Browse Source

Merge "Fix queens listener update with invalid TLS ref" into stable/queens

stable/queens
Zuul 2 months ago
committed by Gerrit Code Review
parent
commit
ac5e21ada8
3 changed files with 28 additions and 19 deletions
  1. +21
    -19
      octavia/api/v2/controllers/listener.py
  2. +2
    -0
      octavia/tests/functional/api/v2/test_listener.py
  3. +5
    -0
      releasenotes/notes/fix-listener-update-bad-tls-ref-b82190033661af12.yaml

+ 21
- 19
octavia/api/v2/controllers/listener.py View File

@@ -330,27 +330,29 @@ class ListenersController(base.BaseController):
if listener.default_pool_id:
self._validate_pool(context.session, load_balancer_id,
listener.default_pool_id, db_listener.protocol)
self._test_lb_and_listener_statuses(context.session, load_balancer_id,
id=id)

sni_containers = listener.sni_container_refs or []
tls_refs = [sni for sni in sni_containers]
if listener.default_tls_container_ref:
tls_refs.append(listener.default_tls_container_ref)
self._validate_tls_refs(tls_refs)
with db_api.get_lock_session() as lock_session:
self._test_lb_and_listener_statuses(lock_session, load_balancer_id,
id=id)

sni_containers = listener.sni_container_refs or []
tls_refs = [sni for sni in sni_containers]
if listener.default_tls_container_ref:
tls_refs.append(listener.default_tls_container_ref)
self._validate_tls_refs(tls_refs)

try:
LOG.info("Sending Update of Listener %s to handler", id)
self.handler.update(db_listener, listener)
except Exception:
with excutils.save_and_reraise_exception(reraise=False):
self._reset_lb_status(
lock_session, lb_id=db_listener.load_balancer_id)
# Listener now goes to ERROR
self.repositories.listener.update(
lock_session, db_listener.id,
provisioning_status=constants.ERROR)

try:
LOG.info("Sending Update of Listener %s to handler", id)
self.handler.update(db_listener, listener)
except Exception:
with excutils.save_and_reraise_exception(
reraise=False), db_api.get_lock_session() as lock_session:
self._reset_lb_status(
lock_session, lb_id=db_listener.load_balancer_id)
# Listener now goes to ERROR
self.repositories.listener.update(
lock_session, db_listener.id,
provisioning_status=constants.ERROR)
db_listener = self._get_db_listener(context.session, id)
result = self._convert_db_to_type(db_listener,
listener_types.ListenerResponse)


+ 2
- 0
octavia/tests/functional/api/v2/test_listener.py View File

@@ -1076,6 +1076,8 @@ class TestListener(base.BaseAPITest):
self.assertIn(sni1, response['faultstring'])
self.assertNotIn(sni2, response['faultstring'])
self.assertNotIn(tls_ref, response['faultstring'])
self.assert_correct_lb_status(self.lb_id, constants.ONLINE,
constants.ACTIVE)

def test_update_pending_update(self):
lb = self.create_load_balancer(uuidutils.generate_uuid())


+ 5
- 0
releasenotes/notes/fix-listener-update-bad-tls-ref-b82190033661af12.yaml View File

@@ -0,0 +1,5 @@
---
fixes:
- |
Fixed updating listeners with a bad TLS reference locking the load
balancer.

Loading…
Cancel
Save