openstack/nova
Code Issues Proposed changes

Remove old legacy network info model in libvirt driver

Browse Source 
Update libvirt driver, virt firewall and hypervisor unit tests to
use nova.network.model instead of legacy "network,mapping" tuple.

Partly implement blueprint nova-network-legacy

Co-author: Amir Sadoughi<amir.sadoughi@gmail.com>
Change-Id: I4d38bb81a4f64efdb78f5da52fbbb382981e0b96
This commit is contained in:
Yaguang Tang
2013-07-25 00:43:22 +08:00
parent 122ef5c385
commit f070f08954
10 changed files with 521 additions and 492 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nova/tests/fake_network.py
View File

@@ -57,7 +57,7 @@ class FakeVIFDriver(object):
def setattr(self, key, val): def setattr(self, key, val):
self.__setattr__(key, val) self.__setattr__(key, val)
def get_config(self, instance, network, mapping, image_meta, inst_type): def get_config(self, instance, vif, image_meta, inst_type):
conf = libvirt_config.LibvirtConfigGuestInterface() conf = libvirt_config.LibvirtConfigGuestInterface()
for attr, val in conf.__dict__.iteritems(): for attr, val in conf.__dict__.iteritems():

2
nova/tests/utils.py
View File

@@ -133,7 +133,7 @@ def get_test_network_info(count=1, legacy_model=True):
ips=[network_model.IP(fake_ip), ips=[network_model.IP(fake_ip),
network_model.IP(fake_ip)], network_model.IP(fake_ip)],
routes=None, routes=None,
dhcp_server=network_model.IP(fake_ip)) dhcp_server=fake_ip)
subnet_6 = network_model.Subnet(cidr=fake_ip, subnet_6 = network_model.Subnet(cidr=fake_ip,
gateway=network_model.IP(fake_ip), gateway=network_model.IP(fake_ip),
ips=[network_model.IP(fake_ip), ips=[network_model.IP(fake_ip),

133
nova/tests/virt/libvirt/test_libvirt.py
View File

@@ -454,7 +454,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
cfg = conn.get_guest_config(instance_ref, cfg = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(cfg.acpi, True) self.assertEquals(cfg.acpi, True)
self.assertEquals(cfg.apic, True) self.assertEquals(cfg.apic, True)
@@ -501,7 +502,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
cfg = conn.get_guest_config(instance_ref, cfg = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 2), _fake_network_info(self.stubs, 2,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(cfg.acpi, True) self.assertEquals(cfg.acpi, True)
self.assertEquals(cfg.memory, 1024 * 1024 * 2) self.assertEquals(cfg.memory, 1024 * 1024 * 2)
@@ -772,7 +774,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
conf = conn.get_guest_config(instance_ref, conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(conf.cpu, None) self.assertEquals(conf.cpu, None)
@@ -792,7 +795,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
conf = conn.get_guest_config(instance_ref, conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(type(conf.cpu), self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU) vconfig.LibvirtConfigGuestCPU)
@@ -809,7 +813,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
conf = conn.get_guest_config(instance_ref, conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(conf.cpu, None) self.assertEquals(conf.cpu, None)
@@ -823,7 +828,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
conf = conn.get_guest_config(instance_ref, conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(conf.cpu, None) self.assertEquals(conf.cpu, None)
@@ -841,7 +847,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
conf = conn.get_guest_config(instance_ref, conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(type(conf.cpu), self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU) vconfig.LibvirtConfigGuestCPU)
@@ -862,7 +869,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
conf = conn.get_guest_config(instance_ref, conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(type(conf.cpu), self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU) vconfig.LibvirtConfigGuestCPU)
@@ -884,7 +892,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
conf = conn.get_guest_config(instance_ref, conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(type(conf.cpu), self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU) vconfig.LibvirtConfigGuestCPU)
@@ -907,7 +916,8 @@ class LibvirtConnTestCase(test.TestCase):
self.assertRaises(exception.NovaException, self.assertRaises(exception.NovaException,
conn.get_guest_config, conn.get_guest_config,
instance_ref, instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, None,
disk_info) disk_info)
@@ -942,7 +952,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
conf = conn.get_guest_config(instance_ref, conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(type(conf.cpu), self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU) vconfig.LibvirtConfigGuestCPU)
@@ -968,7 +979,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
conf = conn.get_guest_config(instance_ref, conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1), _fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info) None, disk_info)
self.assertEquals(type(conf.cpu), self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU) vconfig.LibvirtConfigGuestCPU)
@@ -1865,7 +1877,8 @@ class LibvirtConnTestCase(test.TestCase):
def test_multi_nic(self): def test_multi_nic(self):
instance_data = dict(self.test_instance) instance_data = dict(self.test_instance)
network_info = _fake_network_info(self.stubs, 2) network_info = _fake_network_info(self.stubs, 2,
spectacular=True)
conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True) conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
instance_ref = db.instance_create(self.context, instance_data) instance_ref = db.instance_create(self.context, instance_data)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
@@ -1886,7 +1899,8 @@ class LibvirtConnTestCase(test.TestCase):
self.assertEquals(conn.uri(), 'lxc:///') self.assertEquals(conn.uri(), 'lxc:///')
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1,
spectacular=True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
xml = conn.to_xml(instance_ref, network_info, disk_info) xml = conn.to_xml(instance_ref, network_info, disk_info)
@@ -1940,7 +1954,8 @@ class LibvirtConnTestCase(test.TestCase):
self.flags(libvirt_disk_prefix=prefix) self.flags(libvirt_disk_prefix=prefix)
conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True) conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1,
spectacular=True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref) instance_ref)
xml = conn.to_xml(instance_ref, network_info, disk_info) xml = conn.to_xml(instance_ref, network_info, disk_info)
@@ -1974,7 +1989,7 @@ class LibvirtConnTestCase(test.TestCase):
user_context = context.RequestContext(self.user_id, self.project_id) user_context = context.RequestContext(self.user_id, self.project_id)
instance_ref = db.instance_create(user_context, self.test_instance) instance_ref = db.instance_create(user_context, self.test_instance)
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
drv = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True) drv = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
@@ -2002,7 +2017,7 @@ class LibvirtConnTestCase(test.TestCase):
block_device_info, wantConfig): block_device_info, wantConfig):
user_context = context.RequestContext(self.user_id, self.project_id) user_context = context.RequestContext(self.user_id, self.project_id)
instance_ref = db.instance_create(user_context, self.test_instance) instance_ref = db.instance_create(user_context, self.test_instance)
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
drv = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True) drv = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
@@ -2031,7 +2046,7 @@ class LibvirtConnTestCase(test.TestCase):
def _check_xml_and_uuid(self, image_meta): def _check_xml_and_uuid(self, image_meta):
user_context = context.RequestContext(self.user_id, self.project_id) user_context = context.RequestContext(self.user_id, self.project_id)
instance_ref = db.instance_create(user_context, self.test_instance) instance_ref = db.instance_create(user_context, self.test_instance)
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
drv = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True) drv = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
@@ -2188,7 +2203,7 @@ class LibvirtConnTestCase(test.TestCase):
self.assertEquals(conn.uri(), expected_uri) self.assertEquals(conn.uri(), expected_uri)
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type, disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref, instance_ref,
rescue=rescue) rescue=rescue)
@@ -2208,8 +2223,8 @@ class LibvirtConnTestCase(test.TestCase):
(check(tree), expected_result, i)) (check(tree), expected_result, i))
filterref = './devices/interface/filterref' filterref = './devices/interface/filterref'
(network, mapping) = network_info[0] vif = network_info[0]
nic_id = mapping['mac'].replace(':', '') nic_id = vif['address'].replace(':', '')
fw = firewall.NWFilterFirewall(fake.FakeVirtAPI(), conn) fw = firewall.NWFilterFirewall(fake.FakeVirtAPI(), conn)
instance_filter_name = fw._instance_filter_name(instance_ref, instance_filter_name = fw._instance_filter_name(instance_ref,
nic_id) nic_id)
@@ -2250,7 +2265,7 @@ class LibvirtConnTestCase(test.TestCase):
# _fake_network_info must be called before create_fake_libvirt_mock(), # _fake_network_info must be called before create_fake_libvirt_mock(),
# as _fake_network_info calls importutils.import_class() and # as _fake_network_info calls importutils.import_class() and
# create_fake_libvirt_mock() mocks importutils.import_class(). # create_fake_libvirt_mock() mocks importutils.import_class().
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.create_fake_libvirt_mock() self.create_fake_libvirt_mock()
instance_ref = db.instance_create(self.context, self.test_instance) instance_ref = db.instance_create(self.context, self.test_instance)
@@ -2768,7 +2783,7 @@ class LibvirtConnTestCase(test.TestCase):
# _fake_network_info must be called before create_fake_libvirt_mock(), # _fake_network_info must be called before create_fake_libvirt_mock(),
# as _fake_network_info calls importutils.import_class() and # as _fake_network_info calls importutils.import_class() and
# create_fake_libvirt_mock() mocks importutils.import_class(). # create_fake_libvirt_mock() mocks importutils.import_class().
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.create_fake_libvirt_mock(getLibVersion=fake_getLibVersion, self.create_fake_libvirt_mock(getLibVersion=fake_getLibVersion,
getCapabilities=fake_getCapabilities, getCapabilities=fake_getCapabilities,
getVersion=lambda: 1005001) getVersion=lambda: 1005001)
@@ -4615,9 +4630,8 @@ class IptablesFirewallTestCase(test.TestCase):
self.stubs.Set(compute_utils, 'get_nw_info_for_instance', self.stubs.Set(compute_utils, 'get_nw_info_for_instance',
lambda instance: network_model) lambda instance: network_model)
network_info = network_model.legacy() self.fw.prepare_instance_filter(instance_ref, network_model)
self.fw.prepare_instance_filter(instance_ref, network_info) self.fw.apply_instance_filter(instance_ref, network_model)
self.fw.apply_instance_filter(instance_ref, network_info)
in_rules = filter(lambda l: not l.startswith('#'), in_rules = filter(lambda l: not l.startswith('#'),
self.in_rules) self.in_rules)
@@ -4674,14 +4688,14 @@ class IptablesFirewallTestCase(test.TestCase):
def test_filters_for_instance_with_ip_v6(self): def test_filters_for_instance_with_ip_v6(self):
self.flags(use_ipv6=True) self.flags(use_ipv6=True)
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info) rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info)
self.assertEquals(len(rulesv4), 2) self.assertEquals(len(rulesv4), 2)
self.assertEquals(len(rulesv6), 1) self.assertEquals(len(rulesv6), 1)
def test_filters_for_instance_without_ip_v6(self): def test_filters_for_instance_without_ip_v6(self):
self.flags(use_ipv6=False) self.flags(use_ipv6=False)
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info) rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info)
self.assertEquals(len(rulesv4), 2) self.assertEquals(len(rulesv4), 2)
self.assertEquals(len(rulesv6), 0) self.assertEquals(len(rulesv6), 0)
@@ -4694,7 +4708,9 @@ class IptablesFirewallTestCase(test.TestCase):
networks_count = 5 networks_count = 5
instance_ref = self._create_instance_ref() instance_ref = self._create_instance_ref()
network_info = _fake_network_info(self.stubs, networks_count, network_info = _fake_network_info(self.stubs, networks_count,
ipv4_addr_per_network) ipv4_addr_per_network, spectacular=True)
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = \
'1.1.1.1'
ipv4_len = len(self.fw.iptables.ipv4['filter'].rules) ipv4_len = len(self.fw.iptables.ipv4['filter'].rules)
ipv6_len = len(self.fw.iptables.ipv6['filter'].rules) ipv6_len = len(self.fw.iptables.ipv6['filter'].rules)
inst_ipv4, inst_ipv6 = self.fw.instance_rules(instance_ref, inst_ipv4, inst_ipv6 = self.fw.instance_rules(instance_ref,
@@ -4743,7 +4759,7 @@ class IptablesFirewallTestCase(test.TestCase):
self.fw.nwfilter._conn.nwfilterLookupByName = _lookup_name self.fw.nwfilter._conn.nwfilterLookupByName = _lookup_name
instance_ref = self._create_instance_ref() instance_ref = self._create_instance_ref()
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.fw.setup_basic_filtering(instance_ref, network_info) self.fw.setup_basic_filtering(instance_ref, network_info)
self.fw.prepare_instance_filter(instance_ref, network_info) self.fw.prepare_instance_filter(instance_ref, network_info)
self.fw.apply_instance_filter(instance_ref, network_info) self.fw.apply_instance_filter(instance_ref, network_info)
@@ -4763,7 +4779,7 @@ class IptablesFirewallTestCase(test.TestCase):
# create a firewall via setup_basic_filtering like libvirt_conn.spawn # create a firewall via setup_basic_filtering like libvirt_conn.spawn
# should have a chain with 0 rules # should have a chain with 0 rules
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.fw.setup_basic_filtering(instance_ref, network_info) self.fw.setup_basic_filtering(instance_ref, network_info)
self.assertTrue('provider' in self.fw.iptables.ipv4['filter'].chains) self.assertTrue('provider' in self.fw.iptables.ipv4['filter'].chains)
rules = [rule for rule in self.fw.iptables.ipv4['filter'].rules rules = [rule for rule in self.fw.iptables.ipv4['filter'].rules
@@ -4926,32 +4942,40 @@ class NWFilterTestCase(test.TestCase):
mac.translate(None, ':')) mac.translate(None, ':'))
requiredlist = ['no-arp-spoofing', 'no-ip-spoofing', requiredlist = ['no-arp-spoofing', 'no-ip-spoofing',
'no-mac-spoofing'] 'no-mac-spoofing']
required_not_list = []
if allow_dhcp: if allow_dhcp:
requiredlist.append('allow-dhcp-server') requiredlist.append('allow-dhcp-server')
else:
required_not_list.append('allow-dhcp-server')
for required in requiredlist: for required in requiredlist:
self.assertTrue(required in self.assertTrue(required in
self.recursive_depends[instance_filter], self.recursive_depends[instance_filter],
"Instance's filter does not include %s" % "Instance's filter does not include %s" %
required) required)
for required_not in required_not_list:
self.assertFalse(required_not in
self.recursive_depends[instance_filter],
"Instance filter includes %s" % required_not)
self.security_group = self.setup_and_return_security_group() self.security_group = self.setup_and_return_security_group()
db.instance_add_security_group(self.context, inst_uuid, db.instance_add_security_group(self.context, inst_uuid,
self.security_group['id']) self.security_group['id'])
instance = db.instance_get(self.context, inst_id) instance = db.instance_get(self.context, inst_id)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
network_info = _fake_network_info(self.stubs, 1)
# since there is one (network_info) there is one vif # since there is one (network_info) there is one vif
# pass this vif's mac to _ensure_all_called() # pass this vif's mac to _ensure_all_called()
# to set the instance_filter properly # to set the instance_filter properly
mac = network_info[0][1]['mac'] mac = network_info[0]['address']
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = \
'1.1.1.1'
self.fw.setup_basic_filtering(instance, network_info)
allow_dhcp = True
_ensure_all_called(mac, allow_dhcp)
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = None
self.fw.setup_basic_filtering(instance, network_info) self.fw.setup_basic_filtering(instance, network_info)
allow_dhcp = False allow_dhcp = False
for (network, mapping) in network_info:
if mapping['dhcp_server']:
allow_dhcp = True
break
_ensure_all_called(mac, allow_dhcp) _ensure_all_called(mac, allow_dhcp)
db.instance_remove_security_group(self.context, inst_uuid, db.instance_remove_security_group(self.context, inst_uuid,
self.security_group['id']) self.security_group['id'])
@@ -4976,7 +5000,7 @@ class NWFilterTestCase(test.TestCase):
instance = db.instance_get(self.context, inst_id) instance = db.instance_get(self.context, inst_id)
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.fw.setup_basic_filtering(instance, network_info) self.fw.setup_basic_filtering(instance, network_info)
original_filter_count = len(fakefilter.filters) original_filter_count = len(fakefilter.filters)
self.fw.unfilter_instance(instance, network_info) self.fw.unfilter_instance(instance, network_info)
@@ -5002,11 +5026,11 @@ class NWFilterTestCase(test.TestCase):
instance = db.instance_get(self.context, inst_id) instance = db.instance_get(self.context, inst_id)
network_info = _fake_network_info(self.stubs, 1) network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.fw.setup_basic_filtering(instance, network_info) self.fw.setup_basic_filtering(instance, network_info)
(network, mapping) = network_info[0] vif = network_info[0]
nic_id = mapping['mac'].replace(':', '') nic_id = vif['address'].replace(':', '')
instance_filter_name = self.fw._instance_filter_name(instance, nic_id) instance_filter_name = self.fw._instance_filter_name(instance, nic_id)
f = fakefilter.nwfilterLookupByName(instance_filter_name) f = fakefilter.nwfilterLookupByName(instance_filter_name)
tree = etree.fromstring(f.xml) tree = etree.fromstring(f.xml)
@@ -5014,29 +5038,30 @@ class NWFilterTestCase(test.TestCase):
for fref in tree.findall('filterref'): for fref in tree.findall('filterref'):
parameters = fref.findall('./parameter') parameters = fref.findall('./parameter')
for parameter in parameters: for parameter in parameters:
subnet_v4, subnet_v6 = vif['network']['subnets']
if parameter.get('name') == 'IP': if parameter.get('name') == 'IP':
self.assertTrue(_ipv4_like(parameter.get('value'), self.assertTrue(_ipv4_like(parameter.get('value'),
'192.168')) '192.168'))
elif parameter.get('name') == 'DHCPSERVER': elif parameter.get('name') == 'DHCPSERVER':
dhcp_server = mapping['dhcp_server'] dhcp_server = subnet_v4.get('dhcp_server')
self.assertEqual(parameter.get('value'), dhcp_server) self.assertEqual(parameter.get('value'), dhcp_server)
elif parameter.get('name') == 'RASERVER': elif parameter.get('name') == 'RASERVER':
ra_server = mapping.get('gateway_v6') + "/128" ra_server = subnet_v6['gateway']['address'] + "/128"
self.assertEqual(parameter.get('value'), ra_server) self.assertEqual(parameter.get('value'), ra_server)
elif parameter.get('name') == 'PROJNET': elif parameter.get('name') == 'PROJNET':
ipv4_cidr = network['cidr'] ipv4_cidr = subnet_v4['cidr']
net, mask = netutils.get_net_and_mask(ipv4_cidr) net, mask = netutils.get_net_and_mask(ipv4_cidr)
self.assertEqual(parameter.get('value'), net) self.assertEqual(parameter.get('value'), net)
elif parameter.get('name') == 'PROJMASK': elif parameter.get('name') == 'PROJMASK':
ipv4_cidr = network['cidr'] ipv4_cidr = subnet_v4['cidr']
net, mask = netutils.get_net_and_mask(ipv4_cidr) net, mask = netutils.get_net_and_mask(ipv4_cidr)
self.assertEqual(parameter.get('value'), mask) self.assertEqual(parameter.get('value'), mask)
elif parameter.get('name') == 'PROJNET6': elif parameter.get('name') == 'PROJNET6':
ipv6_cidr = network['cidr_v6'] ipv6_cidr = subnet_v6['cidr']
net, prefix = netutils.get_net_and_prefixlen(ipv6_cidr) net, prefix = netutils.get_net_and_prefixlen(ipv6_cidr)
self.assertEqual(parameter.get('value'), net) self.assertEqual(parameter.get('value'), net)
elif parameter.get('name') == 'PROJMASK6': elif parameter.get('name') == 'PROJMASK6':
ipv6_cidr = network['cidr_v6'] ipv6_cidr = subnet_v6['cidr']
net, prefix = netutils.get_net_and_prefixlen(ipv6_cidr) net, prefix = netutils.get_net_and_prefixlen(ipv6_cidr)
self.assertEqual(parameter.get('value'), prefix) self.assertEqual(parameter.get('value'), prefix)
else: else:
@@ -5716,11 +5741,13 @@ class LibvirtDriverTestCase(test.TestCase):
self.mox.StubOutWithMock(self.libvirtconnection, "_cleanup_resize") self.mox.StubOutWithMock(self.libvirtconnection, "_cleanup_resize")
self.libvirtconnection._cleanup_resize(ins_ref, self.libvirtconnection._cleanup_resize(ins_ref,
_fake_network_info(self.stubs, 1)) _fake_network_info(self.stubs, 1,
spectacular=True))
self.mox.ReplayAll() self.mox.ReplayAll()
self.libvirtconnection.confirm_migration("migration_ref", ins_ref, self.libvirtconnection.confirm_migration("migration_ref", ins_ref,
_fake_network_info(self.stubs, 1)) _fake_network_info(self.stubs, 1,
spectacular=True))
def test_cleanup_resize_same_host(self): def test_cleanup_resize_same_host(self):
ins_ref = self._create_instance({'host': CONF.host}) ins_ref = self._create_instance({'host': CONF.host})
@@ -5736,7 +5763,8 @@ class LibvirtDriverTestCase(test.TestCase):
self.mox.ReplayAll() self.mox.ReplayAll()
self.libvirtconnection._cleanup_resize(ins_ref, self.libvirtconnection._cleanup_resize(ins_ref,
_fake_network_info(self.stubs, 1)) _fake_network_info(self.stubs, 1,
spectacular=True))
def test_cleanup_resize_not_same_host(self): def test_cleanup_resize_not_same_host(self):
host = 'not' + CONF.host host = 'not' + CONF.host
@@ -5768,7 +5796,8 @@ class LibvirtDriverTestCase(test.TestCase):
self.mox.ReplayAll() self.mox.ReplayAll()
self.libvirtconnection._cleanup_resize(ins_ref, self.libvirtconnection._cleanup_resize(ins_ref,
_fake_network_info(self.stubs, 1)) _fake_network_info(self.stubs, 1,
spectacular=True))
def test_get_instance_disk_info_exception(self): def test_get_instance_disk_info_exception(self):
instance_name = "fake-instance-name" instance_name = "fake-instance-name"

343
nova/tests/virt/libvirt/test_libvirt_vif.py
View File

@@ -29,78 +29,133 @@ from nova.virt.libvirt import vif
CONF = cfg.CONF CONF = cfg.CONF
def get_default_mapping(exclude=None, **kwargs):
mapping_body = {
'mac': 'ca:fe:de:ad:be:ef',
'ips': [{'ip': '101.168.1.9'}],
'dhcp_server': '191.168.1.1',
'vif_uuid': 'vif-xxx-yyy-zzz',
'vif_devname': 'tap-xxx-yyy-zzz'
}
mapping_body.update(kwargs)
if exclude:
for key in exclude:
del mapping_body[key]
return mapping_body
def get_default_net(**kwargs):
body = {
'cidr': '101.168.1.0/24',
'cidr_v6': '101:1db9::/64',
'gateway_v6': '101:1db9::1',
'netmask_v6': '64',
'netmask': '255.255.255.0',
'vlan': 99,
'gateway': '101.168.1.1',
'broadcast': '101.168.1.255',
'dns1': '8.8.8.8',
'id': 'network-id-xxx-yyy-zzz'
}
body.update(kwargs)
return body
class LibvirtVifTestCase(test.TestCase): class LibvirtVifTestCase(test.TestCase):
net_bridge = get_default_net(bridge='br0', bridge_interface='eth0') gateway_bridge_4 = network_model.IP(address='101.168.1.1', type='gateway')
net_bridge_neutron = get_default_net(bridge_interface='eth0') dns_bridge_4 = network_model.IP(address='8.8.8.8', type=None)
net_ovs = get_default_net(bridge='br0') ips_bridge_4 = [network_model.IP(address='101.168.1.9', type=None)]
net_8021 = get_default_net(interface='eth0') subnet_bridge_4 = network_model.Subnet(cidr='101.168.1.0/24',
dns=[dns_bridge_4],
gateway=gateway_bridge_4,
routes=None,
dhcp_server='191.168.1.1')
mapping_bridge = get_default_mapping(gateway_v6=net_bridge['gateway_v6'], gateway_bridge_6 = network_model.IP(address='101:1db9::1', type='gateway')
vif_type= subnet_bridge_6 = network_model.Subnet(cidr='101:1db9::/64',
network_model.VIF_TYPE_BRIDGE) dns=None,
mapping_bridge_neutron = get_default_mapping( gateway=gateway_bridge_6,
gateway_v6=net_bridge['gateway_v6']) ips=None,
mapping_ovs = get_default_mapping(gateway_v6=net_ovs['gateway_v6'], routes=None)
vif_type=network_model.VIF_TYPE_OVS,
ovs_interfaceid='aaa-bbb-ccc')
mapping_ivs = get_default_mapping(gateway_v6=net_ovs['gateway_v6'], network_bridge = network_model.Network(id='network-id-xxx-yyy-zzz',
vif_type=network_model.VIF_TYPE_IVS, bridge='br0',
ivs_interfaceid='aaa-bbb-ccc') label=None,
subnets=[subnet_bridge_4,
subnet_bridge_6],
bridge_interface='eth0',
vlan=99)
mapping_ovs_legacy = get_default_mapping(['vif_devname'], vif_bridge = network_model.VIF(id='vif-xxx-yyy-zzz',
gateway_v6=net_ovs['gateway_v6']) address='ca:fe:de:ad:be:ef',
network=network_bridge,
type=network_model.VIF_TYPE_BRIDGE,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid=None)
mapping_8021qbh = get_default_mapping( network_bridge_neutron = network_model.Network(id='network-id-xxx-yyy-zzz',
['ips', 'dhcp_server'], vif_type=network_model.VIF_TYPE_802_QBH, bridge=None,
qbh_params=network_model.VIF8021QbhParams(profileid="xxx-yyy-zzz"),) label=None,
subnets=[subnet_bridge_4,
subnet_bridge_6],
bridge_interface='eth0',
vlan=99)
net_iovisor = get_default_net(interface='eth0') vif_bridge_neutron = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_bridge_neutron,
type=None,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid='aaa-bbb-ccc')
mapping_iovisor = get_default_mapping( network_ovs = network_model.Network(id='network-id-xxx-yyy-zzz',
['ips', 'dhcp_server'], vif_type=network_model.VIF_TYPE_IOVISOR) bridge='br0',
label=None,
subnets=[subnet_bridge_4,
subnet_bridge_6],
bridge_interface=None,
vlan=99)
mapping_8021qbg = get_default_mapping( network_ivs = network_model.Network(id='network-id-xxx-yyy-zzz',
['ips', 'dhcp_server'], vif_type=network_model.VIF_TYPE_802_QBG, bridge='br0',
qbg_params=network_model.VIF8021QbgParams(managerid="xxx-yyy-zzz", label=None,
typeid="aaa-bbb-ccc", subnets=[subnet_bridge_4,
typeidversion="1", subnet_bridge_6],
instanceid="ddd-eee-fff")) bridge_interface=None,
vlan=99)
mapping_none = get_default_mapping(gateway_v6=net_bridge['gateway_v6']) vif_ovs = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_ovs,
type=network_model.VIF_TYPE_OVS,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid='aaa-bbb-ccc')
vif_ovs_legacy = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_ovs,
type=None,
devname=None,
ovs_interfaceid=None)
vif_ivs = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_ivs,
type=network_model.VIF_TYPE_IVS,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid='aaa-bbb-ccc')
vif_ivs_legacy = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_ovs,
type=None,
devname=None,
ovs_interfaceid='aaa')
vif_none = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_bridge,
type=None,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid=None)
network_8021 = network_model.Network(id='network-id-xxx-yyy-zzz',
bridge=None,
label=None,
subnets=[subnet_bridge_4,
subnet_bridge_6],
interface='eth0',
vlan=99)
vif_8021qbh = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_8021,
type=network_model.VIF_TYPE_802_QBH,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid=None,
qbh_params=network_model.VIF8021QbhParams(
profileid="xxx-yyy-zzz"))
vif_8021qbg = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_8021,
type=network_model.VIF_TYPE_802_QBG,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid=None,
qbg_params=network_model.VIF8021QbgParams(
managerid="xxx-yyy-zzz",
typeid="aaa-bbb-ccc",
typeidversion="1",
instanceid="ddd-eee-fff"))
instance = { instance = {
'name': 'instance-name', 'name': 'instance-name',
@@ -141,9 +196,9 @@ class LibvirtVifTestCase(test.TestCase):
self.assertEqual(len(ret), 1) self.assertEqual(len(ret), 1)
return ret[0] return ret[0]
def _assertMacEquals(self, node, mapping): def _assertMacEquals(self, node, vif):
mac = node.find("mac").get("address") mac = node.find("mac").get("address")
self.assertEqual(mac, mapping['mac']) self.assertEqual(mac, vif['address'])
def _assertTypeEquals(self, node, type, attr, source, br_want, def _assertTypeEquals(self, node, type, attr, source, br_want,
prefix=None): prefix=None):
@@ -154,13 +209,13 @@ class LibvirtVifTestCase(test.TestCase):
else: else:
self.assertTrue(br_name.startswith(prefix)) self.assertTrue(br_name.startswith(prefix))
def _assertTypeAndMacEquals(self, node, type, attr, source, mapping, def _assertTypeAndMacEquals(self, node, type, attr, source, vif,
br_want=None, size=0, prefix=None): br_want=None, size=0, prefix=None):
ret = node.findall("filterref") ret = node.findall("filterref")
self.assertEqual(len(ret), size) self.assertEqual(len(ret), size)
self._assertTypeEquals(node, type, attr, source, br_want, self._assertTypeEquals(node, type, attr, source, br_want,
prefix) prefix)
self._assertMacEquals(node, mapping) self._assertMacEquals(node, vif)
def _assertModel(self, xml, model_want=None, driver_want=None): def _assertModel(self, xml, model_want=None, driver_want=None):
node = self._get_node(xml) node = self._get_node(xml)
@@ -186,13 +241,13 @@ class LibvirtVifTestCase(test.TestCase):
conf.vcpus = 4 conf.vcpus = 4
return conf return conf
def _get_instance_xml(self, driver, net, mapping, image_meta=None): def _get_instance_xml(self, driver, vif, image_meta=None):
default_inst_type = flavors.get_default_flavor() default_inst_type = flavors.get_default_flavor()
extra_specs = default_inst_type['extra_specs'].items() extra_specs = default_inst_type['extra_specs'].items()
quota_bandwith = self.bandwidth.items() quota_bandwith = self.bandwidth.items()
default_inst_type['extra_specs'] = dict(extra_specs + quota_bandwith) default_inst_type['extra_specs'] = dict(extra_specs + quota_bandwith)
conf = self._get_conf() conf = self._get_conf()
nic = driver.get_config(self.instance, net, mapping, image_meta, nic = driver.get_config(self.instance, vif, image_meta,
default_inst_type) default_inst_type)
conf.add_device(nic) conf.add_device(nic)
return conf.to_xml() return conf.to_xml()
@@ -238,9 +293,7 @@ class LibvirtVifTestCase(test.TestCase):
libvirt_type='kvm') libvirt_type='kvm')
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d, xml = self._get_instance_xml(d, self.vif_bridge)
self.net_bridge,
self.mapping_bridge)
self._assertModel(xml) self._assertModel(xml)
def test_model_kvm(self): def test_model_kvm(self):
@@ -248,9 +301,7 @@ class LibvirtVifTestCase(test.TestCase):
libvirt_type='kvm') libvirt_type='kvm')
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d, xml = self._get_instance_xml(d, self.vif_bridge)
self.net_bridge,
self.mapping_bridge)
self._assertModel(xml, "virtio") self._assertModel(xml, "virtio")
@@ -260,9 +311,7 @@ class LibvirtVifTestCase(test.TestCase):
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
image_meta = {'properties': {'hw_vif_model': 'e1000'}} image_meta = {'properties': {'hw_vif_model': 'e1000'}}
xml = self._get_instance_xml(d, xml = self._get_instance_xml(d, self.vif_bridge,
self.net_bridge,
self.mapping_bridge,
image_meta) image_meta)
self._assertModel(xml, "e1000") self._assertModel(xml, "e1000")
@@ -275,8 +324,7 @@ class LibvirtVifTestCase(test.TestCase):
self.assertRaises(exception.UnsupportedHardware, self.assertRaises(exception.UnsupportedHardware,
self._get_instance_xml, self._get_instance_xml,
d, d,
self.net_bridge, self.vif_bridge,
self.mapping_bridge,
image_meta) image_meta)
def test_model_qemu(self): def test_model_qemu(self):
@@ -284,9 +332,7 @@ class LibvirtVifTestCase(test.TestCase):
libvirt_type='qemu') libvirt_type='qemu')
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d, xml = self._get_instance_xml(d, self.vif_bridge)
self.net_bridge,
self.mapping_bridge)
doc = etree.fromstring(xml) doc = etree.fromstring(xml)
@@ -300,9 +346,7 @@ class LibvirtVifTestCase(test.TestCase):
libvirt_type='xen') libvirt_type='xen')
d = vif.LibvirtGenericVIFDriver(self._get_conn("xen:///system")) d = vif.LibvirtGenericVIFDriver(self._get_conn("xen:///system"))
xml = self._get_instance_xml(d, xml = self._get_instance_xml(d, self.vif_bridge)
self.net_bridge,
self.mapping_bridge)
self._assertModel(xml) self._assertModel(xml)
def test_generic_driver_none(self): def test_generic_driver_none(self):
@@ -310,90 +354,77 @@ class LibvirtVifTestCase(test.TestCase):
self.assertRaises(exception.NovaException, self.assertRaises(exception.NovaException,
self._get_instance_xml, self._get_instance_xml,
d, d,
self.net_bridge, self.vif_none)
self.mapping_none)
def _check_bridge_driver(self, d, net, mapping, br_want): def _check_bridge_driver(self, d, vif, br_want):
xml = self._get_instance_xml(d, net, mapping) xml = self._get_instance_xml(d, vif)
node = self._get_node(xml) node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "bridge", "source", "bridge", self._assertTypeAndMacEquals(node, "bridge", "source", "bridge",
self.mapping_bridge, br_want, 1) self.vif_bridge, br_want, 1)
def test_bridge_driver(self): def test_bridge_driver(self):
d = vif.LibvirtBridgeDriver(self._get_conn()) d = vif.LibvirtBridgeDriver(self._get_conn())
self._check_bridge_driver(d, self._check_bridge_driver(d,
self.net_bridge, self.vif_bridge,
self.mapping_bridge, self.vif_bridge['network']['bridge'])
self.net_bridge['bridge'])
def test_generic_driver_bridge(self): def test_generic_driver_bridge(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
self._check_bridge_driver(d, self._check_bridge_driver(d,
self.net_bridge, self.vif_bridge,
self.mapping_bridge, self.vif_bridge['network']['bridge'])
self.net_bridge['bridge'])
def test_neutron_bridge_driver(self): def test_neutron_bridge_driver(self):
d = vif.NeutronLinuxBridgeVIFDriver(self._get_conn()) d = vif.NeutronLinuxBridgeVIFDriver(self._get_conn())
br_want = 'brq' + self.net_bridge_neutron['id'] br_want = 'brq' + self.vif_bridge_neutron['network']['id']
br_want = br_want[:network_model.NIC_NAME_LEN] br_want = br_want[:network_model.NIC_NAME_LEN]
self._check_bridge_driver(d, self._check_bridge_driver(d,
self.net_bridge_neutron, self.vif_bridge_neutron,
self.mapping_bridge_neutron,
br_want) br_want)
def _check_ivs_ethernet_driver(self, d, net, mapping, dev_prefix): def _check_ivs_ethernet_driver(self, d, vif, dev_prefix):
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver") self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d, net, mapping) xml = self._get_instance_xml(d, vif)
node = self._get_node(xml) node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "ethernet", "target", "dev", self._assertTypeAndMacEquals(node, "ethernet", "target", "dev",
self.mapping_ivs, prefix=dev_prefix) self.vif_ivs, prefix=dev_prefix)
script = node.find("script").get("path") script = node.find("script").get("path")
self.assertEquals(script, "") self.assertEquals(script, "")
def _check_ovs_ethernet_driver(self, d, net, mapping, dev_prefix): def _check_ovs_ethernet_driver(self, d, vif, dev_prefix):
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver") self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d, net, mapping) xml = self._get_instance_xml(d, vif)
node = self._get_node(xml) node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "ethernet", "target", "dev", self._assertTypeAndMacEquals(node, "ethernet", "target", "dev",
self.mapping_ovs, prefix=dev_prefix) self.vif_ovs, prefix=dev_prefix)
script = node.find("script").get("path") script = node.find("script").get("path")
self.assertEquals(script, "") self.assertEquals(script, "")
def test_ovs_ethernet_driver_legacy(self):
d = vif.LibvirtOpenVswitchDriver(self._get_conn(ver=9010))
self._check_ovs_ethernet_driver(d,
self.net_ovs,
self.mapping_ovs_legacy,
"nic")
def test_ovs_ethernet_driver(self): def test_ovs_ethernet_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9010)) d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9010))
self._check_ovs_ethernet_driver(d, self._check_ovs_ethernet_driver(d,
self.net_ovs, self.vif_ovs,
self.mapping_ovs,
"tap") "tap")
def test_ivs_ethernet_driver(self): def test_ivs_ethernet_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9010)) d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9010))
self._check_ivs_ethernet_driver(d, self._check_ivs_ethernet_driver(d,
self.net_ovs, self.vif_ivs,
self.mapping_ivs,
"tap") "tap")
def _check_ivs_virtualport_driver(self, d, net, mapping, want_iface_id): def _check_ivs_virtualport_driver(self, d, vif, want_iface_id):
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver") self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d, net, mapping) xml = self._get_instance_xml(d, vif)
node = self._get_node(xml) node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "ethernet", "target", "dev", self._assertTypeAndMacEquals(node, "ethernet", "target", "dev",
mapping, mapping['vif_devname']) vif, vif['devname'])
def _check_ovs_virtualport_driver(self, d, net, mapping, want_iface_id): def _check_ovs_virtualport_driver(self, d, vif, want_iface_id):
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver") self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d, net, mapping) xml = self._get_instance_xml(d, vif)
node = self._get_node(xml) node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "bridge", "source", "bridge", self._assertTypeAndMacEquals(node, "bridge", "source", "bridge",
mapping, "br0") vif, "br0")
vp = node.find("virtualport") vp = node.find("virtualport")
self.assertEqual(vp.get("type"), "openvswitch") self.assertEqual(vp.get("type"), "openvswitch")
iface_id_found = False iface_id_found = False
@@ -409,73 +440,65 @@ class LibvirtVifTestCase(test.TestCase):
d = vif.LibvirtOpenVswitchVirtualPortDriver(self._get_conn(ver=9011)) d = vif.LibvirtOpenVswitchVirtualPortDriver(self._get_conn(ver=9011))
want_iface_id = 'vif-xxx-yyy-zzz' want_iface_id = 'vif-xxx-yyy-zzz'
self._check_ovs_virtualport_driver(d, self._check_ovs_virtualport_driver(d,
self.net_ovs, self.vif_ovs_legacy,
self.mapping_ovs_legacy,
want_iface_id) want_iface_id)
def test_generic_ovs_virtualport_driver(self): def test_generic_ovs_virtualport_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9011)) d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9011))
want_iface_id = self.mapping_ovs['ovs_interfaceid'] want_iface_id = self.vif_ovs['ovs_interfaceid']
self._check_ovs_virtualport_driver(d, self._check_ovs_virtualport_driver(d,
self.net_ovs, self.vif_ovs,
self.mapping_ovs,
want_iface_id) want_iface_id)
def test_generic_ivs_virtualport_driver(self): def test_generic_ivs_virtualport_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9011)) d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9011))
want_iface_id = self.mapping_ivs['ivs_interfaceid'] want_iface_id = self.vif_ivs['ovs_interfaceid']
self._check_ivs_virtualport_driver(d, self._check_ivs_virtualport_driver(d,
self.net_ovs, self.vif_ivs,
self.mapping_ivs,
want_iface_id) want_iface_id)
def _check_neutron_hybrid_driver(self, d, net, mapping, br_want): def _check_neutron_hybrid_driver(self, d, vif, br_want):
self.flags(firewall_driver="nova.virt.firewall.IptablesFirewallDriver") self.flags(firewall_driver="nova.virt.firewall.IptablesFirewallDriver")
xml = self._get_instance_xml(d, net, mapping) xml = self._get_instance_xml(d, vif)
node = self._get_node(xml) node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "bridge", "source", "bridge", self._assertTypeAndMacEquals(node, "bridge", "source", "bridge",
mapping, br_want, 1) vif, br_want, 1)
def test_quantum_hybrid_driver(self): def test_quantum_hybrid_driver(self):
br_want = "qbr" + self.mapping_ovs['vif_uuid'] br_want = "qbr" + self.vif_ovs['id']
br_want = br_want[:network_model.NIC_NAME_LEN] br_want = br_want[:network_model.NIC_NAME_LEN]
d = vif.LibvirtHybridOVSBridgeDriver(self._get_conn()) d = vif.LibvirtHybridOVSBridgeDriver(self._get_conn())
self._check_neutron_hybrid_driver(d, self._check_neutron_hybrid_driver(d,
self.net_ovs, self.vif_ovs_legacy,
self.mapping_ovs_legacy,
br_want) br_want)
def test_generic_hybrid_driver(self): def test_generic_hybrid_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
br_want = "qbr" + self.mapping_ovs['vif_uuid'] br_want = "qbr" + self.vif_ovs['id']
br_want = br_want[:network_model.NIC_NAME_LEN] br_want = br_want[:network_model.NIC_NAME_LEN]
self._check_neutron_hybrid_driver(d, self._check_neutron_hybrid_driver(d,
self.net_ovs, self.vif_ovs,
self.mapping_ovs,
br_want) br_want)
def test_ivs_hybrid_driver(self): def test_ivs_hybrid_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
br_want = "qbr" + self.mapping_ivs['vif_uuid'] br_want = "qbr" + self.vif_ivs['id']
br_want = br_want[:network_model.NIC_NAME_LEN] br_want = br_want[:network_model.NIC_NAME_LEN]
self._check_neutron_hybrid_driver(d, self._check_neutron_hybrid_driver(d,
self.net_ovs, self.vif_ivs,
self.mapping_ivs,
br_want) br_want)
def test_generic_8021qbh_driver(self): def test_generic_8021qbh_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d, xml = self._get_instance_xml(d, self.vif_8021qbh)
self.net_8021,
self.mapping_8021qbh)
node = self._get_node(xml) node = self._get_node(xml)
self._assertTypeEquals(node, "direct", "source", "dev", "eth0") self._assertTypeEquals(node, "direct", "source", "dev", "eth0")
self._assertMacEquals(node, self.mapping_8021qbh) self._assertMacEquals(node, self.vif_8021qbh)
vp = node.find("virtualport") vp = node.find("virtualport")
self.assertEqual(vp.get("type"), "802.1Qbh") self.assertEqual(vp.get("type"), "802.1Qbh")
profile_id_found = False profile_id_found = False
for p_elem in vp.findall("parameters"): for p_elem in vp.findall("parameters"):
wantparams = self.mapping_8021qbh['qbh_params'] wantparams = self.vif_8021qbh['qbh_params']
profile_id = p_elem.get("profileid", None) profile_id = p_elem.get("profileid", None)
if profile_id: if profile_id:
self.assertEqual(profile_id, self.assertEqual(profile_id,
@@ -484,26 +507,22 @@ class LibvirtVifTestCase(test.TestCase):
self.assertTrue(profile_id_found) self.assertTrue(profile_id_found)
def test_generic_iovisor_driver(self): def test_generic_iovisor_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver") self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d, br_want = self.vif_ivs['devname']
self.net_iovisor, xml = self._get_instance_xml(d, self.vif_ivs)
self.mapping_iovisor) node = self._get_node(xml)
node = self._get_node(xml) self._assertTypeAndMacEquals(node, "ethernet", "target", "dev",
self._assertTypeAndMacEquals(node, "ethernet", "target", "dev", self.vif_ivs, br_want)
self.mapping_iovisor,
self.mapping_iovisor['vif_devname'])
def test_generic_8021qbg_driver(self): def test_generic_8021qbg_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn()) d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d, xml = self._get_instance_xml(d, self.vif_8021qbg)
self.net_8021,
self.mapping_8021qbg)
node = self._get_node(xml) node = self._get_node(xml)
self._assertTypeEquals(node, "direct", "source", "dev", "eth0") self._assertTypeEquals(node, "direct", "source", "dev", "eth0")
self._assertMacEquals(node, self.mapping_8021qbg) self._assertMacEquals(node, self.vif_8021qbg)
vp = node.find("virtualport") vp = node.find("virtualport")
self.assertEqual(vp.get("type"), "802.1Qbg") self.assertEqual(vp.get("type"), "802.1Qbg")
@@ -512,7 +531,7 @@ class LibvirtVifTestCase(test.TestCase):
typeversion_id_found = False typeversion_id_found = False
instance_id_found = False instance_id_found = False
for p_elem in vp.findall("parameters"): for p_elem in vp.findall("parameters"):
wantparams = self.mapping_8021qbg['qbg_params'] wantparams = self.vif_8021qbg['qbg_params']
manager_id = p_elem.get("managerid", None) manager_id = p_elem.get("managerid", None)
type_id = p_elem.get("typeid", None) type_id = p_elem.get("typeid", None)
typeversion_id = p_elem.get("typeidversion", None) typeversion_id = p_elem.get("typeidversion", None)

10
nova/tests/virt/test_virt_drivers.py
View File

@@ -204,7 +204,9 @@ class _VirtDriverTestCase(_FakeDriverBackendTestCase):
def _get_running_instance(self): def _get_running_instance(self):
instance_ref = test_utils.get_test_instance() instance_ref = test_utils.get_test_instance()
network_info = test_utils.get_test_network_info() network_info = test_utils.get_test_network_info(legacy_model=False)
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = \
'1.1.1.1'
image_info = test_utils.get_test_image_info(None, instance_ref) image_info = test_utils.get_test_image_info(None, instance_ref)
self.connection.spawn(self.ctxt, instance_ref, image_info, self.connection.spawn(self.ctxt, instance_ref, image_info,
[], 'herp', network_info=network_info) [], 'herp', network_info=network_info)
@@ -396,7 +398,7 @@ class _VirtDriverTestCase(_FakeDriverBackendTestCase):
def test_destroy_instance_nonexistent(self): def test_destroy_instance_nonexistent(self):
fake_instance = {'id': 42, 'name': 'I just made this up!', fake_instance = {'id': 42, 'name': 'I just made this up!',
'uuid': 'bda5fb9e-b347-40e8-8256-42397848cb00'} 'uuid': 'bda5fb9e-b347-40e8-8256-42397848cb00'}
network_info = test_utils.get_test_network_info() network_info = test_utils.get_test_network_info(legacy_model=False)
self.connection.destroy(fake_instance, network_info) self.connection.destroy(fake_instance, network_info)
@catch_notimplementederror @catch_notimplementederror
@@ -550,14 +552,14 @@ class _VirtDriverTestCase(_FakeDriverBackendTestCase):
@catch_notimplementederror @catch_notimplementederror
def test_ensure_filtering_for_instance(self): def test_ensure_filtering_for_instance(self):
instance_ref = test_utils.get_test_instance() instance_ref = test_utils.get_test_instance()
network_info = test_utils.get_test_network_info() network_info = test_utils.get_test_network_info(legacy_model=False)
self.connection.ensure_filtering_rules_for_instance(instance_ref, self.connection.ensure_filtering_rules_for_instance(instance_ref,
network_info) network_info)
@catch_notimplementederror @catch_notimplementederror
def test_unfilter_instance(self): def test_unfilter_instance(self):
instance_ref = test_utils.get_test_instance() instance_ref = test_utils.get_test_instance()
network_info = test_utils.get_test_network_info() network_info = test_utils.get_test_network_info(legacy_model=False)
self.connection.unfilter_instance(instance_ref, network_info) self.connection.unfilter_instance(instance_ref, network_info)
@catch_notimplementederror @catch_notimplementederror

22
nova/tests/virt/xenapi/test_xenapi.py
View File

@@ -2503,9 +2503,8 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
self.stubs.Set(compute_utils, 'get_nw_info_for_instance', self.stubs.Set(compute_utils, 'get_nw_info_for_instance',
lambda instance: network_model) lambda instance: network_model)
network_info = network_model.legacy() self.fw.prepare_instance_filter(instance_ref, network_model)
self.fw.prepare_instance_filter(instance_ref, network_info) self.fw.apply_instance_filter(instance_ref, network_model)
self.fw.apply_instance_filter(instance_ref, network_info)
self._validate_security_group() self._validate_security_group()
# Extra test for TCP acceptance rules # Extra test for TCP acceptance rules
@@ -2521,14 +2520,16 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
def test_filters_for_instance_with_ip_v6(self): def test_filters_for_instance_with_ip_v6(self):
self.flags(use_ipv6=True) self.flags(use_ipv6=True)
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1) network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1,
spectacular=True)
rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info) rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info)
self.assertEquals(len(rulesv4), 2) self.assertEquals(len(rulesv4), 2)
self.assertEquals(len(rulesv6), 1) self.assertEquals(len(rulesv6), 1)
def test_filters_for_instance_without_ip_v6(self): def test_filters_for_instance_without_ip_v6(self):
self.flags(use_ipv6=False) self.flags(use_ipv6=False)
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1) network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1,
spectacular=True)
rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info) rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info)
self.assertEquals(len(rulesv4), 2) self.assertEquals(len(rulesv4), 2)
self.assertEquals(len(rulesv6), 0) self.assertEquals(len(rulesv6), 0)
@@ -2543,7 +2544,10 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
_get_instance_nw_info = fake_network.fake_get_instance_nw_info _get_instance_nw_info = fake_network.fake_get_instance_nw_info
network_info = _get_instance_nw_info(self.stubs, network_info = _get_instance_nw_info(self.stubs,
networks_count, networks_count,
ipv4_addr_per_network) ipv4_addr_per_network,
spectacular=True)
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = \
'1.1.1.1'
ipv4_len = len(self.fw.iptables.ipv4['filter'].rules) ipv4_len = len(self.fw.iptables.ipv4['filter'].rules)
ipv6_len = len(self.fw.iptables.ipv6['filter'].rules) ipv6_len = len(self.fw.iptables.ipv6['filter'].rules)
inst_ipv4, inst_ipv6 = self.fw.instance_rules(instance_ref, inst_ipv4, inst_ipv6 = self.fw.instance_rules(instance_ref,
@@ -2563,7 +2567,8 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
def test_do_refresh_security_group_rules(self): def test_do_refresh_security_group_rules(self):
admin_ctxt = context.get_admin_context() admin_ctxt = context.get_admin_context()
instance_ref = self._create_instance_ref() instance_ref = self._create_instance_ref()
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1, 1) network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1, 1,
spectacular=True)
secgroup = self._create_test_security_group() secgroup = self._create_test_security_group()
db.instance_add_security_group(admin_ctxt, instance_ref['uuid'], db.instance_add_security_group(admin_ctxt, instance_ref['uuid'],
secgroup['id']) secgroup['id'])
@@ -2592,7 +2597,8 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
# peeks at how the firewall names chains # peeks at how the firewall names chains
chain_name = 'inst-%s' % instance_ref['id'] chain_name = 'inst-%s' % instance_ref['id']
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1, 1) network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1, 1,
spectacular=True)
self.fw.prepare_instance_filter(instance_ref, network_info) self.fw.prepare_instance_filter(instance_ref, network_info)
self.assertTrue('provider' in self.fw.iptables.ipv4['filter'].chains) self.assertTrue('provider' in self.fw.iptables.ipv4['filter'].chains)
rules = [rule for rule in self.fw.iptables.ipv4['filter'].rules rules = [rule for rule in self.fw.iptables.ipv4['filter'].rules

66
nova/virt/firewall.py
View File

@@ -135,14 +135,6 @@ class FirewallDriver(object):
"""Check nova-instance-instance-xxx exists.""" """Check nova-instance-instance-xxx exists."""
raise NotImplementedError() raise NotImplementedError()
def _handle_network_info_model(self, network_info):
# make sure this is legacy network_info
try:
return network_info.legacy()
except AttributeError:
# no "legacy" function means network_info is legacy
return network_info
class IptablesFirewallDriver(FirewallDriver): class IptablesFirewallDriver(FirewallDriver):
"""Driver which enforces security groups through iptables rules.""" """Driver which enforces security groups through iptables rules."""
@@ -177,9 +169,6 @@ class IptablesFirewallDriver(FirewallDriver):
self.iptables.defer_apply_off() self.iptables.defer_apply_off()
def unfilter_instance(self, instance, network_info): def unfilter_instance(self, instance, network_info):
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
if self.instances.pop(instance['id'], None): if self.instances.pop(instance['id'], None):
# NOTE(vish): use the passed info instead of the stored info # NOTE(vish): use the passed info instead of the stored info
self.network_infos.pop(instance['id']) self.network_infos.pop(instance['id'])
@@ -190,9 +179,6 @@ class IptablesFirewallDriver(FirewallDriver):
'filtered'), instance=instance) 'filtered'), instance=instance)
def prepare_instance_filter(self, instance, network_info): def prepare_instance_filter(self, instance, network_info):
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
self.instances[instance['id']] = instance self.instances[instance['id']] = instance
self.network_infos[instance['id']] = network_info self.network_infos[instance['id']] = network_info
ipv4_rules, ipv6_rules = self.instance_rules(instance, network_info) ipv4_rules, ipv6_rules = self.instance_rules(instance, network_info)
@@ -216,22 +202,31 @@ class IptablesFirewallDriver(FirewallDriver):
def _create_filter(self, ips, chain_name): def _create_filter(self, ips, chain_name):
return ['-d %s -j $%s' % (ip, chain_name) for ip in ips] return ['-d %s -j $%s' % (ip, chain_name) for ip in ips]
def _get_subnets(self, network_info, version):
subnets = []
for vif in network_info:
if 'network' in vif and 'subnets' in vif['network']:
for subnet in vif['network']['subnets']:
if subnet['version'] == version:
subnets.append(subnet)
return subnets
def _filters_for_instance(self, chain_name, network_info): def _filters_for_instance(self, chain_name, network_info):
"""Creates a rule corresponding to each ip that defines a """Creates a rule corresponding to each ip that defines a
jump to the corresponding instance - chain for all the traffic jump to the corresponding instance - chain for all the traffic
destined to that ip. destined to that ip.
""" """
# make sure this is legacy nw_info v4_subnets = self._get_subnets(network_info, 4)
network_info = self._handle_network_info_model(network_info) v6_subnets = self._get_subnets(network_info, 6)
ips_v4 = [ip['address'] for subnet in v4_subnets
ips_v4 = [ip['ip'] for (_n, mapping) in network_info for ip in subnet['ips']]
for ip in mapping['ips']]
ipv4_rules = self._create_filter(ips_v4, chain_name) ipv4_rules = self._create_filter(ips_v4, chain_name)
ipv6_rules = [] ipv6_rules = ips_v6 = []
if CONF.use_ipv6: if CONF.use_ipv6:
ips_v6 = [ip['ip'] for (_n, mapping) in network_info if v6_subnets:
for ip in mapping['ip6s']] ips_v6 = [ip['address'] for subnet in v6_subnets
for ip in subnet['ips']]
ipv6_rules = self._create_filter(ips_v6, chain_name) ipv6_rules = self._create_filter(ips_v6, chain_name)
return ipv4_rules, ipv6_rules return ipv4_rules, ipv6_rules
@@ -284,10 +279,9 @@ class IptablesFirewallDriver(FirewallDriver):
ipv6_rules += ['-j $provider'] ipv6_rules += ['-j $provider']
def _do_dhcp_rules(self, ipv4_rules, network_info): def _do_dhcp_rules(self, ipv4_rules, network_info):
# make sure this is legacy nw_info v4_subnets = self._get_subnets(network_info, 4)
network_info = self._handle_network_info_model(network_info) dhcp_servers = [subnet.get_meta('dhcp_server')
for subnet in v4_subnets if subnet.get_meta('dhcp_server')]
dhcp_servers = [info['dhcp_server'] for (_n, info) in network_info]
for dhcp_server in dhcp_servers: for dhcp_server in dhcp_servers:
if dhcp_server: if dhcp_server:
@@ -296,25 +290,20 @@ class IptablesFirewallDriver(FirewallDriver):
self.dhcp_create = True self.dhcp_create = True
def _do_project_network_rules(self, ipv4_rules, ipv6_rules, network_info): def _do_project_network_rules(self, ipv4_rules, ipv6_rules, network_info):
# make sure this is legacy nw_info v4_subnets = self._get_subnets(network_info, 4)
network_info = self._handle_network_info_model(network_info) v6_subnets = self._get_subnets(network_info, 6)
cidrs = [subnet['cidr'] for subnet in v4_subnets]
cidrs = [network['cidr'] for (network, _i) in network_info]
for cidr in cidrs: for cidr in cidrs:
ipv4_rules.append('-s %s -j ACCEPT' % (cidr,)) ipv4_rules.append('-s %s -j ACCEPT' % (cidr,))
if CONF.use_ipv6: if CONF.use_ipv6:
cidrv6s = [network['cidr_v6'] for (network, _i) in cidrv6s = [subnet['cidr'] for subnet in v6_subnets]
network_info]
for cidrv6 in cidrv6s: for cidrv6 in cidrv6s:
ipv6_rules.append('-s %s -j ACCEPT' % (cidrv6,)) ipv6_rules.append('-s %s -j ACCEPT' % (cidrv6,))
def _do_ra_rules(self, ipv6_rules, network_info): def _do_ra_rules(self, ipv6_rules, network_info):
# make sure this is legacy nw_info v6_subnets = self._get_subnets(network_info, 6)
network_info = self._handle_network_info_model(network_info) gateways_v6 = [subnet['gateway']['address'] for subnet in v6_subnets]
gateways_v6 = [mapping['gateway_v6'] for (_n, mapping) in
network_info]
for gateway_v6 in gateways_v6: for gateway_v6 in gateways_v6:
ipv6_rules.append( ipv6_rules.append(
'-s %s/128 -p icmpv6 -j ACCEPT' % (gateway_v6,)) '-s %s/128 -p icmpv6 -j ACCEPT' % (gateway_v6,))
@@ -347,9 +336,6 @@ class IptablesFirewallDriver(FirewallDriver):
rule['to_port'])] rule['to_port'])]
def instance_rules(self, instance, network_info): def instance_rules(self, instance, network_info):
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
ctxt = context.get_admin_context() ctxt = context.get_admin_context()
ipv4_rules = [] ipv4_rules = []

32
nova/virt/libvirt/driver.py
View File

@@ -693,7 +693,7 @@ class LibvirtDriver(driver.ComputeDriver):
return False return False
def legacy_nwinfo(self): def legacy_nwinfo(self):
return True return False
# TODO(Shrews): Remove when libvirt Bugzilla bug # 836647 is fixed. # TODO(Shrews): Remove when libvirt Bugzilla bug # 836647 is fixed.
def list_instance_ids(self): def list_instance_ids(self):
@@ -743,13 +743,13 @@ class LibvirtDriver(driver.ComputeDriver):
def plug_vifs(self, instance, network_info): def plug_vifs(self, instance, network_info):
"""Plug VIFs into networks.""" """Plug VIFs into networks."""
for (network, mapping) in network_info: for vif in network_info:
self.vif_driver.plug(instance, (network, mapping)) self.vif_driver.plug(instance, vif)
def unplug_vifs(self, instance, network_info): def unplug_vifs(self, instance, network_info):
"""Unplug VIFs from networks.""" """Unplug VIFs from networks."""
for (network, mapping) in network_info: for vif in network_info:
self.vif_driver.unplug(instance, (network, mapping)) self.vif_driver.unplug(instance, vif)
def _destroy(self, instance): def _destroy(self, instance):
try: try:
@@ -1156,12 +1156,10 @@ class LibvirtDriver(driver.ComputeDriver):
@exception.wrap_exception() @exception.wrap_exception()
def attach_interface(self, instance, image_meta, network_info): def attach_interface(self, instance, image_meta, network_info):
virt_dom = self._lookup_by_name(instance['name']) virt_dom = self._lookup_by_name(instance['name'])
for (network, mapping) in network_info: for vif in network_info:
self.vif_driver.plug(instance, (network, mapping)) self.vif_driver.plug(instance, vif)
self.firewall_driver.setup_basic_filtering(instance, self.firewall_driver.setup_basic_filtering(instance, [vif])
[(network, mapping)]) cfg = self.vif_driver.get_config(instance, vif, image_meta)
cfg = self.vif_driver.get_config(instance, network, mapping,
image_meta)
try: try:
flags = libvirt.VIR_DOMAIN_AFFECT_CONFIG flags = libvirt.VIR_DOMAIN_AFFECT_CONFIG
state = LIBVIRT_POWER_STATE[virt_dom.info()[0]] state = LIBVIRT_POWER_STATE[virt_dom.info()[0]]
@@ -1171,16 +1169,16 @@ class LibvirtDriver(driver.ComputeDriver):
except libvirt.libvirtError: except libvirt.libvirtError:
LOG.error(_('attaching network adapter failed.'), LOG.error(_('attaching network adapter failed.'),
instance=instance) instance=instance)
self.vif_driver.unplug(instance, (network, mapping)) self.vif_driver.unplug(instance, vif)
raise exception.InterfaceAttachFailed(instance) raise exception.InterfaceAttachFailed(instance)
@exception.wrap_exception() @exception.wrap_exception()
def detach_interface(self, instance, network_info): def detach_interface(self, instance, network_info):
virt_dom = self._lookup_by_name(instance['name']) virt_dom = self._lookup_by_name(instance['name'])
for (network, mapping) in network_info: for vif in network_info:
cfg = self.vif_driver.get_config(instance, network, mapping, None) cfg = self.vif_driver.get_config(instance, vif, None)
try: try:
self.vif_driver.unplug(instance, (network, mapping)) self.vif_driver.unplug(instance, vif)
flags = libvirt.VIR_DOMAIN_AFFECT_CONFIG flags = libvirt.VIR_DOMAIN_AFFECT_CONFIG
state = LIBVIRT_POWER_STATE[virt_dom.info()[0]] state = LIBVIRT_POWER_STATE[virt_dom.info()[0]]
if state == power_state.RUNNING: if state == power_state.RUNNING:
@@ -2405,9 +2403,9 @@ class LibvirtDriver(driver.ComputeDriver):
inst_type): inst_type):
guest.add_device(cfg) guest.add_device(cfg)
for (network, mapping) in network_info: for vif in network_info:
cfg = self.vif_driver.get_config(instance, cfg = self.vif_driver.get_config(instance,
network, mapping, vif,
image_meta, image_meta,
inst_type) inst_type)
guest.add_device(cfg) guest.add_device(cfg)

79
nova/virt/libvirt/firewall.py
View File

@@ -118,49 +118,68 @@ class NWFilterFirewall(base_firewall.FirewallDriver):
self._ensure_static_filters() self._ensure_static_filters()
allow_dhcp = False allow_dhcp = False
for (network, mapping) in network_info: for vif in network_info:
if mapping['dhcp_server']: if not vif['network'] or not vif['network']['subnets']:
allow_dhcp = True continue
break for subnet in vif['network']['subnets']:
if subnet.get_meta('dhcp_server'):
allow_dhcp = True
break
base_filter = self.get_base_filter_list(instance, allow_dhcp) base_filter = self.get_base_filter_list(instance, allow_dhcp)
for (network, mapping) in network_info: for vif in network_info:
self._define_filter(self._get_instance_filter_xml(instance, self._define_filter(self._get_instance_filter_xml(instance,
base_filter, base_filter,
network, vif))
mapping))
def _get_instance_filter_parameters(self, network, mapping): def _get_instance_filter_parameters(self, vif):
parameters = [] parameters = []
def format_parameter(parameter, value): def format_parameter(parameter, value):
return ("<parameter name='%s' value='%s'/>" % (parameter, value)) return ("<parameter name='%s' value='%s'/>" % (parameter, value))
for address in mapping['ips']: network = vif['network']
parameters.append(format_parameter('IP', address['ip'])) if not vif['network'] or not vif['network']['subnets']:
if mapping['dhcp_server']: return parameters
parameters.append(format_parameter('DHCPSERVER',
mapping['dhcp_server'])) v4_subnets = [s for s in network['subnets'] if s['version'] == 4]
v6_subnets = [s for s in network['subnets'] if s['version'] == 6]
for subnet in v4_subnets:
for ip in subnet['ips']:
parameters.append(format_parameter('IP', ip['address']))
dhcp_server = subnet.get_meta('dhcp_server')
if dhcp_server:
parameters.append(format_parameter('DHCPSERVER', dhcp_server))
if CONF.use_ipv6: if CONF.use_ipv6:
ra_server = mapping.get('gateway_v6') + "/128" for subnet in v6_subnets:
parameters.append(format_parameter('RASERVER', ra_server)) gateway = subnet.get('gateway')
if gateway:
ra_server = gateway['address'] + "/128"
parameters.append(format_parameter('RASERVER', ra_server))
if CONF.allow_same_net_traffic: if CONF.allow_same_net_traffic:
ipv4_cidr = network['cidr'] for subnet in v4_subnets:
net, mask = netutils.get_net_and_mask(ipv4_cidr) ipv4_cidr = subnet['cidr']
parameters.append(format_parameter('PROJNET', net)) net, mask = netutils.get_net_and_mask(ipv4_cidr)
parameters.append(format_parameter('PROJMASK', mask)) parameters.append(format_parameter('PROJNET', net))
parameters.append(format_parameter('PROJMASK', mask))
if CONF.use_ipv6: if CONF.use_ipv6:
ipv6_cidr = network['cidr_v6'] for subnet in v6_subnets:
net, prefix = netutils.get_net_and_prefixlen(ipv6_cidr) ipv6_cidr = subnet['cidr']
parameters.append(format_parameter('PROJNET6', net)) net, prefix = netutils.get_net_and_prefixlen(ipv6_cidr)
parameters.append(format_parameter('PROJMASK6', prefix)) parameters.append(format_parameter('PROJNET6', net))
parameters.append(format_parameter('PROJMASK6', prefix))
return parameters return parameters
def _get_instance_filter_xml(self, instance, filters, network, mapping): def _get_instance_filter_xml(self, instance, filters, vif):
nic_id = mapping['mac'].replace(':', '') nic_id = vif['address'].replace(':', '')
instance_filter_name = self._instance_filter_name(instance, nic_id) instance_filter_name = self._instance_filter_name(instance, nic_id)
parameters = self._get_instance_filter_parameters(network, mapping) parameters = self._get_instance_filter_parameters(vif)
xml = '''<filter name='%s' chain='root'>''' % instance_filter_name xml = '''<filter name='%s' chain='root'>''' % instance_filter_name
for f in filters: for f in filters:
xml += '''<filterref filter='%s'>''' % f xml += '''<filterref filter='%s'>''' % f
@@ -233,8 +252,8 @@ class NWFilterFirewall(base_firewall.FirewallDriver):
def unfilter_instance(self, instance, network_info): def unfilter_instance(self, instance, network_info):
"""Clear out the nwfilter rules.""" """Clear out the nwfilter rules."""
instance_name = instance['name'] instance_name = instance['name']
for (network, mapping) in network_info: for vif in network_info:
nic_id = mapping['mac'].replace(':', '') nic_id = vif['address'].replace(':', '')
instance_filter_name = self._instance_filter_name(instance, nic_id) instance_filter_name = self._instance_filter_name(instance, nic_id)
try: try:
@@ -261,8 +280,8 @@ class NWFilterFirewall(base_firewall.FirewallDriver):
def instance_filter_exists(self, instance, network_info): def instance_filter_exists(self, instance, network_info):
"""Check nova-instance-instance-xxx exists.""" """Check nova-instance-instance-xxx exists."""
for (network, mapping) in network_info: for vif in network_info:
nic_id = mapping['mac'].replace(':', '') nic_id = vif['address'].replace(':', '')
instance_filter_name = self._instance_filter_name(instance, nic_id) instance_filter_name = self._instance_filter_name(instance, nic_id)
try: try:
self._conn.nwfilterLookupByName(instance_filter_name) self._conn.nwfilterLookupByName(instance_filter_name)

324
nova/virt/libvirt/vif.py
View File

@@ -89,12 +89,12 @@ class LibvirtBaseVIFDriver(object):
return True return True
return False return False
def get_vif_devname(self, mapping): def get_vif_devname(self, vif):
if 'vif_devname' in mapping: if 'devname' in vif:
return mapping['vif_devname'] return vif['devname']
return ("nic" + mapping['vif_uuid'])[:network_model.NIC_NAME_LEN] return ("nic" + vif['id'])[:network_model.NIC_NAME_LEN]
def get_config(self, instance, network, mapping, image_meta, inst_type): def get_config(self, instance, vif, image_meta, inst_type):
conf = vconfig.LibvirtConfigGuestInterface() conf = vconfig.LibvirtConfigGuestInterface()
# Default to letting libvirt / the hypervisor choose the model # Default to letting libvirt / the hypervisor choose the model
model = None model = None
@@ -126,7 +126,7 @@ class LibvirtBaseVIFDriver(object):
virt=CONF.libvirt_type) virt=CONF.libvirt_type)
designer.set_vif_guest_frontend_config( designer.set_vif_guest_frontend_config(
conf, mapping['mac'], model, driver) conf, vif['address'], model, driver)
return conf return conf
@@ -140,11 +140,11 @@ class LibvirtBaseVIFDriver(object):
class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver): class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
"""Generic VIF driver for libvirt networking.""" """Generic VIF driver for libvirt networking."""
def get_bridge_name(self, network): def get_bridge_name(self, vif):
return network['bridge'] return vif['network']['bridge']
def get_ovs_interfaceid(self, mapping): def get_ovs_interfaceid(self, vif):
return mapping['ovs_interfaceid'] return vif.get('ovs_interfaceid') or vif['id']
def get_br_name(self, iface_id): def get_br_name(self, iface_id):
return ("qbr" + iface_id)[:network_model.NIC_NAME_LEN] return ("qbr" + iface_id)[:network_model.NIC_NAME_LEN]
@@ -161,20 +161,17 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
return True return True
return False return False
def get_config_bridge(self, instance, network, mapping, image_meta, def get_config_bridge(self, instance, vif, image_meta, inst_type):
inst_type):
"""Get VIF configurations for bridge type.""" """Get VIF configurations for bridge type."""
conf = super(LibvirtGenericVIFDriver, conf = super(LibvirtGenericVIFDriver,
self).get_config(instance, self).get_config(instance, vif,
network,
mapping,
image_meta, inst_type) image_meta, inst_type)
designer.set_vif_host_backend_bridge_config( designer.set_vif_host_backend_bridge_config(
conf, self.get_bridge_name(network), conf, self.get_bridge_name(vif),
self.get_vif_devname(mapping)) self.get_vif_devname(vif))
mac_id = mapping['mac'].replace(':', '') mac_id = vif['address'].replace(':', '')
name = "nova-instance-" + instance['name'] + "-" + mac_id name = "nova-instance-" + instance['name'] + "-" + mac_id
if self.get_firewall_required(): if self.get_firewall_required():
conf.filtername = name conf.filtername = name
@@ -182,109 +179,92 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
return conf return conf
def get_config_ovs_ethernet(self, instance, network, mapping, def get_config_ovs_ethernet(self, instance, vif,
image_meta, inst_type): image_meta, inst_type):
conf = super(LibvirtGenericVIFDriver, conf = super(LibvirtGenericVIFDriver,
self).get_config(instance, self).get_config(instance, vif,
network,
mapping,
image_meta, inst_type) image_meta, inst_type)
dev = self.get_vif_devname(mapping) dev = self.get_vif_devname(vif)
designer.set_vif_host_backend_ethernet_config(conf, dev) designer.set_vif_host_backend_ethernet_config(conf, dev)
return conf return conf
def get_config_ovs_bridge(self, instance, network, mapping, image_meta, def get_config_ovs_bridge(self, instance, vif, image_meta,
inst_type): inst_type):
conf = super(LibvirtGenericVIFDriver, conf = super(LibvirtGenericVIFDriver,
self).get_config(instance, self).get_config(instance, vif,
network,
mapping,
image_meta, inst_type) image_meta, inst_type)
designer.set_vif_host_backend_ovs_config( designer.set_vif_host_backend_ovs_config(
conf, self.get_bridge_name(network), conf, self.get_bridge_name(vif),
self.get_ovs_interfaceid(mapping), self.get_ovs_interfaceid(vif),
self.get_vif_devname(mapping)) self.get_vif_devname(vif))
return conf return conf
def get_config_ovs_hybrid(self, instance, network, mapping, image_meta, def get_config_ovs_hybrid(self, instance, vif, image_meta,
inst_type): inst_type):
newnet = copy.deepcopy(network) newvif = copy.deepcopy(vif)
newnet['bridge'] = self.get_br_name(mapping['vif_uuid']) newvif['network']['bridge'] = self.get_br_name(vif['id'])
return self.get_config_bridge(instance, return self.get_config_bridge(instance, newvif,
newnet,
mapping,
image_meta, inst_type) image_meta, inst_type)
def get_config_ovs(self, instance, network, mapping, image_meta, def get_config_ovs(self, instance, vif, image_meta, inst_type):
inst_type):
if self.get_firewall_required(): if self.get_firewall_required():
return self.get_config_ovs_hybrid(instance, network, return self.get_config_ovs_hybrid(instance, vif,
mapping,
image_meta, image_meta,
inst_type) inst_type)
elif self.has_libvirt_version(LIBVIRT_OVS_VPORT_VERSION): elif self.has_libvirt_version(LIBVIRT_OVS_VPORT_VERSION):
return self.get_config_ovs_bridge(instance, network, return self.get_config_ovs_bridge(instance, vif,
mapping,
image_meta, image_meta,
inst_type) inst_type)
else: else:
return self.get_config_ovs_ethernet(instance, network, return self.get_config_ovs_ethernet(instance, vif,
mapping,
image_meta, image_meta,
inst_type) inst_type)
def get_config_ivs_hybrid(self, instance, network, mapping, image_meta, def get_config_ivs_hybrid(self, instance, vif, image_meta,
inst_type): inst_type):
newnet = copy.deepcopy(network) newvif = copy.deepcopy(vif)
newnet['bridge'] = self.get_br_name(mapping['vif_uuid']) newvif['network']['bridge'] = self.get_br_name(vif['id'])
return self.get_config_bridge(instance, return self.get_config_bridge(instance,
newnet, newvif,
mapping,
image_meta, image_meta,
inst_type) inst_type)
def get_config_ivs_ethernet(self, instance, network, mapping, image_meta, def get_config_ivs_ethernet(self, instance, vif, image_meta,
inst_type): inst_type):
conf = super(LibvirtGenericVIFDriver, conf = super(LibvirtGenericVIFDriver,
self).get_config(instance, self).get_config(instance,
network, vif,
mapping,
image_meta, image_meta,
inst_type) inst_type)
dev = self.get_vif_devname(mapping) dev = self.get_vif_devname(vif)
designer.set_vif_host_backend_ethernet_config(conf, dev) designer.set_vif_host_backend_ethernet_config(conf, dev)
return conf return conf
def get_config_ivs(self, instance, network, mapping, image_meta, def get_config_ivs(self, instance, vif, image_meta, inst_type):
inst_type):
if self.get_firewall_required(): if self.get_firewall_required():
return self.get_config_ivs_hybrid(instance, network, return self.get_config_ivs_hybrid(instance, vif,
mapping,
image_meta, image_meta,
inst_type) inst_type)
else: else:
return self.get_config_ivs_ethernet(instance, network, return self.get_config_ivs_ethernet(instance, vif,
mapping,
image_meta, image_meta,
inst_type) inst_type)
def get_config_802qbg(self, instance, network, mapping, image_meta, def get_config_802qbg(self, instance, vif, image_meta,
inst_type): inst_type):
conf = super(LibvirtGenericVIFDriver, conf = super(LibvirtGenericVIFDriver,
self).get_config(instance, self).get_config(instance, vif,
network,
mapping,
image_meta, inst_type) image_meta, inst_type)
params = mapping["qbg_params"] params = vif["qbg_params"]
designer.set_vif_host_backend_802qbg_config( designer.set_vif_host_backend_802qbg_config(
conf, network["interface"], conf, vif['network'].get_meta('interface'),
params['managerid'], params['managerid'],
params['typeid'], params['typeid'],
params['typeidversion'], params['typeidversion'],
@@ -292,41 +272,37 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
return conf return conf
def get_config_802qbh(self, instance, network, mapping, image_meta, def get_config_802qbh(self, instance, vif, image_meta,
inst_type): inst_type):
conf = super(LibvirtGenericVIFDriver, conf = super(LibvirtGenericVIFDriver,
self).get_config(instance, self).get_config(instance, vif,
network,
mapping,
image_meta, inst_type) image_meta, inst_type)
params = mapping["qbh_params"] params = vif["qbh_params"]
designer.set_vif_host_backend_802qbh_config( designer.set_vif_host_backend_802qbh_config(
conf, network["interface"], conf, vif['network'].get_meta('interface'),
params['profileid']) params['profileid'])
return conf return conf
def get_config_iovisor(self, instance, network, mapping, image_meta, def get_config_iovisor(self, instance, vif, image_meta,
inst_type): inst_type):
conf = super(LibvirtGenericVIFDriver, conf = super(LibvirtGenericVIFDriver,
self).get_config(instance, self).get_config(instance, vif,
network,
mapping,
image_meta, inst_type) image_meta, inst_type)
dev = self.get_vif_devname(mapping) dev = self.get_vif_devname(vif)
designer.set_vif_host_backend_ethernet_config(conf, dev) designer.set_vif_host_backend_ethernet_config(conf, dev)
return conf return conf
def get_config(self, instance, network, mapping, image_meta, inst_type): def get_config(self, instance, vif, image_meta, inst_type):
vif_type = mapping.get('vif_type') vif_type = vif['type']
LOG.debug(_('vif_type=%(vif_type)s instance=%(instance)s ' LOG.debug(_('vif_type=%(vif_type)s instance=%(instance)s '
'network=%(network)s mapping=%(mapping)s'), 'vif=%(vif)s'),
{'vif_type': vif_type, 'instance': instance, {'vif_type': vif_type, 'instance': instance,
'network': network, 'mapping': mapping}) 'vif': vif})
if vif_type is None: if vif_type is None:
raise exception.NovaException( raise exception.NovaException(
@@ -334,34 +310,34 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
"for this vif_driver implementation")) "for this vif_driver implementation"))
elif vif_type == network_model.VIF_TYPE_BRIDGE: elif vif_type == network_model.VIF_TYPE_BRIDGE:
return self.get_config_bridge(instance, return self.get_config_bridge(instance,
network, mapping, vif,
image_meta, image_meta,
inst_type) inst_type)
elif vif_type == network_model.VIF_TYPE_OVS: elif vif_type == network_model.VIF_TYPE_OVS:
return self.get_config_ovs(instance, return self.get_config_ovs(instance,
network, mapping, vif,
image_meta, image_meta,
inst_type) inst_type)
elif vif_type == network_model.VIF_TYPE_802_QBG: elif vif_type == network_model.VIF_TYPE_802_QBG:
return self.get_config_802qbg(instance, return self.get_config_802qbg(instance,
network, mapping, vif,
image_meta, image_meta,
inst_type) inst_type)
elif vif_type == network_model.VIF_TYPE_802_QBH: elif vif_type == network_model.VIF_TYPE_802_QBH:
return self.get_config_802qbh(instance, return self.get_config_802qbh(instance,
network, mapping, vif,
image_meta, image_meta,
inst_type) inst_type)
elif vif_type == network_model.VIF_TYPE_IVS: elif vif_type == network_model.VIF_TYPE_IVS:
return self.get_config_ivs(instance, return self.get_config_ivs(instance,
network, mapping, vif,
image_meta, image_meta,
inst_type) inst_type)
elif vif_type == network_model.VIF_TYPE_IOVISOR: elif vif_type == network_model.VIF_TYPE_IOVISOR:
return self.get_config_iovisor(instance, return self.get_config_iovisor(instance,
network, mapping, vif,
image_meta, image_meta,
inst_type) inst_type)
else: else:
raise exception.NovaException( raise exception.NovaException(
_("Unexpected vif_type=%s") % vif_type) _("Unexpected vif_type=%s") % vif_type)
@@ -370,38 +346,39 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
"""Ensure that the bridge exists, and add VIF to it.""" """Ensure that the bridge exists, and add VIF to it."""
super(LibvirtGenericVIFDriver, super(LibvirtGenericVIFDriver,
self).plug(instance, vif) self).plug(instance, vif)
network = vif['network']
network, mapping = vif if (not network.get_meta('multi_host', False) and
if (not network.get('multi_host') and network.get_meta('should_create_bridge', False)):
mapping.get('should_create_bridge')): if network.get_meta('should_create_vlan', False):
if mapping.get('should_create_vlan'): iface = CONF.vlan_interface or \
iface = CONF.vlan_interface or network['bridge_interface'] network.get_meta('bridge_interface')
LOG.debug(_('Ensuring vlan %(vlan)s and bridge %(bridge)s'), LOG.debug(_('Ensuring vlan %(vlan)s and bridge %(bridge)s'),
{'vlan': network['vlan'], {'vlan': network.get_meta('vlan'),
'bridge': self.get_bridge_name(network)}, 'bridge': self.get_bridge_name(vif)},
instance=instance) instance=instance)
linux_net.LinuxBridgeInterfaceDriver.ensure_vlan_bridge( linux_net.LinuxBridgeInterfaceDriver.ensure_vlan_bridge(
network['vlan'], network.get_meta('vlan'),
self.get_bridge_name(network), self.get_bridge_name(vif),
iface) iface)
else: else:
iface = CONF.flat_interface or network['bridge_interface'] iface = CONF.flat_interface or \
network.get_meta('bridge_interface')
LOG.debug(_("Ensuring bridge %s"), LOG.debug(_("Ensuring bridge %s"),
self.get_bridge_name(network), instance=instance) self.get_bridge_name(vif), instance=instance)
linux_net.LinuxBridgeInterfaceDriver.ensure_bridge( linux_net.LinuxBridgeInterfaceDriver.ensure_bridge(
self.get_bridge_name(network), self.get_bridge_name(vif),
iface) iface)
def plug_ovs_ethernet(self, instance, vif): def plug_ovs_ethernet(self, instance, vif):
super(LibvirtGenericVIFDriver, super(LibvirtGenericVIFDriver,
self).plug(instance, vif) self).plug(instance, vif)
network, mapping = vif network = vif['network']
iface_id = self.get_ovs_interfaceid(mapping) iface_id = self.get_ovs_interfaceid(vif)
dev = self.get_vif_devname(mapping) dev = self.get_vif_devname(vif)
linux_net.create_tap_dev(dev) linux_net.create_tap_dev(dev)
linux_net.create_ovs_vif_port(self.get_bridge_name(network), linux_net.create_ovs_vif_port(self.get_bridge_name(vif),
dev, iface_id, mapping['mac'], dev, iface_id, vif['address'],
instance['uuid']) instance['uuid'])
def plug_ovs_bridge(self, instance, vif): def plug_ovs_bridge(self, instance, vif):
@@ -420,10 +397,9 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
super(LibvirtGenericVIFDriver, super(LibvirtGenericVIFDriver,
self).plug(instance, vif) self).plug(instance, vif)
network, mapping = vif iface_id = self.get_ovs_interfaceid(vif)
iface_id = self.get_ovs_interfaceid(mapping) br_name = self.get_br_name(vif['id'])
br_name = self.get_br_name(mapping['vif_uuid']) v1_name, v2_name = self.get_veth_pair_names(vif['id'])
v1_name, v2_name = self.get_veth_pair_names(mapping['vif_uuid'])
if not linux_net.device_exists(br_name): if not linux_net.device_exists(br_name):
utils.execute('brctl', 'addbr', br_name, run_as_root=True) utils.execute('brctl', 'addbr', br_name, run_as_root=True)
@@ -434,8 +410,8 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
linux_net._create_veth_pair(v1_name, v2_name) linux_net._create_veth_pair(v1_name, v2_name)
utils.execute('ip', 'link', 'set', br_name, 'up', run_as_root=True) utils.execute('ip', 'link', 'set', br_name, 'up', run_as_root=True)
utils.execute('brctl', 'addif', br_name, v1_name, run_as_root=True) utils.execute('brctl', 'addif', br_name, v1_name, run_as_root=True)
linux_net.create_ovs_vif_port(self.get_bridge_name(network), linux_net.create_ovs_vif_port(self.get_bridge_name(vif),
v2_name, iface_id, mapping['mac'], v2_name, iface_id, vif['address'],
instance['uuid']) instance['uuid'])
def plug_ovs(self, instance, vif): def plug_ovs(self, instance, vif):
@@ -450,11 +426,10 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
super(LibvirtGenericVIFDriver, super(LibvirtGenericVIFDriver,
self).plug(instance, vif) self).plug(instance, vif)
network, mapping = vif iface_id = self.get_ovs_interfaceid(vif)
iface_id = self.get_ovs_interfaceid(mapping) dev = self.get_vif_devname(vif)
dev = self.get_vif_devname(mapping)
linux_net.create_tap_dev(dev) linux_net.create_tap_dev(dev)
linux_net.create_ivs_vif_port(dev, iface_id, mapping['mac'], linux_net.create_ivs_vif_port(dev, iface_id, vif['address'],
instance['uuid']) instance['uuid'])
def plug_ivs_hybrid(self, instance, vif): def plug_ivs_hybrid(self, instance, vif):
@@ -468,10 +443,9 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
super(LibvirtGenericVIFDriver, super(LibvirtGenericVIFDriver,
self).plug(instance, vif) self).plug(instance, vif)
network, mapping = vif iface_id = self.get_ovs_interfaceid(vif)
iface_id = self.get_ovs_interfaceid(mapping) br_name = self.get_br_name(vif['id'])
br_name = self.get_br_name(mapping['vif_uuid']) v1_name, v2_name = self.get_veth_pair_names(vif['id'])
v1_name, v2_name = self.get_veth_pair_names(mapping['vif_uuid'])
if not linux_net.device_exists(br_name): if not linux_net.device_exists(br_name):
utils.execute('brctl', 'addbr', br_name, run_as_root=True) utils.execute('brctl', 'addbr', br_name, run_as_root=True)
@@ -482,7 +456,7 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
linux_net._create_veth_pair(v1_name, v2_name) linux_net._create_veth_pair(v1_name, v2_name)
utils.execute('ip', 'link', 'set', br_name, 'up', run_as_root=True) utils.execute('ip', 'link', 'set', br_name, 'up', run_as_root=True)
utils.execute('brctl', 'addif', br_name, v1_name, run_as_root=True) utils.execute('brctl', 'addif', br_name, v1_name, run_as_root=True)
linux_net.create_ivs_vif_port(v2_name, iface_id, mapping['mac'], linux_net.create_ivs_vif_port(v2_name, iface_id, vif['address'],
instance['uuid']) instance['uuid'])
def plug_ivs(self, instance, vif): def plug_ivs(self, instance, vif):
@@ -507,30 +481,29 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
""" """
super(LibvirtGenericVIFDriver, super(LibvirtGenericVIFDriver,
self).plug(instance, vif) self).plug(instance, vif)
network, mapping = vif dev = self.get_vif_devname(vif)
dev = self.get_vif_devname(mapping) iface_id = vif['id']
iface_id = mapping['vif_uuid']
linux_net.create_tap_dev(dev) linux_net.create_tap_dev(dev)
net_id = network['id'] net_id = vif['network']['id']
tenant_id = instance["project_id"] tenant_id = instance["project_id"]
try: try:
utils.execute('ifc_ctl', 'gateway', 'add_port', dev, utils.execute('ifc_ctl', 'gateway', 'add_port', dev,
run_as_root=True) run_as_root=True)
utils.execute('ifc_ctl', 'gateway', 'ifup', dev, utils.execute('ifc_ctl', 'gateway', 'ifup', dev,
'access_vm', mapping['label'] + "_" + iface_id, 'access_vm',
mapping['mac'], 'pgtag2=%s' % net_id, vif['network']['label'] + "_" + iface_id,
vif['address'], 'pgtag2=%s' % net_id,
'pgtag1=%s' % tenant_id, run_as_root=True) 'pgtag1=%s' % tenant_id, run_as_root=True)
except exception.ProcessExecutionError: except exception.ProcessExecutionError:
LOG.exception(_("Failed while plugging vif"), instance=instance) LOG.exception(_("Failed while plugging vif"), instance=instance)
def plug(self, instance, vif): def plug(self, instance, vif):
network, mapping = vif vif_type = vif['type']
vif_type = mapping.get('vif_type')
LOG.debug(_('vif_type=%(vif_type)s instance=%(instance)s ' LOG.debug(_('vif_type=%(vif_type)s instance=%(instance)s '
'network=%(network)s mapping=%(mapping)s'), 'vif=%(vif)s'),
{'vif_type': vif_type, 'instance': instance, {'vif_type': vif_type, 'instance': instance,
'network': network, 'mapping': mapping}) 'vif': vif})
if vif_type is None: if vif_type is None:
raise exception.NovaException( raise exception.NovaException(
@@ -563,9 +536,8 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
self).unplug(instance, vif) self).unplug(instance, vif)
try: try:
network, mapping = vif linux_net.delete_ovs_vif_port(self.get_bridge_name(vif),
linux_net.delete_ovs_vif_port(self.get_bridge_name(network), self.get_vif_devname(vif))
self.get_vif_devname(mapping))
except processutils.ProcessExecutionError: except processutils.ProcessExecutionError:
LOG.exception(_("Failed while unplugging vif"), instance=instance) LOG.exception(_("Failed while unplugging vif"), instance=instance)
@@ -584,16 +556,15 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
self).unplug(instance, vif) self).unplug(instance, vif)
try: try:
network, mapping = vif br_name = self.get_br_name(vif['id'])
br_name = self.get_br_name(mapping['vif_uuid']) v1_name, v2_name = self.get_veth_pair_names(vif['id'])
v1_name, v2_name = self.get_veth_pair_names(mapping['vif_uuid'])
utils.execute('brctl', 'delif', br_name, v1_name, run_as_root=True) utils.execute('brctl', 'delif', br_name, v1_name, run_as_root=True)
utils.execute('ip', 'link', 'set', br_name, 'down', utils.execute('ip', 'link', 'set', br_name, 'down',
run_as_root=True) run_as_root=True)
utils.execute('brctl', 'delbr', br_name, run_as_root=True) utils.execute('brctl', 'delbr', br_name, run_as_root=True)
linux_net.delete_ovs_vif_port(self.get_bridge_name(network), linux_net.delete_ovs_vif_port(self.get_bridge_name(vif),
v2_name) v2_name)
except processutils.ProcessExecutionError: except processutils.ProcessExecutionError:
LOG.exception(_("Failed while unplugging vif"), instance=instance) LOG.exception(_("Failed while unplugging vif"), instance=instance)
@@ -612,8 +583,7 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
self).unplug(instance, vif) self).unplug(instance, vif)
try: try:
network, mapping = vif linux_net.delete_ivs_vif_port(self.get_vif_devname(vif))
linux_net.delete_ivs_vif_port(self.get_vif_devname(mapping))
except exception.ProcessExecutionError: except exception.ProcessExecutionError:
LOG.exception(_("Failed while unplugging vif"), instance=instance) LOG.exception(_("Failed while unplugging vif"), instance=instance)
@@ -627,9 +597,8 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
self).unplug(instance, vif) self).unplug(instance, vif)
try: try:
network, mapping = vif br_name = self.get_br_name(vif['id'])
br_name = self.get_br_name(mapping['vif_uuid']) v1_name, v2_name = self.get_veth_pair_names(vif['id'])
v1_name, v2_name = self.get_veth_pair_names(mapping['vif_uuid'])
utils.execute('brctl', 'delif', br_name, v1_name, run_as_root=True) utils.execute('brctl', 'delif', br_name, v1_name, run_as_root=True)
utils.execute('ip', 'link', 'set', br_name, 'down', utils.execute('ip', 'link', 'set', br_name, 'down',
@@ -661,13 +630,13 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
""" """
super(LibvirtGenericVIFDriver, super(LibvirtGenericVIFDriver,
self).unplug(instance, vif) self).unplug(instance, vif)
network, mapping = vif iface_id = vif['id']
iface_id = mapping['vif_uuid'] dev = self.get_vif_devname(vif)
dev = self.get_vif_devname(mapping)
try: try:
utils.execute('ifc_ctl', 'gateway', 'ifdown', utils.execute('ifc_ctl', 'gateway', 'ifdown',
dev, 'access_vm', mapping['label'] + "_" + iface_id, dev, 'access_vm',
mapping['mac'], run_as_root=True) vif['network']['label'] + "_" + iface_id,
vif['address'], run_as_root=True)
utils.execute('ifc_ctl', 'gateway', 'del_port', dev, utils.execute('ifc_ctl', 'gateway', 'del_port', dev,
run_as_root=True) run_as_root=True)
linux_net.delete_net_dev(dev) linux_net.delete_net_dev(dev)
@@ -675,13 +644,12 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
LOG.exception(_("Failed while unplugging vif"), instance=instance) LOG.exception(_("Failed while unplugging vif"), instance=instance)
def unplug(self, instance, vif): def unplug(self, instance, vif):
network, mapping = vif vif_type = vif['type']
vif_type = mapping.get('vif_type')
LOG.debug(_('vif_type=%(vif_type)s instance=%(instance)s ' LOG.debug(_('vif_type=%(vif_type)s instance=%(instance)s '
'network=%(network)s mapping=%(mapping)s'), 'vif=%(vif)s'),
{'vif_type': vif_type, 'instance': instance, {'vif_type': vif_type, 'instance': instance,
'network': network, 'mapping': mapping}) 'vif': vif})
if vif_type is None: if vif_type is None:
raise exception.NovaException( raise exception.NovaException(
@@ -710,13 +678,13 @@ class LibvirtBridgeDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx. Will be deprecated in Havana, and removed in Ixxxx.
""" """
def get_config(self, instance, network, mapping, image_meta, inst_type): def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The LibvirtBridgeDriver VIF driver is now " LOG.deprecated(_("The LibvirtBridgeDriver VIF driver is now "
"deprecated and will be removed in the next release. " "deprecated and will be removed in the next release. "
"Please use the LibvirtGenericVIFDriver VIF driver, " "Please use the LibvirtGenericVIFDriver VIF driver, "
"together with a network plugin that reports the " "together with a network plugin that reports the "
"'vif_type' attribute")) "'vif_type' attribute"))
return self.get_config_bridge(instance, network, mapping, image_meta, return self.get_config_bridge(instance, vif, image_meta,
inst_type) inst_type)
def plug(self, instance, vif): def plug(self, instance, vif):
@@ -732,20 +700,20 @@ class LibvirtOpenVswitchDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx. Will be deprecated in Havana, and removed in Ixxxx.
""" """
def get_bridge_name(self, network): def get_bridge_name(self, vif):
return network.get('bridge') or CONF.libvirt_ovs_bridge return vif['network']['bridge'] or CONF.libvirt_ovs_bridge
def get_ovs_interfaceid(self, mapping): def get_ovs_interfaceid(self, vif):
return mapping.get('ovs_interfaceid') or mapping['vif_uuid'] return vif.get('ovs_interfaceid') or vif['id']
def get_config(self, instance, network, mapping, image_meta, inst_type): def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The LibvirtOpenVswitchDriver VIF driver is now " LOG.deprecated(_("The LibvirtOpenVswitchDriver VIF driver is now "
"deprecated and will be removed in the next release. " "deprecated and will be removed in the next release. "
"Please use the LibvirtGenericVIFDriver VIF driver, " "Please use the LibvirtGenericVIFDriver VIF driver, "
"together with a network plugin that reports the " "together with a network plugin that reports the "
"'vif_type' attribute")) "'vif_type' attribute"))
return self.get_config_ovs_ethernet(instance, return self.get_config_ovs_ethernet(instance,
network, mapping, vif,
image_meta, inst_type) image_meta, inst_type)
def plug(self, instance, vif): def plug(self, instance, vif):
@@ -761,20 +729,20 @@ class LibvirtHybridOVSBridgeDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx. Will be deprecated in Havana, and removed in Ixxxx.
""" """
def get_bridge_name(self, network): def get_bridge_name(self, vif):
return network.get('bridge') or CONF.libvirt_ovs_bridge return vif['network']['bridge'] or CONF.libvirt_ovs_bridge
def get_ovs_interfaceid(self, mapping): def get_ovs_interfaceid(self, vif):
return mapping.get('ovs_interfaceid') or mapping['vif_uuid'] return vif.get('ovs_interfaceid') or vif['id']
def get_config(self, instance, network, mapping, image_meta, inst_type): def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The LibvirtHybridOVSBridgeDriver VIF driver is now " LOG.deprecated(_("The LibvirtHybridOVSBridgeDriver VIF driver is now "
"deprecated and will be removed in the next release. " "deprecated and will be removed in the next release. "
"Please use the LibvirtGenericVIFDriver VIF driver, " "Please use the LibvirtGenericVIFDriver VIF driver, "
"together with a network plugin that reports the " "together with a network plugin that reports the "
"'vif_type' attribute")) "'vif_type' attribute"))
return self.get_config_ovs_hybrid(instance, return self.get_config_ovs_hybrid(instance,
network, mapping, vif,
image_meta, image_meta,
inst_type) inst_type)
@@ -791,20 +759,20 @@ class LibvirtOpenVswitchVirtualPortDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx. Will be deprecated in Havana, and removed in Ixxxx.
""" """
def get_bridge_name(self, network): def get_bridge_name(self, vif):
return network.get('bridge') or CONF.libvirt_ovs_bridge return vif['network']['bridge'] or CONF.libvirt_ovs_bridge
def get_ovs_interfaceid(self, mapping): def get_ovs_interfaceid(self, vif):
return mapping.get('ovs_interfaceid') or mapping['vif_uuid'] return vif.get('ovs_interfaceid') or vif['id']
def get_config(self, instance, network, mapping, image_meta, inst_type): def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The LibvirtOpenVswitchVirtualPortDriver VIF driver " LOG.deprecated(_("The LibvirtOpenVswitchVirtualPortDriver VIF driver "
"is now deprecated and will be removed in the next " "is now deprecated and will be removed in the next "
"release. Please use the LibvirtGenericVIFDriver VIF " "release. Please use the LibvirtGenericVIFDriver VIF "
"driver, together with a network plugin that reports " "driver, together with a network plugin that reports "
"the 'vif_type' attribute")) "the 'vif_type' attribute"))
return self.get_config_ovs_bridge(instance, return self.get_config_ovs_bridge(instance,
network, mapping, vif,
image_meta, image_meta,
inst_type) inst_type)
@@ -821,11 +789,12 @@ class NeutronLinuxBridgeVIFDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx. Will be deprecated in Havana, and removed in Ixxxx.
""" """
def get_bridge_name(self, network): def get_bridge_name(self, vif):
network = vif['network']
def_bridge = ("brq" + network['id'])[:network_model.NIC_NAME_LEN] def_bridge = ("brq" + network['id'])[:network_model.NIC_NAME_LEN]
return network.get('bridge') or def_bridge return vif['network'].get('bridge') or def_bridge
def get_config(self, instance, network, mapping, image_meta, inst_type): def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The NeutronLinuxBridgeVIFDriver VIF driver is now " LOG.deprecated(_("The NeutronLinuxBridgeVIFDriver VIF driver is now "
"deprecated and will be removed in the next release. " "deprecated and will be removed in the next release. "
"Please use the LibvirtGenericVIFDriver VIF driver, " "Please use the LibvirtGenericVIFDriver VIF driver, "
@@ -833,9 +802,10 @@ class NeutronLinuxBridgeVIFDriver(LibvirtGenericVIFDriver):
"'vif_type' attribute")) "'vif_type' attribute"))
# In order for libvirt to make use of the bridge name then it has # In order for libvirt to make use of the bridge name then it has
# to ensure that the bridge exists # to ensure that the bridge exists
if 'should_create_bridge' not in mapping: network = vif['network']
mapping['should_create_bridge'] = True if network and not network.get_meta('should_create_bridge', False):
return self.get_config_bridge(instance, network, mapping, image_meta, vif['network']['meta']['should_create_bridge'] = True
return self.get_config_bridge(instance, vif, image_meta,
inst_type) inst_type)
def plug(self, instance, vif): def plug(self, instance, vif):