Avoid race between NP creation and pod annotation

This patch ensure that NPs are not applied to pods that have not yet being annotated. This will avoid the race and the pods will get their SG updated anyway when the annotation happens. Closes-Bug: 1817318 Change-Id: Idee99993fcf5f84a1b25a6154a6a8ce487f2f3f1
2019-02-22 14:00:31 +01:00 · 2019-02-22 14:00:31 +01:00 · 7aef10a0f7
commit 7aef10a0f7
parent b76c379ed1
1 changed files with 10 additions and 8 deletions
--- a/kuryr_kubernetes/controller/drivers/neutron_vif.py
+++ b/kuryr_kubernetes/controller/drivers/neutron_vif.py
@ -95,14 +95,16 @@ class NeutronPodVIFDriver(base.PodVIFDriver):
    def update_vif_sgs(self, pod, security_groups):
        neutron = clients.get_neutron_client()
        pod_state = utils.get_pod_state(pod)
-        # NOTE(ltomasbo): It just updates the default_vif security group
-        port_id = pod_state.vifs[constants.DEFAULT_IFNAME].id
-        neutron.update_port(port_id,
-                            {
-                                "port": {
-                                    'security_groups': list(security_groups)
-                                }
-                            })
+        if pod_state:
+            # NOTE(ltomasbo): It just updates the default_vif security group
+            port_id = pod_state.vifs[constants.DEFAULT_IFNAME].id
+            neutron.update_port(port_id,
+                                {
+                                    "port": {
+                                        'security_groups': list(
+                                            security_groups)
+                                    }
+                                })

    def _get_port_request(self, pod, project_id, subnets, security_groups,
                          unbound=False):