From 487b98a73f6be41697dd4f59a245f1a7f338a72f Mon Sep 17 00:00:00 2001 From: aaronzhang231 Date: Mon, 14 Jul 2014 17:04:17 -0700 Subject: [PATCH] update vsm credential correctly Today if we modify the n1kv VSM credential in the cisco_plugins.ini, the older VSM ip address remains in the db, and all requests are sent to the older VSM. This patch deletes all n1kv VSM credentials on neutron start up before adding the newer VSM credentials. Hence making sure that there is only one n1kv VSM IP address and credential in the db. Change-Id: I772a86bf896a1d3d9c69c545ce6918b0fe3a2e48 Closes-Bug: #1341014 --- neutron/plugins/cisco/db/network_db_v2.py | 5 ++++ .../plugins/cisco/n1kv/n1kv_neutron_plugin.py | 6 +++-- neutron/tests/unit/cisco/test_network_db.py | 27 +++++++++++++++++++ 3 files changed, 36 insertions(+), 2 deletions(-) diff --git a/neutron/plugins/cisco/db/network_db_v2.py b/neutron/plugins/cisco/db/network_db_v2.py index 350950e17..e7adf1a92 100644 --- a/neutron/plugins/cisco/db/network_db_v2.py +++ b/neutron/plugins/cisco/db/network_db_v2.py @@ -185,6 +185,11 @@ def get_all_n1kv_credentials(): filter_by(type='n1kv')) +def delete_all_n1kv_credentials(): + session = db.get_session() + session.query(network_models_v2.Credential).filter_by(type='n1kv').delete() + + def add_provider_network(network_id, network_type, segmentation_id): """Add a network to the provider network table.""" session = db.get_session() diff --git a/neutron/plugins/cisco/n1kv/n1kv_neutron_plugin.py b/neutron/plugins/cisco/n1kv/n1kv_neutron_plugin.py index 6e259ccc1..73ef2779c 100644 --- a/neutron/plugins/cisco/n1kv/n1kv_neutron_plugin.py +++ b/neutron/plugins/cisco/n1kv/n1kv_neutron_plugin.py @@ -100,8 +100,9 @@ class N1kvNeutronPluginV2(db_base_plugin_v2.NeutronDbPluginV2, Initialize Nexus1000V Neutron plugin. 1. Initialize VIF type to OVS - 2. Initialize Nexus1000v and Credential DB - 3. Establish communication with Cisco Nexus1000V + 2. clear N1kv credential + 3. Initialize Nexus1000v and Credential DB + 4. Establish communication with Cisco Nexus1000V """ super(N1kvNeutronPluginV2, self).__init__() self.base_binding_dict = { @@ -110,6 +111,7 @@ class N1kvNeutronPluginV2(db_base_plugin_v2.NeutronDbPluginV2, # TODO(rkukura): Replace with new VIF security details portbindings.CAP_PORT_FILTER: 'security-group' in self.supported_extension_aliases}} + network_db_v2.delete_all_n1kv_credentials() c_cred.Store.initialize() self._setup_vsm() self._setup_rpc() diff --git a/neutron/tests/unit/cisco/test_network_db.py b/neutron/tests/unit/cisco/test_network_db.py index ef09c81c2..931f85b5b 100644 --- a/neutron/tests/unit/cisco/test_network_db.py +++ b/neutron/tests/unit/cisco/test_network_db.py @@ -262,6 +262,33 @@ class CiscoNetworkCredentialDbTest(CiscoNetworkDbTest): self._network_plugin.get_credential_details, "dummyCredentialId") + def test_credential_delete_all_n1kv(self): + cred_nexus_1 = self._cred_test_obj('nexus', 1) + cred_nexus_2 = self._cred_test_obj('nexus', 2) + cred_n1kv_1 = self.CredObj('n1kv-1', 'cisco', '123456', 'n1kv') + cred_n1kv_2 = self.CredObj('n1kv-2', 'cisco', '123456', 'n1kv') + cred_nexus_1_id = cdb.add_credential( + cred_nexus_1.cname, cred_nexus_1.usr, + cred_nexus_1.pwd, cred_nexus_1.ctype).credential_id + cred_nexus_2_id = cdb.add_credential( + cred_nexus_2.cname, cred_nexus_2.usr, + cred_nexus_2.pwd, cred_nexus_2.ctype).credential_id + cred_n1kv_1_id = cdb.add_credential( + cred_n1kv_1.cname, cred_n1kv_1.usr, + cred_n1kv_1.pwd, cred_n1kv_1.ctype).credential_id + cred_n1kv_2_id = cdb.add_credential( + cred_n1kv_2.cname, cred_n1kv_2.usr, + cred_n1kv_2.pwd, cred_n1kv_2.ctype).credential_id + cdb.delete_all_n1kv_credentials() + cred = cdb.get_credential(cred_nexus_1_id) + self.assertIsNotNone(cred) + cred = cdb.get_credential(cred_nexus_2_id) + self.assertIsNotNone(cred) + self.assertRaises(c_exc.CredentialNotFound, + cdb.get_credential, cred_n1kv_1_id) + self.assertRaises(c_exc.CredentialNotFound, + cdb.get_credential, cred_n1kv_2_id) + class CiscoCredentialStoreTest(base.BaseTestCase):