x/vmware-nsx
Code Issues Proposed changes

Validate transport zone type upon neutron startup

Browse Source 
Upon startup, the plugin validates that configured default tzs
exist on backend, however does not validate their type. This
change adds type validation (OVERLAY or VLAN), and throws startup
exception if type is incorrect.
In addition, this change adds null validation and removes dead
code.

Change-Id: Ibeff164eb03fec9141326c24b0c069f0e16a1e7b
This commit is contained in:
Anna Khmelnitsky 2021-04-28 23:50:11 +00:00
parent 8a14e8a906
commit f5cdef72a6
2 changed files with 29 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
vmware_nsx/plugins/nsx_p/availability_zones.py
View File

@ -55,6 +55,12 @@ class NsxPAvailabilityZone(v3_az.NsxV3AvailabilityZone):
# NOTE(annak): we may need to generalize this for API calls # NOTE(annak): we may need to generalize this for API calls
# requiring path ids # requiring path ids
name_or_id = getattr(self, config_name) name_or_id = getattr(self, config_name)
err_msg = (_("Could not find %(res)s %(id)s for availability "
"zone %(az)s") % {
'res': config_name,
'id': name_or_id,
'az': self.name})
if not name_or_id: if not name_or_id:
if auto_config: if auto_config:
# If the field not specified, the system will auto-configure # If the field not specified, the system will auto-configure
@ -76,9 +82,23 @@ class NsxPAvailabilityZone(v3_az.NsxV3AvailabilityZone):
raise nsx_exc.NsxPluginException(err_msg=msg) raise nsx_exc.NsxPluginException(err_msg=msg)
return None return None
# If filtering was specified, we need to ensure the configured
# resource matches the filter
def verify_resource_matches_filter(result):
if filter_list_results:
exists = filter_list_results([result])
if not exists:
LOG.error("Resource %s doesn't match config "
"requirement for %s" % (name_or_id, config_name))
if self.is_default():
raise cfg.RequiredOptError(config_name,
group=cfg.OptGroup('nsx_p'))
raise nsx_exc.NsxPluginException(err_msg=err_msg)
try: try:
# Check if the configured value is the ID # Check if the configured value is the ID
resource_api.get(name_or_id, silent=True) resource = resource_api.get(name_or_id, silent=True)
verify_resource_matches_filter(resource)
return name_or_id return name_or_id
except nsx_lib_exc.ResourceNotFound: except nsx_lib_exc.ResourceNotFound:
# Search by tags # Search by tags
@ -94,18 +114,14 @@ class NsxPAvailabilityZone(v3_az.NsxV3AvailabilityZone):
# Check if the configured value is the name # Check if the configured value is the name
resource = resource_api.get_by_name(name_or_id) resource = resource_api.get_by_name(name_or_id)
if resource: if resource:
verify_resource_matches_filter(resource)
return resource['id'] return resource['id']
# Resource not found # Resource not found
if self.is_default(): if self.is_default():
raise cfg.RequiredOptError(config_name, raise cfg.RequiredOptError(config_name,
group=cfg.OptGroup('nsx_p')) group=cfg.OptGroup('nsx_p'))
msg = (_("Could not find %(res)s %(id)s for availability " raise nsx_exc.NsxPluginException(err_msg=err_msg)
"zone %(az)s") % {
'res': config_name,
'id': name_or_id,
'az': self.name})
raise nsx_exc.NsxPluginException(err_msg=msg)
def translate_configured_names_to_uuids(self, nsxpolicy, nsxlib=None, def translate_configured_names_to_uuids(self, nsxpolicy, nsxlib=None,
search_scope=None): search_scope=None):
@ -237,6 +253,7 @@ class NsxPAvailabilityZone(v3_az.NsxV3AvailabilityZone):
if self.use_policy_dhcp: if self.use_policy_dhcp:
dhcp_ec_path = nsxpolicy.dhcp_server_config.get( dhcp_ec_path = nsxpolicy.dhcp_server_config.get(
self._policy_dhcp_server_config).get('edge_cluster_path') self._policy_dhcp_server_config).get('edge_cluster_path')
if dhcp_ec_path:
dhcp_ec = p_utils.path_to_id(dhcp_ec_path) dhcp_ec = p_utils.path_to_id(dhcp_ec_path)
if dhcp_ec != tier0_ec_uuid: if dhcp_ec != tier0_ec_uuid:
self._validate_tz(nsxpolicy, nsxlib, 'DHCP server config', self._validate_tz(nsxpolicy, nsxlib, 'DHCP server config',

28
vmware_nsx/plugins/nsx_p/plugin.py
View File

@ -325,34 +325,6 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base):
LOG.error(msg) LOG.error(msg)
raise nsx_exc.NsxPluginException(err_msg=msg) raise nsx_exc.NsxPluginException(err_msg=msg)
def _init_backend_resource(self, resource_api, name_or_id,
search_scope=None):
resource_type = resource_api.entry_def.resource_type()
if not name_or_id:
return None
try:
# Check if the configured value is the ID
resource_api.get(name_or_id, silent=True)
return name_or_id
except nsx_lib_exc.ResourceNotFound:
# Search by tags
if search_scope:
resource_id = self.nsxpolicy.get_id_by_resource_and_tag(
resource_type,
search_scope,
name_or_id)
if resource_id:
return resource_id
# Check if the configured value is the name
resource = resource_api.get_by_name(name_or_id)
if resource:
return resource['id']
msg = (_("Could not find %(type)s %(id)s") % {
'type': resource_type, 'id': name_or_id})
raise nsx_exc.NsxPluginException(err_msg=msg)
def get_waf_profile_path_and_mode(self): def get_waf_profile_path_and_mode(self):
# WAF is currently not supported by the NSX # WAF is currently not supported by the NSX
return None, None return None, None