openstack
/
nova
Code Issues Proposed changes

Merge "Move additional IP address management to privsep."

This commit is contained in:
Zuul 2019-03-06 10:21:20 +00:00 committed by Gerrit Code Review
parent 6304bcf781 99ad674c26
commit dc1ef24fac
6 changed files with 73 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
nova/network/linux_net.py
View File

@ -775,8 +775,7 @@ def initialize_gateway_device(dev, network_ref):
full_ip = '%s/%s' % (network_ref['dhcp_server'], prefix)
new_ip_params = [[full_ip, 'brd', network_ref['broadcast']]]
old_ip_params = []
out, err = _execute('ip', 'addr', 'show', 'dev', dev,
'scope', 'global')
out, err = nova.privsep.linux_net.lookup_ip(dev)
for line in out.split('\n'):
fields = line.split()
if fields and fields[0] == 'inet':
@ -811,9 +810,7 @@ def initialize_gateway_device(dev, network_ref):
send_arp_for_ip(network_ref['dhcp_server'], dev,
CONF.send_arp_for_ha_count)
if CONF.use_ipv6:
_execute('ip', '-f', 'inet6', 'addr',
'change', network_ref['cidr_v6'],
'dev', dev, run_as_root=True)
nova.privsep.linux_net.change_ip(dev, network_ref['cidr_v6'])
def get_dhcp_leases(context, network_ref):
@ -1451,8 +1448,7 @@ class LinuxBridgeInterfaceDriver(LinuxNetInterfaceDriver):
if fields and 'via' in fields:
old_routes.append(fields)
nova.privsep.linux_net.route_delete_horrid(fields)
out, err = _execute('ip', 'addr', 'show', 'dev', interface,
'scope', 'global')
out, err = nova.privsep.linux_net.lookup_ip(interface)
for line in out.split('\n'):
fields = line.split()
if fields and fields[0] == 'inet':

11
nova/privsep/linux_net.py
View File

@ -141,6 +141,17 @@ def unbind_ip(device, ip):
'dev', device, check_exit_code=[0, 2, 254])
def lookup_ip(device):
return processutils.execute('ip', 'addr', 'show', 'dev', device,
'scope', 'global')
@nova.privsep.sys_admin_pctxt.entrypoint
def change_ip(device, ip):
processutils.execute('ip', '-f', 'inet6', 'addr', 'change', ip,
'dev', device)
@nova.privsep.sys_admin_pctxt.entrypoint
def dhcp_release(dev, address, mac_address):
processutils.execute('dhcp_release', dev, address, mac_address)

2
nova/tests/functional/api_sample_tests/api_sample_base.py
View File

@ -131,6 +131,8 @@ class ApiSampleTestBaseV21(testscenarios.WithScenarios,
self.stub_out('nova.privsep.linux_net.set_device_enabled', fake_noop)
self.stub_out('nova.privsep.linux_net.set_device_macaddr', fake_noop)
self.stub_out('nova.privsep.linux_net.routes_show', fake_noop)
self.stub_out('nova.privsep.linux_net.lookup_ip', fake_noop)
self.stub_out('nova.privsep.linux_net.change_ip', fake_noop)
if self.availability_zones:
self.useFixture(

61
nova/tests/unit/network/test_linux_net.py
View File

@ -594,7 +594,8 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
@mock.patch('nova.privsep.linux_net.set_device_enabled')
@mock.patch('nova.privsep.linux_net.routes_show',
return_value=('fake', 0))
def test_linux_bridge_driver_plug(self, mock_routes_show,
@mock.patch('nova.privsep.linux_net.lookup_ip', return_value=('', ''))
def test_linux_bridge_driver_plug(self, mock_lookup_ip, mock_routes_show,
mock_enabled, mock_add_bridge,
mock_add_rule):
"""Makes sure plug doesn't drop FORWARD by default.
@ -878,12 +879,16 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
@mock.patch('nova.privsep.linux_net.routes_show')
@mock.patch('nova.privsep.linux_net.route_delete')
@mock.patch('nova.privsep.linux_net.route_add_horrid')
def _test_initialize_gateway(self, existing, expected, mock_route_add,
mock_route_delete, mock_routes,
mock_execute, routes='',
@mock.patch('nova.privsep.linux_net.lookup_ip')
@mock.patch('nova.privsep.linux_net.change_ip')
def _test_initialize_gateway(self, existing, expected,
mock_change_ip, mock_lookup_ip,
mock_route_add, mock_route_delete,
mock_routes, mock_execute, routes='',
routes_show_called=True, deleted_routes=None,
added_routes=None):
added_routes=None, changed_interfaces=None):
self.flags(fake_network=False)
mock_lookup_ip.return_value = (existing, '')
executes = []
def fake_execute(*args, **kwargs):
@ -910,6 +915,8 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
mock_route_delete.assert_has_calls(deleted_routes)
if added_routes:
mock_route_add.assert_has_calls(added_routes)
if changed_interfaces:
mock_change_ip.assert_has_calls(changed_interfaces)
def test_initialize_gateway_moves_wrong_ip(self):
existing = ("2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> "
@ -920,17 +927,16 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
" valid_lft forever preferred_lft forever\n")
expected = [
('sysctl', '-n', 'net.ipv4.ip_forward'),
('ip', 'addr', 'show', 'dev', 'eth0', 'scope', 'global'),
('ip', 'addr', 'del', '192.168.0.1/24',
'brd', '192.168.0.255', 'scope', 'global', 'dev', 'eth0'),
('ip', 'addr', 'add', '192.168.1.1/24',
'brd', '192.168.1.255', 'dev', 'eth0'),
('ip', 'addr', 'add', '192.168.0.1/24',
'brd', '192.168.0.255', 'scope', 'global', 'dev', 'eth0'),
('ip', '-f', 'inet6', 'addr', 'change',
'2001:db8::/64', 'dev', 'eth0'),
]
self._test_initialize_gateway(existing, expected)
self._test_initialize_gateway(
existing, expected,
changed_interfaces=[mock.call('eth0', '2001:db8::/64')])
def test_initialize_gateway_ip_with_dynamic_flag(self):
existing = ("2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> "
@ -942,17 +948,16 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
" valid_lft forever preferred_lft forever\n")
expected = [
('sysctl', '-n', 'net.ipv4.ip_forward'),
('ip', 'addr', 'show', 'dev', 'eth0', 'scope', 'global'),
('ip', 'addr', 'del', '192.168.0.1/24',
'brd', '192.168.0.255', 'scope', 'global', 'dev', 'eth0'),
('ip', 'addr', 'add', '192.168.1.1/24',
'brd', '192.168.1.255', 'dev', 'eth0'),
('ip', 'addr', 'add', '192.168.0.1/24',
'brd', '192.168.0.255', 'scope', 'global', 'dev', 'eth0'),
('ip', '-f', 'inet6', 'addr', 'change',
'2001:db8::/64', 'dev', 'eth0'),
]
self._test_initialize_gateway(existing, expected)
self._test_initialize_gateway(
existing, expected,
changed_interfaces=[mock.call('eth0', '2001:db8::/64')])
def test_initialize_gateway_resets_route(self):
routes = ("default via 192.168.0.1 dev eth0\n"
@ -965,15 +970,12 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
" valid_lft forever preferred_lft forever\n")
expected = [
('sysctl', '-n', 'net.ipv4.ip_forward'),
('ip', 'addr', 'show', 'dev', 'eth0', 'scope', 'global'),
('ip', 'addr', 'del', '192.168.0.1/24',
'brd', '192.168.0.255', 'scope', 'global', 'dev', 'eth0'),
('ip', 'addr', 'add', '192.168.1.1/24',
'brd', '192.168.1.255', 'dev', 'eth0'),
('ip', 'addr', 'add', '192.168.0.1/24',
'brd', '192.168.0.255', 'scope', 'global', 'dev', 'eth0'),
('ip', '-f', 'inet6', 'addr', 'change',
'2001:db8::/64', 'dev', 'eth0'),
]
self._test_initialize_gateway(
existing, expected, routes=routes,
@ -983,7 +985,8 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
'dev', 'eth0']),
mock.call(['192.168.100.0/24', 'via',
'192.168.0.254',
'dev', 'eth0', 'proto', 'static'])]
'dev', 'eth0', 'proto', 'static'])],
changed_interfaces=[mock.call('eth0', '2001:db8::/64')]
)
def test_initialize_gateway_no_move_right_ip(self):
@ -996,12 +999,11 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
" valid_lft forever preferred_lft forever\n")
expected = [
('sysctl', '-n', 'net.ipv4.ip_forward'),
('ip', 'addr', 'show', 'dev', 'eth0', 'scope', 'global'),
('ip', '-f', 'inet6', 'addr', 'change',
'2001:db8::/64', 'dev', 'eth0'),
]
self._test_initialize_gateway(existing, expected,
routes_show_called=False)
self._test_initialize_gateway(
existing, expected,
routes_show_called=False,
changed_interfaces=[mock.call('eth0', '2001:db8::/64')])
def test_initialize_gateway_add_if_blank(self):
existing = ("2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> "
@ -1011,13 +1013,12 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
" valid_lft forever preferred_lft forever\n")
expected = [
('sysctl', '-n', 'net.ipv4.ip_forward'),
('ip', 'addr', 'show', 'dev', 'eth0', 'scope', 'global'),
('ip', 'addr', 'add', '192.168.1.1/24',
'brd', '192.168.1.255', 'dev', 'eth0'),
('ip', '-f', 'inet6', 'addr', 'change',
'2001:db8::/64', 'dev', 'eth0'),
]
self._test_initialize_gateway(existing, expected)
self._test_initialize_gateway(
existing, expected,
changed_interfaces=[mock.call('eth0', '2001:db8::/64')])
@mock.patch.object(linux_net, 'ensure_ebtables_rules')
@mock.patch.object(linux_net.iptables_manager, 'apply')
@ -1146,11 +1147,11 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
'_execute': [
mock.call('brctl', 'addif', 'bridge', 'eth0',
run_as_root=True, check_exit_code=False),
mock.call('ip', 'addr', 'show', 'dev', 'eth0', 'scope',
'global'),
]
}
with test.nested(
mock.patch('nova.privsep.linux_net.lookup_ip',
return_value=('', '')),
mock.patch('nova.privsep.linux_net.device_exists',
return_value=True),
mock.patch('nova.privsep.linux_net.set_device_enabled'),
@ -1159,8 +1160,8 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
return_value=('fake', '')),
mock.patch.object(linux_net, '_execute', return_value=('', '')),
mock.patch.object(netifaces, 'ifaddresses')
) as (device_exists, device_enabled, set_device_macaddr, routes_show,
_execute, ifaddresses):
) as (lookup_ip, device_exists, device_enabled, set_device_macaddr,
routes_show, _execute, ifaddresses):
ifaddresses.return_value = fake_ifaces
driver = linux_net.LinuxBridgeInterfaceDriver()
driver.ensure_bridge('bridge', 'eth0')

31
nova/tests/unit/network/test_manager.py
View File

@ -939,7 +939,10 @@ class VlanNetworkTestCase(test.TestCase):
@mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
@mock.patch('nova.privsep.linux_net.set_device_enabled')
@mock.patch('nova.privsep.linux_net.routes_show', return_value=('', ''))
def test_vpn_allocate_fixed_ip(self, mock_routes_show, mock_enabled,
@mock.patch('nova.privsep.linux_net.lookup_ip', return_value=('', ''))
@mock.patch('nova.privsep.linux_net.change_ip')
def test_vpn_allocate_fixed_ip(self, mock_change_ip, mock_lookup_ip,
mock_routes_show, mock_enabled,
mock_add_bridge):
self.mox.StubOutWithMock(db, 'fixed_ip_associate')
self.mox.StubOutWithMock(db, 'fixed_ip_update')
@ -976,7 +979,10 @@ class VlanNetworkTestCase(test.TestCase):
@mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
@mock.patch('nova.privsep.linux_net.set_device_enabled')
@mock.patch('nova.privsep.linux_net.routes_show', return_value=('', ''))
def test_allocate_fixed_ip(self, mock_routes_show, mock_enabled,
@mock.patch('nova.privsep.linux_net.lookup_ip', return_value=('', ''))
@mock.patch('nova.privsep.linux_net.change_ip')
def test_allocate_fixed_ip(self, mock_change_ip, mock_lookup_ip,
mock_routes_show, mock_enabled,
mock_add_bridge):
self.stubs.Set(self.network,
'_do_trigger_security_group_members_refresh_for_instance',
@ -1698,8 +1704,11 @@ class VlanNetworkTestCase(test.TestCase):
@mock.patch('nova.privsep.linux_net.set_device_enabled')
@mock.patch('nova.privsep.linux_net.routes_show',
return_value=('fake', 0))
@mock.patch('nova.privsep.linux_net.lookup_ip', return_value=('', ''))
@mock.patch('nova.privsep.linux_net.change_ip')
def test_add_fixed_ip_instance_without_vpn_requested_networks(
self, mock_routes_show, mock_enabled, mock_add_bridge):
self, mock_change_ip, mock_lookup_ip, mock_routes_show,
mock_enabled, mock_add_bridge):
self.stubs.Set(self.network,
'_do_trigger_security_group_members_refresh_for_instance',
lambda *a, **kw: None)
@ -2852,10 +2861,12 @@ class AllocateTestCase(test.TestCase):
@mock.patch('nova.privsep.linux_net.bind_ip')
@mock.patch('nova.privsep.linux_net.unbind_ip')
@mock.patch('nova.privsep.linux_net.routes_show', return_value=('', ''))
def test_allocate_for_instance(self, mock_routes_show, mock_unbind,
mock_bind, mock_set_macaddr,
mock_set_enabled, mock_set_mtu,
mock_add_bridge):
@mock.patch('nova.privsep.linux_net.lookup_ip', return_value=('', ''))
@mock.patch('nova.privsep.linux_net.change_ip')
def test_allocate_for_instance(self, mock_change_ip, mock_lookup_ip,
mock_routes_show, mock_unbind, mock_bind,
mock_set_macaddr, mock_set_enabled,
mock_set_mtu, mock_add_bridge):
address = "10.10.10.10"
self.flags(auto_assign_floating_ip=True)
@ -2924,7 +2935,11 @@ class AllocateTestCase(test.TestCase):
@mock.patch('nova.privsep.linux_net.set_device_enabled')
@mock.patch('nova.privsep.linux_net.set_device_macaddr')
@mock.patch('nova.privsep.linux_net.routes_show', return_value=('', ''))
def test_allocate_for_instance_with_mac(self, mock_routes_show,
@mock.patch('nova.privsep.linux_net.lookup_ip', return_value=('', ''))
@mock.patch('nova.privsep.linux_net.change_ip')
def test_allocate_for_instance_with_mac(self, mock_change_ip,
mock_lookup_ip,
mock_routes_show,
mock_set_addr, mock_enabled,
mock_set_mtu, mock_add_bridge):
available_macs = set(['ca:fe:de:ad:be:ef'])

5
nova/tests/unit/virt/xenapi/test_xenapi.py
View File

@ -1139,8 +1139,9 @@ class XenAPIVMTestCase(stubs.XenAPITestBase,
@mock.patch('nova.privsep.linux_net.set_device_mtu')
@mock.patch('nova.privsep.linux_net.set_device_enabled')
@mock.patch('nova.privsep.linux_net.set_device_macaddr')
def test_spawn_vlanmanager(self, mock_set_macaddr, mock_set_enabled,
mock_set_mtu, mock_add_bridge,
@mock.patch('nova.privsep.linux_net.change_ip')
def test_spawn_vlanmanager(self, change_ip, mock_set_macaddr,
mock_set_enabled, mock_set_mtu, mock_add_bridge,
mock_create_vifs):
self.flags(network_manager='nova.network.manager.VlanManager',
vlan_interface='fake0')