openstack/neutron
Code Issues Proposed changes

Merge "[ovn][migration] Support migration to OVN from iptables firewall"

Browse Source
This commit is contained in:
Zuul 2022-04-22 10:02:02 +00:00 committed by Gerrit Code Review
commit ed2d5e7daa
4 changed files with 6 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
neutron/plugins/ml2/drivers/ovn/db_migration.py
View File

@ -30,17 +30,17 @@ from neutron.objects import trunk as trunk_obj
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
VIF_DETAILS_TO_REMOVE = ( VIF_DETAILS_TO_REMOVE = (
pb_api.OVS_HYBRID_PLUG, pb_api.VIF_DETAILS_BRIDGE_NAME,
pb_api.VIF_DETAILS_BRIDGE_NAME) )
def migrate_neutron_database_to_ovn(): def migrate_neutron_database_to_ovn():
"""Change DB content from OVS to OVN mech driver. """Change DB content from OVS to OVN mech driver.
- Changes vxlan network type to Geneve and updates Geneve allocations. - Changes vxlan network type to Geneve and updates Geneve allocations.
- Removes unnecessary settings from port binding vif details, such as - Removes bridge name from port binding vif details to support operations
connectivity, bridge_name and ovs_hybrid_plug, as they are not used by on instances with a trunk bridge.
OVN. - Updates the port profile for trunk ports.
""" """
ctx = n_context.get_admin_context() ctx = n_context.get_admin_context()
with db_api.CONTEXT_WRITER.using(ctx) as session: with db_api.CONTEXT_WRITER.using(ctx) as session:

1
neutron/tests/unit/plugins/ml2/drivers/ovn/test_db_migration.py
View File

@ -152,6 +152,7 @@ class TestMigrateNeutronDatabaseToOvn(
] ]
expected_vif_details = [ expected_vif_details = [
{pb.CAP_PORT_FILTER: "true", {pb.CAP_PORT_FILTER: "true",
pb.OVS_HYBRID_PLUG: "true",
pb.VIF_DETAILS_CONNECTIVITY: pb.CONNECTIVITY_L2}, pb.VIF_DETAILS_CONNECTIVITY: pb.CONNECTIVITY_L2},
{pb.CAP_PORT_FILTER: "true"}, {pb.CAP_PORT_FILTER: "true"},
{"foo": "bar"}, {"foo": "bar"},

8
tools/ovn_migration/tripleo_environment/playbooks/ovn-migration.yml
View File

@ -14,14 +14,6 @@
- pre-migration - pre-migration
- name: Pre migration checks in the OVN controllers
hosts: ovn-controllers
roles:
- pre-checks/ovn-controllers
tags:
- pre-migration
# #
# This step is executed before migration, and will backup some config # This step is executed before migration, and will backup some config
# files related to containers before those get lost. # files related to containers before those get lost.

10
tools/ovn_migration/tripleo_environment/playbooks/roles/pre-checks/ovn-controllers/tasks/main.yml
View File

@ -1,10 +0,0 @@
---
- name: Read OVS configuration file and extract "firewall_driver" variable.
set_fact:
firewall_driver: "{{ lookup('ini', 'firewall_driver section=securitygroup file=/var/lib/config-data/puppet-generated/neutron/etc/neutron/plugins/ml2/openvswitch_agent.ini', allow_no_value=True) }}"
- name: Check OVS agent firewall is not using "iptables_hybrid" option
assert:
that:
- "'iptables_hybrid' != firewall_driver"
fail_msg: "OVS agent firewall cannot be 'iptables_hybrid', migration will not continue"