openstack/nova
Code Issues Proposed changes

Remove old legacy network info model in libvirt driver

Browse Source 
Update libvirt driver, virt firewall and hypervisor unit tests to
use nova.network.model instead of legacy "network,mapping" tuple.

Partly implement blueprint nova-network-legacy

Co-author: Amir Sadoughi<amir.sadoughi@gmail.com>
Change-Id: I4d38bb81a4f64efdb78f5da52fbbb382981e0b96
This commit is contained in:
Yaguang Tang
2013-07-25 00:43:22 +08:00
parent 122ef5c385
commit f070f08954
10 changed files with 521 additions and 492 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nova/tests/fake_network.py
View File

@@ -57,7 +57,7 @@ class FakeVIFDriver(object):
def setattr(self, key, val):
self.__setattr__(key, val)
def get_config(self, instance, network, mapping, image_meta, inst_type):
def get_config(self, instance, vif, image_meta, inst_type):
conf = libvirt_config.LibvirtConfigGuestInterface()
for attr, val in conf.__dict__.iteritems():

2
nova/tests/utils.py
View File

@@ -133,7 +133,7 @@ def get_test_network_info(count=1, legacy_model=True):
ips=[network_model.IP(fake_ip),
network_model.IP(fake_ip)],
routes=None,
dhcp_server=network_model.IP(fake_ip))
dhcp_server=fake_ip)
subnet_6 = network_model.Subnet(cidr=fake_ip,
gateway=network_model.IP(fake_ip),
ips=[network_model.IP(fake_ip),

133
nova/tests/virt/libvirt/test_libvirt.py
View File

@@ -454,7 +454,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
cfg = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(cfg.acpi, True)
self.assertEquals(cfg.apic, True)
@@ -501,7 +502,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
cfg = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 2),
_fake_network_info(self.stubs, 2,
spectacular=True),
None, disk_info)
self.assertEquals(cfg.acpi, True)
self.assertEquals(cfg.memory, 1024 * 1024 * 2)
@@ -772,7 +774,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(conf.cpu, None)
@@ -792,7 +795,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU)
@@ -809,7 +813,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(conf.cpu, None)
@@ -823,7 +828,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(conf.cpu, None)
@@ -841,7 +847,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU)
@@ -862,7 +869,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU)
@@ -884,7 +892,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU)
@@ -907,7 +916,8 @@ class LibvirtConnTestCase(test.TestCase):
self.assertRaises(exception.NovaException,
conn.get_guest_config,
instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None,
disk_info)
@@ -942,7 +952,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU)
@@ -968,7 +979,8 @@ class LibvirtConnTestCase(test.TestCase):
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
conf = conn.get_guest_config(instance_ref,
_fake_network_info(self.stubs, 1),
_fake_network_info(self.stubs, 1,
spectacular=True),
None, disk_info)
self.assertEquals(type(conf.cpu),
vconfig.LibvirtConfigGuestCPU)
@@ -1865,7 +1877,8 @@ class LibvirtConnTestCase(test.TestCase):
def test_multi_nic(self):
instance_data = dict(self.test_instance)
network_info = _fake_network_info(self.stubs, 2)
network_info = _fake_network_info(self.stubs, 2,
spectacular=True)
conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
instance_ref = db.instance_create(self.context, instance_data)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
@@ -1886,7 +1899,8 @@ class LibvirtConnTestCase(test.TestCase):
self.assertEquals(conn.uri(), 'lxc:///')
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1,
spectacular=True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
xml = conn.to_xml(instance_ref, network_info, disk_info)
@@ -1940,7 +1954,8 @@ class LibvirtConnTestCase(test.TestCase):
self.flags(libvirt_disk_prefix=prefix)
conn = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1,
spectacular=True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref)
xml = conn.to_xml(instance_ref, network_info, disk_info)
@@ -1974,7 +1989,7 @@ class LibvirtConnTestCase(test.TestCase):
user_context = context.RequestContext(self.user_id, self.project_id)
instance_ref = db.instance_create(user_context, self.test_instance)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
drv = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
@@ -2002,7 +2017,7 @@ class LibvirtConnTestCase(test.TestCase):
block_device_info, wantConfig):
user_context = context.RequestContext(self.user_id, self.project_id)
instance_ref = db.instance_create(user_context, self.test_instance)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
drv = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
@@ -2031,7 +2046,7 @@ class LibvirtConnTestCase(test.TestCase):
def _check_xml_and_uuid(self, image_meta):
user_context = context.RequestContext(self.user_id, self.project_id)
instance_ref = db.instance_create(user_context, self.test_instance)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
drv = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
@@ -2188,7 +2203,7 @@ class LibvirtConnTestCase(test.TestCase):
self.assertEquals(conn.uri(), expected_uri)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
disk_info = blockinfo.get_disk_info(CONF.libvirt_type,
instance_ref,
rescue=rescue)
@@ -2208,8 +2223,8 @@ class LibvirtConnTestCase(test.TestCase):
(check(tree), expected_result, i))
filterref = './devices/interface/filterref'
(network, mapping) = network_info[0]
nic_id = mapping['mac'].replace(':', '')
vif = network_info[0]
nic_id = vif['address'].replace(':', '')
fw = firewall.NWFilterFirewall(fake.FakeVirtAPI(), conn)
instance_filter_name = fw._instance_filter_name(instance_ref,
nic_id)
@@ -2250,7 +2265,7 @@ class LibvirtConnTestCase(test.TestCase):
# _fake_network_info must be called before create_fake_libvirt_mock(),
# as _fake_network_info calls importutils.import_class() and
# create_fake_libvirt_mock() mocks importutils.import_class().
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.create_fake_libvirt_mock()
instance_ref = db.instance_create(self.context, self.test_instance)
@@ -2768,7 +2783,7 @@ class LibvirtConnTestCase(test.TestCase):
# _fake_network_info must be called before create_fake_libvirt_mock(),
# as _fake_network_info calls importutils.import_class() and
# create_fake_libvirt_mock() mocks importutils.import_class().
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.create_fake_libvirt_mock(getLibVersion=fake_getLibVersion,
getCapabilities=fake_getCapabilities,
getVersion=lambda: 1005001)
@@ -4615,9 +4630,8 @@ class IptablesFirewallTestCase(test.TestCase):
self.stubs.Set(compute_utils, 'get_nw_info_for_instance',
lambda instance: network_model)
network_info = network_model.legacy()
self.fw.prepare_instance_filter(instance_ref, network_info)
self.fw.apply_instance_filter(instance_ref, network_info)
self.fw.prepare_instance_filter(instance_ref, network_model)
self.fw.apply_instance_filter(instance_ref, network_model)
in_rules = filter(lambda l: not l.startswith('#'),
self.in_rules)
@@ -4674,14 +4688,14 @@ class IptablesFirewallTestCase(test.TestCase):
def test_filters_for_instance_with_ip_v6(self):
self.flags(use_ipv6=True)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info)
self.assertEquals(len(rulesv4), 2)
self.assertEquals(len(rulesv6), 1)
def test_filters_for_instance_without_ip_v6(self):
self.flags(use_ipv6=False)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info)
self.assertEquals(len(rulesv4), 2)
self.assertEquals(len(rulesv6), 0)
@@ -4694,7 +4708,9 @@ class IptablesFirewallTestCase(test.TestCase):
networks_count = 5
instance_ref = self._create_instance_ref()
network_info = _fake_network_info(self.stubs, networks_count,
ipv4_addr_per_network)
ipv4_addr_per_network, spectacular=True)
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = \
'1.1.1.1'
ipv4_len = len(self.fw.iptables.ipv4['filter'].rules)
ipv6_len = len(self.fw.iptables.ipv6['filter'].rules)
inst_ipv4, inst_ipv6 = self.fw.instance_rules(instance_ref,
@@ -4743,7 +4759,7 @@ class IptablesFirewallTestCase(test.TestCase):
self.fw.nwfilter._conn.nwfilterLookupByName = _lookup_name
instance_ref = self._create_instance_ref()
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.fw.setup_basic_filtering(instance_ref, network_info)
self.fw.prepare_instance_filter(instance_ref, network_info)
self.fw.apply_instance_filter(instance_ref, network_info)
@@ -4763,7 +4779,7 @@ class IptablesFirewallTestCase(test.TestCase):
# create a firewall via setup_basic_filtering like libvirt_conn.spawn
# should have a chain with 0 rules
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.fw.setup_basic_filtering(instance_ref, network_info)
self.assertTrue('provider' in self.fw.iptables.ipv4['filter'].chains)
rules = [rule for rule in self.fw.iptables.ipv4['filter'].rules
@@ -4926,32 +4942,40 @@ class NWFilterTestCase(test.TestCase):
mac.translate(None, ':'))
requiredlist = ['no-arp-spoofing', 'no-ip-spoofing',
'no-mac-spoofing']
required_not_list = []
if allow_dhcp:
requiredlist.append('allow-dhcp-server')
else:
required_not_list.append('allow-dhcp-server')
for required in requiredlist:
self.assertTrue(required in
self.recursive_depends[instance_filter],
"Instance's filter does not include %s" %
required)
for required_not in required_not_list:
self.assertFalse(required_not in
self.recursive_depends[instance_filter],
"Instance filter includes %s" % required_not)
self.security_group = self.setup_and_return_security_group()
db.instance_add_security_group(self.context, inst_uuid,
self.security_group['id'])
instance = db.instance_get(self.context, inst_id)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
# since there is one (network_info) there is one vif
# pass this vif's mac to _ensure_all_called()
# to set the instance_filter properly
mac = network_info[0][1]['mac']
mac = network_info[0]['address']
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = \
'1.1.1.1'
self.fw.setup_basic_filtering(instance, network_info)
allow_dhcp = True
_ensure_all_called(mac, allow_dhcp)
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = None
self.fw.setup_basic_filtering(instance, network_info)
allow_dhcp = False
for (network, mapping) in network_info:
if mapping['dhcp_server']:
allow_dhcp = True
break
_ensure_all_called(mac, allow_dhcp)
db.instance_remove_security_group(self.context, inst_uuid,
self.security_group['id'])
@@ -4976,7 +5000,7 @@ class NWFilterTestCase(test.TestCase):
instance = db.instance_get(self.context, inst_id)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.fw.setup_basic_filtering(instance, network_info)
original_filter_count = len(fakefilter.filters)
self.fw.unfilter_instance(instance, network_info)
@@ -5002,11 +5026,11 @@ class NWFilterTestCase(test.TestCase):
instance = db.instance_get(self.context, inst_id)
network_info = _fake_network_info(self.stubs, 1)
network_info = _fake_network_info(self.stubs, 1, spectacular=True)
self.fw.setup_basic_filtering(instance, network_info)
(network, mapping) = network_info[0]
nic_id = mapping['mac'].replace(':', '')
vif = network_info[0]
nic_id = vif['address'].replace(':', '')
instance_filter_name = self.fw._instance_filter_name(instance, nic_id)
f = fakefilter.nwfilterLookupByName(instance_filter_name)
tree = etree.fromstring(f.xml)
@@ -5014,29 +5038,30 @@ class NWFilterTestCase(test.TestCase):
for fref in tree.findall('filterref'):
parameters = fref.findall('./parameter')
for parameter in parameters:
subnet_v4, subnet_v6 = vif['network']['subnets']
if parameter.get('name') == 'IP':
self.assertTrue(_ipv4_like(parameter.get('value'),
'192.168'))
elif parameter.get('name') == 'DHCPSERVER':
dhcp_server = mapping['dhcp_server']
dhcp_server = subnet_v4.get('dhcp_server')
self.assertEqual(parameter.get('value'), dhcp_server)
elif parameter.get('name') == 'RASERVER':
ra_server = mapping.get('gateway_v6') + "/128"
ra_server = subnet_v6['gateway']['address'] + "/128"
self.assertEqual(parameter.get('value'), ra_server)
elif parameter.get('name') == 'PROJNET':
ipv4_cidr = network['cidr']
ipv4_cidr = subnet_v4['cidr']
net, mask = netutils.get_net_and_mask(ipv4_cidr)
self.assertEqual(parameter.get('value'), net)
elif parameter.get('name') == 'PROJMASK':
ipv4_cidr = network['cidr']
ipv4_cidr = subnet_v4['cidr']
net, mask = netutils.get_net_and_mask(ipv4_cidr)
self.assertEqual(parameter.get('value'), mask)
elif parameter.get('name') == 'PROJNET6':
ipv6_cidr = network['cidr_v6']
ipv6_cidr = subnet_v6['cidr']
net, prefix = netutils.get_net_and_prefixlen(ipv6_cidr)
self.assertEqual(parameter.get('value'), net)
elif parameter.get('name') == 'PROJMASK6':
ipv6_cidr = network['cidr_v6']
ipv6_cidr = subnet_v6['cidr']
net, prefix = netutils.get_net_and_prefixlen(ipv6_cidr)
self.assertEqual(parameter.get('value'), prefix)
else:
@@ -5716,11 +5741,13 @@ class LibvirtDriverTestCase(test.TestCase):
self.mox.StubOutWithMock(self.libvirtconnection, "_cleanup_resize")
self.libvirtconnection._cleanup_resize(ins_ref,
_fake_network_info(self.stubs, 1))
_fake_network_info(self.stubs, 1,
spectacular=True))
self.mox.ReplayAll()
self.libvirtconnection.confirm_migration("migration_ref", ins_ref,
_fake_network_info(self.stubs, 1))
_fake_network_info(self.stubs, 1,
spectacular=True))
def test_cleanup_resize_same_host(self):
ins_ref = self._create_instance({'host': CONF.host})
@@ -5736,7 +5763,8 @@ class LibvirtDriverTestCase(test.TestCase):
self.mox.ReplayAll()
self.libvirtconnection._cleanup_resize(ins_ref,
_fake_network_info(self.stubs, 1))
_fake_network_info(self.stubs, 1,
spectacular=True))
def test_cleanup_resize_not_same_host(self):
host = 'not' + CONF.host
@@ -5768,7 +5796,8 @@ class LibvirtDriverTestCase(test.TestCase):
self.mox.ReplayAll()
self.libvirtconnection._cleanup_resize(ins_ref,
_fake_network_info(self.stubs, 1))
_fake_network_info(self.stubs, 1,
spectacular=True))
def test_get_instance_disk_info_exception(self):
instance_name = "fake-instance-name"

327
nova/tests/virt/libvirt/test_libvirt_vif.py
View File

@@ -29,79 +29,134 @@ from nova.virt.libvirt import vif
CONF = cfg.CONF
def get_default_mapping(exclude=None, **kwargs):
mapping_body = {
'mac': 'ca:fe:de:ad:be:ef',
'ips': [{'ip': '101.168.1.9'}],
'dhcp_server': '191.168.1.1',
'vif_uuid': 'vif-xxx-yyy-zzz',
'vif_devname': 'tap-xxx-yyy-zzz'
}
mapping_body.update(kwargs)
if exclude:
for key in exclude:
del mapping_body[key]
return mapping_body
def get_default_net(**kwargs):
body = {
'cidr': '101.168.1.0/24',
'cidr_v6': '101:1db9::/64',
'gateway_v6': '101:1db9::1',
'netmask_v6': '64',
'netmask': '255.255.255.0',
'vlan': 99,
'gateway': '101.168.1.1',
'broadcast': '101.168.1.255',
'dns1': '8.8.8.8',
'id': 'network-id-xxx-yyy-zzz'
}
body.update(kwargs)
return body
class LibvirtVifTestCase(test.TestCase):
net_bridge = get_default_net(bridge='br0', bridge_interface='eth0')
net_bridge_neutron = get_default_net(bridge_interface='eth0')
net_ovs = get_default_net(bridge='br0')
net_8021 = get_default_net(interface='eth0')
gateway_bridge_4 = network_model.IP(address='101.168.1.1', type='gateway')
dns_bridge_4 = network_model.IP(address='8.8.8.8', type=None)
ips_bridge_4 = [network_model.IP(address='101.168.1.9', type=None)]
subnet_bridge_4 = network_model.Subnet(cidr='101.168.1.0/24',
dns=[dns_bridge_4],
gateway=gateway_bridge_4,
routes=None,
dhcp_server='191.168.1.1')
mapping_bridge = get_default_mapping(gateway_v6=net_bridge['gateway_v6'],
vif_type=
network_model.VIF_TYPE_BRIDGE)
mapping_bridge_neutron = get_default_mapping(
gateway_v6=net_bridge['gateway_v6'])
mapping_ovs = get_default_mapping(gateway_v6=net_ovs['gateway_v6'],
vif_type=network_model.VIF_TYPE_OVS,
gateway_bridge_6 = network_model.IP(address='101:1db9::1', type='gateway')
subnet_bridge_6 = network_model.Subnet(cidr='101:1db9::/64',
dns=None,
gateway=gateway_bridge_6,
ips=None,
routes=None)
network_bridge = network_model.Network(id='network-id-xxx-yyy-zzz',
bridge='br0',
label=None,
subnets=[subnet_bridge_4,
subnet_bridge_6],
bridge_interface='eth0',
vlan=99)
vif_bridge = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_bridge,
type=network_model.VIF_TYPE_BRIDGE,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid=None)
network_bridge_neutron = network_model.Network(id='network-id-xxx-yyy-zzz',
bridge=None,
label=None,
subnets=[subnet_bridge_4,
subnet_bridge_6],
bridge_interface='eth0',
vlan=99)
vif_bridge_neutron = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_bridge_neutron,
type=None,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid='aaa-bbb-ccc')
mapping_ivs = get_default_mapping(gateway_v6=net_ovs['gateway_v6'],
vif_type=network_model.VIF_TYPE_IVS,
ivs_interfaceid='aaa-bbb-ccc')
network_ovs = network_model.Network(id='network-id-xxx-yyy-zzz',
bridge='br0',
label=None,
subnets=[subnet_bridge_4,
subnet_bridge_6],
bridge_interface=None,
vlan=99)
mapping_ovs_legacy = get_default_mapping(['vif_devname'],
gateway_v6=net_ovs['gateway_v6'])
network_ivs = network_model.Network(id='network-id-xxx-yyy-zzz',
bridge='br0',
label=None,
subnets=[subnet_bridge_4,
subnet_bridge_6],
bridge_interface=None,
vlan=99)
mapping_8021qbh = get_default_mapping(
['ips', 'dhcp_server'], vif_type=network_model.VIF_TYPE_802_QBH,
qbh_params=network_model.VIF8021QbhParams(profileid="xxx-yyy-zzz"),)
vif_ovs = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_ovs,
type=network_model.VIF_TYPE_OVS,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid='aaa-bbb-ccc')
net_iovisor = get_default_net(interface='eth0')
vif_ovs_legacy = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_ovs,
type=None,
devname=None,
ovs_interfaceid=None)
mapping_iovisor = get_default_mapping(
['ips', 'dhcp_server'], vif_type=network_model.VIF_TYPE_IOVISOR)
vif_ivs = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_ivs,
type=network_model.VIF_TYPE_IVS,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid='aaa-bbb-ccc')
mapping_8021qbg = get_default_mapping(
['ips', 'dhcp_server'], vif_type=network_model.VIF_TYPE_802_QBG,
qbg_params=network_model.VIF8021QbgParams(managerid="xxx-yyy-zzz",
vif_ivs_legacy = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_ovs,
type=None,
devname=None,
ovs_interfaceid='aaa')
vif_none = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_bridge,
type=None,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid=None)
network_8021 = network_model.Network(id='network-id-xxx-yyy-zzz',
bridge=None,
label=None,
subnets=[subnet_bridge_4,
subnet_bridge_6],
interface='eth0',
vlan=99)
vif_8021qbh = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_8021,
type=network_model.VIF_TYPE_802_QBH,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid=None,
qbh_params=network_model.VIF8021QbhParams(
profileid="xxx-yyy-zzz"))
vif_8021qbg = network_model.VIF(id='vif-xxx-yyy-zzz',
address='ca:fe:de:ad:be:ef',
network=network_8021,
type=network_model.VIF_TYPE_802_QBG,
devname='tap-xxx-yyy-zzz',
ovs_interfaceid=None,
qbg_params=network_model.VIF8021QbgParams(
managerid="xxx-yyy-zzz",
typeid="aaa-bbb-ccc",
typeidversion="1",
instanceid="ddd-eee-fff"))
mapping_none = get_default_mapping(gateway_v6=net_bridge['gateway_v6'])
instance = {
'name': 'instance-name',
'uuid': 'instance-uuid'
@@ -141,9 +196,9 @@ class LibvirtVifTestCase(test.TestCase):
self.assertEqual(len(ret), 1)
return ret[0]
def _assertMacEquals(self, node, mapping):
def _assertMacEquals(self, node, vif):
mac = node.find("mac").get("address")
self.assertEqual(mac, mapping['mac'])
self.assertEqual(mac, vif['address'])
def _assertTypeEquals(self, node, type, attr, source, br_want,
prefix=None):
@@ -154,13 +209,13 @@ class LibvirtVifTestCase(test.TestCase):
else:
self.assertTrue(br_name.startswith(prefix))
def _assertTypeAndMacEquals(self, node, type, attr, source, mapping,
def _assertTypeAndMacEquals(self, node, type, attr, source, vif,
br_want=None, size=0, prefix=None):
ret = node.findall("filterref")
self.assertEqual(len(ret), size)
self._assertTypeEquals(node, type, attr, source, br_want,
prefix)
self._assertMacEquals(node, mapping)
self._assertMacEquals(node, vif)
def _assertModel(self, xml, model_want=None, driver_want=None):
node = self._get_node(xml)
@@ -186,13 +241,13 @@ class LibvirtVifTestCase(test.TestCase):
conf.vcpus = 4
return conf
def _get_instance_xml(self, driver, net, mapping, image_meta=None):
def _get_instance_xml(self, driver, vif, image_meta=None):
default_inst_type = flavors.get_default_flavor()
extra_specs = default_inst_type['extra_specs'].items()
quota_bandwith = self.bandwidth.items()
default_inst_type['extra_specs'] = dict(extra_specs + quota_bandwith)
conf = self._get_conf()
nic = driver.get_config(self.instance, net, mapping, image_meta,
nic = driver.get_config(self.instance, vif, image_meta,
default_inst_type)
conf.add_device(nic)
return conf.to_xml()
@@ -238,9 +293,7 @@ class LibvirtVifTestCase(test.TestCase):
libvirt_type='kvm')
d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d,
self.net_bridge,
self.mapping_bridge)
xml = self._get_instance_xml(d, self.vif_bridge)
self._assertModel(xml)
def test_model_kvm(self):
@@ -248,9 +301,7 @@ class LibvirtVifTestCase(test.TestCase):
libvirt_type='kvm')
d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d,
self.net_bridge,
self.mapping_bridge)
xml = self._get_instance_xml(d, self.vif_bridge)
self._assertModel(xml, "virtio")
@@ -260,9 +311,7 @@ class LibvirtVifTestCase(test.TestCase):
d = vif.LibvirtGenericVIFDriver(self._get_conn())
image_meta = {'properties': {'hw_vif_model': 'e1000'}}
xml = self._get_instance_xml(d,
self.net_bridge,
self.mapping_bridge,
xml = self._get_instance_xml(d, self.vif_bridge,
image_meta)
self._assertModel(xml, "e1000")
@@ -275,8 +324,7 @@ class LibvirtVifTestCase(test.TestCase):
self.assertRaises(exception.UnsupportedHardware,
self._get_instance_xml,
d,
self.net_bridge,
self.mapping_bridge,
self.vif_bridge,
image_meta)
def test_model_qemu(self):
@@ -284,9 +332,7 @@ class LibvirtVifTestCase(test.TestCase):
libvirt_type='qemu')
d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d,
self.net_bridge,
self.mapping_bridge)
xml = self._get_instance_xml(d, self.vif_bridge)
doc = etree.fromstring(xml)
@@ -300,9 +346,7 @@ class LibvirtVifTestCase(test.TestCase):
libvirt_type='xen')
d = vif.LibvirtGenericVIFDriver(self._get_conn("xen:///system"))
xml = self._get_instance_xml(d,
self.net_bridge,
self.mapping_bridge)
xml = self._get_instance_xml(d, self.vif_bridge)
self._assertModel(xml)
def test_generic_driver_none(self):
@@ -310,90 +354,77 @@ class LibvirtVifTestCase(test.TestCase):
self.assertRaises(exception.NovaException,
self._get_instance_xml,
d,
self.net_bridge,
self.mapping_none)
self.vif_none)
def _check_bridge_driver(self, d, net, mapping, br_want):
xml = self._get_instance_xml(d, net, mapping)
def _check_bridge_driver(self, d, vif, br_want):
xml = self._get_instance_xml(d, vif)
node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "bridge", "source", "bridge",
self.mapping_bridge, br_want, 1)
self.vif_bridge, br_want, 1)
def test_bridge_driver(self):
d = vif.LibvirtBridgeDriver(self._get_conn())
self._check_bridge_driver(d,
self.net_bridge,
self.mapping_bridge,
self.net_bridge['bridge'])
self.vif_bridge,
self.vif_bridge['network']['bridge'])
def test_generic_driver_bridge(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn())
self._check_bridge_driver(d,
self.net_bridge,
self.mapping_bridge,
self.net_bridge['bridge'])
self.vif_bridge,
self.vif_bridge['network']['bridge'])
def test_neutron_bridge_driver(self):
d = vif.NeutronLinuxBridgeVIFDriver(self._get_conn())
br_want = 'brq' + self.net_bridge_neutron['id']
br_want = 'brq' + self.vif_bridge_neutron['network']['id']
br_want = br_want[:network_model.NIC_NAME_LEN]
self._check_bridge_driver(d,
self.net_bridge_neutron,
self.mapping_bridge_neutron,
self.vif_bridge_neutron,
br_want)
def _check_ivs_ethernet_driver(self, d, net, mapping, dev_prefix):
def _check_ivs_ethernet_driver(self, d, vif, dev_prefix):
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d, net, mapping)
xml = self._get_instance_xml(d, vif)
node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "ethernet", "target", "dev",
self.mapping_ivs, prefix=dev_prefix)
self.vif_ivs, prefix=dev_prefix)
script = node.find("script").get("path")
self.assertEquals(script, "")
def _check_ovs_ethernet_driver(self, d, net, mapping, dev_prefix):
def _check_ovs_ethernet_driver(self, d, vif, dev_prefix):
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d, net, mapping)
xml = self._get_instance_xml(d, vif)
node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "ethernet", "target", "dev",
self.mapping_ovs, prefix=dev_prefix)
self.vif_ovs, prefix=dev_prefix)
script = node.find("script").get("path")
self.assertEquals(script, "")
def test_ovs_ethernet_driver_legacy(self):
d = vif.LibvirtOpenVswitchDriver(self._get_conn(ver=9010))
self._check_ovs_ethernet_driver(d,
self.net_ovs,
self.mapping_ovs_legacy,
"nic")
def test_ovs_ethernet_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9010))
self._check_ovs_ethernet_driver(d,
self.net_ovs,
self.mapping_ovs,
self.vif_ovs,
"tap")
def test_ivs_ethernet_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9010))
self._check_ivs_ethernet_driver(d,
self.net_ovs,
self.mapping_ivs,
self.vif_ivs,
"tap")
def _check_ivs_virtualport_driver(self, d, net, mapping, want_iface_id):
def _check_ivs_virtualport_driver(self, d, vif, want_iface_id):
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d, net, mapping)
xml = self._get_instance_xml(d, vif)
node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "ethernet", "target", "dev",
mapping, mapping['vif_devname'])
vif, vif['devname'])
def _check_ovs_virtualport_driver(self, d, net, mapping, want_iface_id):
def _check_ovs_virtualport_driver(self, d, vif, want_iface_id):
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d, net, mapping)
xml = self._get_instance_xml(d, vif)
node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "bridge", "source", "bridge",
mapping, "br0")
vif, "br0")
vp = node.find("virtualport")
self.assertEqual(vp.get("type"), "openvswitch")
iface_id_found = False
@@ -409,73 +440,65 @@ class LibvirtVifTestCase(test.TestCase):
d = vif.LibvirtOpenVswitchVirtualPortDriver(self._get_conn(ver=9011))
want_iface_id = 'vif-xxx-yyy-zzz'
self._check_ovs_virtualport_driver(d,
self.net_ovs,
self.mapping_ovs_legacy,
self.vif_ovs_legacy,
want_iface_id)
def test_generic_ovs_virtualport_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9011))
want_iface_id = self.mapping_ovs['ovs_interfaceid']
want_iface_id = self.vif_ovs['ovs_interfaceid']
self._check_ovs_virtualport_driver(d,
self.net_ovs,
self.mapping_ovs,
self.vif_ovs,
want_iface_id)
def test_generic_ivs_virtualport_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn(ver=9011))
want_iface_id = self.mapping_ivs['ivs_interfaceid']
want_iface_id = self.vif_ivs['ovs_interfaceid']
self._check_ivs_virtualport_driver(d,
self.net_ovs,
self.mapping_ivs,
self.vif_ivs,
want_iface_id)
def _check_neutron_hybrid_driver(self, d, net, mapping, br_want):
def _check_neutron_hybrid_driver(self, d, vif, br_want):
self.flags(firewall_driver="nova.virt.firewall.IptablesFirewallDriver")
xml = self._get_instance_xml(d, net, mapping)
xml = self._get_instance_xml(d, vif)
node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "bridge", "source", "bridge",
mapping, br_want, 1)
vif, br_want, 1)
def test_quantum_hybrid_driver(self):
br_want = "qbr" + self.mapping_ovs['vif_uuid']
br_want = "qbr" + self.vif_ovs['id']
br_want = br_want[:network_model.NIC_NAME_LEN]
d = vif.LibvirtHybridOVSBridgeDriver(self._get_conn())
self._check_neutron_hybrid_driver(d,
self.net_ovs,
self.mapping_ovs_legacy,
self.vif_ovs_legacy,
br_want)
def test_generic_hybrid_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn())
br_want = "qbr" + self.mapping_ovs['vif_uuid']
br_want = "qbr" + self.vif_ovs['id']
br_want = br_want[:network_model.NIC_NAME_LEN]
self._check_neutron_hybrid_driver(d,
self.net_ovs,
self.mapping_ovs,
self.vif_ovs,
br_want)
def test_ivs_hybrid_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn())
br_want = "qbr" + self.mapping_ivs['vif_uuid']
br_want = "qbr" + self.vif_ivs['id']
br_want = br_want[:network_model.NIC_NAME_LEN]
self._check_neutron_hybrid_driver(d,
self.net_ovs,
self.mapping_ivs,
self.vif_ivs,
br_want)
def test_generic_8021qbh_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d,
self.net_8021,
self.mapping_8021qbh)
xml = self._get_instance_xml(d, self.vif_8021qbh)
node = self._get_node(xml)
self._assertTypeEquals(node, "direct", "source", "dev", "eth0")
self._assertMacEquals(node, self.mapping_8021qbh)
self._assertMacEquals(node, self.vif_8021qbh)
vp = node.find("virtualport")
self.assertEqual(vp.get("type"), "802.1Qbh")
profile_id_found = False
for p_elem in vp.findall("parameters"):
wantparams = self.mapping_8021qbh['qbh_params']
wantparams = self.vif_8021qbh['qbh_params']
profile_id = p_elem.get("profileid", None)
if profile_id:
self.assertEqual(profile_id,
@@ -487,23 +510,19 @@ class LibvirtVifTestCase(test.TestCase):
def test_generic_iovisor_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn())
self.flags(firewall_driver="nova.virt.firewall.NoopFirewallDriver")
xml = self._get_instance_xml(d,
self.net_iovisor,
self.mapping_iovisor)
br_want = self.vif_ivs['devname']
xml = self._get_instance_xml(d, self.vif_ivs)
node = self._get_node(xml)
self._assertTypeAndMacEquals(node, "ethernet", "target", "dev",
self.mapping_iovisor,
self.mapping_iovisor['vif_devname'])
self.vif_ivs, br_want)
def test_generic_8021qbg_driver(self):
d = vif.LibvirtGenericVIFDriver(self._get_conn())
xml = self._get_instance_xml(d,
self.net_8021,
self.mapping_8021qbg)
xml = self._get_instance_xml(d, self.vif_8021qbg)
node = self._get_node(xml)
self._assertTypeEquals(node, "direct", "source", "dev", "eth0")
self._assertMacEquals(node, self.mapping_8021qbg)
self._assertMacEquals(node, self.vif_8021qbg)
vp = node.find("virtualport")
self.assertEqual(vp.get("type"), "802.1Qbg")
@@ -512,7 +531,7 @@ class LibvirtVifTestCase(test.TestCase):
typeversion_id_found = False
instance_id_found = False
for p_elem in vp.findall("parameters"):
wantparams = self.mapping_8021qbg['qbg_params']
wantparams = self.vif_8021qbg['qbg_params']
manager_id = p_elem.get("managerid", None)
type_id = p_elem.get("typeid", None)
typeversion_id = p_elem.get("typeidversion", None)

10
nova/tests/virt/test_virt_drivers.py
View File

@@ -204,7 +204,9 @@ class _VirtDriverTestCase(_FakeDriverBackendTestCase):
def _get_running_instance(self):
instance_ref = test_utils.get_test_instance()
network_info = test_utils.get_test_network_info()
network_info = test_utils.get_test_network_info(legacy_model=False)
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = \
'1.1.1.1'
image_info = test_utils.get_test_image_info(None, instance_ref)
self.connection.spawn(self.ctxt, instance_ref, image_info,
[], 'herp', network_info=network_info)
@@ -396,7 +398,7 @@ class _VirtDriverTestCase(_FakeDriverBackendTestCase):
def test_destroy_instance_nonexistent(self):
fake_instance = {'id': 42, 'name': 'I just made this up!',
'uuid': 'bda5fb9e-b347-40e8-8256-42397848cb00'}
network_info = test_utils.get_test_network_info()
network_info = test_utils.get_test_network_info(legacy_model=False)
self.connection.destroy(fake_instance, network_info)
@catch_notimplementederror
@@ -550,14 +552,14 @@ class _VirtDriverTestCase(_FakeDriverBackendTestCase):
@catch_notimplementederror
def test_ensure_filtering_for_instance(self):
instance_ref = test_utils.get_test_instance()
network_info = test_utils.get_test_network_info()
network_info = test_utils.get_test_network_info(legacy_model=False)
self.connection.ensure_filtering_rules_for_instance(instance_ref,
network_info)
@catch_notimplementederror
def test_unfilter_instance(self):
instance_ref = test_utils.get_test_instance()
network_info = test_utils.get_test_network_info()
network_info = test_utils.get_test_network_info(legacy_model=False)
self.connection.unfilter_instance(instance_ref, network_info)
@catch_notimplementederror

22
nova/tests/virt/xenapi/test_xenapi.py
View File

@@ -2503,9 +2503,8 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
self.stubs.Set(compute_utils, 'get_nw_info_for_instance',
lambda instance: network_model)
network_info = network_model.legacy()
self.fw.prepare_instance_filter(instance_ref, network_info)
self.fw.apply_instance_filter(instance_ref, network_info)
self.fw.prepare_instance_filter(instance_ref, network_model)
self.fw.apply_instance_filter(instance_ref, network_model)
self._validate_security_group()
# Extra test for TCP acceptance rules
@@ -2521,14 +2520,16 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
def test_filters_for_instance_with_ip_v6(self):
self.flags(use_ipv6=True)
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1)
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1,
spectacular=True)
rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info)
self.assertEquals(len(rulesv4), 2)
self.assertEquals(len(rulesv6), 1)
def test_filters_for_instance_without_ip_v6(self):
self.flags(use_ipv6=False)
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1)
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1,
spectacular=True)
rulesv4, rulesv6 = self.fw._filters_for_instance("fake", network_info)
self.assertEquals(len(rulesv4), 2)
self.assertEquals(len(rulesv6), 0)
@@ -2543,7 +2544,10 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
_get_instance_nw_info = fake_network.fake_get_instance_nw_info
network_info = _get_instance_nw_info(self.stubs,
networks_count,
ipv4_addr_per_network)
ipv4_addr_per_network,
spectacular=True)
network_info[0]['network']['subnets'][0]['meta']['dhcp_server'] = \
'1.1.1.1'
ipv4_len = len(self.fw.iptables.ipv4['filter'].rules)
ipv6_len = len(self.fw.iptables.ipv6['filter'].rules)
inst_ipv4, inst_ipv6 = self.fw.instance_rules(instance_ref,
@@ -2563,7 +2567,8 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
def test_do_refresh_security_group_rules(self):
admin_ctxt = context.get_admin_context()
instance_ref = self._create_instance_ref()
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1, 1)
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1, 1,
spectacular=True)
secgroup = self._create_test_security_group()
db.instance_add_security_group(admin_ctxt, instance_ref['uuid'],
secgroup['id'])
@@ -2592,7 +2597,8 @@ class XenAPIDom0IptablesFirewallTestCase(stubs.XenAPITestBase):
# peeks at how the firewall names chains
chain_name = 'inst-%s' % instance_ref['id']
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1, 1)
network_info = fake_network.fake_get_instance_nw_info(self.stubs, 1, 1,
spectacular=True)
self.fw.prepare_instance_filter(instance_ref, network_info)
self.assertTrue('provider' in self.fw.iptables.ipv4['filter'].chains)
rules = [rule for rule in self.fw.iptables.ipv4['filter'].rules

66
nova/virt/firewall.py
View File

@@ -135,14 +135,6 @@ class FirewallDriver(object):
"""Check nova-instance-instance-xxx exists."""
raise NotImplementedError()
def _handle_network_info_model(self, network_info):
# make sure this is legacy network_info
try:
return network_info.legacy()
except AttributeError:
# no "legacy" function means network_info is legacy
return network_info
class IptablesFirewallDriver(FirewallDriver):
"""Driver which enforces security groups through iptables rules."""
@@ -177,9 +169,6 @@ class IptablesFirewallDriver(FirewallDriver):
self.iptables.defer_apply_off()
def unfilter_instance(self, instance, network_info):
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
if self.instances.pop(instance['id'], None):
# NOTE(vish): use the passed info instead of the stored info
self.network_infos.pop(instance['id'])
@@ -190,9 +179,6 @@ class IptablesFirewallDriver(FirewallDriver):
'filtered'), instance=instance)
def prepare_instance_filter(self, instance, network_info):
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
self.instances[instance['id']] = instance
self.network_infos[instance['id']] = network_info
ipv4_rules, ipv6_rules = self.instance_rules(instance, network_info)
@@ -216,22 +202,31 @@ class IptablesFirewallDriver(FirewallDriver):
def _create_filter(self, ips, chain_name):
return ['-d %s -j $%s' % (ip, chain_name) for ip in ips]
def _get_subnets(self, network_info, version):
subnets = []
for vif in network_info:
if 'network' in vif and 'subnets' in vif['network']:
for subnet in vif['network']['subnets']:
if subnet['version'] == version:
subnets.append(subnet)
return subnets
def _filters_for_instance(self, chain_name, network_info):
"""Creates a rule corresponding to each ip that defines a
jump to the corresponding instance - chain for all the traffic
destined to that ip.
"""
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
ips_v4 = [ip['ip'] for (_n, mapping) in network_info
for ip in mapping['ips']]
v4_subnets = self._get_subnets(network_info, 4)
v6_subnets = self._get_subnets(network_info, 6)
ips_v4 = [ip['address'] for subnet in v4_subnets
for ip in subnet['ips']]
ipv4_rules = self._create_filter(ips_v4, chain_name)
ipv6_rules = []
ipv6_rules = ips_v6 = []
if CONF.use_ipv6:
ips_v6 = [ip['ip'] for (_n, mapping) in network_info
for ip in mapping['ip6s']]
if v6_subnets:
ips_v6 = [ip['address'] for subnet in v6_subnets
for ip in subnet['ips']]
ipv6_rules = self._create_filter(ips_v6, chain_name)
return ipv4_rules, ipv6_rules
@@ -284,10 +279,9 @@ class IptablesFirewallDriver(FirewallDriver):
ipv6_rules += ['-j $provider']
def _do_dhcp_rules(self, ipv4_rules, network_info):
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
dhcp_servers = [info['dhcp_server'] for (_n, info) in network_info]
v4_subnets = self._get_subnets(network_info, 4)
dhcp_servers = [subnet.get_meta('dhcp_server')
for subnet in v4_subnets if subnet.get_meta('dhcp_server')]
for dhcp_server in dhcp_servers:
if dhcp_server:
@@ -296,25 +290,20 @@ class IptablesFirewallDriver(FirewallDriver):
self.dhcp_create = True
def _do_project_network_rules(self, ipv4_rules, ipv6_rules, network_info):
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
cidrs = [network['cidr'] for (network, _i) in network_info]
v4_subnets = self._get_subnets(network_info, 4)
v6_subnets = self._get_subnets(network_info, 6)
cidrs = [subnet['cidr'] for subnet in v4_subnets]
for cidr in cidrs:
ipv4_rules.append('-s %s -j ACCEPT' % (cidr,))
if CONF.use_ipv6:
cidrv6s = [network['cidr_v6'] for (network, _i) in
network_info]
cidrv6s = [subnet['cidr'] for subnet in v6_subnets]
for cidrv6 in cidrv6s:
ipv6_rules.append('-s %s -j ACCEPT' % (cidrv6,))
def _do_ra_rules(self, ipv6_rules, network_info):
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
v6_subnets = self._get_subnets(network_info, 6)
gateways_v6 = [subnet['gateway']['address'] for subnet in v6_subnets]
gateways_v6 = [mapping['gateway_v6'] for (_n, mapping) in
network_info]
for gateway_v6 in gateways_v6:
ipv6_rules.append(
'-s %s/128 -p icmpv6 -j ACCEPT' % (gateway_v6,))
@@ -347,9 +336,6 @@ class IptablesFirewallDriver(FirewallDriver):
rule['to_port'])]
def instance_rules(self, instance, network_info):
# make sure this is legacy nw_info
network_info = self._handle_network_info_model(network_info)
ctxt = context.get_admin_context()
ipv4_rules = []

32
nova/virt/libvirt/driver.py
View File

@@ -693,7 +693,7 @@ class LibvirtDriver(driver.ComputeDriver):
return False
def legacy_nwinfo(self):
return True
return False
# TODO(Shrews): Remove when libvirt Bugzilla bug # 836647 is fixed.
def list_instance_ids(self):
@@ -743,13 +743,13 @@ class LibvirtDriver(driver.ComputeDriver):
def plug_vifs(self, instance, network_info):
"""Plug VIFs into networks."""
for (network, mapping) in network_info:
self.vif_driver.plug(instance, (network, mapping))
for vif in network_info:
self.vif_driver.plug(instance, vif)
def unplug_vifs(self, instance, network_info):
"""Unplug VIFs from networks."""
for (network, mapping) in network_info:
self.vif_driver.unplug(instance, (network, mapping))
for vif in network_info:
self.vif_driver.unplug(instance, vif)
def _destroy(self, instance):
try:
@@ -1156,12 +1156,10 @@ class LibvirtDriver(driver.ComputeDriver):
@exception.wrap_exception()
def attach_interface(self, instance, image_meta, network_info):
virt_dom = self._lookup_by_name(instance['name'])
for (network, mapping) in network_info:
self.vif_driver.plug(instance, (network, mapping))
self.firewall_driver.setup_basic_filtering(instance,
[(network, mapping)])
cfg = self.vif_driver.get_config(instance, network, mapping,
image_meta)
for vif in network_info:
self.vif_driver.plug(instance, vif)
self.firewall_driver.setup_basic_filtering(instance, [vif])
cfg = self.vif_driver.get_config(instance, vif, image_meta)
try:
flags = libvirt.VIR_DOMAIN_AFFECT_CONFIG
state = LIBVIRT_POWER_STATE[virt_dom.info()[0]]
@@ -1171,16 +1169,16 @@ class LibvirtDriver(driver.ComputeDriver):
except libvirt.libvirtError:
LOG.error(_('attaching network adapter failed.'),
instance=instance)
self.vif_driver.unplug(instance, (network, mapping))
self.vif_driver.unplug(instance, vif)
raise exception.InterfaceAttachFailed(instance)
@exception.wrap_exception()
def detach_interface(self, instance, network_info):
virt_dom = self._lookup_by_name(instance['name'])
for (network, mapping) in network_info:
cfg = self.vif_driver.get_config(instance, network, mapping, None)
for vif in network_info:
cfg = self.vif_driver.get_config(instance, vif, None)
try:
self.vif_driver.unplug(instance, (network, mapping))
self.vif_driver.unplug(instance, vif)
flags = libvirt.VIR_DOMAIN_AFFECT_CONFIG
state = LIBVIRT_POWER_STATE[virt_dom.info()[0]]
if state == power_state.RUNNING:
@@ -2405,9 +2403,9 @@ class LibvirtDriver(driver.ComputeDriver):
inst_type):
guest.add_device(cfg)
for (network, mapping) in network_info:
for vif in network_info:
cfg = self.vif_driver.get_config(instance,
network, mapping,
vif,
image_meta,
inst_type)
guest.add_device(cfg)

61
nova/virt/libvirt/firewall.py
View File

@@ -118,49 +118,68 @@ class NWFilterFirewall(base_firewall.FirewallDriver):
self._ensure_static_filters()
allow_dhcp = False
for (network, mapping) in network_info:
if mapping['dhcp_server']:
for vif in network_info:
if not vif['network'] or not vif['network']['subnets']:
continue
for subnet in vif['network']['subnets']:
if subnet.get_meta('dhcp_server'):
allow_dhcp = True
break
base_filter = self.get_base_filter_list(instance, allow_dhcp)
for (network, mapping) in network_info:
for vif in network_info:
self._define_filter(self._get_instance_filter_xml(instance,
base_filter,
network,
mapping))
vif))
def _get_instance_filter_parameters(self, network, mapping):
def _get_instance_filter_parameters(self, vif):
parameters = []
def format_parameter(parameter, value):
return ("<parameter name='%s' value='%s'/>" % (parameter, value))
for address in mapping['ips']:
parameters.append(format_parameter('IP', address['ip']))
if mapping['dhcp_server']:
parameters.append(format_parameter('DHCPSERVER',
mapping['dhcp_server']))
network = vif['network']
if not vif['network'] or not vif['network']['subnets']:
return parameters
v4_subnets = [s for s in network['subnets'] if s['version'] == 4]
v6_subnets = [s for s in network['subnets'] if s['version'] == 6]
for subnet in v4_subnets:
for ip in subnet['ips']:
parameters.append(format_parameter('IP', ip['address']))
dhcp_server = subnet.get_meta('dhcp_server')
if dhcp_server:
parameters.append(format_parameter('DHCPSERVER', dhcp_server))
if CONF.use_ipv6:
ra_server = mapping.get('gateway_v6') + "/128"
for subnet in v6_subnets:
gateway = subnet.get('gateway')
if gateway:
ra_server = gateway['address'] + "/128"
parameters.append(format_parameter('RASERVER', ra_server))
if CONF.allow_same_net_traffic:
ipv4_cidr = network['cidr']
for subnet in v4_subnets:
ipv4_cidr = subnet['cidr']
net, mask = netutils.get_net_and_mask(ipv4_cidr)
parameters.append(format_parameter('PROJNET', net))
parameters.append(format_parameter('PROJMASK', mask))
if CONF.use_ipv6:
ipv6_cidr = network['cidr_v6']
for subnet in v6_subnets:
ipv6_cidr = subnet['cidr']
net, prefix = netutils.get_net_and_prefixlen(ipv6_cidr)
parameters.append(format_parameter('PROJNET6', net))
parameters.append(format_parameter('PROJMASK6', prefix))
return parameters
def _get_instance_filter_xml(self, instance, filters, network, mapping):
nic_id = mapping['mac'].replace(':', '')
def _get_instance_filter_xml(self, instance, filters, vif):
nic_id = vif['address'].replace(':', '')
instance_filter_name = self._instance_filter_name(instance, nic_id)
parameters = self._get_instance_filter_parameters(network, mapping)
parameters = self._get_instance_filter_parameters(vif)
xml = '''<filter name='%s' chain='root'>''' % instance_filter_name
for f in filters:
xml += '''<filterref filter='%s'>''' % f
@@ -233,8 +252,8 @@ class NWFilterFirewall(base_firewall.FirewallDriver):
def unfilter_instance(self, instance, network_info):
"""Clear out the nwfilter rules."""
instance_name = instance['name']
for (network, mapping) in network_info:
nic_id = mapping['mac'].replace(':', '')
for vif in network_info:
nic_id = vif['address'].replace(':', '')
instance_filter_name = self._instance_filter_name(instance, nic_id)
try:
@@ -261,8 +280,8 @@ class NWFilterFirewall(base_firewall.FirewallDriver):
def instance_filter_exists(self, instance, network_info):
"""Check nova-instance-instance-xxx exists."""
for (network, mapping) in network_info:
nic_id = mapping['mac'].replace(':', '')
for vif in network_info:
nic_id = vif['address'].replace(':', '')
instance_filter_name = self._instance_filter_name(instance, nic_id)
try:
self._conn.nwfilterLookupByName(instance_filter_name)

322
nova/virt/libvirt/vif.py
View File

@@ -89,12 +89,12 @@ class LibvirtBaseVIFDriver(object):
return True
return False
def get_vif_devname(self, mapping):
if 'vif_devname' in mapping:
return mapping['vif_devname']
return ("nic" + mapping['vif_uuid'])[:network_model.NIC_NAME_LEN]
def get_vif_devname(self, vif):
if 'devname' in vif:
return vif['devname']
return ("nic" + vif['id'])[:network_model.NIC_NAME_LEN]
def get_config(self, instance, network, mapping, image_meta, inst_type):
def get_config(self, instance, vif, image_meta, inst_type):
conf = vconfig.LibvirtConfigGuestInterface()
# Default to letting libvirt / the hypervisor choose the model
model = None
@@ -126,7 +126,7 @@ class LibvirtBaseVIFDriver(object):
virt=CONF.libvirt_type)
designer.set_vif_guest_frontend_config(
conf, mapping['mac'], model, driver)
conf, vif['address'], model, driver)
return conf
@@ -140,11 +140,11 @@ class LibvirtBaseVIFDriver(object):
class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
"""Generic VIF driver for libvirt networking."""
def get_bridge_name(self, network):
return network['bridge']
def get_bridge_name(self, vif):
return vif['network']['bridge']
def get_ovs_interfaceid(self, mapping):
return mapping['ovs_interfaceid']
def get_ovs_interfaceid(self, vif):
return vif.get('ovs_interfaceid') or vif['id']
def get_br_name(self, iface_id):
return ("qbr" + iface_id)[:network_model.NIC_NAME_LEN]
@@ -161,20 +161,17 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
return True
return False
def get_config_bridge(self, instance, network, mapping, image_meta,
inst_type):
def get_config_bridge(self, instance, vif, image_meta, inst_type):
"""Get VIF configurations for bridge type."""
conf = super(LibvirtGenericVIFDriver,
self).get_config(instance,
network,
mapping,
self).get_config(instance, vif,
image_meta, inst_type)
designer.set_vif_host_backend_bridge_config(
conf, self.get_bridge_name(network),
self.get_vif_devname(mapping))
conf, self.get_bridge_name(vif),
self.get_vif_devname(vif))
mac_id = mapping['mac'].replace(':', '')
mac_id = vif['address'].replace(':', '')
name = "nova-instance-" + instance['name'] + "-" + mac_id
if self.get_firewall_required():
conf.filtername = name
@@ -182,109 +179,92 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
return conf
def get_config_ovs_ethernet(self, instance, network, mapping,
def get_config_ovs_ethernet(self, instance, vif,
image_meta, inst_type):
conf = super(LibvirtGenericVIFDriver,
self).get_config(instance,
network,
mapping,
self).get_config(instance, vif,
image_meta, inst_type)
dev = self.get_vif_devname(mapping)
dev = self.get_vif_devname(vif)
designer.set_vif_host_backend_ethernet_config(conf, dev)
return conf
def get_config_ovs_bridge(self, instance, network, mapping, image_meta,
def get_config_ovs_bridge(self, instance, vif, image_meta,
inst_type):
conf = super(LibvirtGenericVIFDriver,
self).get_config(instance,
network,
mapping,
self).get_config(instance, vif,
image_meta, inst_type)
designer.set_vif_host_backend_ovs_config(
conf, self.get_bridge_name(network),
self.get_ovs_interfaceid(mapping),
self.get_vif_devname(mapping))
conf, self.get_bridge_name(vif),
self.get_ovs_interfaceid(vif),
self.get_vif_devname(vif))
return conf
def get_config_ovs_hybrid(self, instance, network, mapping, image_meta,
def get_config_ovs_hybrid(self, instance, vif, image_meta,
inst_type):
newnet = copy.deepcopy(network)
newnet['bridge'] = self.get_br_name(mapping['vif_uuid'])
return self.get_config_bridge(instance,
newnet,
mapping,
newvif = copy.deepcopy(vif)
newvif['network']['bridge'] = self.get_br_name(vif['id'])
return self.get_config_bridge(instance, newvif,
image_meta, inst_type)
def get_config_ovs(self, instance, network, mapping, image_meta,
inst_type):
def get_config_ovs(self, instance, vif, image_meta, inst_type):
if self.get_firewall_required():
return self.get_config_ovs_hybrid(instance, network,
mapping,
return self.get_config_ovs_hybrid(instance, vif,
image_meta,
inst_type)
elif self.has_libvirt_version(LIBVIRT_OVS_VPORT_VERSION):
return self.get_config_ovs_bridge(instance, network,
mapping,
return self.get_config_ovs_bridge(instance, vif,
image_meta,
inst_type)
else:
return self.get_config_ovs_ethernet(instance, network,
mapping,
return self.get_config_ovs_ethernet(instance, vif,
image_meta,
inst_type)
def get_config_ivs_hybrid(self, instance, network, mapping, image_meta,
def get_config_ivs_hybrid(self, instance, vif, image_meta,
inst_type):
newnet = copy.deepcopy(network)
newnet['bridge'] = self.get_br_name(mapping['vif_uuid'])
newvif = copy.deepcopy(vif)
newvif['network']['bridge'] = self.get_br_name(vif['id'])
return self.get_config_bridge(instance,
newnet,
mapping,
newvif,
image_meta,
inst_type)
def get_config_ivs_ethernet(self, instance, network, mapping, image_meta,
def get_config_ivs_ethernet(self, instance, vif, image_meta,
inst_type):
conf = super(LibvirtGenericVIFDriver,
self).get_config(instance,
network,
mapping,
vif,
image_meta,
inst_type)
dev = self.get_vif_devname(mapping)
dev = self.get_vif_devname(vif)
designer.set_vif_host_backend_ethernet_config(conf, dev)
return conf
def get_config_ivs(self, instance, network, mapping, image_meta,
inst_type):
def get_config_ivs(self, instance, vif, image_meta, inst_type):
if self.get_firewall_required():
return self.get_config_ivs_hybrid(instance, network,
mapping,
return self.get_config_ivs_hybrid(instance, vif,
image_meta,
inst_type)
else:
return self.get_config_ivs_ethernet(instance, network,
mapping,
return self.get_config_ivs_ethernet(instance, vif,
image_meta,
inst_type)
def get_config_802qbg(self, instance, network, mapping, image_meta,
def get_config_802qbg(self, instance, vif, image_meta,
inst_type):
conf = super(LibvirtGenericVIFDriver,
self).get_config(instance,
network,
mapping,
self).get_config(instance, vif,
image_meta, inst_type)
params = mapping["qbg_params"]
params = vif["qbg_params"]
designer.set_vif_host_backend_802qbg_config(
conf, network["interface"],
conf, vif['network'].get_meta('interface'),
params['managerid'],
params['typeid'],
params['typeidversion'],
@@ -292,41 +272,37 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
return conf
def get_config_802qbh(self, instance, network, mapping, image_meta,
def get_config_802qbh(self, instance, vif, image_meta,
inst_type):
conf = super(LibvirtGenericVIFDriver,
self).get_config(instance,
network,
mapping,
self).get_config(instance, vif,
image_meta, inst_type)
params = mapping["qbh_params"]
params = vif["qbh_params"]
designer.set_vif_host_backend_802qbh_config(
conf, network["interface"],
conf, vif['network'].get_meta('interface'),
params['profileid'])
return conf
def get_config_iovisor(self, instance, network, mapping, image_meta,
def get_config_iovisor(self, instance, vif, image_meta,
inst_type):
conf = super(LibvirtGenericVIFDriver,
self).get_config(instance,
network,
mapping,
self).get_config(instance, vif,
image_meta, inst_type)
dev = self.get_vif_devname(mapping)
dev = self.get_vif_devname(vif)
designer.set_vif_host_backend_ethernet_config(conf, dev)
return conf
def get_config(self, instance, network, mapping, image_meta, inst_type):
vif_type = mapping.get('vif_type')
def get_config(self, instance, vif, image_meta, inst_type):
vif_type = vif['type']
LOG.debug(_('vif_type=%(vif_type)s instance=%(instance)s '
'network=%(network)s mapping=%(mapping)s'),
'vif=%(vif)s'),
{'vif_type': vif_type, 'instance': instance,
'network': network, 'mapping': mapping})
'vif': vif})
if vif_type is None:
raise exception.NovaException(
@@ -334,32 +310,32 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
"for this vif_driver implementation"))
elif vif_type == network_model.VIF_TYPE_BRIDGE:
return self.get_config_bridge(instance,
network, mapping,
vif,
image_meta,
inst_type)
elif vif_type == network_model.VIF_TYPE_OVS:
return self.get_config_ovs(instance,
network, mapping,
vif,
image_meta,
inst_type)
elif vif_type == network_model.VIF_TYPE_802_QBG:
return self.get_config_802qbg(instance,
network, mapping,
vif,
image_meta,
inst_type)
elif vif_type == network_model.VIF_TYPE_802_QBH:
return self.get_config_802qbh(instance,
network, mapping,
vif,
image_meta,
inst_type)
elif vif_type == network_model.VIF_TYPE_IVS:
return self.get_config_ivs(instance,
network, mapping,
vif,
image_meta,
inst_type)
elif vif_type == network_model.VIF_TYPE_IOVISOR:
return self.get_config_iovisor(instance,
network, mapping,
vif,
image_meta,
inst_type)
else:
@@ -370,38 +346,39 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
"""Ensure that the bridge exists, and add VIF to it."""
super(LibvirtGenericVIFDriver,
self).plug(instance, vif)
network, mapping = vif
if (not network.get('multi_host') and
mapping.get('should_create_bridge')):
if mapping.get('should_create_vlan'):
iface = CONF.vlan_interface or network['bridge_interface']
network = vif['network']
if (not network.get_meta('multi_host', False) and
network.get_meta('should_create_bridge', False)):
if network.get_meta('should_create_vlan', False):
iface = CONF.vlan_interface or \
network.get_meta('bridge_interface')
LOG.debug(_('Ensuring vlan %(vlan)s and bridge %(bridge)s'),
{'vlan': network['vlan'],
'bridge': self.get_bridge_name(network)},
{'vlan': network.get_meta('vlan'),
'bridge': self.get_bridge_name(vif)},
instance=instance)
linux_net.LinuxBridgeInterfaceDriver.ensure_vlan_bridge(
network['vlan'],
self.get_bridge_name(network),
network.get_meta('vlan'),
self.get_bridge_name(vif),
iface)
else:
iface = CONF.flat_interface or network['bridge_interface']
iface = CONF.flat_interface or \
network.get_meta('bridge_interface')
LOG.debug(_("Ensuring bridge %s"),
self.get_bridge_name(network), instance=instance)
self.get_bridge_name(vif), instance=instance)
linux_net.LinuxBridgeInterfaceDriver.ensure_bridge(
self.get_bridge_name(network),
self.get_bridge_name(vif),
iface)
def plug_ovs_ethernet(self, instance, vif):
super(LibvirtGenericVIFDriver,
self).plug(instance, vif)
network, mapping = vif
iface_id = self.get_ovs_interfaceid(mapping)
dev = self.get_vif_devname(mapping)
network = vif['network']
iface_id = self.get_ovs_interfaceid(vif)
dev = self.get_vif_devname(vif)
linux_net.create_tap_dev(dev)
linux_net.create_ovs_vif_port(self.get_bridge_name(network),
dev, iface_id, mapping['mac'],
linux_net.create_ovs_vif_port(self.get_bridge_name(vif),
dev, iface_id, vif['address'],
instance['uuid'])
def plug_ovs_bridge(self, instance, vif):
@@ -420,10 +397,9 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
super(LibvirtGenericVIFDriver,
self).plug(instance, vif)
network, mapping = vif
iface_id = self.get_ovs_interfaceid(mapping)
br_name = self.get_br_name(mapping['vif_uuid'])
v1_name, v2_name = self.get_veth_pair_names(mapping['vif_uuid'])
iface_id = self.get_ovs_interfaceid(vif)
br_name = self.get_br_name(vif['id'])
v1_name, v2_name = self.get_veth_pair_names(vif['id'])
if not linux_net.device_exists(br_name):
utils.execute('brctl', 'addbr', br_name, run_as_root=True)
@@ -434,8 +410,8 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
linux_net._create_veth_pair(v1_name, v2_name)
utils.execute('ip', 'link', 'set', br_name, 'up', run_as_root=True)
utils.execute('brctl', 'addif', br_name, v1_name, run_as_root=True)
linux_net.create_ovs_vif_port(self.get_bridge_name(network),
v2_name, iface_id, mapping['mac'],
linux_net.create_ovs_vif_port(self.get_bridge_name(vif),
v2_name, iface_id, vif['address'],
instance['uuid'])
def plug_ovs(self, instance, vif):
@@ -450,11 +426,10 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
super(LibvirtGenericVIFDriver,
self).plug(instance, vif)
network, mapping = vif
iface_id = self.get_ovs_interfaceid(mapping)
dev = self.get_vif_devname(mapping)
iface_id = self.get_ovs_interfaceid(vif)
dev = self.get_vif_devname(vif)
linux_net.create_tap_dev(dev)
linux_net.create_ivs_vif_port(dev, iface_id, mapping['mac'],
linux_net.create_ivs_vif_port(dev, iface_id, vif['address'],
instance['uuid'])
def plug_ivs_hybrid(self, instance, vif):
@@ -468,10 +443,9 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
super(LibvirtGenericVIFDriver,
self).plug(instance, vif)
network, mapping = vif
iface_id = self.get_ovs_interfaceid(mapping)
br_name = self.get_br_name(mapping['vif_uuid'])
v1_name, v2_name = self.get_veth_pair_names(mapping['vif_uuid'])
iface_id = self.get_ovs_interfaceid(vif)
br_name = self.get_br_name(vif['id'])
v1_name, v2_name = self.get_veth_pair_names(vif['id'])
if not linux_net.device_exists(br_name):
utils.execute('brctl', 'addbr', br_name, run_as_root=True)
@@ -482,7 +456,7 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
linux_net._create_veth_pair(v1_name, v2_name)
utils.execute('ip', 'link', 'set', br_name, 'up', run_as_root=True)
utils.execute('brctl', 'addif', br_name, v1_name, run_as_root=True)
linux_net.create_ivs_vif_port(v2_name, iface_id, mapping['mac'],
linux_net.create_ivs_vif_port(v2_name, iface_id, vif['address'],
instance['uuid'])
def plug_ivs(self, instance, vif):
@@ -507,30 +481,29 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
"""
super(LibvirtGenericVIFDriver,
self).plug(instance, vif)
network, mapping = vif
dev = self.get_vif_devname(mapping)
iface_id = mapping['vif_uuid']
dev = self.get_vif_devname(vif)
iface_id = vif['id']
linux_net.create_tap_dev(dev)
net_id = network['id']
net_id = vif['network']['id']
tenant_id = instance["project_id"]
try:
utils.execute('ifc_ctl', 'gateway', 'add_port', dev,
run_as_root=True)
utils.execute('ifc_ctl', 'gateway', 'ifup', dev,
'access_vm', mapping['label'] + "_" + iface_id,
mapping['mac'], 'pgtag2=%s' % net_id,
'access_vm',
vif['network']['label'] + "_" + iface_id,
vif['address'], 'pgtag2=%s' % net_id,
'pgtag1=%s' % tenant_id, run_as_root=True)
except exception.ProcessExecutionError:
LOG.exception(_("Failed while plugging vif"), instance=instance)
def plug(self, instance, vif):
network, mapping = vif
vif_type = mapping.get('vif_type')
vif_type = vif['type']
LOG.debug(_('vif_type=%(vif_type)s instance=%(instance)s '
'network=%(network)s mapping=%(mapping)s'),
'vif=%(vif)s'),
{'vif_type': vif_type, 'instance': instance,
'network': network, 'mapping': mapping})
'vif': vif})
if vif_type is None:
raise exception.NovaException(
@@ -563,9 +536,8 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
self).unplug(instance, vif)
try:
network, mapping = vif
linux_net.delete_ovs_vif_port(self.get_bridge_name(network),
self.get_vif_devname(mapping))
linux_net.delete_ovs_vif_port(self.get_bridge_name(vif),
self.get_vif_devname(vif))
except processutils.ProcessExecutionError:
LOG.exception(_("Failed while unplugging vif"), instance=instance)
@@ -584,16 +556,15 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
self).unplug(instance, vif)
try:
network, mapping = vif
br_name = self.get_br_name(mapping['vif_uuid'])
v1_name, v2_name = self.get_veth_pair_names(mapping['vif_uuid'])
br_name = self.get_br_name(vif['id'])
v1_name, v2_name = self.get_veth_pair_names(vif['id'])
utils.execute('brctl', 'delif', br_name, v1_name, run_as_root=True)
utils.execute('ip', 'link', 'set', br_name, 'down',
run_as_root=True)
utils.execute('brctl', 'delbr', br_name, run_as_root=True)
linux_net.delete_ovs_vif_port(self.get_bridge_name(network),
linux_net.delete_ovs_vif_port(self.get_bridge_name(vif),
v2_name)
except processutils.ProcessExecutionError:
LOG.exception(_("Failed while unplugging vif"), instance=instance)
@@ -612,8 +583,7 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
self).unplug(instance, vif)
try:
network, mapping = vif
linux_net.delete_ivs_vif_port(self.get_vif_devname(mapping))
linux_net.delete_ivs_vif_port(self.get_vif_devname(vif))
except exception.ProcessExecutionError:
LOG.exception(_("Failed while unplugging vif"), instance=instance)
@@ -627,9 +597,8 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
self).unplug(instance, vif)
try:
network, mapping = vif
br_name = self.get_br_name(mapping['vif_uuid'])
v1_name, v2_name = self.get_veth_pair_names(mapping['vif_uuid'])
br_name = self.get_br_name(vif['id'])
v1_name, v2_name = self.get_veth_pair_names(vif['id'])
utils.execute('brctl', 'delif', br_name, v1_name, run_as_root=True)
utils.execute('ip', 'link', 'set', br_name, 'down',
@@ -661,13 +630,13 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
"""
super(LibvirtGenericVIFDriver,
self).unplug(instance, vif)
network, mapping = vif
iface_id = mapping['vif_uuid']
dev = self.get_vif_devname(mapping)
iface_id = vif['id']
dev = self.get_vif_devname(vif)
try:
utils.execute('ifc_ctl', 'gateway', 'ifdown',
dev, 'access_vm', mapping['label'] + "_" + iface_id,
mapping['mac'], run_as_root=True)
dev, 'access_vm',
vif['network']['label'] + "_" + iface_id,
vif['address'], run_as_root=True)
utils.execute('ifc_ctl', 'gateway', 'del_port', dev,
run_as_root=True)
linux_net.delete_net_dev(dev)
@@ -675,13 +644,12 @@ class LibvirtGenericVIFDriver(LibvirtBaseVIFDriver):
LOG.exception(_("Failed while unplugging vif"), instance=instance)
def unplug(self, instance, vif):
network, mapping = vif
vif_type = mapping.get('vif_type')
vif_type = vif['type']
LOG.debug(_('vif_type=%(vif_type)s instance=%(instance)s '
'network=%(network)s mapping=%(mapping)s'),
'vif=%(vif)s'),
{'vif_type': vif_type, 'instance': instance,
'network': network, 'mapping': mapping})
'vif': vif})
if vif_type is None:
raise exception.NovaException(
@@ -710,13 +678,13 @@ class LibvirtBridgeDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx.
"""
def get_config(self, instance, network, mapping, image_meta, inst_type):
def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The LibvirtBridgeDriver VIF driver is now "
"deprecated and will be removed in the next release. "
"Please use the LibvirtGenericVIFDriver VIF driver, "
"together with a network plugin that reports the "
"'vif_type' attribute"))
return self.get_config_bridge(instance, network, mapping, image_meta,
return self.get_config_bridge(instance, vif, image_meta,
inst_type)
def plug(self, instance, vif):
@@ -732,20 +700,20 @@ class LibvirtOpenVswitchDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx.
"""
def get_bridge_name(self, network):
return network.get('bridge') or CONF.libvirt_ovs_bridge
def get_bridge_name(self, vif):
return vif['network']['bridge'] or CONF.libvirt_ovs_bridge
def get_ovs_interfaceid(self, mapping):
return mapping.get('ovs_interfaceid') or mapping['vif_uuid']
def get_ovs_interfaceid(self, vif):
return vif.get('ovs_interfaceid') or vif['id']
def get_config(self, instance, network, mapping, image_meta, inst_type):
def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The LibvirtOpenVswitchDriver VIF driver is now "
"deprecated and will be removed in the next release. "
"Please use the LibvirtGenericVIFDriver VIF driver, "
"together with a network plugin that reports the "
"'vif_type' attribute"))
return self.get_config_ovs_ethernet(instance,
network, mapping,
vif,
image_meta, inst_type)
def plug(self, instance, vif):
@@ -761,20 +729,20 @@ class LibvirtHybridOVSBridgeDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx.
"""
def get_bridge_name(self, network):
return network.get('bridge') or CONF.libvirt_ovs_bridge
def get_bridge_name(self, vif):
return vif['network']['bridge'] or CONF.libvirt_ovs_bridge
def get_ovs_interfaceid(self, mapping):
return mapping.get('ovs_interfaceid') or mapping['vif_uuid']
def get_ovs_interfaceid(self, vif):
return vif.get('ovs_interfaceid') or vif['id']
def get_config(self, instance, network, mapping, image_meta, inst_type):
def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The LibvirtHybridOVSBridgeDriver VIF driver is now "
"deprecated and will be removed in the next release. "
"Please use the LibvirtGenericVIFDriver VIF driver, "
"together with a network plugin that reports the "
"'vif_type' attribute"))
return self.get_config_ovs_hybrid(instance,
network, mapping,
vif,
image_meta,
inst_type)
@@ -791,20 +759,20 @@ class LibvirtOpenVswitchVirtualPortDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx.
"""
def get_bridge_name(self, network):
return network.get('bridge') or CONF.libvirt_ovs_bridge
def get_bridge_name(self, vif):
return vif['network']['bridge'] or CONF.libvirt_ovs_bridge
def get_ovs_interfaceid(self, mapping):
return mapping.get('ovs_interfaceid') or mapping['vif_uuid']
def get_ovs_interfaceid(self, vif):
return vif.get('ovs_interfaceid') or vif['id']
def get_config(self, instance, network, mapping, image_meta, inst_type):
def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The LibvirtOpenVswitchVirtualPortDriver VIF driver "
"is now deprecated and will be removed in the next "
"release. Please use the LibvirtGenericVIFDriver VIF "
"driver, together with a network plugin that reports "
"the 'vif_type' attribute"))
return self.get_config_ovs_bridge(instance,
network, mapping,
vif,
image_meta,
inst_type)
@@ -821,11 +789,12 @@ class NeutronLinuxBridgeVIFDriver(LibvirtGenericVIFDriver):
Will be deprecated in Havana, and removed in Ixxxx.
"""
def get_bridge_name(self, network):
def get_bridge_name(self, vif):
network = vif['network']
def_bridge = ("brq" + network['id'])[:network_model.NIC_NAME_LEN]
return network.get('bridge') or def_bridge
return vif['network'].get('bridge') or def_bridge
def get_config(self, instance, network, mapping, image_meta, inst_type):
def get_config(self, instance, vif, image_meta, inst_type):
LOG.deprecated(_("The NeutronLinuxBridgeVIFDriver VIF driver is now "
"deprecated and will be removed in the next release. "
"Please use the LibvirtGenericVIFDriver VIF driver, "
@@ -833,9 +802,10 @@ class NeutronLinuxBridgeVIFDriver(LibvirtGenericVIFDriver):
"'vif_type' attribute"))
# In order for libvirt to make use of the bridge name then it has
# to ensure that the bridge exists
if 'should_create_bridge' not in mapping:
mapping['should_create_bridge'] = True
return self.get_config_bridge(instance, network, mapping, image_meta,
network = vif['network']
if network and not network.get_meta('should_create_bridge', False):
vif['network']['meta']['should_create_bridge'] = True
return self.get_config_bridge(instance, vif, image_meta,
inst_type)
def plug(self, instance, vif):