← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #95097

[Bug 2092431] [NEW] Wrong result in acl comparison in neutron-ovn-db-sync-util

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Wrong result could be made in acl comparison in neutron-ovn-db-sync-
util.

This is the acl comparison steps in neutron-ovn-db-sync-util.
  1. Fetch security group list
  2. Fetch security group rule list of each security group
  3. Fetch acls from ovn db
  4. Compare 2 and 3

Between the step 1-2 and step 3, changes could be made in sg or sgr, if a user creates/deletes sg or sgr.
This makes sync util think that there are data difference in neutron and ovn db, which is wrong, because the difference is made from the time difference of fetching data from neutron and ovn db.

Reproduction steps 1:
  1. Run neutron-ovn-db-sync-util
  2. While comparison step 2 is running, create a new security group and its rule

Reproduction steps 2:
  1. Run neutron-ovn-db-sync-util
  2. While comparison step 2 is running, after fetching rule list of a security group, delete the security group

Reproduction steps 3:
  1. Run neutron-ovn-db-sync-util
  2. While comparison step 2 is running, after fetching rule list of a security group, create or delete security group rule/rules of the security group

I'm using branch stable/2024.1.

Thanke you.

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2092431

Title:
  Wrong result in acl comparison in neutron-ovn-db-sync-util

Status in neutron:
  New

Bug description:
  Wrong result could be made in acl comparison in neutron-ovn-db-sync-
  util.

  This is the acl comparison steps in neutron-ovn-db-sync-util.
    1. Fetch security group list
    2. Fetch security group rule list of each security group
    3. Fetch acls from ovn db
    4. Compare 2 and 3

  Between the step 1-2 and step 3, changes could be made in sg or sgr, if a user creates/deletes sg or sgr.
  This makes sync util think that there are data difference in neutron and ovn db, which is wrong, because the difference is made from the time difference of fetching data from neutron and ovn db.

  Reproduction steps 1:
    1. Run neutron-ovn-db-sync-util
    2. While comparison step 2 is running, create a new security group and its rule

  Reproduction steps 2:
    1. Run neutron-ovn-db-sync-util
    2. While comparison step 2 is running, after fetching rule list of a security group, delete the security group

  Reproduction steps 3:
    1. Run neutron-ovn-db-sync-util
    2. While comparison step 2 is running, after fetching rule list of a security group, create or delete security group rule/rules of the security group

  I'm using branch stable/2024.1.

  Thanke you.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2092431/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next