← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #87679

[Bug 1951296] Re: OVN db sync script fails with OVN schema that has label column in ACL table

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.opendev.org/c/openstack/neutron/+/818255
Committed: https://opendev.org/openstack/neutron/commit/23b99e2f127731c85f63c88c7144aa0a111c4abf
Submitter: "Zuul (22348)"
Branch:    master

commit 23b99e2f127731c85f63c88c7144aa0a111c4abf
Author: Jakub Libosvar <libosvar@xxxxxxxxxx>
Date:   Wed Nov 17 17:29:13 2021 +0000

    ovn: Filter ACL columns when syncing the DB
    
    The patch filters columns from OVN DB only to those that are used by the
    ovn mechanism driver. It means generated ACLs from Neutron DB and ACLs
    obtained from the OVN DB will always have the same columns. This is
    useful for db sync script when comparing if given security group rule
    has corresponding ACL in the OVN DB.
    
    Closes-Bug: #1951296
    Signed-off-by: Jakub Libosvar <libosvar@xxxxxxxxxx>
    Change-Id: I39e3b987b8546fd970a933b846ed23c8a2588258


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1951296

Title:
  OVN db sync script fails with OVN schema that has label column in ACL
  table

Status in neutron:
  Fix Released

Bug description:
  OVN introduced a new column in ACL table. The column name is label and
  when running db-sync script, we compare ACL generated by the ovn mech
  driver from Neutron DB with the actual ACLs in the OVN DB. Because of
  the new label column, everything seems like a new ACL because the
  column differs to what Neutron generated. Thus the script attempts to
  create a new ACL that already exists.

      b'Traceback (most recent call last):'
      b'  File "/usr/local/lib/python3.6/site-packages/neutron/tests/base.py", line 181, in func'
      b'    return f(self, *args, **kwargs)'
      b'  File "/usr/local/lib/python3.6/site-packages/neutron/tests/base.py", line 181, in func'
      b'    return f(self, *args, **kwargs)'
      b'  File "/home/cloud-user/networking-ovn/networking_ovn/tests/functional/test_ovn_db_sync.py", line 1547, in test_ovn_nb_sync_repair'
      b"    self._test_ovn_nb_sync_helper('repair')"
      b'  File "/home/cloud-user/networking-ovn/networking_ovn/tests/functional/test_ovn_db_sync.py", line 1543, in _test_ovn_nb_sync_helper'
      b'    self._sync_resources(mode)'
      b'  File "/home/cloud-user/networking-ovn/networking_ovn/tests/functional/test_ovn_db_sync.py", line 1523, in _sync_resources'
      b'    nb_synchronizer.do_sync()'
      b'  File "/home/cloud-user/networking-ovn/networking_ovn/ovn_db_sync.py", line 104, in do_sync'
      b'    self.sync_acls(ctx)'
      b'  File "/home/cloud-user/networking-ovn/networking_ovn/ovn_db_sync.py", line 288, in sync_acls'
      b'    txn.add(self.ovn_api.pg_acl_add(**acla))'
      b'  File "/usr/lib64/python3.6/contextlib.py", line 88, in __exit__'
      b'    next(self.gen)'
      b'  File "/home/cloud-user/networking-ovn/networking_ovn/ovsdb/impl_idl_ovn.py", line 230, in transaction'
      b'    yield t'
      b'  File "/usr/lib64/python3.6/contextlib.py", line 88, in __exit__'
      b'    next(self.gen)'
      b'  File "/usr/local/lib/python3.6/site-packages/ovsdbapp/api.py", line 110, in transaction'
      b'    del self._nested_txns_map[cur_thread_id]'
      b'  File "/usr/local/lib/python3.6/site-packages/ovsdbapp/api.py", line 61, in __exit__'
      b'    self.result = self.commit()'
      b'  File "/usr/local/lib/python3.6/site-packages/ovsdbapp/backend/ovs_idl/transaction.py", line 65, in commit'
      b'    raise result.ex'
      b'  File "/usr/local/lib/python3.6/site-packages/ovsdbapp/backend/ovs_idl/connection.py", line 131, in run'
      b'    txn.results.put(txn.do_commit())'
      b'  File "/usr/local/lib/python3.6/site-packages/ovsdbapp/backend/ovs_idl/transaction.py", line 93, in do_commit'
      b'    command.run_idl(txn)'
      b'  File "/usr/local/lib/python3.6/site-packages/ovsdbapp/schema/ovn_northbound/commands.py", line 124, in run_idl'
      b'    self.direction, self.priority, self.match))'
      b'RuntimeError: ACL (from-lport, 1001, inport == @neutron_pg_drop && ip) already exists'

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1951296/+subscriptions

References

  Thread PreviousDate PreviousThread Next