RFE: OVN "Add-Only" Sync Mode
In an effort to enhance operational safety and flexibility, we propose the introduction of an "add-only" synchronization mode for OVN integration within Neutron. This mode is designed to ensure that Neutron only adds records to the OVN database when they are missing, without deleting any existing records. This is particularly important in environments where a shared OVN deployment is leveraged outside of OpenStack or in hybrid settings where external management is also in play. By enabling this mode, either through the command-line option `--ovn-neutron_sync_mode=add` or by setting `ovn.neutron_sync_mode` to "add" in the configuration file, administrators can prevent accidental record deletion, which is crucial for maintaining data integrity in complex deployments.
Recent development efforts have already implemented this functionality, as highlighted in the commit message "feat(OVN): add new mode to only add when missing." The changes update the synchronization class to bypass any deletion operations when operating in this "add" mode, thereby ensuring that only missing records are added to the OVN database. Comprehensive tests using a repair setup have confirmed that no delete calls are made under this configuration.
This enhancement not only mitigates the risk of unintended network loss but also provides a safer, more controlled method for managing OVN records, making it an invaluable option for operators who require precise control over their network infrastructure.
I still think that the best way to handle sync for shared OVN is for the sync to only touch neutron-owned objects in the first place. It seems like not doing any deletes could break things or at the very least leave permanently orphaned objects.
It should be very easy to ensure that every neutron-related object has an external_