From 879bb9032857bf0109185e85095ef4b5c77bcbde Mon Sep 17 00:00:00 2001
From: Oleg Bondarev <obondarev@mirantis.com>
Date: Mon, 21 Oct 2019 15:40:12 +0400
Subject: [PATCH] Handle OVSFWPortNotFound and OVSFWTagNotFound in ovs firewall

This will prevent ovs agent from endless fail loop when dealing
with unbound port: like when port was created in neutron before
agent become alive, then agent gets online and and starts processing
devices.
This patch adds exception handling to prepare_port_filter() -
same as done in update_port_filter().

Change-Id: I1137eb18efaf51c67fab145e645f58cbd3772e40
Closes-Bug: #1849098
(cherry picked from commit e801159003978f7c5c67eb3e9fe36fa690656d77)
(cherry picked from commit 0fb7f8ddac0d55dfc64c0c0c2931b3c17cb00d37)
---
 .../linux/openvswitch_firewall/firewall.py    | 25 +++++++++++++------
 1 file changed, 17 insertions(+), 8 deletions(-)

diff --git a/neutron/agent/linux/openvswitch_firewall/firewall.py b/neutron/agent/linux/openvswitch_firewall/firewall.py
index aee765a5d33..d8cddfedcdc 100644
--- a/neutron/agent/linux/openvswitch_firewall/firewall.py
+++ b/neutron/agent/linux/openvswitch_firewall/firewall.py
@@ -549,14 +549,23 @@ class OVSFirewallDriver(firewall.FirewallDriver):
             self._initialize_egress_no_port_security(port['device'])
             return
 
-        old_of_port = self.get_ofport(port)
-        of_port = self.get_or_create_ofport(port)
-        if old_of_port:
-            LOG.info("Initializing port %s that was already initialized.",
-                     port['device'])
-            self._update_flows_for_port(of_port, old_of_port)
-        else:
-            self._set_port_filters(of_port)
+        try:
+            old_of_port = self.get_ofport(port)
+            of_port = self.get_or_create_ofport(port)
+            if old_of_port:
+                LOG.info("Initializing port %s that was already initialized.",
+                         port['device'])
+                self._update_flows_for_port(of_port, old_of_port)
+            else:
+                self._set_port_filters(of_port)
+        except exceptions.OVSFWPortNotFound as not_found_error:
+            LOG.info("port %(port_id)s does not exist in ovsdb: %(err)s.",
+                     {'port_id': port['device'],
+                      'err': not_found_error})
+        except exceptions.OVSFWTagNotFound as tag_not_found:
+            LOG.info("Tag was not found for port %(port_id)s: %(err)s.",
+                     {'port_id': port['device'],
+                      'err': tag_not_found})
 
     def update_port_filter(self, port):
         """Update rules for given port