Merge "TVD AdminUtils: Use only objects from specific plugin"

2018-01-18 11:44:37 +00:00 · 2018-01-18 11:44:37 +00:00 · 3caac5a518
commit 3caac5a518
parent f001513e7f c06d20e21b
9 changed files with 99 additions and 19 deletions
--- a/vmware_nsx/db/db.py
+++ b/vmware_nsx/db/db.py
@ -694,6 +694,11 @@ def get_project_plugin_mappings(session):
    return session.query(nsx_models.NsxProjectPluginMapping).all()
 def get_project_plugin_mappings_by_plugin(session, plugin):
    return session.query(nsx_models.NsxProjectPluginMapping).filter_by(
        plugin=plugin).all()
 def add_nsx_vpn_connection_mapping(session, neutron_id, session_id,
                                   dpd_profile_id, ike_profile_id,
                                   ipsec_profile_id, peer_ep_id):
--- a/vmware_nsx/shell/admin/plugins/common/utils.py
+++ b/vmware_nsx/shell/admin/plugins/common/utils.py
@ -16,6 +16,7 @@ import sys
 import six
 from vmware_nsx._i18n import _
 from vmware_nsx.db import db
 from vmware_nsx.shell import resources as nsxadmin
 from neutron.common import profiler  # noqa
@ -112,3 +113,16 @@ def fix_mismatches_handler(resource):
                           nsxadmin.Operations.FIX_MISMATCH.value)
        return func
    return wrap
 def get_plugin_filters(context, plugin):
    # Return filters for the neutron list apis so that only resources from
    # a specific plugin will be returned.
    filters = {}
    core_plugin = nsxadmin.get_plugin()
    if core_plugin == 'nsxtvd':
        maps = db.get_project_plugin_mappings_by_plugin(
            context.session, plugin)
        if maps:
            filters['project_id'] = [m.project for m in maps]
    return filters
--- a/vmware_nsx/shell/admin/plugins/nsxv/resources/securitygroups.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/securitygroups.py
@ -73,8 +73,9 @@ class NeutronSecurityGroupDB(
            self.context, sg_id)
    def get_security_groups(self):
        filters = utils.get_plugin_filters(self.context)
        return super(NeutronSecurityGroupDB,
-                     self).get_security_groups(self.context)
+                     self).get_security_groups(self.context, filters=filters)
    def get_security_group_id_by_section_id(self, section_id):
        section_url = ("/api/4.0/firewall/globalroot-0/config/layer3sections"
--- a/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py
@ -22,8 +22,10 @@ from neutron_lib import context as neutron_context
 from neutron_lib.plugins import directory
 from vmware_nsx.common import config
 from vmware_nsx.extensions import projectpluginmap
 from vmware_nsx import plugin
 from vmware_nsx.plugins.nsx_v.vshield import vcns
 from vmware_nsx.shell.admin.plugins.common import utils as admin_utils
 LOG = logging.getLogger(__name__)
@ -37,6 +39,11 @@ def get_nsxv_client():
        insecure=cfg.CONF.nsxv.insecure)
 def get_plugin_filters(context):
    return admin_utils.get_plugin_filters(
        context, projectpluginmap.NsxPlugins.NSX_V)
 class NeutronDbClient(common_db.CommonDbMixin):
    def __init__(self):
        super(NeutronDbClient, self)
@ -47,6 +54,8 @@ class NsxVPluginWrapper(plugin.NsxVPlugin):
    def __init__(self):
        config.register_nsxv_azs(cfg.CONF, cfg.CONF.nsxv.availability_zones)
        self.context = neutron_context.get_admin_context()
        self.filters = get_plugin_filters(self.context)
        super(NsxVPluginWrapper, self).__init__()
        # Make this the core plugin
        directory.add_plugin('CORE', self)
@ -98,6 +107,32 @@ class NsxVPluginWrapper(plugin.NsxVPlugin):
        LOG.warning("Sorry. Waited for too long. Some jobs are still "
                    "running.")
    def _update_filters(self, requested_filters):
        filters = self.filters.copy()
        if requested_filters:
            filters.update(requested_filters)
        return filters
    def get_networks(self, context, filters=None, fields=None):
        filters = self._update_filters(filters)
        return super(NsxVPluginWrapper, self).get_networks(
            context, filters=filters, fields=fields)
    def get_subnets(self, context, filters=None, fields=None):
        filters = self._update_filters(filters)
        return super(NsxVPluginWrapper, self).get_subnets(
            context, filters=filters, fields=fields)
    def get_ports(self, context, filters=None, fields=None):
        filters = self._update_filters(filters)
        return super(NsxVPluginWrapper, self).get_ports(
            self.context, filters=filters, fields=fields)
    def get_routers(self, context, filters=None, fields=None):
        filters = self._update_filters(filters)
        return super(NsxVPluginWrapper, self).get_routers(
            self.context, filters=filters, fields=fields)
 def get_nsxv_backend_edges():
    """Get a list of all the backend edges and some of their attributes
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/networks.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/networks.py
@ -45,7 +45,8 @@ def list_missing_networks(resource, event, trigger, **kwargs):
    nsxlib = utils.get_connected_nsxlib()
    plugin = db_base_plugin_v2.NeutronDbPluginV2()
    admin_cxt = neutron_context.get_admin_context()
-    neutron_networks = plugin.get_networks(admin_cxt)
+    filters = utils.get_plugin_filters(admin_cxt)
    neutron_networks = plugin.get_networks(admin_cxt, filters=filters)
    networks = []
    for net in neutron_networks:
        neutron_id = net['id']
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/ports.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/ports.py
@ -119,9 +119,9 @@ def list_missing_ports(resource, event, trigger, **kwargs):
    And ports with wrong switch profiles
    """
    admin_cxt = neutron_context.get_admin_context()
-
+    filters = v3_utils.get_plugin_filters(admin_cxt)
    with PortsPlugin() as plugin:
-        neutron_ports = plugin.get_ports(admin_cxt)
+        neutron_ports = plugin.get_ports(admin_cxt, filters=filters)
        port_client, profile_client = get_port_and_profile_clients()
        # get pre-defined profile ids
@ -228,7 +228,8 @@ def migrate_compute_ports_vms(resource, event, trigger, **kwargs):
    # Go over all the compute ports from the plugin
    admin_cxt = neutron_context.get_admin_context()
-    port_filters = {'device_owner': ['compute:None']}
+    port_filters = v3_utils.get_plugin_filters(admin_cxt)
    port_filters['device_owner'] = ['compute:None']
    with PortsPlugin() as plugin:
        neutron_ports = plugin.get_ports(admin_cxt, filters=port_filters)
@ -325,11 +326,12 @@ def migrate_exclude_ports(resource, event, trigger, **kwargs):
 def tag_default_ports(resource, event, trigger, **kwargs):
    nsxlib = v3_utils.get_connected_nsxlib()
    admin_cxt = neutron_context.get_admin_context()
    filters = v3_utils.get_plugin_filters(admin_cxt)
    # the plugin creation below will create the NS group and update the default
    # OS section to have the correct applied to group
    with v3_utils.NsxV3PluginWrapper() as _plugin:
-        neutron_ports = _plugin.get_ports(admin_cxt)
+        neutron_ports = _plugin.get_ports(admin_cxt, filters=filters)
        for port in neutron_ports:
            neutron_id = port['id']
            # get the network nsx id from the mapping table
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/routers.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/routers.py
@ -14,7 +14,6 @@
 import sys
 from vmware_nsx.common import config  # noqa
 from vmware_nsx.common import utils as nsx_utils
 from vmware_nsx.db import db as nsx_db
 from vmware_nsx.shell.admin.plugins.common import constants
@ -29,7 +28,6 @@ from neutron.db import db_base_plugin_v2
 from neutron.db import l3_db
 from neutron_lib.callbacks import registry
 from neutron_lib import context as neutron_context
 from oslo_config import cfg
 from oslo_log import log as logging
 LOG = logging.getLogger(__name__)
@ -48,7 +46,8 @@ def list_missing_routers(resource, event, trigger, **kwargs):
    nsxlib = utils.get_connected_nsxlib()
    plugin = RoutersPlugin()
    admin_cxt = neutron_context.get_admin_context()
-    neutron_routers = plugin.get_routers(admin_cxt)
+    filters = utils.get_plugin_filters(admin_cxt)
    neutron_routers = plugin.get_routers(admin_cxt, filters=filters)
    routers = []
    for router in neutron_routers:
        neutron_id = router['id']
@ -90,7 +89,8 @@ def update_nat_rules(resource, event, trigger, **kwargs):
    # Go over all neutron routers
    plugin = RoutersPlugin()
    admin_cxt = neutron_context.get_admin_context()
-    neutron_routers = plugin.get_routers(admin_cxt)
+    filters = utils.get_plugin_filters(admin_cxt)
    neutron_routers = plugin.get_routers(admin_cxt, filters=filters)
    num_of_updates = 0
    for router in neutron_routers:
        neutron_id = router['id']
@ -185,21 +185,19 @@ def update_dhcp_relay(resource, event, trigger, **kwargs):
        LOG.error("DHCP relay is not supported by NSX version %s", version)
        return
    # initialize the availability zones and nsxlib
    config.register_nsxv3_azs(cfg.CONF, cfg.CONF.nsx_v3.availability_zones)
    admin_cxt = neutron_context.get_admin_context()
    filters = utils.get_plugin_filters(admin_cxt)
    with utils.NsxV3PluginWrapper() as plugin:
        # Make sure FWaaS was initialized
        plugin.init_fwaas_for_admin_utils()
        # get all neutron routers and  interfaces ports
-        routers = plugin.get_routers(admin_cxt)
+        routers = plugin.get_routers(admin_cxt, filters=filters)
        for router in routers:
            LOG.info("Updating router %s", router['id'])
-            filters = {'device_owner': [l3_db.DEVICE_OWNER_ROUTER_INTF],
+            port_filters = {'device_owner': [l3_db.DEVICE_OWNER_ROUTER_INTF],
-                       'device_id': [router['id']]}
+                            'device_id': [router['id']]}
-            ports = plugin.get_ports(admin_cxt, filters=filters)
+            ports = plugin.get_ports(admin_cxt, filters=port_filters)
            for port in ports:
                # get the backend router port by the tag
                nsx_port_id = nsxlib.get_id_by_resource_and_tag(
@ -217,7 +215,10 @@ def update_dhcp_relay(resource, event, trigger, **kwargs):
                    nsx_port_id, relay_service_uuid=az.dhcp_relay_service)
            # if FWaaS is enables, also update the firewall rules
-            plugin.update_router_firewall(admin_cxt, router['id'])
+            try:
                plugin.update_router_firewall(admin_cxt, router['id'])
            except Exception:
                pass
    LOG.info("Done.")
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py
@ -41,10 +41,12 @@ class NeutronSecurityGroupApi(securitygroups_db.SecurityGroupDbMixin,
    def __init__(self):
        super(NeutronSecurityGroupApi, self)
        self.context = neutron_context.get_admin_context()
        self.filters = v3_utils.get_plugin_filters(self.context)
    def get_security_groups(self):
        return super(NeutronSecurityGroupApi,
-                     self).get_security_groups(self.context)
+                     self).get_security_groups(self.context,
                                               filters=self.filters)
    def delete_security_group(self, sg_id):
        return super(NeutronSecurityGroupApi,
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/utils.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/utils.py
@ -25,11 +25,14 @@ from neutron_lib.plugins import directory
 from neutron_fwaas.services.firewall import fwaas_plugin as fwaas_plugin_v1
 from neutron_fwaas.services.firewall import fwaas_plugin_v2
 from vmware_nsx.common import config
 from vmware_nsx.db import db as nsx_db
 from vmware_nsx.extensions import projectpluginmap
 from vmware_nsx.plugins.nsx_v3 import plugin
 from vmware_nsx.plugins.nsx_v3 import utils as v3_utils
 from vmware_nsx.services.fwaas.nsx_v3 import fwaas_callbacks_v1
 from vmware_nsx.services.fwaas.nsx_v3 import fwaas_callbacks_v2
 from vmware_nsx.shell.admin.plugins.common import utils as admin_utils
 from vmware_nsxlib.v3 import nsx_constants
 _NSXLIB = None
@ -57,16 +60,30 @@ def get_connected_nsxlib(nsx_username=None, nsx_password=None,
    return _NSXLIB
 def get_plugin_filters(context):
    return admin_utils.get_plugin_filters(
        context, projectpluginmap.NsxPlugins.NSX_T)
 class NeutronDbClient(db_base_plugin_v2.NeutronDbPluginV2):
    def __init__(self):
        super(NeutronDbClient, self).__init__()
        self.context = context.get_admin_context()
        self.filters = get_plugin_filters(self.context)
    def _update_filters(self, requested_filters):
        filters = self.filters.copy()
        if requested_filters:
            filters.update(requested_filters)
        return filters
    def get_ports(self, filters=None, fields=None):
        filters = self._update_filters(filters)
        return super(NeutronDbClient, self).get_ports(
            self.context, filters=filters, fields=fields)
    def get_networks(self, filters=None, fields=None):
        filters = self._update_filters(filters)
        return super(NeutronDbClient, self).get_networks(
            self.context, filters=filters, fields=fields)
@ -106,6 +123,8 @@ class NeutronDbClient(db_base_plugin_v2.NeutronDbPluginV2):
 class NsxV3PluginWrapper(plugin.NsxV3Plugin):
    def __init__(self):
        # initialize the availability zones
        config.register_nsxv3_azs(cfg.CONF, cfg.CONF.nsx_v3.availability_zones)
        super(NsxV3PluginWrapper, self).__init__()
        self.context = context.get_admin_context()