diff --git a/cmd/incusd/api_cluster.go b/cmd/incusd/api_cluster.go index 5d5bf0dc839..970d5c39521 100644 --- a/cmd/incusd/api_cluster.go +++ b/cmd/incusd/api_cluster.go @@ -773,6 +773,9 @@ func clusterPutJoin(d *Daemon, r *http.Request, req api.ClusterPut) response.Res // Refresh the state. s = d.State() + // Re-connect OVN if needed. + _ = d.setupOVN() + // Start up networks so any post-join changes can be applied now that we have a Node ID. logger.Debug("Starting networks after cluster join") err = networkStartup(s) diff --git a/cmd/incusd/daemon.go b/cmd/incusd/daemon.go index 03602798068..f4356b1ef1b 100644 --- a/cmd/incusd/daemon.go +++ b/cmd/incusd/daemon.go @@ -168,6 +168,7 @@ type Daemon struct { // OVN clients. ovnnb *ovn.NB ovnsb *ovn.SB + ovnMu sync.Mutex // API info. apiExtensions int @@ -559,8 +560,7 @@ func (d *Daemon) State() *state.State { InstanceTypes: instanceTypes, LocalConfig: localConfig, OS: d.os, - OVNNB: d.ovnnb, - OVNSB: d.ovnsb, + OVN: d.getOVN, Proxy: d.proxy, ServerCert: d.serverCert, ServerClustered: d.serverClustered, @@ -1467,9 +1467,6 @@ func (d *Daemon) init() error { logger.Info("Started BGP server") } - // Attempt to setup OVN clients. - _ = d.setupOVN() - // Setup DNS listener. d.dns = dns.NewServer(d.db.Cluster, func(name string, full bool) (*dns.Zone, error) { // Fetch the zone. @@ -2535,6 +2532,9 @@ func (d *Daemon) nodeRefreshTask(heartbeatData *cluster.APIHeartbeat, isLeader b } func (d *Daemon) setupOVN() error { + d.ovnMu.Lock() + defer d.ovnMu.Unlock() + // Clear any existing clients. d.ovnnb = nil d.ovnsb = nil @@ -2597,3 +2597,14 @@ func (d *Daemon) setupOVN() error { return nil } + +func (d *Daemon) getOVN() (*ovn.NB, *ovn.SB, error) { + if d.ovnnb == nil || d.ovnsb == nil { + err := d.setupOVN() + if err != nil { + return nil, nil, fmt.Errorf("Failed to connect to OVN: %w", err) + } + } + + return d.ovnnb, d.ovnsb, nil +} diff --git a/internal/server/device/nic_ovn.go b/internal/server/device/nic_ovn.go index e81daf480f5..4407f0c17cd 100644 --- a/internal/server/device/nic_ovn.go +++ b/internal/server/device/nic_ovn.go @@ -51,6 +51,9 @@ type nicOVN struct { deviceCommon network ovnNet // Populated in validateConfig(). + + ovnnb *ovn.NB + ovnsb *ovn.SB } // CanHotPlug returns whether the device can be managed whilst the instance is running. @@ -383,10 +386,14 @@ func (d *nicOVN) validateEnvironment() error { func (d *nicOVN) init(inst instance.Instance, s *state.State, name string, conf deviceConfig.Device, volatileGet VolatileGetter, volatileSet VolatileSetter) error { // Check that OVN is available. - if s.OVNNB == nil { - return fmt.Errorf("OVN isn't currently available") + ovnnb, ovnsb, err := s.OVN() + if err != nil { + return err } + d.ovnnb = ovnnb + d.ovnsb = ovnsb + return d.deviceCommon.init(inst, s, name, conf, volatileGet, volatileSet) } @@ -658,7 +665,7 @@ func (d *nicOVN) Start() (*deviceConfig.RunConfig, error) { // Add post start hook for setting logical switch port chassis once instance has been started. runConf.PostHooks = append(runConf.PostHooks, func() error { - err := d.state.OVNNB.UpdateLogicalSwitchPortOptions(context.TODO(), logicalPortName, map[string]string{"requested-chassis": chassisID}) + err := d.ovnnb.UpdateLogicalSwitchPortOptions(context.TODO(), logicalPortName, map[string]string{"requested-chassis": chassisID}) if err != nil { return fmt.Errorf("Failed setting logical switch port chassis ID: %w", err) } @@ -803,7 +810,7 @@ func (d *nicOVN) Update(oldDevices deviceConfig.Devices, isRunning bool) error { } if len(removedACLs) > 0 { - err := acl.OVNPortGroupDeleteIfUnused(d.state, d.logger, d.state.OVNNB, d.network.Project(), d.inst, d.name, newACLs...) + err := acl.OVNPortGroupDeleteIfUnused(d.state, d.logger, d.ovnnb, d.network.Project(), d.inst, d.name, newACLs...) if err != nil { return fmt.Errorf("Failed removing unused OVN port groups: %w", err) } @@ -1006,7 +1013,7 @@ func (d *nicOVN) Remove() error { // Check for port groups that will become unused (and need deleting) as this NIC is deleted. securityACLs := util.SplitNTrimSpace(d.config["security.acls"], ",", -1, true) if len(securityACLs) > 0 { - err := acl.OVNPortGroupDeleteIfUnused(d.state, d.logger, d.state.OVNNB, d.network.Project(), d.inst, d.name) + err := acl.OVNPortGroupDeleteIfUnused(d.state, d.logger, d.ovnnb, d.network.Project(), d.inst, d.name) if err != nil { return fmt.Errorf("Failed removing unused OVN port groups: %w", err) } diff --git a/internal/server/network/acl/driver_common.go b/internal/server/network/acl/driver_common.go index d375d6fe61e..ebbbbc29402 100644 --- a/internal/server/network/acl/driver_common.go +++ b/internal/server/network/acl/driver_common.go @@ -648,8 +648,9 @@ func (d *common) Update(config *api.NetworkACLPut, clientType request.ClientType // This way we won't apply the same changes multiple times for each cluster member. if len(aclOVNNets) > 0 && clientType == request.ClientTypeNormal { // Check that OVN is available. - if d.state.OVNNB == nil { - return fmt.Errorf("OVN isn't currently available") + ovnnb, _, err := d.state.OVN() + if err != nil { + return err } var aclNameIDs map[string]int64 @@ -670,7 +671,7 @@ func (d *common) Update(config *api.NetworkACLPut, clientType request.ClientType // apply those rules to each network affected by the ACL, so pass the full list of OVN networks // affected by this ACL (either because the ACL is assigned directly or because it is assigned to // an OVN NIC in an instance or profile). - cleanup, err := OVNEnsureACLs(d.state, d.logger, d.state.OVNNB, d.projectName, aclNameIDs, aclOVNNets, []string{d.info.Name}, true) + cleanup, err := OVNEnsureACLs(d.state, d.logger, ovnnb, d.projectName, aclNameIDs, aclOVNNets, []string{d.info.Name}, true) if err != nil { return fmt.Errorf("Failed ensuring ACL is configured in OVN: %w", err) } @@ -679,7 +680,7 @@ func (d *common) Update(config *api.NetworkACLPut, clientType request.ClientType // Run unused port group cleanup in case any formerly referenced ACL in this ACL's rules means that // an ACL port group is now considered unused. - err = OVNPortGroupDeleteIfUnused(d.state, d.logger, d.state.OVNNB, d.projectName, nil, "", d.info.Name) + err = OVNPortGroupDeleteIfUnused(d.state, d.logger, ovnnb, d.projectName, nil, "", d.info.Name) if err != nil { return fmt.Errorf("Failed removing unused OVN port groups: %w", err) } diff --git a/internal/server/network/driver_ovn.go b/internal/server/network/driver_ovn.go index 55c91d7f058..1659e7c9bf7 100644 --- a/internal/server/network/driver_ovn.go +++ b/internal/server/network/driver_ovn.go @@ -93,12 +93,21 @@ type OVNInstanceNICStopOpts struct { // ovn represents an OVN network. type ovn struct { common + + ovnnb *networkOVN.NB + ovnsb *networkOVN.SB } func (n *ovn) init(s *state.State, id int64, projectName string, netInfo *api.Network, netNodes map[int64]db.NetworkNode) error { // Check that OVN is available. - if s != nil && s.OVNNB == nil { - return fmt.Errorf("OVN isn't currently available") + if s != nil { + ovnnb, ovnsb, err := s.OVN() + if err != nil { + return err + } + + n.ovnnb = ovnnb + n.ovnsb = ovnsb } return n.common.init(s, id, projectName, netInfo, netNodes) @@ -147,13 +156,13 @@ func (n *ovn) State() (*api.NetworkState, error) { hwaddr, ok := n.config["bridge.hwaddr"] if !ok { - hwaddr, err = n.state.OVNNB.GetLogicalRouterPortHardwareAddress(context.TODO(), n.getRouterExtPortName()) + hwaddr, err = n.ovnnb.GetLogicalRouterPortHardwareAddress(context.TODO(), n.getRouterExtPortName()) if err != nil { return nil, err } } - chassis, err := n.state.OVNSB.GetLogicalRouterPortActiveChassisHostname(context.TODO(), n.getRouterExtPortName()) + chassis, err := n.ovnsb.GetLogicalRouterPortActiveChassisHostname(context.TODO(), n.getRouterExtPortName()) if err != nil { return nil, err } @@ -2066,23 +2075,23 @@ func (n *ovn) setup(update bool) error { } // Create chassis group. - err = n.state.OVNNB.CreateChassisGroup(context.TODO(), n.getChassisGroupName(), update) + err = n.ovnnb.CreateChassisGroup(context.TODO(), n.getChassisGroupName(), update) if err != nil { return err } if !update { - revert.Add(func() { _ = n.state.OVNNB.DeleteChassisGroup(context.TODO(), n.getChassisGroupName()) }) + revert.Add(func() { _ = n.ovnnb.DeleteChassisGroup(context.TODO(), n.getChassisGroupName()) }) } // Create logical router. - err = n.state.OVNNB.CreateLogicalRouter(context.TODO(), n.getRouterName(), update) + err = n.ovnnb.CreateLogicalRouter(context.TODO(), n.getRouterName(), update) if err != nil { return fmt.Errorf("Failed adding router: %w", err) } if !update { - revert.Add(func() { _ = n.state.OVNNB.DeleteLogicalRouter(context.TODO(), n.getRouterName()) }) + revert.Add(func() { _ = n.ovnnb.DeleteLogicalRouter(context.TODO(), n.getRouterName()) }) } // Configure logical router. @@ -2104,57 +2113,57 @@ func (n *ovn) setup(update bool) error { } if len(extRouterIPs) > 0 { - err = n.state.OVNNB.CreateLogicalSwitch(context.TODO(), n.getExtSwitchName(), update) + err = n.ovnnb.CreateLogicalSwitch(context.TODO(), n.getExtSwitchName(), update) if err != nil { return fmt.Errorf("Failed adding external switch: %w", err) } if !update { - revert.Add(func() { _ = n.state.OVNNB.DeleteLogicalSwitch(context.TODO(), n.getExtSwitchName()) }) + revert.Add(func() { _ = n.ovnnb.DeleteLogicalSwitch(context.TODO(), n.getExtSwitchName()) }) } // Create external router port. - err = n.state.OVNNB.CreateLogicalRouterPort(context.TODO(), n.getRouterName(), n.getRouterExtPortName(), routerMAC, bridgeMTU, extRouterIPs, n.getChassisGroupName(), update) + err = n.ovnnb.CreateLogicalRouterPort(context.TODO(), n.getRouterName(), n.getRouterExtPortName(), routerMAC, bridgeMTU, extRouterIPs, n.getChassisGroupName(), update) if err != nil { return fmt.Errorf("Failed adding external router port: %w", err) } if !update { revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalRouterPort(context.TODO(), n.getRouterName(), n.getRouterExtPortName()) + _ = n.ovnnb.DeleteLogicalRouterPort(context.TODO(), n.getRouterName(), n.getRouterExtPortName()) }) } // Create external switch port and link to router port. - err = n.state.OVNNB.CreateLogicalSwitchPort(context.TODO(), n.getExtSwitchName(), n.getExtSwitchRouterPortName(), nil, update) + err = n.ovnnb.CreateLogicalSwitchPort(context.TODO(), n.getExtSwitchName(), n.getExtSwitchRouterPortName(), nil, update) if err != nil { return fmt.Errorf("Failed adding external switch router port: %w", err) } if !update { revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalSwitchPort(context.TODO(), n.getExtSwitchName(), n.getExtSwitchRouterPortName()) + _ = n.ovnnb.DeleteLogicalSwitchPort(context.TODO(), n.getExtSwitchName(), n.getExtSwitchRouterPortName()) }) } - err = n.state.OVNNB.UpdateLogicalSwitchPortLinkRouter(context.TODO(), n.getExtSwitchRouterPortName(), n.getRouterExtPortName()) + err = n.ovnnb.UpdateLogicalSwitchPortLinkRouter(context.TODO(), n.getExtSwitchRouterPortName(), n.getRouterExtPortName()) if err != nil { return fmt.Errorf("Failed linking external router port to external switch port: %w", err) } // Create external switch port and link to external provider network. - err = n.state.OVNNB.CreateLogicalSwitchPort(context.TODO(), n.getExtSwitchName(), n.getExtSwitchProviderPortName(), nil, update) + err = n.ovnnb.CreateLogicalSwitchPort(context.TODO(), n.getExtSwitchName(), n.getExtSwitchProviderPortName(), nil, update) if err != nil { return fmt.Errorf("Failed adding external switch provider port: %w", err) } if !update { revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalSwitchPort(context.TODO(), n.getExtSwitchName(), n.getExtSwitchProviderPortName()) + _ = n.ovnnb.DeleteLogicalSwitchPort(context.TODO(), n.getExtSwitchName(), n.getExtSwitchProviderPortName()) }) } - err = n.state.OVNNB.UpdateLogicalSwitchPortLinkProviderNetwork(context.TODO(), n.getExtSwitchProviderPortName(), uplinkNet.extSwitchProviderName) + err = n.ovnnb.UpdateLogicalSwitchPortLinkProviderNetwork(context.TODO(), n.getExtSwitchProviderPortName(), uplinkNet.extSwitchProviderName) if err != nil { return fmt.Errorf("Failed linking external switch provider port to external provider network: %w", err) } @@ -2162,7 +2171,7 @@ func (n *ovn) setup(update bool) error { // Remove any existing SNAT rules on update. As currently these are only defined from the network // config rather than from any instance NIC config, so we can re-create the active config below. if update { - err = n.state.OVNNB.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "snat", true) + err = n.ovnnb.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "snat", true) if err != nil { return fmt.Errorf("Failed removing existing router SNAT rules: %w", err) } @@ -2179,7 +2188,7 @@ func (n *ovn) setup(update bool) error { } } - err = n.state.OVNNB.CreateLogicalRouterNAT(context.TODO(), n.getRouterName(), "snat", routerIntPortIPv4Net, snatIP, nil, false, update) + err = n.ovnnb.CreateLogicalRouterNAT(context.TODO(), n.getRouterName(), "snat", routerIntPortIPv4Net, snatIP, nil, false, update) if err != nil { return fmt.Errorf("Failed adding router IPv4 SNAT rule: %w", err) } @@ -2195,7 +2204,7 @@ func (n *ovn) setup(update bool) error { } } - err = n.state.OVNNB.CreateLogicalRouterNAT(context.TODO(), n.getRouterName(), "snat", routerIntPortIPv6Net, snatIP, nil, false, update) + err = n.ovnnb.CreateLogicalRouterNAT(context.TODO(), n.getRouterName(), "snat", routerIntPortIPv6Net, snatIP, nil, false, update) if err != nil { return fmt.Errorf("Failed adding router IPv6 SNAT rule: %w", err) } @@ -2254,14 +2263,14 @@ func (n *ovn) setup(update bool) error { } if len(deleteRoutes) > 0 { - err = n.state.OVNNB.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), deleteRoutes...) + err = n.ovnnb.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), deleteRoutes...) if err != nil { return fmt.Errorf("Failed removing default routes: %w", err) } } if len(defaultRoutes) > 0 { - err = n.state.OVNNB.CreateLogicalRouterRoute(context.TODO(), n.getRouterName(), update, defaultRoutes...) + err = n.ovnnb.CreateLogicalRouterRoute(context.TODO(), n.getRouterName(), update, defaultRoutes...) if err != nil { return fmt.Errorf("Failed adding default routes: %w", err) } @@ -2307,17 +2316,17 @@ func (n *ovn) setup(update bool) error { } // Create internal logical switch if not updating. - err = n.state.OVNNB.CreateLogicalSwitch(context.TODO(), n.getIntSwitchName(), update) + err = n.ovnnb.CreateLogicalSwitch(context.TODO(), n.getIntSwitchName(), update) if err != nil { return fmt.Errorf("Failed adding internal switch: %w", err) } if !update { - revert.Add(func() { _ = n.state.OVNNB.DeleteLogicalSwitch(context.TODO(), n.getIntSwitchName()) }) + revert.Add(func() { _ = n.ovnnb.DeleteLogicalSwitch(context.TODO(), n.getIntSwitchName()) }) } // Setup IP allocation config on logical switch. - err = n.state.OVNNB.UpdateLogicalSwitchIPAllocation(context.TODO(), n.getIntSwitchName(), &networkOVN.OVNIPAllocationOpts{ + err = n.ovnnb.UpdateLogicalSwitchIPAllocation(context.TODO(), n.getIntSwitchName(), &networkOVN.OVNIPAllocationOpts{ PrefixIPv4: routerIntPortIPv4Net, PrefixIPv6: routerIntPortIPv6Net, ExcludeIPv4: dhcpReserveIPv4s, @@ -2328,36 +2337,36 @@ func (n *ovn) setup(update bool) error { // Create internal switch address sets and add subnets to address set. if update { - err = n.state.OVNNB.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), intSubnets...) + err = n.ovnnb.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), intSubnets...) if err != nil { return fmt.Errorf("Failed adding internal subnet address set entries: %w", err) } } else { - err = n.state.OVNNB.CreateAddressSet(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), intSubnets...) + err = n.ovnnb.CreateAddressSet(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), intSubnets...) if err != nil { return fmt.Errorf("Failed creating internal subnet address set entries: %w", err) } revert.Add(func() { - _ = n.state.OVNNB.DeleteAddressSet(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID())) + _ = n.ovnnb.DeleteAddressSet(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID())) }) } // Apply router security policy. - err = n.logicalRouterPolicySetup(n.state.OVNNB) + err = n.logicalRouterPolicySetup(n.ovnnb) if err != nil { return fmt.Errorf("Failed applying router security policy: %w", err) } // Create internal router port. - err = n.state.OVNNB.CreateLogicalRouterPort(context.TODO(), n.getRouterName(), n.getRouterIntPortName(), routerMAC, bridgeMTU, intRouterIPs, "", update) + err = n.ovnnb.CreateLogicalRouterPort(context.TODO(), n.getRouterName(), n.getRouterIntPortName(), routerMAC, bridgeMTU, intRouterIPs, "", update) if err != nil { return fmt.Errorf("Failed adding internal router port: %w", err) } if !update { revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalRouterPort(context.TODO(), n.getRouterName(), n.getRouterIntPortName()) + _ = n.ovnnb.DeleteLogicalRouterPort(context.TODO(), n.getRouterName(), n.getRouterIntPortName()) }) } @@ -2368,7 +2377,7 @@ func (n *ovn) setup(update bool) error { if update { // Find first existing DHCP options set for IPv4 and IPv6 and update them instead of adding sets. - existingOpts, err := n.state.OVNNB.GetLogicalSwitchDHCPOptions(context.TODO(), n.getIntSwitchName()) + existingOpts, err := n.ovnnb.GetLogicalSwitchDHCPOptions(context.TODO(), n.getIntSwitchName()) if err != nil { return fmt.Errorf("Failed getting existing DHCP settings for internal switch: %w", err) } @@ -2397,7 +2406,7 @@ func (n *ovn) setup(update bool) error { } if len(deleteDHCPRecords) > 0 { - err = n.state.OVNNB.DeleteLogicalSwitchDHCPOption(context.TODO(), n.getIntSwitchName(), deleteDHCPRecords...) + err = n.ovnnb.DeleteLogicalSwitchDHCPOption(context.TODO(), n.getIntSwitchName(), deleteDHCPRecords...) if err != nil { return fmt.Errorf("Failed deleting existing DHCP settings for internal switch: %w", err) } @@ -2412,7 +2421,7 @@ func (n *ovn) setup(update bool) error { dhcpV4Netmask = "255.255.255.255" } - err = n.state.OVNNB.UpdateLogicalSwitchDHCPv4Options(context.TODO(), n.getIntSwitchName(), dhcpv4UUID, dhcpV4Subnet, &networkOVN.OVNDHCPv4Opts{ + err = n.ovnnb.UpdateLogicalSwitchDHCPv4Options(context.TODO(), n.getIntSwitchName(), dhcpv4UUID, dhcpV4Subnet, &networkOVN.OVNDHCPv4Opts{ ServerID: routerIntPortIPv4, ServerMAC: routerMAC, Router: routerIntPortIPv4, @@ -2429,7 +2438,7 @@ func (n *ovn) setup(update bool) error { // Create DHCPv6 options for internal switch. if dhcpV6Subnet != nil { - err = n.state.OVNNB.UpdateLogicalSwitchDHCPv6Options(context.TODO(), n.getIntSwitchName(), dhcpv6UUID, dhcpV6Subnet, &networkOVN.OVNDHCPv6Opts{ + err = n.ovnnb.UpdateLogicalSwitchDHCPv6Options(context.TODO(), n.getIntSwitchName(), dhcpv6UUID, dhcpV6Subnet, &networkOVN.OVNDHCPv6Opts{ ServerID: routerMAC, RecursiveDNSServer: uplinkNet.dnsIPv6, DNSSearchList: n.getDNSSearchList(), @@ -2454,7 +2463,7 @@ func (n *ovn) setup(update bool) error { recursiveDNSServer = uplinkNet.dnsIPv6[0] // OVN only supports 1 RA DNS server. } - err = n.state.OVNNB.UpdateLogicalRouterPort(context.TODO(), n.getRouterIntPortName(), &networkOVN.OVNIPv6RAOpts{ + err = n.ovnnb.UpdateLogicalRouterPort(context.TODO(), n.getRouterIntPortName(), &networkOVN.OVNIPv6RAOpts{ AddressMode: adressMode, SendPeriodic: true, DNSSearchList: n.getDNSSearchList(), @@ -2470,31 +2479,31 @@ func (n *ovn) setup(update bool) error { return fmt.Errorf("Failed setting internal router port IPv6 advertisement settings: %w", err) } } else { - err = n.state.OVNNB.UpdateLogicalRouterPort(context.TODO(), n.getRouterIntPortName(), &networkOVN.OVNIPv6RAOpts{}) + err = n.ovnnb.UpdateLogicalRouterPort(context.TODO(), n.getRouterIntPortName(), &networkOVN.OVNIPv6RAOpts{}) if err != nil { return fmt.Errorf("Failed removing internal router port IPv6 advertisement settings: %w", err) } } // Create internal switch port and link to router port. - err = n.state.OVNNB.CreateLogicalSwitchPort(context.TODO(), n.getIntSwitchName(), n.getIntSwitchRouterPortName(), nil, update) + err = n.ovnnb.CreateLogicalSwitchPort(context.TODO(), n.getIntSwitchName(), n.getIntSwitchRouterPortName(), nil, update) if err != nil { return fmt.Errorf("Failed adding internal switch router port: %w", err) } if !update { revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalSwitchPort(context.TODO(), n.getIntSwitchName(), n.getIntSwitchRouterPortName()) + _ = n.ovnnb.DeleteLogicalSwitchPort(context.TODO(), n.getIntSwitchName(), n.getIntSwitchRouterPortName()) }) } - err = n.state.OVNNB.UpdateLogicalSwitchPortLinkRouter(context.TODO(), n.getIntSwitchRouterPortName(), n.getRouterIntPortName()) + err = n.ovnnb.UpdateLogicalSwitchPortLinkRouter(context.TODO(), n.getIntSwitchRouterPortName(), n.getRouterIntPortName()) if err != nil { return fmt.Errorf("Failed linking internal router port to internal switch port: %w", err) } // Apply baseline ACL rules to internal logical switch. - err = acl.OVNApplyNetworkBaselineRules(n.state.OVNNB, n.getIntSwitchName(), n.getIntSwitchRouterPortName(), intRouterIPs, append(uplinkNet.dnsIPv4, uplinkNet.dnsIPv6...)) + err = acl.OVNApplyNetworkBaselineRules(n.ovnnb, n.getIntSwitchName(), n.getIntSwitchRouterPortName(), intRouterIPs, append(uplinkNet.dnsIPv4, uplinkNet.dnsIPv6...)) if err != nil { return fmt.Errorf("Failed applying baseline ACL rules to internal switch: %w", err) } @@ -2527,7 +2536,7 @@ func (n *ovn) setup(update bool) error { n.Name(): {Name: n.Name(), Type: n.Type(), ID: n.ID(), Config: n.Config()}, } - cleanup, err := acl.OVNEnsureACLs(n.state, n.logger, n.state.OVNNB, n.Project(), aclNameIDs, aclNets, securityACLS, false) + cleanup, err := acl.OVNEnsureACLs(n.state, n.logger, n.ovnnb, n.Project(), aclNameIDs, aclNets, securityACLS, false) if err != nil { return fmt.Errorf("Failed ensuring security ACLs are configured in OVN for network: %w", err) } @@ -2600,7 +2609,7 @@ func (n *ovn) logicalRouterPolicySetup(ovnnb *networkOVN.NB, excludePeers ...int return err } - return n.state.OVNNB.UpdateLogicalRouterPolicy(context.TODO(), n.getRouterName(), policies...) + return n.ovnnb.UpdateLogicalRouterPolicy(context.TODO(), n.getRouterName(), policies...) } // ensureNetworkPortGroup ensures that the network level port group (used for classifying NICs connected to this @@ -2608,7 +2617,7 @@ func (n *ovn) logicalRouterPolicySetup(ovnnb *networkOVN.NB, excludePeers ...int func (n *ovn) ensureNetworkPortGroup(projectID int64) error { // Create port group (if needed) for NICs to classify as internal. intPortGroupName := acl.OVNIntSwitchPortGroupName(n.ID()) - intPortGroupUUID, _, err := n.state.OVNNB.GetPortGroupInfo(context.TODO(), intPortGroupName) + intPortGroupUUID, _, err := n.ovnnb.GetPortGroupInfo(context.TODO(), intPortGroupName) if err != nil { return fmt.Errorf("Failed getting port group UUID for network %q setup: %w", n.Name(), err) } @@ -2616,7 +2625,7 @@ func (n *ovn) ensureNetworkPortGroup(projectID int64) error { if intPortGroupUUID == "" { // Create internal port group and associate it with the logical switch, so that it will be // removed when the logical switch is removed. - err = n.state.OVNNB.CreatePortGroup(context.TODO(), projectID, intPortGroupName, "", n.getIntSwitchName()) + err = n.ovnnb.CreatePortGroup(context.TODO(), projectID, intPortGroupName, "", n.getIntSwitchName()) if err != nil { return fmt.Errorf("Failed creating port group %q for network %q setup: %w", intPortGroupName, n.Name(), err) } @@ -2681,7 +2690,7 @@ func (n *ovn) addChassisGroupEntry() error { } } - err = n.state.OVNNB.SetChassisGroupPriority(context.TODO(), chassisGroupName, chassisID, priority) + err = n.ovnnb.SetChassisGroupPriority(context.TODO(), chassisGroupName, chassisID, priority) if err != nil { return fmt.Errorf("Failed adding OVS chassis %q with priority %d to chassis group %q: %w", chassisID, priority, chassisGroupName, err) } @@ -2704,7 +2713,7 @@ func (n *ovn) deleteChassisGroupEntry() error { return fmt.Errorf("Failed getting OVS Chassis ID: %w", err) } - err = n.state.OVNNB.SetChassisGroupPriority(context.TODO(), n.getChassisGroupName(), chassisID, -1) + err = n.ovnnb.SetChassisGroupPriority(context.TODO(), n.getChassisGroupName(), chassisID, -1) if err != nil && err != ovs.ErrNotFound { return fmt.Errorf("Failed deleting OVS chassis %q from chassis group %q: %w", chassisID, n.getChassisGroupName(), err) } @@ -2723,31 +2732,31 @@ func (n *ovn) Delete(clientType request.ClientType) error { if clientType == request.ClientTypeNormal { // Delete the router and anything tied to it (router ports, static routes, policies, nat, ...). - err = n.state.OVNNB.DeleteLogicalRouter(context.TODO(), n.getRouterName()) + err = n.ovnnb.DeleteLogicalRouter(context.TODO(), n.getRouterName()) if err != nil { return err } // Delete the external logical switch and anything tied to it (ports, ...). - err = n.state.OVNNB.DeleteLogicalSwitch(context.TODO(), n.getExtSwitchName()) + err = n.ovnnb.DeleteLogicalSwitch(context.TODO(), n.getExtSwitchName()) if err != nil { return err } // Delete the internal logical switch and anything tied to it (ports, ...). - err = n.state.OVNNB.DeleteLogicalSwitch(context.TODO(), n.getIntSwitchName()) + err = n.ovnnb.DeleteLogicalSwitch(context.TODO(), n.getIntSwitchName()) if err != nil { return err } // Delete any related address sets. - err = n.state.OVNNB.DeleteAddressSet(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID())) + err = n.ovnnb.DeleteAddressSet(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID())) if err != nil { return err } // Delete the chassis group for the network. - err = n.state.OVNNB.DeleteChassisGroup(context.TODO(), n.getChassisGroupName()) + err = n.ovnnb.DeleteChassisGroup(context.TODO(), n.getChassisGroupName()) if err != nil { return err } @@ -2755,7 +2764,7 @@ func (n *ovn) Delete(clientType request.ClientType) error { // Clean up any now unused port group. securityACLs := util.SplitNTrimSpace(n.config["security.acls"], ",", -1, true) if len(securityACLs) > 0 { - err = acl.OVNPortGroupDeleteIfUnused(n.state, n.logger, n.state.OVNNB, n.project, &api.Network{Name: n.name}, "") + err = acl.OVNPortGroupDeleteIfUnused(n.state, n.logger, n.ovnnb, n.project, &api.Network{Name: n.name}, "") if err != nil { return fmt.Errorf("Failed removing unused OVN port groups: %w", err) } @@ -2793,7 +2802,7 @@ func (n *ovn) Delete(clientType request.ClientType) error { loadBalancers = append(loadBalancers, n.getLoadBalancerName(listenAddress)) } - err = n.state.OVNNB.DeleteLoadBalancer(context.TODO(), loadBalancers...) + err = n.ovnnb.DeleteLoadBalancer(context.TODO(), loadBalancers...) if err != nil { return fmt.Errorf("Failed deleting network forwards and load balancers: %w", err) } @@ -3088,7 +3097,7 @@ func (n *ovn) Update(newNetwork api.NetworkPut, targetNode string, clientType re removeChangeSet := map[networkOVN.OVNPortGroup][]networkOVN.OVNSwitchPortUUID{} // Get list of active switch ports (avoids repeated querying of OVN NB). - activePorts, err := n.state.OVNNB.GetLogicalSwitchPorts(context.TODO(), n.getIntSwitchName()) + activePorts, err := n.ovnnb.GetLogicalSwitchPorts(context.TODO(), n.getIntSwitchName()) if err != nil { return fmt.Errorf("Failed getting active ports: %w", err) } @@ -3148,7 +3157,7 @@ func (n *ovn) Update(newNetwork api.NetworkPut, targetNode string, clientType re // If there are no ACLs being applied to the NIC (either from network or NIC) then // we should remove the default rule from the NIC. if len(newACLs) <= 0 && len(nicACLs) <= 0 { - err = n.state.OVNNB.ClearPortGroupPortACLRules(context.TODO(), acl.OVNIntSwitchPortGroupName(n.ID()), instancePortName) + err = n.ovnnb.ClearPortGroupPortACLRules(context.TODO(), acl.OVNIntSwitchPortGroupName(n.ID()), instancePortName) if err != nil { return fmt.Errorf("Failed clearing OVN default ACL rules for instance NIC: %w", err) } @@ -3178,7 +3187,7 @@ func (n *ovn) Update(newNetwork api.NetworkPut, targetNode string, clientType re egressAction, egressLogged := n.instanceDeviceACLDefaults(nicConfig, "egress") logPrefix := fmt.Sprintf("%s-%s", inst.Config["volatile.uuid"], nicName) - err = acl.OVNApplyInstanceNICDefaultRules(n.state.OVNNB, acl.OVNIntSwitchPortGroupName(n.ID()), logPrefix, instancePortName, ingressAction, ingressLogged, egressAction, egressLogged) + err = acl.OVNApplyInstanceNICDefaultRules(n.ovnnb, acl.OVNIntSwitchPortGroupName(n.ID()), logPrefix, instancePortName, ingressAction, ingressLogged, egressAction, egressLogged) if err != nil { return fmt.Errorf("Failed applying OVN default ACL rules for instance NIC: %w", err) } @@ -3200,7 +3209,7 @@ func (n *ovn) Update(newNetwork api.NetworkPut, targetNode string, clientType re // Apply add/remove changesets. if len(addChangeSet) > 0 || len(removeChangeSet) > 0 { n.logger.Debug("Applying ACL port group member change sets") - err = n.state.OVNNB.UpdatePortGroupMembers(context.TODO(), addChangeSet, removeChangeSet) + err = n.ovnnb.UpdatePortGroupMembers(context.TODO(), addChangeSet, removeChangeSet) if err != nil { return fmt.Errorf("Failed applying OVN port group member change sets for instance NIC: %w", err) } @@ -3208,14 +3217,14 @@ func (n *ovn) Update(newNetwork api.NetworkPut, targetNode string, clientType re // Check if any of the removed ACLs should have any unused port groups deleted. if len(removedACLs) > 0 { - err = acl.OVNPortGroupDeleteIfUnused(n.state, n.logger, n.state.OVNNB, n.project, &api.Network{Name: n.name}, "", newACLs...) + err = acl.OVNPortGroupDeleteIfUnused(n.state, n.logger, n.ovnnb, n.project, &api.Network{Name: n.name}, "", newACLs...) if err != nil { return fmt.Errorf("Failed removing unused OVN port groups: %w", err) } } // Ensure all active NIC routes are present in internal switch's address set. - err = n.state.OVNNB.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), localNICRoutes...) + err = n.ovnnb.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), localNICRoutes...) if err != nil { return fmt.Errorf("Failed adding active NIC routes to switch address set: %w", err) } @@ -3227,7 +3236,7 @@ func (n *ovn) Update(newNetwork api.NetworkPut, targetNode string, clientType re rebuildPeers = true _, oldRouterIntPortIPNet, _ := net.ParseCIDR(oldNetwork.Config[key]) if oldRouterIntPortIPNet != nil { - err = n.state.OVNNB.UpdateAddressSetRemove(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), *oldRouterIntPortIPNet) + err = n.ovnnb.UpdateAddressSetRemove(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), *oldRouterIntPortIPNet) if err != nil { return fmt.Errorf("Failed removing old network subnet %q from switch address set: %w", oldRouterIntPortIPNet.String(), err) } @@ -3243,7 +3252,7 @@ func (n *ovn) Update(newNetwork api.NetworkPut, targetNode string, clientType re } err = n.forPeers(func(targetOVNNet *ovn) error { - err = n.peerSetup(n.state.OVNNB, targetOVNNet, *opts) + err = n.peerSetup(n.ovnnb, targetOVNNet, *opts) if err != nil { return err } @@ -3425,27 +3434,27 @@ func (n *ovn) InstanceDevicePortAdd(instanceUUID string, deviceName string, devi revert := revert.New() defer revert.Fail() - dnsUUID, err := n.state.OVNNB.UpdateLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), instancePortName, "", nil) + dnsUUID, err := n.ovnnb.UpdateLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), instancePortName, "", nil) if err != nil { return fmt.Errorf("Failed adding DNS record: %w", err) } revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), dnsUUID, true) + _ = n.ovnnb.DeleteLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), dnsUUID, true) }) // If NIC has static IPv4 address then create a DHCPv4 reservation. if deviceConfig["ipv4.address"] != "" { ip := net.ParseIP(deviceConfig["ipv4.address"]) if ip != nil { - dhcpReservations, err := n.state.OVNNB.GetLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName()) + dhcpReservations, err := n.ovnnb.GetLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName()) if err != nil { return fmt.Errorf("Failed getting DHCPv4 reservations: %w", err) } if !n.hasDHCPv4Reservation(dhcpReservations, ip) { dhcpReservations = append(dhcpReservations, iprange.Range{Start: ip}) - err = n.state.OVNNB.UpdateLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName(), dhcpReservations) + err = n.ovnnb.UpdateLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName(), dhcpReservations) if err != nil { return fmt.Errorf("Failed adding DHCPv4 reservation for %q: %w", ip.String(), err) } @@ -3506,7 +3515,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL // Get existing DHCPv4 static reservations. // This is used for both checking sticky DHCPv4 allocation availability and for ensuring static DHCP // reservations exist. - dhcpReservations, err := n.state.OVNNB.GetLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName()) + dhcpReservations, err := n.ovnnb.GetLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName()) if err != nil { return "", nil, fmt.Errorf("Failed getting DHCPv4 reservations: %w", err) } @@ -3517,7 +3526,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL if dhcpv4Subnet != nil || dhcpv6Subnet != nil { // Find existing DHCP options set for IPv4 and IPv6 and update them instead of adding sets. - existingOpts, err := n.state.OVNNB.GetLogicalSwitchDHCPOptions(context.TODO(), n.getIntSwitchName()) + existingOpts, err := n.ovnnb.GetLogicalSwitchDHCPOptions(context.TODO(), n.getIntSwitchName()) if err != nil { return "", nil, fmt.Errorf("Failed getting existing DHCP settings for internal switch: %w", err) } @@ -3554,7 +3563,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL // If the sticky IP isn't statically reserved, lets check its not used dynamically // on any active port. if !n.hasDHCPv4Reservation(dhcpReservations, dhcpV4StickyIP) { - existingPortIPs, err := n.state.OVNNB.GetLogicalSwitchIPs(context.TODO(), n.getIntSwitchName()) + existingPortIPs, err := n.ovnnb.GetLogicalSwitchIPs(context.TODO(), n.getIntSwitchName()) if err != nil { return "", nil, fmt.Errorf("Failed getting existing switch port IPs: %w", err) } @@ -3635,7 +3644,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL // to configure the port as needed. This is required in case the OVN northbound database was unavailable // when the instance NIC was stopped and was unable to remove the port on last stop, which would otherwise // prevent future NIC starts. - err = n.state.OVNNB.CreateLogicalSwitchPort(context.TODO(), n.getIntSwitchName(), instancePortName, &networkOVN.OVNSwitchPortOpts{ + err = n.ovnnb.CreateLogicalSwitchPort(context.TODO(), n.getIntSwitchName(), instancePortName, &networkOVN.OVNSwitchPortOpts{ DHCPv4OptsID: dhcpV4ID, DHCPv6OptsID: dhcpv6ID, MAC: mac, @@ -3649,7 +3658,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL } revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalSwitchPort(context.TODO(), n.getIntSwitchName(), instancePortName) + _ = n.ovnnb.DeleteLogicalSwitchPort(context.TODO(), n.getIntSwitchName(), instancePortName) }) // Add DNS records for port's IPs, and retrieve the IP addresses used. @@ -3682,7 +3691,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL // Retry a few times in case port has not yet allocated dynamic IPs. for i := 0; i < 10; i++ { - dynamicIPs, err = n.state.OVNNB.GetLogicalSwitchPortDynamicIPs(context.TODO(), instancePortName) + dynamicIPs, err = n.ovnnb.GetLogicalSwitchPortDynamicIPs(context.TODO(), instancePortName) if err == nil { if len(dynamicIPs) > 0 { break @@ -3706,13 +3715,13 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL } dnsName := fmt.Sprintf("%s.%s", opts.DNSName, n.getDomainName()) - dnsUUID, err := n.state.OVNNB.UpdateLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), instancePortName, dnsName, dnsIPs) + dnsUUID, err := n.ovnnb.UpdateLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), instancePortName, dnsName, dnsIPs) if err != nil { return "", nil, fmt.Errorf("Failed setting DNS for %q: %w", dnsName, err) } revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), dnsUUID, false) + _ = n.ovnnb.DeleteLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), dnsUUID, false) }) // If NIC has static IPv4 address then ensure a DHCPv4 reservation exists. @@ -3722,7 +3731,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL if opts.DeviceConfig["ipv4.address"] != "" && dnsIPv4 != nil { if !n.hasDHCPv4Reservation(dhcpReservations, dnsIPv4) { dhcpReservations = append(dhcpReservations, iprange.Range{Start: dnsIPv4}) - err = n.state.OVNNB.UpdateLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName(), dhcpReservations) + err = n.ovnnb.UpdateLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName(), dhcpReservations) if err != nil { return "", nil, fmt.Errorf("Failed adding DHCPv4 reservation for %q: %w", dnsIPv4.String(), err) } @@ -3748,13 +3757,13 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL continue // No qualifying target IP from DNS records. } - err = n.state.OVNNB.CreateLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", nil, ip, ip, true, true) + err = n.ovnnb.CreateLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", nil, ip, ip, true, true) if err != nil { return "", nil, err } revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", false, ip) + _ = n.ovnnb.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", false, ip) }) } } @@ -3814,13 +3823,13 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL // DNAT doesn't support whole subnets. if slices.Contains([]string{"l2proxy", ""}, opts.UplinkConfig["ovn.ingress_mode"]) { err = SubnetIterate(externalRoute, func(ip net.IP) error { - err = n.state.OVNNB.CreateLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", nil, ip, ip, true, true) + err = n.ovnnb.CreateLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", nil, ip, ip, true, true) if err != nil { return err } revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", false, ip) + _ = n.ovnnb.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", false, ip) }) return nil @@ -3833,7 +3842,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL if len(routes) > 0 { // Add routes to local router. - err = n.state.OVNNB.CreateLogicalRouterRoute(context.TODO(), n.getRouterName(), true, routes...) + err = n.ovnnb.CreateLogicalRouterRoute(context.TODO(), n.getRouterName(), true, routes...) if err != nil { return "", nil, err } @@ -3844,17 +3853,17 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL } revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), routePrefixes...) + _ = n.ovnnb.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), routePrefixes...) }) // Add routes to internal switch's address set for ACL usage. - err = n.state.OVNNB.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), routePrefixes...) + err = n.ovnnb.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), routePrefixes...) if err != nil { return "", nil, fmt.Errorf("Failed adding switch address set entries: %w", err) } revert.Add(func() { - _ = n.state.OVNNB.UpdateAddressSetRemove(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), routePrefixes...) + _ = n.ovnnb.UpdateAddressSetRemove(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), routePrefixes...) }) routerIntPortIPv4, _, err := n.parseRouterIntPortIPv4Net() @@ -3889,12 +3898,12 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL }) } - err = n.state.OVNNB.CreateLogicalRouterRoute(context.TODO(), targetRouterName, true, targetRouterRoutes...) + err = n.ovnnb.CreateLogicalRouterRoute(context.TODO(), targetRouterName, true, targetRouterRoutes...) if err != nil { return fmt.Errorf("Failed adding static routes to peer network %q in project %q: %w", targetOVNNet.Name(), targetOVNNet.Project(), err) } - revert.Add(func() { _ = n.state.OVNNB.DeleteLogicalRouterRoute(context.TODO(), targetRouterName, routePrefixes...) }) + revert.Add(func() { _ = n.ovnnb.DeleteLogicalRouterRoute(context.TODO(), targetRouterName, routePrefixes...) }) return nil }) @@ -3918,7 +3927,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL removeChangeSet := map[networkOVN.OVNPortGroup][]networkOVN.OVNSwitchPortUUID{} // Get logical port UUID. - portUUID, err := n.state.OVNNB.GetLogicalSwitchPortUUID(context.TODO(), instancePortName) + portUUID, err := n.ovnnb.GetLogicalSwitchPortUUID(context.TODO(), instancePortName) if err != nil || portUUID == "" { return "", nil, fmt.Errorf("Failed getting logical port UUID for security ACL removal: %w", err) } @@ -3947,7 +3956,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL n.Name(): {Name: n.Name(), Type: n.Type(), ID: n.ID(), Config: n.Config()}, } - cleanup, err := acl.OVNEnsureACLs(n.state, n.logger, n.state.OVNNB, n.Project(), aclNameIDs, aclNets, nicACLNames, false) + cleanup, err := acl.OVNEnsureACLs(n.state, n.logger, n.ovnnb, n.Project(), aclNameIDs, aclNets, nicACLNames, false) if err != nil { return "", nil, fmt.Errorf("Failed ensuring security ACLs are configured in OVN for instance: %w", err) } @@ -3991,7 +4000,7 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL // be populated even if no ACLs being applied, because the NIC port needs to be added to the network level // port group. n.logger.Debug("Applying instance NIC port group member change sets") - err = n.state.OVNNB.UpdatePortGroupMembers(context.TODO(), addChangeSet, removeChangeSet) + err = n.ovnnb.UpdatePortGroupMembers(context.TODO(), addChangeSet, removeChangeSet) if err != nil { return "", nil, fmt.Errorf("Failed applying OVN port group member change sets for instance NIC: %w", err) } @@ -4002,14 +4011,14 @@ func (n *ovn) InstanceDevicePortStart(opts *OVNInstanceNICSetupOpts, securityACL egressAction, egressLogged := n.instanceDeviceACLDefaults(opts.DeviceConfig, "egress") logPrefix := fmt.Sprintf("%s-%s", opts.InstanceUUID, opts.DeviceName) - err = acl.OVNApplyInstanceNICDefaultRules(n.state.OVNNB, acl.OVNIntSwitchPortGroupName(n.ID()), logPrefix, instancePortName, ingressAction, ingressLogged, egressAction, egressLogged) + err = acl.OVNApplyInstanceNICDefaultRules(n.ovnnb, acl.OVNIntSwitchPortGroupName(n.ID()), logPrefix, instancePortName, ingressAction, ingressLogged, egressAction, egressLogged) if err != nil { return "", nil, fmt.Errorf("Failed applying OVN default ACL rules for instance NIC: %w", err) } n.logger.Debug("Set NIC default rule", logger.Ctx{"port": instancePortName, "ingressAction": ingressAction, "ingressLogged": ingressLogged, "egressAction": egressAction, "egressLogged": egressLogged}) } else { - err = n.state.OVNNB.ClearPortGroupPortACLRules(context.TODO(), acl.OVNIntSwitchPortGroupName(n.ID()), instancePortName) + err = n.ovnnb.ClearPortGroupPortACLRules(context.TODO(), acl.OVNIntSwitchPortGroupName(n.ID()), instancePortName) if err != nil { return "", nil, fmt.Errorf("Failed clearing OVN default ACL rules for instance NIC: %w", err) } @@ -4050,7 +4059,7 @@ func (n *ovn) InstanceDevicePortIPs(instanceUUID string, deviceName string) ([]n instancePortName := n.getInstanceDevicePortName(instanceUUID, deviceName) - devIPs, err := n.state.OVNNB.GetLogicalSwitchPortIPs(context.TODO(), instancePortName) + devIPs, err := n.ovnnb.GetLogicalSwitchPortIPs(context.TODO(), instancePortName) if err != nil { return nil, fmt.Errorf("Failed to get OVN switch port IPs: %w", err) } @@ -4072,7 +4081,7 @@ func (n *ovn) InstanceDevicePortStop(ovsExternalOVNPort networkOVN.OVNSwitchPort source = "internal" } - portLocation, err := n.state.OVNNB.GetLogicalSwitchPortLocation(context.TODO(), instancePortName) + portLocation, err := n.ovnnb.GetLogicalSwitchPortLocation(context.TODO(), instancePortName) if err != nil { return fmt.Errorf("Failed getting instance switch port options: %w", err) } @@ -4102,13 +4111,13 @@ func (n *ovn) InstanceDevicePortStop(ovsExternalOVNPort networkOVN.OVNSwitchPort } // Get DNS records. - dnsUUID, _, dnsIPs, err := n.state.OVNNB.GetLogicalSwitchPortDNS(context.TODO(), instancePortName) + dnsUUID, _, dnsIPs, err := n.ovnnb.GetLogicalSwitchPortDNS(context.TODO(), instancePortName) if err != nil { return err } // Cleanup logical switch port and associated config. - err = n.state.OVNNB.CleanupLogicalSwitchPort(context.TODO(), instancePortName, n.getIntSwitchName(), acl.OVNIntSwitchPortGroupName(n.ID()), dnsUUID) + err = n.ovnnb.CleanupLogicalSwitchPort(context.TODO(), instancePortName, n.getIntSwitchName(), acl.OVNIntSwitchPortGroupName(n.ID()), dnsUUID) if err != nil { return err } @@ -4153,13 +4162,13 @@ func (n *ovn) InstanceDevicePortStop(ovsExternalOVNPort networkOVN.OVNSwitchPort if len(removeRoutes) > 0 { // Delete routes from local router. - err = n.state.OVNNB.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), removeRoutes...) + err = n.ovnnb.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), removeRoutes...) if err != nil { return err } // Delete routes from switch address set. - err = n.state.OVNNB.UpdateAddressSetRemove(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), removeRoutes...) + err = n.ovnnb.UpdateAddressSetRemove(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), removeRoutes...) if err != nil { return fmt.Errorf("Failed deleting switch address set entries: %w", err) } @@ -4167,7 +4176,7 @@ func (n *ovn) InstanceDevicePortStop(ovsExternalOVNPort networkOVN.OVNSwitchPort // Delete routes from peer routers. err = n.forPeers(func(targetOVNNet *ovn) error { targetRouterName := targetOVNNet.getRouterName() - err = n.state.OVNNB.DeleteLogicalRouterRoute(context.TODO(), targetRouterName, removeRoutes...) + err = n.ovnnb.DeleteLogicalRouterRoute(context.TODO(), targetRouterName, removeRoutes...) if err != nil { return fmt.Errorf("Failed deleting static routes from peer network %q in project %q: %w", targetOVNNet.Name(), targetOVNNet.Project(), err) } @@ -4180,7 +4189,7 @@ func (n *ovn) InstanceDevicePortStop(ovsExternalOVNPort networkOVN.OVNSwitchPort } if len(removeNATIPs) > 0 { - err = n.state.OVNNB.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", false, removeNATIPs...) + err = n.ovnnb.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", false, removeNATIPs...) if err != nil { return err } @@ -4199,7 +4208,7 @@ func (n *ovn) InstanceDevicePortRemove(instanceUUID string, deviceName string, d defer revert.Fail() // Get DNS records. - dnsUUID, _, _, err := n.state.OVNNB.GetLogicalSwitchPortDNS(context.TODO(), instancePortName) + dnsUUID, _, _, err := n.ovnnb.GetLogicalSwitchPortDNS(context.TODO(), instancePortName) if err != nil { return err } @@ -4210,7 +4219,7 @@ func (n *ovn) InstanceDevicePortRemove(instanceUUID string, deviceName string, d if deviceConfig["ipv4.address"] != "" { ip := net.ParseIP(deviceConfig["ipv4.address"]) if ip != nil { - dhcpReservations, err := n.state.OVNNB.GetLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName()) + dhcpReservations, err := n.ovnnb.GetLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName()) if err != nil { return fmt.Errorf("Failed getting DHCPv4 reservations: %w", err) } @@ -4229,7 +4238,7 @@ func (n *ovn) InstanceDevicePortRemove(instanceUUID string, deviceName string, d } if found { - err = n.state.OVNNB.UpdateLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName(), dhcpReservationsNew) + err = n.ovnnb.UpdateLogicalSwitchDHCPv4Revervations(context.TODO(), n.getIntSwitchName(), dhcpReservationsNew) if err != nil { return fmt.Errorf("Failed removing DHCPv4 reservation for %q: %w", ip.String(), err) } @@ -4237,7 +4246,7 @@ func (n *ovn) InstanceDevicePortRemove(instanceUUID string, deviceName string, d } } - err = n.state.OVNNB.DeleteLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), dnsUUID, true) + err = n.ovnnb.DeleteLogicalSwitchPortDNS(context.TODO(), n.getIntSwitchName(), dnsUUID, true) if err != nil { return fmt.Errorf("Failed deleting DNS record: %w", err) } @@ -4450,7 +4459,7 @@ func (n *ovn) handleDependencyChange(uplinkName string, uplinkConfig map[string] if slices.Contains([]string{"l2proxy", ""}, uplinkConfig["ovn.ingress_mode"]) { // Get list of active switch ports (avoids repeated querying of OVN NB). - activePorts, err := n.state.OVNNB.GetLogicalSwitchPorts(context.TODO(), n.getIntSwitchName()) + activePorts, err := n.ovnnb.GetLogicalSwitchPorts(context.TODO(), n.getIntSwitchName()) if err != nil { return fmt.Errorf("Failed getting active ports: %w", err) } @@ -4514,7 +4523,7 @@ func (n *ovn) handleDependencyChange(uplinkName string, uplinkConfig map[string] } else { // Remove all DNAT_AND_SNAT rules if not using l2proxy ingress mode, as currently we only // use DNAT_AND_SNAT rules for this feature so it is safe to do. - err := n.state.OVNNB.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", true) + err := n.ovnnb.DeleteLogicalRouterNAT(context.TODO(), n.getRouterName(), "dnat_and_snat", true) if err != nil { return fmt.Errorf("Failed deleting instance NIC ingress mode l2proxy rules: %w", err) } @@ -4676,13 +4685,13 @@ func (n *ovn) ForwardCreate(forward api.NetworkForwardsPost, clientType request. return tx.DeleteNetworkForward(ctx, n.ID(), forwardID) }) - _ = n.state.OVNNB.DeleteLoadBalancer(context.TODO(), n.getLoadBalancerName(forward.ListenAddress)) + _ = n.ovnnb.DeleteLoadBalancer(context.TODO(), n.getLoadBalancerName(forward.ListenAddress)) _ = n.forwardBGPSetupPrefixes() }) vips := n.forwardFlattenVIPs(net.ParseIP(forward.ListenAddress), net.ParseIP(forward.Config["target_address"]), portMaps) - err = n.state.OVNNB.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(forward.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) + err = n.ovnnb.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(forward.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) if err != nil { return fmt.Errorf("Failed applying OVN load balancer: %w", err) } @@ -4702,13 +4711,13 @@ func (n *ovn) ForwardCreate(forward api.NetworkForwardsPost, clientType request. } if nexthop != nil { - err = n.state.OVNNB.CreateLogicalRouterRoute(context.TODO(), n.getRouterName(), true, networkOVN.OVNRouterRoute{NextHop: nexthop, Prefix: *listenAddressNet}) + err = n.ovnnb.CreateLogicalRouterRoute(context.TODO(), n.getRouterName(), true, networkOVN.OVNRouterRoute{NextHop: nexthop, Prefix: *listenAddressNet}) if err != nil { return err } revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), *listenAddressNet) + _ = n.ovnnb.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), *listenAddressNet) }) } @@ -4783,7 +4792,7 @@ func (n *ovn) ForwardUpdate(listenAddress string, req api.NetworkForwardPut, cli } vips := n.forwardFlattenVIPs(net.ParseIP(newForward.ListenAddress), net.ParseIP(newForward.Config["target_address"]), portMaps) - err = n.state.OVNNB.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(newForward.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) + err = n.ovnnb.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(newForward.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) if err != nil { return fmt.Errorf("Failed applying OVN load balancer: %w", err) } @@ -4793,7 +4802,7 @@ func (n *ovn) ForwardUpdate(listenAddress string, req api.NetworkForwardPut, cli portMaps, err := n.forwardValidate(net.ParseIP(curForward.ListenAddress), &curForward.NetworkForwardPut) if err == nil { vips := n.forwardFlattenVIPs(net.ParseIP(curForward.ListenAddress), net.ParseIP(curForward.Config["target_address"]), portMaps) - _ = n.state.OVNNB.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(curForward.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) + _ = n.ovnnb.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(curForward.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) _ = n.forwardBGPSetupPrefixes() } }) @@ -4855,7 +4864,7 @@ func (n *ovn) ForwardDelete(listenAddress string, clientType request.ClientType) } // Delete the network forward itself. - err = n.state.OVNNB.DeleteLoadBalancer(context.TODO(), n.getLoadBalancerName(forward.ListenAddress)) + err = n.ovnnb.DeleteLoadBalancer(context.TODO(), n.getLoadBalancerName(forward.ListenAddress)) if err != nil { return fmt.Errorf("Failed deleting OVN load balancer: %w", err) } @@ -4866,7 +4875,7 @@ func (n *ovn) ForwardDelete(listenAddress string, clientType request.ClientType) return err } - _ = n.state.OVNNB.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), *vip) + _ = n.ovnnb.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), *vip) // Delete the database records. err = n.state.DB.Cluster.Transaction(context.TODO(), func(ctx context.Context, tx *db.ClusterTx) error { @@ -5046,13 +5055,13 @@ func (n *ovn) LoadBalancerCreate(loadBalancer api.NetworkLoadBalancersPost, clie return tx.DeleteNetworkLoadBalancer(ctx, n.ID(), loadBalancerID) }) - _ = n.state.OVNNB.DeleteLoadBalancer(context.TODO(), n.getLoadBalancerName(loadBalancer.ListenAddress)) + _ = n.ovnnb.DeleteLoadBalancer(context.TODO(), n.getLoadBalancerName(loadBalancer.ListenAddress)) _ = n.loadBalancerBGPSetupPrefixes() }) vips := n.loadBalancerFlattenVIPs(net.ParseIP(loadBalancer.ListenAddress), portMaps) - err = n.state.OVNNB.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(loadBalancer.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) + err = n.ovnnb.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(loadBalancer.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) if err != nil { return fmt.Errorf("Failed applying OVN load balancer: %w", err) } @@ -5072,13 +5081,13 @@ func (n *ovn) LoadBalancerCreate(loadBalancer api.NetworkLoadBalancersPost, clie } if nexthop != nil { - err = n.state.OVNNB.CreateLogicalRouterRoute(context.TODO(), n.getRouterName(), true, networkOVN.OVNRouterRoute{NextHop: nexthop, Prefix: *listenAddressNet}) + err = n.ovnnb.CreateLogicalRouterRoute(context.TODO(), n.getRouterName(), true, networkOVN.OVNRouterRoute{NextHop: nexthop, Prefix: *listenAddressNet}) if err != nil { return err } revert.Add(func() { - _ = n.state.OVNNB.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), *listenAddressNet) + _ = n.ovnnb.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), *listenAddressNet) }) } @@ -5154,7 +5163,7 @@ func (n *ovn) LoadBalancerUpdate(listenAddress string, req api.NetworkLoadBalanc vips := n.loadBalancerFlattenVIPs(net.ParseIP(newLoadBalancer.ListenAddress), portMaps) - err = n.state.OVNNB.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(newLoadBalancer.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) + err = n.ovnnb.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(newLoadBalancer.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) if err != nil { return fmt.Errorf("Failed applying OVN load balancer: %w", err) } @@ -5164,7 +5173,7 @@ func (n *ovn) LoadBalancerUpdate(listenAddress string, req api.NetworkLoadBalanc portMaps, err := n.loadBalancerValidate(net.ParseIP(curLoadBalancer.ListenAddress), &curLoadBalancer.NetworkLoadBalancerPut) if err == nil { vips := n.loadBalancerFlattenVIPs(net.ParseIP(curLoadBalancer.ListenAddress), portMaps) - _ = n.state.OVNNB.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(curLoadBalancer.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) + _ = n.ovnnb.CreateLoadBalancer(context.TODO(), n.getLoadBalancerName(curLoadBalancer.ListenAddress), []networkOVN.OVNRouter{n.getRouterName()}, []networkOVN.OVNSwitch{n.getIntSwitchName()}, vips...) _ = n.forwardBGPSetupPrefixes() } }) @@ -5226,7 +5235,7 @@ func (n *ovn) LoadBalancerDelete(listenAddress string, clientType request.Client } // Delete the load balancer itself. - err = n.state.OVNNB.DeleteLoadBalancer(context.TODO(), n.getLoadBalancerName(forward.ListenAddress)) + err = n.ovnnb.DeleteLoadBalancer(context.TODO(), n.getLoadBalancerName(forward.ListenAddress)) if err != nil { return fmt.Errorf("Failed deleting OVN load balancer: %w", err) } @@ -5237,7 +5246,7 @@ func (n *ovn) LoadBalancerDelete(listenAddress string, clientType request.Client return err } - _ = n.state.OVNNB.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), *vip) + _ = n.ovnnb.DeleteLogicalRouterRoute(context.TODO(), n.getRouterName(), *vip) // Delete the database records. err = n.state.DB.Cluster.Transaction(context.TODO(), func(ctx context.Context, tx *db.ClusterTx) error { @@ -5365,12 +5374,12 @@ func (n *ovn) localPeerCreate(peer api.NetworkPeersPost) error { // Apply router security policies. // Should have been done during network setup, but ensure its done here anyway. - err = n.logicalRouterPolicySetup(n.state.OVNNB) + err = n.logicalRouterPolicySetup(n.ovnnb) if err != nil { return fmt.Errorf("Failed applying local router security policy: %w", err) } - activeLocalNICPorts, err := n.state.OVNNB.GetLogicalSwitchPorts(context.TODO(), n.getIntSwitchName()) + activeLocalNICPorts, err := n.ovnnb.GetLogicalSwitchPorts(context.TODO(), n.getIntSwitchName()) if err != nil { return fmt.Errorf("Failed getting active NIC ports: %w", err) } @@ -5409,12 +5418,12 @@ func (n *ovn) localPeerCreate(peer api.NetworkPeersPost) error { } // Ensure local subnets and all active NIC routes are present in internal switch's address set. - err = n.state.OVNNB.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), opts.TargetRouterRoutes...) + err = n.ovnnb.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(n.ID()), opts.TargetRouterRoutes...) if err != nil { return fmt.Errorf("Failed adding active NIC routes to switch address set: %w", err) } - err = n.peerSetup(n.state.OVNNB, targetOVNNet, *opts) + err = n.peerSetup(n.ovnnb, targetOVNNet, *opts) if err != nil { return err } @@ -5480,7 +5489,7 @@ func (n *ovn) remotePeerCreate(peer api.NetworkPeersPost) error { } // Get the OVN AZ name. - azName, err := n.state.OVNNB.GetName(ctx) + azName, err := n.ovnnb.GetName(ctx) if err != nil { return err } @@ -5516,16 +5525,16 @@ func (n *ovn) remotePeerCreate(peer api.NetworkPeersPost) error { cgName := networkOVN.OVNChassisGroup(tsName) // Create the chassis group. - err = n.state.OVNNB.CreateChassisGroup(ctx, cgName, false) + err = n.ovnnb.CreateChassisGroup(ctx, cgName, false) if err != nil { return err } - reverter.Add(func() { _ = n.state.OVNNB.DeleteChassisGroup(ctx, cgName) }) + reverter.Add(func() { _ = n.ovnnb.DeleteChassisGroup(ctx, cgName) }) // Assign some priorities. for i, gateway := range gateways { - err = n.state.OVNNB.SetChassisGroupPriority(ctx, cgName, gateway, 10+i) + err = n.ovnnb.SetChassisGroupPriority(ctx, cgName, gateway, 10+i) if err != nil { return err } @@ -5541,7 +5550,7 @@ func (n *ovn) remotePeerCreate(peer api.NetworkPeersPost) error { found := false for i := 0; i < 10; i++ { // Try to get the switch. - logicalSwitch, err := n.state.OVNNB.GetLogicalSwitch(ctx, tsName) + logicalSwitch, err := n.ovnnb.GetLogicalSwitch(ctx, tsName) if err != nil && err != networkOVN.ErrNotFound { return err } @@ -5590,22 +5599,22 @@ func (n *ovn) remotePeerCreate(peer api.NetworkPeersPost) error { lrpName := networkOVN.OVNRouterPort(tsName) // Create the logical router port. - err = n.state.OVNNB.CreateLogicalRouterPort(ctx, n.getRouterName(), lrpName, routerMAC, uint32(bridgeMTU), []*net.IPNet{&ipv4Net, &ipv6Net}, cgName, false) + err = n.ovnnb.CreateLogicalRouterPort(ctx, n.getRouterName(), lrpName, routerMAC, uint32(bridgeMTU), []*net.IPNet{&ipv4Net, &ipv6Net}, cgName, false) if err != nil { return err } - reverter.Add(func() { _ = n.state.OVNNB.DeleteLogicalRouterPort(ctx, n.getRouterName(), lrpName) }) + reverter.Add(func() { _ = n.ovnnb.DeleteLogicalRouterPort(ctx, n.getRouterName(), lrpName) }) // Create the logical switch port. lspOpts := &networkOVN.OVNSwitchPortOpts{RouterPort: lrpName} - err = n.state.OVNNB.CreateLogicalSwitchPort(ctx, tsName, networkOVN.OVNSwitchPort(fmt.Sprintf("%s-%s", tsName, azName)), lspOpts, false) + err = n.ovnnb.CreateLogicalSwitchPort(ctx, tsName, networkOVN.OVNSwitchPort(fmt.Sprintf("%s-%s", tsName, azName)), lspOpts, false) if err != nil { return err } reverter.Add(func() { - _ = n.state.OVNNB.DeleteLogicalSwitchPort(ctx, tsName, networkOVN.OVNSwitchPort(fmt.Sprintf("%s-%s", tsName, azName))) + _ = n.ovnnb.DeleteLogicalSwitchPort(ctx, tsName, networkOVN.OVNSwitchPort(fmt.Sprintf("%s-%s", tsName, azName))) }) reverter.Success() @@ -5797,7 +5806,7 @@ func (n *ovn) peerSetup(ovnnb *networkOVN.NB, targetOVNNet *ovn, opts networkOVN } // Get list of active switch ports (avoids repeated querying of OVN NB). - activeTargetNICPorts, err := n.state.OVNNB.GetLogicalSwitchPorts(context.TODO(), targetOVNNet.getIntSwitchName()) + activeTargetNICPorts, err := n.ovnnb.GetLogicalSwitchPorts(context.TODO(), targetOVNNet.getIntSwitchName()) if err != nil { return fmt.Errorf("Failed getting active NIC ports: %w", err) } @@ -5819,17 +5828,17 @@ func (n *ovn) peerSetup(ovnnb *networkOVN.NB, targetOVNNet *ovn, opts networkOVN } // Ensure routes are added to target switch address sets. - err = n.state.OVNNB.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(targetOVNNet.ID()), opts.LocalRouterRoutes...) + err = n.ovnnb.UpdateAddressSetAdd(context.TODO(), acl.OVNIntSwitchPortGroupAddressSetPrefix(targetOVNNet.ID()), opts.LocalRouterRoutes...) if err != nil { return fmt.Errorf("Failed adding target swith subnet address set entries: %w", err) } - err = targetOVNNet.logicalRouterPolicySetup(n.state.OVNNB) + err = targetOVNNet.logicalRouterPolicySetup(n.ovnnb) if err != nil { return fmt.Errorf("Failed applying target router security policy: %w", err) } - err = n.state.OVNNB.CreateLogicalRouterPeering(context.TODO(), opts) + err = n.ovnnb.CreateLogicalRouterPeering(context.TODO(), opts) if err != nil { return fmt.Errorf("Failed applying OVN network peering: %w", err) } @@ -5910,17 +5919,17 @@ func (n *ovn) localPeerDelete(peer *api.NetworkPeer) error { TargetRouterPort: targetOVNNet.getLogicalRouterPeerPortName(n.ID()), } - err = n.state.OVNNB.DeleteLogicalRouterPeering(context.TODO(), opts) + err = n.ovnnb.DeleteLogicalRouterPeering(context.TODO(), opts) if err != nil { return fmt.Errorf("Failed deleting OVN network peering: %w", err) } - err = n.logicalRouterPolicySetup(n.state.OVNNB, targetOVNNet.ID()) + err = n.logicalRouterPolicySetup(n.ovnnb, targetOVNNet.ID()) if err != nil { return fmt.Errorf("Failed applying local router security policy: %w", err) } - err = targetOVNNet.logicalRouterPolicySetup(n.state.OVNNB, n.ID()) + err = targetOVNNet.logicalRouterPolicySetup(n.ovnnb, n.ID()) if err != nil { return fmt.Errorf("Failed applying target router security policy: %w", err) } @@ -5955,7 +5964,7 @@ func (n *ovn) remotePeerDelete(peer *api.NetworkPeer) error { } // Get the OVN AZ name. - azName, err := n.state.OVNNB.GetName(ctx) + azName, err := n.ovnnb.GetName(ctx) if err != nil { return err } @@ -5978,7 +5987,7 @@ func (n *ovn) remotePeerDelete(peer *api.NetworkPeer) error { tsName := networkOVN.OVNSwitch(tsNameRendered) // Delete logical switch port - err = n.state.OVNNB.DeleteLogicalSwitchPort(ctx, tsName, networkOVN.OVNSwitchPort(fmt.Sprintf("%s-%s", tsName, azName))) + err = n.ovnnb.DeleteLogicalSwitchPort(ctx, tsName, networkOVN.OVNSwitchPort(fmt.Sprintf("%s-%s", tsName, azName))) if err != nil { return err } @@ -5987,7 +5996,7 @@ func (n *ovn) remotePeerDelete(peer *api.NetworkPeer) error { lrpName := networkOVN.OVNRouterPort(tsName) // Delete logical router port - err = n.state.OVNNB.DeleteLogicalRouterPort(ctx, n.getRouterName(), lrpName) + err = n.ovnnb.DeleteLogicalRouterPort(ctx, n.getRouterName(), lrpName) if err != nil { return err } @@ -5996,13 +6005,13 @@ func (n *ovn) remotePeerDelete(peer *api.NetworkPeer) error { cgName := networkOVN.OVNChassisGroup(tsName) // Delete chassis group. - err = n.state.OVNNB.DeleteChassisGroup(ctx, cgName) + err = n.ovnnb.DeleteChassisGroup(ctx, cgName) if err != nil && err != networkOVN.ErrNotManaged { return err } // Delete transit switch if empty - icSwitch, err := n.state.OVNNB.GetLogicalSwitch(ctx, tsName) + icSwitch, err := n.ovnnb.GetLogicalSwitch(ctx, tsName) if err != nil { return err } diff --git a/internal/server/state/state.go b/internal/server/state/state.go index e77514c44ea..8b07ac599cd 100644 --- a/internal/server/state/state.go +++ b/internal/server/state/state.go @@ -90,6 +90,5 @@ type State struct { Authorizer auth.Authorizer // OVN. - OVNNB *ovn.NB - OVNSB *ovn.SB + OVN func() (*ovn.NB, *ovn.SB, error) }