octavia 15.0.0__py3-none-any.whl → 16.0.0.0rc1__py3-none-any.whl

octavia/common/base_taskflow.py

@@ -156,7 +156,7 @@ class DynamicLoggingConductor(impl_blocking.BlockingConductor):
                               job.name)
 
 
-class RedisDynamicLoggingConductor(DynamicLoggingConductor):
+class ExtendExpiryDynamicLoggingConductor(DynamicLoggingConductor):
 
     def _listeners_from_job(self, job, engine):
         listeners = super()._listeners_from_job(job, engine)
@@ -206,20 +206,29 @@ class TaskFlowServiceController:
     def run_conductor(self, name):
         with self.driver.persistence_driver.get_persistence() as persistence:
             with self.driver.job_board(persistence) as board:
-                # Redis do not expire jobs by default, so jobs won't be resumed
-                # with restart of controller. Add expiry for board and use
-                # special listener.
-                if (CONF.task_flow.jobboard_backend_driver ==
-                        'redis_taskflow_driver'):
-                    conductor = RedisDynamicLoggingConductor(
+                # Redis and etcd do not expire jobs by default, so jobs won't
+                # be resumed with restart of controller. Add expiry for board
+                # and use special listener.
+                if (CONF.task_flow.jobboard_backend_driver in (
+                        'etcd_taskflow_driver',
+                        'redis_taskflow_driver')):
+                    conductor = ExtendExpiryDynamicLoggingConductor(
                         name, board, persistence=persistence,
                         engine=CONF.task_flow.engine,
                         engine_options={
                             'max_workers': CONF.task_flow.max_workers
                         })
-                    board.claim = functools.partial(
-                        board.claim,
-                        expiry=CONF.task_flow.jobboard_expiration_time)
+                    if (CONF.task_flow.jobboard_backend_driver ==
+                            'redis_taskflow_driver'):
+                        # Hack for redis only:
+                        # The TTL of the jobs of the Redis Jobboard driver can
+                        # be only overriden by using the 'expiry' parameter of
+                        # the 'claim' function
+                        # For the Etcd driver, the default TTL for all the
+                        # locks can be configured while creating the backend
+                        board.claim = functools.partial(
+                            board.claim,
+                            expiry=CONF.task_flow.jobboard_expiration_time)
                 else:
                     conductor = DynamicLoggingConductor(
                         name, board, persistence=persistence,

octavia/common/clients.py

@@ -111,16 +111,22 @@ class NeutronAuth:
         client.
         """
         sess = keystone.KeystoneSession('neutron').get_session()
+        kwargs = {}
         neutron_endpoint = CONF.neutron.endpoint_override
         if neutron_endpoint is None:
             endpoint_data = sess.get_endpoint_data(
-                service_type='network',
+                service_type=(CONF.neutron.service_type or 'network'),
                 interface=CONF.neutron.valid_interfaces,
                 region_name=CONF.neutron.region_name)
             neutron_endpoint = endpoint_data.catalog_url
 
+        neutron_cafile = getattr(CONF.neutron, "cafile", None)
+        insecure = getattr(CONF.neutron, "insecure", False)
+        kwargs['verify'] = not insecure
+        if neutron_cafile is not None and not insecure:
+            kwargs['verify'] = neutron_cafile
         user_auth = token_endpoint.Token(neutron_endpoint, context.auth_token)
-        user_sess = session.Session(auth=user_auth)
+        user_sess = session.Session(auth=user_auth, **kwargs)
 
         conn = openstack.connection.Connection(
             session=user_sess, oslo_conf=CONF)

octavia/common/config.py

@@ -555,8 +555,10 @@ task_flow_opts = [
                choices=[('redis_taskflow_driver',
                          'Driver that will use Redis to store job states.'),
                         ('zookeeper_taskflow_driver',
-                         'Driver that will use Zookeeper to store job states.')
-                        ],
+                         'Driver that will use Zookeeper to store job '
+                         'states.'),
+                        ('etcd_taskflow_driver',
+                         'Driver that will user Etcd to store job states.')],
                help='Jobboard backend driver that will monitor job state.'),
     cfg.ListOpt('jobboard_backend_hosts', default=['127.0.0.1'],
                 help='Jobboard backend server host(s).'),
@@ -569,6 +571,9 @@ task_flow_opts = [
     cfg.StrOpt('jobboard_backend_namespace', default='octavia_jobboard',
                help='Jobboard name that should be used to store taskflow '
                     'job id and claims for it.'),
+    cfg.IntOpt('jobboard_redis_backend_db',
+               default=0, min=0,
+               help='Database ID in redis server.'),
     cfg.StrOpt('jobboard_redis_sentinel', default=None,
                help='Sentinel name if it is used for Redis.'),
     cfg.StrOpt('jobboard_redis_sentinel_username',
@@ -596,6 +601,16 @@ task_flow_opts = [
                          'keyfile_password': None,
                          'certfile': None,
                          'verify_certs': True}),
+    cfg.DictOpt('jobboard_etcd_ssl_options',
+                help='Etcd jobboard backend ssl configuration options.',
+                default={'use_ssl': False,
+                         'ca_cert': None,
+                         'cert_key': None,
+                         'cert_cert': None}),
+    cfg.IntOpt('jobboard_etcd_timeout', default=None,
+               help='Timeout when communicating with the Etcd backend.'),
+    cfg.StrOpt('jobboard_etcd_api_path', default=None,
+               help='API Path of the Etcd server.'),
     cfg.IntOpt('jobboard_expiration_time', default=30,
                help='For backends like redis claiming jobs requiring setting '
                     'the expiry - how many seconds the claim should be '

octavia/common/constants.py

@@ -423,11 +423,15 @@ REQ_CONN_TIMEOUT = 'req_conn_timeout'
 REQ_READ_TIMEOUT = 'req_read_timeout'
 REQUEST_ERRORS = 'request_errors'
 REQUEST_ID = 'request_id'
+REQUEST_SRIOV = 'request_sriov'
 ROLE = 'role'
+SECURITY_GROUP_IDS = 'security_group_ids'
 SECURITY_GROUPS = 'security_groups'
 SECURITY_GROUP_RULES = 'security_group_rules'
 SERVER_GROUP_ID = 'server_group_id'
 SERVER_PEM = 'server_pem'
+SG_IDS = 'sg_ids'
+SG_ID = 'sg_id'
 SNI_CONTAINER_DATA = 'sni_container_data'
 SNI_CONTAINERS = 'sni_containers'
 SOFT_ANTI_AFFINITY = 'soft-anti-affinity'
@@ -585,6 +589,7 @@ ATTACH_PORT = 'attach-port'
 CALCULATE_AMPHORA_DELTA = 'calculate-amphora-delta'
 CREATE_VIP_BASE_PORT = 'create-vip-base-port'
 DELETE_AMPHORA = 'delete-amphora'
+DELETE_AMPHORA_MEMBER_PORTS = 'delete-amphora-member-ports'
 DELETE_PORT = 'delete-port'
 DISABLE_AMP_HEALTH_MONITORING = 'disable-amphora-health-monitoring'
 GET_AMPHORA_FIREWALL_RULES = 'get-amphora-firewall-rules'
@@ -926,6 +931,7 @@ AMPHORA_SUPPORTED_ALPN_PROTOCOLS = [lib_consts.ALPN_PROTOCOL_HTTP_2,
                                     lib_consts.ALPN_PROTOCOL_HTTP_1_0]
 
 SRIOV_VIP = 'sriov_vip'
+ALLOW_MEMBER_SRIOV = 'allow_member_sriov'
 
 # Amphora interface fields
 IF_TYPE = 'if_type'

octavia/common/data_models.py

@@ -378,7 +378,7 @@ class Member(BaseDataModel):
                  subnet_id=None, operating_status=None, pool=None,
                  created_at=None, updated_at=None, provisioning_status=None,
                  name=None, monitor_address=None, monitor_port=None,
-                 tags=None):
+                 tags=None, vnic_type=None):
         self.id = id
         self.project_id = project_id
         self.pool_id = pool_id
@@ -397,6 +397,7 @@ class Member(BaseDataModel):
         self.monitor_address = monitor_address
         self.monitor_port = monitor_port
         self.tags = tags
+        self.vnic_type = vnic_type
 
     def delete(self):
         for mem in self.pool.members:
@@ -558,7 +559,7 @@ class Vip(BaseDataModel):
     def __init__(self, load_balancer_id=None, ip_address=None,
                  subnet_id=None, network_id=None, port_id=None,
                  load_balancer=None, qos_policy_id=None, octavia_owned=None,
-                 vnic_type=None):
+                 vnic_type=None, sg_ids=None):
         self.load_balancer_id = load_balancer_id
         self.ip_address = ip_address
         self.subnet_id = subnet_id
@@ -568,6 +569,18 @@ class Vip(BaseDataModel):
         self.qos_policy_id = qos_policy_id
         self.octavia_owned = octavia_owned
         self.vnic_type = vnic_type
+        self.sg_ids = sg_ids or []
+
+    def to_dict(self, **kwargs):
+        ret = super().to_dict(**kwargs)
+        if kwargs.get('recurse') is not True:
+            # NOTE(gthiemonge) we need to return the associated SG IDs but as
+            # sg_ids is a list, they are only added with recurse=True, which
+            # does a full recursion on the Vip, adding the associated
+            # LoadBalancer, its Listeners, etc...
+            # Adding it directly here avoids unnecessary recursion
+            ret[constants.SG_IDS] = self.sg_ids
+        return ret
 
 
 class AdditionalVip(BaseDataModel):
@@ -886,3 +899,20 @@ class ListenerCidr(BaseDataModel):
     # object. Otherwise we recurse down the "ghost" listener object.
     def to_dict(self, **kwargs):
         return {'cidr': self.cidr, 'listener_id': self.listener_id}
+
+
+class VipSecurityGroup(BaseDataModel):
+    def __init__(self, load_balancer_id: str = None, sg_id: str = None):
+        self.load_balancer_id = load_balancer_id
+        self.sg_id = sg_id
+
+
+class AmphoraMemberPort(BaseDataModel):
+
+    def __init__(self, port_id=None, amphora_id=None, network_id=None,
+                 created_at=None, updated_at=None):
+        self.port_id = port_id
+        self.amphora_id = amphora_id
+        self.network_id = network_id
+        self.created_at = created_at
+        self.updated_at = updated_at

octavia/common/exceptions.py

@@ -435,3 +435,8 @@ class AmphoraNetworkConfigException(OctaviaException):
 class ListenerNoChildren(APIException):
     msg = _('Protocol %(protocol)s listeners cannot have child objects.')
     code = 400
+
+
+class MemberSRIOVDisabled(APIException):
+    msg = _('The load balancer flavor does not allow SR-IOV member ports.')
+    code = 400

octavia/common/utils.py

@@ -23,6 +23,7 @@ import hashlib
 import ipaddress
 import re
 import socket
+import typing
 
 from oslo_config import cfg
 from oslo_log import log as logging
@@ -30,6 +31,8 @@ from oslo_utils import excutils
 from stevedore import driver as stevedore_driver
 
 from octavia.common import constants
+if typing.TYPE_CHECKING:
+    from octavia.network import base as network_base
 
 CONF = cfg.CONF
 
@@ -61,7 +64,7 @@ def get_amphora_driver():
     return amphora_driver
 
 
-def get_network_driver():
+def get_network_driver() -> 'network_base.AbstractNetworkDriver':
     CONF.import_group('controller_worker', 'octavia.common.config')
     network_driver = stevedore_driver.DriverManager(
         namespace='octavia.network.drivers',

octavia/common/validate.py

@@ -21,6 +21,7 @@ Defined here so these can also be used at deeper levels than the API.
 
 import ipaddress
 import re
+import typing
 
 from oslo_config import cfg
 from rfc3986 import uri_reference
@@ -33,6 +34,9 @@ from octavia.common import exceptions
 from octavia.common import utils
 from octavia.i18n import _
 
+if typing.TYPE_CHECKING:
+    from octavia.common import context
+
 CONF = cfg.CONF
 _ListenerPUT = 'octavia.api.v2.types.listener.ListenerPUT'
 
@@ -382,6 +386,18 @@ def network_exists_optionally_contains_subnet(network_id, subnet_id=None,
     return network
 
 
+def security_group_exists(sg_id: str,
+                          context: 'context.RequestContext' = None):
+    """Raises an exception when a security group does not exist."""
+    network_driver = utils.get_network_driver()
+    try:
+        network_driver.get_security_group_by_id(sg_id,
+                                                context=context)
+    except Exception as e:
+        raise exceptions.InvalidSubresource(
+            resource='Security Group', id=sg_id) from e
+
+
 def network_allowed_by_config(network_id, valid_networks=None):
     if CONF.networking.valid_vip_networks and not valid_networks:
         valid_networks = CONF.networking.valid_vip_networks

octavia/compute/drivers/noop_driver/driver.py

@@ -16,6 +16,12 @@ from collections import namedtuple
 
 from oslo_log import log as logging
 from oslo_utils import uuidutils
+from sqlalchemy import Column
+from sqlalchemy import create_engine
+from sqlalchemy import MetaData
+from sqlalchemy import String
+from sqlalchemy import Table
+from sqlalchemy import update
 
 from octavia.common import constants
 from octavia.common import data_models
@@ -33,6 +39,20 @@ class NoopManager:
         super().__init__()
         self.computeconfig = {}
 
+        # Get a DB engine for the network no-op DB
+        # Required to update the ports when a port is attached to a compute
+        self.engine = create_engine('sqlite:////tmp/octavia-network-noop.db',
+                                    isolation_level='SERIALIZABLE')
+        metadata_obj = MetaData()
+
+        self.interfaces_table = Table(
+            'interfaces',
+            metadata_obj,
+            Column('port_id', String(36)),
+            Column('network_id', String(36)),
+            Column('compute_id', String(36)),
+            Column('vnic_type', String(6)))
+
     def build(self, name="amphora_name", amphora_flavor=None,
               image_tag=None, image_owner=None, key_name=None, sec_groups=None,
               network_ids=None, config_drive_files=None, user_data=None,
@@ -97,12 +117,21 @@ class NoopManager:
         self.computeconfig[(compute_id, network_id, ip_address, port_id)] = (
             compute_id, network_id, ip_address, port_id,
             'attach_network_or_port')
+
+        # Update the port in the network no-op DB
+        with self.engine.connect() as connection:
+            connection.execute(update(self.interfaces_table).where(
+                self.interfaces_table.c.port_id == port_id).values(
+                    compute_id=compute_id))
+            connection.commit()
+
         return network_models.Interface(
             id=uuidutils.generate_uuid(),
             compute_id=compute_id,
             network_id=network_id,
             fixed_ips=[],
-            port_id=uuidutils.generate_uuid()
+            port_id=uuidutils.generate_uuid(),
+            vnic_type=constants.VNIC_TYPE_NORMAL
         )
 
     def detach_port(self, compute_id, port_id):

octavia/controller/healthmanager/health_manager.py

@@ -77,6 +77,11 @@ class HealthManager:
         return False
 
     def health_check(self):
+        """Check for stale amphorae and process them
+
+        ... until either no more stale amphora were found or all executor
+        threads are busy.
+        """
         stats = {
             'failover_attempted': 0,
             'failover_failed': 0,
@@ -127,6 +132,7 @@ class HealthManager:
                     if lock_session:
                         lock_session.rollback()
 
+            # No more stale amps found
             if amp_health is None:
                 break
 
@@ -137,6 +143,7 @@ class HealthManager:
                 functools.partial(update_stats_on_done, stats)
             )
             futs.append(fut)
+            # All threads are/were busy
             if len(futs) == self.threads:
                 break
         if futs:

octavia/controller/worker/v2/flows/amphora_flows.py

@@ -207,6 +207,9 @@ class AmphoraFlows:
             name=constants.DELETE_AMPHORA + '-' + amphora_id,
             inject={constants.AMPHORA: amphora,
                     constants.PASSIVE_FAILURE: True}))
+        delete_amphora_flow.add(network_tasks.DeleteAmphoraMemberPorts(
+            name=constants.DELETE_AMPHORA_MEMBER_PORTS + '-' + amphora_id,
+            inject={constants.AMPHORA_ID: amphora[constants.ID]}))
         delete_amphora_flow.add(database_tasks.DisableAmphoraHealthMonitoring(
             name=constants.DISABLE_AMP_HEALTH_MONITORING + '-' + amphora_id,
             inject={constants.AMPHORA: amphora}))
@@ -219,11 +222,6 @@ class AmphoraFlows:
                       str(amphora[constants.VRRP_PORT_ID])),
                 inject={constants.PORT_ID: amphora[constants.VRRP_PORT_ID],
                         constants.PASSIVE_FAILURE: True}))
-        # TODO(johnsom) What about cleaning up any member ports?
-        # maybe we should get the list of attached ports prior to delete
-        # and call delete on them here. Fix this as part of
-        # https://storyboard.openstack.org/#!/story/2007077
-
         return delete_amphora_flow
 
     def get_vrrp_subflow(self, prefix, timeout_dict=None,

octavia/controller/worker/v2/flows/listener_flows.py

@@ -176,7 +176,8 @@ class ListenerFlows:
 
         fw_rules_subflow.add(
             amphora_driver_tasks.AmphoraeGetConnectivityStatus(
-                name=constants.AMPHORAE_GET_CONNECTIVITY_STATUS,
+                name=(sf_name + '-' +
+                      constants.AMPHORAE_GET_CONNECTIVITY_STATUS),
                 requires=constants.AMPHORAE,
                 inject={constants.TIMEOUT_DICT: timeout_dict,
                         constants.NEW_AMPHORA_ID: constants.NIL_UUID},

octavia/controller/worker/v2/flows/load_balancer_flows.py

@@ -31,6 +31,7 @@ from octavia.controller.worker.v2.tasks import database_tasks
 from octavia.controller.worker.v2.tasks import lifecycle_tasks
 from octavia.controller.worker.v2.tasks import network_tasks
 from octavia.controller.worker.v2.tasks import notification_tasks
+from octavia.db import api as db_apis
 from octavia.db import repositories as repo
 
 CONF = cfg.CONF
@@ -41,6 +42,8 @@ class LoadBalancerFlows:
 
     def __init__(self):
         self.amp_flows = amphora_flows.AmphoraFlows()
+        self.amphora_repo = repo.AmphoraRepository()
+        self.amphora_member_port_repo = repo.AmphoraMemberPortRepository()
         self.listener_flows = listener_flows.ListenerFlows()
         self.pool_flows = pool_flows.PoolFlows()
         self.member_flows = member_flows.MemberFlows()
@@ -336,6 +339,9 @@ class LoadBalancerFlows:
             pools_delete = self._get_delete_pools_flow(pools)
             delete_LB_flow.add(pools_delete)
             delete_LB_flow.add(listeners_delete)
+            member_ports_delete = self.get_delete_member_ports_subflow(
+                lb[constants.LOADBALANCER_ID])
+            delete_LB_flow.add(member_ports_delete)
         delete_LB_flow.add(network_tasks.UnplugVIP(
             requires=constants.LOADBALANCER))
         delete_LB_flow.add(network_tasks.DeallocateVIP(
@@ -372,6 +378,11 @@ class LoadBalancerFlows:
         update_LB_flow = linear_flow.Flow(constants.UPDATE_LOADBALANCER_FLOW)
         update_LB_flow.add(lifecycle_tasks.LoadBalancerToErrorOnRevertTask(
             requires=constants.LOADBALANCER))
+        update_LB_flow.add(network_tasks.UpdateVIPSecurityGroup(
+            requires=constants.LOADBALANCER_ID,
+            provides=constants.VIP_SG_ID))
+        update_LB_flow.add(network_tasks.UpdateAmphoraSecurityGroup(
+            requires=constants.LOADBALANCER_ID))
         update_LB_flow.add(network_tasks.ApplyQos(
             requires=(constants.LOADBALANCER, constants.UPDATE_DICT)))
         update_LB_flow.add(amphora_driver_tasks.ListenersUpdate(
@@ -744,3 +755,30 @@ class LoadBalancerFlows:
                                             requires=constants.LOADBALANCER))
 
         return failover_LB_flow
+
+    def get_delete_member_ports_subflow(self, load_balancer_id):
+        """A subflow that will delete all of the member ports on an LB
+
+        :param load_balancer_id: A load balancer ID
+        :returns: A Taskflow flow
+        """
+        port_delete_flow = unordered_flow.Flow('delete_member_ports')
+
+        session = db_apis.get_session()
+        with session.begin():
+            amps = self.amphora_repo.get_amphorae_ids_on_lb(session,
+                                                            load_balancer_id)
+        for amp in amps:
+            with session.begin():
+                ports = self.amphora_member_port_repo.get_port_ids(session,
+                                                                   amp)
+                for port in ports:
+                    port_delete_flow.add(
+                        network_tasks.DeletePort(
+                            name='delete_member_port' + '-' + port,
+                            inject={constants.PORT_ID: port}))
+                    port_delete_flow.add(
+                        database_tasks.DeleteAmpMemberPortInDB(
+                            name='delete_member_port_in_db' + '-' + port,
+                            inject={constants.PORT_ID: port}))
+        return port_delete_flow

octavia/controller/worker/v2/taskflow_jobboard_driver.py

@@ -15,6 +15,7 @@ import contextlib
 
 from oslo_config import cfg
 from oslo_log import log
+from oslo_utils import netutils
 from oslo_utils import strutils
 from taskflow.jobs import backends as job_backends
 from taskflow.persistence import backends as persistence_backends
@@ -90,19 +91,16 @@ class RedisTaskFlowDriver(JobboardTaskFlowDriver):
 
     def job_board(self, persistence):
 
-        def _format_server(host, port):
-            if ':' in host:
-                return '[%s]:%d' % (host, port)
-            return '%s:%d' % (host, port)
-
         jobboard_backend_conf = {
             'board': 'redis',
             'host': CONF.task_flow.jobboard_backend_hosts[0],
             'port': CONF.task_flow.jobboard_backend_port,
+            'db': CONF.task_flow.jobboard_redis_backend_db,
             'namespace': CONF.task_flow.jobboard_backend_namespace,
             'sentinel': CONF.task_flow.jobboard_redis_sentinel,
             'sentinel_fallbacks': [
-                _format_server(host, CONF.task_flow.jobboard_backend_port)
+                '%s:%d' % (netutils.escape_ipv6(host),
+                           CONF.task_flow.jobboard_backend_port)
                 for host in CONF.task_flow.jobboard_backend_hosts[1:]
             ]
         }
@@ -131,3 +129,33 @@ class RedisTaskFlowDriver(JobboardTaskFlowDriver):
             CONF.task_flow.jobboard_backend_namespace,
             jobboard_backend_conf,
             persistence=persistence)
+
+
+class EtcdTaskFlowDriver(JobboardTaskFlowDriver):
+
+    def __init__(self, persistence_driver):
+        self.persistence_driver = persistence_driver
+
+    def job_board(self, persistence):
+        jobboard_backend_conf = {
+            'board': 'etcd',
+            'host': CONF.task_flow.jobboard_backend_hosts[0],
+            'port': CONF.task_flow.jobboard_backend_port,
+            'path': CONF.task_flow.jobboard_backend_namespace,
+            'ttl': CONF.task_flow.jobboard_expiration_time,
+        }
+        if CONF.task_flow.jobboard_etcd_ssl_options['use_ssl']:
+            jobboard_backend_conf.update(
+                CONF.task_flow.jobboard_etcd_ssl_options)
+            jobboard_backend_conf.pop('use_ssl')
+            jobboard_backend_conf['protocol'] = 'https'
+        if CONF.task_flow.jobboard_etcd_timeout is not None:
+            jobboard_backend_conf['timeout'] = (
+                CONF.task_flow.jobboard_etcd_timeout)
+        if CONF.task_flow.jobboard_etcd_api_path is not None:
+            jobboard_backend_conf['api_path'] = (
+                CONF.task_flow.jobboard_etcd_api_path)
+
+        return job_backends.backend(CONF.task_flow.jobboard_backend_namespace,
+                                    jobboard_backend_conf,
+                                    persistence=persistence)

octavia/controller/worker/v2/tasks/compute_tasks.py

@@ -236,26 +236,30 @@ class ComputeDelete(BaseComputeTask):
         amphora_id = amphora.get(constants.ID)
         compute_id = amphora[constants.COMPUTE_ID]
 
-        if self.execute.retry.statistics.get(constants.ATTEMPT_NUMBER, 1) == 1:
+        # tenacity 8.5.0 moves statistics from the retry object to the function
+        try:
+            retry_statistics = self.execute.statistics
+        except AttributeError:
+            retry_statistics = self.execute.retry.statistics
+        if retry_statistics.get(constants.ATTEMPT_NUMBER, 1) == 1:
             LOG.debug('Compute delete execute for amphora with ID %s and '
                       'compute ID: %s', amphora_id, compute_id)
         else:
             LOG.warning('Retrying compute delete of %s attempt %s of %s.',
                         compute_id,
-                        self.execute.retry.statistics[
-                            constants.ATTEMPT_NUMBER],
+                        retry_statistics[constants.ATTEMPT_NUMBER],
                         self.execute.retry.stop.max_attempt_number)
         # Let the Taskflow engine know we are working and alive
         # Don't use get with a default for 'attempt_number', we need to fail
         # if that number is missing.
         self.update_progress(
-            self.execute.retry.statistics[constants.ATTEMPT_NUMBER] /
+            retry_statistics[constants.ATTEMPT_NUMBER] /
             self.execute.retry.stop.max_attempt_number)
 
         try:
             self.compute.delete(compute_id)
         except Exception:
-            if (self.execute.retry.statistics[constants.ATTEMPT_NUMBER] !=
+            if (retry_statistics[constants.ATTEMPT_NUMBER] !=
                     self.execute.retry.stop.max_attempt_number):
                 LOG.warning('Compute delete for amphora id: %s failed. '
                             'Retrying.', amphora_id)

octavia/controller/worker/v2/tasks/database_tasks.py

@@ -55,6 +55,7 @@ class BaseDatabaseTask(task.Task):
         self.l7policy_repo = repo.L7PolicyRepository()
         self.l7rule_repo = repo.L7RuleRepository()
         self.task_utils = task_utilities.TaskUtils()
+        self.amphora_member_port_repo = repo.AmphoraMemberPortRepository()
         super().__init__(**kwargs)
 
     def _delete_from_amp_health(self, session, amphora_id):
@@ -132,13 +133,17 @@ class CreateAmphoraInDB(BaseDatabaseTask):
         LOG.warning("Reverting create amphora in DB for amp id %s ", result)
 
         # Delete the amphora for now. May want to just update status later
-        try:
-            with db_apis.session().begin() as session:
+        with db_apis.session().begin() as session:
+            try:
                 self.amphora_repo.delete(session, id=result)
-        except Exception as e:
-            LOG.error("Failed to delete amphora %(amp)s "
-                      "in the database due to: "
-                      "%(except)s", {'amp': result, 'except': str(e)})
+            except Exception as e:
+                LOG.error("Failed to delete amphora %(amp)s "
+                          "in the database due to: "
+                          "%(except)s", {'amp': result, 'except': str(e)})
+            try:
+                self.amp_health_repo.delete(session, amphora_id=result)
+            except Exception:
+                pass
 
 
 class MarkLBAmphoraeDeletedInDB(BaseDatabaseTask):
@@ -416,6 +421,21 @@ class DeleteL7RuleInDB(BaseDatabaseTask):
                        'except': str(e)})
 
 
+class DeleteAmpMemberPortInDB(BaseDatabaseTask):
+    """Delete an amphora member port record in the DB."""
+
+    def execute(self, port_id):
+        """Delete the amphora member port in DB
+
+        :param port_id: The port_id to be deleted
+        :returns: None
+        """
+
+        LOG.debug("Delete in DB for amphora member port %s", port_id)
+        with db_apis.session().begin() as session:
+            self.amphora_member_port_repo.delete(session, port_id=port_id)
+
+
 class ReloadAmphora(BaseDatabaseTask):
     """Get an amphora object from the database."""