From 97870151aeb0b13f7c1999aba8ce0e6532337904 Mon Sep 17 00:00:00 2001
From: asarfaty <asarfaty@vmware.com>
Date: Sun, 7 Feb 2021 10:19:39 +0200
Subject: [PATCH] NSX|V3+P: Support UDP Octavia listeners

Change-Id: I3cfb1b7456f9108cc425f8a85369df1d9a218501
---
 vmware_nsx/services/lbaas/lb_const.py                |  1 +
 .../services/lbaas/nsx_p/implementation/lb_utils.py  |  6 +++++-
 .../lbaas/nsx_p/implementation/listener_mgr.py       |  2 ++
 .../lbaas/nsx_v3/implementation/listener_mgr.py      |  4 ++++
 .../tests/unit/services/lbaas/test_nsxp_driver.py    | 12 ++++++++++++
 .../tests/unit/services/lbaas/test_nsxv3_driver.py   | 11 +++++++++++
 6 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/vmware_nsx/services/lbaas/lb_const.py b/vmware_nsx/services/lbaas/lb_const.py
index 880c06e336..ac55e6b1bf 100644
--- a/vmware_nsx/services/lbaas/lb_const.py
+++ b/vmware_nsx/services/lbaas/lb_const.py
@@ -26,6 +26,7 @@ LB_PROTOCOL_TCP = 'TCP'
 LB_PROTOCOL_HTTP = 'HTTP'
 LB_PROTOCOL_HTTPS = 'HTTPS'
 LB_PROTOCOL_TERMINATED_HTTPS = 'TERMINATED_HTTPS'
+LB_PROTOCOL_UDP = 'UDP'
 
 PROTOCOL_MAP = {
     LB_PROTOCOL_TCP: 'tcp',
diff --git a/vmware_nsx/services/lbaas/nsx_p/implementation/lb_utils.py b/vmware_nsx/services/lbaas/nsx_p/implementation/lb_utils.py
index 8c4a523ade..89413a281f 100644
--- a/vmware_nsx/services/lbaas/nsx_p/implementation/lb_utils.py
+++ b/vmware_nsx/services/lbaas/nsx_p/implementation/lb_utils.py
@@ -439,6 +439,7 @@ def set_allowed_cidrs_fw(core_plugin, context, loadbalancer, listeners):
             fw_listeners.append({
                 'id': listener.get('listener_id', listener.get('id')),
                 'port': listener['protocol_port'],
+                'protocol': listener['protocol'],
                 'allowed_cidrs': listener['allowed_cidrs'],
                 'negate_cidrs': _get_negated_allowed_cidrs(
                     listener['allowed_cidrs'],
@@ -499,11 +500,14 @@ def set_allowed_cidrs_fw(core_plugin, context, loadbalancer, listeners):
             'scope': lb_const.LB_LISTENER_TYPE,
             'tag': listener['id']})
         srv_name = "LB Listener %s" % listener['id']
+        protocol = (nsx_constants.UDP if
+                    listener['protocol'] == lb_const.LB_PROTOCOL_UDP
+                    else nsx_constants.TCP)
         nsxpolicy.service.create_or_overwrite(
                 srv_name,
                 service_id=listener['id'],
                 description="Service for listener %s" % listener['id'],
-                protocol=nsx_constants.TCP,
+                protocol=protocol,
                 dest_ports=[listener['port']],
                 tags=srv_tags)
 
diff --git a/vmware_nsx/services/lbaas/nsx_p/implementation/listener_mgr.py b/vmware_nsx/services/lbaas/nsx_p/implementation/listener_mgr.py
index 235feaf0b7..09a7249d68 100644
--- a/vmware_nsx/services/lbaas/nsx_p/implementation/listener_mgr.py
+++ b/vmware_nsx/services/lbaas/nsx_p/implementation/listener_mgr.py
@@ -136,6 +136,8 @@ class EdgeListenerManagerFromDict(base_mgr.NsxpLoadbalancerBaseManager):
         elif (listener['protocol'] == lb_const.LB_PROTOCOL_TCP or
               listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS):
             app_client = nsxlib_lb.lb_fast_tcp_profile
+        elif listener['protocol'] == lb_const.LB_PROTOCOL_UDP:
+            app_client = nsxlib_lb.lb_fast_udp_profile
         else:
             msg = (_('Cannot create listener %(listener)s with '
                      'protocol %(protocol)s') %
diff --git a/vmware_nsx/services/lbaas/nsx_v3/implementation/listener_mgr.py b/vmware_nsx/services/lbaas/nsx_v3/implementation/listener_mgr.py
index d747f7efc2..f69967e468 100644
--- a/vmware_nsx/services/lbaas/nsx_v3/implementation/listener_mgr.py
+++ b/vmware_nsx/services/lbaas/nsx_v3/implementation/listener_mgr.py
@@ -74,6 +74,8 @@ class EdgeListenerManagerFromDict(base_mgr.Nsxv3LoadbalancerBaseManager):
         if (listener['protocol'] == lb_const.LB_PROTOCOL_TERMINATED_HTTPS and
             ssl_profile_binding):
             kwargs.update(ssl_profile_binding)
+        elif listener['protocol'] == lb_const.LB_PROTOCOL_UDP:
+            kwargs['ip_protocol'] = lb_const.LB_PROTOCOL_UDP
         return kwargs
 
     def _get_ssl_profile_binding(self, tags, certificate=None):
@@ -207,6 +209,8 @@ class EdgeListenerManagerFromDict(base_mgr.Nsxv3LoadbalancerBaseManager):
         elif (listener['protocol'] == lb_const.LB_PROTOCOL_TCP or
               listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS):
             profile_type = lb_const.LB_TCP_PROFILE
+        elif listener['protocol'] == lb_const.LB_PROTOCOL_UDP:
+            profile_type = lb_const.LB_UDP_PROFILE
         else:
             completor(success=False)
             msg = (_('Cannot create listener %(listener)s with '
diff --git a/vmware_nsx/tests/unit/services/lbaas/test_nsxp_driver.py b/vmware_nsx/tests/unit/services/lbaas/test_nsxp_driver.py
index 709baf1aa7..e8e2116e3c 100644
--- a/vmware_nsx/tests/unit/services/lbaas/test_nsxp_driver.py
+++ b/vmware_nsx/tests/unit/services/lbaas/test_nsxp_driver.py
@@ -54,6 +54,7 @@ EXT_LB_NETWORK = {'router:external': True,
 LISTENER_ID = 'listener-x'
 HTTP_LISTENER_ID = 'listener-http'
 HTTPS_LISTENER_ID = 'listener-https'
+UDP_LISTENER_ID = 'listener-udp'
 APP_PROFILE_ID = 'appp-x'
 LB_VS_ID = LISTENER_ID
 LB_APP_PROFILE = {
@@ -180,6 +181,9 @@ class BaseTestEdgeLbaasV2(base.BaseTestCase):
         self.terminated_https_listener = lb_models.Listener(
             HTTPS_LISTENER_ID, LB_TENANT_ID, 'listener3', '', None, LB_ID,
             'TERMINATED_HTTPS', protocol_port=443, loadbalancer=self.lb)
+        self.udp_listener = lb_models.Listener(
+            UDP_LISTENER_ID, LB_TENANT_ID, 'listener4', '', None, LB_ID,
+            'UDP', protocol_port=90, loadbalancer=self.lb)
         self.allowed_cidr_listener = lb_models.Listener(
             LISTENER_ID, LB_TENANT_ID, 'listener4', '', None, LB_ID,
             'HTTP', protocol_port=80, allowed_cidrs=['1.1.1.0/24'],
@@ -237,6 +241,8 @@ class BaseTestEdgeLbaasV2(base.BaseTestCase):
             self.https_listener)
         self.terminated_https_listener_dict = lb_translators.\
             lb_listener_obj_to_dict(self.terminated_https_listener)
+        self.udp_listener_dict = lb_translators.lb_listener_obj_to_dict(
+            self.udp_listener)
         self.pool_dict = lb_translators.lb_pool_obj_to_dict(
             self.pool)
         self.pool_persistency_dict = lb_translators.lb_pool_obj_to_dict(
@@ -720,6 +726,9 @@ class TestEdgeLbaasV2Listener(BaseTestEdgeLbaasV2):
             if protocol == 'HTTPS':
                 listener = self.https_listener_dict
                 listener_id = HTTP_LISTENER_ID
+            elif protocol == 'UDP':
+                listener = self.udp_listener_dict
+                listener_id = UDP_LISTENER_ID
             if allowed_cidr:
                 listener = self.cidr_list_dict
 
@@ -766,6 +775,9 @@ class TestEdgeLbaasV2Listener(BaseTestEdgeLbaasV2):
     def test_create_https_listener(self):
         self._create_listener(protocol='HTTPS')
 
+    def test_create_udp_listener(self):
+        self._create_listener(protocol='UDP')
+
     def test_create_terminated_https(self):
         #TODO(asarfaty): Add test with certificate
         self.reset_completor()
diff --git a/vmware_nsx/tests/unit/services/lbaas/test_nsxv3_driver.py b/vmware_nsx/tests/unit/services/lbaas/test_nsxv3_driver.py
index 825bf5e1d7..35b1840580 100644
--- a/vmware_nsx/tests/unit/services/lbaas/test_nsxv3_driver.py
+++ b/vmware_nsx/tests/unit/services/lbaas/test_nsxv3_driver.py
@@ -58,6 +58,7 @@ LB_NETWORK = {'router:external': False,
 LISTENER_ID = 'listener-x'
 HTTP_LISTENER_ID = 'listener-http'
 HTTPS_LISTENER_ID = 'listener-https'
+UDP_LISTENER_ID = 'listener-udp'
 APP_PROFILE_ID = 'appp-x'
 LB_VS_ID = 'vs-x'
 LB_APP_PROFILE = {
@@ -200,6 +201,9 @@ class BaseTestEdgeLbaasV2(base.BaseTestCase):
         self.terminated_https_listener = lb_models.Listener(
             HTTPS_LISTENER_ID, LB_TENANT_ID, 'listener3', '', None, LB_ID,
             'TERMINATED_HTTPS', protocol_port=443, loadbalancer=self.lb)
+        self.udp_listener = lb_models.Listener(
+            UDP_LISTENER_ID, LB_TENANT_ID, 'listener4', '', None, LB_ID,
+            'UDP', protocol_port=443, loadbalancer=self.lb)
         self.pool = lb_models.Pool(POOL_ID, LB_TENANT_ID, 'pool1', '',
                                    None, 'HTTP', 'ROUND_ROBIN',
                                    loadbalancer_id=LB_ID,
@@ -251,6 +255,8 @@ class BaseTestEdgeLbaasV2(base.BaseTestCase):
             self.https_listener)
         self.terminated_https_listener_dict = lb_translators.\
             lb_listener_obj_to_dict(self.terminated_https_listener)
+        self.udp_listener_dict = lb_translators.lb_listener_obj_to_dict(
+            self.udp_listener)
         self.pool_dict = lb_translators.lb_pool_obj_to_dict(
             self.pool)
         self.pool_persistency_dict = lb_translators.lb_pool_obj_to_dict(
@@ -483,6 +489,8 @@ class TestEdgeLbaasV2Listener(BaseTestEdgeLbaasV2):
             listener = self.listener_dict
             if protocol == 'HTTPS':
                 listener = self.https_listener_dict
+            elif protocol == 'UDP':
+                listener = self.udp_listener_dict
 
             self.edge_driver.listener.create(self.context, listener,
                                              self.completor)
@@ -501,6 +509,9 @@ class TestEdgeLbaasV2Listener(BaseTestEdgeLbaasV2):
     def test_create_https_listener(self):
         self._create_listener(protocol='HTTPS')
 
+    def test_create_udp_listener(self):
+        self._create_listener(protocol='UDP')
+
     def test_create_terminated_https(self):
         self.reset_completor()
         with mock.patch.object(self.core_plugin, 'get_floatingips'