commit 90865c06afe9780ac3116be9e527da9a75944c96
Author: Rodolfo Alonso Hernandez <email address hidden>
Date: Mon Nov 14 17:43:27 2022 +0000
[stable-only] Do not fail making reservation when creating a SG
Do not fail during the creation of a security group when trying to
make a quota reservation for the security group rules. This feature
was added in [1], in order to prevent the rule quota excess during
the security group creation.
However, as reported in LP#1992161, this method can be called from
the RPC worker. If this RPC worker is spawned alone (not with the API
workers), the extensions are not loaded and the security group rule
quota resources are not created. That means the quota engine does not
have the security group rules as managed resources (in this worker).
When a new network (and the first subnet) is created, the DHCP agent
(or agents) handling this network will try to create the DHCP port.
If, as commented in the LP bug, the default security group is not
created, the RPC worker will try to create it. In this case this
patch skips the quota check.
This patch is for stable releases only. Since Xena, this check is
done using a new method called "quota_limit_check" [2]. This method
does not fail in the related case.
Reviewed: https:/ /review. opendev. org/c/openstack /neutron/ +/864765 /opendev. org/openstack/ neutron/ commit/ 90865c06afe9780 ac3116be9e527da 9a75944c96
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/victoria
commit 90865c06afe9780 ac3116be9e527da 9a75944c96
Author: Rodolfo Alonso Hernandez <email address hidden>
Date: Mon Nov 14 17:43:27 2022 +0000
[stable-only] Do not fail making reservation when creating a SG
Do not fail during the creation of a security group when trying to
make a quota reservation for the security group rules. This feature
was added in [1], in order to prevent the rule quota excess during
the security group creation.
However, as reported in LP#1992161, this method can be called from
the RPC worker. If this RPC worker is spawned alone (not with the API
workers), the extensions are not loaded and the security group rule
quota resources are not created. That means the quota engine does not
have the security group rules as managed resources (in this worker).
When a new network (and the first subnet) is created, the DHCP agent
(or agents) handling this network will try to create the DHCP port.
If, as commented in the LP bug, the default security group is not
created, the RPC worker will try to create it. In this case this
patch skips the quota check.
This patch is for stable releases only. Since Xena, this check is
done using a new method called "quota_limit_check" [2]. This method
does not fail in the related case.
[1]https:/ /review. opendev. org/q/I0a9b91b0 9d6260ff96fdba2 f0a455de53bbc1f 00 /review. opendev. org/q/Id7336857 6a948f78a043d7c f0be16661a65626 a9
[2]https:/
Conflicts:
neutron/ db/securitygrou ps_db.py
Closes-Bug: #1992161 cf56de70588fca4 a6956d276df 68227affa2d6a8d d8328d3463)
Related-Bug: #1858680
Change-Id: I0f20b17c1b13c3
(cherry picked from commit 02bdd0470246dd7