diff options
| author | Hynek Mlnarik <hmlnarik@redhat.com> | 2016-08-10 10:05:57 +0200 |
|---|---|---|
| committer | Hynek Mlnarik <hmlnarik@redhat.com> | 2016-08-15 08:26:05 +0200 |
| commit | cdbb26e87d14c1ba13dbef98111f7e578903bd98 (patch) | |
| tree | b840e61e4199d84774b94969cd26992003b4e2e4 | |
| parent | a587dec08cefb88c448d8cdbe741f363430c01b5 (diff) | |
| download | neutron-cdbb26e87d14c1ba13dbef98111f7e578903bd98.tar.gz | |
Set secure fail mode for physical bridges
Physical bridges can cause network disruption when ofctl controller becomes
inaccessible due to heavy load or when the traffic to controller is blocked.
By setting secure fail mode, the openflow rules remain untouched on such
an event, while with the default setting, the flows are cleared.
Conflicts:
neutron/plugins/ml2/drivers/openvswitch/agent/ovs_neutron_agent.py
neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_neutron_agent.py
neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_tunnel.py
Co-Authored-By: Jakub Libosvar <libosvar@redhat.com>
Closes-Bug: 1607787
Change-Id: I1dffe0a248664d2a675fd1ca58530c233e335d2d
(cherry picked from commit 9429c2da01fa29cedcb2a65a26c1c29d0a713670)
3 files changed, 5 insertions, 0 deletions
diff --git a/neutron/plugins/ml2/drivers/openvswitch/agent/ovs_neutron_agent.py b/neutron/plugins/ml2/drivers/openvswitch/agent/ovs_neutron_agent.py index 21b92e0042..953a6d97d5 100644 --- a/neutron/plugins/ml2/drivers/openvswitch/agent/ovs_neutron_agent.py +++ b/neutron/plugins/ml2/drivers/openvswitch/agent/ovs_neutron_agent.py @@ -1138,6 +1138,7 @@ class OVSNeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin, sys.exit(1) br = self.br_phys_cls(bridge) br.set_agent_uuid_stamp(self.agent_uuid_stamp) + br.set_secure_mode() br.setup_controllers(self.conf) if cfg.CONF.AGENT.drop_flows_on_start: br.delete_flows() diff --git a/neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_neutron_agent.py b/neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_neutron_agent.py index 1da95741fd..8f68272cd7 100644 --- a/neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_neutron_agent.py +++ b/neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_neutron_agent.py @@ -905,6 +905,7 @@ class TestOvsNeutronAgent(object): expected_calls = [ mock.call.phys_br_cls('br-eth'), mock.call.phys_br.set_agent_uuid_stamp(mock.ANY), + mock.call.phys_br.set_secure_mode(), mock.call.phys_br.setup_controllers(mock.ANY), mock.call.phys_br.setup_default_table(), mock.call.int_br.db_get_val('Interface', 'int-br-eth', @@ -990,6 +991,7 @@ class TestOvsNeutronAgent(object): expected_calls = [ mock.call.phys_br_cls('br-eth'), mock.call.phys_br.set_agent_uuid_stamp(mock.ANY), + mock.call.phys_br.set_secure_mode(), mock.call.phys_br.setup_controllers(mock.ANY), mock.call.phys_br.setup_default_table(), mock.call.int_br.delete_port('int-br-eth'), diff --git a/neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_tunnel.py b/neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_tunnel.py index 291d7517e9..981a2b8e3e 100644 --- a/neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_tunnel.py +++ b/neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_tunnel.py @@ -205,6 +205,7 @@ class TunnelTest(object): self.mock_map_tun_bridge_expected = [ mock.call.set_agent_uuid_stamp(mock.ANY), + mock.call.set_secure_mode(), mock.call.setup_controllers(mock.ANY), mock.call.setup_default_table(), mock.call.get_port_ofport('phy-%s' % self.MAP_TUN_BRIDGE), @@ -650,6 +651,7 @@ class TunnelTestUseVethInterco(TunnelTest): self.mock_map_tun_bridge_expected = [ mock.call.set_agent_uuid_stamp(mock.ANY), + mock.call.set_secure_mode(), mock.call.setup_controllers(mock.ANY), mock.call.setup_default_table(), mock.call.add_port(self.intb), |