octavia 13.0.0.0rc1__py3-none-any.whl → 14.0.0__py3-none-any.whl

octavia/controller/worker/v2/flows/load_balancer_flows.py

@@ -13,7 +13,6 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 #
-
 from oslo_config import cfg
 from oslo_log import log as logging
 from taskflow.patterns import linear_flow
@@ -47,7 +46,8 @@ class LoadBalancerFlows(object):
         self.member_flows = member_flows.MemberFlows()
         self.lb_repo = repo.LoadBalancerRepository()
 
-    def get_create_load_balancer_flow(self, topology, listeners=None):
+    def get_create_load_balancer_flow(self, topology, listeners=None,
+                                      flavor_dict=None):
         """Creates a conditional graph flow that allocates a loadbalancer.
 
         :raises InvalidTopology: Invalid topology specified
@@ -59,7 +59,7 @@ class LoadBalancerFlows(object):
         lb_create_flow.add(lifecycle_tasks.LoadBalancerIDToErrorOnRevertTask(
             requires=constants.LOADBALANCER_ID))
 
-        # allocate VIP
+        # allocate VIP - Saves the VIP IP(s) in neutron
         lb_create_flow.add(database_tasks.ReloadLoadBalancer(
             name=constants.RELOAD_LB_BEFOR_ALLOCATE_VIP,
             requires=constants.LOADBALANCER_ID,
@@ -81,9 +81,11 @@ class LoadBalancerFlows(object):
             provides=constants.SUBNET))
 
         if topology == constants.TOPOLOGY_ACTIVE_STANDBY:
-            lb_create_flow.add(*self._create_active_standby_topology())
+            lb_create_flow.add(*self._create_active_standby_topology(
+                flavor_dict=flavor_dict))
         elif topology == constants.TOPOLOGY_SINGLE:
-            lb_create_flow.add(*self._create_single_topology())
+            lb_create_flow.add(*self._create_single_topology(
+                flavor_dict=flavor_dict))
         else:
             LOG.error("Unknown topology: %s.  Unable to build load balancer.",
                       topology)
@@ -91,10 +93,12 @@ class LoadBalancerFlows(object):
 
         post_amp_prefix = constants.POST_LB_AMP_ASSOCIATION_SUBFLOW
         lb_create_flow.add(
-            self.get_post_lb_amp_association_flow(post_amp_prefix, topology))
+            self.get_post_lb_amp_association_flow(post_amp_prefix, topology,
+                                                  flavor_dict=flavor_dict))
 
         if listeners:
-            lb_create_flow.add(*self._create_listeners_flow())
+            lb_create_flow.add(
+                *self._create_listeners_flow(flavor_dict=flavor_dict))
 
         lb_create_flow.add(
             database_tasks.MarkLBActiveInDB(
@@ -112,7 +116,7 @@ class LoadBalancerFlows(object):
 
         return lb_create_flow
 
-    def _create_single_topology(self):
+    def _create_single_topology(self, flavor_dict=None):
         sf_name = (constants.ROLE_STANDALONE + '-' +
                    constants.AMP_PLUG_NET_SUBFLOW)
         amp_for_lb_net_flow = linear_flow.Flow(sf_name)
@@ -120,11 +124,13 @@ class LoadBalancerFlows(object):
             prefix=constants.ROLE_STANDALONE,
             role=constants.ROLE_STANDALONE)
         amp_for_lb_net_flow.add(amp_for_lb_flow)
-        amp_for_lb_net_flow.add(*self._get_amp_net_subflow(sf_name))
+        amp_for_lb_net_flow.add(*self._get_amp_net_subflow(
+            sf_name, flavor_dict=flavor_dict))
         return amp_for_lb_net_flow
 
     def _create_active_standby_topology(
-            self, lf_name=constants.CREATE_LOADBALANCER_FLOW):
+            self, lf_name=constants.CREATE_LOADBALANCER_FLOW,
+            flavor_dict=None):
         # When we boot up amphora for an active/standby topology,
         # we should leverage the Nova anti-affinity capabilities
         # to place the amphora on different hosts, also we need to check
@@ -156,26 +162,45 @@ class LoadBalancerFlows(object):
         master_amp_sf = linear_flow.Flow(master_sf_name)
         master_amp_sf.add(self.amp_flows.get_amphora_for_lb_subflow(
             prefix=constants.ROLE_MASTER, role=constants.ROLE_MASTER))
-        master_amp_sf.add(*self._get_amp_net_subflow(master_sf_name))
+        master_amp_sf.add(*self._get_amp_net_subflow(master_sf_name,
+                                                     flavor_dict=flavor_dict))
 
         backup_sf_name = (constants.ROLE_BACKUP + '-' +
                           constants.AMP_PLUG_NET_SUBFLOW)
         backup_amp_sf = linear_flow.Flow(backup_sf_name)
         backup_amp_sf.add(self.amp_flows.get_amphora_for_lb_subflow(
             prefix=constants.ROLE_BACKUP, role=constants.ROLE_BACKUP))
-        backup_amp_sf.add(*self._get_amp_net_subflow(backup_sf_name))
+        backup_amp_sf.add(*self._get_amp_net_subflow(backup_sf_name,
+                                                     flavor_dict=flavor_dict))
 
         amps_flow.add(master_amp_sf, backup_amp_sf)
 
         return flows + [amps_flow]
 
-    def _get_amp_net_subflow(self, sf_name):
+    def _get_amp_net_subflow(self, sf_name, flavor_dict=None):
         flows = []
-        flows.append(network_tasks.PlugVIPAmphora(
-            name=sf_name + '-' + constants.PLUG_VIP_AMPHORA,
-            requires=(constants.LOADBALANCER, constants.AMPHORA,
-                      constants.SUBNET),
-            provides=constants.AMP_DATA))
+        # If we have an SRIOV VIP, we need to setup a firewall in the amp
+        if flavor_dict and flavor_dict.get(constants.SRIOV_VIP, False):
+            flows.append(network_tasks.CreateSRIOVBasePort(
+                name=sf_name + '-' + constants.PLUG_VIP_AMPHORA,
+                requires=(constants.LOADBALANCER, constants.AMPHORA,
+                          constants.SUBNET),
+                provides=constants.PORT_DATA))
+            flows.append(compute_tasks.AttachPort(
+                name=sf_name + '-' + constants.ATTACH_PORT,
+                requires=(constants.AMPHORA),
+                rebind={constants.PORT: constants.PORT_DATA}))
+            flows.append(network_tasks.BuildAMPData(
+                name=sf_name + '-' + constants.BUILD_AMP_DATA,
+                requires=(constants.LOADBALANCER, constants.AMPHORA,
+                          constants.PORT_DATA),
+                provides=constants.AMP_DATA))
+        else:
+            flows.append(network_tasks.PlugVIPAmphora(
+                name=sf_name + '-' + constants.PLUG_VIP_AMPHORA,
+                requires=(constants.LOADBALANCER, constants.AMPHORA,
+                          constants.SUBNET),
+                provides=constants.AMP_DATA))
 
         flows.append(network_tasks.ApplyQosAmphora(
             name=sf_name + '-' + constants.APPLY_QOS_AMP,
@@ -196,7 +221,7 @@ class LoadBalancerFlows(object):
                       constants.AMPHORAE_NETWORK_CONFIG)))
         return flows
 
-    def _create_listeners_flow(self):
+    def _create_listeners_flow(self, flavor_dict=None):
         flows = []
         flows.append(
             database_tasks.ReloadLoadBalancer(
@@ -229,11 +254,13 @@ class LoadBalancerFlows(object):
             )
         )
         flows.append(
-            self.listener_flows.get_create_all_listeners_flow()
+            self.listener_flows.get_create_all_listeners_flow(
+                flavor_dict=flavor_dict)
         )
         return flows
 
-    def get_post_lb_amp_association_flow(self, prefix, topology):
+    def get_post_lb_amp_association_flow(self, prefix, topology,
+                                         flavor_dict=None):
         """Reload the loadbalancer and create networking subflows for
 
         created/allocated amphorae.
@@ -251,14 +278,15 @@ class LoadBalancerFlows(object):
             post_create_LB_flow.add(database_tasks.GetAmphoraeFromLoadbalancer(
                 requires=constants.LOADBALANCER_ID,
                 provides=constants.AMPHORAE))
-            vrrp_subflow = self.amp_flows.get_vrrp_subflow(prefix)
+            vrrp_subflow = self.amp_flows.get_vrrp_subflow(
+                prefix, flavor_dict=flavor_dict)
             post_create_LB_flow.add(vrrp_subflow)
 
         post_create_LB_flow.add(database_tasks.UpdateLoadbalancerInDB(
             requires=[constants.LOADBALANCER, constants.UPDATE_DICT]))
         return post_create_LB_flow
 
-    def _get_delete_listeners_flow(self, listeners):
+    def _get_delete_listeners_flow(self, listeners, flavor_dict=None):
         """Sets up an internal delete flow
 
         :param listeners: A list of listener dicts
@@ -268,7 +296,7 @@ class LoadBalancerFlows(object):
         for listener in listeners:
             listeners_delete_flow.add(
                 self.listener_flows.get_delete_listener_internal_flow(
-                    listener))
+                    listener, flavor_dict=flavor_dict))
         return listeners_delete_flow
 
     def get_delete_load_balancer_flow(self, lb):
@@ -466,12 +494,13 @@ class LoadBalancerFlows(object):
                     role=new_amp_role,
                     failed_amp_vrrp_port_id=failed_amp.get(
                         constants.VRRP_PORT_ID),
-                    is_vrrp_ipv6=failed_vrrp_is_ipv6))
+                    is_vrrp_ipv6=failed_vrrp_is_ipv6,
+                    flavor_dict=lb[constants.FLAVOR]))
         else:
             failover_LB_flow.add(
                 self.amp_flows.get_amphora_for_lb_failover_subflow(
                     prefix=constants.FAILOVER_LOADBALANCER_FLOW,
-                    role=new_amp_role))
+                    role=new_amp_role, flavor_dict=lb[constants.FLAVOR]))
 
         if lb_topology == constants.TOPOLOGY_ACTIVE_STANDBY:
             failover_LB_flow.add(database_tasks.MarkAmphoraBackupInDB(
@@ -593,7 +622,8 @@ class LoadBalancerFlows(object):
                 self.amp_flows.get_amphora_for_lb_failover_subflow(
                     prefix=(new_amp_role + '-' +
                             constants.FAILOVER_LOADBALANCER_FLOW),
-                    role=new_amp_role))
+                    role=new_amp_role,
+                    flavor_dict=lb[constants.FLAVOR]))
 
             failover_LB_flow.add(database_tasks.MarkAmphoraMasterInDB(
                 name=constants.MARK_AMP_MASTER_INDB,
@@ -637,6 +667,14 @@ class LoadBalancerFlows(object):
                 requires=constants.LOADBALANCER_ID,
                 provides=constants.AMPHORAE))
 
+            failover_LB_flow.add(
+                amphora_driver_tasks.AmphoraeGetConnectivityStatus(
+                    name=(new_amp_role + '-' +
+                          constants.AMPHORAE_GET_CONNECTIVITY_STATUS),
+                    requires=constants.AMPHORAE,
+                    rebind={constants.NEW_AMPHORA_ID: constants.AMPHORA_ID},
+                    provides=constants.AMPHORAE_STATUS))
+
             # Listeners update needs to be run on all amphora to update
             # their peer configurations. So parallelize this with an
             # unordered subflow.
@@ -651,14 +689,18 @@ class LoadBalancerFlows(object):
                 amphora_driver_tasks.AmphoraIndexListenerUpdate(
                     name=(constants.AMPHORA + '-0-' +
                           constants.AMP_LISTENER_UPDATE),
-                    requires=(constants.LOADBALANCER, constants.AMPHORAE),
+                    requires=(constants.LOADBALANCER, constants.AMPHORAE,
+                              constants.AMPHORAE_STATUS),
+                    rebind={constants.NEW_AMPHORA_ID: constants.AMPHORA_ID},
                     inject={constants.AMPHORA_INDEX: 0,
                             constants.TIMEOUT_DICT: timeout_dict}))
             update_amps_subflow.add(
                 amphora_driver_tasks.AmphoraIndexListenerUpdate(
                     name=(constants.AMPHORA + '-1-' +
                           constants.AMP_LISTENER_UPDATE),
-                    requires=(constants.LOADBALANCER, constants.AMPHORAE),
+                    requires=(constants.LOADBALANCER, constants.AMPHORAE,
+                              constants.AMPHORAE_STATUS),
+                    rebind={constants.NEW_AMPHORA_ID: constants.AMPHORA_ID},
                     inject={constants.AMPHORA_INDEX: 1,
                             constants.TIMEOUT_DICT: timeout_dict}))
 
@@ -667,7 +709,8 @@ class LoadBalancerFlows(object):
             # Configure and enable keepalived in the amphora
             failover_LB_flow.add(self.amp_flows.get_vrrp_subflow(
                 new_amp_role + '-' + constants.GET_VRRP_SUBFLOW,
-                timeout_dict, create_vrrp_group=False))
+                timeout_dict, create_vrrp_group=False,
+                get_amphorae_status=False, flavor_dict=lb[constants.FLAVOR]))
 
             # #### End of standby ####
 
@@ -682,6 +725,7 @@ class LoadBalancerFlows(object):
                     name=(new_amp_role + '-' +
                           constants.AMPHORA_RELOAD_LISTENER),
                     requires=(constants.LOADBALANCER, constants.AMPHORAE),
+                    rebind={constants.NEW_AMPHORA_ID: constants.AMPHORA_ID},
                     inject={constants.AMPHORA_INDEX: 1,
                             constants.TIMEOUT_DICT: timeout_dict}))
 

octavia/controller/worker/v2/taskflow_jobboard_driver.py

@@ -41,6 +41,7 @@ class MysqlPersistenceDriver(object):
             'max_pool_size': CONF.database.max_pool_size,
             'max_overflow': CONF.database.max_overflow,
             'pool_timeout': CONF.database.pool_timeout,
+            'idle_timeout': CONF.database.connection_recycle_time
         }
 
     def initialize(self):
@@ -87,14 +88,29 @@ class RedisTaskFlowDriver(JobboardTaskFlowDriver):
         self.persistence_driver = persistence_driver
 
     def job_board(self, persistence):
+
+        def _format_server(host, port):
+            if ':' in host:
+                return '[%s]:%d' % (host, port)
+            return '%s:%d' % (host, port)
+
         jobboard_backend_conf = {
             'board': 'redis',
             'host': CONF.task_flow.jobboard_backend_hosts[0],
             'port': CONF.task_flow.jobboard_backend_port,
-            'password': CONF.task_flow.jobboard_backend_password,
             'namespace': CONF.task_flow.jobboard_backend_namespace,
             'sentinel': CONF.task_flow.jobboard_redis_sentinel,
+            'sentinel_fallbacks': [
+                _format_server(host, CONF.task_flow.jobboard_backend_port)
+                for host in CONF.task_flow.jobboard_backend_hosts[1:]
+            ]
         }
+        if CONF.task_flow.jobboard_backend_username is not None:
+            jobboard_backend_conf['username'] = (
+                CONF.task_flow.jobboard_backend_username)
+        if CONF.task_flow.jobboard_backend_password is not None:
+            jobboard_backend_conf['password'] = (
+                CONF.task_flow.jobboard_backend_password)
         jobboard_backend_conf.update(
             CONF.task_flow.jobboard_redis_backend_ssl_options)
         return job_backends.backend(

octavia/controller/worker/v2/tasks/amphora_driver_tasks.py

@@ -14,6 +14,9 @@
 #
 
 import copy
+from typing import List
+from typing import Optional
+
 from cryptography import fernet
 from oslo_config import cfg
 from oslo_log import log as logging
@@ -58,7 +61,7 @@ class AmpRetry(retry.Times):
         max_retry_attempt = CONF.haproxy_amphora.connection_max_retries
         for task_name, ex_info in last_errors.items():
             if len(history) <= max_retry_attempt:
-                # When taskflow persistance is enabled and flow/task state is
+                # When taskflow persistence is enabled and flow/task state is
                 # saved in the backend. If flow(task) is restored(restart of
                 # worker,etc) we are getting ex_info as None - we need to RETRY
                 # task to check its real state.
@@ -102,10 +105,19 @@ class AmpListenersUpdate(BaseAmphoraTask):
 class AmphoraIndexListenerUpdate(BaseAmphoraTask):
     """Task to update the listeners on one amphora."""
 
-    def execute(self, loadbalancer, amphora_index, amphorae, timeout_dict=()):
+    def execute(self, loadbalancer, amphora_index, amphorae,
+                amphorae_status: dict, new_amphora_id: str, timeout_dict=()):
         # Note, we don't want this to cause a revert as it may be used
         # in a failover flow with both amps failing. Skip it and let
         # health manager fix it.
+
+        amphora_id = amphorae[amphora_index].get(constants.ID)
+        amphora_status = amphorae_status.get(amphora_id, {})
+        if amphora_status.get(constants.UNREACHABLE):
+            LOG.warning("Skipping listener update because amphora %s "
+                        "is not reachable.", amphora_id)
+            return
+
         try:
             # TODO(johnsom) Optimize this to use the dicts and not need the
             #               DB lookups
@@ -120,14 +132,16 @@ class AmphoraIndexListenerUpdate(BaseAmphoraTask):
             self.amphora_driver.update_amphora_listeners(
                 db_lb, db_amp, timeout_dict)
         except Exception as e:
-            amphora_id = amphorae[amphora_index].get(constants.ID)
             LOG.error('Failed to update listeners on amphora %s. Skipping '
                       'this amphora as it is failing to update due to: %s',
                       amphora_id, str(e))
-            session = db_apis.get_session()
-            with session.begin():
-                self.amphora_repo.update(session, amphora_id,
-                                         status=constants.ERROR)
+            # Update only the status of the newly created amphora during the
+            # failover
+            if amphora_id == new_amphora_id:
+                session = db_apis.get_session()
+                with session.begin():
+                    self.amphora_repo.update(session, amphora_id,
+                                             status=constants.ERROR)
 
 
 class ListenersUpdate(BaseAmphoraTask):
@@ -193,10 +207,18 @@ class AmphoraIndexListenersReload(BaseAmphoraTask):
     """Task to reload all listeners on an amphora."""
 
     def execute(self, loadbalancer, amphora_index, amphorae,
-                timeout_dict=None):
+                amphorae_status: dict, new_amphora_id: str, timeout_dict=None):
         """Execute listener reload routines for listeners on an amphora."""
         if amphorae is None:
             return
+
+        amphora_id = amphorae[amphora_index].get(constants.ID)
+        amphora_status = amphorae_status.get(amphora_id, {})
+        if amphora_status.get(constants.UNREACHABLE):
+            LOG.warning("Skipping listener reload because amphora %s "
+                        "is not reachable.", amphora_id)
+            return
+
         # TODO(johnsom) Optimize this to use the dicts and not need the
         #               DB lookups
         session = db_apis.get_session()
@@ -210,13 +232,15 @@ class AmphoraIndexListenersReload(BaseAmphoraTask):
             try:
                 self.amphora_driver.reload(db_lb, db_amp, timeout_dict)
             except Exception as e:
-                amphora_id = amphorae[amphora_index][constants.ID]
                 LOG.warning('Failed to reload listeners on amphora %s. '
                             'Skipping this amphora as it is failing to '
                             'reload due to: %s', amphora_id, str(e))
-                with session.begin():
-                    self.amphora_repo.update(session, amphora_id,
-                                             status=constants.ERROR)
+                # Update only the status of the newly created amphora during
+                # the failover
+                if amphora_id == new_amphora_id:
+                    with session.begin():
+                        self.amphora_repo.update(session, amphora_id,
+                                                 status=constants.ERROR)
 
 
 class ListenerDelete(BaseAmphoraTask):
@@ -478,8 +502,15 @@ class AmphoraUpdateVRRPInterface(BaseAmphoraTask):
 class AmphoraIndexUpdateVRRPInterface(BaseAmphoraTask):
     """Task to get and update the VRRP interface device name from amphora."""
 
-    def execute(self, amphora_index, amphorae, timeout_dict=None):
+    def execute(self, amphora_index, amphorae, amphorae_status: dict,
+                new_amphora_id: str, timeout_dict=None):
         amphora_id = amphorae[amphora_index][constants.ID]
+        amphora_status = amphorae_status.get(amphora_id, {})
+        if amphora_status.get(constants.UNREACHABLE):
+            LOG.warning("Skipping VRRP interface update because amphora %s "
+                        "is not reachable.", amphora_id)
+            return None
+
         try:
             # TODO(johnsom) Optimize this to use the dicts and not need the
             #               DB lookups
@@ -494,9 +525,12 @@ class AmphoraIndexUpdateVRRPInterface(BaseAmphoraTask):
             LOG.error('Failed to get amphora VRRP interface on amphora '
                       '%s. Skipping this amphora as it is failing due to: '
                       '%s', amphora_id, str(e))
-            with session.begin():
-                self.amphora_repo.update(session, amphora_id,
-                                         status=constants.ERROR)
+            # Update only the status of the newly created amphora during the
+            # failover
+            if amphora_id == new_amphora_id:
+                with session.begin():
+                    self.amphora_repo.update(session, amphora_id,
+                                             status=constants.ERROR)
             return None
 
         with session.begin():
@@ -542,12 +576,19 @@ class AmphoraIndexVRRPUpdate(BaseAmphoraTask):
     """Task to update the VRRP configuration of an amphora."""
 
     def execute(self, loadbalancer_id, amphorae_network_config, amphora_index,
-                amphorae, amp_vrrp_int, timeout_dict=None):
+                amphorae, amphorae_status: dict, amp_vrrp_int: Optional[str],
+                new_amphora_id: str, timeout_dict=None):
         """Execute update_vrrp_conf."""
         # Note, we don't want this to cause a revert as it may be used
         # in a failover flow with both amps failing. Skip it and let
         # health manager fix it.
         amphora_id = amphorae[amphora_index][constants.ID]
+        amphora_status = amphorae_status.get(amphora_id, {})
+        if amphora_status.get(constants.UNREACHABLE):
+            LOG.warning("Skipping VRRP configuration because amphora %s "
+                        "is not reachable.", amphora_id)
+            return
+
         try:
             # TODO(johnsom) Optimize this to use the dicts and not need the
             #               DB lookups
@@ -564,9 +605,12 @@ class AmphoraIndexVRRPUpdate(BaseAmphoraTask):
             LOG.error('Failed to update VRRP configuration amphora %s. '
                       'Skipping this amphora as it is failing to update due '
                       'to: %s', amphora_id, str(e))
-            with session.begin():
-                self.amphora_repo.update(session, amphora_id,
-                                         status=constants.ERROR)
+            # Update only the status of the newly created amphora during the
+            # failover
+            if amphora_id == new_amphora_id:
+                with session.begin():
+                    self.amphora_repo.update(session, amphora_id,
+                                             status=constants.ERROR)
             return
         LOG.debug("Uploaded VRRP configuration of amphora %s.", amphora_id)
 
@@ -594,10 +638,17 @@ class AmphoraIndexVRRPStart(BaseAmphoraTask):
     This will reload keepalived if it is already running.
     """
 
-    def execute(self, amphora_index, amphorae, timeout_dict=None):
+    def execute(self, amphora_index, amphorae, amphorae_status: dict,
+                new_amphora_id: str, timeout_dict=None):
         # TODO(johnsom) Optimize this to use the dicts and not need the
         #               DB lookups
         amphora_id = amphorae[amphora_index][constants.ID]
+        amphora_status = amphorae_status.get(amphora_id, {})
+        if amphora_status.get(constants.UNREACHABLE):
+            LOG.warning("Skipping VRRP start because amphora %s "
+                        "is not reachable.", amphora_id)
+            return
+
         session = db_apis.get_session()
         with session.begin():
             db_amp = self.amphora_repo.get(session, id=amphora_id)
@@ -607,9 +658,12 @@ class AmphoraIndexVRRPStart(BaseAmphoraTask):
             LOG.error('Failed to start VRRP on amphora %s. '
                       'Skipping this amphora as it is failing to start due '
                       'to: %s', amphora_id, str(e))
-            with session.begin():
-                self.amphora_repo.update(session, amphora_id,
-                                         status=constants.ERROR)
+            # Update only the status of the newly created amphora during the
+            # failover
+            if amphora_id == new_amphora_id:
+                with session.begin():
+                    self.amphora_repo.update(session, amphora_id,
+                                             status=constants.ERROR)
             return
         LOG.debug("Started VRRP on amphora %s.",
                   amphorae[amphora_index][constants.ID])
@@ -669,3 +723,70 @@ class AmphoraConfigUpdate(BaseAmphoraTask):
                       'update. Please update the amphora image for this '
                       'amphora. Skipping.'.
                       format(amphora.get(constants.ID)))
+
+
+class AmphoraeGetConnectivityStatus(BaseAmphoraTask):
+    """Task that checks amphorae connectivity status.
+
+    Check and return the connectivity status of both amphorae in ACTIVE STANDBY
+    load balancers
+    """
+
+    def execute(self, amphorae: List[dict], new_amphora_id: str,
+                timeout_dict=None):
+        amphorae_status = {}
+
+        for amphora in amphorae:
+            amphora_id = amphora[constants.ID]
+            amphorae_status[amphora_id] = {}
+
+            session = db_apis.get_session()
+            with session.begin():
+                db_amp = self.amphora_repo.get(session, id=amphora_id)
+
+            try:
+                # Verify if the amphora is reachable
+                self.amphora_driver.check(db_amp, timeout_dict=timeout_dict)
+            except Exception as e:
+                LOG.exception("Cannot get status for amphora %s",
+                              amphora_id)
+                # In case it fails and the tested amphora is the newly created
+                # amphora, it's not a normal error handling, re-raise the
+                # exception
+                if amphora_id == new_amphora_id:
+                    raise e
+                amphorae_status[amphora_id][constants.UNREACHABLE] = True
+            else:
+                amphorae_status[amphora_id][constants.UNREACHABLE] = False
+
+        return amphorae_status
+
+
+class SetAmphoraFirewallRules(BaseAmphoraTask):
+    """Task to push updated firewall ruls to an amphora."""
+
+    def execute(self, amphorae: List[dict], amphora_index: int,
+                amphora_firewall_rules: List[dict], amphorae_status: dict,
+                timeout_dict=None):
+
+        if (amphora_firewall_rules and
+                amphora_firewall_rules[0].get('non-sriov-vip', False)):
+            # Not an SRIOV VIP, so skip setting firewall rules.
+            # This is already logged in GetAmphoraFirewallRules.
+            return
+
+        amphora_id = amphorae[amphora_index][constants.ID]
+        amphora_status = amphorae_status.get(amphora_id, {})
+        if amphora_status.get(constants.UNREACHABLE):
+            LOG.warning("Skipping firewall rules update because amphora %s "
+                        "is not reachable.", amphora_id)
+            return
+
+        session = db_apis.get_session()
+        with session.begin():
+            db_amp = self.amphora_repo.get(session, id=amphora_id)
+
+        self.amphora_driver.set_interface_rules(
+            db_amp,
+            amphorae[amphora_index][constants.VRRP_IP],
+            amphora_firewall_rules, timeout_dict=timeout_dict)

octavia/controller/worker/v2/tasks/compute_tasks.py

@@ -59,7 +59,7 @@ class ComputeRetry(retry.Times):
         max_retry_attempt = CONF.controller_worker.amp_active_retries
         for task_name, ex_info in last_errors.items():
             if len(history) <= max_retry_attempt:
-                # When taskflow persistance is enabled and flow/task state is
+                # When taskflow persistence is enabled and flow/task state is
                 # saved in the backend. If flow(task) is restored(restart of
                 # worker,etc) we are getting ex_info as None - we need to RETRY
                 # task to check its real state.