ovn: Filter ACL columns when syncing the DB

The patch filters columns from OVN DB only to those that are used by the ovn mechanism driver. It means generated ACLs from Neutron DB and ACLs obtained from the OVN DB will always have the same columns. This is useful for db sync script when comparing if given security group rule has corresponding ACL in the OVN DB. Closes-Bug: #1951296 Signed-off-by: Jakub Libosvar <libosvar@redhat.com> Change-Id: I39e3b987b8546fd970a933b846ed23c8a2588258
2021-11-17 17:29:13 +00:00 · 2021-11-17 17:29:13 +00:00 · 23b99e2f12
parent 63f8a39d75
commit 23b99e2f12
1 changed files with 5 additions and 7 deletions
--- a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py
+++ b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py
@ -225,16 +225,14 @@ class OvnNbSynchronizer(OvnDbSynchronizer):

    def _get_acls_from_port_groups(self):
        ovn_acls = []
-        port_groups = self.ovn_api.db_list_rows('Port_Group').execute()
-        for pg in port_groups:
+        acl_columns = (self.ovn_api._tables['ACL'].columns.keys() &
+                       set(ovn_const.ACL_EXPECTED_COLUMNS_NBDB))
+        acl_columns.discard('external_ids')
+        for pg in self.ovn_api.db_list_rows('Port_Group').execute():
            acls = getattr(pg, 'acls', [])
            for acl in acls:
-                acl_string = {}
+                acl_string = {k: getattr(acl, k) for k in acl_columns}
                acl_string['port_group'] = pg.name
-                for acl_key in getattr(acl, "_data", {}):
-                    acl_string[acl_key] = getattr(acl, acl_key)
-                acl_string.pop('meter')
-                acl_string.pop('external_ids')
                ovn_acls.append(acl_string)
        return ovn_acls