AdminUtils: Add utility for config validation

The new utility for nsx-v and nsx-v3 checks the nsx.ini configuration
and connectivity with the nsx backend

Usage:
nsxadmin -r config -o validate

Change-Id: Ica48866008253cbcc874a00918c78bfb4c2bbcb1
This commit is contained in:
Adit Sarfaty 2017-03-05 11:20:47 +02:00 committed by Anna Khmelnitsky
parent 8f23451a42
commit 5f7b542b8c
6 changed files with 109 additions and 7 deletions

View File

@ -212,6 +212,13 @@ Metadata
nsxadmin -r metadata -o status [--property network_id=<net_id>] nsxadmin -r metadata -o status [--property network_id=<net_id>]
Config
~~~~~~
- Validate the configuration in the nsx.ini and backend connectivity
nsxadmin -r config -o validate
NSXv3 NSXv3
----- -----
@ -332,6 +339,13 @@ Client Certificate
nsxadmin -r certificate -o nsx-list nsxadmin -r certificate -o nsx-list
Config
~~~~~~
- Validate the configuration in the nsx.ini and backend connectivity
nsxadmin -r config -o validate
Upgrade Steps (Version 1.0.0 to Version 1.1.0) Upgrade Steps (Version 1.0.0 to Version 1.1.0)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

View File

@ -24,17 +24,18 @@ NSXV_PLUGIN = 'vmware_nsx.plugin.NsxVPlugin'
NETWORKS = 'networks' NETWORKS = 'networks'
ROUTERS = 'routers' ROUTERS = 'routers'
DHCP_BINDING = 'dhcp-binding' DHCP_BINDING = 'dhcp-binding'
# NSXV3 Resource Constants
FIREWALL_SECTIONS = 'firewall-sections' FIREWALL_SECTIONS = 'firewall-sections'
FIREWALL_NSX_GROUPS = 'nsx-security-groups' FIREWALL_NSX_GROUPS = 'nsx-security-groups'
SECURITY_GROUPS = 'security-groups' SECURITY_GROUPS = 'security-groups'
CONFIG = 'config'
# NSXV3 only Resource Constants
PORTS = 'ports' PORTS = 'ports'
METADATA_PROXY = 'metadata-proxy' METADATA_PROXY = 'metadata-proxy'
ORPHANED_DHCP_SERVERS = 'orphaned-dhcp-servers' ORPHANED_DHCP_SERVERS = 'orphaned-dhcp-servers'
CERTIFICATE = 'certificate' CERTIFICATE = 'certificate'
# NSXV Resource Constants # NSXV only Resource Constants
EDGES = 'edges' EDGES = 'edges'
SPOOFGUARD_POLICY = 'spoofguard-policy' SPOOFGUARD_POLICY = 'spoofguard-policy'
BACKUP_EDGES = 'backup-edges' BACKUP_EDGES = 'backup-edges'

View File

@ -0,0 +1,45 @@
# Copyright 2017 VMware, Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from neutron.callbacks import registry
from oslo_config import cfg
from oslo_log import log as logging
from vmware_nsx._i18n import _LE, _LI
from vmware_nsx.plugins.nsx_v.vshield.common import exceptions
from vmware_nsx.shell.admin.plugins.common import constants
from vmware_nsx.shell.admin.plugins.common import utils as admin_utils
from vmware_nsx.shell.admin.plugins.nsxv.resources import utils
from vmware_nsx.shell import resources as shell
LOG = logging.getLogger(__name__)
@admin_utils.output_header
def validate_configuration(resource, event, trigger, **kwargs):
"""Validate the nsxv configuration"""
try:
utils.NsxVPluginWrapper()
except exceptions.Forbidden:
LOG.error(_LE("Configuration validation failed: wrong VSM credentials "
"for %s"), cfg.CONF.nsxv.manager_uri)
except Exception as e:
LOG.error(_LE("Configuration validation failed: %s"), e)
else:
LOG.info(_LI("Configuration validation succeeded"))
registry.subscribe(validate_configuration,
constants.CONFIG,
shell.Operations.VALIDATE.value)

View File

@ -55,9 +55,6 @@ class NsxVPluginWrapper(plugin.NsxVPlugin):
def _start_rpc_listeners(self): def _start_rpc_listeners(self):
pass pass
def _validate_config(self):
pass
def _extend_get_network_dict_provider(self, context, net): def _extend_get_network_dict_provider(self, context, net):
self._extend_network_dict_provider(context, net) self._extend_network_dict_provider(context, net)
# skip getting the Qos policy ID because get_object calls # skip getting the Qos policy ID because get_object calls

View File

@ -0,0 +1,40 @@
# Copyright 2017 VMware, Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from neutron.callbacks import registry
from oslo_log import log as logging
from vmware_nsx._i18n import _LE, _LI
from vmware_nsx.shell.admin.plugins.common import constants
from vmware_nsx.shell.admin.plugins.common import utils as admin_utils
from vmware_nsx.shell.admin.plugins.nsxv3.resources import utils
from vmware_nsx.shell import resources as shell
LOG = logging.getLogger(__name__)
@admin_utils.output_header
def validate_configuration(resource, event, trigger, **kwargs):
"""Validate the nsxv3 configuration"""
try:
utils.NsxV3PluginWrapper()
except Exception as e:
LOG.error(_LE("Configuration validation failed: %s"), e)
else:
LOG.info(_LI("Configuration validation succeeded"))
registry.subscribe(validate_configuration,
constants.CONFIG,
shell.Operations.VALIDATE.value)

View File

@ -55,6 +55,7 @@ class Operations(enum.Enum):
GENERATE = 'generate' GENERATE = 'generate'
IMPORT = 'import' IMPORT = 'import'
SHOW = 'show' SHOW = 'show'
VALIDATE = 'validate'
ops = [op.value for op in Operations] ops = [op.value for op in Operations]
@ -99,7 +100,9 @@ nsxv3_resources = {
Operations.SHOW.value, Operations.SHOW.value,
Operations.CLEAN.value, Operations.CLEAN.value,
Operations.IMPORT.value, Operations.IMPORT.value,
Operations.NSX_LIST.value]) Operations.NSX_LIST.value]),
constants.CONFIG: Resource(constants.CONFIG,
[Operations.VALIDATE.value])
} }
# Add supported NSX-V resources in this dictionary # Add supported NSX-V resources in this dictionary
@ -153,6 +156,8 @@ nsxv_resources = {
Operations.STATUS.value]), Operations.STATUS.value]),
constants.ROUTERS: Resource(constants.ROUTERS, constants.ROUTERS: Resource(constants.ROUTERS,
[Operations.NSX_RECREATE.value]), [Operations.NSX_RECREATE.value]),
constants.CONFIG: Resource(constants.CONFIG,
[Operations.VALIDATE.value])
} }
nsxv3_resources_names = list(nsxv3_resources.keys()) nsxv3_resources_names = list(nsxv3_resources.keys())