From 31af5c689bc28f9be2d56846a52384e6084e6fed Mon Sep 17 00:00:00 2001 From: Jakub Libosvar Date: Wed, 17 Nov 2021 17:29:13 +0000 Subject: [PATCH] ovn: Filter ACL columns when syncing the DB The patch filters columns from OVN DB only to those that are used by the ovn mechanism driver. It means generated ACLs from Neutron DB and ACLs obtained from the OVN DB will always have the same columns. This is useful for db sync script when comparing if given security group rule has corresponding ACL in the OVN DB. Closes-Bug: #1951296 Signed-off-by: Jakub Libosvar Change-Id: I39e3b987b8546fd970a933b846ed23c8a2588258 (cherry picked from commit 23b99e2f127731c85f63c88c7144aa0a111c4abf) --- .../ml2/drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py index 2586309b888..e25e4501e48 100644 --- a/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py +++ b/neutron/plugins/ml2/drivers/ovn/mech_driver/ovsdb/ovn_db_sync.py @@ -223,16 +223,14 @@ class OvnNbSynchronizer(OvnDbSynchronizer): def _get_acls_from_port_groups(self): ovn_acls = [] - port_groups = self.ovn_api.db_list_rows('Port_Group').execute() - for pg in port_groups: + acl_columns = (self.ovn_api._tables['ACL'].columns.keys() & + set(ovn_const.ACL_EXPECTED_COLUMNS_NBDB)) + acl_columns.discard('external_ids') + for pg in self.ovn_api.db_list_rows('Port_Group').execute(): acls = getattr(pg, 'acls', []) for acl in acls: - acl_string = {} + acl_string = {k: getattr(acl, k) for k in acl_columns} acl_string['port_group'] = pg.name - for acl_key in getattr(acl, "_data", {}): - acl_string[acl_key] = getattr(acl, acl_key) - acl_string.pop('meter') - acl_string.pop('external_ids') ovn_acls.append(acl_string) return ovn_acls