Fix VRF subnets DB query
The patch in [0] created a DB query to support a new no-NAT CIDRs extension. This DB query was incorrect, as it used unrelated joins. This patch fixes the DB query to ensure related joins are used. There also was an issue with the _query_vrf_subnets method before the extension was added. It was possible that a single subnetpool with multiple prefixes could have been used to allocate multiple subnets. The current query would have returned the same subnetpool ID for each prefix, leading to duplicates in the returned list. This patch fixes that issue by ensuring that the returned values from the query are distinct. [0]: https://review.opendev.org/c/x/group-based-policy/+/875317 Change-Id: I7870ad58bc4d9098b4aa12a0cefbfe027d982564
This commit is contained in:
parent
f4609c4fab
commit
8e15f2ac3e
|
@ -852,12 +852,12 @@ class ApicRpcHandlerMixin(object):
|
|||
# address_scopes, and if so, return the subnetpool CIDRs
|
||||
# associated with those address_scopes.
|
||||
result = []
|
||||
sub_ids = []
|
||||
net_ids = []
|
||||
sub_ids = []
|
||||
subpool_ids = []
|
||||
query = BAKERY(lambda s: s.query(
|
||||
models_v2.SubnetPoolPrefix.cidr,
|
||||
models_v2.Subnet.id,
|
||||
models_v2.Network.id))
|
||||
models_v2.SubnetPoolPrefix.subnetpool_id))
|
||||
query += lambda q: q.join(
|
||||
models_v2.SubnetPool,
|
||||
models_v2.SubnetPool.id ==
|
||||
|
@ -866,25 +866,34 @@ class ApicRpcHandlerMixin(object):
|
|||
db.AddressScopeMapping,
|
||||
db.AddressScopeMapping.scope_id ==
|
||||
models_v2.SubnetPool.address_scope_id)
|
||||
query += lambda q: q.join(
|
||||
db.NetworkMapping,
|
||||
db.NetworkMapping.network_id ==
|
||||
models_v2.Network.id)
|
||||
query += lambda q: q.filter(
|
||||
db.AddressScopeMapping.vrf_name ==
|
||||
sa.bindparam('vrf_name'),
|
||||
db.AddressScopeMapping.vrf_tenant_name ==
|
||||
sa.bindparam('vrf_tenant_name'),
|
||||
db.NetworkMapping.vrf_name ==
|
||||
sa.bindparam('vrf_name'),
|
||||
db.NetworkMapping.vrf_tenant_name ==
|
||||
sa.bindparam('vrf_tenant_name'))
|
||||
for cidr, sub_id, net_id in query(session).params(vrf_name=vrf_name,
|
||||
vrf_tenant_name=vrf_tenant_name).all():
|
||||
query += lambda q: q.distinct()
|
||||
for cidr, subpool_id in query(session).params(vrf_name=vrf_name,
|
||||
vrf_tenant_name=vrf_tenant_name).all():
|
||||
result.append(cidr)
|
||||
sub_ids.append(sub_id)
|
||||
net_ids.append(net_id)
|
||||
subpool_ids.append(subpool_id)
|
||||
if result:
|
||||
# We need a list of subnets to query for the no-NAT CIDRs,
|
||||
# and also a list of networks that might have this extension.
|
||||
|
||||
# Baked queries using in_ require sqlalchemy >=1.2.
|
||||
query = session.query(
|
||||
models_v2.Subnet.id,
|
||||
models_v2.Subnet.network_id))
|
||||
query = query.join(
|
||||
models_v2.SubnetPool,
|
||||
models_v2.SubnetPool.id ==
|
||||
models_v2.Subnet.subnetpool_id)
|
||||
query = query.filter(
|
||||
models_v2.Subnet.subnetpool_id.in_(
|
||||
subpool_ids))
|
||||
for sub_id, net_id in query(session).all():
|
||||
sub_ids.append(sub_id)
|
||||
net_ids.append(net_id)
|
||||
# query to fetch no nat cidrs extension from the networks
|
||||
if not ext_net_info:
|
||||
ext_net_info = self._query_endpoint_ext_net_info(
|
||||
|
|
Loading…
Reference in New Issue