When RBAC was enabled ovn-controller wasn't able to create any
Learned_Route rows due to missing RBAC configuration. Add the
configuration to allow ovn-controller insertion and update inside
Learned_Route table.
Fixes: 866a5014ae45 ("controller: Support learning routes.")
Acked-by: Dumitru Ceara <[email protected]>
Signed-off-by: Ales Musil <[email protected]>
---
v2: Add external_ids into allowed columns.
---
northd/ovn-northd.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
index c9d88dd22..b196b2d60 100644
--- a/northd/ovn-northd.c
+++ b/northd/ovn-northd.c
@@ -128,6 +128,11 @@ static const char *rbac_bfd_auth[] =
static const char *rbac_bfd_update[] =
{"status"};
+static const char *rbac_learned_route_auth[] =
+ {""};
+static const char *rbac_learned_route_update[] =
+ {"datapath", "logical_port", "ip_prefix", "nexthop", "external_ids"};
+
static struct rbac_perm_cfg {
const char *table;
const char **auth;
@@ -217,6 +222,14 @@ static struct rbac_perm_cfg {
.update = rbac_bfd_update,
.n_update = ARRAY_SIZE(rbac_bfd_update),
.row = NULL
+ },{
+ .table = "Learned_Route",
+ .auth = rbac_learned_route_auth,
+ .n_auth = ARRAY_SIZE(rbac_learned_route_auth),
+ .insdel = true,
+ .update = rbac_learned_route_update,
+ .n_update = ARRAY_SIZE(rbac_learned_route_update),
+ .row = NULL
},{
.table = NULL,
.auth = NULL,
--
2.51.0
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
