[OVSDB-257] SG needs to be independent from which L3 stack is used in ovsdb netvirt Created: 14/Jan/16  Updated: 19/Oct/17  Resolved: 20/Jan/16

Status: Resolved
Project: ovsdb
Component/s: Neutron
Affects Version/s: unspecified
Fix Version/s: None

Type: Bug
Reporter: Flavio Fernandes Assignee: Unassigned
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All

External issue ID: 4971

 Description   

From: Suryanarayanan, Aswin <aswin.suryanarayanan@hpe.com>
Date: Thu, Jan 14, 2016 at 10:52 AM
Subject: RE: IT test for SG's is failing
To: Flavio Fernandes <ffernand@redhat.com>, Sam Hague <shague@redhat.com>
Cc: "Kenchappa, Ravindra" <ravindra.kenchappa@hpe.com>, isaku yamahata <isaku.yamahata@gmail.com>, "Gaddam, Sridhar" <sgaddam@redhat.com>, "Viswanatha, Badrinath" <badrinath_viswanatha@dell.com>

Yes Sam, as Flavio confirmed , l3 enabled check is not required for SG. We can move it outside the check. The cache as well needs to be outside.

Thanks

Aswin

From: Flavio Fernandes ffernand@redhat.com
Sent: Thursday, January 14, 2016 8:56 PM
To: Sam Hague
Cc: Suryanarayanan, Aswin; Kenchappa, Ravindra; isaku yamahata; Gaddam, Sridhar; Viswanatha, Badrinath

Subject: Re: IT test for SG's is failing

+Sridhar, Badri

On Thu, Jan 14, 2016 at 8:47 AM, Sam Hague <shague@redhat.com> wrote:

Including Flavio

Isaku, Flavio,

can you look at [2] and see if there is any issue with doing the Security Group stuff outside of the l3.enabled? That patch is breaking the NetvirtIT. Aswin also mentioned a concern about [1] so can you look at that also?

Hi Sam,

Yes, SG should not care whether ODL_L3=True or False.

When ODL_L3=True, one big difference is that there is no L3Agent used; which means that there are no OVS ports created

for the neutron router (only neutron ports). If SG uses rules that do not depend on OVS ports than it should be able to be agnostic
to the L3 stack being deployed.

We have had some cache added to NeutronL3Adapter.java code that makes me a little worried about this.
That [11] may need to be re-visited; and possible moved into SGImpl so it remains independent of ODL_L3.

– flavio

[11]: https://git.opendaylight.org/gerrit/#/c/32498/

 Comments   
Comment by Flavio Fernandes [ 14/Jan/16 ]

[16:44:11] <shague> so your lats sentence is the important part: That [11] may need to be re-visited; and possible moved into SGImpl so it remains independent of ODL_L3.

[16:50:29] <flaviof> the change is actually not bad/hard. we could potentially leave the cache where it is, but make it not care about the enabled flag.

[16:50:53] <flaviof> the cache is called

private Set<NeutronPort> portCleanupCache;

[16:51:09] <flaviof> let me add this to the bug.

Comment by Sam Hague [ 19/Jan/16 ]

Flavio,

do the changes in [1] fix this issue? Aswin mentioned you added changes to the commit that look like they fix the issue.

Thanks, Sam

[1] https://git.opendaylight.org/gerrit/#/c/32828/

Hi Sam,

The changes https://git.opendaylight.org/gerrit/#/c/32828/ added by Flavio had moved the SG out of “l3.enabled” check. Today I run NetvirtIT by uncommenting assertion in by local setup and SG test case was passed. Uncommented the assertion and pushed to gerrit https://git.opendaylight.org/gerrit/32994.

Thanks,

Ravi

Generated at Wed Feb 07 20:35:54 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.