Skip to content

Commit

Permalink
Fix: Resolve issue with skipped execution of sg annotations
Browse files Browse the repository at this point in the history
The problem causing ineffective application of sg annotations is
that, during virtual machine restart, the logical switch port is
intentionally not deleted.(I guess).

When sg annotations are added and the VM is restarted, the create
logical switch port logic is skipped as it detects the existing
lsp. Consequently, the annotation fails to attach to the lsp. Even
when we sync lsp for sg, it has no effect.

A simple fix is to update the existing lsp during lsp creation if
it already exists. This approach ensures correct annotation
attachment and addresses the skipped execution issue.

Signed-off-by: wfnuser <[email protected]>
  • Loading branch information
wfnuser committed Feb 6, 2024
1 parent a28af4a commit c184810
Showing 1 changed file with 15 additions and 0 deletions.
15 changes: 15 additions & 0 deletions pkg/ovs/ovn-nb-logical_switch_port.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,21 @@ func (c *OVNNbClient) CreateLogicalSwitchPort(lsName, lspName, ip, mac, podName,

// ignore
if exist {
if portSecurity && len(securityGroups) != 0 {
lsp, err := c.GetLogicalSwitchPort(lspName, true)
if err != nil {
klog.Error(err)
} else {
sgList := strings.Split(securityGroups, ",")
if _, err := c.SetLogicalSwitchPortSecurityGroup(lsp, "add", sgList...); err != nil {
klog.Errorf("set logical switch port %s security groups %s: %v", lsp.Name, securityGroups, err)
}
}
}
if err = c.SetLogicalSwitchPortSecurity(portSecurity, lspName, mac, ip, vips); err != nil {
klog.Errorf("set logical switch port security: %v", err)
return err
}
return nil
}

Expand Down

0 comments on commit c184810

Please sign in to comment.