Merge "[OVN] Fix port disable security dead when run neutron-ovn-db-sync-util" into stable/victoria
This commit is contained in:
commit
a8e5ba7ccb
|
@ -412,10 +412,10 @@ class OVNClient(object):
|
|||
**kwargs))
|
||||
|
||||
sg_ids = utils.get_lsp_security_groups(port)
|
||||
# If this is not a trusted port or port security is enabled,
|
||||
# If this is not a trusted port and port security is enabled,
|
||||
# add it to the default drop Port Group so that all traffic
|
||||
# is dropped by default.
|
||||
if not utils.is_lsp_trusted(port) or port_info.port_security:
|
||||
if not utils.is_lsp_trusted(port) and port_info.port_security:
|
||||
self._add_port_to_drop_port_group(port_cmd, txn)
|
||||
# Just add the port to its Port Group.
|
||||
for sg in sg_ids:
|
||||
|
|
|
@ -2915,7 +2915,12 @@ class TestOVNMechanismDriverSecurityGroup(
|
|||
# test acl methods invoking. Content correctness of args of acl methods
|
||||
# is mainly guaranteed by acl_test.py.
|
||||
|
||||
_extension_drivers = ['port_security']
|
||||
|
||||
def setUp(self):
|
||||
cfg.CONF.set_override('extension_drivers',
|
||||
self._extension_drivers,
|
||||
group='ml2')
|
||||
cfg.CONF.set_override('mechanism_drivers',
|
||||
['logger', 'ovn'],
|
||||
'ml2')
|
||||
|
@ -3107,8 +3112,9 @@ class TestOVNMechanismDriverSecurityGroup(
|
|||
req = self.new_update_request('ports', data, p['id'])
|
||||
req.get_response(self.api)
|
||||
|
||||
# Default neutron_pg_drop, 2 security group
|
||||
self.assertEqual(
|
||||
2, self.mech_driver._nb_ovn.pg_add_ports.call_count)
|
||||
3, self.mech_driver._nb_ovn.pg_add_ports.call_count)
|
||||
|
||||
def test_update_sg_change_rule(self):
|
||||
with self.network() as n, self.subnet(n):
|
||||
|
|
Loading…
Reference in New Issue