DVS: ensure that provider networks work correctly

The following provider networks can be defined for a DVS:
- VLAN
- FLAT network

Only an admin user can create a network for a tenant.

Note: in order to get this to work with devstack we need to enable
the base security groups to work. The plugin does NOT support security
groups.

Change-Id: Ib381202873b4bf37a5e909dcf194d197791e63db
This commit is contained in:
Gary Kotton 2015-03-16 04:58:03 -07:00 committed by garyk
parent 77f8eb2c52
commit 0bdf9d272c
2 changed files with 40 additions and 64 deletions

View File

@ -20,7 +20,9 @@ from oslo_utils import excutils
from neutron.api import extensions as neutron_extensions from neutron.api import extensions as neutron_extensions
from neutron.api.v2 import attributes as attr from neutron.api.v2 import attributes as attr
from neutron.common import constants
from neutron.common import exceptions as n_exc from neutron.common import exceptions as n_exc
from neutron.common import utils
from neutron.db import agentschedulers_db from neutron.db import agentschedulers_db
from neutron.db import allowedaddresspairs_db as addr_pair_db from neutron.db import allowedaddresspairs_db as addr_pair_db
from neutron.db import db_base_plugin_v2 from neutron.db import db_base_plugin_v2
@ -143,7 +145,7 @@ class NsxDvsV2(addr_pair_db.AllowedAddressPairsMixin,
nsx_db.add_network_binding( nsx_db.add_network_binding(
context.session, new_net['id'], context.session, new_net['id'],
net_data.get(pnet.NETWORK_TYPE), net_data.get(pnet.NETWORK_TYPE),
net_data.get(pnet.PHYSICAL_NETWORK), 'dvs',
vlan_tag) vlan_tag)
except Exception: except Exception:
with excutils.save_and_reraise_exception(): with excutils.save_and_reraise_exception():
@ -157,7 +159,40 @@ class NsxDvsV2(addr_pair_db.AllowedAddressPairsMixin,
action='create_network') action='create_network')
return new_net return new_net
def _validate_network(self, context, net_data):
network_type = net_data.get(pnet.NETWORK_TYPE)
segmentation_id = net_data.get(pnet.SEGMENTATION_ID)
segmentation_id_set = attr.is_attr_set(segmentation_id)
if not context.is_admin:
err_msg = _("Only and admin can create a DVS provider "
"network")
raise n_exc.InvalidInput(error_message=err_msg)
err_msg = None
if network_type == c_utils.NetworkTypes.FLAT:
if segmentation_id_set:
err_msg = _("Segmentation ID cannot be specified with "
"flat network type")
elif network_type == c_utils.NetworkTypes.VLAN:
if not segmentation_id_set:
err_msg = _("Segmentation ID must be specified with "
"vlan network type")
elif (segmentation_id_set and
not utils.is_valid_vlan_tag(segmentation_id)):
err_msg = (_("%(segmentation_id)s out of range "
"(%(min_id)s through %(max_id)s)") %
{'segmentation_id': segmentation_id,
'min_id': constants.MIN_VLAN_TAG,
'max_id': constants.MAX_VLAN_TAG})
else:
err_msg = (_("%(net_type_param)s %(net_type_value)s not "
"supported") %
{'net_type_param': pnet.NETWORK_TYPE,
'net_type_value': network_type})
if err_msg:
raise n_exc.InvalidInput(error_message=err_msg)
def create_network(self, context, network): def create_network(self, context, network):
self._validate_network(context, network['network'])
return self._dvs_create_network(context, network) return self._dvs_create_network(context, network)
def _dvs_delete_network(self, context, id): def _dvs_delete_network(self, context, id):
@ -320,67 +355,8 @@ class NsxDvsV2(addr_pair_db.AllowedAddressPairsMixin,
self.handle_port_dhcp_access( self.handle_port_dhcp_access(
context, neutron_db_port, action='delete_port') context, neutron_db_port, action='delete_port')
def get_router(self, context, id, fields=None):
# DVS backend cannot support logical router.
msg = (_("Unable to get info for router %s on DVS backend") % id)
raise n_exc.BadRequest(resource="router", msg=msg)
def create_router(self, context, router): def create_router(self, context, router):
# DVS backend cannot support logical router # DVS backend cannot support logical router
msg = (_("Unable to create router %s on DVS backend") % msg = (_("Unable to create router %s with DVS") %
router['router']['name']) router['router']['name'])
raise n_exc.BadRequest(resource="router", msg=msg) raise n_exc.BadRequest(resource="router", msg=msg)
def update_router(self, context, router_id, router):
# DVS backend cannot support logical router
msg = (_("Unable to update router %s on DVS backend") % router_id)
raise n_exc.BadRequest(resource="router", msg=msg)
def delete_router(self, context, router_id):
# DVS backend cannot support logical router.
msg = (_("Unable to delete router %s on DVS backend") % router_id)
raise n_exc.BadRequest(resource="router", msg=msg)
def add_router_interface(self, context, router_id, interface_info):
# DVS backend cannot support logical router
msg = _("Unable to add router interface to network on DVS backend")
raise n_exc.BadRequest(resource="router", msg=msg)
def remove_router_interface(self, context, router_id, interface_info):
# DVS backend cannot support logical router
msg = _("Unable to remove router interface to network on DVS backend")
raise n_exc.BadRequest(resource="router", msg=msg)
def delete_floatingip(self, context, id):
# DVS backend cannot support floating ips
msg = _("Cannot bind a floating ip to ports on DVS backend")
raise n_exc.BadRequest(resource="port", msg=msg)
def disassociate_floatingips(self, context, port_id):
# DVS backend cannot support floating ips
msg = _("Cannot bind a floating ip to ports on DVS backend")
raise n_exc.BadRequest(resource="port", msg=msg)
def create_security_group(self, context, security_group, default_sg=False):
raise NotImplementedError(
_("Create security group not supported for DVS"))
def update_security_group(self, context, secgroup_id, security_group):
raise NotImplementedError(
_("Update security group not supported for DVS"))
def delete_security_group(self, context, security_group_id):
raise NotImplementedError(
_("Delete security group not supported for DVS"))
def create_security_group_rule(self, context, security_group_rule):
raise NotImplementedError(
_("Create security group rule not supported for DVS"))
def create_security_group_rule_bulk(self, context, security_group_rule):
raise NotImplementedError(
_("Create security group rule not supported for DVS"))
def delete_security_group_rule(self, context, sgrid):
raise NotImplementedError(
_("Delete security group rule not supported for DVS"))

View File

@ -122,9 +122,9 @@ class NeutronSimpleDvsTest(test_plugin.NeutronDbPluginV2TestCase):
self._plugin = manager.NeutronManager.get_plugin() self._plugin = manager.NeutronManager.get_plugin()
def _create_and_delete_dvs_network(self, network_type='flat', vlan_tag=0): def _create_and_delete_dvs_network(self, network_type='flat', vlan_tag=0):
params = {'provider:network_type': network_type, params = {'provider:network_type': network_type}
'provider:physical_network': 'dvs', if network_type == 'vlan':
'provider:segmentation_id': vlan_tag} params['provider:segmentation_id'] = vlan_tag
params['arg_list'] = tuple(params.keys()) params['arg_list'] = tuple(params.keys())
with contextlib.nested( with contextlib.nested(
mock.patch.object(self._plugin._dvs, 'add_port_group'), mock.patch.object(self._plugin._dvs, 'add_port_group'),