From 4c17c10561626501909aa52056c81cce13c5d931 Mon Sep 17 00:00:00 2001 From: Adit Sarfaty Date: Tue, 23 May 2017 15:44:00 +0300 Subject: [PATCH] NSX|v3: Use nsxlib features list Use nsxlib to check if a feature is available at hte current backend version. Change-Id: Iabe06f23a6d78c202f2854521565c1f4063cc174 Depends-on: I947d40fbfa574295982744ba06918894b2459fd9 --- vmware_nsx/common/utils.py | 8 +++--- vmware_nsx/plugins/nsx_v3/plugin.py | 27 ++++++++++++------- .../plugins/nsxv3/resources/securitygroups.py | 5 ++-- .../unit/extensions/test_securitygroup.py | 7 +++-- 4 files changed, 27 insertions(+), 20 deletions(-) diff --git a/vmware_nsx/common/utils.py b/vmware_nsx/common/utils.py index eb2a30e2d2..8f7370d98c 100644 --- a/vmware_nsx/common/utils.py +++ b/vmware_nsx/common/utils.py @@ -28,13 +28,13 @@ from neutron_lib import constants from oslo_context import context as common_context from oslo_log import log +from vmware_nsxlib.v3 import nsx_constants as v3_const + LOG = log.getLogger(__name__) MAX_DISPLAY_NAME_LEN = 40 NEUTRON_VERSION = n_version.version_info.release_string() OS_NEUTRON_ID_SCOPE = 'os-neutron-id' -NSXV3_VERSION_1_1_0 = '1.1.0' -NSXV3_VERSION_2_0_0 = '2.0.0' # Allowed network types for the NSX Plugin @@ -68,12 +68,12 @@ class NsxV3NetworkTypes(object): def is_nsx_version_1_1_0(nsx_version): return (version.LooseVersion(nsx_version) >= - version.LooseVersion(NSXV3_VERSION_1_1_0)) + version.LooseVersion(v3_const.NSX_VERSION_1_1_0)) def is_nsx_version_2_0_0(nsx_version): return (version.LooseVersion(nsx_version) >= - version.LooseVersion(NSXV3_VERSION_2_0_0)) + version.LooseVersion(v3_const.NSX_VERSION_2_0_0)) def is_nsxv_version_6_2(nsx_version): diff --git a/vmware_nsx/plugins/nsx_v3/plugin.py b/vmware_nsx/plugins/nsx_v3/plugin.py index 946886cbe2..0f14938f4e 100644 --- a/vmware_nsx/plugins/nsx_v3/plugin.py +++ b/vmware_nsx/plugins/nsx_v3/plugin.py @@ -280,7 +280,7 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin, self._mac_learning_profile = None # Only create MAC Learning profile when nsxv3 version >= 1.1.0 - if utils.is_nsx_version_1_1_0(self._nsx_version): + if self.nsxlib.feature_supported(nsxlib_consts.FEATURE_MAC_LEARNING): LOG.debug("Initializing NSX v3 Mac Learning switching profile") try: self._init_mac_learning_profile() @@ -1572,12 +1572,15 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin, add_to_exclude_list = False if self._is_excluded_port(device_owner, psec_is_on): - if utils.is_nsx_version_2_0_0(self._nsx_version): + if self.nsxlib.feature_supported( + nsxlib_consts.FEATURE_EXCLUDE_PORT_BY_TAG): tags.append({'scope': security.PORT_SG_SCOPE, 'tag': nsxlib_consts.EXCLUDE_PORT}) else: add_to_exclude_list = True - elif utils.is_nsx_version_1_1_0(self._nsx_version): + + elif self.nsxlib.feature_supported( + nsxlib_consts.FEATURE_DYNAMIC_CRITERIA): # If port has no security-groups then we don't need to add any # security criteria tag. if port_data[ext_sg.SECURITYGROUPS]: @@ -2117,7 +2120,8 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin, {'id': neutron_db['id'], 'e': e}) self._cleanup_port(context, neutron_db['id'], None) - if not utils.is_nsx_version_1_1_0(self._nsx_version): + if not self.nsxlib.feature_supported( + nsxlib_consts.FEATURE_DYNAMIC_CRITERIA): try: self._update_lport_with_security_groups( context, lport['id'], [], sgids or []) @@ -2195,11 +2199,13 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin, _net_id, nsx_port_id = nsx_db.get_nsx_switch_and_port_id( context.session, port_id) self.nsxlib.logical_port.delete(nsx_port_id) - if not utils.is_nsx_version_1_1_0(self._nsx_version): + if not self.nsxlib.feature_supported( + nsxlib_consts.FEATURE_DYNAMIC_CRITERIA): self._update_lport_with_security_groups( context, nsx_port_id, port.get(ext_sg.SECURITYGROUPS, []), []) - if (not utils.is_nsx_version_2_0_0(self._nsx_version) and + if (not self.nsxlib.feature_supported( + nsxlib_consts.FEATURE_EXCLUDE_PORT_BY_TAG) and self._is_excluded_port(port.get('device_owner'), port.get('port_security_enabled'))): fs = self.nsxlib.firewall_section @@ -2342,7 +2348,8 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin, original_excluded = self._is_excluded_port(original_device_owner, original_ps) if updated_excluded != original_excluded: - if utils.is_nsx_version_2_0_0(self._nsx_version): + if self.nsxlib.feature_supported( + nsxlib_consts.FEATURE_EXCLUDE_PORT_BY_TAG): if updated_excluded: tags_update.append({'scope': security.PORT_SG_SCOPE, 'tag': nsxlib_consts.EXCLUDE_PORT}) @@ -2358,7 +2365,8 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin, fs.remove_member_from_fw_exclude_list( lport_id, nsxlib_consts.TARGET_TYPE_LOGICAL_PORT) - if utils.is_nsx_version_1_1_0(self._nsx_version): + if self.nsxlib.feature_supported( + nsxlib_consts.FEATURE_DYNAMIC_CRITERIA): tags_update += self.nsxlib.ns_group.get_lport_tags( updated_port.get(ext_sg.SECURITYGROUPS, []) + updated_port.get(provider_sg.PROVIDER_SECURITYGROUPS, [])) @@ -3360,7 +3368,8 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin, project_name=secgroup['tenant_id']) name = self.nsxlib.ns_group.get_name(secgroup) - if utils.is_nsx_version_1_1_0(self._nsx_version): + if self.nsxlib.feature_supported( + nsxlib_consts.FEATURE_DYNAMIC_CRITERIA): tag_expression = ( self.nsxlib.ns_group.get_port_tag_expression( security.PORT_SG_SCOPE, secgroup['id'])) diff --git a/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py b/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py index 866ea72417..89711a8c98 100644 --- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py +++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py @@ -20,7 +20,6 @@ from neutron_lib.callbacks import registry from neutron_lib import context as neutron_context from oslo_log import log as logging -from vmware_nsx.common import utils from vmware_nsx.db import db as nsx_db from vmware_nsx.db import nsx_models from vmware_nsx.extensions import providersecuritygroup as provider_sg @@ -221,7 +220,7 @@ def fix_security_groups(resource, event, trigger, **kwargs): context_, sg_id, nsgroup['id'], fw_section['id']) # If version > 1.1 then we use dynamic criteria tags, and the port # should already have them. - if not utils.is_nsx_version_1_1_0(plugin._nsx_version): + if not nsxlib.feature_supported(consts.FEATURE_DYNAMIC_CRITERIA): members = [] for port_id in neutron_sg.get_ports_in_security_group(sg_id): lport_id = neutron_sg.get_logical_port_id(port_id) @@ -279,7 +278,7 @@ def _update_security_group_dynamic_criteria(): @admin_utils.output_header def migrate_nsgroups_to_dynamic_criteria(resource, event, trigger, **kwargs): - if not utils.is_nsx_version_1_1_0(nsxlib.get_version()): + if not nsxlib.feature_supported(consts.FEATURE_DYNAMIC_CRITERIA): LOG.error("Dynamic criteria grouping feature isn't supported by " "this NSX version.") return diff --git a/vmware_nsx/tests/unit/extensions/test_securitygroup.py b/vmware_nsx/tests/unit/extensions/test_securitygroup.py index b978ea894d..a95bc1a530 100644 --- a/vmware_nsx/tests/unit/extensions/test_securitygroup.py +++ b/vmware_nsx/tests/unit/extensions/test_securitygroup.py @@ -17,8 +17,8 @@ import mock from neutron.extensions import securitygroup as ext_sg from neutron.tests.unit.extensions import test_securitygroup as test_ext_sg -from vmware_nsx.plugins.nsx_v3 import plugin as nsx_plugin from vmware_nsx.tests.unit.nsx_v3 import test_plugin as test_nsxv3 +from vmware_nsxlib import v3 as nsxlib from vmware_nsxlib.v3 import exceptions as nsxlib_exc from vmware_nsxlib.v3 import nsx_constants as consts @@ -65,9 +65,8 @@ class TestSecurityGroupsNoDynamicCriteria(test_nsxv3.NsxV3PluginTestCaseMixin, def setUp(self): super(TestSecurityGroupsNoDynamicCriteria, self).setUp() - mock_nsx_version = mock.patch.object(nsx_plugin.utils, - 'is_nsx_version_1_1_0', - new=lambda v: False) + mock_nsx_version = mock.patch.object( + nsxlib.NsxLib, 'feature_supported', return_value=False) mock_nsx_version.start() self._patchers.append(mock_nsx_version)