Browse Source

Merge "Fix OVS conjunctive IP flows cleanup" into stable/rocky

changes/64/789664/1
Zuul 6 months ago
committed by Gerrit Code Review
parent
commit
308de8290a
  1. 5
      neutron/agent/linux/openvswitch_firewall/firewall.py
  2. 10
      neutron/tests/unit/agent/linux/openvswitch_firewall/test_firewall.py

5
neutron/agent/linux/openvswitch_firewall/firewall.py

@ -1510,4 +1510,9 @@ class OVSFirewallDriver(firewall.FirewallDriver):
# the actions field is bogus anyway.
del flow['actions']
del flow['priority']
# NOTE(hangyang) If cookie is not set then _delete_flows will
# use the OVSBridge._default_cookie to filter the flows but that
# will not match with the ip flow's cookie so OVS won't actually
# delete the flow
flow['cookie'] = ovs_lib.COOKIE_ANY
self._delete_flows(deferred=False, **flow)

10
neutron/tests/unit/agent/linux/openvswitch_firewall/test_firewall.py

@ -1061,6 +1061,16 @@ class TestOVSFirewallDriver(base.BaseTestCase):
addr_to_conj = {'addr1': {8, 16, 24}}
self._test_delete_flows_for_flow_state(addr_to_conj, False)
def test_delete_flow_for_ip_using_cookie_any(self):
with mock.patch.object(self.firewall, '_delete_flows') as \
mock_delete_flows:
self.firewall.delete_flow_for_ip('10.1.2.3',
constants.INGRESS_DIRECTION,
constants.IPv4, 100, [0])
_, kwargs = mock_delete_flows.call_args
self.assertIn('cookie', kwargs)
self.assertIs(ovs_lib.COOKIE_ANY, kwargs['cookie'])
class TestCookieContext(base.BaseTestCase):
def setUp(self):

Loading…
Cancel
Save