NSX_V3: add flag to indicate if ENS networks can be created
Enable admin to control if ENS networks can be used. In nsx_v3 section a new flag ens_support is added. Change-Id: I99b885072964870fe61a26a5bab71c7ed0790c87
This commit is contained in:
parent
28582356bb
commit
8b91fd814d
8
releasenotes/notes/ens_support-49dbc626ba1b16be.yaml
Normal file
8
releasenotes/notes/ens_support-49dbc626ba1b16be.yaml
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
prelude: >
|
||||
Add a configuration variable indicating that ENS transport zones can be
|
||||
used.
|
||||
features:
|
||||
- |
|
||||
Add a new configuration variable ``ens_support`` to the ``nsx_v3`` section.
|
||||
This indicates if a tenant or admin can create ENS networks.
|
@ -434,7 +434,10 @@ nsx_v3_opts = [
|
||||
help=_("Optional parameter defining a list switching profiles "
|
||||
"uuids that will be attached to all neutron created "
|
||||
"nsx ports.")),
|
||||
|
||||
cfg.BoolOpt('ens_support',
|
||||
default=False,
|
||||
help=_("(Optional) Indicates whether ENS transport zones can "
|
||||
"be used")),
|
||||
]
|
||||
|
||||
DEFAULT_STATUS_CHECK_INTERVAL = 2000
|
||||
|
@ -911,6 +911,8 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
|
||||
|
||||
if (provider_data['switch_mode'] ==
|
||||
self.nsxlib.transport_zone.HOST_SWITCH_MODE_ENS):
|
||||
if not cfg.CONF.nsx_v3.ens_support:
|
||||
raise NotImplementedError(_("ENS support is disabled"))
|
||||
if net_data.get(psec.PORTSECURITY):
|
||||
raise nsx_exc.NsxENSPortSecurity()
|
||||
# set the default port security to False
|
||||
|
@ -465,6 +465,7 @@ class TestNetworksV2(test_plugin.TestNetworksV2, NsxV3PluginTestCaseMixin):
|
||||
self.assertEqual('InvalidInput', data['NeutronError']['type'])
|
||||
|
||||
def test_create_ens_network_with_no_port_sec(self):
|
||||
cfg.CONF.set_override('ens_support', True, 'nsx_v3')
|
||||
providernet_args = {psec.PORTSECURITY: False}
|
||||
with mock.patch("vmware_nsxlib.v3.core_resources.NsxLibTransportZone."
|
||||
"get_host_switch_mode", return_value="ENS"),\
|
||||
@ -481,6 +482,7 @@ class TestNetworksV2(test_plugin.TestNetworksV2, NsxV3PluginTestCaseMixin):
|
||||
self.assertFalse(res['network']['port_security_enabled'])
|
||||
|
||||
def test_create_ens_network_with_port_sec(self):
|
||||
cfg.CONF.set_override('ens_support', True, 'nsx_v3')
|
||||
providernet_args = {psec.PORTSECURITY: True}
|
||||
with mock.patch("vmware_nsxlib.v3.core_resources.NsxLibTransportZone."
|
||||
"get_host_switch_mode", return_value="ENS"),\
|
||||
@ -497,6 +499,7 @@ class TestNetworksV2(test_plugin.TestNetworksV2, NsxV3PluginTestCaseMixin):
|
||||
res['NeutronError']['type'])
|
||||
|
||||
def test_update_ens_network(self):
|
||||
cfg.CONF.set_override('ens_support', True, 'nsx_v3')
|
||||
providernet_args = {psec.PORTSECURITY: False}
|
||||
with mock.patch("vmware_nsxlib.v3.core_resources.NsxLibTransportZone."
|
||||
"get_host_switch_mode", return_value="ENS"),\
|
||||
|
Loading…
Reference in New Issue
Block a user