Merge "[OVN] Prevent OVS to OVN migration if firewall "iptables_hybrid""

2022-01-24 11:12:59 +00:00 · 2022-01-24 11:12:59 +00:00 · 5ee2f12929
commit 5ee2f12929
parent 24c802711a 2aa1bbabe3
2 changed files with 19 additions and 0 deletions
--- a/tools/ovn_migration/tripleo_environment/playbooks/ovn-migration.yml
+++ b/tools/ovn_migration/tripleo_environment/playbooks/ovn-migration.yml
@ -13,6 +13,15 @@
  tags:
    - pre-migration

+
+- name: Pre migration checks in the OVN controllers
+  hosts: ovn-controllers
+  roles:
+    - pre-checks/ovn-controllers
+  tags:
+    - pre-migration
+
+
 #
 # This step is executed before migration, and will backup some config
 # files related to containers before those get lost.
--- a/tools/ovn_migration/tripleo_environment/playbooks/roles/pre-checks/ovn-controllers/tasks/main.yml
+++ b/tools/ovn_migration/tripleo_environment/playbooks/roles/pre-checks/ovn-controllers/tasks/main.yml
@ -0,0 +1,10 @@
+---
+- name: Read OVS configuration file and extract "firewall_driver" variable.
+  set_fact:
+    firewall_driver: "{{ lookup('ini', 'firewall_driver section=securitygroup file=/var/lib/config-data/puppet-generated/neutron/etc/neutron/plugins/ml2/openvswitch_agent.ini', allow_no_value=True) }}"
+
+- name: Check OVS agent firewall is not using "iptables_hybrid" option
+  assert:
+    that:
+      - "'iptables_hybrid' != firewall_driver"
+    fail_msg: "OVS agent firewall cannot be 'iptables_hybrid', migration will not continue"