When l2 agent execute ipset command, we should pass
parameter 'check_exit_code' to self.execute acording to
action.
The intention is to safely fail if we try to destroy a
non existing set, or delete a non existing member.
Otherwise the agent gets stuck in a loop if such situation
happens. Such kind of event would be logged as errors.
Change-Id: If67330523d114d6da13d0280851e7138a51d08f7
Closes-bug: #
1497074
def _del_member_from_set(self, set_name, member_ip):
cmd = ['ipset', 'del', set_name, member_ip]
- self._apply(cmd)
+ self._apply(cmd, fail_on_errors=False)
self.ipset_sets[set_name].remove(member_ip)
def _create_set(self, set_name, ethertype):
self._apply(cmd)
self.ipset_sets[set_name] = []
- def _apply(self, cmd, input=None):
+ def _apply(self, cmd, input=None, fail_on_errors=True):
input = '\n'.join(input) if input else None
cmd_ns = []
if self.namespace:
cmd_ns.extend(['ip', 'netns', 'exec', self.namespace])
cmd_ns.extend(cmd)
- self.execute(cmd_ns, run_as_root=True, process_input=input)
+ self.execute(cmd_ns, run_as_root=True, process_input=input,
+ check_exit_code=fail_on_errors)
def _get_new_set_ips(self, set_name, expected_ips):
new_member_ips = (set(expected_ips) -
def _destroy(self, set_name, forced=False):
if set_name in self.ipset_sets or forced:
cmd = ['ipset', 'destroy', set_name]
- self._apply(cmd)
+ self._apply(cmd, fail_on_errors=False)
self.ipset_sets.pop(set_name, None)
self.source.assert_ping(self.destination.ip)
def test_destroy_ipset_set(self):
- self.assertRaises(RuntimeError, self.ipset._destroy, self.ipset_name)
self._remove_iptables_ipset_rules()
self.ipset._destroy(self.ipset_name)
self.expected_calls.extend([
mock.call(['ipset', 'restore', '-exist'],
process_input=input,
- run_as_root=True),
+ run_as_root=True,
+ check_exit_code=True),
mock.call(['ipset', 'swap', TEST_SET_NAME_NEW, TEST_SET_NAME],
process_input=None,
- run_as_root=True),
+ run_as_root=True,
+ check_exit_code=True),
mock.call(['ipset', 'destroy', TEST_SET_NAME_NEW],
process_input=None,
- run_as_root=True)])
+ run_as_root=True,
+ check_exit_code=False)])
def expect_add(self, addresses):
self.expected_calls.extend(
mock.call(['ipset', 'add', '-exist', TEST_SET_NAME, ip],
process_input=None,
- run_as_root=True)
+ run_as_root=True,
+ check_exit_code=True)
for ip in self.ipset._sanitize_addresses(addresses))
def expect_del(self, addresses):
self.expected_calls.extend(
mock.call(['ipset', 'del', TEST_SET_NAME, ip],
process_input=None,
- run_as_root=True)
+ run_as_root=True,
+ check_exit_code=False)
for ip in self.ipset._sanitize_addresses(addresses))
def expect_create(self):
mock.call(['ipset', 'create', '-exist', TEST_SET_NAME,
'hash:net', 'family', 'inet'],
process_input=None,
- run_as_root=True))
+ run_as_root=True,
+ check_exit_code=True))
def expect_destroy(self):
self.expected_calls.append(
mock.call(['ipset', 'destroy', TEST_SET_NAME],
process_input=None,
- run_as_root=True))
+ run_as_root=True,
+ check_exit_code=False))
def add_first_ip(self):
self.expect_set([FAKE_IPS[0]])
Code Review / openstack-build / neutron-build.git / commitdiff