Browse Source

Use os-xenapi for neutron when XenServer as hypervisor

We have made os-xenapi repository to deal with XenServer Dom0
specific functions, this patch is to change neutron to use
os-xenapi when XenServer is hypervisor and move the building
RPM scripts into os-xenapi repo

Depends-On: I8a31c81d9475387fe4ed7030b70b26098e588771

Change-Id: Ia958c366189386b1b5abbadbb4d74950aaa23bb2
tags/11.0.0.0b1
Huan Xie 3 years ago
parent
commit
bc23e29423

+ 5
- 2
bin/neutron-rootwrap-xen-dom0 View File

@@ -30,7 +30,7 @@ import os
import select
import sys

import XenAPI
from os_xenapi.client import XenAPI


RC_UNAUTHORIZED = 99
@@ -116,7 +116,7 @@ def run_command(url, username, password, user_args, cmd_input):
try:
host = session.xenapi.session.get_this_host(session.handle)
result = session.xenapi.host.call_plugin(
host, 'netwrap', 'run_command',
host, 'netwrap.py', 'run_command',
{'cmd': json.dumps(user_args), 'cmd_input': json.dumps(cmd_input)})
result_dict = json.loads(result)
returncode = result_dict.get('returncode')
@@ -133,6 +133,9 @@ def run_command(url, username, password, user_args, cmd_input):


def main():
# Deprecated: This script is deprecated and will be deleted in next release
sys.stderr.write("Deprecated: neutron-rootwrap-xen-dom0 is deprecated, "
"will be deleted in next release.")
exec_name, config_file, user_args = parse_args()
config = load_configuration(exec_name, config_file)
filter_command(exec_name, config['filters_path'], user_args, config['exec_dirs'])

+ 11
- 38
neutron/agent/linux/xenapi_root_helper.py View File

@@ -22,6 +22,8 @@ in dom0 via calling XenAPI plugin. The XenAPI plugin is responsible to
determine whether a command is safe to execute.
"""

from os_xenapi.client import session
from os_xenapi.client import XenAPI
from oslo_config import cfg
from oslo_log import log as logging
from oslo_rootwrap import cmd as oslo_rootwrap_cmd
@@ -44,19 +46,17 @@ xenapi_conf.register_xenapi_opts(cfg.CONF)

class XenAPIClient(object):
def __init__(self):
self._session = None
self._host = None
self._XenAPI = None
self._session = self._create_session(
cfg.CONF.xenapi.connection_url,
cfg.CONF.xenapi.connection_username,
cfg.CONF.xenapi.connection_password)

def _call_plugin(self, plugin, fn, args):
host = self._this_host()
return self.get_session().xenapi.host.call_plugin(
host, plugin, fn, args)
return self._session.call_plugin(plugin, fn, args)

def _create_session(self, url, username, password):
session = self._get_XenAPI().Session(url)
session.login_with_password(username, password)
return session
return session.XenAPISession(url, username, password,
originator="neutron")

def _get_return_code(self, failure_details):
# The details will be as:
@@ -71,20 +71,6 @@ class XenAPIClient(object):
# otherwise we get unexpected exception.
return RC_UNKNOWN_XENAPI_ERROR

def _get_XenAPI(self):
# Delay importing XenAPI as this module may not exist
# for non-XenServer hypervisors.
if self._XenAPI is None:
import XenAPI
self._XenAPI = XenAPI
return self._XenAPI

def _this_host(self):
if not self._host:
session = self.get_session()
self._host = session.xenapi.session.get_this_host(session.handle)
return self._host

def execute(self, cmd, stdin=None):
out = ""
err = ""
@@ -93,7 +79,7 @@ class XenAPIClient(object):
return oslo_rootwrap_cmd.RC_NOCOMMAND, out, err
try:
result_raw = self._call_plugin(
'netwrap', 'run_command',
'netwrap.py', 'run_command',
{'cmd': jsonutils.dumps(cmd),
'cmd_input': jsonutils.dumps(stdin)})
result = jsonutils.loads(result_raw)
@@ -101,20 +87,7 @@ class XenAPIClient(object):
out = result['out']
err = result['err']
return returncode, out, err
except self._get_XenAPI().Failure as failure:
except XenAPI.Failure as failure:
LOG.exception(_LE('Failed to execute command: %s'), cmd)
returncode = self._get_return_code(failure.details)
return returncode, out, err

def get_session(self):
if self._session is None:
url = cfg.CONF.xenapi.connection_url
username = cfg.CONF.xenapi.connection_username
password = cfg.CONF.xenapi.connection_password
try:
self._session = self._create_session(url, username, password)
except Exception:
# Shouldn't reach here, otherwise it's a fatal error.
LOG.exception(_LE("Failed to initiate XenAPI session"))
raise SystemExit(1)
return self._session

+ 0
- 16
neutron/plugins/ml2/drivers/openvswitch/agent/xenapi/README View File

@@ -1,16 +0,0 @@
This directory contains files that are required for the XenAPI support.
They should be installed in the XenServer / Xen Cloud Platform dom0.

If you install them manually, you will need to ensure that the newly
added files are executable. You can do this by running the following
command (from dom0):

chmod a+x /etc/xapi.d/plugins/*

Otherwise, you can build an rpm by running the following command:

./contrib/build-rpm.sh

and install the rpm by running the following command (from dom0):

rpm -i openstack-neutron-xen-plugins.rpm

+ 0
- 34
neutron/plugins/ml2/drivers/openvswitch/agent/xenapi/contrib/build-rpm.sh View File

@@ -1,34 +0,0 @@
#!/usr/bin/env bash

set -eux

thisdir=$(dirname $(readlink -f "$0"))
export NEUTRON_ROOT="$thisdir/../../../../../../"
export PYTHONPATH=$NEUTRON_ROOT

cd $NEUTRON_ROOT
VERSION=$(sh -c "(cat $NEUTRON_ROOT/neutron/version.py; \
echo 'print version_info.release_string()') | \
python")
cd -

PACKAGE=openstack-neutron-xen-plugins
RPMBUILD_DIR=$PWD/rpmbuild
if [ ! -d $RPMBUILD_DIR ]; then
echo $RPMBUILD_DIR is missing
exit 1
fi

for dir in BUILD BUILDROOT SRPMS RPMS SOURCES; do
rm -rf $RPMBUILD_DIR/$dir
mkdir -p $RPMBUILD_DIR/$dir
done

rm -rf /tmp/$PACKAGE
mkdir /tmp/$PACKAGE
cp -r ../etc/xapi.d /tmp/$PACKAGE
tar czf $RPMBUILD_DIR/SOURCES/$PACKAGE.tar.gz -C /tmp $PACKAGE

rpmbuild -ba --nodeps --define "_topdir $RPMBUILD_DIR" \
--define "version $VERSION" \
$RPMBUILD_DIR/SPECS/$PACKAGE.spec

+ 0
- 30
neutron/plugins/ml2/drivers/openvswitch/agent/xenapi/contrib/rpmbuild/SPECS/openstack-quantum-xen-plugins.spec View File

@@ -1,30 +0,0 @@
Name: openstack-neutron-xen-plugins
Version: %{version}
Release: 1
Summary: Files for XenAPI support.
License: ASL 2.0
Group: Applications/Utilities
Source0: openstack-neutron-xen-plugins.tar.gz
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

%define debug_package %{nil}

%description
This package contains files that are required for XenAPI support for Neutron.

%prep
%setup -q -n openstack-neutron-xen-plugins

%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/etc
cp -r xapi.d $RPM_BUILD_ROOT/etc
chmod a+x $RPM_BUILD_ROOT/etc/xapi.d/plugins/*

%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root,-)
/etc/xapi.d/plugins/*

+ 0
- 94
neutron/plugins/ml2/drivers/openvswitch/agent/xenapi/etc/xapi.d/plugins/netwrap View File

@@ -1,94 +0,0 @@
#!/usr/bin/env python

# Copyright 2012 OpenStack Foundation
# Copyright 2012 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

#
# XenAPI plugin for executing network commands (ovs, iptables, etc) on dom0
#

import errno
import gettext
gettext.install('neutron', unicode=1)
try:
import json
except ImportError:
import simplejson as json
import subprocess

import XenAPIPlugin


MSG_UNAUTHORIZED = "Unauthorized command"
MSG_NOT_FOUND = "Executable not found"

ALLOWED_CMDS = [
'ip',
'ipset',
'iptables-save',
'iptables-restore',
'ip6tables-save',
'ip6tables-restore',
'sysctl',
# NOTE(yamamoto): of_interface=native doesn't use ovs-ofctl
'ovs-ofctl',
'ovs-vsctl',
'ovsdb-client',
'conntrack',
]


class PluginError(Exception):
"""Base Exception class for all plugin errors."""
def __init__(self, *args):
Exception.__init__(self, *args)

def _run_command(cmd, cmd_input):
"""Abstracts out the basics of issuing system commands. If the command
returns anything in stderr, a PluginError is raised with that information.
Otherwise, the output from stdout is returned.
"""
try:
pipe = subprocess.PIPE
proc = subprocess.Popen(cmd, shell=False, stdin=pipe, stdout=pipe,
stderr=pipe, close_fds=True)
except OSError, e:
if e.errno == errno.ENOENT:
raise PluginError(MSG_NOT_FOUND)
(out, err) = proc.communicate(cmd_input)
return proc.returncode, out, err


def run_command(session, args):
cmd = json.loads(args.get('cmd'))
if cmd and cmd[0] not in ALLOWED_CMDS:
raise PluginError(MSG_UNAUTHORIZED)
returncode, out, err = _run_command(
cmd, json.loads(args.get('cmd_input', 'null')))
if not err:
err = ""
if not out:
out = ""
# This runs in Dom0, will return to neutron-ovs-agent in compute node
result = {'returncode': returncode,
'out': out,
'err': err}
return json.dumps(result)


if __name__ == "__main__":
XenAPIPlugin.dispatch({"run_command": run_command})

+ 6
- 3
neutron/tests/unit/agent/linux/test_utils.py View File

@@ -41,9 +41,12 @@ class AgentUtilsExecuteTest(base.BaseTestCase):
def test_xenapi_root_helper(self):
token = utils.xenapi_root_helper.ROOT_HELPER_DAEMON_TOKEN
self.config(group='AGENT', root_helper_daemon=token)
cmd_client = utils.RootwrapDaemonHelper.get_client()
self.assertIsInstance(cmd_client,
utils.xenapi_root_helper.XenAPIClient)
with mock.patch(
'neutron.agent.linux.utils.xenapi_root_helper.XenAPIClient')\
as mock_xenapi_class:
mock_client = mock_xenapi_class.return_value
cmd_client = utils.RootwrapDaemonHelper.get_client()
self.assertEqual(cmd_client, mock_client)

def test_without_helper(self):
expected = "%s\n" % self.test_file

+ 2
- 10
neutron/tests/unit/agent/linux/test_xenapi_root_helper.py View File

@@ -25,9 +25,7 @@ class TestXenapiRootHelper(base.BaseTestCase):
def _get_fake_xenapi_client(self):
class FakeXenapiClient(helper.XenAPIClient):
def __init__(self):
super(FakeXenapiClient, self).__init__()
# Mock XenAPI which may not exist in the unit test env.
self.XenAPI = mock.MagicMock()
self._session = mock.MagicMock()

return FakeXenapiClient()

@@ -75,7 +73,7 @@ class TestXenapiRootHelper(base.BaseTestCase):
rc, out, err = xenapi_client.execute(cmd)

mock_call_plugin.assert_called_once_with(
'netwrap', 'run_command', expect_cmd_args)
'netwrap.py', 'run_command', expect_cmd_args)
self.assertEqual(0, rc)
self.assertEqual("vif158.2", out)
self.assertEqual("", err)
@@ -85,9 +83,3 @@ class TestXenapiRootHelper(base.BaseTestCase):
xenapi_client = self._get_fake_xenapi_client()
rc, out, err = xenapi_client.execute(cmd)
self.assertEqual(oslo_rootwrap_cmd.RC_NOCOMMAND, rc)

def test_get_session_except(self):
xenapi_client = self._get_fake_xenapi_client()
with mock.patch.object(helper.XenAPIClient, "_create_session",
side_effect=Exception()):
self.assertRaises(SystemExit, xenapi_client.get_session)

+ 5
- 0
releasenotes/notes/deprecate-neutron-rootwrap-xen-dom0-124ee3647beecc17.yaml View File

@@ -0,0 +1,5 @@
---
deprecations:
- Now that rootwrap daemon mode is supported for XenServer, the
``neutron-rootwrap-xen-dom0`` script is deprecated and will be removed
in a next release.

+ 1
- 0
requirements.txt View File

@@ -50,3 +50,4 @@ weakrefmethod>=1.0.2;python_version=='2.7' # PSF

python-novaclient>=7.1.0 # Apache-2.0
python-designateclient>=1.5.0 # Apache-2.0
os-xenapi>=0.1.1 # Apache-2.0

Loading…
Cancel
Save