From 0bdf9d272c55d4a5eb060694ceddf2f102e3d004 Mon Sep 17 00:00:00 2001 From: Gary Kotton Date: Mon, 16 Mar 2015 04:58:03 -0700 Subject: [PATCH] DVS: ensure that provider networks work correctly The following provider networks can be defined for a DVS: - VLAN - FLAT network Only an admin user can create a network for a tenant. Note: in order to get this to work with devstack we need to enable the base security groups to work. The plugin does NOT support security groups. Change-Id: Ib381202873b4bf37a5e909dcf194d197791e63db --- .../neutron/plugins/vmware/plugins/dvs.py | 98 +++++++------------ .../neutron/tests/unit/vmware/test_dvs.py | 6 +- 2 files changed, 40 insertions(+), 64 deletions(-) diff --git a/vmware_nsx/neutron/plugins/vmware/plugins/dvs.py b/vmware_nsx/neutron/plugins/vmware/plugins/dvs.py index 007807db63..4b160a002f 100644 --- a/vmware_nsx/neutron/plugins/vmware/plugins/dvs.py +++ b/vmware_nsx/neutron/plugins/vmware/plugins/dvs.py @@ -20,7 +20,9 @@ from oslo_utils import excutils from neutron.api import extensions as neutron_extensions from neutron.api.v2 import attributes as attr +from neutron.common import constants from neutron.common import exceptions as n_exc +from neutron.common import utils from neutron.db import agentschedulers_db from neutron.db import allowedaddresspairs_db as addr_pair_db from neutron.db import db_base_plugin_v2 @@ -143,7 +145,7 @@ class NsxDvsV2(addr_pair_db.AllowedAddressPairsMixin, nsx_db.add_network_binding( context.session, new_net['id'], net_data.get(pnet.NETWORK_TYPE), - net_data.get(pnet.PHYSICAL_NETWORK), + 'dvs', vlan_tag) except Exception: with excutils.save_and_reraise_exception(): @@ -157,7 +159,40 @@ class NsxDvsV2(addr_pair_db.AllowedAddressPairsMixin, action='create_network') return new_net + def _validate_network(self, context, net_data): + network_type = net_data.get(pnet.NETWORK_TYPE) + segmentation_id = net_data.get(pnet.SEGMENTATION_ID) + segmentation_id_set = attr.is_attr_set(segmentation_id) + if not context.is_admin: + err_msg = _("Only and admin can create a DVS provider " + "network") + raise n_exc.InvalidInput(error_message=err_msg) + err_msg = None + if network_type == c_utils.NetworkTypes.FLAT: + if segmentation_id_set: + err_msg = _("Segmentation ID cannot be specified with " + "flat network type") + elif network_type == c_utils.NetworkTypes.VLAN: + if not segmentation_id_set: + err_msg = _("Segmentation ID must be specified with " + "vlan network type") + elif (segmentation_id_set and + not utils.is_valid_vlan_tag(segmentation_id)): + err_msg = (_("%(segmentation_id)s out of range " + "(%(min_id)s through %(max_id)s)") % + {'segmentation_id': segmentation_id, + 'min_id': constants.MIN_VLAN_TAG, + 'max_id': constants.MAX_VLAN_TAG}) + else: + err_msg = (_("%(net_type_param)s %(net_type_value)s not " + "supported") % + {'net_type_param': pnet.NETWORK_TYPE, + 'net_type_value': network_type}) + if err_msg: + raise n_exc.InvalidInput(error_message=err_msg) + def create_network(self, context, network): + self._validate_network(context, network['network']) return self._dvs_create_network(context, network) def _dvs_delete_network(self, context, id): @@ -320,67 +355,8 @@ class NsxDvsV2(addr_pair_db.AllowedAddressPairsMixin, self.handle_port_dhcp_access( context, neutron_db_port, action='delete_port') - def get_router(self, context, id, fields=None): - # DVS backend cannot support logical router. - msg = (_("Unable to get info for router %s on DVS backend") % id) - raise n_exc.BadRequest(resource="router", msg=msg) - def create_router(self, context, router): # DVS backend cannot support logical router - msg = (_("Unable to create router %s on DVS backend") % + msg = (_("Unable to create router %s with DVS") % router['router']['name']) raise n_exc.BadRequest(resource="router", msg=msg) - - def update_router(self, context, router_id, router): - # DVS backend cannot support logical router - msg = (_("Unable to update router %s on DVS backend") % router_id) - raise n_exc.BadRequest(resource="router", msg=msg) - - def delete_router(self, context, router_id): - # DVS backend cannot support logical router. - msg = (_("Unable to delete router %s on DVS backend") % router_id) - raise n_exc.BadRequest(resource="router", msg=msg) - - def add_router_interface(self, context, router_id, interface_info): - # DVS backend cannot support logical router - msg = _("Unable to add router interface to network on DVS backend") - raise n_exc.BadRequest(resource="router", msg=msg) - - def remove_router_interface(self, context, router_id, interface_info): - # DVS backend cannot support logical router - msg = _("Unable to remove router interface to network on DVS backend") - raise n_exc.BadRequest(resource="router", msg=msg) - - def delete_floatingip(self, context, id): - # DVS backend cannot support floating ips - msg = _("Cannot bind a floating ip to ports on DVS backend") - raise n_exc.BadRequest(resource="port", msg=msg) - - def disassociate_floatingips(self, context, port_id): - # DVS backend cannot support floating ips - msg = _("Cannot bind a floating ip to ports on DVS backend") - raise n_exc.BadRequest(resource="port", msg=msg) - - def create_security_group(self, context, security_group, default_sg=False): - raise NotImplementedError( - _("Create security group not supported for DVS")) - - def update_security_group(self, context, secgroup_id, security_group): - raise NotImplementedError( - _("Update security group not supported for DVS")) - - def delete_security_group(self, context, security_group_id): - raise NotImplementedError( - _("Delete security group not supported for DVS")) - - def create_security_group_rule(self, context, security_group_rule): - raise NotImplementedError( - _("Create security group rule not supported for DVS")) - - def create_security_group_rule_bulk(self, context, security_group_rule): - raise NotImplementedError( - _("Create security group rule not supported for DVS")) - - def delete_security_group_rule(self, context, sgrid): - raise NotImplementedError( - _("Delete security group rule not supported for DVS")) diff --git a/vmware_nsx/neutron/tests/unit/vmware/test_dvs.py b/vmware_nsx/neutron/tests/unit/vmware/test_dvs.py index ad98a6f312..be201f03a6 100644 --- a/vmware_nsx/neutron/tests/unit/vmware/test_dvs.py +++ b/vmware_nsx/neutron/tests/unit/vmware/test_dvs.py @@ -122,9 +122,9 @@ class NeutronSimpleDvsTest(test_plugin.NeutronDbPluginV2TestCase): self._plugin = manager.NeutronManager.get_plugin() def _create_and_delete_dvs_network(self, network_type='flat', vlan_tag=0): - params = {'provider:network_type': network_type, - 'provider:physical_network': 'dvs', - 'provider:segmentation_id': vlan_tag} + params = {'provider:network_type': network_type} + if network_type == 'vlan': + params['provider:segmentation_id'] = vlan_tag params['arg_list'] = tuple(params.keys()) with contextlib.nested( mock.patch.object(self._plugin._dvs, 'add_port_group'),