OFAgent: Improve handling of security group updates
Port the following patch to OFAgent.
commit: 3046c4ae22
https://review.openstack.org/#/c/63100/
Partial-Bug: 1293265
Change-Id: Iecdfee894ff2fd5f05f63f040dd70821af124737
This commit is contained in:
parent
34e3be16a1
commit
6e46769594
@ -153,7 +153,7 @@ class OFASecurityGroupAgent(sg_rpc.SecurityGroupAgentRpcMixin):
|
||||
self.context = context
|
||||
self.plugin_rpc = plugin_rpc
|
||||
self.root_helper = root_helper
|
||||
self.init_firewall()
|
||||
self.init_firewall(defer_refresh_firewall=True)
|
||||
|
||||
|
||||
class OFANeutronAgentRyuApp(app_manager.RyuApp):
|
||||
@ -1162,9 +1162,8 @@ class OFANeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin):
|
||||
resync_removed = False
|
||||
# If there is an exception while processing security groups ports
|
||||
# will not be wired anyway, and a resync will be triggered
|
||||
self.sg_agent.prepare_devices_filter(port_info.get('added', set()))
|
||||
if port_info.get('updated'):
|
||||
self.sg_agent.refresh_firewall()
|
||||
self.sg_agent.setup_port_filters(port_info.get('added', set()),
|
||||
port_info.get('updated', set()))
|
||||
# VIF wiring needs to be performed always for 'new' devices.
|
||||
# For updated ports, re-wiring is not needed in most cases, but needs
|
||||
# to be performed anyway when the admin state of a device is changed.
|
||||
@ -1240,7 +1239,8 @@ class OFANeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin):
|
||||
|
||||
def _agent_has_updates(self, polling_manager):
|
||||
return (polling_manager.is_polling_required or
|
||||
self.updated_ports)
|
||||
self.updated_ports or
|
||||
self.sg_agent.firewall_refresh_needed())
|
||||
|
||||
def _port_info_has_changes(self, port_info):
|
||||
return (port_info.get('added') or
|
||||
@ -1298,8 +1298,10 @@ class OFANeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin):
|
||||
"Elapsed:%(elapsed).3f"),
|
||||
{'iter_num': self.iter_num,
|
||||
'elapsed': time.time() - start})
|
||||
# notify plugin about port deltas
|
||||
if self._port_info_has_changes(port_info):
|
||||
# Secure and wire/unwire VIFs and update their status
|
||||
# on Neutron server
|
||||
if (self._port_info_has_changes(port_info) or
|
||||
self.sg_agent.firewall_refresh_needed()):
|
||||
LOG.debug(_("Starting to process devices in:%s"),
|
||||
port_info)
|
||||
# If treat devices fails - must resync with plugin
|
||||
|
@ -451,18 +451,15 @@ class TestOFANeutronAgent(OFAAgentTestCase):
|
||||
|
||||
def _test_process_network_ports(self, port_info):
|
||||
with contextlib.nested(
|
||||
mock.patch.object(self.agent.sg_agent, "prepare_devices_filter"),
|
||||
mock.patch.object(self.agent.sg_agent, "refresh_firewall"),
|
||||
mock.patch.object(self.agent.sg_agent, "setup_port_filters"),
|
||||
mock.patch.object(self.agent, "treat_devices_added_or_updated",
|
||||
return_value=False),
|
||||
mock.patch.object(self.agent, "treat_devices_removed",
|
||||
return_value=False)
|
||||
) as (prep_dev_filter, refresh_fw,
|
||||
device_added_updated, device_removed):
|
||||
) as (setup_port_filters, device_added_updated, device_removed):
|
||||
self.assertFalse(self.agent.process_network_ports(port_info))
|
||||
prep_dev_filter.assert_called_once_with(port_info['added'])
|
||||
if port_info.get('updated'):
|
||||
self.assertEqual(1, refresh_fw.call_count)
|
||||
setup_port_filters.assert_called_once_with(
|
||||
port_info['added'], port_info.get('updated', set()))
|
||||
device_added_updated.assert_called_once_with(
|
||||
port_info['added'] | port_info.get('updated', set()))
|
||||
device_removed.assert_called_once_with(port_info['removed'])
|
||||
|
Loading…
Reference in New Issue
Block a user