Merge "Move bridge creation to privsep."
This commit is contained in:
Zuul
Gerrit Code Review
commit
357b8b38e8
@ -1422,8 +1422,7 @@ class LinuxBridgeInterfaceDriver(LinuxNetInterfaceDriver):
|
||||
"""
|
||||
if not linux_net_utils.device_exists(bridge):
|
||||
LOG.debug('Starting Bridge %s', bridge)
|
||||
out, err = _execute('brctl', 'addbr', bridge,
|
||||
check_exit_code=False, run_as_root=True)
|
||||
out, err = nova.privsep.linux_net.add_bridge(bridge)
|
||||
if (err and err != "device %s already exists; can't create "
|
||||
"bridge with the same name\n" % (bridge)):
|
||||
msg = _('Failed to add bridge: %s') % err
|
||||
|
||||
@ -22,6 +22,15 @@ from oslo_concurrency import processutils
|
||||
import nova.privsep
|
||||
|
||||
|
||||
@nova.privsep.sys_admin_pctxt.entrypoint
|
||||
def add_bridge(interface):
|
||||
"""Add a bridge.
|
||||
|
||||
:param interface: the name of the bridge
|
||||
"""
|
||||
processutils.execute('brctl', 'addbr', interface)
|
||||
|
||||
|
||||
@nova.privsep.sys_admin_pctxt.entrypoint
|
||||
def delete_bridge(interface):
|
||||
"""Delete a bridge.
|
||||
|
||||
@ -120,5 +120,10 @@ class ApiSampleTestBaseV21(testscenarios.WithScenarios,
|
||||
# this is used to generate sample docs
|
||||
self.generate_samples = os.getenv('GENERATE_SAMPLES') is not None
|
||||
|
||||
# NOTE(mikal): this is used to stub away privsep helpers
|
||||
def fake_noop(*args, **kwargs):
|
||||
return '', ''
|
||||
self.stub_out('nova.privsep.linux_net.add_bridge', fake_noop)
|
||||
|
||||
def _setup_services(self):
|
||||
pass
|
||||
|
||||
@ -590,21 +590,18 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
|
||||
self.assertEqual(expected, actual)
|
||||
|
||||
@mock.patch.object(linux_net.iptables_manager.ipv4['filter'], 'add_rule')
|
||||
@mock.patch.object(utils, 'execute')
|
||||
def test_linux_bridge_driver_plug(self, mock_execute, mock_add_rule):
|
||||
@mock.patch('nova.privsep.linux_net.add_bridge',
|
||||
return_value=('', ''))
|
||||
def test_linux_bridge_driver_plug(self, mock_add_bridge, mock_add_rule):
|
||||
"""Makes sure plug doesn't drop FORWARD by default.
|
||||
|
||||
Ensures bug 890195 doesn't reappear.
|
||||
"""
|
||||
|
||||
def fake_execute(*args, **kwargs):
|
||||
return "", ""
|
||||
|
||||
def verify_add_rule(chain, rule):
|
||||
self.assertEqual('FORWARD', chain)
|
||||
self.assertIn('ACCEPT', rule)
|
||||
|
||||
mock_execute.side_effect = fake_execute
|
||||
mock_add_rule.side_effect = verify_add_rule
|
||||
|
||||
driver = linux_net.LinuxBridgeInterfaceDriver()
|
||||
@ -1183,7 +1180,7 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
|
||||
with test.nested(
|
||||
mock.patch('nova.network.linux_utils.device_exists',
|
||||
return_value=False),
|
||||
mock.patch.object(linux_net, '_execute', fake_execute)
|
||||
mock.patch('nova.privsep.linux_net.add_bridge', fake_execute)
|
||||
) as (device_exists, _):
|
||||
driver = linux_net.LinuxBridgeInterfaceDriver()
|
||||
driver.ensure_bridge('brq1234567-89', '')
|
||||
|
||||
@ -935,7 +935,8 @@ class VlanNetworkTestCase(test.TestCase):
|
||||
self.assertEqual(objects.QuotasNoOp,
|
||||
self.network.quotas_cls)
|
||||
|
||||
def test_vpn_allocate_fixed_ip(self):
|
||||
@mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
|
||||
def test_vpn_allocate_fixed_ip(self, mock_add_bridge):
|
||||
self.mox.StubOutWithMock(db, 'fixed_ip_associate')
|
||||
self.mox.StubOutWithMock(db, 'fixed_ip_update')
|
||||
self.mox.StubOutWithMock(db,
|
||||
@ -968,7 +969,8 @@ class VlanNetworkTestCase(test.TestCase):
|
||||
self.network.allocate_fixed_ip(self.context, FAKEUUID, network,
|
||||
vpn=True)
|
||||
|
||||
def test_allocate_fixed_ip(self):
|
||||
@mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
|
||||
def test_allocate_fixed_ip(self, mock_add_bridge):
|
||||
self.stubs.Set(self.network,
|
||||
'_do_trigger_security_group_members_refresh_for_instance',
|
||||
lambda *a, **kw: None)
|
||||
@ -1685,7 +1687,9 @@ class VlanNetworkTestCase(test.TestCase):
|
||||
ctxt,
|
||||
mox.IgnoreArg())
|
||||
|
||||
def test_add_fixed_ip_instance_without_vpn_requested_networks(self):
|
||||
@mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
|
||||
def test_add_fixed_ip_instance_without_vpn_requested_networks(
|
||||
self, mock_add_bridge):
|
||||
self.stubs.Set(self.network,
|
||||
'_do_trigger_security_group_members_refresh_for_instance',
|
||||
lambda *a, **kw: None)
|
||||
@ -2829,7 +2833,8 @@ class AllocateTestCase(test.TestCase):
|
||||
self.user_context = context.RequestContext('testuser',
|
||||
fakes.FAKE_PROJECT_ID)
|
||||
|
||||
def test_allocate_for_instance(self):
|
||||
@mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
|
||||
def test_allocate_for_instance(self, mock_add_bridge):
|
||||
address = "10.10.10.10"
|
||||
self.flags(auto_assign_floating_ip=True)
|
||||
|
||||
@ -2893,7 +2898,8 @@ class AllocateTestCase(test.TestCase):
|
||||
project_id=self.context.project_id, macs=None,
|
||||
requested_networks=requested_networks)
|
||||
|
||||
def test_allocate_for_instance_with_mac(self):
|
||||
@mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
|
||||
def test_allocate_for_instance_with_mac(self, mock_add_bridge):
|
||||
available_macs = set(['ca:fe:de:ad:be:ef'])
|
||||
inst = db.instance_create(self.context, {'host': HOST,
|
||||
'display_name': HOST,
|
||||
|
||||
@ -1135,7 +1135,8 @@ class XenAPIVMTestCase(stubs.XenAPITestBase,
|
||||
mock.ANY)
|
||||
|
||||
@mock.patch.object(vmops.VMOps, '_create_vifs')
|
||||
def test_spawn_vlanmanager(self, mock_create_vifs):
|
||||
@mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
|
||||
def test_spawn_vlanmanager(self, mock_add_bridge, mock_create_vifs):
|
||||
self.flags(network_manager='nova.network.manager.VlanManager',
|
||||
vlan_interface='fake0')
|
||||
# Reset network table
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user