From: Assaf Muller <amuller@redhat.com>
Date: Tue, 13 Oct 2015 14:19:36 +0000 (-0400)
Subject: Kill conntrackd state on HA routers FIP disassociation
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=e0eeadc97ee094d6dfa5f4139c1c4aa871b514d5;p=openstack-build%2Fneutron-build.git

Kill conntrackd state on HA routers FIP disassociation

Legacy routers kill conntrackd states on FIP disassociation,
so that traffic to FIPs that have been disassociated is properly
dropped. This is not the case with HA routers, and this patch
changes that.

Change-Id: Ic962c518ce33a4936d0f1655d60d308c5e776a9b
Closes-Bug: #1505700
---

diff --git a/neutron/agent/l3/ha_router.py b/neutron/agent/l3/ha_router.py
index 55d4eebb9..b8673fabc 100644
--- a/neutron/agent/l3/ha_router.py
+++ b/neutron/agent/l3/ha_router.py
@@ -257,6 +257,8 @@ class HaRouter(router.RouterInfo):
 
     def remove_floating_ip(self, device, ip_cidr):
         self._remove_vip(ip_cidr)
+        if self.ha_state == 'master' and device.addr.list():
+            super(HaRouter, self).remove_floating_ip(device, ip_cidr)
 
     def internal_network_updated(self, interface_name, ip_cidrs):
         self._clear_vips(interface_name)
diff --git a/neutron/tests/functional/agent/test_l3_agent.py b/neutron/tests/functional/agent/test_l3_agent.py
index 02c83a395..8be8ffe5e 100644
--- a/neutron/tests/functional/agent/test_l3_agent.py
+++ b/neutron/tests/functional/agent/test_l3_agent.py
@@ -431,11 +431,17 @@ class L3AgentTestCase(L3AgentTestFramework):
     def test_ha_router_lifecycle(self):
         self._router_lifecycle(enable_ha=True)
 
-    def test_conntrack_disassociate_fip(self):
+    def test_conntrack_disassociate_fip_legacy_router(self):
+        self._test_conntrack_disassociate_fip(ha=False)
+
+    def test_conntrack_disassociate_fip_ha_router(self):
+        self._test_conntrack_disassociate_fip(ha=True)
+
+    def _test_conntrack_disassociate_fip(self, ha):
         '''Test that conntrack immediately drops stateful connection
            that uses floating IP once it's disassociated.
         '''
-        router_info = self.generate_router_info(enable_ha=False)
+        router_info = self.generate_router_info(enable_ha=ha)
         router = self.manage_router(self.agent, router_info)
 
         port = net_helpers.get_free_namespace_port(l3_constants.PROTO_NAME_TCP,
@@ -462,6 +468,9 @@ class L3AgentTestCase(L3AgentTestFramework):
             self.assertEqual(
                 n, len([line for line in out.strip().split('\n') if line]))
 
+        if ha:
+            utils.wait_until_true(lambda: router.ha_state == 'master')
+
         with self.assert_max_execution_time(100):
             assert_num_of_conntrack_rules(0)