From 60a7ede0f918ba74231c374f596e19f36d16b22c Mon Sep 17 00:00:00 2001 From: Salvatore Orlando Date: Tue, 24 Aug 2021 07:38:57 -0700 Subject: [PATCH] Remove check for external CIDR overlap The constrains where T0 uplinks must not overlap anymore with external subnets does not apply anymore. Therefore this change removes the validation check upon subnet creation, thus saving a round trip to the NSX backend. Unit tests for validating this specific constraint are removed as well. Change-Id: I65cb6ae7822e9a03f05fba5d4fd4d4dc5202526a --- vmware_nsx/plugins/common_v3/plugin.py | 20 ------------ vmware_nsx/tests/unit/nsx_p/test_plugin.py | 35 --------------------- vmware_nsx/tests/unit/nsx_v3/test_plugin.py | 21 ------------- 3 files changed, 76 deletions(-) diff --git a/vmware_nsx/plugins/common_v3/plugin.py b/vmware_nsx/plugins/common_v3/plugin.py index 96ca7941b3..384aa2cb2f 100644 --- a/vmware_nsx/plugins/common_v3/plugin.py +++ b/vmware_nsx/plugins/common_v3/plugin.py @@ -2782,26 +2782,6 @@ class NsxPluginV3Base(agentschedulers_db.AZDhcpAgentSchedulerDbMixin, LOG.error(msg) raise n_exc.InvalidInput(error_message=msg) - # Ensure that the NSX uplink cidr does not lie on the same subnet as - # the external subnet - filters = {'id': [subnet['network_id']], - 'router:external': [True]} - external_nets = self.get_networks(context, filters=filters) - tier0_routers = [ext_net[pnet.PHYSICAL_NETWORK] - for ext_net in external_nets - if ext_net.get(pnet.PHYSICAL_NETWORK)] - - for tier0_rtr in set(tier0_routers): - tier0_cidrs = self._get_tier0_uplink_cidrs(tier0_rtr) - for cidr in tier0_cidrs: - tier0_subnet = netaddr.IPNetwork(cidr).cidr - for subnet_network in subnet_networks: - if self._cidrs_overlap(tier0_subnet, subnet_network): - msg = _("External subnet cannot overlap with T0 " - "router cidr %s") % cidr - LOG.error(msg) - raise n_exc.InvalidInput(error_message=msg) - def _need_router_no_dnat_rules(self, subnet): # NAT is not supported for IPv6 return (subnet['ip_version'] == 4) diff --git a/vmware_nsx/tests/unit/nsx_p/test_plugin.py b/vmware_nsx/tests/unit/nsx_p/test_plugin.py index dd52d6fc21..c95e672011 100644 --- a/vmware_nsx/tests/unit/nsx_p/test_plugin.py +++ b/vmware_nsx/tests/unit/nsx_p/test_plugin.py @@ -1362,41 +1362,6 @@ class NsxPTestSubnets(common_v3.NsxV3TestSubnets, kwargs.update({'override': overrides}) return self._create_bulk(fmt, number, 'subnet', base_data, **kwargs) - def test_create_external_subnet_with_conflicting_t0_address(self): - with self._create_l3_ext_network() as network: - data = {'subnet': {'network_id': network['network']['id'], - 'cidr': '172.20.1.0/24', - 'name': 'sub1', - 'enable_dhcp': False, - 'dns_nameservers': None, - 'allocation_pools': None, - 'tenant_id': 'tenant_one', - 'host_routes': None, - 'ip_version': 4}} - with mock.patch.object(self.plugin.nsxpolicy.tier0, - 'get_uplink_cidrs', - return_value=['172.20.1.60/24']): - self.assertRaises(n_exc.InvalidInput, - self.plugin.create_subnet, - context.get_admin_context(), data) - - def test_create_external_subnet_with_non_conflicting_t0_address(self): - with self._create_l3_ext_network() as network: - data = {'subnet': {'network_id': network['network']['id'], - 'cidr': '172.20.1.0/24', - 'name': 'sub1', - 'enable_dhcp': False, - 'dns_nameservers': None, - 'allocation_pools': None, - 'tenant_id': 'tenant_one', - 'host_routes': None, - 'ip_version': 4}} - with mock.patch.object(self.plugin.nsxpolicy.tier0, - 'get_uplink_ips', - return_value=['172.20.2.60']): - self.plugin.create_subnet( - context.get_admin_context(), data) - @common_v3.with_disable_dhcp_once def test_create_subnet_ipv6_slaac_with_port_on_network(self): super(NsxPTestSubnets, diff --git a/vmware_nsx/tests/unit/nsx_v3/test_plugin.py b/vmware_nsx/tests/unit/nsx_v3/test_plugin.py index c83b1fd8c2..417c119fca 100644 --- a/vmware_nsx/tests/unit/nsx_v3/test_plugin.py +++ b/vmware_nsx/tests/unit/nsx_v3/test_plugin.py @@ -837,27 +837,6 @@ class TestSubnetsV2(common_v3.NsxV3TestSubnets, NsxV3PluginTestCaseMixin): network_req.get_response(self.api)) return network - def test_create_subnet_with_conflicting_t0_address(self): - network = self._create_external_network() - data = {'subnet': {'network_id': network['network']['id'], - 'cidr': '172.20.1.0/24', - 'name': 'sub1', - 'enable_dhcp': False, - 'dns_nameservers': None, - 'allocation_pools': None, - 'tenant_id': 'tenant_one', - 'host_routes': None, - 'ip_version': 4}} - ports = [{'subnets': [{'ip_addresses': [u'172.20.1.60'], - 'prefix_length': 24}], - 'resource_type': 'LogicalRouterUpLinkPort'}] - with mock.patch.object(self.plugin.nsxlib.logical_router_port, - 'get_by_router_id', - return_value=ports): - self.assertRaises(n_exc.InvalidInput, - self.plugin.create_subnet, - context.get_admin_context(), data) - def test_subnet_native_dhcp_subnet_enabled(self): self._enable_native_dhcp_md() with self.network() as network: