diff --git a/neutron/plugins/ml2/drivers/ovn/mech_driver/mech_driver.py b/neutron/plugins/ml2/drivers/ovn/mech_driver/mech_driver.py index f8391945ba9..3d69a369842 100644 --- a/neutron/plugins/ml2/drivers/ovn/mech_driver/mech_driver.py +++ b/neutron/plugins/ml2/drivers/ovn/mech_driver/mech_driver.py @@ -1286,7 +1286,7 @@ def create_default_drop_port_group(nb_idl): txn.add(nb_idl.pg_acl_add(may_exist=True, **acl)) ports_with_pg = set() - for pg in nb_idl.get_port_groups().values(): + for pg in nb_idl.get_sg_port_groups().values(): ports_with_pg.update(pg['ports']) if ports_with_pg: diff --git a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/api.py b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/api.py index 6476d89afa2..d19a6804c97 100644 --- a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/api.py +++ b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/api.py @@ -372,8 +372,8 @@ class API(api.API, metaclass=abc.ABCMeta): """ @abc.abstractmethod - def get_port_groups(self): - """Gets all port groups in the OVN_Northbound DB + def get_sg_port_groups(self): + """Gets port groups in the OVN_Northbound DB that map to SGs. :returns: dictionary indexed by name, DB columns as values """ diff --git a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/impl_idl_ovn.py b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/impl_idl_ovn.py index 066eb19f0d2..e5a629da586 100644 --- a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/impl_idl_ovn.py +++ b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/impl_idl_ovn.py @@ -685,7 +685,13 @@ class OvsdbNbOvnIdl(nb_impl_idl.OvnNbApiIdlImpl, Backend): # removed at some point. return - def get_port_groups(self): + def get_sg_port_groups(self): + """Returns OVN port groups used as Neutron Security Groups. + + This method will return all port group entries in OVN that map to + a Security Group. Even though neutron_pg_drop is used to assist on + SGs, it will also not be returned. + """ port_groups = {} try: for row in self._tables['Port_Group'].rows.values(): diff --git a/neutron/tests/functional/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_ovn_db_sync.py b/neutron/tests/functional/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_ovn_db_sync.py index ebe24e05306..88f66717916 100644 --- a/neutron/tests/functional/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_ovn_db_sync.py +++ b/neutron/tests/functional/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_ovn_db_sync.py @@ -1315,7 +1315,7 @@ class TestOvnNbSync(base.TestOVNFunctionalBase): db_pgs.append(utils.ovn_port_group_name(sg['id'])) db_pgs.append(ovn_const.OVN_DROP_PORT_GROUP_NAME) - nb_pgs = _plugin_nb_ovn.get_port_groups() + nb_pgs = _plugin_nb_ovn.get_sg_port_groups() mn_pgs = [] for row in self.nb_api.tables['Port_Group'].rows.values(): diff --git a/neutron/tests/unit/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_impl_idl_ovn.py b/neutron/tests/unit/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_impl_idl_ovn.py index bb1064fd3d2..19bca463353 100644 --- a/neutron/tests/unit/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_impl_idl_ovn.py +++ b/neutron/tests/unit/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_impl_idl_ovn.py @@ -775,11 +775,11 @@ class TestNBImplIdlOvn(TestDBImplIdlOvn): port_group = self.nb_ovn_idl.get_port_group(str(uuid.uuid4())) self.assertIsNone(port_group) - def test_get_port_groups_not_supported(self): + def test_get_sg_port_groups_not_supported(self): self._load_nb_db() # Make sure that PG tables doesn't exist in fake db. self._tables.pop('Port_Group', None) - port_groups = self.nb_ovn_idl.get_port_groups() + port_groups = self.nb_ovn_idl.get_sg_port_groups() self.assertEqual({}, port_groups) diff --git a/neutron/tests/unit/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_ovn_db_sync.py b/neutron/tests/unit/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_ovn_db_sync.py index d983b71d240..96e2cd435bc 100644 --- a/neutron/tests/unit/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_ovn_db_sync.py +++ b/neutron/tests/unit/plugins/ml2/drivers/ovn/mech_driver/ovsdb/test_ovn_db_sync.py @@ -131,18 +131,18 @@ class TestOvnNbSyncML2(test_mech_driver.OVNMechanismDriverTestCase): 'security_group_id': 'sg2'}], 'name': 'all-tcpe'}] - self.port_groups_ovn = [mock.Mock(), mock.Mock(), mock.Mock()] - self.port_groups_ovn[0].configure_mock( + self.sg_port_groups_ovn = [mock.Mock(), mock.Mock(), mock.Mock()] + self.sg_port_groups_ovn[0].configure_mock( name='pg_sg1', external_ids={ovn_const.OVN_SG_EXT_ID_KEY: 'sg1'}, ports=[], acls=[]) - self.port_groups_ovn[1].configure_mock( + self.sg_port_groups_ovn[1].configure_mock( name='pg_unknown_del', external_ids={ovn_const.OVN_SG_EXT_ID_KEY: 'sg2'}, ports=[], acls=[]) - self.port_groups_ovn[2].configure_mock( + self.sg_port_groups_ovn[2].configure_mock( name='neutron_pg_drop', external_ids=[], ports=[], @@ -410,9 +410,9 @@ class TestOvnNbSyncML2(test_mech_driver.OVNMechanismDriverTestCase): ovn_nb_synchronizer.get_acls.return_value = self.acls_ovn core_plugin.get_security_groups = mock.MagicMock( return_value=self.security_groups) - get_port_groups = mock.MagicMock() - get_port_groups.execute.return_value = self.port_groups_ovn - ovn_api.db_list_rows.return_value = get_port_groups + get_sg_port_groups = mock.MagicMock() + get_sg_port_groups.execute.return_value = self.sg_port_groups_ovn + ovn_api.db_list_rows.return_value = get_sg_port_groups ovn_api.lsp_list.execute.return_value = self.ports_ovn # end of acl-sync block