Merge "Local IP: use LOCAL_IP_TABLE for back flows if no OVS fw"

This commit is contained in:
Zuul 2022-03-09 20:12:34 +00:00 committed by Gerrit Code Review
commit 452a3093f6
2 changed files with 11 additions and 5 deletions
neutron
agent/l2/extensions
tests/unit/agent/l2/extensions

@ -47,9 +47,7 @@ class LocalIPAgentExtension(l2_extension.L2AgentExtension):
'currently uses %(driver_type)s', 'currently uses %(driver_type)s',
{'driver_type': driver_type}) {'driver_type': driver_type})
sys.exit(1) sys.exit(1)
if (cfg.CONF.SECURITYGROUP.enable_security_group and if self._is_ovs_firewall() and not cfg.CONF.LOCAL_IP.static_nat:
cfg.CONF.SECURITYGROUP.firewall_driver == 'openvswitch' and
not cfg.CONF.LOCAL_IP.static_nat):
LOG.error('In order to use Local IP extension together with ' LOG.error('In order to use Local IP extension together with '
'openvswitch firewall please set static_nat config to ' 'openvswitch firewall please set static_nat config to '
'True') 'True')
@ -293,7 +291,10 @@ class LocalIPAgentExtension(l2_extension.L2AgentExtension):
self._tcp_flow_match_specs(ofpp), self._tcp_flow_match_specs(ofpp),
self._udp_flow_match_specs(ofpp)]: self._udp_flow_match_specs(ofpp)]:
flow_specs = common_specs + specs flow_specs = common_specs + specs
learn_table = ovs_constants.ACCEPTED_EGRESS_TRAFFIC_NORMAL_TABLE learn_table = ovs_constants.LOCAL_IP_TABLE
if self._is_ovs_firewall():
learn_table = ovs_constants.\
ACCEPTED_EGRESS_TRAFFIC_NORMAL_TABLE
actions = [ actions = [
ofpp.OFPActionSetField(eth_dst=mac), ofpp.OFPActionSetField(eth_dst=mac),
ofpp.NXActionLearn( ofpp.NXActionLearn(
@ -354,3 +355,8 @@ class LocalIPAgentExtension(l2_extension.L2AgentExtension):
n_bits=16)] n_bits=16)]
match_kwargs = {'ip_proto': ip_proto.IPPROTO_UDP} match_kwargs = {'ip_proto': ip_proto.IPPROTO_UDP}
return specs, match_kwargs return specs, match_kwargs
@staticmethod
def _is_ovs_firewall():
return (cfg.CONF.SECURITYGROUP.enable_security_group and
cfg.CONF.SECURITYGROUP.firewall_driver == 'openvswitch')

@ -321,7 +321,7 @@ class LocalIPAgentExtensionTestCase(base.BaseTestCase):
self.assertEqual(3, ofpp_mock.NXActionLearn.call_count) self.assertEqual(3, ofpp_mock.NXActionLearn.call_count)
ofpp_mock.NXActionLearn.assert_called_with( ofpp_mock.NXActionLearn.assert_called_with(
table_id=ovs_constants.ACCEPTED_EGRESS_TRAFFIC_NORMAL_TABLE, table_id=ovs_constants.LOCAL_IP_TABLE,
cookie=mock.ANY, priority=20, idle_timeout=30, cookie=mock.ANY, priority=20, idle_timeout=30,
hard_timeout=300, specs=mock.ANY) hard_timeout=300, specs=mock.ANY)