x/vmware-nsx
Code Issues Proposed changes

Merge "NSX|V3+P: Limit number of subnet static routes per backend"

Browse Source
This commit is contained in:
Zuul 2019-03-14 14:31:32 +00:00 committed by Gerrit Code Review
commit 0bb84d5762
2 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
vmware_nsx/plugins/common_v3/plugin.py
View File

@ -1780,6 +1780,7 @@ class NsxPluginV3Base(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
pass pass
def _create_subnet(self, context, subnet): def _create_subnet(self, context, subnet):
self._validate_number_of_subnet_static_routes(subnet)
self._validate_host_routes_input(subnet) self._validate_host_routes_input(subnet)
# TODO(berlin): public external subnet announcement # TODO(berlin): public external subnet announcement
@ -1958,6 +1959,20 @@ class NsxPluginV3Base(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
"""Should be implemented by each plugin""" """Should be implemented by each plugin"""
pass pass
def _validate_number_of_subnet_static_routes(self, subnet_input):
s = subnet_input['subnet']
request_host_routes = (validators.is_attr_set(s.get('host_routes')) and
s['host_routes'])
num_allowed_on_backend = nsxlib_consts.MAX_STATIC_ROUTES
if request_host_routes:
if len(request_host_routes) > num_allowed_on_backend:
err_msg = (_(
"Number of static routes is limited at the backend to %("
"backend)s. Requested %(requested)s") %
{'backend': nsxlib_consts.MAX_STATIC_ROUTES,
'requested': len(request_host_routes)})
raise n_exc.InvalidInput(error_message=err_msg)
def get_subnets(self, context, filters=None, fields=None, sorts=None, def get_subnets(self, context, filters=None, fields=None, sorts=None,
limit=None, marker=None, page_reverse=False): limit=None, marker=None, page_reverse=False):
filters = filters or {} filters = filters or {}
@ -2001,6 +2016,7 @@ class NsxPluginV3Base(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
def _update_subnet(self, context, subnet_id, subnet): def _update_subnet(self, context, subnet_id, subnet):
updated_subnet = None updated_subnet = None
orig_subnet = self.get_subnet(context, subnet_id) orig_subnet = self.get_subnet(context, subnet_id)
self._validate_number_of_subnet_static_routes(subnet)
self._validate_host_routes_input( self._validate_host_routes_input(
subnet, subnet,
orig_enable_dhcp=orig_subnet['enable_dhcp'], orig_enable_dhcp=orig_subnet['enable_dhcp'],

22
vmware_nsx/tests/unit/nsx_v3/test_plugin.py
View File

@ -927,6 +927,28 @@ class TestSubnetsV2(test_plugin.TestSubnetsV2, NsxV3PluginTestCaseMixin):
self.plugin.create_subnet, self.plugin.create_subnet,
context.get_admin_context(), data) context.get_admin_context(), data)
def test_fail_create_static_routes_per_subnet_over_limit(self):
with self.network() as network:
data = {'subnet': {'network_id': network['network']['id'],
'cidr': '10.0.0.0/16',
'name': 'sub1',
'dns_nameservers': None,
'allocation_pools': None,
'tenant_id': 'tenant_one',
'enable_dhcp': False,
'ip_version': 4}}
count = 1
host_routes = []
while count < 28:
host_routes.append("'host_routes': [{'destination': "
"'135.207.0.0/%s', 'nexthop': "
"'1.2.3.%s'}]" % (count, count))
count += 1
data['subnet']['host_routes'] = host_routes
self.assertRaises(n_exc.InvalidInput,
self.plugin.create_subnet,
context.get_admin_context(), data)
def test_create_subnet_disable_dhcp_with_host_route_fails(self): def test_create_subnet_disable_dhcp_with_host_route_fails(self):
with self.network() as network: with self.network() as network:
data = {'subnet': {'network_id': network['network']['id'], data = {'subnet': {'network_id': network['network']['id'],