Ubuntu
openvswitch package

Adding RBAC role to connection does not affect existing connections

Bug #1917485 reported by Liam Young
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openvswitch (Ubuntu)
New
Undecided
Unassigned

Bug Description

It seems that updating the role attribute of a connection has no affect on existing connections. For example when investigating another bug I needed to disable rbac but to get that to take effect I needed to either restart the southbound listener or the ovn-controller.

fwiw these are the steps I took to disable rbac (excluding the restart):

# ovn-sbctl find connection
_uuid : a3b68994-4376-4506-81eb-e23d15641305
external_ids : {}
inactivity_probe : 60000
is_connected : false
max_backoff : []
other_config : {}
read_only : false
role : ""
status : {}
target : "pssl:16642"

_uuid : ee53c2b6-ed8b-4b21-9825-a4ecaf2bdc95
external_ids : {}
inactivity_probe : 60000
is_connected : false
max_backoff : []
other_config : {}
read_only : false
role : ovn-controller
status : {}
target : "pssl:6642"

# ovn-sbctl set connection ee53c2b6-ed8b-4b21-9825-a4ecaf2bdc95 role='""'
# ovn-sbctl find connection
_uuid : a3b68994-4376-4506-81eb-e23d15641305
external_ids : {}
inactivity_probe : 60000
is_connected : false
max_backoff : []
other_config : {}
read_only : false
role : ""
status : {}
target : "pssl:16642"

_uuid : ee53c2b6-ed8b-4b21-9825-a4ecaf2bdc95
external_ids : {}
inactivity_probe : 60000
is_connected : false
max_backoff : []
other_config : {}
read_only : false
role : ""
status : {}
target : "pssl:6642"

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.