Browse Source

Handle OVSFWPortNotFound and OVSFWTagNotFound in ovs firewall

This will prevent ovs agent from endless fail loop when dealing
with unbound port: like when port was created in neutron before
agent become alive, then agent gets online and and starts processing
devices.
This patch adds exception handling to prepare_port_filter() -
same as done in update_port_filter().

Change-Id: I1137eb18efaf51c67fab145e645f58cbd3772e40
Closes-Bug: #1849098
(cherry picked from commit e801159003)
changes/61/691861/1
Oleg Bondarev 8 months ago
committed by LIU Yulong
parent
commit
6d581e94aa
1 changed files with 17 additions and 8 deletions
  1. +17
    -8
      neutron/agent/linux/openvswitch_firewall/firewall.py

+ 17
- 8
neutron/agent/linux/openvswitch_firewall/firewall.py View File

@@ -549,14 +549,23 @@ class OVSFirewallDriver(firewall.FirewallDriver):
self._initialize_egress_no_port_security(port['device'])
return

old_of_port = self.get_ofport(port)
of_port = self.get_or_create_ofport(port)
if old_of_port:
LOG.info("Initializing port %s that was already initialized.",
port['device'])
self._update_flows_for_port(of_port, old_of_port)
else:
self._set_port_filters(of_port)
try:
old_of_port = self.get_ofport(port)
of_port = self.get_or_create_ofport(port)
if old_of_port:
LOG.info("Initializing port %s that was already initialized.",
port['device'])
self._update_flows_for_port(of_port, old_of_port)
else:
self._set_port_filters(of_port)
except exceptions.OVSFWPortNotFound as not_found_error:
LOG.info("port %(port_id)s does not exist in ovsdb: %(err)s.",
{'port_id': port['device'],
'err': not_found_error})
except exceptions.OVSFWTagNotFound as tag_not_found:
LOG.info("Tag was not found for port %(port_id)s: %(err)s.",
{'port_id': port['device'],
'err': tag_not_found})

def update_port_filter(self, port):
"""Update rules for given port


Loading…
Cancel
Save