NSX|V3+P: Support UDP Octavia listeners

Change-Id: I3cfb1b7456f9108cc425f8a85369df1d9a218501
This commit is contained in:
asarfaty 2021-02-07 10:19:39 +02:00 committed by Adit Sarfaty
parent f1eed5aa59
commit 97870151ae
6 changed files with 35 additions and 1 deletions

View File

@ -26,6 +26,7 @@ LB_PROTOCOL_TCP = 'TCP'
LB_PROTOCOL_HTTP = 'HTTP' LB_PROTOCOL_HTTP = 'HTTP'
LB_PROTOCOL_HTTPS = 'HTTPS' LB_PROTOCOL_HTTPS = 'HTTPS'
LB_PROTOCOL_TERMINATED_HTTPS = 'TERMINATED_HTTPS' LB_PROTOCOL_TERMINATED_HTTPS = 'TERMINATED_HTTPS'
LB_PROTOCOL_UDP = 'UDP'
PROTOCOL_MAP = { PROTOCOL_MAP = {
LB_PROTOCOL_TCP: 'tcp', LB_PROTOCOL_TCP: 'tcp',

View File

@ -439,6 +439,7 @@ def set_allowed_cidrs_fw(core_plugin, context, loadbalancer, listeners):
fw_listeners.append({ fw_listeners.append({
'id': listener.get('listener_id', listener.get('id')), 'id': listener.get('listener_id', listener.get('id')),
'port': listener['protocol_port'], 'port': listener['protocol_port'],
'protocol': listener['protocol'],
'allowed_cidrs': listener['allowed_cidrs'], 'allowed_cidrs': listener['allowed_cidrs'],
'negate_cidrs': _get_negated_allowed_cidrs( 'negate_cidrs': _get_negated_allowed_cidrs(
listener['allowed_cidrs'], listener['allowed_cidrs'],
@ -499,11 +500,14 @@ def set_allowed_cidrs_fw(core_plugin, context, loadbalancer, listeners):
'scope': lb_const.LB_LISTENER_TYPE, 'scope': lb_const.LB_LISTENER_TYPE,
'tag': listener['id']}) 'tag': listener['id']})
srv_name = "LB Listener %s" % listener['id'] srv_name = "LB Listener %s" % listener['id']
protocol = (nsx_constants.UDP if
listener['protocol'] == lb_const.LB_PROTOCOL_UDP
else nsx_constants.TCP)
nsxpolicy.service.create_or_overwrite( nsxpolicy.service.create_or_overwrite(
srv_name, srv_name,
service_id=listener['id'], service_id=listener['id'],
description="Service for listener %s" % listener['id'], description="Service for listener %s" % listener['id'],
protocol=nsx_constants.TCP, protocol=protocol,
dest_ports=[listener['port']], dest_ports=[listener['port']],
tags=srv_tags) tags=srv_tags)

View File

@ -136,6 +136,8 @@ class EdgeListenerManagerFromDict(base_mgr.NsxpLoadbalancerBaseManager):
elif (listener['protocol'] == lb_const.LB_PROTOCOL_TCP or elif (listener['protocol'] == lb_const.LB_PROTOCOL_TCP or
listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS): listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS):
app_client = nsxlib_lb.lb_fast_tcp_profile app_client = nsxlib_lb.lb_fast_tcp_profile
elif listener['protocol'] == lb_const.LB_PROTOCOL_UDP:
app_client = nsxlib_lb.lb_fast_udp_profile
else: else:
msg = (_('Cannot create listener %(listener)s with ' msg = (_('Cannot create listener %(listener)s with '
'protocol %(protocol)s') % 'protocol %(protocol)s') %

View File

@ -74,6 +74,8 @@ class EdgeListenerManagerFromDict(base_mgr.Nsxv3LoadbalancerBaseManager):
if (listener['protocol'] == lb_const.LB_PROTOCOL_TERMINATED_HTTPS and if (listener['protocol'] == lb_const.LB_PROTOCOL_TERMINATED_HTTPS and
ssl_profile_binding): ssl_profile_binding):
kwargs.update(ssl_profile_binding) kwargs.update(ssl_profile_binding)
elif listener['protocol'] == lb_const.LB_PROTOCOL_UDP:
kwargs['ip_protocol'] = lb_const.LB_PROTOCOL_UDP
return kwargs return kwargs
def _get_ssl_profile_binding(self, tags, certificate=None): def _get_ssl_profile_binding(self, tags, certificate=None):
@ -207,6 +209,8 @@ class EdgeListenerManagerFromDict(base_mgr.Nsxv3LoadbalancerBaseManager):
elif (listener['protocol'] == lb_const.LB_PROTOCOL_TCP or elif (listener['protocol'] == lb_const.LB_PROTOCOL_TCP or
listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS): listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS):
profile_type = lb_const.LB_TCP_PROFILE profile_type = lb_const.LB_TCP_PROFILE
elif listener['protocol'] == lb_const.LB_PROTOCOL_UDP:
profile_type = lb_const.LB_UDP_PROFILE
else: else:
completor(success=False) completor(success=False)
msg = (_('Cannot create listener %(listener)s with ' msg = (_('Cannot create listener %(listener)s with '

View File

@ -54,6 +54,7 @@ EXT_LB_NETWORK = {'router:external': True,
LISTENER_ID = 'listener-x' LISTENER_ID = 'listener-x'
HTTP_LISTENER_ID = 'listener-http' HTTP_LISTENER_ID = 'listener-http'
HTTPS_LISTENER_ID = 'listener-https' HTTPS_LISTENER_ID = 'listener-https'
UDP_LISTENER_ID = 'listener-udp'
APP_PROFILE_ID = 'appp-x' APP_PROFILE_ID = 'appp-x'
LB_VS_ID = LISTENER_ID LB_VS_ID = LISTENER_ID
LB_APP_PROFILE = { LB_APP_PROFILE = {
@ -180,6 +181,9 @@ class BaseTestEdgeLbaasV2(base.BaseTestCase):
self.terminated_https_listener = lb_models.Listener( self.terminated_https_listener = lb_models.Listener(
HTTPS_LISTENER_ID, LB_TENANT_ID, 'listener3', '', None, LB_ID, HTTPS_LISTENER_ID, LB_TENANT_ID, 'listener3', '', None, LB_ID,
'TERMINATED_HTTPS', protocol_port=443, loadbalancer=self.lb) 'TERMINATED_HTTPS', protocol_port=443, loadbalancer=self.lb)
self.udp_listener = lb_models.Listener(
UDP_LISTENER_ID, LB_TENANT_ID, 'listener4', '', None, LB_ID,
'UDP', protocol_port=90, loadbalancer=self.lb)
self.allowed_cidr_listener = lb_models.Listener( self.allowed_cidr_listener = lb_models.Listener(
LISTENER_ID, LB_TENANT_ID, 'listener4', '', None, LB_ID, LISTENER_ID, LB_TENANT_ID, 'listener4', '', None, LB_ID,
'HTTP', protocol_port=80, allowed_cidrs=['1.1.1.0/24'], 'HTTP', protocol_port=80, allowed_cidrs=['1.1.1.0/24'],
@ -237,6 +241,8 @@ class BaseTestEdgeLbaasV2(base.BaseTestCase):
self.https_listener) self.https_listener)
self.terminated_https_listener_dict = lb_translators.\ self.terminated_https_listener_dict = lb_translators.\
lb_listener_obj_to_dict(self.terminated_https_listener) lb_listener_obj_to_dict(self.terminated_https_listener)
self.udp_listener_dict = lb_translators.lb_listener_obj_to_dict(
self.udp_listener)
self.pool_dict = lb_translators.lb_pool_obj_to_dict( self.pool_dict = lb_translators.lb_pool_obj_to_dict(
self.pool) self.pool)
self.pool_persistency_dict = lb_translators.lb_pool_obj_to_dict( self.pool_persistency_dict = lb_translators.lb_pool_obj_to_dict(
@ -720,6 +726,9 @@ class TestEdgeLbaasV2Listener(BaseTestEdgeLbaasV2):
if protocol == 'HTTPS': if protocol == 'HTTPS':
listener = self.https_listener_dict listener = self.https_listener_dict
listener_id = HTTP_LISTENER_ID listener_id = HTTP_LISTENER_ID
elif protocol == 'UDP':
listener = self.udp_listener_dict
listener_id = UDP_LISTENER_ID
if allowed_cidr: if allowed_cidr:
listener = self.cidr_list_dict listener = self.cidr_list_dict
@ -766,6 +775,9 @@ class TestEdgeLbaasV2Listener(BaseTestEdgeLbaasV2):
def test_create_https_listener(self): def test_create_https_listener(self):
self._create_listener(protocol='HTTPS') self._create_listener(protocol='HTTPS')
def test_create_udp_listener(self):
self._create_listener(protocol='UDP')
def test_create_terminated_https(self): def test_create_terminated_https(self):
#TODO(asarfaty): Add test with certificate #TODO(asarfaty): Add test with certificate
self.reset_completor() self.reset_completor()

View File

@ -58,6 +58,7 @@ LB_NETWORK = {'router:external': False,
LISTENER_ID = 'listener-x' LISTENER_ID = 'listener-x'
HTTP_LISTENER_ID = 'listener-http' HTTP_LISTENER_ID = 'listener-http'
HTTPS_LISTENER_ID = 'listener-https' HTTPS_LISTENER_ID = 'listener-https'
UDP_LISTENER_ID = 'listener-udp'
APP_PROFILE_ID = 'appp-x' APP_PROFILE_ID = 'appp-x'
LB_VS_ID = 'vs-x' LB_VS_ID = 'vs-x'
LB_APP_PROFILE = { LB_APP_PROFILE = {
@ -200,6 +201,9 @@ class BaseTestEdgeLbaasV2(base.BaseTestCase):
self.terminated_https_listener = lb_models.Listener( self.terminated_https_listener = lb_models.Listener(
HTTPS_LISTENER_ID, LB_TENANT_ID, 'listener3', '', None, LB_ID, HTTPS_LISTENER_ID, LB_TENANT_ID, 'listener3', '', None, LB_ID,
'TERMINATED_HTTPS', protocol_port=443, loadbalancer=self.lb) 'TERMINATED_HTTPS', protocol_port=443, loadbalancer=self.lb)
self.udp_listener = lb_models.Listener(
UDP_LISTENER_ID, LB_TENANT_ID, 'listener4', '', None, LB_ID,
'UDP', protocol_port=443, loadbalancer=self.lb)
self.pool = lb_models.Pool(POOL_ID, LB_TENANT_ID, 'pool1', '', self.pool = lb_models.Pool(POOL_ID, LB_TENANT_ID, 'pool1', '',
None, 'HTTP', 'ROUND_ROBIN', None, 'HTTP', 'ROUND_ROBIN',
loadbalancer_id=LB_ID, loadbalancer_id=LB_ID,
@ -251,6 +255,8 @@ class BaseTestEdgeLbaasV2(base.BaseTestCase):
self.https_listener) self.https_listener)
self.terminated_https_listener_dict = lb_translators.\ self.terminated_https_listener_dict = lb_translators.\
lb_listener_obj_to_dict(self.terminated_https_listener) lb_listener_obj_to_dict(self.terminated_https_listener)
self.udp_listener_dict = lb_translators.lb_listener_obj_to_dict(
self.udp_listener)
self.pool_dict = lb_translators.lb_pool_obj_to_dict( self.pool_dict = lb_translators.lb_pool_obj_to_dict(
self.pool) self.pool)
self.pool_persistency_dict = lb_translators.lb_pool_obj_to_dict( self.pool_persistency_dict = lb_translators.lb_pool_obj_to_dict(
@ -483,6 +489,8 @@ class TestEdgeLbaasV2Listener(BaseTestEdgeLbaasV2):
listener = self.listener_dict listener = self.listener_dict
if protocol == 'HTTPS': if protocol == 'HTTPS':
listener = self.https_listener_dict listener = self.https_listener_dict
elif protocol == 'UDP':
listener = self.udp_listener_dict
self.edge_driver.listener.create(self.context, listener, self.edge_driver.listener.create(self.context, listener,
self.completor) self.completor)
@ -501,6 +509,9 @@ class TestEdgeLbaasV2Listener(BaseTestEdgeLbaasV2):
def test_create_https_listener(self): def test_create_https_listener(self):
self._create_listener(protocol='HTTPS') self._create_listener(protocol='HTTPS')
def test_create_udp_listener(self):
self._create_listener(protocol='UDP')
def test_create_terminated_https(self): def test_create_terminated_https(self):
self.reset_completor() self.reset_completor()
with mock.patch.object(self.core_plugin, 'get_floatingips' with mock.patch.object(self.core_plugin, 'get_floatingips'