Merge "NSX|v3: Use nsxlib features list"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
28977f213a
@ -28,13 +28,13 @@ from neutron_lib import constants
|
||||
from oslo_context import context as common_context
|
||||
from oslo_log import log
|
||||
|
||||
from vmware_nsxlib.v3 import nsx_constants as v3_const
|
||||
|
||||
LOG = log.getLogger(__name__)
|
||||
|
||||
MAX_DISPLAY_NAME_LEN = 40
|
||||
NEUTRON_VERSION = n_version.version_info.release_string()
|
||||
OS_NEUTRON_ID_SCOPE = 'os-neutron-id'
|
||||
NSXV3_VERSION_1_1_0 = '1.1.0'
|
||||
NSXV3_VERSION_2_0_0 = '2.0.0'
|
||||
|
||||
|
||||
# Allowed network types for the NSX Plugin
|
||||
@ -68,12 +68,12 @@ class NsxV3NetworkTypes(object):
|
||||
|
||||
def is_nsx_version_1_1_0(nsx_version):
|
||||
return (version.LooseVersion(nsx_version) >=
|
||||
version.LooseVersion(NSXV3_VERSION_1_1_0))
|
||||
version.LooseVersion(v3_const.NSX_VERSION_1_1_0))
|
||||
|
||||
|
||||
def is_nsx_version_2_0_0(nsx_version):
|
||||
return (version.LooseVersion(nsx_version) >=
|
||||
version.LooseVersion(NSXV3_VERSION_2_0_0))
|
||||
version.LooseVersion(v3_const.NSX_VERSION_2_0_0))
|
||||
|
||||
|
||||
def is_nsxv_version_6_2(nsx_version):
|
||||
|
||||
@ -282,7 +282,7 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
|
||||
self._mac_learning_profile = None
|
||||
# Only create MAC Learning profile when nsxv3 version >= 1.1.0
|
||||
if utils.is_nsx_version_1_1_0(self._nsx_version):
|
||||
if self.nsxlib.feature_supported(nsxlib_consts.FEATURE_MAC_LEARNING):
|
||||
LOG.debug("Initializing NSX v3 Mac Learning switching profile")
|
||||
try:
|
||||
self._init_mac_learning_profile()
|
||||
@ -1572,12 +1572,15 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
|
||||
add_to_exclude_list = False
|
||||
if self._is_excluded_port(device_owner, psec_is_on):
|
||||
if utils.is_nsx_version_2_0_0(self._nsx_version):
|
||||
if self.nsxlib.feature_supported(
|
||||
nsxlib_consts.FEATURE_EXCLUDE_PORT_BY_TAG):
|
||||
tags.append({'scope': security.PORT_SG_SCOPE,
|
||||
'tag': nsxlib_consts.EXCLUDE_PORT})
|
||||
else:
|
||||
add_to_exclude_list = True
|
||||
elif utils.is_nsx_version_1_1_0(self._nsx_version):
|
||||
|
||||
elif self.nsxlib.feature_supported(
|
||||
nsxlib_consts.FEATURE_DYNAMIC_CRITERIA):
|
||||
# If port has no security-groups then we don't need to add any
|
||||
# security criteria tag.
|
||||
if port_data[ext_sg.SECURITYGROUPS]:
|
||||
@ -2117,7 +2120,8 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
{'id': neutron_db['id'], 'e': e})
|
||||
self._cleanup_port(context, neutron_db['id'], None)
|
||||
|
||||
if not utils.is_nsx_version_1_1_0(self._nsx_version):
|
||||
if not self.nsxlib.feature_supported(
|
||||
nsxlib_consts.FEATURE_DYNAMIC_CRITERIA):
|
||||
try:
|
||||
self._update_lport_with_security_groups(
|
||||
context, lport['id'], [], sgids or [])
|
||||
@ -2202,11 +2206,13 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
_net_id, nsx_port_id = nsx_db.get_nsx_switch_and_port_id(
|
||||
context.session, port_id)
|
||||
self.nsxlib.logical_port.delete(nsx_port_id)
|
||||
if not utils.is_nsx_version_1_1_0(self._nsx_version):
|
||||
if not self.nsxlib.feature_supported(
|
||||
nsxlib_consts.FEATURE_DYNAMIC_CRITERIA):
|
||||
self._update_lport_with_security_groups(
|
||||
context, nsx_port_id,
|
||||
port.get(ext_sg.SECURITYGROUPS, []), [])
|
||||
if (not utils.is_nsx_version_2_0_0(self._nsx_version) and
|
||||
if (not self.nsxlib.feature_supported(
|
||||
nsxlib_consts.FEATURE_EXCLUDE_PORT_BY_TAG) and
|
||||
self._is_excluded_port(port.get('device_owner'),
|
||||
port.get('port_security_enabled'))):
|
||||
fs = self.nsxlib.firewall_section
|
||||
@ -2349,7 +2355,8 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
original_excluded = self._is_excluded_port(original_device_owner,
|
||||
original_ps)
|
||||
if updated_excluded != original_excluded:
|
||||
if utils.is_nsx_version_2_0_0(self._nsx_version):
|
||||
if self.nsxlib.feature_supported(
|
||||
nsxlib_consts.FEATURE_EXCLUDE_PORT_BY_TAG):
|
||||
if updated_excluded:
|
||||
tags_update.append({'scope': security.PORT_SG_SCOPE,
|
||||
'tag': nsxlib_consts.EXCLUDE_PORT})
|
||||
@ -2365,7 +2372,8 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
fs.remove_member_from_fw_exclude_list(
|
||||
lport_id, nsxlib_consts.TARGET_TYPE_LOGICAL_PORT)
|
||||
|
||||
if utils.is_nsx_version_1_1_0(self._nsx_version):
|
||||
if self.nsxlib.feature_supported(
|
||||
nsxlib_consts.FEATURE_DYNAMIC_CRITERIA):
|
||||
tags_update += self.nsxlib.ns_group.get_lport_tags(
|
||||
updated_port.get(ext_sg.SECURITYGROUPS, []) +
|
||||
updated_port.get(provider_sg.PROVIDER_SECURITYGROUPS, []))
|
||||
@ -3367,7 +3375,8 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
project_name=secgroup['tenant_id'])
|
||||
name = self.nsxlib.ns_group.get_name(secgroup)
|
||||
|
||||
if utils.is_nsx_version_1_1_0(self._nsx_version):
|
||||
if self.nsxlib.feature_supported(
|
||||
nsxlib_consts.FEATURE_DYNAMIC_CRITERIA):
|
||||
tag_expression = (
|
||||
self.nsxlib.ns_group.get_port_tag_expression(
|
||||
security.PORT_SG_SCOPE, secgroup['id']))
|
||||
|
||||
@ -20,7 +20,6 @@ from neutron_lib.callbacks import registry
|
||||
from neutron_lib import context as neutron_context
|
||||
from oslo_log import log as logging
|
||||
|
||||
from vmware_nsx.common import utils
|
||||
from vmware_nsx.db import db as nsx_db
|
||||
from vmware_nsx.db import nsx_models
|
||||
from vmware_nsx.extensions import providersecuritygroup as provider_sg
|
||||
@ -221,7 +220,7 @@ def fix_security_groups(resource, event, trigger, **kwargs):
|
||||
context_, sg_id, nsgroup['id'], fw_section['id'])
|
||||
# If version > 1.1 then we use dynamic criteria tags, and the port
|
||||
# should already have them.
|
||||
if not utils.is_nsx_version_1_1_0(plugin._nsx_version):
|
||||
if not nsxlib.feature_supported(consts.FEATURE_DYNAMIC_CRITERIA):
|
||||
members = []
|
||||
for port_id in neutron_sg.get_ports_in_security_group(sg_id):
|
||||
lport_id = neutron_sg.get_logical_port_id(port_id)
|
||||
@ -279,7 +278,7 @@ def _update_security_group_dynamic_criteria():
|
||||
|
||||
@admin_utils.output_header
|
||||
def migrate_nsgroups_to_dynamic_criteria(resource, event, trigger, **kwargs):
|
||||
if not utils.is_nsx_version_1_1_0(nsxlib.get_version()):
|
||||
if not nsxlib.feature_supported(consts.FEATURE_DYNAMIC_CRITERIA):
|
||||
LOG.error("Dynamic criteria grouping feature isn't supported by "
|
||||
"this NSX version.")
|
||||
return
|
||||
|
||||
@ -17,8 +17,8 @@ import mock
|
||||
from neutron.extensions import securitygroup as ext_sg
|
||||
from neutron.tests.unit.extensions import test_securitygroup as test_ext_sg
|
||||
|
||||
from vmware_nsx.plugins.nsx_v3 import plugin as nsx_plugin
|
||||
from vmware_nsx.tests.unit.nsx_v3 import test_plugin as test_nsxv3
|
||||
from vmware_nsxlib import v3 as nsxlib
|
||||
from vmware_nsxlib.v3 import exceptions as nsxlib_exc
|
||||
from vmware_nsxlib.v3 import nsx_constants as consts
|
||||
|
||||
@ -65,9 +65,8 @@ class TestSecurityGroupsNoDynamicCriteria(test_nsxv3.NsxV3PluginTestCaseMixin,
|
||||
|
||||
def setUp(self):
|
||||
super(TestSecurityGroupsNoDynamicCriteria, self).setUp()
|
||||
mock_nsx_version = mock.patch.object(nsx_plugin.utils,
|
||||
'is_nsx_version_1_1_0',
|
||||
new=lambda v: False)
|
||||
mock_nsx_version = mock.patch.object(
|
||||
nsxlib.NsxLib, 'feature_supported', return_value=False)
|
||||
mock_nsx_version.start()
|
||||
self._patchers.append(mock_nsx_version)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user