From 5f7b542b8ce6ab9f1a18677b900d7e7c81f9e290 Mon Sep 17 00:00:00 2001 From: Adit Sarfaty Date: Sun, 5 Mar 2017 11:20:47 +0200 Subject: [PATCH] AdminUtils: Add utility for config validation The new utility for nsx-v and nsx-v3 checks the nsx.ini configuration and connectivity with the nsx backend Usage: nsxadmin -r config -o validate Change-Id: Ica48866008253cbcc874a00918c78bfb4c2bbcb1 --- doc/source/admin_util.rst | 14 ++++++ .../shell/admin/plugins/common/constants.py | 7 +-- .../admin/plugins/nsxv/resources/config.py | 45 +++++++++++++++++++ .../admin/plugins/nsxv/resources/utils.py | 3 -- .../admin/plugins/nsxv3/resources/config.py | 40 +++++++++++++++++ vmware_nsx/shell/resources.py | 7 ++- 6 files changed, 109 insertions(+), 7 deletions(-) create mode 100644 vmware_nsx/shell/admin/plugins/nsxv/resources/config.py create mode 100644 vmware_nsx/shell/admin/plugins/nsxv3/resources/config.py diff --git a/doc/source/admin_util.rst b/doc/source/admin_util.rst index b784e7b481..66f93700f5 100644 --- a/doc/source/admin_util.rst +++ b/doc/source/admin_util.rst @@ -212,6 +212,13 @@ Metadata nsxadmin -r metadata -o status [--property network_id=] +Config +~~~~~~ + +- Validate the configuration in the nsx.ini and backend connectivity + + nsxadmin -r config -o validate + NSXv3 ----- @@ -332,6 +339,13 @@ Client Certificate nsxadmin -r certificate -o nsx-list +Config +~~~~~~ + +- Validate the configuration in the nsx.ini and backend connectivity + + nsxadmin -r config -o validate + Upgrade Steps (Version 1.0.0 to Version 1.1.0) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/vmware_nsx/shell/admin/plugins/common/constants.py b/vmware_nsx/shell/admin/plugins/common/constants.py index 882b1ef63a..1ee2c3fc06 100644 --- a/vmware_nsx/shell/admin/plugins/common/constants.py +++ b/vmware_nsx/shell/admin/plugins/common/constants.py @@ -24,17 +24,18 @@ NSXV_PLUGIN = 'vmware_nsx.plugin.NsxVPlugin' NETWORKS = 'networks' ROUTERS = 'routers' DHCP_BINDING = 'dhcp-binding' - -# NSXV3 Resource Constants FIREWALL_SECTIONS = 'firewall-sections' FIREWALL_NSX_GROUPS = 'nsx-security-groups' SECURITY_GROUPS = 'security-groups' +CONFIG = 'config' + +# NSXV3 only Resource Constants PORTS = 'ports' METADATA_PROXY = 'metadata-proxy' ORPHANED_DHCP_SERVERS = 'orphaned-dhcp-servers' CERTIFICATE = 'certificate' -# NSXV Resource Constants +# NSXV only Resource Constants EDGES = 'edges' SPOOFGUARD_POLICY = 'spoofguard-policy' BACKUP_EDGES = 'backup-edges' diff --git a/vmware_nsx/shell/admin/plugins/nsxv/resources/config.py b/vmware_nsx/shell/admin/plugins/nsxv/resources/config.py new file mode 100644 index 0000000000..23454642b8 --- /dev/null +++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/config.py @@ -0,0 +1,45 @@ +# Copyright 2017 VMware, Inc. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from neutron.callbacks import registry +from oslo_config import cfg +from oslo_log import log as logging + +from vmware_nsx._i18n import _LE, _LI +from vmware_nsx.plugins.nsx_v.vshield.common import exceptions +from vmware_nsx.shell.admin.plugins.common import constants +from vmware_nsx.shell.admin.plugins.common import utils as admin_utils +from vmware_nsx.shell.admin.plugins.nsxv.resources import utils +from vmware_nsx.shell import resources as shell + +LOG = logging.getLogger(__name__) + + +@admin_utils.output_header +def validate_configuration(resource, event, trigger, **kwargs): + """Validate the nsxv configuration""" + try: + utils.NsxVPluginWrapper() + except exceptions.Forbidden: + LOG.error(_LE("Configuration validation failed: wrong VSM credentials " + "for %s"), cfg.CONF.nsxv.manager_uri) + except Exception as e: + LOG.error(_LE("Configuration validation failed: %s"), e) + else: + LOG.info(_LI("Configuration validation succeeded")) + + +registry.subscribe(validate_configuration, + constants.CONFIG, + shell.Operations.VALIDATE.value) diff --git a/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py b/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py index 3a2e4784e5..44da92d1ae 100644 --- a/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py +++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py @@ -55,9 +55,6 @@ class NsxVPluginWrapper(plugin.NsxVPlugin): def _start_rpc_listeners(self): pass - def _validate_config(self): - pass - def _extend_get_network_dict_provider(self, context, net): self._extend_network_dict_provider(context, net) # skip getting the Qos policy ID because get_object calls diff --git a/vmware_nsx/shell/admin/plugins/nsxv3/resources/config.py b/vmware_nsx/shell/admin/plugins/nsxv3/resources/config.py new file mode 100644 index 0000000000..0799ebd679 --- /dev/null +++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/config.py @@ -0,0 +1,40 @@ +# Copyright 2017 VMware, Inc. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from neutron.callbacks import registry +from oslo_log import log as logging + +from vmware_nsx._i18n import _LE, _LI +from vmware_nsx.shell.admin.plugins.common import constants +from vmware_nsx.shell.admin.plugins.common import utils as admin_utils +from vmware_nsx.shell.admin.plugins.nsxv3.resources import utils +from vmware_nsx.shell import resources as shell + +LOG = logging.getLogger(__name__) + + +@admin_utils.output_header +def validate_configuration(resource, event, trigger, **kwargs): + """Validate the nsxv3 configuration""" + try: + utils.NsxV3PluginWrapper() + except Exception as e: + LOG.error(_LE("Configuration validation failed: %s"), e) + else: + LOG.info(_LI("Configuration validation succeeded")) + + +registry.subscribe(validate_configuration, + constants.CONFIG, + shell.Operations.VALIDATE.value) diff --git a/vmware_nsx/shell/resources.py b/vmware_nsx/shell/resources.py index 9f7804bde8..2b129515bd 100644 --- a/vmware_nsx/shell/resources.py +++ b/vmware_nsx/shell/resources.py @@ -55,6 +55,7 @@ class Operations(enum.Enum): GENERATE = 'generate' IMPORT = 'import' SHOW = 'show' + VALIDATE = 'validate' ops = [op.value for op in Operations] @@ -99,7 +100,9 @@ nsxv3_resources = { Operations.SHOW.value, Operations.CLEAN.value, Operations.IMPORT.value, - Operations.NSX_LIST.value]) + Operations.NSX_LIST.value]), + constants.CONFIG: Resource(constants.CONFIG, + [Operations.VALIDATE.value]) } # Add supported NSX-V resources in this dictionary @@ -153,6 +156,8 @@ nsxv_resources = { Operations.STATUS.value]), constants.ROUTERS: Resource(constants.ROUTERS, [Operations.NSX_RECREATE.value]), + constants.CONFIG: Resource(constants.CONFIG, + [Operations.VALIDATE.value]) } nsxv3_resources_names = list(nsxv3_resources.keys())