From e2b6b6aeea8dff88ae879eedd4adae32bb484ce4 Mon Sep 17 00:00:00 2001
From: Luis Tomas Bolivar <ltomasbo@redhat.com>
Date: Tue, 11 Apr 2023 09:05:35 +0200
Subject: [PATCH] OVN: Add support for localnet_learn_fdb

This patch adds the ability to configure localnet_learn_fdb
flag in neutron

Depends-On: https://review.opendev.org/c/openstack/neutron/+/877675
Change-Id: I19a6d0d49cbc7693130bba182832f16cb8852ba3
---
 manifests/plugins/ml2/ovn.pp                           | 10 ++++++++++
 .../notes/localnet-learn-fdb-43deecc3726ffc71.yaml     |  6 ++++++
 spec/classes/neutron_plugins_ml2_ovn_spec.rb           |  4 ++++
 3 files changed, 20 insertions(+)
 create mode 100644 releasenotes/notes/localnet-learn-fdb-43deecc3726ffc71.yaml

diff --git a/manifests/plugins/ml2/ovn.pp b/manifests/plugins/ml2/ovn.pp
index ea5220f0b..bc44228cb 100644
--- a/manifests/plugins/ml2/ovn.pp
+++ b/manifests/plugins/ml2/ovn.pp
@@ -105,6 +105,14 @@
 #   Type: boolean
 #   Defaults to $facts['os_service_default']
 #
+# [*localnet_learn_fdb*]
+#   (optional) If enabled it will allow localnet ports to learn MAC addresses
+#              and store them in FDB SB table. This avoids flooding for
+#              traffic towards unknown IPs when port security is disable.
+#              It requires OVN 22.09 or newer.
+#   Type: boolean
+#   Defaults to $facts['os_service_default']
+#
 # [*network_log_rate_limit*]
 #   (Optional) Maximum packets logging per second.
 #   Used by logging service plugin.
@@ -142,6 +150,7 @@ class neutron::plugins::ml2::ovn(
   $dns_servers                          = $facts['os_service_default'],
   $vhostuser_socket_dir                 = $facts['os_service_default'],
   $ovn_emit_need_to_frag                = $facts['os_service_default'],
+  $localnet_learn_fdb                   = $facts['os_service_default'],
   $network_log_rate_limit               = $facts['os_service_default'],
   $network_log_burst_limit              = $facts['os_service_default'],
   $network_log_local_output_log_base    = $facts['os_service_default'],
@@ -173,6 +182,7 @@ class neutron::plugins::ml2::ovn(
     'ovn/dns_servers'                         : value => join(any2array($dns_servers), ',');
     'ovn/vhost_sock_dir'                      : value => $vhostuser_socket_dir;
     'ovn/ovn_emit_need_to_frag'               : value => $ovn_emit_need_to_frag;
+    'ovn/localnet_learn_fdb'                  : value => $localnet_learn_fdb;
     'network_log/rate_limit'                  : value => $network_log_rate_limit;
     'network_log/burst_limit'                 : value => $network_log_burst_limit;
     'network_log/local_output_log_base'       : value => $network_log_local_output_log_base;
diff --git a/releasenotes/notes/localnet-learn-fdb-43deecc3726ffc71.yaml b/releasenotes/notes/localnet-learn-fdb-43deecc3726ffc71.yaml
new file mode 100644
index 000000000..0c2383ab2
--- /dev/null
+++ b/releasenotes/notes/localnet-learn-fdb-43deecc3726ffc71.yaml
@@ -0,0 +1,6 @@
+---
+features:
+   - |
+     Added support for the `[ovn] localnet_learn_fdb` parameter of ovn
+     mechanism driver. See https://bugs.launchpad.net/neutron/+bug/2012069
+     and the linked neutron change for further details.
diff --git a/spec/classes/neutron_plugins_ml2_ovn_spec.rb b/spec/classes/neutron_plugins_ml2_ovn_spec.rb
index 03c218e97..773071a78 100644
--- a/spec/classes/neutron_plugins_ml2_ovn_spec.rb
+++ b/spec/classes/neutron_plugins_ml2_ovn_spec.rb
@@ -28,6 +28,7 @@ describe 'neutron::plugins::ml2::ovn' do
       :dns_servers                          => '<SERVICE DEFAULT>',
       :vhostuser_socket_dir                 => '<SERVICE DEFAULT>',
       :ovn_emit_need_to_frag                => '<SERVICE DEFAULT>',
+      :localnet_learn_fdb                   => '<SERVICE DEFAULT>',
       :network_log_rate_limit               => '<SERVICE DEFAULT>',
       :network_log_burst_limit              => '<SERVICE DEFAULT>',
       :network_log_local_output_log_base    => '<SERVICE DEFAULT>',
@@ -63,6 +64,7 @@ describe 'neutron::plugins::ml2::ovn' do
         should contain_neutron_plugin_ml2('ovn/dns_servers').with_value(p[:dns_servers])
         should contain_neutron_plugin_ml2('ovn/vhost_sock_dir').with_value(p[:vhostuser_socket_dir])
         should contain_neutron_plugin_ml2('ovn/ovn_emit_need_to_frag').with_value(p[:ovn_emit_need_to_frag])
+        should contain_neutron_plugin_ml2('ovn/localnet_learn_fdb').with_value(p[:localnet_learn_fdb])
         should contain_neutron_plugin_ml2('network_log/rate_limit').with_value(p[:network_log_rate_limit])
         should contain_neutron_plugin_ml2('network_log/burst_limit').with_value(p[:network_log_burst_limit])
         should contain_neutron_plugin_ml2('network_log/local_output_log_base').with_value(p[:network_log_local_output_log_base])
@@ -88,6 +90,7 @@ describe 'neutron::plugins::ml2::ovn' do
           :disable_ovn_dhcp_for_baremetal_ports => false,
           :dns_servers                          => '8.8.8.8,10.10.10.10',
           :ovn_emit_need_to_frag                => false,
+          :localnet_learn_fdb                   => false,
         }
       end
 
@@ -109,6 +112,7 @@ describe 'neutron::plugins::ml2::ovn' do
         should contain_neutron_plugin_ml2('ovn/dns_servers').with_value(p[:dns_servers])
         should contain_neutron_plugin_ml2('ovn/vhost_sock_dir').with_value(p[:vhostuser_socket_dir])
         should contain_neutron_plugin_ml2('ovn/ovn_emit_need_to_frag').with_value(p[:ovn_emit_need_to_frag])
+        should contain_neutron_plugin_ml2('ovn/localnet_learn_fdb').with_value(p[:localnet_learn_fdb])
         should contain_neutron_plugin_ml2('network_log/rate_limit').with_value(p[:network_log_rate_limit])
         should contain_neutron_plugin_ml2('network_log/burst_limit').with_value(p[:network_log_burst_limit])
         should contain_neutron_plugin_ml2('network_log/local_output_log_base').with_value(p[:network_log_local_output_log_base])