Fix DBDuplicateError handling in _ensure_default_security_group
The coding in change-id Ibb0597d4db187c856f9ac1d9700701e0165c3c73 catches and ignores DBDuplicateError in a nested transaction. It would cause another exception, InvalidRequestError, on the next operation. ("This Session's transaction has been rolled back") This commit fixes it. Also, tweak a test case to expose the error. Closes-Bug: #1433418 Related-Bug: #1419723 Change-Id: Ie4de271c0512fb2ecc6ed6842ad20386e3785a9c
This commit is contained in:
parent
d7f4210ee3
commit
5dccff1cb3
@ -529,27 +529,27 @@ class SecurityGroupDbMixin(ext_sg.SecurityGroupPluginBase):
|
|||||||
query = self._model_query(context, DefaultSecurityGroup)
|
query = self._model_query(context, DefaultSecurityGroup)
|
||||||
# the next loop should do 2 iterations at max
|
# the next loop should do 2 iterations at max
|
||||||
while True:
|
while True:
|
||||||
with db_api.autonested_transaction(context.session):
|
try:
|
||||||
|
default_group = query.filter_by(tenant_id=tenant_id).one()
|
||||||
|
except exc.NoResultFound:
|
||||||
|
security_group = {
|
||||||
|
'security_group':
|
||||||
|
{'name': 'default',
|
||||||
|
'tenant_id': tenant_id,
|
||||||
|
'description': _('Default security group')}
|
||||||
|
}
|
||||||
try:
|
try:
|
||||||
default_group = query.filter_by(tenant_id=tenant_id).one()
|
with db_api.autonested_transaction(context.session):
|
||||||
except exc.NoResultFound:
|
|
||||||
security_group = {
|
|
||||||
'security_group':
|
|
||||||
{'name': 'default',
|
|
||||||
'tenant_id': tenant_id,
|
|
||||||
'description': _('Default security group')}
|
|
||||||
}
|
|
||||||
try:
|
|
||||||
ret = self.create_security_group(
|
ret = self.create_security_group(
|
||||||
context, security_group, default_sg=True)
|
context, security_group, default_sg=True)
|
||||||
except exception.DBDuplicateEntry as ex:
|
except exception.DBDuplicateEntry as ex:
|
||||||
LOG.debug("Duplicate default security group %s was "
|
LOG.debug("Duplicate default security group %s was "
|
||||||
"not created", ex.value)
|
"not created", ex.value)
|
||||||
continue
|
continue
|
||||||
else:
|
|
||||||
return ret['id']
|
|
||||||
else:
|
else:
|
||||||
return default_group['security_group_id']
|
return ret['id']
|
||||||
|
else:
|
||||||
|
return default_group['security_group_id']
|
||||||
|
|
||||||
def _get_security_groups_on_port(self, context, port):
|
def _get_security_groups_on_port(self, context, port):
|
||||||
"""Check that all security groups on port belong to tenant.
|
"""Check that all security groups on port belong to tenant.
|
||||||
|
@ -266,11 +266,27 @@ class TestSecurityGroups(SecurityGroupDBTestCase):
|
|||||||
self._assert_sg_rule_has_kvs(v6_rule, expected)
|
self._assert_sg_rule_has_kvs(v6_rule, expected)
|
||||||
|
|
||||||
def test_skip_duplicate_default_sg_error(self):
|
def test_skip_duplicate_default_sg_error(self):
|
||||||
# can't always raise, or create_security_group will hang
|
num_called = [0]
|
||||||
|
original_func = self.plugin.create_security_group
|
||||||
|
|
||||||
|
def side_effect(context, security_group, default_sg):
|
||||||
|
# can't always raise, or create_security_group will hang
|
||||||
|
self.assertTrue(default_sg)
|
||||||
|
self.assertTrue(num_called[0] < 2)
|
||||||
|
num_called[0] += 1
|
||||||
|
ret = original_func(context, security_group, default_sg)
|
||||||
|
if num_called[0] == 1:
|
||||||
|
return ret
|
||||||
|
# make another call to cause an exception.
|
||||||
|
# NOTE(yamamoto): raising the exception by ourselves
|
||||||
|
# doesn't update the session state appropriately.
|
||||||
|
self.assertRaises(exc.DBDuplicateEntry,
|
||||||
|
original_func, context, security_group,
|
||||||
|
default_sg)
|
||||||
|
|
||||||
with mock.patch.object(SecurityGroupTestPlugin,
|
with mock.patch.object(SecurityGroupTestPlugin,
|
||||||
'create_security_group',
|
'create_security_group',
|
||||||
side_effect=[exc.DBDuplicateEntry(),
|
side_effect=side_effect):
|
||||||
{'id': 'foo'}]):
|
|
||||||
self.plugin.create_network(
|
self.plugin.create_network(
|
||||||
context.get_admin_context(),
|
context.get_admin_context(),
|
||||||
{'network': {'name': 'foo',
|
{'network': {'name': 'foo',
|
||||||
|
Loading…
Reference in New Issue
Block a user