Default to setting secure mode on the integration bridge

Set the fail-mode on the integration bridge to be secure. This means if the agent
is stopped or crashes, and OVS is also restarted, OVS will not program a default
NORMAL action. As soon as the agent is restarted, it will correctly program the
integration bridge.

Change-Id: Icf7e3e14ee747c8ce92c14c95a0a1bbf35986252
Closes-Bug: #1324703
This commit is contained in:
Kyle Mestery 2014-05-30 08:48:37 +00:00
parent 68a9191aa7
commit 0412c8a3c4
5 changed files with 16 additions and 0 deletions

View File

@ -127,6 +127,10 @@ class OVSBridge(BaseOVS):
return res.strip().split('\n')
return res
def set_secure_mode(self):
self.run_vsctl(['--', 'set-fail-mode', self.br_name, 'secure'],
check_error=True)
def set_protocols(self, protocols):
self.run_vsctl(['--', 'set', 'bridge', self.br_name,
"protocols=%s" % protocols],

View File

@ -202,6 +202,7 @@ class OVSNeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin,
self.int_br_device_count = 0
self.int_br = ovs_lib.OVSBridge(integ_br, self.root_helper)
self.int_br.set_secure_mode()
# Stores port update notifications for processing in main rpc loop
self.updated_ports = set()
self.setup_rpc()

View File

@ -167,6 +167,12 @@ class OVS_Lib_Test(base.BaseTestCase):
['ovs-vsctl', self.TO, '--', 'get-controller', self.BR_NAME],
root_helper=self.root_helper)
def test_set_secure_mode(self):
self.br.set_secure_mode()
self.execute.assert_called_once_with(
['ovs-vsctl', self.TO, '--', 'set-fail-mode', self.BR_NAME,
'secure'], root_helper=self.root_helper)
def test_set_protocols(self):
protocols = 'OpenFlow13'
self.br.set_protocols(protocols)

View File

@ -118,6 +118,8 @@ class TestOvsNeutronAgent(base.BaseTestCase):
mock.patch('neutron.plugins.openvswitch.agent.ovs_neutron_agent.'
'OVSNeutronAgent.setup_ancillary_bridges',
return_value=[]),
mock.patch('neutron.agent.linux.ovs_lib.OVSBridge.'
'set_secure_mode'),
mock.patch('neutron.agent.linux.ovs_lib.OVSBridge.'
'get_local_port_mac',
return_value='00:00:00:00:00:01'),
@ -895,6 +897,8 @@ class AncillaryBridgesTest(base.BaseTestCase):
mock.patch('neutron.agent.linux.ovs_lib.OVSBridge.'
'get_local_port_mac',
return_value='00:00:00:00:00:01'),
mock.patch('neutron.agent.linux.ovs_lib.OVSBridge.'
'set_secure_mode'),
mock.patch('neutron.agent.linux.ovs_lib.get_bridges',
return_value=bridges),
mock.patch(

View File

@ -107,6 +107,7 @@ class TunnelTest(base.BaseTestCase):
self.mock_int_bridge = self.ovs_bridges[self.INT_BRIDGE]
self.mock_int_bridge.get_local_port_mac.return_value = '000000000001'
self.mock_int_bridge_expected = [
mock.call.set_secure_mode(),
mock.call.get_local_port_mac(),
mock.call.delete_port('patch-tun'),
mock.call.remove_all_flows(),