Fix LB failover for amphorav2: set security group

Fix for the issue that an amphorav2 LB cannot be reached after
loadbalancer failover. The LB security group was not set in the
amphora port.

Fixed the v2 variant of UpdateVIPSecurityGroup to actually return the
security group id (v1 already did).
The flow created in get_failover_LB_flow uses UpdateVIPSecurityGroup
which is supposed to provide VIP_SG_ID, which is later needed in
get_amphora_for_lb_failover_subflow as a requirement for
CreateVIPBasePort.

Story: 2008735
Task: 42087
Change-Id: I1bb334ef0c11a79038b21a873a6675d76b0fbefc
(cherry picked from commit 0513319f3d)
This commit is contained in:
Bodo Petermann 2021-03-22 14:23:00 +01:00 committed by Gregory Thiemonge
parent 0a8254e04e
commit e3b68219dd
4 changed files with 14 additions and 3 deletions

View File

@ -405,7 +405,7 @@ class UpdateVIPSecurityGroup(BaseNetworkTask):
LOG.debug("Setup SG for loadbalancer id: %s", loadbalancer_id)
db_lb = self.loadbalancer_repo.get(
db_apis.get_session(), id=loadbalancer_id)
self.network_driver.update_vip_sg(db_lb, db_lb.vip)
return self.network_driver.update_vip_sg(db_lb, db_lb.vip)
class GetSubnetFromVIP(BaseNetworkTask):

View File

@ -34,6 +34,7 @@ COMPUTE_ID = uuidutils.generate_uuid()
PORT_ID = uuidutils.generate_uuid()
SUBNET_ID = uuidutils.generate_uuid()
NETWORK_ID = uuidutils.generate_uuid()
SG_ID = uuidutils.generate_uuid()
IP_ADDRESS = "172.24.41.1"
VIP = o_data_models.Vip(port_id=t_constants.MOCK_PORT_ID,
subnet_id=t_constants.MOCK_SUBNET_ID,
@ -868,15 +869,17 @@ class TestNetworkTasks(base.TestCase):
def test_update_vip_sg(self, mock_lb_get, mock_get_session,
mock_get_net_driver):
mock_driver = mock.MagicMock()
mock_driver.update_vip_sg.return_value = SG_ID
mock_get_net_driver.return_value = mock_driver
mock_lb_get.return_value = self.load_balancer_mock
net = network_tasks.UpdateVIPSecurityGroup()
net.execute(self.load_balancer_mock.id)
sg_id = net.execute(self.load_balancer_mock.id)
mock_lb_get.assert_called_once_with('TEST',
id=self.load_balancer_mock.id)
mock_driver.update_vip_sg.assert_called_once_with(
self.load_balancer_mock, self.load_balancer_mock.vip)
self.assertEqual(sg_id, SG_ID)
def test_get_subnet_from_vip(self, mock_get_net_driver):
mock_driver = mock.MagicMock()

View File

@ -36,6 +36,7 @@ COMPUTE_ID = uuidutils.generate_uuid()
PORT_ID = uuidutils.generate_uuid()
SUBNET_ID = uuidutils.generate_uuid()
NETWORK_ID = uuidutils.generate_uuid()
SG_ID = uuidutils.generate_uuid()
IP_ADDRESS = "172.24.41.1"
VIP = o_data_models.Vip(port_id=t_constants.MOCK_PORT_ID,
subnet_id=t_constants.MOCK_SUBNET_ID,
@ -985,12 +986,14 @@ class TestNetworkTasks(base.TestCase):
def test_update_vip_sg(self, mock_session, mock_lb_get,
mock_get_net_driver):
mock_driver = mock.MagicMock()
mock_driver.update_vip_sg.return_value = SG_ID
mock_lb_get.return_value = LB
mock_get_net_driver.return_value = mock_driver
net = network_tasks.UpdateVIPSecurityGroup()
net.execute(self.load_balancer_mock)
sg_id = net.execute(self.load_balancer_mock)
mock_driver.update_vip_sg.assert_called_once_with(LB, LB.vip)
self.assertEqual(sg_id, SG_ID)
def test_get_subnet_from_vip(self, mock_get_net_driver):
mock_driver = mock.MagicMock()

View File

@ -0,0 +1,5 @@
---
fixes:
- |
Fixed an issue that an amphorav2 LB cannot be reached after loadbalancer
failover. The LB security group was not set in the amphora port.