Merge "OFAgent: Improve handling of security group updates"
This commit is contained in:
commit
4f6815b771
@ -153,7 +153,7 @@ class OFASecurityGroupAgent(sg_rpc.SecurityGroupAgentRpcMixin):
|
|||||||
self.context = context
|
self.context = context
|
||||||
self.plugin_rpc = plugin_rpc
|
self.plugin_rpc = plugin_rpc
|
||||||
self.root_helper = root_helper
|
self.root_helper = root_helper
|
||||||
self.init_firewall()
|
self.init_firewall(defer_refresh_firewall=True)
|
||||||
|
|
||||||
|
|
||||||
class OFANeutronAgentRyuApp(app_manager.RyuApp):
|
class OFANeutronAgentRyuApp(app_manager.RyuApp):
|
||||||
@ -1162,9 +1162,8 @@ class OFANeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin):
|
|||||||
resync_removed = False
|
resync_removed = False
|
||||||
# If there is an exception while processing security groups ports
|
# If there is an exception while processing security groups ports
|
||||||
# will not be wired anyway, and a resync will be triggered
|
# will not be wired anyway, and a resync will be triggered
|
||||||
self.sg_agent.prepare_devices_filter(port_info.get('added', set()))
|
self.sg_agent.setup_port_filters(port_info.get('added', set()),
|
||||||
if port_info.get('updated'):
|
port_info.get('updated', set()))
|
||||||
self.sg_agent.refresh_firewall()
|
|
||||||
# VIF wiring needs to be performed always for 'new' devices.
|
# VIF wiring needs to be performed always for 'new' devices.
|
||||||
# For updated ports, re-wiring is not needed in most cases, but needs
|
# For updated ports, re-wiring is not needed in most cases, but needs
|
||||||
# to be performed anyway when the admin state of a device is changed.
|
# to be performed anyway when the admin state of a device is changed.
|
||||||
@ -1240,7 +1239,8 @@ class OFANeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin):
|
|||||||
|
|
||||||
def _agent_has_updates(self, polling_manager):
|
def _agent_has_updates(self, polling_manager):
|
||||||
return (polling_manager.is_polling_required or
|
return (polling_manager.is_polling_required or
|
||||||
self.updated_ports)
|
self.updated_ports or
|
||||||
|
self.sg_agent.firewall_refresh_needed())
|
||||||
|
|
||||||
def _port_info_has_changes(self, port_info):
|
def _port_info_has_changes(self, port_info):
|
||||||
return (port_info.get('added') or
|
return (port_info.get('added') or
|
||||||
@ -1298,8 +1298,10 @@ class OFANeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin):
|
|||||||
"Elapsed:%(elapsed).3f"),
|
"Elapsed:%(elapsed).3f"),
|
||||||
{'iter_num': self.iter_num,
|
{'iter_num': self.iter_num,
|
||||||
'elapsed': time.time() - start})
|
'elapsed': time.time() - start})
|
||||||
# notify plugin about port deltas
|
# Secure and wire/unwire VIFs and update their status
|
||||||
if self._port_info_has_changes(port_info):
|
# on Neutron server
|
||||||
|
if (self._port_info_has_changes(port_info) or
|
||||||
|
self.sg_agent.firewall_refresh_needed()):
|
||||||
LOG.debug(_("Starting to process devices in:%s"),
|
LOG.debug(_("Starting to process devices in:%s"),
|
||||||
port_info)
|
port_info)
|
||||||
# If treat devices fails - must resync with plugin
|
# If treat devices fails - must resync with plugin
|
||||||
|
@ -451,18 +451,15 @@ class TestOFANeutronAgent(OFAAgentTestCase):
|
|||||||
|
|
||||||
def _test_process_network_ports(self, port_info):
|
def _test_process_network_ports(self, port_info):
|
||||||
with contextlib.nested(
|
with contextlib.nested(
|
||||||
mock.patch.object(self.agent.sg_agent, "prepare_devices_filter"),
|
mock.patch.object(self.agent.sg_agent, "setup_port_filters"),
|
||||||
mock.patch.object(self.agent.sg_agent, "refresh_firewall"),
|
|
||||||
mock.patch.object(self.agent, "treat_devices_added_or_updated",
|
mock.patch.object(self.agent, "treat_devices_added_or_updated",
|
||||||
return_value=False),
|
return_value=False),
|
||||||
mock.patch.object(self.agent, "treat_devices_removed",
|
mock.patch.object(self.agent, "treat_devices_removed",
|
||||||
return_value=False)
|
return_value=False)
|
||||||
) as (prep_dev_filter, refresh_fw,
|
) as (setup_port_filters, device_added_updated, device_removed):
|
||||||
device_added_updated, device_removed):
|
|
||||||
self.assertFalse(self.agent.process_network_ports(port_info))
|
self.assertFalse(self.agent.process_network_ports(port_info))
|
||||||
prep_dev_filter.assert_called_once_with(port_info['added'])
|
setup_port_filters.assert_called_once_with(
|
||||||
if port_info.get('updated'):
|
port_info['added'], port_info.get('updated', set()))
|
||||||
self.assertEqual(1, refresh_fw.call_count)
|
|
||||||
device_added_updated.assert_called_once_with(
|
device_added_updated.assert_called_once_with(
|
||||||
port_info['added'] | port_info.get('updated', set()))
|
port_info['added'] | port_info.get('updated', set()))
|
||||||
device_removed.assert_called_once_with(port_info['removed'])
|
device_removed.assert_called_once_with(port_info['removed'])
|
||||||
|
Loading…
Reference in New Issue
Block a user