Merge pull request #185 from stackhpc/upstream/2023.1-2024-10-21

priteau · web-flow · commit 46ed9fe6d0e8 · 2024-10-21T10:11:33.000+02:00
Synchronise 2023.1 with upstream
diff --git a/neutron/agent/linux/openvswitch_firewall/firewall.py b/neutron/agent/linux/openvswitch_firewall/firewall.py
@@ -703,6 +703,22 @@ def get_ofport(self, port):
         port_id = port['device']
         return self.sg_port_map.ports.get(port_id)
 
+    def _create_of_port(self, port, ovs_port):
+        # Should always try to get the local vlan tag from
+        # the OVSDB Port other_config, since the ovs-agent's
+        # LocalVlanManager always allocated/updated it and then
+        # set_db_attribute to Port other_config before this.
+        port_vlan_id = self._get_port_vlan_tag(ovs_port.port_name)
+        segment_id = self._get_port_segmentation_id(
+            ovs_port.port_name)
+        network_type = self._get_port_network_type(
+            ovs_port.port_name)
+        physical_network = self._get_port_physical_network(
+            ovs_port.port_name)
+        return OFPort(port, ovs_port, port_vlan_id,
+                      segment_id,
+                      network_type, physical_network)
+
     def get_or_create_ofport(self, port):
         """Get ofport specified by port['device'], checking and reflecting
         ofport changes.
@@ -713,22 +729,12 @@ def get_or_create_ofport(self, port):
         try:
             of_port = self.sg_port_map.ports[port_id]
         except KeyError:
-            port_vlan_id = self._get_port_vlan_tag(ovs_port.port_name)
-            segment_id = self._get_port_segmentation_id(
-                ovs_port.port_name)
-            network_type = self._get_port_network_type(
-                ovs_port.port_name)
-            physical_network = self._get_port_physical_network(
-                ovs_port.port_name)
-            of_port = OFPort(port, ovs_port, port_vlan_id,
-                             segment_id,
-                             network_type, physical_network)
+            of_port = self._create_of_port(port, ovs_port)
             self.sg_port_map.create_port(of_port, port)
         else:
             if of_port.ofport != ovs_port.ofport:
                 self.sg_port_map.remove_port(of_port)
-                of_port = OFPort(port, ovs_port, of_port.vlan_tag,
-                                 of_port.segment_id)
+                of_port = self._create_of_port(port, ovs_port)
                 self.sg_port_map.create_port(of_port, port)
             else:
                 self.sg_port_map.update_port(of_port, port)
diff --git a/neutron/common/utils.py b/neutron/common/utils.py
@@ -37,12 +37,9 @@
 from eventlet.green import subprocess
 import netaddr
 from neutron_lib.api.definitions import availability_zone as az_def
-from neutron_lib.api.definitions import portbindings
-from neutron_lib.api.definitions import portbindings_extended
 from neutron_lib import constants as n_const
 from neutron_lib import context as n_context
 from neutron_lib.db import api as db_api
-from neutron_lib.plugins import utils as plugin_utils
 from neutron_lib.services.qos import constants as qos_consts
 from neutron_lib.services.trunk import constants as trunk_constants
 from neutron_lib.utils import helpers
@@ -1091,16 +1088,3 @@ def sign_instance_id(conf, instance_id):
     secret = encodeutils.to_utf8(secret)
     instance_id = encodeutils.to_utf8(instance_id)
     return hmac.new(secret, instance_id, hashlib.sha256).hexdigest()
-
-
-# TODO(slaweq): this should be moved to neutron_lib.plugins.utils module
-def is_port_bound(port, log_message=True):
-    active_binding = plugin_utils.get_port_binding_by_status_and_host(
-        port.get('port_bindings', []), n_const.ACTIVE)
-    if not active_binding:
-        if log_message:
-            LOG.warning('Binding for port %s was not found.', port)
-        return False
-    return active_binding[portbindings_extended.VIF_TYPE] not in (
-        portbindings.VIF_TYPE_UNBOUND,
-        portbindings.VIF_TYPE_BINDING_FAILED)
diff --git a/neutron/db/l3_dvr_db.py b/neutron/db/l3_dvr_db.py
@@ -17,6 +17,7 @@
 from neutron_lib.api.definitions import external_net as extnet_apidef
 from neutron_lib.api.definitions import l3 as l3_apidef
 from neutron_lib.api.definitions import portbindings
+from neutron_lib.api.definitions import portbindings_extended
 from neutron_lib.api.definitions import router_admin_state_down_before_update
 from neutron_lib.api import validators
 from neutron_lib.callbacks import events
@@ -70,6 +71,18 @@ def is_admin_state_down_necessary():
     return _IS_ADMIN_STATE_DOWN_NECESSARY
 
 
+# TODO(slaweq): this should be moved to neutron_lib.plugins.utils module
+def is_port_bound(port):
+    active_binding = plugin_utils.get_port_binding_by_status_and_host(
+        port.get("port_bindings", []), const.ACTIVE)
+    if not active_binding:
+        LOG.warning("Binding for port %s was not found.", port)
+        return False
+    return active_binding[portbindings_extended.VIF_TYPE] not in [
+        portbindings.VIF_TYPE_UNBOUND,
+        portbindings.VIF_TYPE_BINDING_FAILED]
+
+
 @registry.has_registry_receivers
 class DVRResourceOperationHandler(object):
     """Contains callbacks for DVR operations.
@@ -1422,7 +1435,7 @@ def is_router_distributed(self, context, router_id):
 
     def get_ports_under_dvr_connected_subnet(self, context, subnet_id):
         ports = dvr_mac_db.get_ports_query_by_subnet_and_ip(context, subnet_id)
-        ports = [p for p in ports if n_utils.is_port_bound(p)]
+        ports = [p for p in ports if is_port_bound(p)]
         # TODO(slaweq): if there would be way to pass to neutron-lib only
         # list of extensions which actually should be processed, than setting
         # process_extensions=True below could avoid that second loop and
diff --git a/neutron/services/trunk/drivers/ovn/trunk_driver.py b/neutron/services/trunk/drivers/ovn/trunk_driver.py
@@ -22,12 +22,10 @@
 from oslo_log import log
 
 from neutron.common.ovn import constants as ovn_const
-from neutron.common import utils as n_utils
 from neutron.db import db_base_plugin_common
 from neutron.db import ovn_revision_numbers_db as db_rev
 from neutron.objects import ports as port_obj
 from neutron.services.trunk.drivers import base as trunk_base
-from neutron.services.trunk import exceptions as trunk_exc
 
 
 SUPPORTED_INTERFACES = (
@@ -157,10 +155,6 @@ def _unset_binding_profile(self, context, subport, ovn_txn):
         LOG.debug("Done unsetting parent for subport %s", subport.port_id)
         return db_port
 
-    @staticmethod
-    def _is_port_bound(port):
-        return n_utils.is_port_bound(port, log_message=False)
-
     def trunk_created(self, trunk):
         # Check if parent port is handled by OVN.
         if not self.plugin_driver.nb_ovn.lookup('Logical_Switch_Port',
@@ -197,16 +191,6 @@ def trunk_event(self, resource, event, trunk_plugin, payload):
             self.trunk_created(payload.states[0])
         elif event == events.AFTER_DELETE:
             self.trunk_deleted(payload.states[0])
-        elif event == events.PRECOMMIT_CREATE:
-            trunk = payload.desired_state
-            parent_port = trunk.db_obj.port
-            if self._is_port_bound(parent_port):
-                raise trunk_exc.ParentPortInUse(port_id=parent_port.id)
-        elif event == events.PRECOMMIT_DELETE:
-            trunk = payload.states[0]
-            parent_port = payload.states[1]
-            if self._is_port_bound(parent_port):
-                raise trunk_exc.TrunkInUse(trunk_id=trunk.id)
 
     def subport_event(self, resource, event, trunk_plugin, payload):
         if event == events.AFTER_CREATE:
@@ -231,8 +215,7 @@ def register(self, resource, event, trigger, payload=None):
         super(OVNTrunkDriver, self).register(
             resource, event, trigger, payload=payload)
         self._handler = OVNTrunkHandler(self.plugin_driver)
-        for _event in (events.AFTER_CREATE, events.AFTER_DELETE,
-                       events.PRECOMMIT_CREATE, events.PRECOMMIT_DELETE):
+        for _event in (events.AFTER_CREATE, events.AFTER_DELETE):
             registry.subscribe(self._handler.trunk_event,
                                resources.TRUNK,
                                _event)
diff --git a/neutron/services/trunk/plugin.py b/neutron/services/trunk/plugin.py
@@ -294,7 +294,6 @@ def delete_trunk(self, context, trunk_id):
             trunk = self._get_trunk(context, trunk_id)
             rules.trunk_can_be_managed(context, trunk)
             trunk_port_validator = rules.TrunkPortValidator(trunk.port_id)
-            parent_port = trunk.db_obj.port
             if trunk_port_validator.can_be_trunked_or_untrunked(context):
                 # NOTE(status_police): when a trunk is deleted, the logical
                 # object disappears from the datastore, therefore there is no
@@ -308,7 +307,7 @@ def delete_trunk(self, context, trunk_id):
                                     'deleting trunk port %s: %s', trunk_id,
                                     str(e))
                 payload = events.DBEventPayload(context, resource_id=trunk_id,
-                                                states=(trunk, parent_port))
+                                                states=(trunk,))
                 registry.publish(resources.TRUNK, events.PRECOMMIT_DELETE,
                                  self, payload=payload)
             else:
@@ -318,7 +317,7 @@ def delete_trunk(self, context, trunk_id):
         registry.publish(resources.TRUNK, events.AFTER_DELETE, self,
                          payload=events.DBEventPayload(
                              context, resource_id=trunk_id,
-                             states=(trunk, parent_port)))
+                             states=(trunk,)))
 
     @db_base_plugin_common.convert_result_to_dict
     def add_subports(self, context, trunk_id, subports):
diff --git a/neutron/tests/functional/services/trunk/drivers/ovn/test_trunk_driver.py b/neutron/tests/functional/services/trunk/drivers/ovn/test_trunk_driver.py
@@ -14,16 +14,13 @@
 
 import contextlib
 
-from neutron_lib.api.definitions import portbindings
-from neutron_lib.callbacks import exceptions as n_exc
 from neutron_lib import constants as n_consts
 from neutron_lib.objects import registry as obj_reg
 from neutron_lib.plugins import utils
 from neutron_lib.services.trunk import constants as trunk_consts
 from oslo_utils import uuidutils
 
 from neutron.common.ovn import constants as ovn_const
-from neutron.objects import ports as port_obj
 from neutron.services.trunk import plugin as trunk_plugin
 from neutron.tests.functional import base
 
@@ -108,25 +105,6 @@ def test_trunk_create_with_subports(self):
             with self.trunk([subport]) as trunk:
                 self._verify_trunk_info(trunk, has_items=True)
 
-    def test_trunk_create_parent_port_bound(self):
-        with self.network() as network:
-            with self.subnet(network=network) as subnet:
-                with self.port(subnet=subnet) as parent_port:
-                    pb = port_obj.PortBinding.get_objects(
-                        self.context, port_id=parent_port['port']['id'])
-                    port_obj.PortBinding.update_object(
-                        self.context, {'vif_type': portbindings.VIF_TYPE_OVS},
-                        port_id=pb[0].port_id, host=pb[0].host)
-                    tenant_id = uuidutils.generate_uuid()
-                    trunk = {'trunk': {
-                        'port_id': parent_port['port']['id'],
-                        'tenant_id': tenant_id, 'project_id': tenant_id,
-                        'admin_state_up': True,
-                        'name': 'trunk', 'sub_ports': []}}
-                    self.assertRaises(n_exc.CallbackFailure,
-                                      self.trunk_plugin.create_trunk,
-                                      self.context, trunk)
-
     def test_subport_add(self):
         with self.subport() as subport:
             with self.trunk() as trunk:
@@ -149,14 +127,3 @@ def test_trunk_delete(self):
         with self.trunk() as trunk:
             self.trunk_plugin.delete_trunk(self.context, trunk['id'])
             self._verify_trunk_info({}, has_items=False)
-
-    def test_trunk_delete_parent_port_bound(self):
-        with self.trunk() as trunk:
-            bp = port_obj.PortBinding.get_objects(
-                self.context, port_id=trunk['port_id'])
-            port_obj.PortBinding.update_object(
-                self.context, {'vif_type': portbindings.VIF_TYPE_OVS},
-                port_id=bp[0].port_id, host=bp[0].host)
-            self.assertRaises(n_exc.CallbackFailure,
-                              self.trunk_plugin.delete_trunk,
-                              self.context, trunk['id'])
diff --git a/neutron/tests/unit/agent/linux/openvswitch_firewall/test_firewall.py b/neutron/tests/unit/agent/linux/openvswitch_firewall/test_firewall.py
@@ -658,6 +658,21 @@ def test_get_or_create_ofport_changed(self):
         self.assertIn(of_port.id, self.firewall.sg_port_map.ports.keys())
         self.assertEqual(port.ofport, 2)
 
+    def test_get_or_create_ofport_changed_and_local_vlan_changed(self):
+        port_dict = {
+            'device': 'port-id',
+            'security_groups': [123, 456]}
+        of_port = create_ofport(port_dict)
+        self.firewall.sg_port_map.ports[of_port.id] = of_port
+        fake_ovs_port = FakeOVSPort('port', 2, '00:00:00:00:00:00')
+        self.mock_bridge.br.get_vif_port_by_id.return_value = \
+            fake_ovs_port
+        self.mock_bridge.br.db_get_val.return_value = {"tag": 10}
+        port = self.firewall.get_or_create_ofport(port_dict)
+        self.assertIn(of_port.id, self.firewall.sg_port_map.ports.keys())
+        self.assertEqual(port.ofport, 2)
+        self.assertEqual(port.vlan_tag, 10)
+
     def test_get_or_create_ofport_missing(self):
         port_dict = {
             'device': 'port-id',
diff --git a/neutron/tests/unit/db/test_l3_dvr_db.py b/neutron/tests/unit/db/test_l3_dvr_db.py
@@ -30,7 +30,6 @@
 from neutron_lib.plugins import utils as plugin_utils
 from oslo_utils import uuidutils
 
-from neutron.common import utils as n_utils
 from neutron.db import agents_db
 from neutron.db import l3_dvr_db
 from neutron.db import l3_dvrscheduler_db
@@ -1522,7 +1521,7 @@ def test_is_router_distributed(self):
             self.assertTrue(
                 self.mixin.is_router_distributed(self.ctx, router_id))
 
-    @mock.patch.object(n_utils, 'is_port_bound')
+    @mock.patch.object(l3_dvr_db, "is_port_bound")
     def test_get_ports_under_dvr_connected_subnet(self, is_port_bound_mock):
         router_dict = {'name': 'test_router', 'admin_state_up': True,
                        'distributed': True}
diff --git a/neutron/tests/unit/services/trunk/test_plugin.py b/neutron/tests/unit/services/trunk/test_plugin.py
@@ -162,8 +162,7 @@ def _test_trunk_delete_notify(self, event):
                 resources.TRUNK, event, self.trunk_plugin, payload=mock.ANY)
             payload = callback.mock_calls[0][2]['payload']
             self.assertEqual(self.context, payload.context)
-            self.assertEqual(trunk_obj, payload.states[0])
-            self.assertEqual(parent_port['port']['id'], payload.states[1].id)
+            self.assertEqual(trunk_obj, payload.latest_state)
             self.assertEqual(trunk['id'], payload.resource_id)
 
     def test_delete_trunk_notify_after_delete(self):
diff --git a/releasenotes/notes/ovn-trunk-check-parent-port-eeca2eceaca9d158.yaml b/releasenotes/notes/ovn-trunk-check-parent-port-eeca2eceaca9d158.yaml
diff --git a/roles/configure_functional_tests/tasks/main.yaml b/roles/configure_functional_tests/tasks/main.yaml
@@ -47,6 +47,10 @@
         fi
 
         configure_host_for_func_testing
+        echo "$USER soft nofile 4096" | sudo tee /etc/security/limits.d/99-user.conf
 
     executable: /bin/bash
   environment: "{{ override_env | default({})}}"
+
+- name: Reset ssh connection to pick up limits
+  meta: reset_connection
