Exit Firewall Agent if config is invalid

When fwaas config file is not provided to the agent, but the service is enabled in neutron.conf file the agent should exit with an error message and should not proceed further. This patch adds the necessary fix. Change-Id: Iaced777e3a34e9405050252b17a203689e1c1fc0 Closes-Bug: #1310857
2014-04-27 06:25:28 +05:30 · 2014-04-27 06:25:28 +05:30 · 69623f20fa
commit 69623f20fa
parent 054b78a179
9 changed files with 46 additions and 5 deletions
--- a/neutron/agent/l3_agent.py
+++ b/neutron/agent/l3_agent.py
@ -82,6 +82,7 @@ class L3PluginApi(n_rpc.RpcProxy):
              - get_ports_by_subnet
              - get_agent_gateway_port
              Needed by the agent when operating in DVR/DVR_SNAT mode
+        1.3 - Get the list of activated services

    """

@ -136,6 +137,13 @@ class L3PluginApi(n_rpc.RpcProxy):
                         topic=self.topic,
                         version='1.2')

+    def get_service_plugin_list(self, context):
+        """Make a call to get the list of activated services."""
+        return self.call(context,
+                         self.make_msg('get_service_plugin_list'),
+                         topic=self.topic,
+                         version='1.3')
+

 class RouterInfo(object):

@ -420,6 +428,9 @@ class L3NATAgent(firewall_l3_agent.FWaaSL3AgentRpcCallback, manager.Manager):
        self.removed_routers = set()
        self.sync_progress = False

+        # Get the list of service plugins from Neutron Server
+        self.neutron_service_plugins = (
+            self.plugin_rpc.get_service_plugin_list(self.context))
        self._clean_stale_namespaces = self.conf.use_namespaces

        # dvr data
--- a/neutron/db/l3_rpc_base.py
+++ b/neutron/db/l3_rpc_base.py
@ -124,6 +124,10 @@ class L3RpcCallbackMixin(object):
                  net_id)
        return net_id

+    def get_service_plugin_list(self, context, **kwargs):
+        plugins = manager.NeutronManager.get_service_plugins()
+        return plugins.keys()
+
    def update_floatingip_statuses(self, context, router_id, fip_statuses):
        """Update operational status for a floating IP."""
        l3_plugin = manager.NeutronManager.get_service_plugins()[
--- a/neutron/services/firewall/agents/l3reference/firewall_l3_agent.py
+++ b/neutron/services/firewall/agents/l3reference/firewall_l3_agent.py
@ -64,7 +64,16 @@ class FWaaSL3AgentRpcCallback(api.FWaaSAgentRpcCallbackMixin):
        LOG.debug(_("Initializing firewall agent"))
        self.conf = conf
        fwaas_driver_class_path = cfg.CONF.fwaas.driver
-        self.fwaas_enabled = cfg.CONF.fwaas.enabled
+        fwaas_enabled = cfg.CONF.fwaas.enabled
+        fwaas_plugin_configured = (constants.FIREWALL
+                                   in self.neutron_service_plugins)
+        if fwaas_plugin_configured and not fwaas_enabled:
+            msg = _("FWaaS plugin is configured in the server side, but "
+                    "FWaaS is disabled in L3-agent.")
+            LOG.error(msg)
+            raise SystemExit(1)
+
+        self.fwaas_enabled = fwaas_enabled and fwaas_plugin_configured
        if self.fwaas_enabled:
            try:
                self.fwaas_driver = importutils.import_object(
--- a/neutron/services/l3_router/l3_router_plugin.py
+++ b/neutron/services/l3_router/l3_router_plugin.py
@ -36,9 +36,10 @@ from neutron.plugins.common import constants
 class L3RouterPluginRpcCallbacks(n_rpc.RpcCallback,
                                 l3_rpc_base.L3RpcCallbackMixin):

-    RPC_API_VERSION = '1.2'
+    RPC_API_VERSION = '1.3'
    # history
    #   1.2 Added methods for DVR support
+    #   1.3 Added a method that returns the list of activated services


 class L3RouterPlugin(common_db_mixin.CommonDbMixin,
--- a/neutron/tests/unit/services/firewall/agents/l3reference/test_firewall_l3_agent.py
+++ b/neutron/tests/unit/services/firewall/agents/l3reference/test_firewall_l3_agent.py
@ -39,10 +39,18 @@ class FWaasHelper(object):


 class FWaasAgent(firewall_l3_agent.FWaaSL3AgentRpcCallback, FWaasHelper):
+    neutron_service_plugins = []
+
    def __init__(self, conf=None):
        super(FWaasAgent, self).__init__(conf)


+class FWaasTestAgent(firewall_l3_agent.FWaaSL3AgentRpcCallback, FWaasHelper):
+    def __init__(self, conf=None):
+        self.neutron_service_plugins = [constants.FIREWALL]
+        super(FWaasTestAgent, self).__init__(conf)
+
+
 class TestFwaasL3AgentRpcCallback(base.BaseTestCase):
    def setUp(self):
        super(TestFwaasL3AgentRpcCallback, self).setUp()
@ -56,6 +64,10 @@ class TestFwaasL3AgentRpcCallback(base.BaseTestCase):
        self.api = FWaasAgent(self.conf)
        self.api.fwaas_driver = test_firewall_agent_api.NoopFwaasDriver()

+    def test_missing_fw_config(self):
+        self.conf.fwaas_enabled = False
+        self.assertRaises(SystemExit, FWaasTestAgent, self.conf)
+
    def test_create_firewall(self):
        fake_firewall = {'id': 0}
        with mock.patch.object(
--- a/neutron/tests/unit/services/firewall/agents/varmour/test_varmour_router.py
+++ b/neutron/tests/unit/services/firewall/agents/varmour/test_varmour_router.py
@ -74,6 +74,8 @@ class TestVarmourRouter(base.BaseTestCase):
        self.mock_ip = mock.MagicMock()
        ip_cls.return_value = self.mock_ip

+        mock.patch('neutron.agent.l3_agent.L3PluginApi').start()
+
        self.looping_call_p = mock.patch(
            'neutron.openstack.common.loopingcall.FixedIntervalLoopingCall')
        self.looping_call_p.start()
--- a/neutron/tests/unit/services/firewall/drivers/varmour/test_varmour_fwaas.py
+++ b/neutron/tests/unit/services/firewall/drivers/varmour/test_varmour_fwaas.py
@ -75,6 +75,8 @@ class TestBasicRouterOperations(base.BaseTestCase):
        self.mock_ip = mock.MagicMock()
        ip_cls.return_value = self.mock_ip

+        mock.patch('neutron.agent.l3_agent.L3PluginApi').start()
+
        self.looping_call_p = mock.patch(
            'neutron.openstack.common.loopingcall.FixedIntervalLoopingCall')
        self.looping_call_p.start()
--- a/neutron/tests/unit/services/vpn/test_vpn_agent.py
+++ b/neutron/tests/unit/services/vpn/test_vpn_agent.py
@ -71,7 +71,7 @@ class TestVPNAgent(base.BaseTestCase):

        l3pluginApi_cls = mock.patch(
            'neutron.agent.l3_agent.L3PluginApi').start()
-        self.plugin_api = mock.Mock()
+        self.plugin_api = mock.MagicMock()
        l3pluginApi_cls.return_value = self.plugin_api

        looping_call_p = mock.patch(
--- a/neutron/tests/unit/test_l3_agent.py
+++ b/neutron/tests/unit/test_l3_agent.py
@ -247,7 +247,7 @@ class TestBasicRouterOperations(base.BaseTestCase):
        self.l3pluginApi_cls_p = mock.patch(
            'neutron.agent.l3_agent.L3PluginApi')
        l3pluginApi_cls = self.l3pluginApi_cls_p.start()
-        self.plugin_api = mock.Mock()
+        self.plugin_api = mock.MagicMock()
        l3pluginApi_cls.return_value = self.plugin_api

        self.looping_call_p = mock.patch(
@ -1864,7 +1864,7 @@ class TestL3AgentEventHandler(base.BaseTestCase):
        l3_plugin_p = mock.patch(
            'neutron.agent.l3_agent.L3PluginApi')
        l3_plugin_cls = l3_plugin_p.start()
-        l3_plugin_cls.return_value = mock.Mock()
+        l3_plugin_cls.return_value = mock.MagicMock()

        self.external_process_p = mock.patch(
            'neutron.agent.linux.external_process.ProcessManager'