28975c7cd6435dfc9b4b26c5f365b3f81e9c0258 Mon Sep 17 00:00:00 2001 From: Zane Bitter Date: Wed, 12 Jun 2019 19:19:15 -0400 Subject: [PATCH] Disallow in-place update of Port MAC address While Neutron may technically allow updating the requested MAC address of a port (for admin users only), in practice this only appears to work when the port is not in use. Use Heat's replace-on-update flow, which is designed to handle resources that are in use, to deal with changes to the requested MAC. Change-Id: I278584ecfe59a338d3135416527d9d3332808d2a Depends-On: https://review.opendev.org/665692 Task: 31012 --- heat/engine/resources/openstack/neutron/port.py | 2 -- .../notes/port-mac-address-update-b377d23434e7b48a.yaml | 6 ++++++ 2 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 releasenotes/notes/port-mac-address-update-b377d23434e7b48a.yaml diff --git a/heat/engine/resources/openstack/neutron/port.py b/heat/engine/resources/openstack/neutron/port.py index a5491ec4af..1843493e92 100644 --- a/heat/engine/resources/openstack/neutron/port.py +++ b/heat/engine/resources/openstack/neutron/port.py @@ -245,7 +245,6 @@ class Port(neutron.NeutronResource): constraints=[ constraints.CustomConstraint('mac_addr') ], - update_allowed=True, ), ALLOWED_ADDRESS_PAIRS: properties.Schema( properties.Schema.LIST, @@ -543,7 +542,6 @@ class Port(neutron.NeutronResource): result = super(Port, self).parse_live_resource_data( resource_properties, resource_data) result[self.QOS_POLICY] = resource_data.get('qos_policy_id') - result.pop(self.MAC_ADDRESS) fixed_ips = resource_data.get(self.FIXED_IPS) or [] if fixed_ips: result.update({self.FIXED_IPS: []}) diff --git a/releasenotes/notes/port-mac-address-update-b377d23434e7b48a.yaml b/releasenotes/notes/port-mac-address-update-b377d23434e7b48a.yaml new file mode 100644 index 0000000000..781fffde35 --- /dev/null +++ b/releasenotes/notes/port-mac-address-update-b377d23434e7b48a.yaml @@ -0,0 +1,6 @@ +--- +fixes: + - | + ``OS::Neutron::Port`` resources will now be replaced when the + ``mac_address`` property is modified. Neutron is unable to update the MAC + address of a port once the port is in use.