Default to setting secure mode on the integration bridge
Set the fail-mode on the integration bridge to be secure. This means if the agent is stopped or crashes, and OVS is also restarted, OVS will not program a default NORMAL action. As soon as the agent is restarted, it will correctly program the integration bridge. Change-Id: Icf7e3e14ee747c8ce92c14c95a0a1bbf35986252 Closes-Bug: #1324703
This commit is contained in:
parent
68a9191aa7
commit
0412c8a3c4
@ -127,6 +127,10 @@ class OVSBridge(BaseOVS):
|
||||
return res.strip().split('\n')
|
||||
return res
|
||||
|
||||
def set_secure_mode(self):
|
||||
self.run_vsctl(['--', 'set-fail-mode', self.br_name, 'secure'],
|
||||
check_error=True)
|
||||
|
||||
def set_protocols(self, protocols):
|
||||
self.run_vsctl(['--', 'set', 'bridge', self.br_name,
|
||||
"protocols=%s" % protocols],
|
||||
|
@ -202,6 +202,7 @@ class OVSNeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin,
|
||||
self.int_br_device_count = 0
|
||||
|
||||
self.int_br = ovs_lib.OVSBridge(integ_br, self.root_helper)
|
||||
self.int_br.set_secure_mode()
|
||||
# Stores port update notifications for processing in main rpc loop
|
||||
self.updated_ports = set()
|
||||
self.setup_rpc()
|
||||
|
@ -167,6 +167,12 @@ class OVS_Lib_Test(base.BaseTestCase):
|
||||
['ovs-vsctl', self.TO, '--', 'get-controller', self.BR_NAME],
|
||||
root_helper=self.root_helper)
|
||||
|
||||
def test_set_secure_mode(self):
|
||||
self.br.set_secure_mode()
|
||||
self.execute.assert_called_once_with(
|
||||
['ovs-vsctl', self.TO, '--', 'set-fail-mode', self.BR_NAME,
|
||||
'secure'], root_helper=self.root_helper)
|
||||
|
||||
def test_set_protocols(self):
|
||||
protocols = 'OpenFlow13'
|
||||
self.br.set_protocols(protocols)
|
||||
|
@ -118,6 +118,8 @@ class TestOvsNeutronAgent(base.BaseTestCase):
|
||||
mock.patch('neutron.plugins.openvswitch.agent.ovs_neutron_agent.'
|
||||
'OVSNeutronAgent.setup_ancillary_bridges',
|
||||
return_value=[]),
|
||||
mock.patch('neutron.agent.linux.ovs_lib.OVSBridge.'
|
||||
'set_secure_mode'),
|
||||
mock.patch('neutron.agent.linux.ovs_lib.OVSBridge.'
|
||||
'get_local_port_mac',
|
||||
return_value='00:00:00:00:00:01'),
|
||||
@ -895,6 +897,8 @@ class AncillaryBridgesTest(base.BaseTestCase):
|
||||
mock.patch('neutron.agent.linux.ovs_lib.OVSBridge.'
|
||||
'get_local_port_mac',
|
||||
return_value='00:00:00:00:00:01'),
|
||||
mock.patch('neutron.agent.linux.ovs_lib.OVSBridge.'
|
||||
'set_secure_mode'),
|
||||
mock.patch('neutron.agent.linux.ovs_lib.get_bridges',
|
||||
return_value=bridges),
|
||||
mock.patch(
|
||||
|
@ -107,6 +107,7 @@ class TunnelTest(base.BaseTestCase):
|
||||
self.mock_int_bridge = self.ovs_bridges[self.INT_BRIDGE]
|
||||
self.mock_int_bridge.get_local_port_mac.return_value = '000000000001'
|
||||
self.mock_int_bridge_expected = [
|
||||
mock.call.set_secure_mode(),
|
||||
mock.call.get_local_port_mac(),
|
||||
mock.call.delete_port('patch-tun'),
|
||||
mock.call.remove_all_flows(),
|
||||
|
Loading…
x
Reference in New Issue
Block a user