openstack/neutron
Code Issues Proposed changes

Merge "[OVN] Prevent OVS to OVN migration if firewall "iptables_hybrid""

Browse Source
This commit is contained in:
Zuul 2022-01-24 11:12:59 +00:00 committed by Gerrit Code Review
commit 5ee2f12929
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
tools/ovn_migration/tripleo_environment/playbooks/ovn-migration.yml
View File

@ -13,6 +13,15 @@
tags: tags:
- pre-migration - pre-migration
- name: Pre migration checks in the OVN controllers
hosts: ovn-controllers
roles:
- pre-checks/ovn-controllers
tags:
- pre-migration
# #
# This step is executed before migration, and will backup some config # This step is executed before migration, and will backup some config
# files related to containers before those get lost. # files related to containers before those get lost.

10
tools/ovn_migration/tripleo_environment/playbooks/roles/pre-checks/ovn-controllers/tasks/main.yml Normal file
View File

@ -0,0 +1,10 @@
---
- name: Read OVS configuration file and extract "firewall_driver" variable.
set_fact:
firewall_driver: "{{ lookup('ini', 'firewall_driver section=securitygroup file=/var/lib/config-data/puppet-generated/neutron/etc/neutron/plugins/ml2/openvswitch_agent.ini', allow_no_value=True) }}"
- name: Check OVS agent firewall is not using "iptables_hybrid" option
assert:
that:
- "'iptables_hybrid' != firewall_driver"
fail_msg: "OVS agent firewall cannot be 'iptables_hybrid', migration will not continue"