Remove deprecated apis & configs
Change-Id: Id08e3f660d11e365110f4adf99dd8b3a9d194fc3
This commit is contained in:
parent
12f0edff2f
commit
d657cc1d07
@ -73,8 +73,8 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
|
|||||||
section_id = 'section-id'
|
section_id = 'section-id'
|
||||||
group_id = 'nsgroup-id'
|
group_id = 'nsgroup-id'
|
||||||
target_id = 'dummy'
|
target_id = 'dummy'
|
||||||
self.nsxlib.firewall_section.create_rules(
|
self.nsxlib.firewall_section.create_section_rules(
|
||||||
None, section_id, group_id, False,
|
section_id, group_id, False,
|
||||||
"ALLOW", rules, {rule_id: target_id})
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
add_rules.assert_called_once_with([
|
add_rules.assert_called_once_with([
|
||||||
{'display_name': mock.ANY,
|
{'display_name': mock.ANY,
|
||||||
@ -105,8 +105,8 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
|
|||||||
section_id = 'section-id'
|
section_id = 'section-id'
|
||||||
group_id = 'nsgroup-id'
|
group_id = 'nsgroup-id'
|
||||||
target_id = 'dummy'
|
target_id = 'dummy'
|
||||||
self.nsxlib.firewall_section.create_rules(
|
self.nsxlib.firewall_section.create_section_rules(
|
||||||
None, section_id, group_id, False,
|
section_id, group_id, False,
|
||||||
"ALLOW", rules, {rule_id: target_id})
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
add_rules.assert_called_once_with([
|
add_rules.assert_called_once_with([
|
||||||
{'display_name': mock.ANY,
|
{'display_name': mock.ANY,
|
||||||
@ -139,8 +139,8 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
|
|||||||
section_id = 'section-id'
|
section_id = 'section-id'
|
||||||
group_id = 'nsgroup-id'
|
group_id = 'nsgroup-id'
|
||||||
target_id = 'dummy'
|
target_id = 'dummy'
|
||||||
self.nsxlib.firewall_section.create_rules(
|
self.nsxlib.firewall_section.create_section_rules(
|
||||||
None, section_id, group_id, False,
|
section_id, group_id, False,
|
||||||
"ALLOW", rules, {rule_id: target_id})
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
add_rules.assert_called_once_with([
|
add_rules.assert_called_once_with([
|
||||||
{'display_name': mock.ANY,
|
{'display_name': mock.ANY,
|
||||||
@ -190,8 +190,8 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
|
|||||||
section_id = 'section-id'
|
section_id = 'section-id'
|
||||||
group_id = 'nsgroup-id'
|
group_id = 'nsgroup-id'
|
||||||
target_id = 'dummy'
|
target_id = 'dummy'
|
||||||
self.nsxlib.firewall_section.create_rules(
|
self.nsxlib.firewall_section.create_section_rules(
|
||||||
None, section_id, group_id, False,
|
section_id, group_id, False,
|
||||||
"ALLOW", rules, {rule_id: target_id})
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
add_rules.assert_called_once_with([
|
add_rules.assert_called_once_with([
|
||||||
{'display_name': mock.ANY,
|
{'display_name': mock.ANY,
|
||||||
@ -224,15 +224,17 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
|
|||||||
target_id = 'dummy'
|
target_id = 'dummy'
|
||||||
with mock.patch("vmware_nsxlib.v3.NsxLib.get_version",
|
with mock.patch("vmware_nsxlib.v3.NsxLib.get_version",
|
||||||
return_value="2.3.0"):
|
return_value="2.3.0"):
|
||||||
self.assertRaises(nsxlib_exc.InvalidInput,
|
self.assertRaises(
|
||||||
self.nsxlib.firewall_section.create_rules,
|
nsxlib_exc.InvalidInput,
|
||||||
None, section_id, group_id, False,
|
self.nsxlib.firewall_section.create_section_rules,
|
||||||
|
section_id, group_id, False,
|
||||||
"ALLOW", rules, {rule_id: target_id})
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
with mock.patch("vmware_nsxlib.v3.NsxLib.get_version",
|
with mock.patch("vmware_nsxlib.v3.NsxLib.get_version",
|
||||||
return_value="2.4.0"):
|
return_value="2.4.0"):
|
||||||
self.assertRaises(nsxlib_exc.InvalidInput,
|
self.assertRaises(
|
||||||
self.nsxlib.firewall_section.create_rules,
|
nsxlib_exc.InvalidInput,
|
||||||
None, section_id, group_id, False,
|
self.nsxlib.firewall_section.create_section_rules,
|
||||||
|
section_id, group_id, False,
|
||||||
"ALLOW", rules, {rule_id: target_id})
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
|
|
||||||
def test_create_rule_with_illegal_icmp_2_4(self):
|
def test_create_rule_with_illegal_icmp_2_4(self):
|
||||||
@ -250,9 +252,10 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
|
|||||||
target_id = 'dummy'
|
target_id = 'dummy'
|
||||||
with mock.patch("vmware_nsxlib.v3.NsxLib.get_version",
|
with mock.patch("vmware_nsxlib.v3.NsxLib.get_version",
|
||||||
return_value="2.4.0"):
|
return_value="2.4.0"):
|
||||||
self.assertRaises(nsxlib_exc.InvalidInput,
|
self.assertRaises(
|
||||||
self.nsxlib.firewall_section.create_rules,
|
nsxlib_exc.InvalidInput,
|
||||||
None, section_id, group_id, False,
|
self.nsxlib.firewall_section.create_section_rules,
|
||||||
|
section_id, group_id, False,
|
||||||
"ALLOW", rules, {rule_id: target_id})
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
|
|
||||||
def test_create_with_rules(self):
|
def test_create_with_rules(self):
|
||||||
@ -352,8 +355,8 @@ class TestNsxLibFirewallSection(nsxlib_testcase.NsxLibTestCase):
|
|||||||
section_id = 'section-id'
|
section_id = 'section-id'
|
||||||
group_id = 'nsgroup-id'
|
group_id = 'nsgroup-id'
|
||||||
target_id = 'dummy'
|
target_id = 'dummy'
|
||||||
self.nsxlib.firewall_section.create_rules(
|
self.nsxlib.firewall_section.create_section_rules(
|
||||||
None, section_id, group_id, False,
|
section_id, group_id, False,
|
||||||
"ALLOW", rules, {rule_id: target_id})
|
"ALLOW", rules, {rule_id: target_id})
|
||||||
expected_rule = {'display_name': mock.ANY,
|
expected_rule = {'display_name': mock.ANY,
|
||||||
'ip_protocol': 'IPV4',
|
'ip_protocol': 'IPV4',
|
||||||
@ -514,26 +517,6 @@ class TestNsxLibNSGroup(nsxlib_testcase.NsxClientTestCase):
|
|||||||
# getting the rules, and get before each update
|
# getting the rules, and get before each update
|
||||||
self.assertEqual(3, get_mock.call_count)
|
self.assertEqual(3, get_mock.call_count)
|
||||||
|
|
||||||
def test_update_on_backend(self):
|
|
||||||
security_group = {
|
|
||||||
'name': 'name',
|
|
||||||
'id': uuidutils.generate_uuid(),
|
|
||||||
'description': None,
|
|
||||||
'logging': False}
|
|
||||||
nsgroup_id = uuidutils.generate_uuid()
|
|
||||||
section_id = uuidutils.generate_uuid()
|
|
||||||
log_sg_allowed_traffic = True
|
|
||||||
|
|
||||||
with mock.patch.object(self.nsxlib.client, 'update') as update_mock,\
|
|
||||||
mock.patch.object(self.nsxlib.client, 'get') as get_mock:
|
|
||||||
self.nsxlib.ns_group.update_on_backend(
|
|
||||||
None, security_group, nsgroup_id, section_id,
|
|
||||||
log_sg_allowed_traffic)
|
|
||||||
# updating the nsgroup and the section
|
|
||||||
self.assertEqual(2, update_mock.call_count)
|
|
||||||
# getting the rules, and get before each update
|
|
||||||
self.assertEqual(3, get_mock.call_count)
|
|
||||||
|
|
||||||
def test_update_lport_nsgroups(self):
|
def test_update_lport_nsgroups(self):
|
||||||
nsgroup_id1 = uuidutils.generate_uuid()
|
nsgroup_id1 = uuidutils.generate_uuid()
|
||||||
nsgroup_id2 = uuidutils.generate_uuid()
|
nsgroup_id2 = uuidutils.generate_uuid()
|
||||||
|
@ -14,7 +14,6 @@
|
|||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
from oslo_log import log
|
from oslo_log import log
|
||||||
from oslo_log import versionutils
|
|
||||||
|
|
||||||
LOG = log.getLogger(__name__)
|
LOG = log.getLogger(__name__)
|
||||||
|
|
||||||
@ -74,8 +73,6 @@ class NsxLibConfig(object):
|
|||||||
binding entries. These will be used if there are
|
binding entries. These will be used if there are
|
||||||
no nameservers defined on the subnet.
|
no nameservers defined on the subnet.
|
||||||
:param dns_domain: Domain to use for building the hostnames.
|
:param dns_domain: Domain to use for building the hostnames.
|
||||||
:param dhcp_profile_uuid: Currently unused and deprecated.
|
|
||||||
Kept for backward compatibility.
|
|
||||||
:param allow_overwrite_header: If True, a default header of
|
:param allow_overwrite_header: If True, a default header of
|
||||||
X-Allow-Overwrite:true will be added to all
|
X-Allow-Overwrite:true will be added to all
|
||||||
the requests, to allow admin user to update/
|
the requests, to allow admin user to update/
|
||||||
@ -128,7 +125,6 @@ class NsxLibConfig(object):
|
|||||||
plugin_ver=None,
|
plugin_ver=None,
|
||||||
dns_nameservers=None,
|
dns_nameservers=None,
|
||||||
dns_domain='openstacklocal',
|
dns_domain='openstacklocal',
|
||||||
dhcp_profile_uuid=None,
|
|
||||||
allow_overwrite_header=False,
|
allow_overwrite_header=False,
|
||||||
rate_limit_retry=True,
|
rate_limit_retry=True,
|
||||||
cluster_unavailable_retry=False,
|
cluster_unavailable_retry=False,
|
||||||
@ -172,13 +168,6 @@ class NsxLibConfig(object):
|
|||||||
" to True, overriding provided configuration")
|
" to True, overriding provided configuration")
|
||||||
self.cluster_unavailable_retry = True
|
self.cluster_unavailable_retry = True
|
||||||
|
|
||||||
if dhcp_profile_uuid:
|
|
||||||
# this is deprecated, and never used.
|
|
||||||
versionutils.report_deprecated_feature(
|
|
||||||
LOG,
|
|
||||||
'dhcp_profile_uuid is not used by the nsxlib, and will '
|
|
||||||
'be removed from its configuration in the future.')
|
|
||||||
|
|
||||||
def extend(self, keepalive_section, validate_connection_method=None,
|
def extend(self, keepalive_section, validate_connection_method=None,
|
||||||
url_base=None):
|
url_base=None):
|
||||||
if keepalive_section or validate_connection_method:
|
if keepalive_section or validate_connection_method:
|
||||||
|
@ -14,11 +14,8 @@
|
|||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
import netaddr
|
import netaddr
|
||||||
import six
|
|
||||||
|
|
||||||
from oslo_log import log
|
from oslo_log import log
|
||||||
from oslo_log import versionutils
|
|
||||||
|
|
||||||
from vmware_nsxlib.v3 import constants
|
from vmware_nsxlib.v3 import constants
|
||||||
from vmware_nsxlib.v3 import utils
|
from vmware_nsxlib.v3 import utils
|
||||||
|
|
||||||
@ -53,24 +50,6 @@ class NsxLibNativeDhcp(utils.NsxLibApiBase):
|
|||||||
def build_server_name(self, net_name, net_id):
|
def build_server_name(self, net_name, net_id):
|
||||||
return utils.get_name_and_uuid(net_name or 'dhcpserver', net_id)
|
return utils.get_name_and_uuid(net_name or 'dhcpserver', net_id)
|
||||||
|
|
||||||
def build_server_domain_name(self, net_dns_domain, default_dns_domain):
|
|
||||||
versionutils.report_deprecated_feature(
|
|
||||||
LOG,
|
|
||||||
'NsxLibQosNativeDhcp.build_server_domain_name is deprecated.')
|
|
||||||
|
|
||||||
if net_dns_domain:
|
|
||||||
if isinstance(net_dns_domain, six.string_types):
|
|
||||||
domain_name = net_dns_domain
|
|
||||||
else:
|
|
||||||
domain_name = net_dns_domain['dns_domain']
|
|
||||||
else:
|
|
||||||
# use the default one, or the globally configured one
|
|
||||||
if default_dns_domain is not None:
|
|
||||||
domain_name = default_dns_domain
|
|
||||||
else:
|
|
||||||
domain_name = self.nsxlib_config.dns_domain
|
|
||||||
return domain_name
|
|
||||||
|
|
||||||
def build_server(self, name, ip_address, cidr, gateway_ip,
|
def build_server(self, name, ip_address, cidr, gateway_ip,
|
||||||
dns_domain=None, dns_nameservers=None,
|
dns_domain=None, dns_nameservers=None,
|
||||||
host_routes=None,
|
host_routes=None,
|
||||||
@ -107,39 +86,3 @@ class NsxLibNativeDhcp(utils.NsxLibApiBase):
|
|||||||
body['dhcp_profile_id'] = dhcp_profile_id
|
body['dhcp_profile_id'] = dhcp_profile_id
|
||||||
|
|
||||||
return body
|
return body
|
||||||
|
|
||||||
def build_server_config(self, network, subnet, port, tags,
|
|
||||||
default_dns_nameservers=None,
|
|
||||||
default_dns_domain=None):
|
|
||||||
|
|
||||||
versionutils.report_deprecated_feature(
|
|
||||||
LOG,
|
|
||||||
'NsxLibQosNativeDhcp.build_server_config is deprecated. '
|
|
||||||
'Please use build_server instead')
|
|
||||||
|
|
||||||
# Prepare the configuration for a new logical DHCP server.
|
|
||||||
server_ip = "%s/%u" % (port['fixed_ips'][0]['ip_address'],
|
|
||||||
netaddr.IPNetwork(subnet['cidr']).prefixlen)
|
|
||||||
dns_nameservers = subnet['dns_nameservers']
|
|
||||||
if not dns_nameservers or not utils.is_attr_set(dns_nameservers):
|
|
||||||
# use the default one , or the globally configured one
|
|
||||||
if default_dns_nameservers is not None:
|
|
||||||
dns_nameservers = default_dns_nameservers
|
|
||||||
else:
|
|
||||||
dns_nameservers = self.nsxlib_config.dns_nameservers
|
|
||||||
gateway_ip = subnet['gateway_ip']
|
|
||||||
if not utils.is_attr_set(gateway_ip):
|
|
||||||
gateway_ip = None
|
|
||||||
static_routes, gateway_ip = self.build_static_routes(
|
|
||||||
gateway_ip, subnet['cidr'], subnet['host_routes'])
|
|
||||||
options = {'option121': {'static_routes': static_routes}}
|
|
||||||
name = self.build_server_name(network['name'], network['id'])
|
|
||||||
domain_name = self.build_server_domain_name(network.get('dns_domain'),
|
|
||||||
default_dns_domain)
|
|
||||||
return {'name': name,
|
|
||||||
'server_ip': server_ip,
|
|
||||||
'dns_nameservers': dns_nameservers,
|
|
||||||
'domain_name': domain_name,
|
|
||||||
'gateway_ip': gateway_ip,
|
|
||||||
'options': options,
|
|
||||||
'tags': tags}
|
|
||||||
|
@ -21,7 +21,6 @@ NSX-V3 Plugin security & Distributed Firewall integration module
|
|||||||
from distutils import version
|
from distutils import version
|
||||||
|
|
||||||
from oslo_log import log
|
from oslo_log import log
|
||||||
from oslo_log import versionutils
|
|
||||||
from oslo_utils import excutils
|
from oslo_utils import excutils
|
||||||
|
|
||||||
from vmware_nsxlib.v3 import exceptions
|
from vmware_nsxlib.v3 import exceptions
|
||||||
@ -63,19 +62,6 @@ class NsxLibNsGroup(utils.NsxLibApiBase):
|
|||||||
self.firewall_section.update(section_id, name, description,
|
self.firewall_section.update(section_id, name, description,
|
||||||
rules=rules)
|
rules=rules)
|
||||||
|
|
||||||
def update_on_backend(self, context, security_group,
|
|
||||||
nsgroup_id, section_id,
|
|
||||||
log_sg_allowed_traffic):
|
|
||||||
# This api is deprecated because of the irrelevant context arg
|
|
||||||
versionutils.report_deprecated_feature(
|
|
||||||
LOG,
|
|
||||||
'security.NsxLibNsGroup.update_on_backend is deprecated. '
|
|
||||||
'Please use security.NsxLibNsGroup.update_nsgroup_and_section '
|
|
||||||
'instead.')
|
|
||||||
return self.update_nsgroup_and_section(security_group, nsgroup_id,
|
|
||||||
section_id,
|
|
||||||
log_sg_allowed_traffic)
|
|
||||||
|
|
||||||
def get_name(self, security_group):
|
def get_name(self, security_group):
|
||||||
# NOTE(roeyc): We add the security-group id to the NSGroup name,
|
# NOTE(roeyc): We add the security-group id to the NSGroup name,
|
||||||
# for usability purposes.
|
# for usability purposes.
|
||||||
@ -120,14 +106,6 @@ class NsxLibNsGroup(utils.NsxLibApiBase):
|
|||||||
self.remove_member(
|
self.remove_member(
|
||||||
nsgroup_id, consts.TARGET_TYPE_LOGICAL_PORT, lport_id)
|
nsgroup_id, consts.TARGET_TYPE_LOGICAL_PORT, lport_id)
|
||||||
|
|
||||||
def update_lport(self, context, lport_id, original, updated):
|
|
||||||
# This api is deprecated because of the irrelevant context arg
|
|
||||||
versionutils.report_deprecated_feature(
|
|
||||||
LOG,
|
|
||||||
'security.NsxLibNsGroup.update_lport is deprecated. '
|
|
||||||
'Please use security.NsxLibNsGroup.update_lport_nsgroups instead.')
|
|
||||||
return self.update_lport_nsgroups(lport_id, original, updated)
|
|
||||||
|
|
||||||
def get_nsservice(self, resource_type, **properties):
|
def get_nsservice(self, resource_type, **properties):
|
||||||
service = {'resource_type': resource_type}
|
service = {'resource_type': resource_type}
|
||||||
service.update(properties)
|
service.update(properties)
|
||||||
@ -561,20 +539,6 @@ class NsxLibFirewallSection(utils.NsxLibApiBase):
|
|||||||
firewall_rules.append(fw_rule)
|
firewall_rules.append(fw_rule)
|
||||||
return self.add_rules(firewall_rules, section_id)
|
return self.add_rules(firewall_rules, section_id)
|
||||||
|
|
||||||
def create_rules(self, context, section_id, nsgroup_id,
|
|
||||||
logging_enabled, action, security_group_rules,
|
|
||||||
ruleid_2_remote_nsgroup_map):
|
|
||||||
# This api is deprecated because of the irrelevant context arg
|
|
||||||
versionutils.report_deprecated_feature(
|
|
||||||
LOG,
|
|
||||||
'security.NsxLibFirewallSection.create_rules is deprecated. '
|
|
||||||
'Please use security.NsxLibFirewallSection.create_section_rules '
|
|
||||||
'instead.')
|
|
||||||
return self.create_section_rules(
|
|
||||||
section_id, nsgroup_id,
|
|
||||||
logging_enabled, action, security_group_rules,
|
|
||||||
ruleid_2_remote_nsgroup_map)
|
|
||||||
|
|
||||||
def set_rule_logging(self, section_id, logging):
|
def set_rule_logging(self, section_id, logging):
|
||||||
rules = self._process_rules_logging_for_update(
|
rules = self._process_rules_logging_for_update(
|
||||||
section_id, logging)
|
section_id, logging)
|
||||||
|
Loading…
Reference in New Issue
Block a user