openstack/trove
Code Issues Proposed changes

Skip IP addresses from management networks

Browse Source 
When management networks(`default_neutron_networks`) is configured, the
management interface information should be invisible to the end users.

Change-Id: I2d10e5ff9760c75ae2739a5add7542baf9881207
This commit is contained in:
Lingxian Kong 2019-02-16 23:48:47 +13:00
parent 795f2bde88
commit 7bf1b28703
3 changed files with 86 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
trove/common/neutron.py Normal file
View File

@ -0,0 +1,49 @@
# Copyright 2019 Catalyst Cloud Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from trove.common import cfg
from trove.common import remote
CONF = cfg.CONF
MGMT_NETWORKS = None
def get_management_networks(context):
"""Cache the management network names.
When CONF.default_neutron_networks is changed, the Trove service needs to
restart so the global cache will be refreshed.
"""
global MGMT_NETWORKS
if MGMT_NETWORKS is not None:
return MGMT_NETWORKS
MGMT_NETWORKS = []
if len(CONF.default_neutron_networks) > 0:
neutron_client = remote.create_neutron_client(context)
for net_id in CONF.default_neutron_networks:
MGMT_NETWORKS.append(
neutron_client.show_network(net_id)['network']['name']
)
return MGMT_NETWORKS
def reset_management_networks():
"""This method is only for testing purpose."""
global MGMT_NETWORKS
MGMT_NETWORKS = None

17
trove/instance/models.py
View File

@ -32,6 +32,7 @@ from trove.common import exception
from trove.common.glance_remote import create_glance_client from trove.common.glance_remote import create_glance_client
from trove.common.i18n import _ from trove.common.i18n import _
import trove.common.instance as tr_instance import trove.common.instance as tr_instance
from trove.common import neutron
from trove.common.notification import StartNotification from trove.common.notification import StartNotification
from trove.common.remote import create_cinder_client from trove.common.remote import create_cinder_client
from trove.common.remote import create_dns_client from trove.common.remote import create_dns_client
@ -226,15 +227,23 @@ class SimpleInstance(object):
"""Returns IPs that will be visible to the user.""" """Returns IPs that will be visible to the user."""
if self.addresses is None: if self.addresses is None:
return None return None
IPs = [] IPs = []
mgmt_networks = neutron.get_management_networks(self.context)
for label in self.addresses: for label in self.addresses:
if (re.search(CONF.network_label_regex, label) and if label in mgmt_networks:
len(self.addresses[label]) > 0): continue
IPs.extend([addr.get('addr') if (CONF.network_label_regex and
for addr in self.addresses[label]]) not re.search(CONF.network_label_regex, label)):
continue
IPs.extend([addr.get('addr') for addr in self.addresses[label]])
# Includes ip addresses that match the regexp pattern # Includes ip addresses that match the regexp pattern
if CONF.ip_regex and CONF.black_list_regex: if CONF.ip_regex and CONF.black_list_regex:
IPs = filter_ips(IPs, CONF.ip_regex, CONF.black_list_regex) IPs = filter_ips(IPs, CONF.ip_regex, CONF.black_list_regex)
return IPs return IPs
@property @property

24
trove/tests/unittests/instance/test_instance_models.py
View File

@ -19,6 +19,7 @@ from trove.backup import models as backup_models
from trove.common import cfg from trove.common import cfg
from trove.common import exception from trove.common import exception
from trove.common.instance import ServiceStatuses from trove.common.instance import ServiceStatuses
from trove.common import neutron
from trove.datastore import models as datastore_models from trove.datastore import models as datastore_models
from trove.instance import models from trove.instance import models
from trove.instance.models import DBInstance from trove.instance.models import DBInstance
@ -60,6 +61,11 @@ class SimpleInstanceTest(trove_testtools.TestCase):
super(SimpleInstanceTest, self).tearDown() super(SimpleInstanceTest, self).tearDown()
CONF.network_label_regex = self.orig_conf CONF.network_label_regex = self.orig_conf
CONF.ip_start = None CONF.ip_start = None
CONF.default_neutron_networks = []
CONF.ip_regex = self.orig_ip_regex
CONF.black_list_regex = self.orig_black_list_regex
neutron.reset_management_networks()
def test_get_root_on_create(self): def test_get_root_on_create(self):
root_on_create_val = Instance.get_root_on_create( root_on_create_val = Instance.get_root_on_create(
@ -107,6 +113,24 @@ class SimpleInstanceTest(trove_testtools.TestCase):
self.assertIn('123.123.123.123', ip) self.assertIn('123.123.123.123', ip)
self.assertIn('15.123.123.123', ip) self.assertIn('15.123.123.123', ip)
@patch('trove.common.remote.create_neutron_client')
def test_filter_management_ip_addresses(self, mock_neutron_client):
CONF.network_label_regex = ''
CONF.default_neutron_networks = ['fake-net-id']
neutron_client = Mock()
neutron_client.show_network.return_value = {
'network': {'name': 'public'}
}
mock_neutron_client.return_value = neutron_client
ip = self.instance.get_visible_ip_addresses()
neutron_client.show_network.assert_called_once_with('fake-net-id')
self.assertEqual(2, len(ip))
self.assertIn('123.123.123.123', ip)
self.assertIn('10.123.123.123', ip)
def test_locality(self): def test_locality(self):
self.assertEqual('affinity', self.instance.locality) self.assertEqual('affinity', self.instance.locality)