Browse Source

Remove tempest plugin

These test cases has been moved to neutron-tempest-plugin repository.

This commit also includes the following unrelated change
to pass the gate.
----------------------------------------
Remove FWaaS v1 support

As it has been removed in neutron-fwaas. [1]

Also, remove logging_resource as it's only useful with FWaaS v1.

[1] I4e440c854e5aa11193d38946e659481f4fefded2

Partial-Bug: #1814625
Change-Id: I977d46722fc61e3ca160a08dc77754393111e887
----------------------------------------

Ref: https://midonet.atlassian.net/browse/MNA-1192
Closes-Bug: #1743497
Depends-On: I04fe57630d902f9aae3bb3405619d89c837a8564
Change-Id: I77fadee48396f7590749aee142d494b5a6fe4554
tags/8.0.0.0b1
YAMAMOTO Takashi 1 year ago
parent
commit
703097b39b
59 changed files with 47 additions and 3489 deletions
  1. 0
    9
      .zuul.yaml
  2. 0
    232
      api-ref/source/conf.py
  3. 0
    204
      api-ref/source/firewall_log.inc
  4. 0
    10
      api-ref/source/index.rst
  5. 0
    193
      api-ref/source/logging_resource.inc
  6. 0
    135
      api-ref/source/parameters.yaml
  7. 0
    7
      api-ref/source/samples/firewall_log/firewall_log-create-request.json
  8. 0
    11
      api-ref/source/samples/firewall_log/firewall_log-create-response.json
  9. 0
    11
      api-ref/source/samples/firewall_log/firewall_log-show-response.json
  10. 0
    6
      api-ref/source/samples/firewall_log/firewall_log-update-request.json
  11. 0
    11
      api-ref/source/samples/firewall_log/firewall_log-update-response.json
  12. 0
    22
      api-ref/source/samples/firewall_log/firewall_logs-list-response.json
  13. 0
    7
      api-ref/source/samples/logging_resource/logging_resource-create-request.json
  14. 0
    11
      api-ref/source/samples/logging_resource/logging_resource-create-response.json
  15. 0
    11
      api-ref/source/samples/logging_resource/logging_resource-show-response.json
  16. 0
    6
      api-ref/source/samples/logging_resource/logging_resource-update-request.json
  17. 0
    11
      api-ref/source/samples/logging_resource/logging_resource-update-response.json
  18. 0
    22
      api-ref/source/samples/logging_resource/logging_resources-list-response.json
  19. 0
    22
      devstack/README.rst
  20. 1
    10
      devstack/ci/gate_hook.sh
  21. 0
    1
      devstack/ci/hooks/tempest_plugins_advsvc
  22. 0
    1
      devstack/ci/hooks/tempest_plugins_base
  23. 0
    3
      devstack/ml2/local.conf.sample
  24. 0
    3
      devstack/settings
  25. 0
    53
      doc/source/contributor/firewall.rst
  26. 0
    8
      doc/source/contributor/index.rst
  27. 0
    33
      doc/source/install/installation.rst
  28. 0
    6
      doc/source/user/features.rst
  29. 0
    21
      etc/policy.json
  30. 0
    210
      midonet/neutron/db/logging_resource_db.py
  31. 0
    54
      midonet/neutron/db/logging_resource_model.py
  32. 1
    1
      midonet/neutron/db/migration/alembic_migration/versions/CONTRACT_HEAD
  33. 32
    0
      midonet/neutron/db/migration/alembic_migration/versions/stein/contract/f5dfd5cefbc7_drop_fwaas_v1_and_logging_resource.py
  34. 0
    1
      midonet/neutron/db/migration/models/head.py
  35. 0
    164
      midonet/neutron/extensions/logging_resource.py
  36. 0
    0
      midonet/neutron/services/firewall/__init__.py
  37. 0
    146
      midonet/neutron/services/firewall/plugin.py
  38. 0
    0
      midonet/neutron/services/logging_resource/__init__.py
  39. 0
    180
      midonet/neutron/services/logging_resource/plugin.py
  40. 0
    0
      midonet/neutron/tests/tempest/__init__.py
  41. 0
    37
      midonet/neutron/tests/tempest/plugin.py
  42. 0
    0
      midonet/neutron/tests/tempest/tests/__init__.py
  43. 0
    0
      midonet/neutron/tests/tempest/tests/api/__init__.py
  44. 0
    120
      midonet/neutron/tests/tempest/tests/api/test_router_interface_fip.py
  45. 0
    0
      midonet/neutron/tests/tempest/tests/scenario/__init__.py
  46. 0
    231
      midonet/neutron/tests/tempest/tests/scenario/test_bgp.py
  47. 0
    92
      midonet/neutron/tests/tempest/tests/scenario/test_fip64.py
  48. 0
    3
      midonet/neutron/tests/unit/db/test_migrations.py
  49. 0
    137
      midonet/neutron/tests/unit/neutronclient_ext/test_cli20_firewall_log.py
  50. 0
    138
      midonet/neutron/tests/unit/neutronclient_ext/test_cli20_logging_resource.py
  51. 0
    158
      midonet/neutron/tests/unit/test_extension_fwaas.py
  52. 0
    494
      midonet/neutron/tests/unit/test_extension_logging_resource.py
  53. 0
    0
      midonet/neutronclient/logging_resource_extension/__init__.py
  54. 0
    112
      midonet/neutronclient/logging_resource_extension/_firewall_log.py
  55. 0
    113
      midonet/neutronclient/logging_resource_extension/_logging_resource.py
  56. 12
    0
      releasenotes/notes/drop-fwaas-v1-and-logging_resource-d4c23094ebdeb625.yaml
  57. 0
    6
      setup.cfg
  58. 0
    4
      test-requirements.txt
  59. 1
    8
      tox.ini

+ 0
- 9
.zuul.yaml View File

@@ -70,7 +70,6 @@
70 70
               - ^specs/.*$
71 71
         - openstack-tox-pep8:
72 72
             required-projects:
73
-              - openstack/neutron-fwaas
74 73
               - openstack/neutron-vpnaas
75 74
               - openstack/neutron-lbaas
76 75
               - openstack/neutron-dynamic-routing
@@ -78,7 +77,6 @@
78 77
               - openstack/tap-as-a-service
79 78
         - openstack-tox-py27:
80 79
             required-projects:
81
-              - openstack/neutron-fwaas
82 80
               - openstack/neutron-vpnaas
83 81
               - openstack/neutron-lbaas
84 82
               - openstack/neutron-dynamic-routing
@@ -86,7 +84,6 @@
86 84
               - openstack/tap-as-a-service
87 85
         - openstack-tox-py35:
88 86
             required-projects:
89
-              - openstack/neutron-fwaas
90 87
               - openstack/neutron-vpnaas
91 88
               - openstack/neutron-lbaas
92 89
               - openstack/neutron-dynamic-routing
@@ -94,7 +91,6 @@
94 91
               - openstack/tap-as-a-service
95 92
         - openstack-tox-py36:
96 93
             required-projects:
97
-              - openstack/neutron-fwaas
98 94
               - openstack/neutron-vpnaas
99 95
               - openstack/neutron-lbaas
100 96
               - openstack/neutron-dynamic-routing
@@ -103,7 +99,6 @@
103 99
         - openstack-tox-cover:
104 100
             required-projects:
105 101
               - openstack/neutron
106
-              - openstack/neutron-fwaas
107 102
               - openstack/neutron-vpnaas
108 103
               - openstack/neutron-lbaas
109 104
               - openstack/neutron-dynamic-routing
@@ -127,7 +122,6 @@
127 122
               - ^specs/.*$
128 123
         - openstack-tox-pep8:
129 124
             required-projects:
130
-              - openstack/neutron-fwaas
131 125
               - openstack/neutron-vpnaas
132 126
               - openstack/neutron-lbaas
133 127
               - openstack/neutron-dynamic-routing
@@ -135,7 +129,6 @@
135 129
               - openstack/tap-as-a-service
136 130
         - openstack-tox-py27:
137 131
             required-projects:
138
-              - openstack/neutron-fwaas
139 132
               - openstack/neutron-vpnaas
140 133
               - openstack/neutron-lbaas
141 134
               - openstack/neutron-dynamic-routing
@@ -143,7 +136,6 @@
143 136
               - openstack/tap-as-a-service
144 137
         - openstack-tox-py35:
145 138
             required-projects:
146
-              - openstack/neutron-fwaas
147 139
               - openstack/neutron-vpnaas
148 140
               - openstack/neutron-lbaas
149 141
               - openstack/neutron-dynamic-routing
@@ -151,7 +143,6 @@
151 143
               - openstack/tap-as-a-service
152 144
         - openstack-tox-py36:
153 145
             required-projects:
154
-              - openstack/neutron-fwaas
155 146
               - openstack/neutron-vpnaas
156 147
               - openstack/neutron-lbaas
157 148
               - openstack/neutron-dynamic-routing

+ 0
- 232
api-ref/source/conf.py View File

@@ -1,232 +0,0 @@
1
-# -*- coding: utf-8 -*-
2
-#
3
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
4
-# not use this file except in compliance with the License. You may obtain
5
-# a copy of the License at
6
-#
7
-#    http://www.apache.org/licenses/LICENSE-2.0
8
-#
9
-# Unless required by applicable law or agreed to in writing, software
10
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12
-# License for the specific language governing permissions and limitations
13
-# under the License.
14
-#
15
-# networking-midonet documentation build configuration file, created by
16
-# sphinx-quickstart on Sat May  1 15:17:47 2010.
17
-#
18
-# This file is execfile()d with the current directory set to
19
-# its containing dir.
20
-#
21
-# Note that not all possible configuration values are present in this
22
-# autogenerated file.
23
-#
24
-# All configuration values have a default; values that are commented out
25
-# serve to show the default.
26
-
27
-import os
28
-import subprocess
29
-import sys
30
-import warnings
31
-
32
-import openstackdocstheme
33
-
34
-html_theme = 'openstackdocs'
35
-html_theme_path = [openstackdocstheme.get_html_theme_path()]
36
-html_theme_options = {
37
-    "sidebar_mode": "toc",
38
-}
39
-
40
-extensions = [
41
-    'os_api_ref',
42
-]
43
-
44
-# If extensions (or modules to document with autodoc) are in another directory,
45
-# add these directories to sys.path here. If the directory is relative to the
46
-# documentation root, use os.path.abspath to make it absolute, like shown here.
47
-sys.path.insert(0, os.path.abspath('../../'))
48
-sys.path.insert(0, os.path.abspath('../'))
49
-sys.path.insert(0, os.path.abspath('./'))
50
-
51
-# -- General configuration ----------------------------------------------------
52
-
53
-# Add any Sphinx extension module names here, as strings. They can be
54
-# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
55
-
56
-# The suffix of source filenames.
57
-source_suffix = '.rst'
58
-
59
-# The encoding of source files.
60
-#
61
-# source_encoding = 'utf-8'
62
-
63
-# The master toctree document.
64
-master_doc = 'index'
65
-
66
-# General information about the project.
67
-project = u'Networking MidoNet API Reference'
68
-copyright = u'2010-present, OpenStack Foundation'
69
-
70
-# The version info for the project you're documenting, acts as replacement for
71
-# |version| and |release|, also used in various other places throughout the
72
-# built documents.
73
-#
74
-# from neutron.version import version_info
75
-# The full version, including alpha/beta/rc tags.
76
-# release = version_info.release_string()
77
-release = '1.0.0'
78
-# The short X.Y version.
79
-# version = version_info.version_string()
80
-version = '1.0.0.'
81
-
82
-# The language for content autogenerated by Sphinx. Refer to documentation
83
-# for a list of supported languages.
84
-#
85
-# language = None
86
-
87
-# There are two options for replacing |today|: either, you set today to some
88
-# non-false value, then it is used:
89
-# today = ''
90
-# Else, today_fmt is used as the format for a strftime call.
91
-# today_fmt = '%B %d, %Y'
92
-
93
-# The reST default role (used for this markup: `text`) to use
94
-# for all documents.
95
-# default_role = None
96
-
97
-# If true, '()' will be appended to :func: etc. cross-reference text.
98
-# add_function_parentheses = True
99
-
100
-# If true, the current module name will be prepended to all description
101
-# unit titles (such as .. function::).
102
-add_module_names = False
103
-
104
-# If true, sectionauthor and moduleauthor directives will be shown in the
105
-# output. They are ignored by default.
106
-show_authors = False
107
-
108
-# The name of the Pygments (syntax highlighting) style to use.
109
-pygments_style = 'sphinx'
110
-
111
-# -- Options for man page output ----------------------------------------------
112
-
113
-# Grouping the document tree for man pages.
114
-# List of tuples 'sourcefile', 'target', u'title', u'Authors name', 'manual'
115
-
116
-
117
-# -- Options for HTML output --------------------------------------------------
118
-
119
-# The theme to use for HTML and HTML Help pages.  Major themes that come with
120
-# Sphinx are currently 'default' and 'sphinxdoc'.
121
-# html_theme_path = ["."]
122
-# html_theme = '_theme'
123
-
124
-# Theme options are theme-specific and customize the look and feel of a theme
125
-# further.  For a list of options available for each theme, see the
126
-# documentation.
127
-# html_theme_options = {}
128
-
129
-# Add any paths that contain custom themes here, relative to this directory.
130
-# html_theme_path = []
131
-
132
-# The name for this set of Sphinx documents.  If None, it defaults to
133
-# "<project> v<release> documentation".
134
-# html_title = None
135
-
136
-# A shorter title for the navigation bar.  Default is the same as html_title.
137
-# html_short_title = None
138
-
139
-# The name of an image file (relative to this directory) to place at the top
140
-# of the sidebar.
141
-# html_logo = None
142
-
143
-# The name of an image file (within the static path) to use as favicon of the
144
-# docs.  This file should be a Windows icon file (.ico) being 16x16 or 32x32
145
-# pixels large.
146
-# html_favicon = None
147
-
148
-# Add any paths that contain custom static files (such as style sheets) here,
149
-# relative to this directory. They are copied after the builtin static files,
150
-# so a file named "default.css" will overwrite the builtin "default.css".
151
-# html_static_path = ['_static']
152
-
153
-# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
154
-# using the given strftime format.
155
-# html_last_updated_fmt = '%b %d, %Y'
156
-git_cmd = ["git", "log", "--pretty=format:'%ad, commit %h'", "--date=local",
157
-           "-n1"]
158
-try:
159
-    html_last_updated_fmt = subprocess.check_output(git_cmd).decode('utf-8')
160
-
161
-except Exception:
162
-    warnings.warn('Cannot get last updated time from git repository. '
163
-                  'Not setting "html_last_updated_fmt".')
164
-
165
-# If true, SmartyPants will be used to convert quotes and dashes to
166
-# typographically correct entities.
167
-# html_use_smartypants = True
168
-
169
-# Custom sidebar templates, maps document names to template names.
170
-# html_sidebars = {}
171
-
172
-# Additional templates that should be rendered to pages, maps page names to
173
-# template names.
174
-# html_additional_pages = {}
175
-
176
-# If false, no module index is generated.
177
-# html_use_modindex = True
178
-
179
-# If false, no index is generated.
180
-# html_use_index = True
181
-
182
-# If true, the index is split into individual pages for each letter.
183
-# html_split_index = False
184
-
185
-# If true, links to the reST sources are added to the pages.
186
-# html_show_sourcelink = True
187
-
188
-# If true, an OpenSearch description file will be output, and all pages will
189
-# contain a <link> tag referring to it.  The value of this option must be the
190
-# base URL from which the finished HTML is served.
191
-# html_use_opensearch = ''
192
-
193
-# If nonempty, this is the file name suffix for HTML files (e.g. ".xhtml").
194
-# html_file_suffix = ''
195
-
196
-# Output file base name for HTML help builder.
197
-htmlhelp_basename = 'networkingmidonetdoc'
198
-
199
-
200
-# -- Options for LaTeX output -------------------------------------------------
201
-
202
-# The paper size ('letter' or 'a4').
203
-# latex_paper_size = 'letter'
204
-
205
-# The font size ('10pt', '11pt' or '12pt').
206
-# latex_font_size = '10pt'
207
-
208
-# Grouping the document tree into LaTeX files. List of tuples
209
-# (source start file, target name, title, author, documentclass
210
-# [howto/manual]).
211
-latex_documents = [
212
-    ('index', 'NetworkingMidonet.tex',
213
-     u'OpenStack Networking MidoNet API Documentation',
214
-     u'OpenStack Foundation', 'manual'),
215
-]
216
-
217
-# The name of an image file (relative to this directory) to place at the top of
218
-# the title page.
219
-# latex_logo = None
220
-
221
-# For "manual" documents, if this is true, then toplevel headings are parts,
222
-# not chapters.
223
-# latex_use_parts = False
224
-
225
-# Additional stuff for the LaTeX preamble.
226
-# latex_preamble = ''
227
-
228
-# Documents to append as an appendix to all manuals.
229
-# latex_appendices = []
230
-
231
-# If false, no module index is generated.
232
-# latex_use_modindex = True

+ 0
- 204
api-ref/source/firewall_log.inc View File

@@ -1,204 +0,0 @@
1
-.. -*- rst -*-
2
-.. needs:method_verification
3
-.. needs:parameter_verification
4
-.. needs:example_verification
5
-.. needs:body_verification
6
-
7
-===============
8
- Firewall Logs
9
-===============
10
-
11
-Lists, shows information for, creates, updates and deletes firewall logs.
12
-
13
-List Firewall Logs
14
-==================
15
-
16
-.. rest_method:: GET /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs.json
17
-
18
-Lists firewall logs.
19
-
20
-Normal response codes: 200
21
-
22
-Error response codes: unauthorized(401), forbidden(403)
23
-
24
-Request
25
--------
26
-
27
-.. rest_parameters:: parameters.yaml
28
-
29
-  - logging_resource_id: logging_resource_id
30
-
31
-Response
32
---------
33
-
34
-.. rest_parameters:: parameters.yaml
35
-
36
-  - logging_resource_id: logging_resource_id-body
37
-  - id: firewall_log_id-body
38
-  - tenant_id: project_id
39
-  - project_id: project_id
40
-  - description: description
41
-  - fw_event: fw_event
42
-  - firewall_id: firewall_id
43
-
44
-Response Example
45
-----------------
46
-
47
-.. literalinclude:: samples/firewall_log/firewall_logs-list-response.json
48
-   :language: javascript
49
-
50
-Create Firewall Log
51
-===================
52
-
53
-.. rest_method:: POST /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs.json
54
-
55
-Creates a firewall log.
56
-
57
-Normal response codes: 200
58
-
59
-Error response codes: badRequest(400), unauthorized(401), forbidden(403)
60
-
61
-Request
62
--------
63
-
64
-.. rest_parameters:: parameters.yaml
65
-
66
-  - logging_resource_id: logging_resource_id
67
-  - tenant_id: project_id-request
68
-  - project_id: project_id-request
69
-  - description: description-request
70
-  - fw_event: fw_event-request
71
-  - firewall_id: firewall_id
72
-
73
-Request Example
74
----------------
75
-
76
-.. literalinclude:: samples/firewall_log/firewall_log-create-request.json
77
-   :language: javascript
78
-
79
-Response
80
---------
81
-
82
-.. rest_parameters:: parameters.yaml
83
-
84
-  - logging_resource_id: logging_resource_id-body
85
-  - id: firewall_log_id-body
86
-  - tenant_id: project_id
87
-  - project_id: project_id
88
-  - description: description
89
-  - fw_event: fw_event
90
-  - firewall_id: firewall_id
91
-
92
-Response Example
93
-----------------
94
-
95
-.. literalinclude:: samples/firewall_log/firewall_log-create-response.json
96
-   :language: javascript
97
-
98
-Show Firewall Log Details
99
-=========================
100
-
101
-.. rest_method:: GET /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs/{firewall_log_id}.json
102
-
103
-Shows details for a firewall log.
104
-
105
-Normal response codes: 200
106
-
107
-Error response codes: badRequest(400), unauthorized(401), forbidden(403), itemNotFound(404)
108
-
109
-Request
110
--------
111
-
112
-.. rest_parameters:: parameters.yaml
113
-
114
-  - logging_resource_id: logging_resource_id
115
-  - firewall_log_id: firewall_log_id
116
-
117
-Response
118
---------
119
-
120
-.. rest_parameters:: parameters.yaml
121
-
122
-  - logging_resource_id: logging_resource_id-body
123
-  - id: firewall_log_id-body
124
-  - tenant_id: project_id
125
-  - project_id: project_id
126
-  - description: description
127
-  - fw_event: fw_event
128
-  - firewall_id: firewall_id
129
-
130
-Response Example
131
-----------------
132
-
133
-.. literalinclude:: samples/firewall_log/firewall_log-show-response.json
134
-   :language: javascript
135
-
136
-Update Firewall Log
137
-===================
138
-
139
-.. rest_method:: PUT /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs/{firewall_log_id}.json
140
-
141
-Updates a firewall log.
142
-
143
-Normal response codes: 200
144
-
145
-Error response codes: badRequest(400), unauthorized(401), forbidden(403), itemNotFound(404)
146
-
147
-Request
148
--------
149
-
150
-.. rest_parameters:: parameters.yaml
151
-
152
-  - logging_resource_id: logging_resource_id
153
-  - firewall_log_id: firewall_log_id
154
-  - description: description-request-put
155
-  - fw_event: fw_event-request-put
156
-
157
-Request Example
158
-----------------
159
-
160
-.. literalinclude:: samples/firewall_log/firewall_log-update-request.json
161
-   :language: javascript
162
-
163
-Response
164
---------
165
-
166
-.. rest_parameters:: parameters.yaml
167
-
168
-  - logging_resource_id: logging_resource_id-body
169
-  - id: firewall_log_id-body
170
-  - tenant_id: project_id
171
-  - project_id: project_id
172
-  - description: description
173
-  - fw_event: fw_event
174
-  - firewall_id: firewall_id
175
-
176
-Response Example
177
-----------------
178
-
179
-.. literalinclude:: samples/firewall_log/firewall_log-update-response.json
180
-   :language: javascript
181
-
182
-Delete Firewall Log
183
-===================
184
-
185
-.. rest_method:: DELETE /v2.0/logging/logging_resources/{logging_resource_id}/firewall_logs/{firewall_log_id}.json
186
-
187
-Deletes a firewall log.
188
-
189
-Normal response codes: 202
190
-
191
-Error response codes: badRequest(400), unauthorized(401), forbidden(403), itemNotFound(404)
192
-
193
-Request
194
--------
195
-
196
-.. rest_parameters:: parameters.yaml
197
-
198
-  - logging_resource_id: logging_resource_id
199
-  - firewall_log_id: firewall_log_id
200
-
201
-Response
202
---------
203
-
204
-There is no body content for the response of a successful Delete request.

+ 0
- 10
api-ref/source/index.rst View File

@@ -1,10 +0,0 @@
1
-:tocdepth: 2
2
-
3
-========================
4
- Networking MidoNet API
5
-========================
6
-
7
-.. rest_expand_all::
8
-
9
-.. include:: firewall_log.inc
10
-.. include:: logging_resource.inc

+ 0
- 193
api-ref/source/logging_resource.inc View File

@@ -1,193 +0,0 @@
1
-.. -*- rst -*-
2
-.. needs:method_verification
3
-.. needs:parameter_verification
4
-.. needs:example_verification
5
-.. needs:body_verification
6
-
7
-===================
8
- Logging Resources
9
-===================
10
-
11
-Lists, shows information for, creates, updates and deletes logging resources.
12
-
13
-List Logging Resources
14
-======================
15
-
16
-.. rest_method:: GET /v2.0/logging/logging_resources.json
17
-
18
-Lists logging resources.
19
-
20
-Normal response codes: 200
21
-
22
-Error response codes: unauthorized(401), forbidden(403)
23
-
24
-Request
25
--------
26
-
27
-Response
28
---------
29
-
30
-.. rest_parameters:: parameters.yaml
31
-
32
-  - id: logging_resource_id-body
33
-  - tenant_id: project_id
34
-  - project_id: project_id
35
-  - name: name
36
-  - description: description
37
-  - enabled: logging_resource_enabled
38
-
39
-Response Example
40
-----------------
41
-
42
-.. literalinclude:: samples/logging_resource/logging_resources-list-response.json
43
-   :language: javascript
44
-
45
-Create Logging Resource
46
-=======================
47
-
48
-.. rest_method:: POST /v2.0/logging/logging_resources.json
49
-
50
-Creates a logging resource.
51
-
52
-Normal response codes: 200
53
-
54
-Error response codes: badRequest(400), unauthorized(401), forbidden(403)
55
-
56
-Request
57
--------
58
-
59
-.. rest_parameters:: parameters.yaml
60
-
61
-  - tenant_id: project_id-request
62
-  - project_id: project_id-request
63
-  - name: name-request
64
-  - description: description-request
65
-  - enabled: logging_resource_enabled-request
66
-
67
-Request Example
68
----------------
69
-
70
-.. literalinclude:: samples/logging_resource/logging_resource-create-request.json
71
-   :language: javascript
72
-
73
-Response
74
---------
75
-
76
-.. rest_parameters:: parameters.yaml
77
-
78
-  - id: logging_resource_id-body
79
-  - tenant_id: project_id
80
-  - project_id: project_id
81
-  - name: name
82
-  - description: description
83
-  - enabled: logging_resource_enabled
84
-
85
-Response Example
86
-----------------
87
-
88
-.. literalinclude:: samples/logging_resource/logging_resource-create-response.json
89
-   :language: javascript
90
-
91
-Show Logging Resource Details
92
-=============================
93
-
94
-.. rest_method:: GET /v2.0/logging/logging_resources/{logging_resource_id}.json
95
-
96
-Shows details for a logging resource.
97
-
98
-Normal response codes: 200
99
-
100
-Error response codes: badRequest(400), unauthorized(401), forbidden(403), itemNotFound(404)
101
-
102
-Request
103
--------
104
-
105
-.. rest_parameters:: parameters.yaml
106
-
107
-  - logging_resource_id: logging_resource_id
108
-
109
-Response
110
---------
111
-
112
-.. rest_parameters:: parameters.yaml
113
-
114
-  - id: logging_resource_id-body
115
-  - tenant_id: project_id
116
-  - project_id: project_id
117
-  - name: name
118
-  - description: description
119
-  - enabled: logging_resource_enabled
120
-
121
-Response Example
122
-----------------
123
-
124
-.. literalinclude:: samples/logging_resource/logging_resource-show-response.json
125
-   :language: javascript
126
-
127
-Update Logging Resource
128
-=======================
129
-
130
-.. rest_method:: PUT /v2.0/logging/logging_resources/{logging_resource_id}.json
131
-
132
-Updates a logging resource.
133
-
134
-Normal response codes: 200
135
-
136
-Error response codes: badRequest(400), unauthorized(401), forbidden(403), itemNotFound(404)
137
-
138
-Request
139
--------
140
-
141
-.. rest_parameters:: parameters.yaml
142
-
143
-  - logging_resource_id: logging_resource_id
144
-  - name: name-request-put
145
-  - description: description-request-put
146
-  - enabled: logging_resource_enabled-request-put
147
-
148
-Request Example
149
-----------------
150
-
151
-.. literalinclude:: samples/logging_resource/logging_resource-update-request.json
152
-   :language: javascript
153
-
154
-Response
155
---------
156
-
157
-.. rest_parameters:: parameters.yaml
158
-
159
-  - id: logging_resource_id-body
160
-  - tenant_id: project_id
161
-  - project_id: project_id
162
-  - name: name
163
-  - description: description
164
-  - enabled: logging_resource_enabled
165
-
166
-Response Example
167
-----------------
168
-
169
-.. literalinclude:: samples/logging_resource/logging_resource-update-response.json
170
-   :language: javascript
171
-
172
-Delete Logging Resource
173
-=======================
174
-
175
-.. rest_method:: DELETE /v2.0/logging/logging_resources/{logging_resource_id}.json
176
-
177
-Deletes a logging resource.
178
-
179
-Normal response codes: 202
180
-
181
-Error response codes: badRequest(400), unauthorized(401), forbidden(403), itemNotFound(404)
182
-
183
-Request
184
--------
185
-
186
-.. rest_parameters:: parameters.yaml
187
-
188
-  - logging_resource_id: logging_resource_id
189
-
190
-Response
191
---------
192
-
193
-There is no body content for the response of a successful Delete request.

+ 0
- 135
api-ref/source/parameters.yaml View File

@@ -1,135 +0,0 @@
1
-# variables in header
2
-
3
-# variables in path
4
-
5
-firewall_log_id:
6
-  description: |
7
-    The ID of the firewall log resource.
8
-  in: path
9
-  required: true
10
-  type: uuid
11
-logging_resource_id:
12
-  description: |
13
-    The ID of the logging resource.
14
-  in: path
15
-  required: true
16
-  type: uuid
17
-
18
-# variables in query
19
-
20
-# variables in body
21
-description:
22
-  description: |
23
-    The human-readable description for the resource.
24
-  in: body
25
-  required: true
26
-  type: string
27
-description-request:
28
-  description: |
29
-    The human-readable description for the resource.
30
-    Default is an empty string.
31
-  in: body
32
-  required: false
33
-  type: string
34
-description-request-put:
35
-  description: |
36
-    The human-readable description for the resource.
37
-  in: body
38
-  required: false
39
-  type: string
40
-firewall_id:
41
-  description: |
42
-    The ID of the FWaaS v1 firewall.
43
-  in: body
44
-  required: true
45
-  type: uuid
46
-firewall_log_id-body:
47
-  description: |
48
-    The ID of the firewall log resource.
49
-  in: body
50
-  required: true
51
-  type: uuid
52
-fw_event:
53
-  description: |
54
-    Type of firewall events to log.
55
-    ACCEPT, DROP, or ALL.
56
-  in: body
57
-  required: true
58
-  type: string
59
-fw_event-request:
60
-  description: |
61
-    Type of firewall events to log.
62
-    ACCEPT, DROP, or ALL.
63
-    Default is ALL.
64
-  in: body
65
-  required: false
66
-  type: string
67
-fw_event-request-put:
68
-  description: |
69
-    Type of firewall events to log.
70
-    ACCEPT, DROP, or ALL.
71
-  in: body
72
-  required: false
73
-  type: string
74
-id:
75
-  description: |
76
-    The ID of the resource.
77
-  in: body
78
-  required: true
79
-  type: uuid
80
-logging_resource_enabled:
81
-  description: |
82
-    Indicates whether this logging resource is enabled or disabled.
83
-  in: body
84
-  required: true
85
-  type: boolean
86
-logging_resource_enabled-request:
87
-  description: |
88
-    Indicates whether this logging resource is enabled or disabled.
89
-    Default is false.
90
-  in: body
91
-  required: false
92
-  type: boolean
93
-logging_resource_enabled-request-put:
94
-  description: |
95
-    Indicates whether this logging resource is enabled or disabled.
96
-  in: body
97
-  required: false
98
-  type: boolean
99
-logging_resource_id-body:
100
-  description: |
101
-    The ID of the logging resource.
102
-  in: body
103
-  required: true
104
-  type: uuid
105
-name:
106
-  description: |
107
-    Human-readable name of the resource.
108
-  in: body
109
-  required: true
110
-  type: string
111
-name-request:
112
-  description: |
113
-    Human-readable name of the resource.
114
-    Default is an empty string.
115
-  in: body
116
-  required: false
117
-  type: string
118
-name-request-put:
119
-  description: |
120
-    Human-readable name of the resource.
121
-  in: body
122
-  required: false
123
-  type: string
124
-project_id:
125
-  description: |
126
-    The ID of the project that owns the resource.
127
-  in: body
128
-  required: true
129
-  type: string
130
-project_id-request:
131
-  description: |
132
-    The ID of the project that owns the resource.
133
-  in: body
134
-  required: false
135
-  type: string

+ 0
- 7
api-ref/source/samples/firewall_log/firewall_log-create-request.json View File

@@ -1,7 +0,0 @@
1
-{
2
-    "firewall_log": {
3
-        "description": "my firewall log",
4
-        "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8",
5
-        "fw_event": "DROP"
6
-    }
7
-}

+ 0
- 11
api-ref/source/samples/firewall_log/firewall_log-create-response.json View File

@@ -1,11 +0,0 @@
1
-{
2
-    "firewall_log": {
3
-        "description": "my firewall log",
4
-        "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8",
5
-        "fw_event": "DROP",
6
-        "id": "deb19331-e5d5-4a80-a37f-5e5ad407b353",
7
-        "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257",
8
-        "project_id": "8d018258316e4f22890561e8780c85bb",
9
-        "tenant_id": "8d018258316e4f22890561e8780c85bb"
10
-    }
11
-}

+ 0
- 11
api-ref/source/samples/firewall_log/firewall_log-show-response.json View File

@@ -1,11 +0,0 @@
1
-{
2
-    "firewall_log": {
3
-        "description": "my firewall log 3",
4
-        "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8",
5
-        "fw_event": "ALL",
6
-        "id": "3969b708-d600-4343-93b9-01645f8e9a8a",
7
-        "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257",
8
-        "project_id": "8d018258316e4f22890561e8780c85bb",
9
-        "tenant_id": "8d018258316e4f22890561e8780c85bb"
10
-    }
11
-}

+ 0
- 6
api-ref/source/samples/firewall_log/firewall_log-update-request.json View File

@@ -1,6 +0,0 @@
1
-{
2
-    "firewall_log": {
3
-        "description": "my firewall log 3",
4
-        "fw_event": "ALL"
5
-    }
6
-}

+ 0
- 11
api-ref/source/samples/firewall_log/firewall_log-update-response.json View File

@@ -1,11 +0,0 @@
1
-{
2
-    "firewall_log": {
3
-        "description": "my firewall log 3",
4
-        "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8",
5
-        "fw_event": "ALL",
6
-        "id": "3969b708-d600-4343-93b9-01645f8e9a8a",
7
-        "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257",
8
-        "project_id": "8d018258316e4f22890561e8780c85bb",
9
-        "tenant_id": "8d018258316e4f22890561e8780c85bb"
10
-    }
11
-}

+ 0
- 22
api-ref/source/samples/firewall_log/firewall_logs-list-response.json View File

@@ -1,22 +0,0 @@
1
-{
2
-    "firewall_logs": [
3
-        {
4
-            "description": "my firewall log 2",
5
-            "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8",
6
-            "fw_event": "ACCEPT",
7
-            "id": "3969b708-d600-4343-93b9-01645f8e9a8a",
8
-            "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257",
9
-            "project_id": "8d018258316e4f22890561e8780c85bb",
10
-            "tenant_id": "8d018258316e4f22890561e8780c85bb"
11
-        },
12
-        {
13
-            "description": "my firewall log",
14
-            "firewall_id": "a6564146-f8b3-49c3-add1-fb213455d5a8",
15
-            "fw_event": "DROP",
16
-            "id": "deb19331-e5d5-4a80-a37f-5e5ad407b353",
17
-            "logging_resource_id": "13b64f3c-20af-4741-b230-658ab7d5b257",
18
-            "project_id": "8d018258316e4f22890561e8780c85bb",
19
-            "tenant_id": "8d018258316e4f22890561e8780c85bb"
20
-        }
21
-    ]
22
-}

+ 0
- 7
api-ref/source/samples/logging_resource/logging_resource-create-request.json View File

@@ -1,7 +0,0 @@
1
-{
2
-    "logging_resource": {
3
-        "description": "my log",
4
-        "enabled": true,
5
-        "name": "log"
6
-    }
7
-}

+ 0
- 11
api-ref/source/samples/logging_resource/logging_resource-create-response.json View File

@@ -1,11 +0,0 @@
1
-{
2
-    "logging_resource": {
3
-        "description": "my log",
4
-        "enabled": true,
5
-        "firewall_logs": [],
6
-        "id": "13b64f3c-20af-4741-b230-658ab7d5b257",
7
-        "name": "log",
8
-        "project_id": "8d018258316e4f22890561e8780c85bb",
9
-        "tenant_id": "8d018258316e4f22890561e8780c85bb"
10
-    }
11
-}

+ 0
- 11
api-ref/source/samples/logging_resource/logging_resource-show-response.json View File

@@ -1,11 +0,0 @@
1
-{
2
-    "logging_resource": {
3
-        "description": "my log",
4
-        "enabled": true,
5
-        "firewall_logs": [],
6
-        "id": "13b64f3c-20af-4741-b230-658ab7d5b257",
7
-        "name": "log",
8
-        "project_id": "8d018258316e4f22890561e8780c85bb",
9
-        "tenant_id": "8d018258316e4f22890561e8780c85bb"
10
-    }
11
-}

+ 0
- 6
api-ref/source/samples/logging_resource/logging_resource-update-request.json View File

@@ -1,6 +0,0 @@
1
-{
2
-    "logging_resource": {
3
-        "description": "my log2",
4
-        "enabled": false
5
-    }
6
-}

+ 0
- 11
api-ref/source/samples/logging_resource/logging_resource-update-response.json View File

@@ -1,11 +0,0 @@
1
-{
2
-    "logging_resource": {
3
-        "description": "my log2",
4
-        "enabled": false,
5
-        "firewall_logs": [],
6
-        "id": "335c7b7d-c4a9-423a-9c24-9f4982f31e24",
7
-        "name": "log2",
8
-        "project_id": "8d018258316e4f22890561e8780c85bb",
9
-        "tenant_id": "8d018258316e4f22890561e8780c85bb"
10
-    }
11
-}

+ 0
- 22
api-ref/source/samples/logging_resource/logging_resources-list-response.json View File

@@ -1,22 +0,0 @@
1
-{
2
-    "logging_resources": [
3
-        {
4
-            "description": "my log",
5
-            "enabled": true,
6
-            "firewall_logs": [],
7
-            "id": "13b64f3c-20af-4741-b230-658ab7d5b257",
8
-            "name": "log",
9
-            "project_id": "8d018258316e4f22890561e8780c85bb",
10
-            "tenant_id": "8d018258316e4f22890561e8780c85bb"
11
-        },
12
-        {
13
-            "description": "my log2",
14
-            "enabled": true,
15
-            "firewall_logs": [],
16
-            "id": "335c7b7d-c4a9-423a-9c24-9f4982f31e24",
17
-            "name": "log2",
18
-            "project_id": "8d018258316e4f22890561e8780c85bb",
19
-            "tenant_id": "8d018258316e4f22890561e8780c85bb"
20
-        }
21
-    ]
22
-}

+ 0
- 22
devstack/README.rst View File

@@ -40,18 +40,6 @@ If you want to use the experimental Tasks based API, set the following::
40 40
     MIDONET_CLIENT=midonet.neutron.client.cluster.MidonetClusterClient
41 41
 
42 42
 
43
-FWaaS
44
------
45
-
46
-MidoNet implements Neutron FWaaS extension API.
47
-To configure it with devstack, make sure the following is defined
48
-in ``local.conf``::
49
-
50
-    enable_plugin neutron-fwaas https://github.com/openstack/neutron-fwaas
51
-    enable_service q-fwaas
52
-    FWAAS_PLUGIN=midonet_firewall
53
-
54
-
55 43
 VPNaaS
56 44
 ------
57 45
 
@@ -110,16 +98,6 @@ when running devstack, make sure the following is defined in ``local.conf``::
110 98
     enable_service q-dr
111 99
 
112 100
 
113
-Logging Resource Service
114
-------------------------
115
-
116
-Starting v5.2, MidoNet implements Neutron Logging Resource Service extension API.
117
-
118
-To configure MidoNet including Logging Resource Service when running devstack,
119
-make sure the following is defined in ``local.conf``::
120
-
121
-    Q_SERVICE_PLUGIN_CLASSES=midonet_logging_resource
122
-
123 101
 QoS
124 102
 ---
125 103
 

+ 1
- 10
devstack/ci/gate_hook.sh View File

@@ -155,15 +155,6 @@ export DEVSTACK_SUBNODE_CONFIG+=$'\n'"enable_service placement-client"
155 155
 export DEVSTACK_SUBNODE_CONFIG+=$'\n'"MIDONET_CREATE_FAKE_UPLINK=False"
156 156
 
157 157
 if [ "${_ADV_SVC}" = "True" ]; then
158
-    # Enable FWaaS
159
-    if [ "${_LEGACY}" = "True" ]; then
160
-        s+=",q-fwaas"
161
-    else
162
-        s+=",neutron-fwaas-v1"
163
-    fi
164
-    export DEVSTACK_LOCAL_CONFIG+=$'\n'"enable_plugin neutron-fwaas https://github.com/openstack/neutron-fwaas"
165
-    export DEVSTACK_LOCAL_CONFIG+=$'\n'"FWAAS_PLUGIN=midonet_firewall"
166
-
167 158
     # Enable VPNaaS
168 159
     # NOTE(yamamoto): neutron-vpnaas devstack plugin doesn't have q- name
169 160
     s+=",neutron-vpnaas"
@@ -256,7 +247,7 @@ r="$r|(?:tempest\.api\.image\..*)"
256 247
 # End list of exclusions.
257 248
 r="$r)"
258 249
 
259
-r="$r^(tempest\.(api|scenario)|neutron_fwaas|neutron_lbaas|neutron_vpnaas|neutron_taas|neutron_tempest_plugin|midonet)\..*$"
250
+r="$r^(tempest\.(api|scenario)|neutron_lbaas|neutron_vpnaas|neutron_taas|neutron_tempest_plugin)\..*$"
260 251
 
261 252
 export DEVSTACK_GATE_TEMPEST_REGEX="$r"
262 253
 export DEVSTACK_GATE_TEMPEST_ALL_PLUGINS=0

+ 0
- 1
devstack/ci/hooks/tempest_plugins_advsvc View File

@@ -1,7 +1,6 @@
1 1
 [[local|localrc]]
2 2
 
3 3
 TEMPEST_PLUGINS="$TEMPEST_PLUGINS /opt/stack/new/neutron-dynamic-routing"
4
-TEMPEST_PLUGINS="$TEMPEST_PLUGINS /opt/stack/new/neutron-fwaas"
5 4
 TEMPEST_PLUGINS="$TEMPEST_PLUGINS /opt/stack/new/neutron-lbaas"
6 5
 TEMPEST_PLUGINS="$TEMPEST_PLUGINS /opt/stack/new/neutron-vpnaas"
7 6
 TEMPEST_PLUGINS="$TEMPEST_PLUGINS /opt/stack/new/tap-as-a-service"

+ 0
- 1
devstack/ci/hooks/tempest_plugins_base View File

@@ -1,4 +1,3 @@
1 1
 [[local|localrc]]
2 2
 
3 3
 TEMPEST_PLUGINS="$TEMPEST_PLUGINS /opt/stack/new/neutron-tempest-plugin"
4
-TEMPEST_PLUGINS="$TEMPEST_PLUGINS /opt/stack/new/networking-midonet"

+ 0
- 3
devstack/ml2/local.conf.sample View File

@@ -26,12 +26,9 @@ ENABLED_SERVICES=rabbit,mysql,key
26 26
 ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cpu,n-cond,n-sch,placement-api
27 27
 ENABLED_SERVICES+=,g-api,g-reg
28 28
 ENABLED_SERVICES+=,q-svc,neutron
29
-ENABLED_SERVICES+=,q-fwaas
30 29
 ENABLED_SERVICES+=,tempest
31 30
 ENABLED_SERVICES+=,horizon
32 31
 ENABLED_SERVICES+=,n-novnc,n-cauth
33
-enable_plugin neutron-fwaas https://github.com/openstack/neutron-fwaas
34
-FWAAS_PLUGIN=midonet_firewall
35 32
 
36 33
 NOVA_VNC_ENABLED=True
37 34
 

+ 0
- 3
devstack/settings View File

@@ -92,9 +92,6 @@ NETWORK_API_EXTENSIONS+=,default-subnetpools
92 92
 NETWORK_API_EXTENSIONS+=,subnet-service-types
93 93
 NETWORK_API_EXTENSIONS+=,net-mtu-writable
94 94
 NETWORK_API_EXTENSIONS+=,network_availability_zone
95
-if is_service_enabled q-fwaas neutron-fwaas-v1; then
96
-    NETWORK_API_EXTENSIONS+=,fwaas,fwaasrouterinsertion
97
-fi
98 95
 if is_service_enabled neutron-vpnaas; then
99 96
     NETWORK_API_EXTENSIONS+=,vpnaas
100 97
     NETWORK_API_EXTENSIONS+=,vpn-endpoint-groups

+ 0
- 53
doc/source/contributor/firewall.rst View File

@@ -1,53 +0,0 @@
1
-=============
2
-MidoNet FWaaS
3
-=============
4
-
5
-FWaaS model provides two ways to implement its API:
6
-
7
-- Driver for the agent running on the network node
8
-- Full implementation of FWaaS plugin
9
-
10
-Since MidoNet does not require the network nodes in deployment, the first
11
-option is not viable.  The second option is possible but it turns out there is
12
-a third way to do this which requires much less code.
13
-
14
-Instead of implementing the entire FWaaS plugin, MidoNet FWaaS plugin defines
15
-a driver, _MidonetFirewallDriver, that implements the RPC API that is
16
-intended to be used for communicating with the firewall agent.
17
-
18
-The API is simple:
19
-
20
-::
21
-
22
-  create_firewall(self, context, firewall)
23
-  update_firewall(self, context, firewall)
24
-  delete_firewall(self, context, firewall)
25
-
26
-In each method, 'firewall' object contains both the firewall and the firewall
27
-rules data.  In addition, 'firewall' object contains two useful lists,
28
-'add-router-ids' and 'del-router-ids', representing the list of router IDs that
29
-were associated and disassociated, respectively.  With such rich data as input,
30
-these three methods are enough to implement all the FWaaS API.
31
-
32
-One caveat is that because each request sends the entire set of rules, even if
33
-the actual API operation did not modify the rules, the amount of data sent over
34
-to MidoNet could sometimes be larger than it need to be.  This design will be
35
-revisited if this causes problems.
36
-
37
-States Reporting
38
-================
39
-
40
-When a firewall object is successfully created, the state is set to ACTIVE.  If
41
-the object was created in Neutron but there was an error creating it in
42
-MidoNet, the Neutron object is deleted.  If the deletion fails, the state is
43
-set to PENDING_CREATE.  A successful creation includes both the top level
44
-firewall object and its rules.
45
-
46
-When a firewall object is successfully updated, the state is set to ACTIVE.  If
47
-the update fails, the state is set to ERROR.  If the operation to set the ERROR
48
-state fails, the state is set to PENDING_UPDATE.  A successful update includes
49
-both the top level firewall object and its rules.
50
-
51
-When a firewall object deletion fails, the state is set to ERROR.  If the
52
-operation to set the ERROR state fails, the state is set to PENDING_DELETE.  A
53
-successful deletion includes both the top level firewall object and its rules.

+ 0
- 8
doc/source/contributor/index.rst View File

@@ -27,14 +27,6 @@ Programming HowTos and Tutorials
27 27
    testing
28 28
 
29 29
 
30
-Networking MidoNet Internals
31
-----------------------------
32
-.. toctree::
33
-   :maxdepth: 2
34
-
35
-   firewall
36
-
37
-
38 30
 Dashboards
39 31
 ----------
40 32
 .. toctree::

+ 0
- 33
doc/source/install/installation.rst View File

@@ -114,21 +114,6 @@ driver.::
114 114
     interface_driver = midonet
115 115
 
116 116
 
117
-FWaaS
118
------
119
-
120
-Starting v5.0, MidoNet implements Neutron FWaaS extension API.
121
-
122
-To configure it, add the following service plugin to the `service_plugins` list
123
-in the DEFAULT group of ``/etc/neutron/neutron.conf``::
124
-
125
-    [DEFAULT]
126
-    service_plugins = midonet_firewall
127
-
128
-NOTE: No need to configure `Firewall Driver` at all.  It's irrelevant
129
-because this plugin does not use Neutron L3 agent.
130
-
131
-
132 117
 LBaaS v2
133 118
 --------
134 119
 
@@ -222,24 +207,6 @@ in the DEFAULT group of `/etc/neutron/neutron.conf`::
222 207
     service_plugins = midonet_bgp
223 208
 
224 209
 
225
-Logging Resource Service
226
-------------------------
227
-
228
-Starting v5.2, MidoNet implements Neutron Logging Resource Service extension API.
229
-
230
-To configure it, add the following service plugin to the `service_plugins` list
231
-in the DEFAULT group of `/etc/neutron/neutron.conf`::
232
-
233
-    [DEFAULT]
234
-    service_plugins = midonet_logging_resource
235
-
236
-Firewall log is managed by Quota.
237
-Default value of firewall log is 10 that is same number as firewall.
238
-Basically, both Quota value for firewall and firewall log should be aligned.
239
-To tune it, change value of `quota_firewall_log` in the quotas group of
240
-`/etc/neutron/neutron.conf`.
241
-
242
-
243 210
 Tap-as-a-Service
244 211
 ----------------
245 212
 

+ 0
- 6
doc/source/user/features.rst View File

@@ -47,8 +47,6 @@ a mostly backend-agnostic way, like ``subnet_allocation`` and
47 47
 |           +------------------------------+----------------------------+
48 48
 |           | bgp-speaker-router-insertion | >=5.2                      |
49 49
 +-----------+------------------------------+----------------------------+
50
-| Logging   | logging-resource             | >=5.2                      |
51
-+-----------+------------------------------+----------------------------+
52 50
 | TaaS      | taas                         | >=5.2                      |
53 51
 +-----------+------------------------------+----------------------------+
54 52
 | VPNaaS    | vpnaas                       | >=5.1                      |
@@ -59,10 +57,6 @@ a mostly backend-agnostic way, like ``subnet_allocation`` and
59 57
 |           +------------------------------+----------------------------+
60 58
 |           | shared_pools                 | >=5.4                      |
61 59
 +-----------+------------------------------+----------------------------+
62
-| FWaaS     | fwaas                        | >=5.0                      |
63
-|           +------------------------------+----------------------------+
64
-|           | fwaasrouterinsertion         | >=5.0                      |
65
-+-----------+------------------------------+----------------------------+
66 60
 
67 61
 
68 62
 FAQ

+ 0
- 21
etc/policy.json View File

@@ -6,8 +6,6 @@
6 6
     "admin_only": "rule:context_is_admin",
7 7
     "regular_user": "",
8 8
     "shared": "field:networks:shared=True",
9
-    "shared_firewalls": "field:firewalls:shared=True",
10
-    "shared_firewall_policies": "field:firewall_policies:shared=True",
11 9
     "external": "field:networks:router:external=True",
12 10
     "default": "rule:admin_or_owner",
13 11
 
@@ -79,25 +77,6 @@
79 77
     "create_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
80 78
     "update_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
81 79
 
82
-    "create_firewall": "",
83
-    "get_firewall": "rule:admin_or_owner",
84
-    "create_firewall:shared": "rule:admin_only",
85
-    "get_firewall:shared": "rule:admin_only",
86
-    "update_firewall": "rule:admin_or_owner",
87
-    "update_firewall:shared": "rule:admin_only",
88
-    "delete_firewall": "rule:admin_or_owner",
89
-
90
-    "create_firewall_policy": "",
91
-    "get_firewall_policy": "rule:admin_or_owner or rule:shared_firewall_policies",
92
-    "create_firewall_policy:shared": "rule:admin_or_owner",
93
-    "update_firewall_policy": "rule:admin_or_owner",
94
-    "delete_firewall_policy": "rule:admin_or_owner",
95
-
96
-    "create_firewall_rule": "",
97
-    "get_firewall_rule": "rule:admin_or_owner or rule:shared_firewalls",
98
-    "update_firewall_rule": "rule:admin_or_owner",
99
-    "delete_firewall_rule": "rule:admin_or_owner",
100
-
101 80
     "create_qos_queue": "rule:admin_only",
102 81
     "get_qos_queue": "rule:admin_only",
103 82
 

+ 0
- 210
midonet/neutron/db/logging_resource_db.py View File

@@ -1,210 +0,0 @@
1
-# Copyright (C) 2016 Midokura SARL.
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#         http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-from neutron_lib.db import model_query
17
-from neutron_lib.db import utils as db_utils
18
-from neutron_lib.exceptions import firewall_v1 as fw_exc
19
-from oslo_db import exception as db_exc
20
-from oslo_log import helpers as log_helpers
21
-from oslo_utils import uuidutils
22
-from sqlalchemy.orm import exc
23
-
24
-from neutron.db import common_db_mixin
25
-
26
-from midonet.neutron.db import logging_resource_model as model
27
-from midonet.neutron.extensions import logging_resource as log_res_ext
28
-
29
-
30
-class LoggingResourceDbMixin(log_res_ext.LoggingResourcePluginBase,
31
-                             common_db_mixin.CommonDbMixin):
32
-    """Mixin class to add logging resource."""
33
-
34
-    __native_bulk_support = False
35
-
36
-    @log_helpers.log_method_call
37
-    def create_logging_resource(self, context, logging_resource):
38
-        """Create a logging_resource"""
39
-        log_res = logging_resource['logging_resource']
40
-        with context.session.begin(subtransactions=True):
41
-            log_res_db = model.LoggingResource(
42
-                id=uuidutils.generate_uuid(),
43
-                name=log_res['name'],
44
-                description=log_res['description'],
45
-                tenant_id=log_res['tenant_id'],
46
-                enabled=log_res['enabled'])
47
-            context.session.add(log_res_db)
48
-
49
-        return self._make_logging_resource_dict(log_res_db)
50
-
51
-    @log_helpers.log_method_call
52
-    def get_logging_resource(self, context, id, fields=None):
53
-        log_res_db = self._get_logging_resource(context, id)
54
-        return self._make_logging_resource_dict(log_res_db, fields)
55
-
56
-    @log_helpers.log_method_call
57
-    def get_logging_resources(self, context, filters=None, fields=None,
58
-                              sorts=None, limit=None, marker=None,
59
-                              page_reverse=False):
60
-        marker_obj = db_utils.get_marker_obj(self, context, 'logging_resource',
61
-                                             limit, marker)
62
-
63
-        return self._get_collection(
64
-            context,
65
-            model.LoggingResource,
66
-            self._make_logging_resource_dict,
67
-            filters=filters, fields=fields,
68
-            sorts=sorts,
69
-            limit=limit, marker_obj=marker_obj,
70
-            page_reverse=page_reverse)
71
-
72
-    @log_helpers.log_method_call
73
-    def update_logging_resource(self, context, id, logging_resource):
74
-        log_res = logging_resource['logging_resource']
75
-        with context.session.begin(subtransactions=True):
76
-            log_res_db = self._get_logging_resource(context, id)
77
-            log_res_db.update(log_res)
78
-
79
-        return self._make_logging_resource_dict(log_res_db)
80
-
81
-    @log_helpers.log_method_call
82
-    def delete_logging_resource(self, context, id):
83
-        log_res_db = self._get_logging_resource(context, id)
84
-        with context.session.begin(subtransactions=True):
85
-            context.session.delete(log_res_db)
86
-
87
-    @log_helpers.log_method_call
88
-    def delete_logging_resource_firewall_log(self, context, id,
89
-                                             logging_resource_id):
90
-        f_log_db = self._get_firewall_log(context, id)
91
-        with context.session.begin(subtransactions=True):
92
-            context.session.delete(f_log_db)
93
-
94
-    @log_helpers.log_method_call
95
-    def create_logging_resource_firewall_log(
96
-            self, context, firewall_log, logging_resource_id):
97
-        f_log = firewall_log['firewall_log']
98
-        try:
99
-            with context.session.begin(subtransactions=True):
100
-                f_log_db = model.FirewallLog(
101
-                    id=uuidutils.generate_uuid(),
102
-                    logging_resource_id=logging_resource_id,
103
-                    tenant_id=f_log['tenant_id'],
104
-                    description=f_log['description'],
105
-                    fw_event=f_log['fw_event'],
106
-                    firewall_id=f_log['firewall_id'])
107
-                context.session.add(f_log_db)
108
-        except db_exc.DBReferenceError:
109
-            raise fw_exc.FirewallNotFound(firewall_id=f_log['firewall_id'])
110
-
111
-        return self._make_firewall_log_dict(f_log_db)
112
-
113
-    @log_helpers.log_method_call
114
-    def get_logging_resource_firewall_log(self, context, id,
115
-                                          logging_resource_id, fields=None):
116
-        f_log_db = self._get_firewall_log(context, id)
117
-        return self._make_firewall_log_dict(f_log_db, fields)
118
-
119
-    @log_helpers.log_method_call
120
-    def get_logging_resource_firewall_logs(self, context, logging_resource_id,
121
-                                           filters=None, fields=None,
122
-                                           sorts=None, limit=None,
123
-                                           marker=None, page_reverse=False):
124
-        marker_obj = db_utils.get_marker_obj(self, context, 'firewall_log',
125
-                                             limit, marker)
126
-        return self._get_collection(context,
127
-                                    model.FirewallLog,
128
-                                    self._make_firewall_log_dict,
129
-                                    filters=filters, fields=fields,
130
-                                    sorts=sorts,
131
-                                    limit=limit, marker_obj=marker_obj,
132
-                                    page_reverse=page_reverse)
133
-
134
-    @log_helpers.log_method_call
135
-    def get_firewall_logs(self, context, filters=None, fields=None,
136
-                          sorts=None, limit=None, marker=None,
137
-                          page_reverse=False):
138
-        # This method is only for quota driver.
139
-        return self._get_fw_logs_from_tenant(context, context.tenant_id)
140
-
141
-    @log_helpers.log_method_call
142
-    def update_logging_resource_firewall_log(
143
-            self, context, id, logging_resource_id, firewall_log):
144
-        f_log = firewall_log['firewall_log']
145
-        with context.session.begin(subtransactions=True):
146
-            f_log_db = self._get_firewall_log(context, id)
147
-            f_log_db.update(f_log)
148
-
149
-        return self._make_firewall_log_dict(f_log_db)
150
-
151
-    def _get_logging_resource(self, context, id):
152
-        try:
153
-            query = model_query.query_with_hooks(
154
-                context, model.LoggingResource)
155
-            log_res_db = query.filter(model.LoggingResource.id == id).one()
156
-
157
-        except exc.NoResultFound:
158
-            raise log_res_ext.LoggingResourceNotFound(id=id)
159
-
160
-        return log_res_db
161
-
162
-    def _get_fw_logs_from_tenant(self, context, tenant_id):
163
-        query = model_query.query_with_hooks(context, model.FirewallLog)
164
-        return query.filter(model.FirewallLog.tenant_id == tenant_id).all()
165
-
166
-    def _logging_resource_has_logs(self, context, log_res_id):
167
-        query = model_query.query_with_hooks(context, model.FirewallLog)
168
-        return bool(query.filter(
169
-            model.FirewallLog.logging_resource_id == log_res_id).all())
170
-
171
-    def _get_firewall_log(self, context, id):
172
-        try:
173
-            query = model_query.query_with_hooks(context, model.FirewallLog)
174
-            f_log_db = query.filter(model.FirewallLog.id == id).one()
175
-
176
-        except exc.NoResultFound:
177
-            raise log_res_ext.FirewallLogNotFound(id=id)
178
-
179
-        return f_log_db
180
-
181
-    def _make_logging_resource_dict(self, log_res_db, fields=None):
182
-        res = {'id': log_res_db['id'],
183
-               'name': log_res_db['name'],
184
-               'description': log_res_db['description'],
185
-               'tenant_id': log_res_db['tenant_id'],
186
-               'enabled': log_res_db['enabled']}
187
-
188
-        # extend parameter for specific resource types
189
-        res.update(self._extend_resource_specific_loggings(log_res_db))
190
-
191
-        return self._fields(res, fields)
192
-
193
-    def _extend_resource_specific_loggings(self, log_res_db, fields=None):
194
-        # Currently, only firewall log is returned.
195
-        return {
196
-            'firewall_logs': [
197
-                self._make_firewall_log_dict(f_log, fields)
198
-                for f_log in log_res_db.firewall_logs
199
-                if log_res_db.firewall_logs
200
-            ]
201
-        }
202
-
203
-    def _make_firewall_log_dict(self, f_log_db, fields=None):
204
-        res = {'id': f_log_db['id'],
205
-               'tenant_id': f_log_db['tenant_id'],
206
-               'description': f_log_db['description'],
207
-               'logging_resource_id': f_log_db['logging_resource_id'],
208
-               'fw_event': f_log_db['fw_event'],
209
-               'firewall_id': f_log_db['firewall_id']}
210
-        return self._fields(res, fields)

+ 0
- 54
midonet/neutron/db/logging_resource_model.py View File

@@ -1,54 +0,0 @@
1
-# Copyright (C) 2016 Midokura SARL.
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#         http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-import sqlalchemy as sa
17
-from sqlalchemy import orm
18
-
19
-from neutron_lib.db import model_base
20
-
21
-LOGGING_RESOURCES = 'midonet_logging_resources'
22
-FIREWALL_LOGS = 'midonet_firewall_logs'
23
-
24
-
25
-class LoggingResource(model_base.BASEV2, model_base.HasProjectNoIndex):
26
-    """Represents a logging resource."""
27
-
28
-    __tablename__ = LOGGING_RESOURCES
29
-    id = sa.Column(sa.String(36), primary_key=True)
30
-    name = sa.Column(sa.String(255))
31
-    description = sa.Column(sa.String(1024))
32
-    enabled = sa.Column(sa.Boolean, nullable=False)
33
-
34
-
35
-class FirewallLog(model_base.BASEV2, model_base.HasProjectNoIndex):
36
-    """Represents a firewall log."""
37
-
38
-    __tablename__ = FIREWALL_LOGS
39
-
40
-    id = sa.Column(sa.String(36), primary_key=True)
41
-    logging_resource_id = sa.Column(
42
-        sa.String(36),
43
-        sa.ForeignKey('midonet_logging_resources.id', ondelete="CASCADE"),
44
-        nullable=False)
45
-    description = sa.Column(sa.String(1024))
46
-    fw_event = sa.Column(sa.String(length=255), nullable=False)
47
-    firewall_id = sa.Column(
48
-        sa.String(36),
49
-        sa.ForeignKey('firewalls.id', ondelete="CASCADE"),
50
-        nullable=False)
51
-    logging_resource = orm.relationship(
52
-        LoggingResource,
53
-        backref=orm.backref('firewall_logs', cascade='delete', lazy='joined'),
54
-        primaryjoin="LoggingResource.id==FirewallLog.logging_resource_id")

+ 1
- 1
midonet/neutron/db/migration/alembic_migration/versions/CONTRACT_HEAD View File

@@ -1 +1 @@
1
-1612b5389e6e
1
+f5dfd5cefbc7

+ 32
- 0
midonet/neutron/db/migration/alembic_migration/versions/stein/contract/f5dfd5cefbc7_drop_fwaas_v1_and_logging_resource.py View File

@@ -0,0 +1,32 @@
1
+# Copyright 2019 Midokura SARL
2
+#
3
+# Licensed under the Apache License, Version 2.0 (the "License");
4
+# you may not use this file except in compliance with the License.
5
+# You may obtain a copy of the License at
6
+#
7
+#    http://www.apache.org/licenses/LICENSE-2.0
8
+#
9
+# Unless required by applicable law or agreed to in writing, software
10
+# distributed under the License is distributed on an "AS IS" BASIS,
11
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+# See the License for the specific language governing permissions and
13
+# limitations under the License.
14
+
15
+"""Drop FWaaS v1 and logging_resource
16
+
17
+Revision ID: f5dfd5cefbc7
18
+Revises: 1612b5389e6e
19
+Create Date: 2019-02-05 15:51:24.345127
20
+
21
+"""
22
+
23
+# revision identifiers, used by Alembic.
24
+revision = 'f5dfd5cefbc7'
25
+down_revision = '1612b5389e6e'
26
+
27
+from alembic import op
28
+
29
+
30
+def upgrade():
31
+    op.drop_table('midonet_firewall_logs')
32
+    op.drop_table('midonet_logging_resources')

+ 0
- 1
midonet/neutron/db/migration/models/head.py View File

@@ -18,7 +18,6 @@ import midonet.neutron.db.bgp_speaker_router_insertion_model  # noqa
18 18
 import midonet.neutron.db.data_state_db  # noqa
19 19
 import midonet.neutron.db.data_version_db  # noqa
20 20
 import midonet.neutron.db.gateway_device  # noqa
21
-import midonet.neutron.db.logging_resource_model  # noqa
22 21
 import midonet.neutron.db.port_binding_db  # noqa
23 22
 import midonet.neutron.db.provider_network_db  # noqa
24 23
 import midonet.neutron.db.task_db  # noqa

+ 0
- 164
midonet/neutron/extensions/logging_resource.py View File

@@ -1,164 +0,0 @@
1
-# Copyright (C) 2016 Midokura SARL
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#        http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-import abc
17
-
18
-import six
19
-
20
-from oslo_config import cfg
21
-
22
-from neutron_lib.api.definitions import logging_resource
23
-from neutron_lib.api import extensions as api_extensions
24
-from neutron_lib import exceptions as nexception
25
-from neutron_lib.plugins import directory
26
-
27
-from neutron.api import extensions
28
-from neutron.api.v2 import base
29
-from neutron.api.v2 import resource_helper
30
-from neutron.quota import resource_registry
31
-
32
-from midonet.neutron._i18n import _
33
-from midonet.neutron.common import constants
34
-
35
-
36
-class LoggingResourceNotFound(nexception.NotFound):
37
-    message = _("Logging resource %(id)s does not exist")
38
-
39
-
40
-class FirewallLogNotFound(nexception.NotFound):
41
-    message = _("Firewall log %(id)s does not exist")
42
-
43
-
44
-class ResourceInUseByLoggingResource(nexception.InUse):
45
-    message = _("%(resource_name)s %(resource_id)s %(reason)s")
46
-
47
-    def __init__(self, **kwargs):
48
-        if 'reason' not in kwargs:
49
-            kwargs['reason'] = "is in use by logging resource"
50
-        super(ResourceInUseByLoggingResource, self).__init__(**kwargs)
51
-
52
-
53
-FW_EVENT_ACCEPT = logging_resource.FW_EVENT_ACCEPT
54
-FW_EVENT_DROP = logging_resource.FW_EVENT_DROP
55
-FW_EVENT_ALL = logging_resource.FW_EVENT_ALL
56
-FW_EVENTS = logging_resource.FW_EVENTS
57
-
58
-# A tenant may want to create firewall logs for all firewalls in tenant.
59
-# Set default quotas to align with default quota_firewall of 10.
60
-
61
-firewall_log_quota_opts = [
62
-    cfg.IntOpt('quota_firewall_log',
63
-               default=10,
64
-               help=_('Number of firewall logs allowed per tenant. '
65
-                      'A negative value means unlimited.'))
66
-]
67
-cfg.CONF.register_opts(firewall_log_quota_opts, 'QUOTAS')
68
-
69
-
70
-class Logging_resource(api_extensions.APIExtensionDescriptor):
71
-    """Logging resource extension."""
72
-
73
-    api_definition = logging_resource
74
-
75
-    @classmethod
76
-    def get_resources(cls):
77
-        """Returns Ext Resources."""
78
-
79
-        plural_mappings = resource_helper.build_plural_mappings(
80
-            {}, logging_resource.RESOURCE_ATTRIBUTE_MAP)
81
-
82
-        resources = resource_helper.build_resource_info(
83
-            plural_mappings,
84
-            logging_resource.RESOURCE_ATTRIBUTE_MAP,
85
-            constants.LOGGING_RESOURCE)
86
-        plugin = directory.get_plugin(constants.LOGGING_RESOURCE)
87
-
88
-        for collection_name in logging_resource.SUB_RESOURCE_ATTRIBUTE_MAP:
89
-            resource_name = collection_name[:-1]
90
-            resource_registry.register_resource_by_name(resource_name)
91
-            parent = logging_resource.SUB_RESOURCE_ATTRIBUTE_MAP[
92
-                collection_name].get('parent')
93
-            params = logging_resource.SUB_RESOURCE_ATTRIBUTE_MAP[
94
-                collection_name].get('parameters')
95
-
96
-            controller = base.create_resource(collection_name, resource_name,
97
-                                              plugin, params,
98
-                                              allow_bulk=True,
99
-                                              parent=parent)
100
-
101
-            resource = extensions.ResourceExtension(
102
-                collection_name,
103
-                controller, parent,
104
-                path_prefix=logging_resource.API_PREFIX,
105
-                attr_map=params)
106
-            resources.append(resource)
107
-
108
-        return resources
109
-
110
-
111
-@six.add_metaclass(abc.ABCMeta)
112
-class LoggingResourcePluginBase(object):
113
-
114
-    path_prefix = logging_resource.API_PREFIX
115
-
116
-    @abc.abstractmethod
117
-    def create_logging_resource(self, context, logging_resource):
118
-        pass
119
-
120
-    @abc.abstractmethod
121
-    def update_logging_resource(self, context, id, logging_resource):
122
-        pass
123
-
124
-    @abc.abstractmethod
125
-    def delete_logging_resource(self, context, id):
126
-        pass
127
-
128
-    @abc.abstractmethod
129
-    def get_logging_resources(self, context, filters=None, fields=None,
130
-                              sorts=None, limit=None, marker=None,
131
-                              page_reverse=False):
132
-        pass
133
-
134
-    @abc.abstractmethod
135
-    def get_logging_resource(self, context, id, fields=None):
136
-        pass
137
-
138
-    @abc.abstractmethod
139
-    def create_logging_resource_firewall_log(self, context,
140
-                                             logging_resource_id,
141
-                                             firewall_log):
142
-        pass
143
-
144
-    @abc.abstractmethod
145
-    def update_logging_resource_firewall_log(
146
-            self, context, id, logging_resource_id, firewall_log):
147
-        pass
148
-
149
-    @abc.abstractmethod
150
-    def delete_logging_resource_firewall_log(self, context,
151
-                                             id, logging_resource_id):
152
-        pass
153
-
154
-    @abc.abstractmethod
155
-    def get_logging_resource_firewall_logs(self, context, logging_resource_id,
156
-                                           filters=None, fields=None,
157
-                                           sorts=None, limit=None,
158
-                                           marker=None, page_reverse=False):
159
-        pass
160
-
161
-    @abc.abstractmethod
162
-    def get_logging_resource_firewall_log(self, context, id,
163
-                                          logging_resource_id, fields=None):
164
-        pass

+ 0
- 0
midonet/neutron/services/firewall/__init__.py View File


+ 0
- 146
midonet/neutron/services/firewall/plugin.py View File

@@ -1,146 +0,0 @@
1
-# Copyright (C) 2015 Midokura SARL
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#        http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-from neutron_lib import constants
17
-from oslo_config import cfg
18
-from oslo_log import helpers as log_helpers
19
-from oslo_log import log as logging
20
-from oslo_utils import excutils
21
-
22
-from neutron.api import extensions as neutron_extensions
23
-from neutron_fwaas.db.firewall import firewall_db
24
-from neutron_fwaas import extensions
25
-from neutron_fwaas.services.firewall import fwaas_plugin as fw_plugin
26
-
27
-from midonet.neutron.client import base as c_base
28
-from midonet.neutron.common import config  # noqa
29
-
30
-LOG = logging.getLogger(__name__)
31
-
32
-
33
-# TODO(yamamoto): This driver needs a major restructure for task-based api.
34
-# I'm not sure if it's worth the effort given that FWaaS v2 things are
35
-# coming.  FWaaS v2 will have a better driver api.
36
-
37
-
38
-class _MidonetFirewallDriver(object):
39
-    """FWaaS driver for MidoNet that implements the RPC API
40
-
41
-    The driver does not actually do any RPC, but simply proxies the API calls
42
-    to the MidoNet side.  This design was chosen instead of implementing the
43
-    FWaaS plugin methods because these methods get as input more complete data
44
-    on the firewall object, including its rules and the routers
45
-    associated/disassociated.  The downside is that each request might get
46
-    bloated unnecessarily.  We will revisit the design when such problem
47
-    arises.
48
-    """
49
-
50
-    def __init__(self, client, callbacks):
51
-        self.client = client
52
-        self.callbacks = callbacks
53
-        self.plugin = callbacks.plugin
54
-
55
-    @log_helpers.log_method_call
56
-    def create_firewall(self, context, firewall, host=None):
57
-        # This method is called outside of DB transaction
58
-        try:
59
-            self.client.create_firewall(context, firewall)
60
-        except Exception as ex:
61
-            with excutils.save_and_reraise_exception():
62
-                LOG.error("Failed to create a firewall %(fw_id)s "
63
-                          "in Midonet: %(err)s",
64
-                          {"fw_id": firewall["id"], "err": ex})
65
-                try:
66
-                    self.plugin.delete_db_firewall_object(context,
67
-                                                          firewall['id'])
68
-                except Exception:
69
-                    LOG.exception("Failed to delete firewall %s",
70
-                                  firewall['id'])
71
-
72
-        self._set_firewall_status_noerror(context, firewall)
73
-
74
-    @log_helpers.log_method_call
75
-    def update_firewall(self, context, firewall, host=None):
76
-        # This method is called outside of DB transaction
77
-        try:
78
-            self.client.update_firewall(context, firewall)
79
-        except Exception as ex:
80
-            with excutils.save_and_reraise_exception():
81
-                LOG.error("Failed to update a firewall %(fw_id)s "
82
-                          "in Midonet: %(err)s",
83
-                          {"fw_id": firewall["id"], "err": ex})
84
-                try:
85
-                    self.callbacks.set_firewall_status(context, firewall['id'],
86
-                                                       constants.ERROR)
87
-                except Exception:
88
-                    LOG.exception("Failed to update firewall status %s",
89
-                                  firewall['id'])
90
-
91
-        self._set_firewall_status_noerror(context, firewall)
92
-
93
-    def _set_firewall_status_noerror(self, context, firewall):
94
-        if firewall['add-router-ids']:
95
-            status = constants.ACTIVE
96
-        else:
97
-            status = constants.INACTIVE
98
-        self.callbacks.set_firewall_status(context, firewall['id'], status)
99
-
100
-    @log_helpers.log_method_call
101
-    def delete_firewall(self, context, firewall, host=None):
102
-        # This method is called outside of DB transaction
103
-        try:
104
-            self.client.delete_firewall(context, firewall)
105
-        except Exception as ex:
106
-            with excutils.save_and_reraise_exception():
107
-                LOG.error("Failed to delete a firewall %(fw_id)s "
108
-                          "in Midonet: %(err)s",
109
-                          {"fw_id": firewall["id"], "err": ex})
110
-                try:
111
-                    self.callbacks.set_firewall_status(context, firewall['id'],
112
-                                                       constants.ERROR)
113
-                except Exception:
114
-                    LOG.exception("Failed to update firewall status %s",
115
-                                  firewall['id'])
116
-
117
-        self.callbacks.firewall_deleted(context, firewall['id'])
118
-
119
-
120
-class MidonetFirewallPlugin(fw_plugin.FirewallPlugin):
121
-
122
-    """Implementation of the Neutron Firewall Service Plugin.
123
-
124
-    This class manages the workflow of FWaaS request/response.
125
-    DB related updates, including router insertion logics, are handled by
126
-    fw_plugin.FirewallPlugin.
127
-    """
128
-
129
-    def __init__(self):
130
-        # Override initialization to avoid any RPC setup as MidoNet does not
131
-        # rely on any agent to implement FWaaS.  Instead, set the rpc handling
132
-        # to the _MidonetFirewallDriver class so that it handles the FWaaS
133
-        # update events.
134
-
135
-        # Register the FWaaS extensions path
136
-        neutron_extensions.append_api_extensions_path(extensions.__path__)
137
-
138
-        # Although callbacks are unnecessary in midonet, use FirewallCallbacks
139
-        # because it contains useful methods for DB updates.
140
-        self.callbacks = fw_plugin.FirewallCallbacks(self)
141
-        self.client = c_base.load_client(cfg.CONF.MIDONET)
142
-        self.agent_rpc = _MidonetFirewallDriver(self.client, self.callbacks)
143
-        self.endpoints = [self.callbacks]  # So that tests don't complain
144
-        # TODO(yamamoto): Remove this subscribe() call once neutron-fwaas
145
-        # was converted to use registry decorators.
146
-        firewall_db.subscribe()

+ 0
- 0
midonet/neutron/services/logging_resource/__init__.py View File


+ 0
- 180
midonet/neutron/services/logging_resource/plugin.py View File

@@ -1,180 +0,0 @@
1
-# Copyright (C) 2016 Midokura SARL.
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#         http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-from oslo_config import cfg
17
-from oslo_log import helpers as log_helpers
18
-from oslo_log import log as logging
19
-from oslo_utils import excutils
20
-
21
-from neutron_lib.plugins import constants as const
22
-from neutron_lib.plugins import directory
23
-
24
-from midonet.neutron.client import base as c_base
25
-from midonet.neutron.common import config  # noqa
26
-from midonet.neutron.common import constants as midonet_const
27
-from midonet.neutron.db import logging_resource_db as log_res_db
28
-
29
-LOG = logging.getLogger(__name__)
30
-
31
-
32
-class MidonetLoggingResourcePlugin(log_res_db.LoggingResourceDbMixin):
33
-
34
-    """Implements Logging Resource service plugin for Midonet."""
35
-
36
-    supported_extension_aliases = ["logging-resource"]
37
-
38
-    def __init__(self):
39
-        super(MidonetLoggingResourcePlugin, self).__init__()
40
-
41
-        # Instantiate MidoNet API client
42
-        self.client = c_base.load_client(cfg.CONF.MIDONET)
43
-
44
-    def get_plugin_type(self):
45
-        return midonet_const.LOGGING_RESOURCE
46
-
47
-    def get_plugin_description(self):
48
-        """Returns string description of the plugin."""
49
-        return "Midonet Logging Resource Service Plugin"
50
-
51
-    @log_helpers.log_method_call
52
-    def update_logging_resource(self, context, id, logging_resource):
53
-        backup = self.get_logging_resource(
54
-            context, id, fields=['name', 'description', 'enabled'])
55
-        backup_body = {'logging_resource': backup}
56
-        with context.session.begin(subtransactions=True):
57
-            has_logs = self._logging_resource_has_logs(context, id)
58
-            log_res = super(
59
-                MidonetLoggingResourcePlugin,
60
-                self).update_logging_resource(context, id, logging_resource)
61
-            if has_logs:
62
-                self.client.update_logging_resource_precommit(
63
-                    context, id, log_res)
64
-
65
-        if not has_logs:
66
-            return log_res
67
-        try:
68
-            self.client.update_logging_resource_postcommit(id, log_res)
69
-        except Exception as ex:
70
-            with excutils.save_and_reraise_exception():
71
-                LOG.error("Failed to update a logging "
72
-                          "resource %(log_res_id)s in MidoNet: %(err)s",
73
-                          {"log_res_id": log_res["id"], "err": ex})
74
-                try:
75
-                    super(
76
-                        MidonetLoggingResourcePlugin,
77
-                        self).update_logging_resource(
78
-                            context, log_res['id'], backup_body)
79
-                except Exception:
80
-                    LOG.exception("Failed to update a logging resource "
81
-                                  "for rollback %s", log_res["id"])
82
-        return log_res
83
-
84
-    @log_helpers.log_method_call
85
-    def delete_logging_resource(self, context, id):
86
-        with context.session.begin(subtransactions=True):
87
-            super(MidonetLoggingResourcePlugin,
88
-                  self).delete_logging_resource(context, id)
89
-            self.client.delete_logging_resource_precommit(context, id)
90
-
91
-        self.client.delete_logging_resource_postcommit(id)
92
-
93
-    @log_helpers.log_method_call
94
-    def create_logging_resource_firewall_log(self, context,
95
-                                             firewall_log,
96
-                                             logging_resource_id):
97
-        with context.session.begin(subtransactions=True):
98
-            f_log = super(
99
-                MidonetLoggingResourcePlugin,
100
-                self).create_logging_resource_firewall_log(
101
-                    context, firewall_log, logging_resource_id)
102
-            f_log_info = self._make_info_for_midonet(
103
-                context, f_log, logging_resource_id)
104
-            self.client.create_firewall_log_precommit(context, f_log_info)
105
-
106
-        try:
107
-            self.client.create_firewall_log_postcommit(f_log_info)
108
-        except Exception as ex:
109
-            with excutils.save_and_reraise_exception():
110
-                LOG.error("Failed to create a firewall log %(f_log_id)s "
111
-                          "for %(log_res_id)s in Midonet:%(err)s",
112
-                          {"f_log_id": f_log["id"],
113
-                           "log_res_id": logging_resource_id, "err": ex})
114
-                try:
115
-                    super(
116
-                        MidonetLoggingResourcePlugin,
117
-                        self).delete_logging_resource_firewall_log(
118
-                            context, f_log["id"], logging_resource_id)
119
-                except Exception:
120
-                    LOG.exception("Failed to delete a firewall_log %s",
121
-                                  f_log["id"])
122
-
123
-        return f_log
124
-
125
-    @log_helpers.log_method_call
126
-    def update_logging_resource_firewall_log(
127
-            self, context, id, logging_resource_id, firewall_log):
128
-        backup = self.get_logging_resource_firewall_log(
129
-            context, id, logging_resource_id,
130
-            fields=['fw_event', 'description'])
131
-        backup_body = {'firewall_log': backup}
132
-        with context.session.begin(subtransactions=True):
133
-            f_log = super(
134
-                MidonetLoggingResourcePlugin,
135
-                self).update_logging_resource_firewall_log(
136
-                    context, id, logging_resource_id, firewall_log)
137
-            f_log_info = self._make_info_for_midonet(
138
-                context, f_log, logging_resource_id)
139
-            self.client.update_firewall_log_precommit(context, id, f_log_info)
140
-
141
-        try:
142
-            self.client.update_firewall_log_postcommit(id, f_log_info)
143
-        except Exception as ex:
144
-            with excutils.save_and_reraise_exception():
145
-                LOG.error("Failed to update a firewall log "
146
-                          "%(f_log_id)s in Midonet:%(err)s",
147
-                          {"f_log_id": f_log["id"], "err": ex})
148
-                try:
149
-                    super(
150
-                        MidonetLoggingResourcePlugin,
151
-                        self).update_logging_resource_firewall_log(
152
-                            context, f_log['id'],
153
-                            logging_resource_id, backup_body)
154
-                except Exception:
155
-                    LOG.exception("Failed to update a firewall log "
156
-                                  "for rollback %s", f_log["id"])
157
-        return f_log
158
-
159
-    @log_helpers.log_method_call
160
-    def delete_logging_resource_firewall_log(self, context, id,
161
-                                             logging_resource_id):
162
-        with context.session.begin(subtransactions=True):
163
-            super(MidonetLoggingResourcePlugin,
164
-                  self).delete_logging_resource_firewall_log(
165
-                context, id, logging_resource_id)
166
-            self.client.delete_firewall_log_precommit(context, id)
167
-
168
-        self.client.delete_firewall_log_postcommit(id)
169
-
170
-    def _make_info_for_midonet(self, context, f_log, logging_resource_id):
171
-        f_log_info = f_log.copy()
172
-        # Get firewall and logging resource object for backend.
173
-        fw_plugin = directory.get_plugin(const.FIREWALL)
174
-        f_log_info['firewall'] = fw_plugin.get_firewall(
175
-            context, f_log_info['firewall_id'], fields=['id', 'tenant_id'])
176
-        f_log_info['logging_resource'] = self.get_logging_resource(
177
-            context, logging_resource_id)
178
-        del f_log_info['logging_resource']['firewall_logs']
179
-
180
-        return f_log_info

+ 0
- 0
midonet/neutron/tests/tempest/__init__.py View File


+ 0
- 37
midonet/neutron/tests/tempest/plugin.py View File

@@ -1,37 +0,0 @@
1
-# Copyright (c) 2016 Midokura SARL
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#         http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-import os
17
-
18
-from tempest.test_discover import plugins
19
-
20
-
21
-class NetworkingMidonetTempestPlugin(plugins.TempestPlugin):
22
-    def get_opt_lists(self):
23
-        return []
24
-
25
-    def load_tests(self):
26
-        this_dir = os.path.dirname(os.path.abspath(__file__))
27
-        # top_level_dir = $(this_dir)/../../../..
28
-        d = os.path.split(this_dir)[0]
29
-        d = os.path.split(d)[0]
30
-        d = os.path.split(d)[0]
31
-        top_level_dir = os.path.split(d)[0]
32
-        test_dir = os.path.join(top_level_dir,
33
-                                'midonet/neutron/tests/tempest/tests')
34
-        return (test_dir, top_level_dir)
35
-
36
-    def register_opts(self, conf):
37
-        return

+ 0
- 0
midonet/neutron/tests/tempest/tests/__init__.py View File


+ 0
- 0
midonet/neutron/tests/tempest/tests/api/__init__.py View File


+ 0
- 120
midonet/neutron/tests/tempest/tests/api/test_router_interface_fip.py View File

@@ -1,120 +0,0 @@
1
-# Copyright (c) 2016 Midokura SARL
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#         http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-import netaddr
17
-import testtools
18
-
19
-from tempest.common import utils
20
-from tempest.lib.common.utils import data_utils
21
-from tempest.lib import decorators
22
-import tempest.lib.exceptions as lib_exc
23
-
24
-from neutron_tempest_plugin.api import base
25
-
26
-
27
-class ExpectedException(testtools.ExpectedException):
28
-    def __enter__(self):
29
-        return self
30
-
31
-    def __exit__(self, exc_type, exc_value, tb):
32
-        if super(ExpectedException, self).__exit__(exc_type, exc_value, tb):
33
-            self.exception = exc_value
34
-            return True
35
-        return False
36
-
37
-
38
-class RouterInterfaceFip(base.BaseAdminNetworkTest):
39
-    @classmethod
40
-    @utils.requires_ext(extension="router-interface-fip", service="network")
41
-    def resource_setup(cls):
42
-        super(RouterInterfaceFip, cls).resource_setup()
43
-
44
-    @decorators.idempotent_id('943ab44d-0ea7-4c6a-bdfd-8ba759622992')
45
-    def test_router_interface_fip(self):
46
-        # +-------------+
47
-        # | router1     |
48
-        # +-+--------+--+
49
-        #   |        |
50
-        # +-+--+   +-+--------+
51
-        # |net1|   |net2      |
52
-        # |    |   |(external)|
53
-        # +-+--+   +--+-------+
54
-        #   |         |
55
-        #  port1     fip2
56
-        cidr1 = netaddr.IPNetwork('192.2.1.0/24')
57
-        cidr2 = netaddr.IPNetwork('192.2.2.0/24')
58
-        router1_name = data_utils.rand_name('router1')
59
-        router1 = self.create_router(router1_name)
60
-        net1 = self.create_network()
61
-        subnet1 = self.create_subnet(net1, cidr=cidr1)
62
-        self.create_router_interface(router1['id'], subnet1['id'])
63
-        net2 = self.admin_client.create_network(
64
-            project_id=self.client.tenant_id,
65
-            **{'router:external': True})['network']
66
-        self.networks.append(net2)
67
-        subnet2 = self.create_subnet(net2, cidr=cidr2)
68
-        self.create_router_interface(router1['id'], subnet2['id'])
69
-        port1 = self.create_port(net1)
70
-        fip2 = self.create_floatingip(net2['id'])
71
-        fip2_updated = self.client.update_floatingip(
72
-            fip2['id'], port_id=port1['id'])['floatingip']
73
-        expected = {
74
-            'floating_network_id': net2['id'],
75
-            'port_id': port1['id'],
76
-            'router_id': router1['id'],
77
-        }
78
-        for k, v in expected.items():
79
-            self.assertIn(k, fip2_updated)
80
-            self.assertEqual(v, fip2_updated[k])
81
-        if 'revision_number' in fip2:
82
-            self.assertGreater(fip2_updated['revision_number'],
83
-                               fip2['revision_number'])
84
-        # NOTE(yamamoto): The status can be updated asynchronously.
85
-        fip2_shown = self.client.show_floatingip(fip2['id'])['floatingip']
86
-        if 'revision_number' in fip2:
87
-            self.assertGreaterEqual(fip2_shown['revision_number'],
88
-                                    fip2_updated['revision_number'])
89
-        fip2_shown.pop('status')
90
-        fip2_shown.pop('updated_at')
91
-        fip2_shown.pop('revision_number')
92
-        fip2_updated.pop('status')
93
-        fip2_updated.pop('updated_at')
94
-        fip2_updated.pop('revision_number')
95
-        self.assertEqual(fip2_updated, fip2_shown)
96
-        with ExpectedException(lib_exc.Conflict) as ctx:
97
-            self.client.remove_router_interface_with_subnet_id(
98
-                router1['id'], subnet2['id'])
99
-        self.assertEqual('RouterInterfaceInUseAsGatewayByFloatingIP',
100
-                         ctx.exception.resp_body['type'])
101
-        with ExpectedException(lib_exc.Conflict) as ctx:
102
-            self.client.remove_router_interface_with_subnet_id(
103
-                router1['id'], subnet1['id'])
104
-        self.assertEqual('RouterInterfaceInUseByFloatingIP',
105
-                         ctx.exception.resp_body['type'])
106
-        fip2_updated2 = self.client.update_floatingip(
107
-            fip2['id'], port_id=None)['floatingip']
108
-        expected = {
109
-            'floating_network_id': net2['id'],
110
-            'floating_ip_address': fip2_shown['floating_ip_address'],
111
-            'port_id': None,
112
-            'router_id': None,
113
-        }
114
-        for k, v in expected.items():
115
-            self.assertIn(k, fip2_updated2)
116
-            self.assertEqual(v, fip2_updated2[k])
117
-        self.client.remove_router_interface_with_subnet_id(
118
-            router1['id'], subnet2['id'])
119
-        self.client.remove_router_interface_with_subnet_id(
120
-            router1['id'], subnet1['id'])

+ 0
- 0
midonet/neutron/tests/tempest/tests/scenario/__init__.py View File


+ 0
- 231
midonet/neutron/tests/tempest/tests/scenario/test_bgp.py View File

@@ -1,231 +0,0 @@
1
-# Copyright (c) 2017 Midokura SARL
2
-# All Rights Reserved.
3
-#
4
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
-#    not use this file except in compliance with the License. You may obtain
6
-#    a copy of the License at
7
-#
8
-#         http://www.apache.org/licenses/LICENSE-2.0
9
-#
10
-#    Unless required by applicable law or agreed to in writing, software
11
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
-#    License for the specific language governing permissions and limitations
14
-#    under the License.
15
-
16
-import netaddr
17
-
18
-from tempest.common import utils
19
-from tempest.common import waiters
20
-from tempest.lib.common import ssh
21
-from tempest.lib.common.utils import data_utils
22
-from tempest.lib import decorators
23
-
24
-from neutron_tempest_plugin import config
25
-from neutron_tempest_plugin.scenario import base
26
-from neutron_tempest_plugin.scenario import constants
27
-
28
-try:
29
-    from neutron_dynamic_routing.tests.tempest import bgp_client
30
-except ImportError:
31
-    bgp_client = None
32
-
33
-
34
-CONF = config.CONF
35
-
36
-
37
-class BgpClientMixin(object):
38
-    @classmethod
39
-    def resource_setup(cls):
40
-        super(BgpClientMixin, cls).resource_setup()
41
-        if bgp_client is None:
42
-            msg = "No BGP service client is available"
43
-            raise cls.skipException(msg)
44
-        manager = cls.os_admin
45
-        cls.bgp_client = bgp_client.BgpSpeakerClientJSON(
46
-            manager.auth_provider,
47
-            CONF.network.catalog_type,
48
-            CONF.network.region or CONF.identity.region,
49
-            endpoint_type=CONF.network.endpoint_type,
50
-            build_interval=CONF.network.build_interval,
51
-            build_timeout=CONF.network.build_timeout,
52
-            **manager.default_params)
53
-
54
-    def create_bgp_speaker(self, **kwargs):
55
-        bgp_speaker = self.bgp_client.create_bgp_speaker(post_data={
56
-            'bgp_speaker': kwargs,
57
-        })['bgp_speaker']
58
-        self.addCleanup(self.bgp_client.delete_bgp_speaker, bgp_speaker['id'])
59
-        return bgp_speaker
60
-
61
-    def create_bgp_peer(self, **kwargs):
62
-        bgp_peer = self.bgp_client.create_bgp_peer(post_data={
63
-            'bgp_peer': kwargs,
64
-        })['bgp_peer']
65
-        self.addCleanup(self.bgp_client.delete_bgp_peer, bgp_peer['id'])
66
-        return bgp_peer
67
-
68
-    def add_bgp_peer_with_id(self, bgp_speaker_id, bgp_peer_id):
69
-        self.bgp_client.add_bgp_peer_with_id(bgp_speaker_id, bgp_peer_id)
70
-
71
-
72
-class Bgp(BgpClientMixin, base.BaseTempestTestCase):
73
-    """Test the following topology
74
-
75
-          +-------------------+
76
-          | public            |
77
-          | network           |
78
-          |                   |
79
-          +-+---------------+-+
80
-            |               |
81
-            |               |
82
-    +-------+-+           +-+-------+
83
-    | LEFT    |           | RIGHT   |
84
-    | router  | <--BGP--> | router  |
85
-    |         |           |         |
86
-    +----+----+           +----+----+
87
-         |                     |
88
-    +----+----+           +----+----+
89
-    | LEFT    |           | RIGHT   |
90
-    | network |           | network |
91
-    |         |           |         |
92
-    +---------+           +---------+
93
-    """
94
-
95
-    credentials = ['primary', 'admin']
96
-
97
-    @classmethod
98
-    @utils.requires_ext(extension="bgp-speaker-router-insertion",
99
-                        service="network")
100
-    def resource_setup(cls):
101
-        super(Bgp, cls).resource_setup()
102
-
103
-        # common
104
-        cls.keypair = cls.create_keypair()
105
-        cls.secgroup = cls.os_primary.network_client.create_security_group(
106
-            name=data_utils.rand_name('secgroup-'))['security_group']
107
-        cls.security_groups.append(cls.secgroup)
108
-        cls.create_loginable_secgroup_rule(secgroup_id=cls.secgroup['id'])
109
-        cls.create_pingable_secgroup_rule(secgroup_id=cls.secgroup['id'])
110
-
111
-        # LEFT
112
-        cls.router = cls.create_router(
113
-            data_utils.rand_name('left-router'),
114
-            admin_state_up=True,
115
-            external_network_id=CONF.network.public_network_id)
116
-        cls.network = cls.create_network(network_name='left-network')
117
-        cls.subnet = cls.create_subnet(cls.network,
118
-                                       name='left-subnet')
119
-        cls.create_router_interface(cls.router['id'], cls.subnet['id'])
120
-
121
-        # RIGHT
122
-        cls._right_network, cls._right_subnet, cls._right_router = \
123
-            cls._create_right_network()
124
-
125
-    @classmethod
126
-    def _create_right_network(cls):
127
-        # NOTE(yamamoto): Disable SNAT to workaround a bug
128
-        # https://midonet.atlassian.net/browse/MNA-1114
129
-        router = cls.create_admin_router(
130
-            data_utils.rand_name('right-router'),
131
-            admin_state_up=True,
132
-            external_network_id=CONF.network.public_network_id,
133
-            enable_snat=False,
134
-            project_id=cls.os_primary.network_client.tenant_id)
135
-        network = cls.create_network(network_name='right-network')
136
-        subnet = cls.create_subnet(
137
-            network,
138
-            cidr=netaddr.IPNetwork('10.10.0.0/24'),
139
-            name='right-subnet')
140
-        cls.create_router_interface(router['id'], subnet['id'])
141
-        return network, subnet, router
142
-
143
-    def _create_server(self, create_floating_ip=True, network=None):
144
-        if network is None:
145
-            network = self.network
146
-        port = self.create_port(network, security_groups=[self.secgroup['id']])
147
-        if create_floating_ip:
148
-            fip = self.create_and_associate_floatingip(port['id'])
149
-        else:
150
-            fip = None
151
-        server = self.create_server(
152
-            flavor_ref=CONF.compute.flavor_ref,
153
-            image_ref=CONF.compute.image_ref,
154
-            key_name=self.keypair['name'],
155
-            networks=[{'port': port['id']}])['server']
156
-        waiters.wait_for_server_status(self.os_primary.servers_client,
157
-                                       server['id'],
158
-                                       constants.SERVER_STATUS_ACTIVE)
159
-        return {'port': port, 'fip': fip, 'server': server}
160
-
161
-    def _find_ipv4_subnet(self, ne