[NSX-P|v3] Avoid trivial errors in address binding handling

If the multiple address bindings fall in the same CIDR, we should be
careful in verifying that the corresponding entry has not already
been removed from the binding list

Change-Id: I4e8ace9c3a4f6a09246038fec09d3040b8b93e74
This commit is contained in:
Salvatore Orlando 2021-09-29 13:16:15 -07:00 committed by Salvatore Orlando
parent 6d92136368
commit 87a1542f00
3 changed files with 52 additions and 2 deletions

View File

@ -1698,7 +1698,11 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base):
cidr1 = netaddr.IPNetwork(binding1.ip_address)
cidr2 = netaddr.IPNetwork(binding2.ip_address)
if cidr1 != cidr2 and cidr1 in cidr2:
address_bindings.remove(binding1)
try:
address_bindings.remove(binding1)
except ValueError:
# Item was already removed
pass
return address_bindings
def _get_network_nsx_id(self, context, network_id):

View File

@ -1205,7 +1205,11 @@ class NsxV3Plugin(nsx_plugin_common.NsxPluginV3Base,
cidr1 = netaddr.IPNetwork(binding1.ip_address)
cidr2 = netaddr.IPNetwork(binding2.ip_address)
if cidr1 != cidr2 and cidr1 in cidr2:
address_bindings.remove(binding1)
try:
address_bindings.remove(binding1)
except ValueError:
# item already removed
pass
return address_bindings

View File

@ -1334,6 +1334,48 @@ class NsxPTestPorts(common_v3.NsxV3TestPorts,
set([fixed_ip, '1.2.3.0/24']),
addresses)
def test_update_port_allowed_pair_cidr(self):
with self.subnet() as subnet:
post_data = {
'port': {
'network_id': subnet['subnet']['network_id'],
'tenant_id': subnet['subnet']['tenant_id'],
'allowed_address_pairs': [
{'ip_address': '10.4.0.32',
'mac_address': '00:00:5e:00:01:fa'},
{'ip_address': '10.40.1.125',
'mac_address': 'fa:16:3e:ef:b1:be'}],
'device_owner': 'compute:meh',
'fixed_ips': [{'subnet_id':
subnet['subnet']['id']}]}}
post_req = self.new_create_request('ports', post_data)
res = post_req.get_response(self.api)
self.assertEqual(201, res.status_int)
port = self.deserialize('json', res)
fixed_ip = (
port['port']['fixed_ips'][0]['ip_address'])
with mock.patch.object(
self.plugin.nsxpolicy.segment_port,
'create_or_overwrite') as mock_port:
put_data = {
'port': {
'allowed_address_pairs': [
{'ip_address': '10.4.0.0/24'}
]
}
}
put_req = self.new_update_request(
'ports', put_data, port['port']['id'])
put_res = put_req.get_response(self.api)
self.assertEqual(200, put_res.status_int)
self.assertEqual(1, len(mock_port.mock_calls))
_n, _a, kwargs = mock_port.mock_calls[0]
actual_bindings = kwargs['address_bindings']
addresses = set([b.ip_address for b in actual_bindings])
self.assertEqual(
set([fixed_ip, '10.4.0.0/24']),
addresses)
class NsxPTestSubnets(common_v3.NsxV3TestSubnets,
NsxPPluginTestCaseMixin):