From 0322515b484f7cd4bfa2c141a3cbb4ef084eac27 Mon Sep 17 00:00:00 2001 From: Sumit Naiksatam Date: Wed, 12 Nov 2014 05:05:52 -0800 Subject: [PATCH] Renaming of GBP resources The following resources are being renamed: Endpoints to Policy Targets Endpoints Group to Policy Target Groups Contracts to Policy Rule Sets The changes to the spec are outlined in: https://review.openstack.org/#/c/134747 This cascades to a number of changes including DB. Change-Id: I5139a59fec135d39a32838ce1d05e168a55e2fec Partially-implements: blueprint group-based-policy-abstraction --- README.rst | 9 + gbp/neutron/db/grouppolicy/group_policy_db.py | 637 +++++++------- .../db/grouppolicy/group_policy_mapping_db.py | 156 ++-- .../versions/3ef186997b02_gbp_contracts.py | 65 +- .../versions/53de98f7a066_gpm_db_1.py | 34 +- ...577bb4469944_gbp_network_service_policy.py | 13 +- ...5c65abe72596_gbp_security_group_mapping.py | 11 +- ...ab64381ee820_gbp_db_ep_epg_l2_l3_policy.py | 18 +- .../ceba6e091b2a_nsp_epg_ip_mapping.py | 9 +- .../versions/ebfd08bc4714_servicechain.py | 18 +- gbp/neutron/db/servicechain_db.py | 55 +- gbp/neutron/extensions/group_policy.py | 130 +-- .../extensions/group_policy_mapping.py | 4 +- gbp/neutron/extensions/servicechain.py | 8 +- .../ml2/drivers/grouppolicy/apic/driver.py | 2 +- .../services/grouppolicy/common/exceptions.py | 19 +- .../drivers/cisco/apic/apic_mapping.py | 311 +++---- .../grouppolicy/drivers/dummy_driver.py | 36 +- .../grouppolicy/drivers/implicit_policy.py | 12 +- .../drivers/oneconvergence/nvsd_gbp_driver.py | 94 +- .../grouppolicy/drivers/resource_mapping.py | 801 +++++++++--------- .../grouppolicy/group_policy_context.py | 74 +- .../grouppolicy/group_policy_driver_api.py | 253 +++--- gbp/neutron/services/grouppolicy/plugin.py | 271 +++--- .../grouppolicy/policy_driver_manager.py | 82 +- .../oneconvergence_servicechain_driver.py | 18 +- .../drivers/simplechain_driver.py | 73 +- .../db/grouppolicy/test_group_policy_db.py | 460 +++++----- .../test_group_policy_mapping_db.py | 76 +- .../db/grouppolicy/test_servicechain_db.py | 96 +-- .../services/grouppolicy/test_apic_mapping.py | 234 ++--- .../grouppolicy/test_grouppolicy_plugin.py | 9 +- .../grouppolicy/test_implicit_policy.py | 91 +- .../grouppolicy/test_resource_mapping.py | 386 +++++---- .../tests/unit/test_extension_group_policy.py | 374 ++++---- .../test_extension_group_policy_mapping.py | 28 +- .../tests/unit/test_extension_servicechain.py | 32 +- 37 files changed, 2573 insertions(+), 2426 deletions(-) diff --git a/README.rst b/README.rst index a90b7c2b4..7b3606d5d 100644 --- a/README.rst +++ b/README.rst @@ -25,3 +25,12 @@ GBP project management (blueprints, bugs) is done via Launchpad: For help using or hacking on GBP, you can send mail to . + +Acronyms used in code for brevity: + PT: Policy Target + PTG: Policy Target Group + PR: Policy Rule + PRS: Policy Rule Set + L2P: L2 Policy + L3P: L3 Policy + NSP: Network Service Policy diff --git a/gbp/neutron/db/grouppolicy/group_policy_db.py b/gbp/neutron/db/grouppolicy/group_policy_db.py index 3031ec546..e78d35716 100644 --- a/gbp/neutron/db/grouppolicy/group_policy_db.py +++ b/gbp/neutron/db/grouppolicy/group_policy_db.py @@ -32,12 +32,9 @@ MAX_IPV4_SUBNET_PREFIX_LENGTH = 31 MAX_IPV6_SUBNET_PREFIX_LENGTH = 127 -class Endpoint(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant): - """Endpoint is the lowest unit of abstraction on which a policy is applied. - - This Endpoint is unrelated to the Endpoint terminology used in Keystone. - """ - __tablename__ = 'gp_endpoints' +class PolicyTarget(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant): + """Lowest unit of abstraction on which a policy is applied.""" + __tablename__ = 'gp_policy_targets' type = sa.Column(sa.String(15)) __mapper_args__ = { 'polymorphic_on': type, @@ -45,36 +42,40 @@ class Endpoint(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant): } name = sa.Column(sa.String(50)) description = sa.Column(sa.String(255)) - endpoint_group_id = sa.Column(sa.String(36), - sa.ForeignKey('gp_endpoint_groups.id'), - nullable=True) + policy_target_group_id = sa.Column(sa.String(36), + sa.ForeignKey( + 'gp_policy_target_groups.id'), + nullable=True) -class EndpointGroupContractProvidingAssociation(model_base.BASEV2): - """Models many to many providing relation between EPGs and Contracts.""" - __tablename__ = 'gp_endpoint_group_contract_providing_associations' - contract_id = sa.Column(sa.String(36), - sa.ForeignKey('gp_contracts.id'), - primary_key=True) - endpoint_group_id = sa.Column(sa.String(36), - sa.ForeignKey('gp_endpoint_groups.id'), - primary_key=True) +class PTGToPRSProvidingAssociation(model_base.BASEV2): + """Many to many providing relation between PTGs and Policy Rule Sets.""" + __tablename__ = 'gp_ptg_to_prs_providing_associations' + policy_rule_set_id = sa.Column(sa.String(36), + sa.ForeignKey('gp_policy_rule_sets.id'), + primary_key=True) + policy_target_group_id = sa.Column(sa.String(36), + sa.ForeignKey( + 'gp_policy_target_groups.id'), + primary_key=True) -class EndpointGroupContractConsumingAssociation(model_base.BASEV2): - """Models many to many consuming relation between EPGs and Contracts.""" - __tablename__ = 'gp_endpoint_group_contract_consuming_associations' - contract_id = sa.Column(sa.String(36), - sa.ForeignKey('gp_contracts.id'), - primary_key=True) - endpoint_group_id = sa.Column(sa.String(36), - sa.ForeignKey('gp_endpoint_groups.id'), - primary_key=True) +class PTGToPRSConsumingAssociation(model_base.BASEV2): + """Many to many consuming relation between PTGs and Policy Rule Sets.""" + __tablename__ = 'gp_ptg_to_prs_consuming_associations' + policy_rule_set_id = sa.Column(sa.String(36), + sa.ForeignKey('gp_policy_rule_sets.id'), + primary_key=True) + policy_target_group_id = sa.Column(sa.String(36), + sa.ForeignKey( + 'gp_policy_target_groups.id'), + primary_key=True) -class EndpointGroup(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant): - """Represents an Endpoint Group that is a collection of endpoints.""" - __tablename__ = 'gp_endpoint_groups' +class PolicyTargetGroup(model_base.BASEV2, models_v2.HasId, + models_v2.HasTenant): + """It is a collection of policy_targets.""" + __tablename__ = 'gp_policy_target_groups' type = sa.Column(sa.String(15)) __mapper_args__ = { 'polymorphic_on': type, @@ -82,23 +83,24 @@ class EndpointGroup(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant): } name = sa.Column(sa.String(50)) description = sa.Column(sa.String(255)) - endpoints = orm.relationship(Endpoint, backref='endpoint_group') + policy_targets = orm.relationship(PolicyTarget, + backref='policy_target_group') l2_policy_id = sa.Column(sa.String(36), sa.ForeignKey('gp_l2_policies.id'), nullable=True) network_service_policy_id = sa.Column( sa.String(36), sa.ForeignKey('gp_network_service_policies.id'), nullable=True) - provided_contracts = orm.relationship( - EndpointGroupContractProvidingAssociation, - backref='providing_endpoint_group', cascade='all, delete-orphan') - consumed_contracts = orm.relationship( - EndpointGroupContractConsumingAssociation, - backref='consuming_endpoint_group', cascade='all, delete-orphan') + provided_policy_rule_sets = orm.relationship( + PTGToPRSProvidingAssociation, + backref='providing_policy_target_group', cascade='all, delete-orphan') + consumed_policy_rule_sets = orm.relationship( + PTGToPRSConsumingAssociation, + backref='consuming_policy_target_group', cascade='all, delete-orphan') class L2Policy(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant): - """Represents a L2 Policy for a collection of endpoint_groups.""" + """Represents a L2 Policy for a collection of policy_target_groups.""" __tablename__ = 'gp_l2_policies' type = sa.Column(sa.String(15)) __mapper_args__ = { @@ -107,7 +109,8 @@ class L2Policy(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant): } name = sa.Column(sa.String(50)) description = sa.Column(sa.String(255)) - endpoint_groups = orm.relationship(EndpointGroup, backref='l2_policy') + policy_target_groups = orm.relationship(PolicyTargetGroup, + backref='l2_policy') l3_policy_id = sa.Column(sa.String(36), sa.ForeignKey('gp_l3_policies.id'), nullable=True) @@ -146,18 +149,18 @@ class NetworkServicePolicy( __tablename__ = 'gp_network_service_policies' name = sa.Column(sa.String(50)) description = sa.Column(sa.String(255)) - endpoint_groups = orm.relationship(EndpointGroup, - backref='network_service_policy') - network_service_params = orm.relationship(NetworkServiceParam, - backref='network_service_policy') + policy_target_groups = orm.relationship(PolicyTargetGroup, + backref='network_service_policy') + network_service_params = orm.relationship( + NetworkServiceParam, backref='network_service_policy') -class ContractPolicyRuleAssociation(model_base.BASEV2): - """Models the many to many relation between Contract and Policy rules.""" - __tablename__ = 'gp_contract_policy_rule_associations' - contract_id = sa.Column(sa.String(36), - sa.ForeignKey('gp_contracts.id'), - primary_key=True) +class PRSToPRAssociation(model_base.BASEV2): + """Many to many relation between Policy Rule Set and Policy rules.""" + __tablename__ = 'gp_prs_to_pr_associations' + policy_rule_set_id = sa.Column(sa.String(36), + sa.ForeignKey('gp_policy_rule_sets.id'), + primary_key=True) policy_rule_id = sa.Column(sa.String(36), sa.ForeignKey('gp_policy_rules.id'), primary_key=True) @@ -225,27 +228,27 @@ class PolicyAction(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant): cascade='all', backref='gp_policy_actions') -class Contract(model_base.BASEV2, models_v2.HasTenant): - """Represents a Contract that is a collection of Policy rules.""" - __tablename__ = 'gp_contracts' +class PolicyRuleSet(model_base.BASEV2, models_v2.HasTenant): + """It is a collection of Policy rules.""" + __tablename__ = 'gp_policy_rule_sets' id = sa.Column(sa.String(36), primary_key=True, default=uuidutils.generate_uuid) name = sa.Column(sa.String(50)) description = sa.Column(sa.String(255)) - parent_id = sa.Column(sa.String(255), sa.ForeignKey('gp_contracts.id'), + parent_id = sa.Column(sa.String(255), + sa.ForeignKey('gp_policy_rule_sets.id'), nullable=True) - child_contracts = orm.relationship('Contract', - backref=orm.backref('parent', - remote_side=[id])) - policy_rules = orm.relationship(ContractPolicyRuleAssociation, - backref='contract', lazy="joined", + child_policy_rule_sets = orm.relationship( + 'PolicyRuleSet', backref=orm.backref('parent', remote_side=[id])) + policy_rules = orm.relationship(PRSToPRAssociation, + backref='policy_rule_set', lazy="joined", cascade='all, delete-orphan') - providing_endpoint_groups = orm.relationship( - EndpointGroupContractProvidingAssociation, backref='provided_contract', - lazy="joined", cascade='all') - consuming_endpoint_groups = orm.relationship( - EndpointGroupContractConsumingAssociation, backref='consumed_contract', - lazy="joined", cascade='all') + providing_policy_target_groups = orm.relationship( + PTGToPRSProvidingAssociation, + backref='provided_policy_rule_set', lazy="joined", cascade='all') + consuming_policy_target_groups = orm.relationship( + PTGToPRSConsumingAssociation, + backref='consumed_policy_rule_set', lazy="joined", cascade='all') class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, @@ -260,18 +263,20 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, def __init__(self, *args, **kwargs): super(GroupPolicyDbPlugin, self).__init__(*args, **kwargs) - def _get_endpoint(self, context, endpoint_id): + def _get_policy_target(self, context, policy_target_id): try: - return self._get_by_id(context, Endpoint, endpoint_id) + return self._get_by_id(context, PolicyTarget, policy_target_id) except exc.NoResultFound: - raise gpolicy.EndpointNotFound(endpoint_id=endpoint_id) + raise gpolicy.PolicyTargetNotFound( + policy_target_id=policy_target_id) - def _get_endpoint_group(self, context, endpoint_group_id): + def _get_policy_target_group(self, context, policy_target_group_id): try: - return self._get_by_id(context, EndpointGroup, endpoint_group_id) + return self._get_by_id( + context, PolicyTargetGroup, policy_target_group_id) except exc.NoResultFound: - raise gpolicy.EndpointGroupNotFound( - endpoint_group_id=endpoint_group_id) + raise gpolicy.PolicyTargetGroupNotFound( + policy_target_group_id=policy_target_group_id) def _get_l2_policy(self, context, l2_policy_id): try: @@ -283,8 +288,7 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, try: return self._get_by_id(context, L3Policy, l3_policy_id) except exc.NoResultFound: - raise gpolicy.L3PolicyNotFound(l3_policy_id= - l3_policy_id) + raise gpolicy.L3PolicyNotFound(l3_policy_id=l3_policy_id) def _get_network_service_policy(self, context, network_service_policy_id): try: @@ -299,16 +303,16 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, return self._get_by_id(context, PolicyClassifier, policy_classifier_id) except exc.NoResultFound: - raise gpolicy.PolicyClassifierNotFound(policy_classifier_id= - policy_classifier_id) + raise gpolicy.PolicyClassifierNotFound( + policy_classifier_id=policy_classifier_id) def _get_policy_action(self, context, policy_action_id): try: policy_action = self._get_by_id(context, PolicyAction, policy_action_id) except exc.NoResultFound: - raise gpolicy.PolicyActionNotFound(policy_action_id= - policy_action_id) + raise gpolicy.PolicyActionNotFound( + policy_action_id=policy_action_id) return policy_action def _get_policy_rule(self, context, policy_rule_id): @@ -316,16 +320,18 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, policy_rule = self._get_by_id(context, PolicyRule, policy_rule_id) except exc.NoResultFound: - raise gpolicy.PolicyRuleNotFound(policy_rule_id= - policy_rule_id) + raise gpolicy.PolicyRuleNotFound( + policy_rule_id=policy_rule_id) return policy_rule - def _get_contract(self, context, contract_id): + def _get_policy_rule_set(self, context, policy_rule_set_id): try: - contract = self._get_by_id(context, Contract, contract_id) + policy_rule_set = self._get_by_id( + context, PolicyRuleSet, policy_rule_set_id) except exc.NoResultFound: - raise gpolicy.ContractNotFound(contract_id=contract_id) - return contract + raise gpolicy.PolicyRuleSetNotFound( + policy_rule_set_id=policy_rule_set_id) + return policy_rule_set @staticmethod def _get_min_max_ports_from_range(port_range): @@ -359,8 +365,8 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, if action_id not in actions_set: # If we find an invalid action in the list we # do not perform the update - raise gpolicy.PolicyActionNotFound(policy_action_id= - action_id) + raise gpolicy.PolicyActionNotFound( + policy_action_id=action_id) # New list of actions is valid so we will first reset the existing # list and then add each action in order. # Note that the list could be empty in which case we interpret @@ -371,87 +377,93 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, policy_action_id=action_id) pr_db.policy_actions.append(assoc) - def _validate_contract_list(self, context, contracts_id_list): + def _validate_policy_rule_set_list(self, context, + policy_rule_sets_id_list): with context.session.begin(subtransactions=True): - filters = {'id': [c_id for c_id in contracts_id_list]} - contracts_in_db = self._get_collection_query( - context, Contract, filters=filters) - existing_contract_ids = set(c_db['id'] for c_db in contracts_in_db) - for contract_id in contracts_id_list: - if contract_id not in existing_contract_ids: - # If we find an invalid contract id in the list we + filters = {'id': [c_id for c_id in policy_rule_sets_id_list]} + policy_rule_sets_in_db = self._get_collection_query( + context, PolicyRuleSet, filters=filters) + existing_policy_rule_set_ids = set( + c_db['id'] for c_db in policy_rule_sets_in_db) + for policy_rule_set_id in policy_rule_sets_id_list: + if policy_rule_set_id not in existing_policy_rule_set_ids: + # If we find an invalid policy_rule_set id in the list we # dont process the entire list - raise gpolicy.ContractNotFound(contract_id=contract_id) - return contracts_in_db + raise gpolicy.PolicyRuleSetNotFound( + policy_rule_set_id=policy_rule_set_id) + return policy_rule_sets_in_db - def _set_providers_or_consumers_for_endpoint_group(self, context, epg_db, - contracts_dict, - provider=True): - # TODO(Sumit): Check that the same contract ID does not belong to - # provider and consumer dicts - if not contracts_dict: + def _set_providers_or_consumers_for_policy_target_group( + self, context, ptg_db, policy_rule_sets_dict, provider=True): + # TODO(Sumit): Check that the same policy_rule_set ID does not belong + # to provider and consumer dicts + if not policy_rule_sets_dict: if provider: - epg_db.provided_contracts = [] + ptg_db.provided_policy_rule_sets = [] return else: - epg_db.consumed_contracts = [] + ptg_db.consumed_policy_rule_sets = [] return with context.session.begin(subtransactions=True): - contracts_id_list = contracts_dict.keys() - # We will first check if the new list of contracts is valid - self._validate_contract_list(context, contracts_id_list) - # New list of contracts is valid so we will first reset the - # existing list and then add each contract. + policy_rule_sets_id_list = policy_rule_sets_dict.keys() + # We will first check if the new list of policy_rule_sets is valid + self._validate_policy_rule_set_list( + context, policy_rule_sets_id_list) + # New list of policy_rule_sets is valid so we will first reset the + # existing list and then add each policy_rule_set. # Note that the list could be empty in which case we interpret # it as clearing existing rules. if provider: - epg_db.provided_contracts = [] + ptg_db.provided_policy_rule_sets = [] else: - epg_db.consumed_contracts = [] - for contract_id in contracts_id_list: + ptg_db.consumed_policy_rule_sets = [] + for policy_rule_set_id in policy_rule_sets_id_list: if provider: - assoc = EndpointGroupContractProvidingAssociation( - endpoint_group_id=epg_db.id, - contract_id=contract_id) - epg_db.provided_contracts.append(assoc) + assoc = PTGToPRSProvidingAssociation( + policy_target_group_id=ptg_db.id, + policy_rule_set_id=policy_rule_set_id) + ptg_db.provided_policy_rule_sets.append(assoc) else: - assoc = EndpointGroupContractConsumingAssociation( - endpoint_group_id=epg_db.id, - contract_id=contract_id) - epg_db.consumed_contracts.append(assoc) + assoc = PTGToPRSConsumingAssociation( + policy_target_group_id=ptg_db.id, + policy_rule_set_id=policy_rule_set_id) + ptg_db.consumed_policy_rule_sets.append(assoc) - def _set_children_for_contract(self, context, contract_db, child_id_list): + def _set_children_for_policy_rule_set(self, context, + policy_rule_set_db, child_id_list): if not child_id_list: - contract_db.child_contracts = [] + policy_rule_set_db.child_policy_rule_sets = [] return - if contract_db['parent_id']: + if policy_rule_set_db['parent_id']: # Only one hierarchy level allowed for now - raise gpolicy.ThreeLevelContractHierarchyNotSupported( - contract_id=contract_db['id']) + raise gpolicy.ThreeLevelPolicyRuleSetHierarchyNotSupported( + policy_rule_set_id=policy_rule_set_db['id']) with context.session.begin(subtransactions=True): - # We will first check if the new list of contracts is valid + # We will first check if the new list of policy_rule_sets is valid - contracts_in_db = self._validate_contract_list( + policy_rule_sets_in_db = self._validate_policy_rule_set_list( context, child_id_list) - for child in contracts_in_db: - if (child['child_contracts'] or - child['id'] == contract_db['id']): - # Only one level contract relationship supported for now - # No loops allowed - raise gpolicy.BadContractRelationship( - parent_id=contract_db['id'], child_id=child['id']) - # New list of child contracts is valid so we will first reset the - # existing list and then add each contract. + for child in policy_rule_sets_in_db: + if (child['child_policy_rule_sets'] or + child['id'] == policy_rule_set_db['id']): + # Only one level policy_rule_set relationship supported for + # now. No loops allowed + raise gpolicy.BadPolicyRuleSetRelationship( + parent_id=policy_rule_set_db['id'], + child_id=child['id']) + # New list of child policy_rule_sets is valid so we will first + # reset the existing list and then add each policy_rule_set. # Note that the list could be empty in which case we interpret - # it as clearing existing child contracts. - contract_db.child_contracts = [] - for child in contracts_in_db: - contract_db.child_contracts.append(child) + # it as clearing existing child policy_rule_sets. + policy_rule_set_db.child_policy_rule_sets = [] + for child in policy_rule_sets_in_db: + policy_rule_set_db.child_policy_rule_sets.append(child) - def _set_rules_for_contract(self, context, contract_db, rule_id_list): - ct_db = contract_db + def _set_rules_for_policy_rule_set(self, context, + policy_rule_set_db, rule_id_list): + prs_db = policy_rule_set_db if not rule_id_list: - ct_db.policy_rules = [] + prs_db.policy_rules = [] return with context.session.begin(subtransactions=True): # We will first check if the new list of rules is valid @@ -468,42 +480,42 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, # list and then add each rule in order. # Note that the list could be empty in which case we interpret # it as clearing existing rules. - ct_db.policy_rules = [] + prs_db.policy_rules = [] for rule_id in rule_id_list: - ct_rule_db = ContractPolicyRuleAssociation( + prs_rule_db = PRSToPRAssociation( policy_rule_id=rule_id, - contract_id=ct_db.id) - ct_db.policy_rules.append(ct_rule_db) + policy_rule_set_id=prs_db.id) + prs_db.policy_rules.append(prs_rule_db) - def _process_contracts_for_epg(self, context, epg_db, epg): - if 'provided_contracts' in epg: - self._set_providers_or_consumers_for_endpoint_group( - context, epg_db, epg['provided_contracts']) - del epg['provided_contracts'] - if 'consumed_contracts' in epg: - self._set_providers_or_consumers_for_endpoint_group( - context, epg_db, epg['consumed_contracts'], False) - del epg['consumed_contracts'] - return epg + def _process_policy_rule_sets_for_ptg(self, context, ptg_db, ptg): + if 'provided_policy_rule_sets' in ptg: + self._set_providers_or_consumers_for_policy_target_group( + context, ptg_db, ptg['provided_policy_rule_sets']) + del ptg['provided_policy_rule_sets'] + if 'consumed_policy_rule_sets' in ptg: + self._set_providers_or_consumers_for_policy_target_group( + context, ptg_db, ptg['consumed_policy_rule_sets'], False) + del ptg['consumed_policy_rule_sets'] + return ptg def _set_l3_policy_for_l2_policy(self, context, l2p_id, l3p_id): with context.session.begin(subtransactions=True): l2p_db = self._get_l2_policy(context, l2p_id) l2p_db.l3_policy_id = l3p_id - def _set_l2_policy_for_endpoint_group(self, context, epg_id, l2p_id): + def _set_l2_policy_for_policy_target_group(self, context, ptg_id, l2p_id): with context.session.begin(subtransactions=True): - epg_db = self._get_endpoint_group(context, epg_id) - epg_db.l2_policy_id = l2p_id + ptg_db = self._get_policy_target_group(context, ptg_id) + ptg_db.l2_policy_id = l2p_id - def _set_network_service_policy_for_endpoint_group( - self, context, epg_id, nsp_id): + def _set_network_service_policy_for_policy_target_group( + self, context, ptg_id, nsp_id): with context.session.begin(subtransactions=True): - epg_db = self._get_endpoint_group(context, epg_id) - epg_db.network_service_policy_id = nsp_id + ptg_db = self._get_policy_target_group(context, ptg_id) + ptg_db.network_service_policy_id = nsp_id def _set_params_for_network_service_policy( - self, context, network_service_policy_db, network_service_policy): + self, context, network_service_policy_db, network_service_policy): nsp_db = network_service_policy_db params = network_service_policy['network_service_params'] if not params: @@ -519,27 +531,29 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, nsp_db.network_service_params.append(param_db) del network_service_policy['network_service_params'] - def _make_endpoint_dict(self, ep, fields=None): - res = {'id': ep['id'], - 'tenant_id': ep['tenant_id'], - 'name': ep['name'], - 'description': ep['description'], - 'endpoint_group_id': ep['endpoint_group_id']} + def _make_policy_target_dict(self, pt, fields=None): + res = {'id': pt['id'], + 'tenant_id': pt['tenant_id'], + 'name': pt['name'], + 'description': pt['description'], + 'policy_target_group_id': pt['policy_target_group_id']} return self._fields(res, fields) - def _make_endpoint_group_dict(self, epg, fields=None): - res = {'id': epg['id'], - 'tenant_id': epg['tenant_id'], - 'name': epg['name'], - 'description': epg['description'], - 'l2_policy_id': epg['l2_policy_id'], - 'network_service_policy_id': epg['network_service_policy_id']} - res['endpoints'] = [ep['id'] - for ep in epg['endpoints']] - res['provided_contracts'] = [pc['contract_id'] - for pc in epg['provided_contracts']] - res['consumed_contracts'] = [cc['contract_id'] - for cc in epg['consumed_contracts']] + def _make_policy_target_group_dict(self, ptg, fields=None): + res = {'id': ptg['id'], + 'tenant_id': ptg['tenant_id'], + 'name': ptg['name'], + 'description': ptg['description'], + 'l2_policy_id': ptg['l2_policy_id'], + 'network_service_policy_id': ptg['network_service_policy_id']} + res['policy_targets'] = [ + pt['id'] for pt in ptg['policy_targets']] + res['provided_policy_rule_sets'] = ( + [pprs['policy_rule_set_id'] for pprs in ptg[ + 'provided_policy_rule_sets']]) + res['consumed_policy_rule_sets'] = ( + [cprs['policy_rule_set_id'] for cprs in ptg[ + 'consumed_policy_rule_sets']]) return self._fields(res, fields) def _make_l2_policy_dict(self, l2p, fields=None): @@ -548,8 +562,8 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, 'name': l2p['name'], 'description': l2p['description'], 'l3_policy_id': l2p['l3_policy_id']} - res['endpoint_groups'] = [epg['id'] - for epg in l2p['endpoint_groups']] + res['policy_target_groups'] = [ + ptg['id'] for ptg in l2p['policy_target_groups']] return self._fields(res, fields) def _make_l3_policy_dict(self, l3p, fields=None): @@ -570,8 +584,8 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, 'tenant_id': nsp['tenant_id'], 'name': nsp['name'], 'description': nsp['description']} - res['endpoint_groups'] = [epg['id'] - for epg in nsp['endpoint_groups']] + res['policy_target_groups'] = [ + ptg['id'] for ptg in nsp['policy_target_groups']] params = [] for param in nsp['network_service_params']: params.append({ @@ -614,36 +628,36 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, for pa in pr['policy_actions']] return self._fields(res, fields) - def _make_contract_dict(self, ct, fields=None): - res = {'id': ct['id'], - 'tenant_id': ct['tenant_id'], - 'name': ct['name'], - 'description': ct['description']} - if ct['parent']: - res['parent_id'] = ct['parent']['id'] + def _make_policy_rule_set_dict(self, prs, fields=None): + res = {'id': prs['id'], + 'tenant_id': prs['tenant_id'], + 'name': prs['name'], + 'description': prs['description']} + if prs['parent']: + res['parent_id'] = prs['parent']['id'] else: res['parent_id'] = None ctx = context.get_admin_context() - if 'child_contracts' in ct: + if 'child_policy_rule_sets' in prs: # They have been updated - res['child_contracts'] = [child_ct['id'] - for child_ct in ct['child_contracts']] + res['child_policy_rule_sets'] = [ + child_prs['id'] for child_prs in prs['child_policy_rule_sets']] else: with ctx.session.begin(subtransactions=True): - filters = {'parent_id': [ct['id']]} - child_contracts_in_db = self._get_collection_query( - ctx, Contract, filters=filters) - res['child_contracts'] = [child_ct['id'] - for child_ct in - child_contracts_in_db] + filters = {'parent_id': [prs['id']]} + child_prs_in_db = self._get_collection_query( + ctx, PolicyRuleSet, filters=filters) + res['child_policy_rule_sets'] = [child_prs['id'] + for child_prs + in child_prs_in_db] res['policy_rules'] = [pr['policy_rule_id'] - for pr in ct['policy_rules']] + for pr in prs['policy_rules']] return self._fields(res, fields) - def _get_policy_rule_contracts(self, context, policy_rule_id): - return [x['contract_id'] for x in - context.session.query(ContractPolicyRuleAssociation).filter_by( + def _get_policy_rule_policy_rule_sets(self, context, policy_rule_id): + return [x['policy_rule_set_id'] for x in + context.session.query(PRSToPRAssociation).filter_by( policy_rule_id=policy_rule_id)] @staticmethod @@ -659,108 +673,108 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, # than size of the ip_pool's subnet @log.log - def create_endpoint(self, context, endpoint): - ep = endpoint['endpoint'] - tenant_id = self._get_tenant_id_for_create(context, ep) + def create_policy_target(self, context, policy_target): + pt = policy_target['policy_target'] + tenant_id = self._get_tenant_id_for_create(context, pt) with context.session.begin(subtransactions=True): - ep_db = Endpoint(id=uuidutils.generate_uuid(), - tenant_id=tenant_id, - name=ep['name'], - description=ep['description'], - endpoint_group_id=ep['endpoint_group_id']) - context.session.add(ep_db) - return self._make_endpoint_dict(ep_db) + pt_db = PolicyTarget( + id=uuidutils.generate_uuid(), tenant_id=tenant_id, + name=pt['name'], description=pt['description'], + policy_target_group_id=pt['policy_target_group_id']) + context.session.add(pt_db) + return self._make_policy_target_dict(pt_db) @log.log - def update_endpoint(self, context, endpoint_id, endpoint): - ep = endpoint['endpoint'] + def update_policy_target(self, context, policy_target_id, policy_target): + pt = policy_target['policy_target'] with context.session.begin(subtransactions=True): - ep_db = self._get_endpoint(context, endpoint_id) - ep_db.update(ep) - return self._make_endpoint_dict(ep_db) + pt_db = self._get_policy_target(context, policy_target_id) + pt_db.update(pt) + return self._make_policy_target_dict(pt_db) @log.log - def delete_endpoint(self, context, endpoint_id): + def delete_policy_target(self, context, policy_target_id): with context.session.begin(subtransactions=True): - ep_db = self._get_endpoint(context, endpoint_id) - context.session.delete(ep_db) + pt_db = self._get_policy_target(context, policy_target_id) + context.session.delete(pt_db) @log.log - def get_endpoint(self, context, endpoint_id, fields=None): - ep = self._get_endpoint(context, endpoint_id) - return self._make_endpoint_dict(ep, fields) + def get_policy_target(self, context, policy_target_id, fields=None): + pt = self._get_policy_target(context, policy_target_id) + return self._make_policy_target_dict(pt, fields) @log.log - def get_endpoints(self, context, filters=None, fields=None, - sorts=None, limit=None, marker=None, - page_reverse=False): - marker_obj = self._get_marker_obj(context, 'endpoint', limit, + def get_policy_targets(self, context, filters=None, fields=None, + sorts=None, limit=None, marker=None, + page_reverse=False): + marker_obj = self._get_marker_obj(context, 'policy_target', limit, marker) - return self._get_collection(context, Endpoint, - self._make_endpoint_dict, + return self._get_collection(context, PolicyTarget, + self._make_policy_target_dict, filters=filters, fields=fields, sorts=sorts, limit=limit, marker_obj=marker_obj, page_reverse=page_reverse) @log.log - def get_endpoints_count(self, context, filters=None): - return self._get_collection_count(context, Endpoint, + def get_policy_targets_count(self, context, filters=None): + return self._get_collection_count(context, PolicyTarget, filters=filters) @log.log - def create_endpoint_group(self, context, endpoint_group): - epg = endpoint_group['endpoint_group'] - tenant_id = self._get_tenant_id_for_create(context, epg) + def create_policy_target_group(self, context, policy_target_group): + ptg = policy_target_group['policy_target_group'] + tenant_id = self._get_tenant_id_for_create(context, ptg) with context.session.begin(subtransactions=True): - epg_db = EndpointGroup(id=uuidutils.generate_uuid(), - tenant_id=tenant_id, - name=epg['name'], - description=epg['description'], - l2_policy_id=epg['l2_policy_id'], - network_service_policy_id= - epg['network_service_policy_id']) - context.session.add(epg_db) - self._process_contracts_for_epg(context, epg_db, epg) - return self._make_endpoint_group_dict(epg_db) + ptg_db = PolicyTargetGroup( + id=uuidutils.generate_uuid(), tenant_id=tenant_id, + name=ptg['name'], description=ptg['description'], + l2_policy_id=ptg['l2_policy_id'], + network_service_policy_id=ptg['network_service_policy_id']) + context.session.add(ptg_db) + self._process_policy_rule_sets_for_ptg(context, ptg_db, ptg) + return self._make_policy_target_group_dict(ptg_db) @log.log - def update_endpoint_group(self, context, endpoint_group_id, - endpoint_group): - epg = endpoint_group['endpoint_group'] + def update_policy_target_group(self, context, policy_target_group_id, + policy_target_group): + ptg = policy_target_group['policy_target_group'] with context.session.begin(subtransactions=True): - epg_db = self._get_endpoint_group(context, endpoint_group_id) - epg = self._process_contracts_for_epg(context, epg_db, epg) - epg_db.update(epg) - return self._make_endpoint_group_dict(epg_db) + ptg_db = self._get_policy_target_group( + context, policy_target_group_id) + ptg = self._process_policy_rule_sets_for_ptg(context, ptg_db, ptg) + ptg_db.update(ptg) + return self._make_policy_target_group_dict(ptg_db) @log.log - def delete_endpoint_group(self, context, endpoint_group_id): + def delete_policy_target_group(self, context, policy_target_group_id): with context.session.begin(subtransactions=True): - epg_db = self._get_endpoint_group(context, endpoint_group_id) - context.session.delete(epg_db) + ptg_db = self._get_policy_target_group( + context, policy_target_group_id) + context.session.delete(ptg_db) @log.log - def get_endpoint_group(self, context, endpoint_group_id, fields=None): - epg = self._get_endpoint_group(context, endpoint_group_id) - return self._make_endpoint_group_dict(epg, fields) + def get_policy_target_group(self, context, policy_target_group_id, + fields=None): + ptg = self._get_policy_target_group(context, policy_target_group_id) + return self._make_policy_target_group_dict(ptg, fields) @log.log - def get_endpoint_groups(self, context, filters=None, fields=None, - sorts=None, limit=None, marker=None, - page_reverse=False): - marker_obj = self._get_marker_obj(context, 'endpoint_group', limit, - marker) - return self._get_collection(context, EndpointGroup, - self._make_endpoint_group_dict, + def get_policy_target_groups(self, context, filters=None, fields=None, + sorts=None, limit=None, marker=None, + page_reverse=False): + marker_obj = self._get_marker_obj( + context, 'policy_target_group', limit, marker) + return self._get_collection(context, PolicyTargetGroup, + self._make_policy_target_group_dict, filters=filters, fields=fields, sorts=sorts, limit=limit, marker_obj=marker_obj, page_reverse=page_reverse) @log.log - def get_endpoint_groups_count(self, context, filters=None): - return self._get_collection_count(context, EndpointGroup, + def get_policy_target_groups_count(self, context, filters=None): + return self._get_collection_count(context, PolicyTargetGroup, filters=filters) @log.log @@ -902,15 +916,15 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, @log.log def get_network_service_policy( - self, context, network_service_policy_id, fields=None): + self, context, network_service_policy_id, fields=None): nsp = self._get_network_service_policy( context, network_service_policy_id) return self._make_network_service_policy_dict(nsp, fields) @log.log def get_network_service_policies( - self, context, filters=None, fields=None, sorts=None, limit=None, - marker=None, page_reverse=False): + self, context, filters=None, fields=None, sorts=None, limit=None, + marker=None, page_reverse=False): marker_obj = self._get_marker_obj( context, 'network_service_policy', limit, marker) return self._get_collection(context, NetworkServicePolicy, @@ -1090,55 +1104,56 @@ class GroupPolicyDbPlugin(gpolicy.GroupPolicyPluginBase, filters=filters) @log.log - def create_contract(self, context, contract): - ct = contract['contract'] - tenant_id = self._get_tenant_id_for_create(context, ct) + def create_policy_rule_set(self, context, policy_rule_set): + prs = policy_rule_set['policy_rule_set'] + tenant_id = self._get_tenant_id_for_create(context, prs) with context.session.begin(subtransactions=True): - ct_db = Contract(id=uuidutils.generate_uuid(), - tenant_id=tenant_id, - name=ct['name'], - description=ct['description']) - context.session.add(ct_db) - self._set_rules_for_contract(context, ct_db, - ct['policy_rules']) - self._set_children_for_contract(context, ct_db, - ct['child_contracts']) - return self._make_contract_dict(ct_db) + prs_db = PolicyRuleSet(id=uuidutils.generate_uuid(), + tenant_id=tenant_id, + name=prs['name'], + description=prs['description']) + context.session.add(prs_db) + self._set_rules_for_policy_rule_set(context, prs_db, + prs['policy_rules']) + self._set_children_for_policy_rule_set( + context, prs_db, prs['child_policy_rule_sets']) + return self._make_policy_rule_set_dict(prs_db) @log.log - def update_contract(self, context, contract_id, contract): - ct = contract['contract'] + def update_policy_rule_set(self, context, policy_rule_set_id, + policy_rule_set): + prs = policy_rule_set['policy_rule_set'] with context.session.begin(subtransactions=True): - ct_db = self._get_contract(context, contract_id) - if 'policy_rules' in ct: - self._set_rules_for_contract(context, ct_db, - ct['policy_rules']) - del ct['policy_rules'] - if 'child_contracts' in ct: - self._set_children_for_contract(context, ct_db, - ct['child_contracts']) - del ct['child_contracts'] - ct_db.update(ct) - return self._make_contract_dict(ct_db) + prs_db = self._get_policy_rule_set(context, policy_rule_set_id) + if 'policy_rules' in prs: + self._set_rules_for_policy_rule_set( + context, prs_db, prs['policy_rules']) + del prs['policy_rules'] + if 'child_policy_rule_sets' in prs: + self._set_children_for_policy_rule_set( + context, prs_db, prs['child_policy_rule_sets']) + del prs['child_policy_rule_sets'] + prs_db.update(prs) + return self._make_policy_rule_set_dict(prs_db) @log.log - def delete_contract(self, context, contract_id): + def delete_policy_rule_set(self, context, policy_rule_set_id): with context.session.begin(subtransactions=True): - ct_db = self._get_contract(context, contract_id) - context.session.delete(ct_db) + prs_db = self._get_policy_rule_set(context, policy_rule_set_id) + context.session.delete(prs_db) @log.log - def get_contract(self, context, contract_id, fields=None): - ct = self._get_contract(context, contract_id) - return self._make_contract_dict(ct, fields) + def get_policy_rule_set(self, context, policy_rule_set_id, fields=None): + prs = self._get_policy_rule_set(context, policy_rule_set_id) + return self._make_policy_rule_set_dict(prs, fields) @log.log - def get_contracts(self, context, filters=None, fields=None): - return self._get_collection(context, Contract, - self._make_contract_dict, + def get_policy_rule_sets(self, context, filters=None, fields=None): + return self._get_collection(context, PolicyRuleSet, + self._make_policy_rule_set_dict, filters=filters, fields=fields) @log.log - def get_contracts_count(self, context, filters=None): - return self._get_collection_count(context, Contract, + def get_policy_rule_sets_count(self, context, filters=None): + return self._get_collection_count(context, PolicyRuleSet, filters=filters) diff --git a/gbp/neutron/db/grouppolicy/group_policy_mapping_db.py b/gbp/neutron/db/grouppolicy/group_policy_mapping_db.py index f1a62cf3b..28f951dce 100644 --- a/gbp/neutron/db/grouppolicy/group_policy_mapping_db.py +++ b/gbp/neutron/db/grouppolicy/group_policy_mapping_db.py @@ -24,8 +24,8 @@ from gbp.neutron.db.grouppolicy import group_policy_db as gpdb LOG = logging.getLogger(__name__) -class EndpointMapping(gpdb.Endpoint): - """Mapping of Endpoint to Neutron Port.""" +class PolicyTargetMapping(gpdb.PolicyTarget): + """Mapping of PolicyTarget to Neutron Port.""" __table_args__ = {'extend_existing': True} __mapper_args__ = {'polymorphic_identity': 'mapping'} # REVISIT(ivar): Set null on delete is a temporary workaround until Nova @@ -35,21 +35,21 @@ class EndpointMapping(gpdb.Endpoint): nullable=True, unique=True) -class EndpointGroupSubnetAssociation(model_base.BASEV2): - """Models the many to many relation between EndpointGroup and Subnets.""" - __tablename__ = 'gp_endpoint_group_subnet_associations' - endpoint_group_id = sa.Column(sa.String(36), - sa.ForeignKey('gp_endpoint_groups.id'), - primary_key=True) +class PTGToSubnetAssociation(model_base.BASEV2): + """Many to many relation between PolicyTargetGroup and Subnets.""" + __tablename__ = 'gp_ptg_to_subnet_associations' + policy_target_group_id = sa.Column( + sa.String(36), sa.ForeignKey('gp_policy_target_groups.id'), + primary_key=True) subnet_id = sa.Column(sa.String(36), sa.ForeignKey('subnets.id'), primary_key=True) -class EndpointGroupMapping(gpdb.EndpointGroup): - """Mapping of EndpointGroup to set of Neutron Subnets.""" +class PolicyTargetGroupMapping(gpdb.PolicyTargetGroup): + """Mapping of PolicyTargetGroup to set of Neutron Subnets.""" __table_args__ = {'extend_existing': True} __mapper_args__ = {'polymorphic_identity': 'mapping'} - subnets = orm.relationship(EndpointGroupSubnetAssociation, + subnets = orm.relationship(PTGToSubnetAssociation, cascade='all', lazy="joined") @@ -82,16 +82,16 @@ class GroupPolicyMappingDbPlugin(gpdb.GroupPolicyDbPlugin): """Group Policy Mapping interface implementation using SQLAlchemy models. """ - def _make_endpoint_dict(self, ep, fields=None): + def _make_policy_target_dict(self, pt, fields=None): res = super(GroupPolicyMappingDbPlugin, - self)._make_endpoint_dict(ep) - res['port_id'] = ep.port_id + self)._make_policy_target_dict(pt) + res['port_id'] = pt.port_id return self._fields(res, fields) - def _make_endpoint_group_dict(self, epg, fields=None): + def _make_policy_target_group_dict(self, ptg, fields=None): res = super(GroupPolicyMappingDbPlugin, - self)._make_endpoint_group_dict(epg) - res['subnets'] = [subnet.subnet_id for subnet in epg.subnets] + self)._make_policy_target_group_dict(ptg) + res['subnets'] = [subnet.subnet_id for subnet in ptg.subnets] return self._fields(res, fields) def _make_l2_policy_dict(self, l2p, fields=None): @@ -106,18 +106,18 @@ class GroupPolicyMappingDbPlugin(gpdb.GroupPolicyDbPlugin): res['routers'] = [router.router_id for router in l3p.routers] return self._fields(res, fields) - def _set_port_for_endpoint(self, context, ep_id, port_id): + def _set_port_for_policy_target(self, context, pt_id, port_id): with context.session.begin(subtransactions=True): - ep_db = self._get_endpoint(context, ep_id) - ep_db.port_id = port_id + pt_db = self._get_policy_target(context, pt_id) + pt_db.port_id = port_id - def _add_subnet_to_endpoint_group(self, context, epg_id, subnet_id): + def _add_subnet_to_policy_target_group(self, context, ptg_id, subnet_id): with context.session.begin(subtransactions=True): - epg_db = self._get_endpoint_group(context, epg_id) - assoc = EndpointGroupSubnetAssociation(endpoint_group_id=epg_id, - subnet_id=subnet_id) - epg_db.subnets.append(assoc) - return [subnet.subnet_id for subnet in epg_db.subnets] + ptg_db = self._get_policy_target_group(context, ptg_id) + assoc = PTGToSubnetAssociation(policy_target_group_id=ptg_id, + subnet_id=subnet_id) + ptg_db.subnets.append(assoc) + return [subnet.subnet_id for subnet in ptg_db.subnets] def _set_network_for_l2_policy(self, context, l2p_id, network_id): with context.session.begin(subtransactions=True): @@ -133,71 +133,73 @@ class GroupPolicyMappingDbPlugin(gpdb.GroupPolicyDbPlugin): return [router.router_id for router in l3p_db.routers] @log.log - def create_endpoint(self, context, endpoint): - ep = endpoint['endpoint'] - tenant_id = self._get_tenant_id_for_create(context, ep) + def create_policy_target(self, context, policy_target): + pt = policy_target['policy_target'] + tenant_id = self._get_tenant_id_for_create(context, pt) with context.session.begin(subtransactions=True): - ep_db = EndpointMapping(id=uuidutils.generate_uuid(), - tenant_id=tenant_id, - name=ep['name'], - description=ep['description'], - endpoint_group_id= - ep['endpoint_group_id'], - port_id=ep['port_id']) - context.session.add(ep_db) - return self._make_endpoint_dict(ep_db) + pt_db = PolicyTargetMapping(id=uuidutils.generate_uuid(), + tenant_id=tenant_id, + name=pt['name'], + description=pt['description'], + policy_target_group_id= + pt['policy_target_group_id'], + port_id=pt['port_id']) + context.session.add(pt_db) + return self._make_policy_target_dict(pt_db) @log.log - def create_endpoint_group(self, context, endpoint_group): - epg = endpoint_group['endpoint_group'] - tenant_id = self._get_tenant_id_for_create(context, epg) + def create_policy_target_group(self, context, policy_target_group): + ptg = policy_target_group['policy_target_group'] + tenant_id = self._get_tenant_id_for_create(context, ptg) with context.session.begin(subtransactions=True): - epg_db = EndpointGroupMapping(id=uuidutils.generate_uuid(), - tenant_id=tenant_id, - name=epg['name'], - description=epg['description'], - l2_policy_id=epg['l2_policy_id'], - network_service_policy_id= - epg['network_service_policy_id']) - context.session.add(epg_db) - if 'subnets' in epg: - for subnet in epg['subnets']: - assoc = EndpointGroupSubnetAssociation( - endpoint_group_id=epg_db.id, + ptg_db = PolicyTargetGroupMapping(id=uuidutils.generate_uuid(), + tenant_id=tenant_id, + name=ptg['name'], + description=ptg['description'], + l2_policy_id=ptg['l2_policy_id'], + network_service_policy_id= + ptg['network_service_policy_id']) + context.session.add(ptg_db) + if 'subnets' in ptg: + for subnet in ptg['subnets']: + assoc = PTGToSubnetAssociation( + policy_target_group_id=ptg_db.id, subnet_id=subnet ) - epg_db.subnets.append(assoc) - self._process_contracts_for_epg(context, epg_db, epg) - return self._make_endpoint_group_dict(epg_db) + ptg_db.subnets.append(assoc) + self._process_policy_rule_sets_for_ptg(context, ptg_db, ptg) + return self._make_policy_target_group_dict(ptg_db) @log.log - def update_endpoint_group(self, context, endpoint_group_id, - endpoint_group): - epg = endpoint_group['endpoint_group'] + def update_policy_target_group(self, context, policy_target_group_id, + policy_target_group): + ptg = policy_target_group['policy_target_group'] with context.session.begin(subtransactions=True): - epg_db = self._get_endpoint_group(context, endpoint_group_id) - self._process_contracts_for_epg(context, epg_db, epg) - if 'subnets' in epg: + ptg_db = self._get_policy_target_group( + context, policy_target_group_id) + self._process_policy_rule_sets_for_ptg(context, ptg_db, ptg) + if 'subnets' in ptg: # Add/remove associations for changes in subnets. - new_subnets = set(epg['subnets']) + new_subnets = set(ptg['subnets']) old_subnets = set(subnet.subnet_id - for subnet in epg_db.subnets) + for subnet in ptg_db.subnets) for subnet in new_subnets - old_subnets: - assoc = EndpointGroupSubnetAssociation( - endpoint_group_id=endpoint_group_id, subnet_id=subnet) - epg_db.subnets.append(assoc) + assoc = PTGToSubnetAssociation( + policy_target_group_id=policy_target_group_id, + subnet_id=subnet) + ptg_db.subnets.append(assoc) for subnet in old_subnets - new_subnets: - assoc = (context.session. - query(EndpointGroupSubnetAssociation). - filter_by(endpoint_group_id=endpoint_group_id, - subnet_id=subnet). - one()) - epg_db.subnets.remove(assoc) + assoc = ( + context.session.query( + PTGToSubnetAssociation).filter_by( + policy_target_group_id=policy_target_group_id, + subnet_id=subnet).one()) + ptg_db.subnets.remove(assoc) context.session.delete(assoc) - # Don't update epg_db.subnets with subnet IDs. - del epg['subnets'] - epg_db.update(epg) - return self._make_endpoint_group_dict(epg_db) + # Don't update ptg_db.subnets with subnet IDs. + del ptg['subnets'] + ptg_db.update(ptg) + return self._make_policy_target_group_dict(ptg_db) @log.log def create_l2_policy(self, context, l2_policy): diff --git a/gbp/neutron/db/migration/alembic_migrations/versions/3ef186997b02_gbp_contracts.py b/gbp/neutron/db/migration/alembic_migrations/versions/3ef186997b02_gbp_contracts.py index 48e0a2832..bf2b3007c 100644 --- a/gbp/neutron/db/migration/alembic_migrations/versions/3ef186997b02_gbp_contracts.py +++ b/gbp/neutron/db/migration/alembic_migrations/versions/3ef186997b02_gbp_contracts.py @@ -13,7 +13,7 @@ # under the License. # -"""gbp_contracts +"""gbp_policy_rule_sets Revision ID: 3ef186997b02 Create Date: 2014-07-30 14:48:49.838182 @@ -30,49 +30,58 @@ import sqlalchemy as sa def upgrade(): op.create_table( - 'gp_contracts', + 'gp_policy_rule_sets', sa.Column('id', sa.String(36), nullable=False), sa.Column('tenant_id', sa.String(length=255), nullable=True), sa.Column('name', sa.String(length=50), nullable=True), sa.Column('description', sa.String(length=255), nullable=True), sa.Column('parent_id', sa.String(length=36), nullable=True), sa.ForeignKeyConstraint(['parent_id'], - ['gp_contracts.id']), + ['gp_policy_rule_sets.id']), sa.PrimaryKeyConstraint('id')) op.create_table( - 'gp_endpoint_group_contract_providing_associations', - sa.Column('contract_id', sa.String(length=36), nullable=True), - sa.ForeignKeyConstraint(['contract_id'], - ['gp_contracts.id'], ondelete='CASCADE'), - sa.Column('endpoint_group_id', sa.String(length=36), nullable=True), - sa.ForeignKeyConstraint(['endpoint_group_id'], - ['gp_endpoint_groups.id'], ondelete='CASCADE'), - sa.PrimaryKeyConstraint('contract_id', 'endpoint_group_id')) + 'gp_ptg_to_prs_providing_associations', + sa.Column('policy_rule_set_id', sa.String(length=36), nullable=True), + sa.ForeignKeyConstraint(['policy_rule_set_id'], + ['gp_policy_rule_sets.id'], + ondelete='CASCADE'), + sa.Column('policy_target_group_id', sa.String(length=36), + nullable=True), + sa.ForeignKeyConstraint(['policy_target_group_id'], + ['gp_policy_target_groups.id'], + ondelete='CASCADE'), + sa.PrimaryKeyConstraint('policy_rule_set_id', + 'policy_target_group_id')) op.create_table( - 'gp_endpoint_group_contract_consuming_associations', - sa.Column('contract_id', sa.String(length=36), nullable=True), - sa.ForeignKeyConstraint(['contract_id'], - ['gp_contracts.id'], ondelete='CASCADE'), - sa.Column('endpoint_group_id', sa.String(length=36), nullable=True), - sa.ForeignKeyConstraint(['endpoint_group_id'], - ['gp_endpoint_groups.id'], ondelete='CASCADE'), - sa.PrimaryKeyConstraint('contract_id', 'endpoint_group_id')) + 'gp_ptg_to_prs_consuming_associations', + sa.Column('policy_rule_set_id', sa.String(length=36), nullable=True), + sa.ForeignKeyConstraint(['policy_rule_set_id'], + ['gp_policy_rule_sets.id'], + ondelete='CASCADE'), + sa.Column('policy_target_group_id', sa.String(length=36), + nullable=True), + sa.ForeignKeyConstraint(['policy_target_group_id'], + ['gp_policy_target_groups.id'], + ondelete='CASCADE'), + sa.PrimaryKeyConstraint('policy_rule_set_id', + 'policy_target_group_id')) op.create_table( - 'gp_contract_policy_rule_associations', - sa.Column('contract_id', sa.String(length=36), nullable=True), - sa.ForeignKeyConstraint(['contract_id'], - ['gp_contracts.id'], ondelete='CASCADE'), + 'gp_prs_to_pr_associations', + sa.Column('policy_rule_set_id', sa.String(length=36), nullable=True), + sa.ForeignKeyConstraint(['policy_rule_set_id'], + ['gp_policy_rule_sets.id'], + ondelete='CASCADE'), sa.Column('policy_rule_id', sa.String(length=36), nullable=True), sa.ForeignKeyConstraint(['policy_rule_id'], ['gp_policy_rules.id'], ondelete='CASCADE'), - sa.PrimaryKeyConstraint('contract_id', 'policy_rule_id')) + sa.PrimaryKeyConstraint('policy_rule_set_id', 'policy_rule_id')) def downgrade(): - op.drop_table('gp_endpoint_group_contract_providing_associations') - op.drop_table('gp_endpoint_group_contract_consuming_associations') - op.drop_table('gp_contract_policy_rule_associations') - op.drop_table('gp_contracts') + op.drop_table('gp_ptg_to_prs_consuming_associations') + op.drop_table('gp_ptg_to_prs_providing_associations') + op.drop_table('gp_prs_to_pr_associations') + op.drop_table('gp_policy_rule_sets') diff --git a/gbp/neutron/db/migration/alembic_migrations/versions/53de98f7a066_gpm_db_1.py b/gbp/neutron/db/migration/alembic_migrations/versions/53de98f7a066_gpm_db_1.py index ebd40afdb..9a7e15388 100644 --- a/gbp/neutron/db/migration/alembic_migrations/versions/53de98f7a066_gpm_db_1.py +++ b/gbp/neutron/db/migration/alembic_migrations/versions/53de98f7a066_gpm_db_1.py @@ -33,13 +33,14 @@ import sqlalchemy as sa def upgrade(): op.create_table( - 'gp_endpoint_group_subnet_associations', - sa.Column('endpoint_group_id', sa.String(length=36), nullable=False), + 'gp_ptg_to_subnet_associations', + sa.Column('policy_target_group_id', sa.String(length=36), + nullable=False), sa.Column('subnet_id', sa.String(length=36), nullable=False), - sa.ForeignKeyConstraint(['endpoint_group_id'], - ['gp_endpoint_groups.id']), + sa.ForeignKeyConstraint(['policy_target_group_id'], + ['gp_policy_target_groups.id']), sa.ForeignKeyConstraint(['subnet_id'], ['subnets.id']), - sa.PrimaryKeyConstraint('endpoint_group_id', 'subnet_id') + sa.PrimaryKeyConstraint('policy_target_group_id', 'subnet_id') ) op.create_table( @@ -52,12 +53,12 @@ def upgrade(): ) op.add_column( - 'gp_endpoint_groups', + 'gp_policy_target_groups', sa.Column('type', sa.String(length=15), nullable=True) ) op.add_column( - 'gp_endpoints', + 'gp_policy_targets', sa.Column('type', sa.String(length=15), nullable=True) ) @@ -72,12 +73,12 @@ def upgrade(): ) op.add_column( - 'gp_endpoints', + 'gp_policy_targets', sa.Column('port_id', sa.String(length=36), nullable=True) ) - op.create_unique_constraint(None, 'gp_endpoints', ['port_id']) - op.create_foreign_key('gp_endpoints_ibfk_2', - source='gp_endpoints', referent='ports', + op.create_unique_constraint(None, 'gp_policy_targets', ['port_id']) + op.create_foreign_key('gp_policy_targets_ibfk_2', + source='gp_policy_targets', referent='ports', local_cols=['port_id'], remote_cols=['id'], ondelete='SET NULL') @@ -95,11 +96,12 @@ def downgrade(): op.drop_constraint('gp_l2_policies_ibfk_2', 'gp_l2_policies', 'foreignkey') op.drop_column('gp_l2_policies', 'network_id') - op.drop_constraint('gp_endpoints_ibfk_2', 'gp_endpoints', 'foreignkey') - op.drop_column('gp_endpoints', 'port_id') + op.drop_constraint('gp_policy_targets_ibfk_2', 'gp_policy_targets', + 'foreignkey') + op.drop_column('gp_policy_targets', 'port_id') op.drop_column('gp_l3_policies', 'type') op.drop_column('gp_l2_policies', 'type') - op.drop_column('gp_endpoints', 'type') - op.drop_column('gp_endpoint_groups', 'type') + op.drop_column('gp_policy_targets', 'type') + op.drop_column('gp_policy_target_groups', 'type') op.drop_table('gp_l3_policy_router_associations') - op.drop_table('gp_endpoint_group_subnet_associations') + op.drop_table('gp_ptg_to_subnet_associations') diff --git a/gbp/neutron/db/migration/alembic_migrations/versions/577bb4469944_gbp_network_service_policy.py b/gbp/neutron/db/migration/alembic_migrations/versions/577bb4469944_gbp_network_service_policy.py index f52170e2a..a45d1c98d 100644 --- a/gbp/neutron/db/migration/alembic_migrations/versions/577bb4469944_gbp_network_service_policy.py +++ b/gbp/neutron/db/migration/alembic_migrations/versions/577bb4469944_gbp_network_service_policy.py @@ -54,14 +54,14 @@ def upgrade(): sa.PrimaryKeyConstraint('id')) op.add_column( - 'gp_endpoint_groups', + 'gp_policy_target_groups', sa.Column('network_service_policy_id', sa.String(length=36), nullable=True)) - op.create_unique_constraint(None, 'gp_endpoint_groups', + op.create_unique_constraint(None, 'gp_policy_target_groups', ['network_service_policy_id']) - op.create_foreign_key('gp_endpoint_groups_ibfk_nsp', - source='gp_endpoint_groups', + op.create_foreign_key('gp_policy_target_groups_ibfk_nsp', + source='gp_policy_target_groups', referent='gp_network_service_policies', local_cols=['network_service_policy_id'], remote_cols=['id'], ondelete='CASCADE') @@ -69,8 +69,9 @@ def upgrade(): def downgrade(): - op.drop_constraint('gp_endpoint_groups_ibfk_nsp', 'gp_endpoint_groups', + op.drop_constraint('gp_policy_target_groups_ibfk_nsp', + 'gp_policy_target_groups', 'foreignkey') - op.drop_column('gp_endpoint_groups', 'network_service_policy_id') + op.drop_column('gp_policy_target_groups', 'network_service_policy_id') op.drop_table('gp_network_service_params') op.drop_table('gp_network_service_policies') diff --git a/gbp/neutron/db/migration/alembic_migrations/versions/5c65abe72596_gbp_security_group_mapping.py b/gbp/neutron/db/migration/alembic_migrations/versions/5c65abe72596_gbp_security_group_mapping.py index 387e95ebc..9b5d8eaca 100644 --- a/gbp/neutron/db/migration/alembic_migrations/versions/5c65abe72596_gbp_security_group_mapping.py +++ b/gbp/neutron/db/migration/alembic_migrations/versions/5c65abe72596_gbp_security_group_mapping.py @@ -32,18 +32,19 @@ import sqlalchemy as sa def upgrade(): op.create_table( - 'gpm_contract_sg_mapping', - sa.Column('contract_id', sa.String(length=36), nullable=False), + 'gpm_policy_rule_set_sg_mapping', + sa.Column('policy_rule_set_id', sa.String(length=36), nullable=False), sa.Column('provided_sg_id', sa.String(length=36)), sa.Column('consumed_sg_id', sa.String(length=36)), - sa.ForeignKeyConstraint(['contract_id'], ['gp_contracts.id'], + sa.ForeignKeyConstraint(['policy_rule_set_id'], + ['gp_policy_rule_sets.id'], ondelete='CASCADE'), sa.ForeignKeyConstraint(['provided_sg_id'], ['securitygroups.id']), sa.ForeignKeyConstraint(['consumed_sg_id'], ['securitygroups.id']), - sa.PrimaryKeyConstraint('contract_id') + sa.PrimaryKeyConstraint('policy_rule_set_id') ) def downgrade(): - op.drop_table('gpm_contract_sg_mapping') + op.drop_table('gpm_policy_rule_set_sg_mapping') diff --git a/gbp/neutron/db/migration/alembic_migrations/versions/ab64381ee820_gbp_db_ep_epg_l2_l3_policy.py b/gbp/neutron/db/migration/alembic_migrations/versions/ab64381ee820_gbp_db_ep_epg_l2_l3_policy.py index 863cbbaae..ffcc463ec 100644 --- a/gbp/neutron/db/migration/alembic_migrations/versions/ab64381ee820_gbp_db_ep_epg_l2_l3_policy.py +++ b/gbp/neutron/db/migration/alembic_migrations/versions/ab64381ee820_gbp_db_ep_epg_l2_l3_policy.py @@ -13,7 +13,7 @@ # under the License. # -""" gbp_db_ep_epg_l2_l3_policy +""" gbp_db_ep_ptg_l2_l3_policy Revision ID: ab64381ee820 """ @@ -52,7 +52,7 @@ def upgrade(): sa.PrimaryKeyConstraint('id')) op.create_table( - 'gp_endpoint_groups', + 'gp_policy_target_groups', sa.Column('id', sa.String(36), nullable=False), sa.Column('tenant_id', sa.String(length=255), nullable=True), sa.Column('name', sa.String(length=50), nullable=True), @@ -63,20 +63,22 @@ def upgrade(): sa.PrimaryKeyConstraint('id')) op.create_table( - 'gp_endpoints', + 'gp_policy_targets', sa.Column('id', sa.String(36), nullable=False), sa.Column('tenant_id', sa.String(length=255), nullable=True), sa.Column('name', sa.String(length=50), nullable=True), sa.Column('description', sa.String(length=255), nullable=True), - sa.Column('endpoint_group_id', sa.String(length=36), nullable=True), - sa.ForeignKeyConstraint(['endpoint_group_id'], - ['gp_endpoint_groups.id'], ondelete='CASCADE'), + sa.Column('policy_target_group_id', sa.String(length=36), + nullable=True), + sa.ForeignKeyConstraint(['policy_target_group_id'], + ['gp_policy_target_groups.id'], + ondelete='CASCADE'), sa.PrimaryKeyConstraint('id')) def downgrade(): - op.drop_table('gp_endpoints') - op.drop_table('gp_endpoint_groups') + op.drop_table('gp_policy_targets') + op.drop_table('gp_policy_target_groups') op.drop_table('gp_l2_policies') op.drop_table('gp_l3_policies') diff --git a/gbp/neutron/db/migration/alembic_migrations/versions/ceba6e091b2a_nsp_epg_ip_mapping.py b/gbp/neutron/db/migration/alembic_migrations/versions/ceba6e091b2a_nsp_epg_ip_mapping.py index be216dff3..9dd255f23 100644 --- a/gbp/neutron/db/migration/alembic_migrations/versions/ceba6e091b2a_nsp_epg_ip_mapping.py +++ b/gbp/neutron/db/migration/alembic_migrations/versions/ceba6e091b2a_nsp_epg_ip_mapping.py @@ -34,10 +34,11 @@ def upgrade(active_plugins=None, options=None): 'gpm_service_policy_ipaddress_mappings', sa.Column('service_policy_id', sa.String(length=36), nullable=False), sa.Column('ipaddress', sa.String(length=36)), - sa.Column('endpoint_group', sa.String(length=36)), - sa.PrimaryKeyConstraint('endpoint_group'), - sa.ForeignKeyConstraint(['endpoint_group'], - ['gp_endpoint_groups.id'], ondelete='CASCADE'), + sa.Column('policy_target_group', sa.String(length=36)), + sa.PrimaryKeyConstraint('policy_target_group'), + sa.ForeignKeyConstraint(['policy_target_group'], + ['gp_policy_target_groups.id'], + ondelete='CASCADE'), sa.PrimaryKeyConstraint('service_policy_id'), sa.ForeignKeyConstraint(['service_policy_id'], ['gp_network_service_policies.id'], diff --git a/gbp/neutron/db/migration/alembic_migrations/versions/ebfd08bc4714_servicechain.py b/gbp/neutron/db/migration/alembic_migrations/versions/ebfd08bc4714_servicechain.py index b24318587..cbc691a4b 100644 --- a/gbp/neutron/db/migration/alembic_migrations/versions/ebfd08bc4714_servicechain.py +++ b/gbp/neutron/db/migration/alembic_migrations/versions/ebfd08bc4714_servicechain.py @@ -60,16 +60,18 @@ def upgrade(active_plugins=None, options=None): sa.Column('description', sa.String(length=255), nullable=True), sa.Column('config_param_values', sa.String(length=4096), nullable=True), - sa.Column('provider_epg', sa.String(length=36), nullable=True), - sa.Column('consumer_epg', sa.String(length=36), nullable=True), + sa.Column('provider_ptg', sa.String(length=36), nullable=True), + sa.Column('consumer_ptg', sa.String(length=36), nullable=True), sa.Column('classifier', sa.String(length=36), nullable=True), sa.Column('servicechain_spec', sa.String(length=36), nullable=True), - #FixMe(Magesh) Deletes the instances table itself !!! - #sa.ForeignKeyConstraint(['provider_epg'], ['gp_endpoint_groups.id'], - # ondelete='CASCADE'), - #sa.ForeignKeyConstraint(['consumer_epg'], ['gp_endpoint_groups.id'], - # ondelete='CASCADE'), - #sa.ForeignKeyConstraint(['classifier'], ['gp_policy_classifiers.id'], + # FixMe(Magesh) Deletes the instances table itself !!! + # sa.ForeignKeyConstraint(['provider_ptg'], + # ['gp_policy_target_groups.id'], + # ondelete='CASCADE'), + # sa.ForeignKeyConstraint(['consumer_ptg'], + # ['gp_policy_target_groups.id'], + # ondelete='CASCADE'), + # sa.ForeignKeyConstraint(['classifier'], ['gp_policy_classifiers.id'], # ondelete='CASCADE'), sa.ForeignKeyConstraint(['servicechain_spec'], ['sc_specs.id']), sa.PrimaryKeyConstraint('id') diff --git a/gbp/neutron/db/servicechain_db.py b/gbp/neutron/db/servicechain_db.py index fd73c177a..2ffcb2d3f 100644 --- a/gbp/neutron/db/servicechain_db.py +++ b/gbp/neutron/db/servicechain_db.py @@ -33,9 +33,8 @@ MAX_IPV6_SUBNET_PREFIX_LENGTH = 127 class SpecNodeAssociation(model_base.BASEV2): """Models many to many providing relation between Specs and Nodes.""" __tablename__ = 'sc_spec_node_associations' - servicechain_spec = sa.Column(sa.String(36), - sa.ForeignKey('sc_specs.id'), - primary_key=True) + servicechain_spec = sa.Column( + sa.String(36), sa.ForeignKey('sc_specs.id'), primary_key=True) node_id = sa.Column(sa.String(36), sa.ForeignKey('sc_nodes.id'), primary_key=True) @@ -61,18 +60,17 @@ class ServiceChainInstance(model_base.BASEV2, models_v2.HasId, name = sa.Column(sa.String(50)) description = sa.Column(sa.String(255)) config_param_values = sa.Column(sa.String(4096)) - servicechain_spec = sa.Column(sa.String(36), - sa.ForeignKey('sc_specs.id'), - nullable=True) - provider_epg = sa.Column(sa.String(36), - #FixMe(Magesh) Deletes the instances table itself - #sa.ForeignKey('gp_endpoint_groups.id'), + servicechain_spec = sa.Column( + sa.String(36), sa.ForeignKey('sc_specs.id'), nullable=True) + provider_ptg = sa.Column(sa.String(36), + # FixMe(Magesh) Deletes the instances table itself + # sa.ForeignKey('gp_policy_target_groups.id'), nullable=True) - consumer_epg = sa.Column(sa.String(36), - #sa.ForeignKey('gp_endpoint_groups.id'), + consumer_ptg = sa.Column(sa.String(36), + # sa.ForeignKey('gp_policy_target_groups.id'), nullable=True) classifier = sa.Column(sa.String(36), - #sa.ForeignKey('gp_policy_classifiers.id'), + # sa.ForeignKey('gp_policy_classifiers.id'), nullable=True) @@ -120,7 +118,7 @@ class ServiceChainDbPlugin(schain.ServiceChainPluginBase, return self._get_by_id(context, ServiceChainInstance, instance_id) except exc.NoResultFound: raise schain.ServiceChainInstanceNotFound( - sc_instance_id=instance_id) + sc_instance_id=instance_id) def _make_sc_node_dict(self, sc_node, fields=None): res = {'id': sc_node['id'], @@ -147,8 +145,8 @@ class ServiceChainDbPlugin(schain.ServiceChainPluginBase, 'description': instance['description'], 'config_param_values': instance['config_param_values'], 'servicechain_spec': instance['servicechain_spec'], - 'provider_epg': instance['provider_epg'], - 'consumer_epg': instance['consumer_epg'], + 'provider_ptg': instance['provider_ptg'], + 'consumer_ptg': instance['consumer_ptg'], 'classifier': instance['classifier']} return self._fields(res, fields) @@ -249,7 +247,7 @@ class ServiceChainDbPlugin(schain.ServiceChainPluginBase, spec_db.config_param_names = str(config_params.keys()) else: config_param_names = ast.literal_eval( - spec_db.config_param_names) + spec_db.config_param_names) config_param_names.extend(config_params.keys()) spec_db.config_param_names = str(config_param_names) @@ -318,17 +316,14 @@ class ServiceChainDbPlugin(schain.ServiceChainPluginBase, tenant_id = self._get_tenant_id_for_create(context, instance) with context.session.begin(subtransactions=True): instance_db = ServiceChainInstance( - id=uuidutils.generate_uuid(), - tenant_id=tenant_id, - name=instance['name'], - description=instance['description'], - config_param_values=instance[ - 'config_param_values'], - servicechain_spec=instance[ - 'servicechain_spec'], - provider_epg=instance['provider_epg'], - consumer_epg=instance['consumer_epg'], - classifier=instance['classifier']) + id=uuidutils.generate_uuid(), + tenant_id=tenant_id, name=instance['name'], + description=instance['description'], + config_param_values=instance['config_param_values'], + servicechain_spec=instance['servicechain_spec'], + provider_ptg=instance['provider_ptg'], + consumer_ptg=instance['consumer_ptg'], + classifier=instance['classifier']) context.session.add(instance_db) return self._make_sc_instance_dict(instance_db) @@ -338,8 +333,7 @@ class ServiceChainDbPlugin(schain.ServiceChainPluginBase, instance = servicechain_instance['servicechain_instance'] with context.session.begin(subtransactions=True): instance_db = self._get_servicechain_instance( - context, - servicechain_instance_id) + context, servicechain_instance_id) instance_db.update(instance) return self._make_sc_instance_dict(instance_db) @@ -347,8 +341,7 @@ class ServiceChainDbPlugin(schain.ServiceChainPluginBase, def delete_servicechain_instance(self, context, servicechain_instance_id): with context.session.begin(subtransactions=True): instance_db = self._get_servicechain_instance( - context, - servicechain_instance_id) + context, servicechain_instance_id) context.session.delete(instance_db) @log.log diff --git a/gbp/neutron/extensions/group_policy.py b/gbp/neutron/extensions/group_policy.py index e3a96e2ce..bc0f14a5f 100644 --- a/gbp/neutron/extensions/group_policy.py +++ b/gbp/neutron/extensions/group_policy.py @@ -40,12 +40,13 @@ LOG = logging.getLogger(__name__) # Group Policy Exceptions -class EndpointNotFound(nexc.NotFound): - message = _("Endpoint %(endpoint_id)s could not be found") +class PolicyTargetNotFound(nexc.NotFound): + message = _("Policy Target %(policy_target_id)s could not be found") -class EndpointGroupNotFound(nexc.NotFound): - message = _("EndpointGroup %(endpoint_group_id)s could not be found") +class PolicyTargetGroupNotFound(nexc.NotFound): + message = _("Policy Target Group %(policy_target_group_id)s could not " + "be found") class L2PolicyNotFound(nexc.NotFound): @@ -78,20 +79,20 @@ class PolicyRuleNotFound(nexc.NotFound): message = _("PolicyRule %(policy_rule_id)s could not be found") -class ContractNotFound(nexc.NotFound): - message = _("Contract %(contract_id)s could not be found") +class PolicyRuleSetNotFound(nexc.NotFound): + message = _("Policy Rule Set %(policy_rule_set_id)s could not be found") -class BadContractRelationship(nexc.BadRequest): - message = _("Contract %(parent_id)s is an invalid parent for " - "%(child_id)s, make sure that child contract has no " +class BadPolicyRuleSetRelationship(nexc.BadRequest): + message = _("Policy Rule Set %(parent_id)s is an invalid parent for " + "%(child_id)s, make sure that child policy_rule_set has no " "children, or that you are not creating a relationship loop") -class ThreeLevelContractHierarchyNotSupported(nexc.BadRequest): - message = _("Can't add children to contract %(contract_id)s " - "which already has a parent. Only one level of contract " - "hierarchy supported.") +class ThreeLevelPolicyRuleSetHierarchyNotSupported(nexc.BadRequest): + message = _("Can't add children to policy_rule_set %(policy_rule_set_id)s " + "which already has a parent. Only one level " + "of policy_rule_set hierarchy supported.") class GroupPolicyInvalidPortValue(nexc.InvalidInput): @@ -229,19 +230,19 @@ attr.validators['type:port_range'] = _validate_port_range attr.validators['type:network_service_params'] = _validate_network_svc_params -ENDPOINTS = 'endpoints' -ENDPOINT_GROUPS = 'endpoint_groups' +POLICY_TARGETS = 'policy_targets' +POLICY_TARGET_GROUPS = 'policy_target_groups' L2_POLICIES = 'l2_policies' L3_POLICIES = 'l3_policies' POLICY_CLASSIFIERS = 'policy_classifiers' POLICY_ACTIONS = 'policy_actions' POLICY_RULES = 'policy_rules' -CONTRACTS = 'contracts' +POLICY_RULE_SETS = 'policy_rule_sets' NETWORK_SERVICE_POLICIES = 'network_service_policies' RESOURCE_ATTRIBUTE_MAP = { - ENDPOINTS: { + POLICY_TARGETS: { 'id': {'allow_post': False, 'allow_put': False, 'validate': {'type:uuid': None}, 'is_visible': True, 'primary_key': True}, @@ -254,11 +255,11 @@ RESOURCE_ATTRIBUTE_MAP = { 'tenant_id': {'allow_post': True, 'allow_put': False, 'validate': {'type:string': None}, 'required_by_policy': True, 'is_visible': True}, - 'endpoint_group_id': {'allow_post': True, 'allow_put': True, - 'validate': {'type:uuid_or_none': None}, - 'required': True, 'is_visible': True}, + 'policy_target_group_id': {'allow_post': True, 'allow_put': True, + 'validate': {'type:uuid_or_none': None}, + 'required': True, 'is_visible': True}, }, - ENDPOINT_GROUPS: { + POLICY_TARGET_GROUPS: { 'id': {'allow_post': False, 'allow_put': False, 'validate': {'type:uuid': None}, 'is_visible': True, 'primary_key': True}, @@ -271,21 +272,23 @@ RESOURCE_ATTRIBUTE_MAP = { 'tenant_id': {'allow_post': True, 'allow_put': False, 'validate': {'type:string': None}, 'required_by_policy': True, 'is_visible': True}, - 'endpoints': {'allow_post': False, 'allow_put': False, - 'validate': {'type:uuid_list': None}, - 'convert_to': attr.convert_none_to_empty_list, - 'default': None, 'is_visible': True}, + 'policy_targets': {'allow_post': False, 'allow_put': False, + 'validate': {'type:uuid_list': None}, + 'convert_to': attr.convert_none_to_empty_list, + 'default': None, 'is_visible': True}, 'l2_policy_id': {'allow_post': True, 'allow_put': True, 'validate': {'type:uuid_or_none': None}, 'default': None, 'is_visible': True}, - 'provided_contracts': {'allow_post': True, 'allow_put': True, - 'validate': {'type:dict_or_none': None}, - 'convert_to': attr.convert_none_to_empty_dict, - 'default': None, 'is_visible': True}, - 'consumed_contracts': {'allow_post': True, 'allow_put': True, - 'validate': {'type:dict_or_none': None}, - 'convert_to': attr.convert_none_to_empty_dict, - 'default': None, 'is_visible': True}, + 'provided_policy_rule_sets': {'allow_post': True, 'allow_put': True, + 'validate': {'type:dict_or_none': None}, + 'convert_to': + attr.convert_none_to_empty_dict, + 'default': None, 'is_visible': True}, + 'consumed_policy_rule_sets': {'allow_post': True, 'allow_put': True, + 'validate': {'type:dict_or_none': None}, + 'convert_to': + attr.convert_none_to_empty_dict, + 'default': None, 'is_visible': True}, 'network_service_policy_id': {'allow_post': True, 'allow_put': True, 'validate': {'type:uuid_or_none': None}, 'default': None, 'is_visible': True}, @@ -303,10 +306,10 @@ RESOURCE_ATTRIBUTE_MAP = { 'tenant_id': {'allow_post': True, 'allow_put': False, 'validate': {'type:string': None}, 'required_by_policy': True, 'is_visible': True}, - 'endpoint_groups': {'allow_post': False, 'allow_put': False, - 'validate': {'type:uuid_list': None}, - 'convert_to': attr.convert_none_to_empty_list, - 'default': None, 'is_visible': True}, + 'policy_target_groups': {'allow_post': False, 'allow_put': False, + 'validate': {'type:uuid_list': None}, + 'convert_to': attr.convert_none_to_empty_list, + 'default': None, 'is_visible': True}, 'l3_policy_id': {'allow_post': True, 'allow_put': True, 'validate': {'type:uuid_or_none': None}, 'default': None, 'is_visible': True, @@ -420,7 +423,7 @@ RESOURCE_ATTRIBUTE_MAP = { 'validate': {'type:uuid_list': None}, 'convert_to': attr.convert_none_to_empty_list}, }, - CONTRACTS: { + POLICY_RULE_SETS: { 'id': {'allow_post': False, 'allow_put': False, 'validate': {'type:uuid': None}, 'is_visible': True, @@ -439,10 +442,11 @@ RESOURCE_ATTRIBUTE_MAP = { 'parent_id': {'allow_post': False, 'allow_put': False, 'validate': {'type:uuid': None}, 'is_visible': True}, - 'child_contracts': {'allow_post': True, 'allow_put': True, - 'default': None, 'is_visible': True, - 'validate': {'type:uuid_list': None}, - 'convert_to': attr.convert_none_to_empty_list}, + 'child_policy_rule_sets': {'allow_post': True, 'allow_put': True, + 'default': None, 'is_visible': True, + 'validate': {'type:uuid_list': None}, + 'convert_to': + attr.convert_none_to_empty_list}, 'policy_rules': {'allow_post': True, 'allow_put': True, 'default': None, 'validate': {'type:uuid_list': None}, 'convert_to': attr.convert_none_to_empty_list, @@ -461,10 +465,10 @@ RESOURCE_ATTRIBUTE_MAP = { 'tenant_id': {'allow_post': True, 'allow_put': False, 'validate': {'type:string': None}, 'required_by_policy': True, 'is_visible': True}, - 'endpoint_groups': {'allow_post': False, 'allow_put': False, - 'validate': {'type:uuid_list': None}, - 'convert_to': attr.convert_none_to_empty_list, - 'default': None, 'is_visible': True}, + 'policy_target_groups': {'allow_post': False, 'allow_put': False, + 'validate': {'type:uuid_list': None}, + 'convert_to': attr.convert_none_to_empty_list, + 'default': None, 'is_visible': True}, 'network_service_params': {'allow_post': True, 'allow_put': False, 'validate': {'type:network_service_params': None}, @@ -535,44 +539,45 @@ class GroupPolicyPluginBase(service_base.ServicePluginBase): return 'Group Policy plugin' @abc.abstractmethod - def get_endpoints(self, context, filters=None, fields=None): + def get_policy_targets(self, context, filters=None, fields=None): pass @abc.abstractmethod - def get_endpoint(self, context, endpoint_id, fields=None): + def get_policy_target(self, context, policy_target_id, fields=None): pass @abc.abstractmethod - def create_endpoint(self, context, endpoint): + def create_policy_target(self, context, policy_target): pass @abc.abstractmethod - def update_endpoint(self, context, endpoint_id, endpoint): + def update_policy_target(self, context, policy_target_id, policy_target): pass @abc.abstractmethod - def delete_endpoint(self, context, endpoint_id): + def delete_policy_target(self, context, policy_target_id): pass @abc.abstractmethod - def get_endpoint_groups(self, context, filters=None, fields=None): + def get_policy_target_groups(self, context, filters=None, fields=None): pass @abc.abstractmethod - def get_endpoint_group(self, context, endpoint_group_id, fields=None): + def get_policy_target_group(self, context, policy_target_group_id, + fields=None): pass @abc.abstractmethod - def create_endpoint_group(self, context, endpoint_group): + def create_policy_target_group(self, context, policy_target_group): pass @abc.abstractmethod - def update_endpoint_group(self, context, endpoint_group_id, - endpoint_group): + def update_policy_target_group(self, context, policy_target_group_id, + policy_target_group): pass @abc.abstractmethod - def delete_endpoint_group(self, context, endpoint_group_id): + def delete_policy_target_group(self, context, policy_target_group_id): pass @abc.abstractmethod @@ -701,21 +706,22 @@ class GroupPolicyPluginBase(service_base.ServicePluginBase): pass @abc.abstractmethod - def create_contract(self, context, contract): + def create_policy_rule_set(self, context, policy_rule_set): pass @abc.abstractmethod - def update_contract(self, context, contract_id, contract): + def update_policy_rule_set(self, context, policy_rule_set_id, + policy_rule_set): pass @abc.abstractmethod - def get_contracts(self, context, filters=None, fields=None): + def get_policy_rule_sets(self, context, filters=None, fields=None): pass @abc.abstractmethod - def get_contract(self, context, contract_id, fields=None): + def get_policy_rule_set(self, context, policy_rule_set_id, fields=None): pass @abc.abstractmethod - def delete_contract(self, context, contract_id): + def delete_policy_rule_set(self, context, policy_rule_set_id): pass diff --git a/gbp/neutron/extensions/group_policy_mapping.py b/gbp/neutron/extensions/group_policy_mapping.py index 49879d4bf..e339cef4a 100644 --- a/gbp/neutron/extensions/group_policy_mapping.py +++ b/gbp/neutron/extensions/group_policy_mapping.py @@ -17,12 +17,12 @@ from gbp.neutron.extensions import group_policy as gp # Extended attributes for Group Policy resource to map to Neutron constructs EXTENDED_ATTRIBUTES_2_0 = { - gp.ENDPOINTS: { + gp.POLICY_TARGETS: { 'port_id': {'allow_post': True, 'allow_put': False, 'validate': {'type:uuid_or_none': None}, 'is_visible': True, 'default': None}, }, - gp.ENDPOINT_GROUPS: { + gp.POLICY_TARGET_GROUPS: { 'subnets': {'allow_post': True, 'allow_put': True, 'validate': {'type:uuid_list': None}, 'convert_to': attr.convert_none_to_empty_list, diff --git a/gbp/neutron/extensions/servicechain.py b/gbp/neutron/extensions/servicechain.py index 45cc49d95..a25443770 100644 --- a/gbp/neutron/extensions/servicechain.py +++ b/gbp/neutron/extensions/servicechain.py @@ -149,11 +149,11 @@ RESOURCE_ATTRIBUTE_MAP = { 'validate': {'type:uuid_or_none': None}, 'default': None, 'is_visible': True, 'required': True}, - 'provider_epg': {'allow_post': True, 'allow_put': False, + 'provider_ptg': {'allow_post': True, 'allow_put': False, 'validate': {'type:uuid_or_none': None}, 'is_visible': True, 'default': None, 'required': True}, - 'consumer_epg': {'allow_post': True, 'allow_put': False, + 'consumer_ptg': {'allow_post': True, 'allow_put': False, 'validate': {'type:uuid_or_none': None}, 'is_visible': True, 'default': None, 'required': True}, @@ -162,8 +162,8 @@ RESOURCE_ATTRIBUTE_MAP = { 'is_visible': True, 'default': None, 'required': True}, 'config_param_values': {'allow_post': True, 'allow_put': False, - 'validate': {'type:string': None}, - 'default': "", 'is_visible': True}, + 'validate': {'type:string': None}, + 'default': "", 'is_visible': True}, }, } diff --git a/gbp/neutron/plugins/ml2/drivers/grouppolicy/apic/driver.py b/gbp/neutron/plugins/ml2/drivers/grouppolicy/apic/driver.py index 7ebad5dc3..6ffa124f2 100644 --- a/gbp/neutron/plugins/ml2/drivers/grouppolicy/apic/driver.py +++ b/gbp/neutron/plugins/ml2/drivers/grouppolicy/apic/driver.py @@ -38,7 +38,7 @@ class APICMechanismGBPDriver(api.MechanismDriver): # DHCP Ports are created implicitly by Neutron, need to inform GBP if (context.current.get('device_owner') == n_constants.DEVICE_OWNER_DHCP): - self.apic_gbp.create_dhcp_endpoint_if_needed( + self.apic_gbp.create_dhcp_policy_target_if_needed( context._plugin_context, context.current) def update_port_postcommit(self, context): diff --git a/gbp/neutron/services/grouppolicy/common/exceptions.py b/gbp/neutron/services/grouppolicy/common/exceptions.py index 63a187646..b40d0ed24 100644 --- a/gbp/neutron/services/grouppolicy/common/exceptions.py +++ b/gbp/neutron/services/grouppolicy/common/exceptions.py @@ -38,16 +38,19 @@ class GroupPolicyBadRequest(exceptions.BadRequest, GroupPolicyException): pass -class EndpointRequiresEndpointGroup(GroupPolicyBadRequest): - message = _("An endpoint group was not specified when creating endpoint.") +class PolicyTargetRequiresPolicyTargetGroup(GroupPolicyBadRequest): + message = _("An policy target group was not specified when " + "creating policy_target.") -class EndpointEndpointGroupUpdateNotSupported(GroupPolicyBadRequest): - message = _("Updating endpoint's endpoint group is not supported.") +class PolicyTargetGroupUpdateOfPolicyTargetNotSupported(GroupPolicyBadRequest): + message = _("Updating policy target group of policy target " + "is not supported.") -class EndpointGroupSubnetRemovalNotSupported(GroupPolicyBadRequest): - message = _("Removing a subnet from an endpoint group is not supported.") +class PolicyTargetGroupSubnetRemovalNotSupported(GroupPolicyBadRequest): + message = _("Removing a subnet from an policy target group is not " + "supported.") class L3PolicyMultipleRoutersNotSupported(GroupPolicyBadRequest): @@ -62,5 +65,5 @@ class NoSubnetAvailable(exceptions.ResourceExhausted, GroupPolicyException): message = _("No subnet is available from l3 policy's pool.") -class EndpointGroupInUse(GroupPolicyBadRequest): - message = _("Endpoint Group %(endpoint_group)s is in use") \ No newline at end of file +class PolicyTargetGroupInUse(GroupPolicyBadRequest): + message = _("Policy Target Group %(policy_target_group)s is in use") diff --git a/gbp/neutron/services/grouppolicy/drivers/cisco/apic/apic_mapping.py b/gbp/neutron/services/grouppolicy/drivers/cisco/apic/apic_mapping.py index 3432335fb..6be35adab 100644 --- a/gbp/neutron/services/grouppolicy/drivers/cisco/apic/apic_mapping.py +++ b/gbp/neutron/services/grouppolicy/drivers/cisco/apic/apic_mapping.py @@ -32,10 +32,10 @@ from gbp.neutron.services.grouppolicy.drivers import resource_mapping as api LOG = logging.getLogger(__name__) -class L2PolicyMultipleEndpointGroupNotSupportedOnApicDriver( +class L2PolicyMultiplePolicyTargetGroupNotSupportedOnApicDriver( gpexc.GroupPolicyBadRequest): - message = _("An L2 policy can't have multiple endpoint groups on APIC " - "GBP driver.") + message = _("An L2 policy can't have multiple policy target groups on " + "APIC GBP driver.") class RedirectActionNotSupportedOnApicDriver(gpexc.GroupPolicyBadRequest): @@ -108,48 +108,49 @@ class ApicMappingDriver(api.ResourceMappingDriver): port_id = (kwargs.get('port_id') or self._core_plugin._device_to_port_id(kwargs['device'])) port = self._core_plugin.get_port(context, port_id) - # retrieve EPG and network from a given Port - if not kwargs.get('endpoint'): - epg, network = self._port_to_epg_network(context, port, + # retrieve PTG and network from a given Port + if not kwargs.get('policy_target'): + ptg, network = self._port_to_ptg_network(context, port, kwargs['host']) - if not epg: + if not ptg: return else: - ep = kwargs['endpoint'] - epg = self.gbp_plugin.get_endpoint_group(context, - ep['endpoint_group_id']) - network = self._l2p_id_to_network(context, epg['l2_policy_id']) + pt = kwargs['policy_target'] + ptg = self.gbp_plugin.get_policy_target_group( + context, pt['policy_target_group_id']) + network = self._l2p_id_to_network(context, ptg['l2_policy_id']) return {'port_id': port_id, 'mac_address': port['mac_address'], - 'epg_id': epg['id'], + 'ptg_id': ptg['id'], 'segmentation_id': network[pn.SEGMENTATION_ID], 'network_type': network[pn.NETWORK_TYPE], - 'l2_policy_id': epg['l2_policy_id'], + 'l2_policy_id': ptg['l2_policy_id'], 'tenant_id': port['tenant_id'], 'host': port['binding:host_id'] } - def create_dhcp_endpoint_if_needed(self, plugin_context, port): + def create_dhcp_policy_target_if_needed(self, plugin_context, port): session = plugin_context.session if (self._port_is_owned(session, port['id'])): # Nothing to do return - # Retrieve EPG + # Retrieve PTG filters = {'network_id': [port['network_id']]} - epgs = self.gbp_plugin.get_endpoint_groups(plugin_context, - filters=filters) - if epgs: - epg = epgs[0] - # Create Endpoint - attrs = {'endpoint': + ptgs = self.gbp_plugin.get_policy_target_groups( + plugin_context, filters=filters) + if ptgs: + ptg = ptgs[0] + # Create PolicyTarget + attrs = {'policy_target': {'tenant_id': port['tenant_id'], - 'name': 'dhcp-%s' % epg['id'], - 'description': _("Implicitly created DHCP endpoint"), - 'endpoint_group_id': epg['id'], + 'name': 'dhcp-%s' % ptg['id'], + 'description': _("Implicitly created DHCP policy " + "target"), + 'policy_target_group_id': ptg['id'], 'port_id': port['id']}} - self.gbp_plugin.create_endpoint(plugin_context, attrs) + self.gbp_plugin.create_policy_target(plugin_context, attrs) sg_id = self._ensure_default_security_group(plugin_context, port['tenant_id']) data = {'port': {'security_groups': [sg_id]}} @@ -188,42 +189,46 @@ class ApicMappingDriver(api.ResourceMappingDriver): self.apic_manager.create_tenant_filter(policy_rule, owner=tenant, **attrs) - def create_contract_postcommit(self, context): + def create_policy_rule_set_postcommit(self, context): # Create APIC contract tenant = self.name_mapper.tenant(context, context.current['tenant_id']) - contract = self.name_mapper.contract(context, context.current['id']) + contract = self.name_mapper.policy_rule_set(context, + context.current['id']) with self.apic_manager.apic.transaction(None) as trs: - self.apic_manager.create_contract(contract, owner=tenant, - transaction=trs) - self._apply_contract_rules(context, context.current, - context.current['policy_rules'], - transaction=trs) + self.apic_manager.create_contract( + contract, owner=tenant, transaction=trs) + self._apply_policy_rule_set_rules( + context, context.current, context.current['policy_rules'], + transaction=trs) - def create_endpoint_postcommit(self, context): + def create_policy_target_postcommit(self, context): # The path needs to be created at bind time, this will be taken # care by the GBP ML2 apic driver. - super(ApicMappingDriver, self).create_endpoint_postcommit(context) - self._manage_endpoint_port(context._plugin_context, context.current) + super(ApicMappingDriver, self).create_policy_target_postcommit(context) + self._manage_policy_target_port( + context._plugin_context, context.current) - def create_endpoint_group_postcommit(self, context): - super(ApicMappingDriver, self).create_endpoint_group_postcommit( + def create_policy_target_group_postcommit(self, context): + super(ApicMappingDriver, self).create_policy_target_group_postcommit( context) tenant = self.name_mapper.tenant(context, context.current['tenant_id']) l2_policy = self.name_mapper.l2_policy(context, context.current['l2_policy_id']) - epg = self.name_mapper.endpoint_group(context, context.current['id']) + ptg = self.name_mapper.policy_target_group(context, + context.current['id']) with self.apic_manager.apic.transaction(None) as trs: - self.apic_manager.ensure_epg_created(tenant, epg, + self.apic_manager.ensure_epg_created(tenant, ptg, bd_name=l2_policy) subnets = self._subnet_ids_to_objects(context._plugin_context, context.current['subnets']) - self._manage_epg_subnets(context._plugin_context, context.current, + self._manage_ptg_subnets(context._plugin_context, context.current, subnets, [], transaction=trs) - self._manage_epg_contracts( + self._manage_ptg_policy_rule_sets( context._plugin_context, context.current, - context.current['provided_contracts'], - context.current['consumed_contracts'], [], [], transaction=trs) + context.current['provided_policy_rule_sets'], + context.current['consumed_policy_rule_sets'], [], [], + transaction=trs) def create_l2_policy_postcommit(self, context): super(ApicMappingDriver, self).create_l2_policy_postcommit(context) @@ -249,37 +254,39 @@ class ApicMappingDriver(api.ResourceMappingDriver): context.current['id']) self.apic_manager.delete_tenant_filter(policy_rule, owner=tenant) - def delete_contract_precommit(self, context): + def delete_policy_rule_set_precommit(self, context): # Intercept Parent Call pass - def delete_contract_postcommit(self, context): + def delete_policy_rule_set_postcommit(self, context): # TODO(ivar): disassociate EPGs to avoid reference leak tenant = self.name_mapper.tenant(context, context.current['tenant_id']) - contract = self.name_mapper.contract(context, context.current['id']) - self.apic_manager.delete_contract(contract, owner=tenant) + policy_rule_set = self.name_mapper.policy_rule_set( + context, context.current['id']) + self.apic_manager.delete_contract(policy_rule_set, owner=tenant) - def delete_endpoint_postcommit(self, context): + def delete_policy_target_postcommit(self, context): port = self._core_plugin.get_port(context._plugin_context, context.current['port_id']) if port['binding:host_id']: self.process_path_deletion(context._plugin_context, port, - endpoint=context.current) + policy_target=context.current) # Delete Neutron's port - super(ApicMappingDriver, self).delete_endpoint_postcommit(context) + super(ApicMappingDriver, self).delete_policy_target_postcommit(context) - def delete_endpoint_group_postcommit(self, context): + def delete_policy_target_group_postcommit(self, context): if context.current['subnets']: subnets = self._subnet_ids_to_objects(context._plugin_context, context.current['subnets']) - self._manage_epg_subnets(context._plugin_context, context.current, + self._manage_ptg_subnets(context._plugin_context, context.current, [], subnets) for subnet_id in context.current['subnets']: self._cleanup_subnet(context._plugin_context, subnet_id, None) tenant = self.name_mapper.tenant(context, context.current['tenant_id']) - epg = self.name_mapper.endpoint_group(context, context.current['id']) + ptg = self.name_mapper.policy_target_group(context, + context.current['id']) - self.apic_manager.delete_epg_for_network(tenant, epg) + self.apic_manager.delete_epg_for_network(tenant, ptg) def delete_l2_policy_postcommit(self, context): super(ApicMappingDriver, self).delete_l2_policy_postcommit(context) @@ -294,7 +301,7 @@ class ApicMappingDriver(api.ResourceMappingDriver): self.apic_manager.ensure_context_deleted(tenant, l3_policy) - def update_endpoint_postcommit(self, context): + def update_policy_target_postcommit(self, context): # TODO(ivar): redo binding procedure if the EPG is modified, # not doable unless driver extension framework is in place pass @@ -303,21 +310,29 @@ class ApicMappingDriver(api.ResourceMappingDriver): # TODO(ivar): add support for action update on policy rules raise PolicyRuleUpdateNotSupportedOnApicDriver() - def update_endpoint_group_postcommit(self, context): + def update_policy_target_group_postcommit(self, context): # TODO(ivar): refactor parent to avoid code duplication - orig_provided_contracts = context.original['provided_contracts'] - curr_provided_contracts = context.current['provided_contracts'] - orig_consumed_contracts = context.original['consumed_contracts'] - curr_consumed_contracts = context.current['consumed_contracts'] + orig_provided_policy_rule_sets = context.original[ + 'provided_policy_rule_sets'] + curr_provided_policy_rule_sets = context.current[ + 'provided_policy_rule_sets'] + orig_consumed_policy_rule_sets = context.original[ + 'consumed_policy_rule_sets'] + curr_consumed_policy_rule_sets = context.current[ + 'consumed_policy_rule_sets'] - new_provided_contracts = list(set(curr_provided_contracts) - - set(orig_provided_contracts)) - new_consumed_contracts = list(set(curr_consumed_contracts) - - set(orig_consumed_contracts)) - removed_provided_contracts = list(set(orig_provided_contracts) - - set(curr_provided_contracts)) - removed_consumed_contracts = list(set(orig_consumed_contracts) - - set(curr_consumed_contracts)) + new_provided_policy_rule_sets = list( + set(curr_provided_policy_rule_sets) - set( + orig_provided_policy_rule_sets)) + new_consumed_policy_rule_sets = list( + set(curr_consumed_policy_rule_sets) - set( + orig_consumed_policy_rule_sets)) + removed_provided_policy_rule_sets = list( + set(orig_provided_policy_rule_sets) - set( + curr_provided_policy_rule_sets)) + removed_consumed_policy_rule_sets = list( + set(orig_consumed_policy_rule_sets) - set( + curr_consumed_policy_rule_sets)) orig_subnets = context.original['subnets'] curr_subnets = context.current['subnets'] @@ -325,67 +340,69 @@ class ApicMappingDriver(api.ResourceMappingDriver): removed_subnets = list(set(orig_subnets) - set(curr_subnets)) with self.apic_manager.apic.transaction(None) as trs: - self._manage_epg_contracts( + self._manage_ptg_policy_rule_sets( context._plugin_context, context.current, - new_provided_contracts, new_consumed_contracts, - removed_provided_contracts, removed_consumed_contracts, - transaction=trs) + new_provided_policy_rule_sets, new_consumed_policy_rule_sets, + removed_provided_policy_rule_sets, + removed_consumed_policy_rule_sets, transaction=trs) new_subnets = self._subnet_ids_to_objects( context._plugin_context, new_subnets) removed_subnets = self._subnet_ids_to_objects( context._plugin_context, removed_subnets) - self._manage_epg_subnets(context._plugin_context, context.current, + self._manage_ptg_subnets(context._plugin_context, context.current, new_subnets, removed_subnets) def process_subnet_changed(self, context, old, new): if old['gateway_ip'] != new['gateway_ip']: - epg = self._subnet_to_epg(context, new['id']) - if epg: + ptg = self._subnet_to_ptg(context, new['id']) + if ptg: # Is GBP owned, reflect on APIC - self._manage_epg_subnets(context, epg, [new], [old]) + self._manage_ptg_subnets(context, ptg, [new], [old]) def process_port_changed(self, context, old, new): # Port's EP can't change unless EP is deleted/created, therefore the # binding will mostly be the same except for the host if old['binding:host_id'] != new['binding:host_id']: - ep = self._port_id_to_ep(context, new['id']) - if ep: + pt = self._port_id_to_pt(context, new['id']) + if pt: if old['binding:host_id']: self.process_path_deletion(context, old) - self._manage_endpoint_port(context, ep) + self._manage_policy_target_port(context, pt) - def process_path_deletion(self, context, port, endpoint=None): + def process_path_deletion(self, context, port, policy_target=None): port_details = self.get_gbp_details( context, port_id=port['id'], host=port['binding:host_id'], - endpoint=endpoint) + policy_target=policy_target) self._delete_path_if_last(context, port_details) - def _apply_contract_rules(self, context, contract, policy_rules, - transaction=None): + def _apply_policy_rule_set_rules( + self, context, policy_rule_set, policy_rules, transaction=None): # TODO(ivar): refactor parent to avoid code duplication - if contract['parent_id']: - parent = context._plugin.get_contract( - context._plugin_context, contract['parent_id']) + if policy_rule_set['parent_id']: + parent = context._plugin.get_policy_rule_set( + context._plugin_context, policy_rule_set['parent_id']) policy_rules = policy_rules & set(parent['policy_rules']) # Don't add rules unallowed by the parent - self._manage_contract_rules(context, contract, policy_rules, - transaction=transaction) + self._manage_policy_rule_set_rules( + context, policy_rule_set, policy_rules, transaction=transaction) - def _remove_contract_rules(self, context, contract, policy_rules, - transaction=None): - self._manage_contract_rules(context, contract, policy_rules, - unset=True, transaction=transaction) + def _remove_policy_rule_set_rules( + self, context, policy_rule_set, policy_rules, transaction=None): + self._manage_policy_rule_set_rules( + context, policy_rule_set, policy_rules, unset=True, + transaction=transaction) - def _manage_contract_rules(self, context, contract, policy_rules, - unset=False, transaction=None): + def _manage_policy_rule_set_rules( + self, context, policy_rule_set, policy_rules, unset=False, + transaction=None): # REVISIT(ivar): figure out what should be moved in apicapi instead if policy_rules: tenant = self.name_mapper.tenant(context, context.current['tenant_id']) - contract = self.name_mapper.contract(context, - context.current['id']) + policy_rule_set = self.name_mapper.policy_rule_set( + context, context.current['id']) in_dir = [g_const.GP_DIRECTION_BI, g_const.GP_DIRECTION_IN] out_dir = [g_const.GP_DIRECTION_BI, g_const.GP_DIRECTION_OUT] filters = {'id': policy_rules} @@ -395,20 +412,21 @@ class ApicMappingDriver(api.ResourceMappingDriver): classifier = context._plugin.get_policy_classifier( context._plugin_context, rule['policy_classifier_id']) with self.apic_manager.apic.transaction(transaction) as trs: + mgr = self.apic_manager if classifier['direction'] in in_dir: # Contract and subject are the same thing in this case - self.apic_manager.manage_contract_subject_in_filter( - contract, contract, policy_rule, owner=tenant, - transaction=trs, unset=unset) + mgr.manage_contract_subject_in_filter( + policy_rule_set, policy_rule_set, policy_rule, + owner=tenant, transaction=trs, unset=unset) if classifier['direction'] in out_dir: # Contract and subject are the same thing in this case - self.apic_manager.manage_contract_subject_out_filter( - contract, contract, policy_rule, owner=tenant, - transaction=trs, unset=unset) + mgr.manage_contract_subject_out_filter( + policy_rule_set, policy_rule_set, policy_rule, + owner=tenant, transaction=trs, unset=unset) @lockutils.synchronized('apic-portlock') - def _manage_endpoint_port(self, plugin_context, ep): - port = self._core_plugin.get_port(plugin_context, ep['port_id']) + def _manage_policy_target_port(self, plugin_context, pt): + port = self._core_plugin.get_port(plugin_context, pt['port_id']) if port.get('binding:host_id'): port_details = self.get_gbp_details( plugin_context, port_id=port['id'], @@ -419,28 +437,28 @@ class ApicMappingDriver(api.ResourceMappingDriver): plugin_context._plugin_context = plugin_context tenant_id = self.name_mapper.tenant(plugin_context, port['tenant_id']) - epg = self.name_mapper.endpoint_group( - plugin_context, port_details['epg_id']) + ptg = self.name_mapper.policy_target_group( + plugin_context, port_details['ptg_id']) bd = self.name_mapper.l2_policy( plugin_context, port_details['l2_policy_id']) seg = port_details['segmentation_id'] # Create a static path attachment for the host/epg/switchport with self.apic_manager.apic.transaction() as trs: self.apic_manager.ensure_path_created_for_port( - tenant_id, epg, port['binding:host_id'], seg, + tenant_id, ptg, port['binding:host_id'], seg, bd_name=bd, transaction=trs) - def _manage_epg_contracts(self, plugin_context, epg, added_provided, - added_consumed, removed_provided, - removed_consumed, transaction=None): + def _manage_ptg_policy_rule_sets( + self, plugin_context, ptg, added_provided, added_consumed, + removed_provided, removed_consumed, transaction=None): # TODO(ivar): change APICAPI to not expect a resource context plugin_context._plugin = self.gbp_plugin plugin_context._plugin_context = plugin_context mapped_tenant = self.name_mapper.tenant(plugin_context, - epg['tenant_id']) - mapped_epg = self.name_mapper.endpoint_group(plugin_context, - epg['id']) + ptg['tenant_id']) + mapped_ptg = self.name_mapper.policy_target_group(plugin_context, + ptg['id']) provided = [added_provided, removed_provided] consumed = [added_consumed, removed_consumed] methods = [self.apic_manager.set_contract_for_epg, @@ -448,24 +466,24 @@ class ApicMappingDriver(api.ResourceMappingDriver): with self.apic_manager.apic.transaction(transaction) as trs: for x in xrange(len(provided)): for c in provided[x]: - c = self.name_mapper.contract(plugin_context, c) - methods[x](mapped_tenant, mapped_epg, c, provider=True, + c = self.name_mapper.policy_rule_set(plugin_context, c) + methods[x](mapped_tenant, mapped_ptg, c, provider=True, transaction=trs) for x in xrange(len(consumed)): for c in consumed[x]: - c = self.name_mapper.contract(plugin_context, c) - methods[x](mapped_tenant, mapped_epg, c, provider=False, + c = self.name_mapper.policy_rule_set(plugin_context, c) + methods[x](mapped_tenant, mapped_ptg, c, provider=False, transaction=trs) - def _manage_epg_subnets(self, plugin_context, epg, added_subnets, + def _manage_ptg_subnets(self, plugin_context, ptg, added_subnets, removed_subnets, transaction=None): # TODO(ivar): change APICAPI to not expect a resource context plugin_context._plugin = self.gbp_plugin plugin_context._plugin_context = plugin_context mapped_tenant = self.name_mapper.tenant(plugin_context, - epg['tenant_id']) + ptg['tenant_id']) mapped_l2p = self.name_mapper.l2_policy(plugin_context, - epg['l2_policy_id']) + ptg['l2_policy_id']) subnets = [added_subnets, removed_subnets] methods = [self.apic_manager.ensure_subnet_created_on_apic, self.apic_manager.ensure_subnet_deleted_on_apic] @@ -483,10 +501,10 @@ class ApicMappingDriver(api.ResourceMappingDriver): models.PortBinding.port_id != port_info['port_id']).count() @lockutils.synchronized('apic-portlock') - def _delete_port_path(self, context, atenant_id, epg, port_info): + def _delete_port_path(self, context, atenant_id, ptg, port_info): if not self._get_active_path_count(context, port_info): self.apic_manager.ensure_path_deleted_for_port( - atenant_id, epg, port_info['host']) + atenant_id, ptg, port_info['host']) def _delete_path_if_last(self, context, port_info): if not self._get_active_path_count(context, port_info): @@ -495,8 +513,9 @@ class ApicMappingDriver(api.ResourceMappingDriver): context._plugin_context = context atenant_id = self.name_mapper.tenant(context, port_info['tenant_id']) - epg = self.name_mapper.endpoint_group(context, port_info['epg_id']) - self._delete_port_path(context, atenant_id, epg, port_info) + ptg = self.name_mapper.policy_target_group(context, + port_info['ptg_id']) + self._delete_port_path(context, atenant_id, ptg, port_info) def _ensure_default_security_group(self, context, tenant_id): filters = {'name': ['gbp_apic_default'], 'tenant_id': [tenant_id]} @@ -522,10 +541,10 @@ class ApicMappingDriver(api.ResourceMappingDriver): else: return default_group[0]['id'] - def _assoc_epg_sg_to_ep(self, context, ep_id, epg_id): + def _assoc_ptg_sg_to_pt(self, context, pt_id, ptg_id): pass - def _handle_contracts(self, context): + def _handle_policy_rule_sets(self, context): pass def _gateway_ip(self, subnet): @@ -536,26 +555,26 @@ class ApicMappingDriver(api.ResourceMappingDriver): return [x for x in self._core_plugin.get_subnets( plugin_context, filters={'id': ids})] - def _port_to_epg_network(self, context, port, host=None): - epg = self._port_id_to_epg(context, port['id']) - if not epg: + def _port_to_ptg_network(self, context, port, host=None): + ptg = self._port_id_to_ptg(context, port['id']) + if not ptg: # Not GBP port return None, None - network = self._l2p_id_to_network(context, epg['l2_policy_id']) - return epg, network + network = self._l2p_id_to_network(context, ptg['l2_policy_id']) + return ptg, network - def _port_id_to_ep(self, context, port_id): - ep = (context.session.query(gpdb.EndpointMapping). + def _port_id_to_pt(self, context, port_id): + pt = (context.session.query(gpdb.PolicyTargetMapping). filter_by(port_id=port_id).first()) - if ep: + if pt: db_utils = gpdb.GroupPolicyMappingDbPlugin() - return db_utils._make_endpoint_dict(ep) + return db_utils._make_policy_target_dict(pt) - def _port_id_to_epg(self, context, port_id): - ep = self._port_id_to_ep(context, port_id) - if ep: - return self.gbp_plugin.get_endpoint_group( - context, ep['endpoint_group_id']) + def _port_id_to_ptg(self, context, port_id): + pt = self._port_id_to_pt(context, port_id) + if pt: + return self.gbp_plugin.get_policy_target_group( + context, pt['policy_target_group_id']) return def _l2p_id_to_network(self, context, l2p_id): @@ -567,12 +586,12 @@ class ApicMappingDriver(api.ResourceMappingDriver): context, filters={'network_id': [network_id]}) return l2ps[0] if l2ps else None - def _subnet_to_epg(self, context, subnet_id): - epg = (context.session.query(gpdb.EndpointGroupMapping). - join(gpdb.EndpointGroupMapping.subnets). - filter(gpdb.EndpointGroupSubnetAssociation.subnet_id == + def _subnet_to_ptg(self, context, subnet_id): + ptg = (context.session.query(gpdb.PolicyTargetGroupMapping). + join(gpdb.PolicyTargetGroupMapping.subnets). + filter(gpdb.PTGToSubnetAssociation.subnet_id == subnet_id). first()) - if epg: + if ptg: db_utils = gpdb.GroupPolicyMappingDbPlugin() - return db_utils._make_endpoint_group_dict(epg) + return db_utils._make_policy_target_group_dict(ptg) diff --git a/gbp/neutron/services/grouppolicy/drivers/dummy_driver.py b/gbp/neutron/services/grouppolicy/drivers/dummy_driver.py index 5df1c45f0..8806a5bda 100644 --- a/gbp/neutron/services/grouppolicy/drivers/dummy_driver.py +++ b/gbp/neutron/services/grouppolicy/drivers/dummy_driver.py @@ -22,51 +22,51 @@ class NoopDriver(api.PolicyDriver): pass @log.log - def create_endpoint_precommit(self, context): + def create_policy_target_precommit(self, context): pass @log.log - def create_endpoint_postcommit(self, context): + def create_policy_target_postcommit(self, context): pass @log.log - def update_endpoint_precommit(self, context): + def update_policy_target_precommit(self, context): pass @log.log - def update_endpoint_postcommit(self, context): + def update_policy_target_postcommit(self, context): pass @log.log - def delete_endpoint_precommit(self, context): + def delete_policy_target_precommit(self, context): pass @log.log - def delete_endpoint_postcommit(self, context): + def delete_policy_target_postcommit(self, context): pass @log.log - def create_endpoint_group_precommit(self, context): + def create_policy_target_group_precommit(self, context): pass @log.log - def create_endpoint_group_postcommit(self, context): + def create_policy_target_group_postcommit(self, context): pass @log.log - def update_endpoint_group_precommit(self, context): + def update_policy_target_group_precommit(self, context): pass @log.log - def update_endpoint_group_postcommit(self, context): + def update_policy_target_group_postcommit(self, context): pass @log.log - def delete_endpoint_group_precommit(self, context): + def delete_policy_target_group_precommit(self, context): pass @log.log - def delete_endpoint_group_postcommit(self, context): + def delete_policy_target_group_postcommit(self, context): pass @log.log @@ -214,25 +214,25 @@ class NoopDriver(api.PolicyDriver): pass @log.log - def create_contract_precommit(self, context): + def create_policy_rule_set_precommit(self, context): pass @log.log - def create_contract_postcommit(self, context): + def create_policy_rule_set_postcommit(self, context): pass @log.log - def update_contract_precommit(self, context): + def update_policy_rule_set_precommit(self, context): pass @log.log - def update_contract_postcommit(self, context): + def update_policy_rule_set_postcommit(self, context): pass @log.log - def delete_contract_precommit(self, context): + def delete_policy_rule_set_precommit(self, context): pass @log.log - def delete_contract_postcommit(self, context): + def delete_policy_rule_set_postcommit(self, context): pass diff --git a/gbp/neutron/services/grouppolicy/drivers/implicit_policy.py b/gbp/neutron/services/grouppolicy/drivers/implicit_policy.py index 221b35ef2..9a1b44c70 100644 --- a/gbp/neutron/services/grouppolicy/drivers/implicit_policy.py +++ b/gbp/neutron/services/grouppolicy/drivers/implicit_policy.py @@ -33,13 +33,13 @@ opts = [ cfg.StrOpt('default_ip_pool', default='172.16.0.0/12', help=_("IP pool for implicitly created default L3 policies, " - "from which subnets are allocated for endpoint " + "from which subnets are allocated for policy target " "groups.")), cfg.IntOpt('default_subnet_prefix_length', default=26, help=_("Subnet prefix length for implicitly created default L3 " "polices, controlling size of subnets allocated for " - "endpoint groups.")), + "policy target groups.")), ] cfg.CONF.register_opts(opts, "group_policy_implicit_policy") @@ -69,7 +69,7 @@ class ImplicitPolicyDriver(api.PolicyDriver): """Implicit Policy driver for Group Policy plugin. This driver ensures that the l2_policy_id attribute of - EndpointGroup references an L2Policy instance and that the + PolicyTargetGroup references an L2Policy instance and that the l3_policy_id attribute of L2Policy references an L3Policy instance when the default value of None is specified. """ @@ -83,12 +83,12 @@ class ImplicitPolicyDriver(api.PolicyDriver): self._default_subnet_prefix_length = gpip.default_subnet_prefix_length @log.log - def create_endpoint_group_postcommit(self, context): + def create_policy_target_group_postcommit(self, context): if not context.current['l2_policy_id']: self._use_implicit_l2_policy(context) @log.log - def update_endpoint_group_postcommit(self, context): + def update_policy_target_group_postcommit(self, context): old_l2p_id = context.original['l2_policy_id'] new_l2p_id = context.current['l2_policy_id'] if old_l2p_id != new_l2p_id: @@ -97,7 +97,7 @@ class ImplicitPolicyDriver(api.PolicyDriver): self._use_implicit_l2_policy(context) @log.log - def delete_endpoint_group_postcommit(self, context): + def delete_policy_target_group_postcommit(self, context): l2p_id = context.current['l2_policy_id'] self._cleanup_l2_policy(context, l2p_id) diff --git a/gbp/neutron/services/grouppolicy/drivers/oneconvergence/nvsd_gbp_driver.py b/gbp/neutron/services/grouppolicy/drivers/oneconvergence/nvsd_gbp_driver.py index b9841e92a..5dae7cd2a 100644 --- a/gbp/neutron/services/grouppolicy/drivers/oneconvergence/nvsd_gbp_driver.py +++ b/gbp/neutron/services/grouppolicy/drivers/oneconvergence/nvsd_gbp_driver.py @@ -12,10 +12,10 @@ # License for the specific language governing permissions and limitations # under the License. -from gbp.neutron.services.grouppolicy.drivers.oneconvergence import\ - nvsd_gbp_api -from gbp.neutron.services.grouppolicy.drivers import resource_mapping\ - as res_map +from gbp.neutron.services.grouppolicy.drivers import ( + resource_mapping as res_map) +from gbp.neutron.services.grouppolicy.drivers.oneconvergence import ( + nvsd_gbp_api as api) from neutron.common import exceptions as n_exc from neutron.common import log @@ -30,52 +30,51 @@ class NvsdGbpDriver(res_map.ResourceMappingDriver): This class inherits from ResourceMappingDriver and overrides the implicit Subnet creation for an EndPointGroup. One Convergence NVSD only supports - REDIRECT to an L2 Service at present and the Provider and Consumer EPGs + REDIRECT to an L2 Service at present and the Provider and Consumer PTGs have to be on the same network and subnet. Hence, One Convergence NVSD Group Policy Driver creates only one default L2 Policy for a tenant. - Further, the EPGs do not have a one-to-one mapping to a subnet, but rather - multiple EPGs are mapped to one subnet. One Convergence NVSD maps an EPG to + Further, the PTGs do not have a one-to-one mapping to a subnet, but rather + multiple PTGs are mapped to one subnet. One Convergence NVSD maps an PTG to a NVSD Port Group. """ def __init__(self): - self.nvsd_api = nvsd_gbp_api.NVSDServiceApi() + self.nvsd_api = api.NVSDServiceApi() @log.log - def create_endpoint_postcommit(self, context): - super(NvsdGbpDriver, self).create_endpoint_postcommit(context) + def create_policy_target_postcommit(self, context): + super(NvsdGbpDriver, self).create_policy_target_postcommit(context) try: self.nvsd_api.create_endpoint(context._plugin_context, context.current) except Exception: with excutils.save_and_reraise_exception(): - super(NvsdGbpDriver, self).delete_endpoint_postcommit(context) + super(NvsdGbpDriver, + self).delete_policy_target_postcommit(context) @log.log - def update_endpoint_postcommit(self, context): + def update_policy_target_postcommit(self, context): self.nvsd_api.update_endpoint(context._plugin_context, context.current) @log.log - def delete_endpoint_postcommit(self, context): + def delete_policy_target_postcommit(self, context): self.nvsd_api.delete_endpoint(context._plugin_context, context.current['id']) - super(NvsdGbpDriver, self).delete_endpoint_postcommit(context) + super(NvsdGbpDriver, self).delete_policy_target_postcommit(context) @log.log - def create_endpoint_group_precommit(self, context): - #Reuse the previously created implicit L2 Policy for the tenant + def create_policy_target_group_precommit(self, context): + # Reuse the previously created implicit L2 Policy for the tenant if not context.current['l2_policy_id']: l2ps = context._plugin.get_l2_policies( - context._plugin_context, - filters=({'description': - ["Implicitly created L2 policy"], - "tenant_id": [ - context.current['tenant_id']]})) + context._plugin_context, + filters=({'description': ["Implicitly created L2 policy"], + "tenant_id": [context.current['tenant_id']]})) if l2ps: context.set_l2_policy_id(l2ps[0]['id']) @log.log - def create_endpoint_group_postcommit(self, context): + def create_policy_target_group_postcommit(self, context): subnets = context.current['subnets'] if subnets: l2p_id = context.current['l2_policy_id'] @@ -91,26 +90,28 @@ class NvsdGbpDriver(res_map.ResourceMappingDriver): self._use_implicit_subnet(context) self.nvsd_api.create_endpointgroup(context._plugin_context, context.current) - self._handle_contracts(context) + self._handle_policy_rule_sets(context) @log.log - def update_endpoint_group_postcommit(self, context): - super(NvsdGbpDriver, self).update_endpoint_group_postcommit(context) + def update_policy_target_group_postcommit(self, context): + super(NvsdGbpDriver, + self).update_policy_target_group_postcommit(context) self.nvsd_api.update_endpointgroup(context._plugin_context, context.current) @log.log - def delete_endpoint_group_precommit(self, context): + def delete_policy_target_group_precommit(self, context): l2p_id = context.current['l2_policy_id'] - epgs = context._plugin.get_endpoint_groups( - context._plugin_context, filters=({'l2_policy_id': [l2p_id]})) - for epg in epgs: - if epg['id'] != context.current['id']: + ptgs = context._plugin.get_policy_target_groups( + context._plugin_context, + filters=({'l2_policy_id': [l2p_id]})) + for ptg in ptgs: + if ptg['id'] != context.current['id']: context.current['l2_policy_id'] = None return @log.log - def delete_endpoint_group_postcommit(self, context): + def delete_policy_target_group_postcommit(self, context): try: self._cleanup_redirect_action(context) except Exception as err: @@ -122,7 +123,7 @@ class NvsdGbpDriver(res_map.ResourceMappingDriver): for subnet_id in context.current['subnets']: self._cleanup_subnet(context, subnet_id, router_id) except Exception as err: - LOG.error(_("Cleanup of Endpoint group failed. " + LOG.error(_("Cleanup of Policy target group failed. " "Error : %s"), err) self.nvsd_api.delete_endpointgroup(context._plugin_context, context.current['id']) @@ -158,24 +159,25 @@ class NvsdGbpDriver(res_map.ResourceMappingDriver): pass def _use_implicit_subnet(self, context): - #One Convergence NVSD does not support REDIRECT to a different Subnet - #at present. So restricting to use same subnet for a given L2 Policy - epgs = context._plugin.get_endpoint_groups(context._plugin_context, - filters=({'l2_policy_id': - [context.current['l2_policy_id']]})) - for epg in epgs: - if epg['subnets']: - context.add_subnet(epg['subnets'][0]) + # One Convergence NVSD does not support REDIRECT to a different Subnet + # at present. So restricting to use same subnet for a given L2 Policy + ptgs = context._plugin.get_policy_target_groups( + context._plugin_context, filters=( + {'l2_policy_id': [context.current['l2_policy_id']]})) + for ptg in ptgs: + if ptg['subnets']: + context.add_subnet(ptg['subnets'][0]) return - #Create a new Subnet for first EPG using the L2 Policy + # Create a new Subnet for first PTG using the L2 Policy super(NvsdGbpDriver, self)._use_implicit_subnet(context) def _cleanup_subnet(self, context, subnet_id, router_id): - #Cleanup is performed only when the last EPG on subnet is removed - epgs = context._plugin.get_endpoint_groups(context._plugin_context) - for epg in epgs: - epg_subnets = epg['subnets'] - if subnet_id in epg_subnets: + # Cleanup is performed only when the last PTG on subnet is removed + ptgs = context._plugin.get_policy_target_groups( + context._plugin_context) + for ptg in ptgs: + ptg_subnets = ptg['subnets'] + if subnet_id in ptg_subnets: return super(NvsdGbpDriver, self)._cleanup_subnet(context._plugin_context, subnet_id, router_id) diff --git a/gbp/neutron/services/grouppolicy/drivers/resource_mapping.py b/gbp/neutron/services/grouppolicy/drivers/resource_mapping.py index 341335b35..0c1d95002 100644 --- a/gbp/neutron/services/grouppolicy/drivers/resource_mapping.py +++ b/gbp/neutron/services/grouppolicy/drivers/resource_mapping.py @@ -30,6 +30,7 @@ import sqlalchemy as sa from sqlalchemy.orm import exc as sql_exc from gbp.neutron.db.grouppolicy import group_policy_db as gpdb +from gbp.neutron.db import servicechain_db # noqa from gbp.neutron.services.grouppolicy.common import constants as gconst from gbp.neutron.services.grouppolicy.common import exceptions as exc from gbp.neutron.services.grouppolicy import group_policy_driver_api as api @@ -74,14 +75,14 @@ class OwnedRouter(model_base.BASEV2): nullable=False, primary_key=True) -class ContractSGsMapping(model_base.BASEV2): - """Contract to SGs mapping DB.""" +class PolicyRuleSetSGsMapping(model_base.BASEV2): + """PolicyRuleSet to SGs mapping DB.""" - __tablename__ = 'gpm_contract_sg_mapping' - contract_id = sa.Column(sa.String(36), - sa.ForeignKey('gp_contracts.id', - ondelete='CASCADE'), - nullable=False, primary_key=True) + __tablename__ = 'gpm_policy_rule_set_sg_mapping' + policy_rule_set_id = sa.Column(sa.String(36), + sa.ForeignKey('gp_policy_rule_sets.id', + ondelete='CASCADE'), + nullable=False, primary_key=True) provided_sg_id = sa.Column(sa.String(36), sa.ForeignKey('securitygroups.id')) consumed_sg_id = sa.Column(sa.String(36), @@ -100,16 +101,16 @@ class RuleServiceChainInstanceMapping(model_base.BASEV2): ondelete='CASCADE')) -class ServicePolicyEPGIpAddressMapping(model_base.BASEV2): +class ServicePolicyPTGIpAddressMapping(model_base.BASEV2): """Service Policy to IP Address mapping DB.""" __tablename__ = 'gpm_service_policy_ipaddress_mappings' - service_policy_id = sa.Column(sa.String(36), - sa.ForeignKey('gp_network_service_policies.id'), - nullable=False, primary_key=True) - endpoint_group = sa.Column(sa.String(36), - sa.ForeignKey('gp_endpoint_groups.id'), - nullable=False, primary_key=True) + service_policy_id = sa.Column( + sa.String(36), sa.ForeignKey('gp_network_service_policies.id'), + nullable=False, primary_key=True) + policy_target_group = sa.Column( + sa.String(36), sa.ForeignKey('gp_policy_target_groups.id'), + nullable=False, primary_key=True) ipaddress = sa.Column(sa.String(36)) @@ -126,48 +127,48 @@ class ResourceMappingDriver(api.PolicyDriver): self._nova_notifier = nova.Notifier() @log.log - def create_endpoint_precommit(self, context): - if not context.current['endpoint_group_id']: - raise exc.EndpointRequiresEndpointGroup() + def create_policy_target_precommit(self, context): + if not context.current['policy_target_group_id']: + raise exc.PolicyTargetRequiresPolicyTargetGroup() @log.log - def create_endpoint_postcommit(self, context): + def create_policy_target_postcommit(self, context): # TODO(rkukura): Validate explicit port belongs to subnet of - # EPG. + # PTG. if not context.current['port_id']: self._use_implicit_port(context) - self._assoc_epg_sg_to_ep(context, context.current['id'], - context.current['endpoint_group_id']) + self._assoc_ptg_sg_to_pt(context, context.current['id'], + context.current['policy_target_group_id']) @log.log - def update_endpoint_precommit(self, context): - if (context.current['endpoint_group_id'] != - context.original['endpoint_group_id']): - raise exc.EndpointEndpointGroupUpdateNotSupported() + def update_policy_target_precommit(self, context): + if (context.current['policy_target_group_id'] != + context.original['policy_target_group_id']): + raise exc.PolicyTargetGroupUpdateOfPolicyTargetNotSupported() @log.log - def update_endpoint_postcommit(self, context): + def update_policy_target_postcommit(self, context): pass @log.log - def delete_endpoint_precommit(self, context): + def delete_policy_target_precommit(self, context): pass @log.log - def delete_endpoint_postcommit(self, context): - sg_list = self._generate_list_of_sg_from_epg( - context, context.current['endpoint_group_id']) + def delete_policy_target_postcommit(self, context): + sg_list = self._generate_list_of_sg_from_ptg( + context, context.current['policy_target_group_id']) self._disassoc_sgs_from_port(context._plugin_context, context.current['port_id'], sg_list) port_id = context.current['port_id'] self._cleanup_port(context._plugin_context, port_id) @log.log - def create_endpoint_group_precommit(self, context): + def create_policy_target_group_precommit(self, context): pass @log.log - def create_endpoint_group_postcommit(self, context): + def create_policy_target_group_postcommit(self, context): # TODO(rkukura): Validate explicit subnet belongs to L2P's # network. subnets = context.current['subnets'] @@ -185,33 +186,33 @@ class ResourceMappingDriver(api.PolicyDriver): else: self._use_implicit_subnet(context) self._handle_network_service_policy(context) - self._handle_contracts(context) + self._handle_policy_rule_sets(context) def _handle_network_service_policy(self, context): network_service_policy_id = context.current.get( - "network_service_policy_id") + "network_service_policy_id") if not network_service_policy_id: return nsp = context._plugin.get_network_service_policy( - context._plugin_context, network_service_policy_id) + context._plugin_context, network_service_policy_id) nsp_params = nsp.get("network_service_params") if not nsp_params: return - #RM Driver only supports one parameter of type ip_single and value - #self_subnet right now. Handle the other cases when we have usecase + # RM Driver only supports one parameter of type ip_single and value + # self_subnet right now. Handle the other cases when we have usecase if (len(nsp_params) > 1 or nsp_params[0].get("type") != "ip_single" or nsp_params[0].get("value") != "self_subnet"): return - #TODO(Magesh):Handle concurrency issues + # TODO(Magesh):Handle concurrency issues free_ip = self._get_last_free_ip(context._plugin_context, context.current['subnets']) if not free_ip: LOG.error(_("Reserving IP Addresses failed for Network Service " "Policy. No more IP Addresses on subnet")) return - #TODO(Magesh):Fetch subnet from EPG to which Service Policy is attached + # TODO(Magesh):Fetch subnet from PTG to which NSP is attached self._remove_ip_from_allocation_pool(context, context.current['subnets'][0], free_ip) @@ -219,87 +220,97 @@ class ResourceMappingDriver(api.PolicyDriver): network_service_policy_id, context.current['id'], free_ip) - provided_contracts = context.current['provided_contracts'] - self._allow_vip_traffic_on_provider(context, provided_contracts, - free_ip) + provided_policy_rule_sets = context.current[ + 'provided_policy_rule_sets'] + self._allow_vip_traffic_on_provider( + context, provided_policy_rule_sets, free_ip) - def _get_service_policy_ipaddress(self, context, endpoint_group): - ipaddress = self._get_epg_policy_ipaddress_mapping( - context._plugin_context.session, - endpoint_group) + def _get_service_policy_ipaddress(self, context, policy_target_group): + ipaddress = self._get_ptg_policy_ipaddress_mapping( + context._plugin_context.session, policy_target_group) return ipaddress - def _cleanup_network_service_policy(self, context, subnet, epg_id): - ipaddress = self._get_epg_policy_ipaddress_mapping( - context._plugin_context.session, - epg_id) + def _cleanup_network_service_policy(self, context, subnet, ptg_id): + ipaddress = self._get_ptg_policy_ipaddress_mapping( + context._plugin_context.session, ptg_id) if ipaddress: self._restore_ip_to_allocation_pool(context, subnet, ipaddress) self._delete_policy_ipaddress_mapping( - context._plugin_context.session, epg_id) + context._plugin_context.session, ptg_id) @log.log - def update_endpoint_group_precommit(self, context): + def update_policy_target_group_precommit(self, context): if set(context.original['subnets']) - set(context.current['subnets']): - raise exc.EndpointGroupSubnetRemovalNotSupported() + raise exc.PolicyTargetGroupSubnetRemovalNotSupported() @log.log - def update_endpoint_group_postcommit(self, context): + def update_policy_target_group_postcommit(self, context): # Three conditions where SG association needs to be changed - # (a) list of endpoints change - # (b) provided_contracts change - # (c) consumed_contracts change - epg_id = context.current['id'] - new_endpoints = list(set(context.current['endpoints']) - - set(context.original['endpoints'])) - if new_endpoints: - self._update_sgs_on_ep_with_epg(context, epg_id, - new_endpoints, "ASSOCIATE") - removed_endpoints = list(set(context.original['endpoints']) - - set(context.current['endpoints'])) - if removed_endpoints: - self._update_sgs_on_ep_with_epg(context, epg_id, - new_endpoints, "DISASSOCIATE") - # generate a list of contracts (SGs) to update on the EPG - orig_provided_contracts = context.original['provided_contracts'] - curr_provided_contracts = context.current['provided_contracts'] - new_provided_contracts = list(set(curr_provided_contracts) - - set(orig_provided_contracts)) - orig_consumed_contracts = context.original['consumed_contracts'] - curr_consumed_contracts = context.current['consumed_contracts'] - new_consumed_contracts = list(set(curr_consumed_contracts) - - set(orig_consumed_contracts)) - # if EPG associated contracts are updated, we need to update + # (a) list of policy_targets change + # (b) provided_policy_rule_sets change + # (c) consumed_policy_rule_sets change + ptg_id = context.current['id'] + new_policy_targets = list( + set(context.current['policy_targets']) - set( + context.original['policy_targets'])) + if new_policy_targets: + self._update_sgs_on_pt_with_ptg(context, ptg_id, + new_policy_targets, "ASSOCIATE") + removed_policy_targets = list( + set(context.original['policy_targets']) - set( + context.current['policy_targets'])) + if removed_policy_targets: + self._update_sgs_on_pt_with_ptg(context, ptg_id, + new_policy_targets, "DISASSOCIATE") + # generate a list of policy_rule_sets (SGs) to update on the PTG + orig_provided_policy_rule_sets = context.original[ + 'provided_policy_rule_sets'] + curr_provided_policy_rule_sets = context.current[ + 'provided_policy_rule_sets'] + new_provided_policy_rule_sets = list( + set(curr_provided_policy_rule_sets) - set( + orig_provided_policy_rule_sets)) + orig_consumed_policy_rule_sets = context.original[ + 'consumed_policy_rule_sets'] + curr_consumed_policy_rule_sets = context.current[ + 'consumed_policy_rule_sets'] + new_consumed_policy_rule_sets = list( + set(curr_consumed_policy_rule_sets) - set( + orig_consumed_policy_rule_sets)) + # if PTG associated policy_rule_sets are updated, we need to update # the policy rules, then assoicate SGs to ports - if new_provided_contracts or new_consumed_contracts: + if new_provided_policy_rule_sets or new_consumed_policy_rule_sets: subnets = context.current['subnets'] - self._assoc_sg_to_epg(context, subnets, new_provided_contracts, - new_consumed_contracts) - self._update_sgs_on_epg(context, epg_id, - new_provided_contracts, - new_consumed_contracts, "ASSOCIATE") + self._assoc_sg_to_ptg( + context, subnets, new_provided_policy_rule_sets, + new_consumed_policy_rule_sets) + self._update_sgs_on_ptg(context, ptg_id, + new_provided_policy_rule_sets, + new_consumed_policy_rule_sets, "ASSOCIATE") vip_ip_address = self._get_service_policy_ipaddress(context, - epg_id) + ptg_id) if vip_ip_address: - self._allow_vip_traffic_on_provider(context, - new_provided_contracts, - vip_ip_address) - # generate the list of contracts (SGs) to remove from current ports - removed_provided_contracts = list(set(orig_provided_contracts) - - set(curr_provided_contracts)) - removed_consumed_contracts = list(set(orig_consumed_contracts) - - set(curr_consumed_contracts)) - if removed_provided_contracts or removed_consumed_contracts: - self._update_sgs_on_epg(context, epg_id, - removed_provided_contracts, - removed_consumed_contracts, "DISASSOCIATE") + self._allow_vip_traffic_on_provider( + context, new_provided_policy_rule_sets, vip_ip_address) + # generate list of policy_rule_sets (SGs) to remove from current ports + removed_provided_policy_rule_sets = list( + set(orig_provided_policy_rule_sets) - set( + curr_provided_policy_rule_sets)) + removed_consumed_policy_rule_sets = list( + set(orig_consumed_policy_rule_sets) - set( + curr_consumed_policy_rule_sets)) + if removed_provided_policy_rule_sets or ( + removed_consumed_policy_rule_sets): + self._update_sgs_on_ptg( + context, ptg_id, removed_provided_policy_rule_sets, + removed_consumed_policy_rule_sets, "DISASSOCIATE") @log.log - def delete_endpoint_group_precommit(self, context): + def delete_policy_target_group_precommit(self, context): pass @log.log - def delete_endpoint_group_postcommit(self, context): + def delete_policy_target_group_postcommit(self, context): self._cleanup_network_service_policy(context, context.current['subnets'][0], context.current['id']) @@ -434,97 +445,97 @@ class ResourceMappingDriver(api.PolicyDriver): def delete_policy_rule_precommit(self, context): # REVISIT(ivar): This will be removed once navigability issue is # solved (bug/1384397) - context._rmd_contracts_temp = ( - context._plugin._get_policy_rule_contracts(context._plugin_context, - context.current['id'])) + context._rmd_policy_rule_sets_temp = ( + context._plugin._get_policy_rule_policy_rule_sets( + context._plugin_context, context.current['id'])) @log.log def delete_policy_rule_postcommit(self, context): - for contract_id in context._rmd_contracts_temp: - contract = context._plugin.get_contract( - context._plugin_context, contract_id) - contract_sg_mappings = self._get_contract_sg_mapping( - context._plugin_context.session, contract['id']) - epg_mapping = self._get_contract_epg_mapping(context, contract) - cidr_mapping = self._get_epg_cidrs_mapping(context, epg_mapping) - self._add_or_remove_contract_rule(context, context.current, - contract_sg_mappings, - cidr_mapping, - unset=True) + for policy_rule_set_id in context._rmd_policy_rule_sets_temp: + policy_rule_set = context._plugin.get_policy_rule_set( + context._plugin_context, policy_rule_set_id) + policy_rule_set_sg_mappings = self._get_policy_rule_set_sg_mapping( + context._plugin_context.session, policy_rule_set['id']) + ptg_mapping = self._get_policy_rule_set_ptg_mapping( + context, policy_rule_set) + cidr_mapping = self._get_ptg_cidrs_mapping(context, ptg_mapping) + self._add_or_remove_policy_rule_set_rule( + context, context.current, policy_rule_set_sg_mappings, + cidr_mapping, unset=True) @log.log - def create_contract_precommit(self, context): + def create_policy_rule_set_precommit(self, context): pass @log.log - def create_contract_postcommit(self, context): + def create_policy_rule_set_postcommit(self, context): # creating SGs - contract_id = context.current['id'] - consumed_sg = self._create_contract_sg(context, 'consumed') - provided_sg = self._create_contract_sg(context, 'provided') + policy_rule_set_id = context.current['id'] + consumed_sg = self._create_policy_rule_set_sg(context, 'consumed') + provided_sg = self._create_policy_rule_set_sg(context, 'provided') consumed_sg_id = consumed_sg['id'] provided_sg_id = provided_sg['id'] - self._set_contract_sg_mapping(context._plugin_context.session, - contract_id, consumed_sg_id, - provided_sg_id) - self._apply_contract_rules(context, context.current, - context.current['policy_rules']) + self._set_policy_rule_set_sg_mapping( + context._plugin_context.session, policy_rule_set_id, + consumed_sg_id, provided_sg_id) + self._apply_policy_rule_set_rules( + context, context.current, context.current['policy_rules']) @log.log - def update_contract_precommit(self, context): + def update_policy_rule_set_precommit(self, context): pass @log.log - def update_contract_postcommit(self, context): - # Update contract rules + def update_policy_rule_set_postcommit(self, context): + # Update policy_rule_set rules old_rules = set(context.original['policy_rules']) new_rules = set(context.current['policy_rules']) to_add = new_rules - old_rules to_remove = old_rules - new_rules - self._remove_contract_rules(context, context.current, to_remove) - self._apply_contract_rules(context, context.current, to_add) + self._remove_policy_rule_set_rules(context, context.current, to_remove) + self._apply_policy_rule_set_rules(context, context.current, to_add) # Update children contraint - to_recompute = (set(context.original['child_contracts']) ^ - set(context.current['child_contracts'])) - self._recompute_contracts(context, to_recompute) + to_recompute = (set(context.original['child_policy_rule_sets']) ^ + set(context.current['child_policy_rule_sets'])) + self._recompute_policy_rule_sets(context, to_recompute) if to_add or to_remove: - to_recompute = (set(context.original['child_contracts']) & - set(context.current['child_contracts'])) - self._recompute_contracts(context, to_recompute) + to_recompute = (set(context.original['child_policy_rule_sets']) & + set(context.current['child_policy_rule_sets'])) + self._recompute_policy_rule_sets(context, to_recompute) @log.log - def delete_contract_precommit(self, context): - mapping = self._get_contract_sg_mapping( + def delete_policy_rule_set_precommit(self, context): + mapping = self._get_policy_rule_set_sg_mapping( context._plugin_context.session, context.current['id']) context._rmd_sg_list_temp = [mapping['provided_sg_id'], mapping['consumed_sg_id']] - contract = context._plugin._get_contract( - context._plugin_context, context.current['id']) - context._rmd_epg_mapping_temp = self._get_contract_epg_mapping( - context, contract) + policy_rule_set = context._plugin._get_policy_rule_set( + context._plugin_context, context.current['id']) + context._rmd_ptg_mapping_temp = self._get_policy_rule_set_ptg_mapping( + context, policy_rule_set) @log.log - def delete_contract_postcommit(self, context): + def delete_policy_rule_set_postcommit(self, context): # Disassociate SGs sg_list = context._rmd_sg_list_temp - epg_mapping = context._rmd_epg_mapping_temp - for epgs in epg_mapping.values(): - for epg in epgs: - endpoint_list = epg['endpoints'] - for ep_id in endpoint_list: - self._disassoc_sgs_from_ep(context, ep_id, sg_list) + ptg_mapping = context._rmd_ptg_mapping_temp + for ptgs in ptg_mapping.values(): + for ptg in ptgs: + policy_target_list = ptg['policy_targets'] + for pt_id in policy_target_list: + self._disassoc_sgs_from_pt(context, pt_id, sg_list) # Delete SGs for sg in sg_list: self._delete_sg(context._plugin_context, sg) @log.log def delete_network_service_policy_postcommit(self, context): - for epg_id in context.current.get("endpoint_groups"): - epg = context._plugin.get_endpoint_group(context._plugin_context, - epg_id) - subnet = epg.get('subnets')[0] - self._cleanup_network_service_policy(self, context, subnet, epg_id) + for ptg_id in context.current.get("policy_target_groups"): + ptg = context._plugin.get_policy_target_group( + context._plugin_context, ptg_id) + subnet = ptg.get('subnets')[0] + self._cleanup_network_service_policy(self, context, subnet, ptg_id) def _get_routerid_for_l2policy(self, context, l2p_id): l2p = context._plugin.get_l2_policy(context._plugin_context, l2p_id) @@ -533,15 +544,15 @@ class ResourceMappingDriver(api.PolicyDriver): return l3p['routers'][0] def _use_implicit_port(self, context): - epg_id = context.current['endpoint_group_id'] - epg = context._plugin.get_endpoint_group(context._plugin_context, - epg_id) - l2p_id = epg['l2_policy_id'] + ptg_id = context.current['policy_target_group_id'] + ptg = context._plugin.get_policy_target_group( + context._plugin_context, ptg_id) + l2p_id = ptg['l2_policy_id'] l2p = context._plugin.get_l2_policy(context._plugin_context, l2p_id) sg_id = self._ensure_default_security_group( context._plugin_context, context.current['tenant_id']) attrs = {'tenant_id': context.current['tenant_id'], - 'name': 'ep_' + context.current['name'], + 'name': 'pt_' + context.current['name'], 'network_id': l2p['network_id'], 'mac_address': attributes.ATTR_NOT_SPECIFIED, 'fixed_ips': attributes.ATTR_NOT_SPECIFIED, @@ -572,12 +583,12 @@ class ResourceMappingDriver(api.PolicyDriver): l2ps = context._plugin.get_l2_policies( context._plugin_context, filters={'l3_policy_id': [l3p['id']]}) - epgs = context._plugin.get_endpoint_groups( + ptgs = context._plugin.get_policy_target_groups( context._plugin_context, filters={'l2_policy_id': [x['id'] for x in l2ps]}) subnets = [] - for epg in epgs: - subnets.extend(epg['subnets']) + for ptg in ptgs: + subnets.extend(ptg['subnets']) subnets = self._core_plugin.get_subnets(context._plugin_context, filters={'id': subnets}) for cidr in pool.subnet(l3p['subnet_prefix_length']): @@ -586,7 +597,7 @@ class ResourceMappingDriver(api.PolicyDriver): continue try: attrs = {'tenant_id': context.current['tenant_id'], - 'name': 'epg_' + context.current['name'], + 'name': 'ptg_' + context.current['name'], 'network_id': l2p['network_id'], 'ip_version': l3p['ip_version'], 'cidr': cidr.__str__(), @@ -670,7 +681,7 @@ class ResourceMappingDriver(api.PolicyDriver): if self._router_is_owned(plugin_context.session, router_id): self._delete_router(plugin_context, router_id) - def _create_contract_sg(self, context, sg_name_prefix): + def _create_policy_rule_set_sg(self, context, sg_name_prefix): # This method sets up the attributes of security group attrs = {'tenant_id': context.current['tenant_id'], 'name': sg_name_prefix + '_' + context.current['name'], @@ -678,128 +689,132 @@ class ResourceMappingDriver(api.PolicyDriver): 'security_group_rules': ''} return self._create_sg(context._plugin_context, attrs) - def _handle_contracts(self, context): - # This method handles contract => SG mapping - # context is EPG context + def _handle_policy_rule_sets(self, context): + # This method handles policy_rule_set => SG mapping + # context is PTG context - # for all consumed contracts, simply associate - # each EP's port from the EPG + # for all consumed policy_rule_sets, simply associate + # each EP's port from the PTG # rules are expected to be filled out already - consumed_contracts = context.current['consumed_contracts'] - provided_contracts = context.current['provided_contracts'] + consumed_policy_rule_sets = context.current[ + 'consumed_policy_rule_sets'] + provided_policy_rule_sets = context.current[ + 'provided_policy_rule_sets'] subnets = context.current['subnets'] - epg_id = context.current['id'] - if provided_contracts or consumed_contracts: - contracts = consumed_contracts + provided_contracts - self._handle_redirect_action(context, contracts) - self._assoc_sg_to_epg(context, subnets, provided_contracts, - consumed_contracts) - self._update_sgs_on_epg(context, epg_id, provided_contracts, - consumed_contracts, "ASSOCIATE") + ptg_id = context.current['id'] + if provided_policy_rule_sets or consumed_policy_rule_sets: + policy_rule_sets = ( + consumed_policy_rule_sets + provided_policy_rule_sets) + self._handle_redirect_action(context, policy_rule_sets) + self._assoc_sg_to_ptg(context, subnets, provided_policy_rule_sets, + consumed_policy_rule_sets) + self._update_sgs_on_ptg(context, ptg_id, provided_policy_rule_sets, + consumed_policy_rule_sets, "ASSOCIATE") - def _get_epgs_providing_contract(self, session, contract_id): + def _get_ptgs_providing_policy_rule_set(self, session, policy_rule_set_id): with session.begin(subtransactions=True): return (session.query( - gpdb.EndpointGroupContractProvidingAssociation). - filter_by(contract_id=contract_id).first()) + gpdb.PTGToPRSProvidingAssociation).filter_by( + policy_rule_set_id=policy_rule_set_id).first()) - def _get_epgs_consuming_contract(self, session, contract_id): + def _get_ptgs_consuming_policy_rule_set(self, session, policy_rule_set_id): try: with session.begin(subtransactions=True): return (session.query( - gpdb.EndpointGroupContractConsumingAssociation). - filter_by(contract_id=contract_id).all()) + gpdb.PTGToPRSConsumingAssociation).filter_by( + policy_rule_set_id=policy_rule_set_id).all()) except sql_exc.NoResultFound: return None def _set_policy_ipaddress_mapping(self, session, service_policy_id, - endpoint_group, ipaddress): + policy_target_group, ipaddress): with session.begin(subtransactions=True): - mapping = ServicePolicyEPGIpAddressMapping( - service_policy_id=service_policy_id, - endpoint_group=endpoint_group, - ipaddress=ipaddress) + mapping = ServicePolicyPTGIpAddressMapping( + service_policy_id=service_policy_id, + policy_target_group=policy_target_group, ipaddress=ipaddress) session.add(mapping) - def _get_epg_policy_ipaddress_mapping(self, session, endpoint_group): + def _get_ptg_policy_ipaddress_mapping(self, session, policy_target_group): with session.begin(subtransactions=True): - return (session.query(ServicePolicyEPGIpAddressMapping). - filter_by(endpoint_group=endpoint_group).first()) + return (session.query(ServicePolicyPTGIpAddressMapping). + filter_by(policy_target_group=policy_target_group).first()) - def _delete_policy_ipaddress_mapping(self, session, endpoint_group): + def _delete_policy_ipaddress_mapping(self, session, policy_target_group): with session.begin(subtransactions=True): mappings = session.query( - ServicePolicyEPGIpAddressMapping).filter_by( - endpoint_group=endpoint_group).first() + ServicePolicyPTGIpAddressMapping).filter_by( + policy_target_group=policy_target_group).first() for ip_map in mappings: session.delete(ip_map) - def _handle_redirect_action(self, context, contracts): - for contract_id in contracts: - epgs_consuming_contract = self._get_epgs_consuming_contract( - context._plugin_context._session, - contract_id) - epg_providing_contract = self._get_epgs_providing_contract( - context._plugin_context._session, - contract_id) + def _handle_redirect_action(self, context, policy_rule_sets): + for policy_rule_set_id in policy_rule_sets: + ptgs_consuming_policy_rule_set = ( + self._get_ptgs_consuming_policy_rule_set( + context._plugin_context._session, policy_rule_set_id)) + ptg_providing_prs = ( + self._get_ptgs_providing_policy_rule_set( + context._plugin_context._session, policy_rule_set_id)) - #Create the ServiceChain Instance when we have both Provider and - #consumer EPGs. If Labels are available, they have to be applied - #here. For now we support a single provider - if not epgs_consuming_contract or not epg_providing_contract: + # Create the ServiceChain Instance when we have both Provider and + # consumer PTGs. If Labels are available, they have to be applied + # here. For now we support a single provider + if not ptgs_consuming_policy_rule_set or ( + not ptg_providing_prs): continue - contract = context._plugin.get_contract( - context._plugin_context, contract_id) - for rule_id in contract.get('policy_rules'): + policy_rule_set = context._plugin.get_policy_rule_set( + context._plugin_context, policy_rule_set_id) + for rule_id in policy_rule_set.get('policy_rules'): rule_chain_map = self._get_rule_servicechain_mapping( - context._plugin_context.session, rule_id) + context._plugin_context.session, rule_id) if rule_chain_map: break # Only one redirect action per rule policy_rule = context._plugin.get_policy_rule( - context._plugin_context, rule_id) + context._plugin_context, rule_id) classifier_id = policy_rule.get("policy_classifier_id") for action_id in policy_rule.get("policy_actions"): policy_action = context._plugin.get_policy_action( - context._plugin_context, action_id) + context._plugin_context, action_id) if policy_action['action_type'].upper() == "REDIRECT": - for epg_consuming_contract in epgs_consuming_contract: + for ptg_consuming_prs in ( + ptgs_consuming_policy_rule_set): sc_instance = self._create_servicechain_instance( - context, - policy_action.get("action_value"), - epg_providing_contract. - endpoint_group_id, - epg_consuming_contract. - endpoint_group_id, - classifier_id) + context, policy_action.get("action_value"), + ptg_providing_prs.policy_target_group_id, + ptg_consuming_prs.policy_target_group_id, + classifier_id) chain_instance_id = sc_instance['id'] self._set_rule_servicechain_instance_mapping( - context._plugin_context.session, - rule_id, chain_instance_id) + context._plugin_context.session, + rule_id, chain_instance_id) break def _cleanup_redirect_action(self, context): - consumed_contracts = context.current['consumed_contracts'] - provided_contracts = context.current['provided_contracts'] - if not provided_contracts and not consumed_contracts: + consumed_policy_rule_sets = context.current[ + 'consumed_policy_rule_sets'] + provided_policy_rule_sets = context.current[ + 'provided_policy_rule_sets'] + if not provided_policy_rule_sets and not consumed_policy_rule_sets: return - contracts = provided_contracts + consumed_contracts - for contract_id in contracts: - epgs_consuming_contract = self._get_epgs_consuming_contract( - context._plugin_context._session, - contract_id) - epg_providing_contract = self._get_epgs_providing_contract( - context._plugin_context._session, - contract_id) - #Delete the ServiceChain Instance when we do not have either - #the Provider or the consumer EPGs - if not epgs_consuming_contract or not epg_providing_contract: - contract = context._plugin.get_contract( - context._plugin_context, contract_id) - for rule_id in contract.get('policy_rules'): + policy_rule_sets = provided_policy_rule_sets + ( + consumed_policy_rule_sets) + for policy_rule_set_id in policy_rule_sets: + ptgs_consuming_policy_rule_set = ( + self._get_ptgs_consuming_policy_rule_set( + context._plugin_context._session, policy_rule_set_id)) + ptg_providing_policy_rule_set = ( + self._get_ptgs_providing_policy_rule_set( + context._plugin_context._session, policy_rule_set_id)) + # Delete the ServiceChain Instance when we do not have either + # the Provider or the consumer PTGs + if not ptgs_consuming_policy_rule_set or ( + not ptg_providing_policy_rule_set): + policy_rule_set = context._plugin.get_policy_rule_set( + context._plugin_context, policy_rule_set_id) + for rule_id in policy_rule_set.get('policy_rules'): chain_id_map = self._get_rule_servicechain_mapping( - context._plugin_context.session, - rule_id) + context._plugin_context.session, rule_id) if chain_id_map: self._delete_servicechain_instance( context, chain_id_map.servicechain_instance_id) @@ -891,8 +906,8 @@ class ResourceMappingDriver(api.PolicyDriver): 'security_group_rule', sg_rule_id) def _restore_ip_to_allocation_pool(self, context, subnet_id, ip_address): - #TODO(Magesh):Pass subnets and loop on subnets. Better to add logic - #to Merge the pools together after Fragmentation + # TODO(Magesh):Pass subnets and loop on subnets. Better to add logic + # to Merge the pools together after Fragmentation subnet = self._core_plugin.get_subnet(context._plugin_context, subnet_id) allocation_pools = subnet['allocation_pools'] @@ -905,7 +920,7 @@ class ResourceMappingDriver(api.PolicyDriver): subnet = self._update_subnet(context._plugin_context, subnet['id'], subnet) return - #TODO(Magesh):Have to test this logic. Add proper unit tests + # TODO(Magesh):Have to test this logic. Add proper unit tests subnet['allocation_pools'].append({"start": ip_address, "end": ip_address}) del subnet['gateway_ip'] @@ -913,7 +928,7 @@ class ResourceMappingDriver(api.PolicyDriver): subnet['id'], subnet) def _remove_ip_from_allocation_pool(self, context, subnet_id, ip_address): - #TODO(Magesh):Pass subnets and loop on subnets + # TODO(Magesh):Pass subnets and loop on subnets subnet = self._core_plugin.get_subnet(context._plugin_context, subnet_id) allocation_pools = subnet['allocation_pools'] @@ -927,7 +942,7 @@ class ResourceMappingDriver(api.PolicyDriver): break def _get_last_free_ip(self, context, subnets): - #Hope lock_mode update is not needed + # Hope lock_mode update is not needed range_qry = context.session.query( models_v2.IPAvailabilityRange).join( models_v2.IPAllocationPool) @@ -939,32 +954,32 @@ class ResourceMappingDriver(api.PolicyDriver): return ip_address def _create_servicechain_instance(self, context, servicechain_spec, - provider_epg, consumer_epg, + provider_ptg, consumer_ptg, classifier_id, config_params=None): config_param_values = {} - epg = context._plugin.get_endpoint_group(context._plugin_context, - provider_epg) - network_service_policy_id = epg.get("network_service_policy_id") + ptg = context._plugin.get_policy_target_group( + context._plugin_context, provider_ptg) + network_service_policy_id = ptg.get("network_service_policy_id") if network_service_policy_id: nsp = context._plugin.get_network_service_policy( - context._plugin_context, network_service_policy_id) + context._plugin_context, network_service_policy_id) service_params = nsp.get("network_service_params") - #Supporting only one value now + # Supporting only one value now param_type = service_params[0].get("type") if param_type == "ip_single": key = service_params[0].get("name") - servicepolicy_epg_ip_map = self._get_service_policy_ipaddress( - context, provider_epg) - servicepolicy_ip = servicepolicy_epg_ip_map.get("ipaddress") + servicepolicy_ptg_ip_map = self._get_service_policy_ipaddress( + context, provider_ptg) + servicepolicy_ip = servicepolicy_ptg_ip_map.get("ipaddress") config_param_values[key] = servicepolicy_ip attrs = {'tenant_id': context.current['tenant_id'], 'name': 'gbp_' + context.current['name'], 'description': "", 'servicechain_spec': servicechain_spec, - 'provider_epg': provider_epg, - 'consumer_epg': consumer_epg, + 'provider_ptg': provider_ptg, + 'consumer_ptg': consumer_ptg, 'classifier': classifier_id, 'config_param_values': jsonutils.dumps(config_param_values)} return self._create_resource(self._servicechain_plugin, @@ -1117,18 +1132,18 @@ class ResourceMappingDriver(api.PolicyDriver): filter_by(router_id=router_id). first() is not None) - def _set_contract_sg_mapping(self, session, contract_id, - consumed_sg_id, provided_sg_id): + def _set_policy_rule_set_sg_mapping( + self, session, policy_rule_set_id, consumed_sg_id, provided_sg_id): with session.begin(subtransactions=True): - mapping = ContractSGsMapping(contract_id=contract_id, - consumed_sg_id=consumed_sg_id, - provided_sg_id=provided_sg_id) + mapping = PolicyRuleSetSGsMapping( + policy_rule_set_id=policy_rule_set_id, + consumed_sg_id=consumed_sg_id, provided_sg_id=provided_sg_id) session.add(mapping) - def _get_contract_sg_mapping(self, session, contract_id): + def _get_policy_rule_set_sg_mapping(self, session, policy_rule_set_id): with session.begin(subtransactions=True): - return (session.query(ContractSGsMapping). - filter_by(contract_id=contract_id).one()) + return (session.query(PolicyRuleSetSGsMapping). + filter_by(policy_rule_set_id=policy_rule_set_id).one()) def _sg_rule(self, context, sg_id, protocol, port_range, cidr, direction, unset=False): @@ -1156,8 +1171,8 @@ class ResourceMappingDriver(api.PolicyDriver): else: return self._create_sg_rule(context._plugin_context, attrs) - def _sg_ingress_rule(self, context, sg_id, protocol, port_range, - cidr, unset=False): + def _sg_ingress_rule(self, context, sg_id, protocol, port_range, cidr, + unset=False): return self._sg_rule(context, sg_id, protocol, port_range, cidr, 'ingress', unset) @@ -1166,18 +1181,18 @@ class ResourceMappingDriver(api.PolicyDriver): return self._sg_rule(context, sg_id, protocol, port_range, cidr, 'egress', unset) - def _assoc_sgs_to_ep(self, context, ep_id, sg_list): - ep = context._plugin.get_endpoint(context._plugin_context, ep_id) - port_id = ep['port_id'] + def _assoc_sgs_to_pt(self, context, pt_id, sg_list): + pt = context._plugin.get_policy_target(context._plugin_context, pt_id) + port_id = pt['port_id'] port = self._core_plugin.get_port(context._plugin_context, port_id) cur_sg_list = port[ext_sg.SECURITYGROUPS] new_sg_list = cur_sg_list + sg_list port[ext_sg.SECURITYGROUPS] = new_sg_list self._update_port(context._plugin_context, port_id, port) - def _disassoc_sgs_from_ep(self, context, ep_id, sg_list): - ep = context._plugin.get_endpoint(context._plugin_context, ep_id) - port_id = ep['port_id'] + def _disassoc_sgs_from_pt(self, context, pt_id, sg_list): + pt = context._plugin.get_policy_target(context._plugin_context, pt_id) + port_id = pt['port_id'] self._disassoc_sgs_from_port(context._plugin_context, port_id, sg_list) def _disassoc_sgs_from_port(self, plugin_context, port_id, sg_list): @@ -1187,62 +1202,60 @@ class ResourceMappingDriver(api.PolicyDriver): port[ext_sg.SECURITYGROUPS] = new_sg_list self._update_port(plugin_context, port_id, port) - def _generate_list_of_sg_from_epg(self, context, epg_id): - epg = context._plugin.get_endpoint_group(context._plugin_context, - epg_id) - provided_contracts = epg['provided_contracts'] - consumed_contracts = epg['consumed_contracts'] - return(self._generate_list_sg_from_contract_list(context, - provided_contracts, - consumed_contracts)) + def _generate_list_of_sg_from_ptg(self, context, ptg_id): + ptg = context._plugin.get_policy_target_group( + context._plugin_context, ptg_id) + provided_policy_rule_sets = ptg['provided_policy_rule_sets'] + consumed_policy_rule_sets = ptg['consumed_policy_rule_sets'] + return(self._generate_list_sg_from_policy_rule_set_list( + context, provided_policy_rule_sets, consumed_policy_rule_sets)) - def _generate_list_sg_from_contract_list(self, context, - provided_contracts, - consumed_contracts): + def _generate_list_sg_from_policy_rule_set_list(self, context, + provided_policy_rule_sets, + consumed_policy_rule_sets): ret_list = [] - for contract_id in provided_contracts: - contract_sg_mappings = self._get_contract_sg_mapping( - context._plugin_context.session, contract_id) - provided_sg_id = contract_sg_mappings['provided_sg_id'] + for policy_rule_set_id in provided_policy_rule_sets: + policy_rule_set_sg_mappings = self._get_policy_rule_set_sg_mapping( + context._plugin_context.session, policy_rule_set_id) + provided_sg_id = policy_rule_set_sg_mappings['provided_sg_id'] ret_list.append(provided_sg_id) - for contract_id in consumed_contracts: - contract_sg_mappings = self._get_contract_sg_mapping( - context._plugin_context.session, contract_id) - consumed_sg_id = contract_sg_mappings['consumed_sg_id'] + for policy_rule_set_id in consumed_policy_rule_sets: + policy_rule_set_sg_mappings = self._get_policy_rule_set_sg_mapping( + context._plugin_context.session, policy_rule_set_id) + consumed_sg_id = policy_rule_set_sg_mappings['consumed_sg_id'] ret_list.append(consumed_sg_id) return ret_list - def _assoc_epg_sg_to_ep(self, context, ep_id, epg_id): - sg_list = self._generate_list_of_sg_from_epg(context, epg_id) - self._assoc_sgs_to_ep(context, ep_id, sg_list) + def _assoc_ptg_sg_to_pt(self, context, pt_id, ptg_id): + sg_list = self._generate_list_of_sg_from_ptg(context, ptg_id) + self._assoc_sgs_to_pt(context, pt_id, sg_list) - def _update_sgs_on_ep_with_epg(self, context, epg_id, new_ep_list, op): - sg_list = self._generate_list_of_sg_from_epg(context, epg_id) - for ep_id in new_ep_list: + def _update_sgs_on_pt_with_ptg(self, context, ptg_id, new_pt_list, op): + sg_list = self._generate_list_of_sg_from_ptg(context, ptg_id) + for pt_id in new_pt_list: if op == "ASSOCIATE": - self._assoc_sgs_to_ep(context, ep_id, sg_list) + self._assoc_sgs_to_pt(context, pt_id, sg_list) else: - self._disassoc_sgs_from_ep(context, ep_id, sg_list) + self._disassoc_sgs_from_pt(context, pt_id, sg_list) - def _update_sgs_on_epg(self, context, epg_id, - provided_contracts, consumed_contracts, op): - sg_list = self._generate_list_sg_from_contract_list(context, - provided_contracts, - consumed_contracts) - epg = context._plugin.get_endpoint_group(context._plugin_context, - epg_id) - endpoint_list = epg['endpoints'] - for ep_id in endpoint_list: + def _update_sgs_on_ptg(self, context, ptg_id, provided_policy_rule_sets, + consumed_policy_rule_sets, op): + sg_list = self._generate_list_sg_from_policy_rule_set_list( + context, provided_policy_rule_sets, consumed_policy_rule_sets) + ptg = context._plugin.get_policy_target_group( + context._plugin_context, ptg_id) + policy_target_list = ptg['policy_targets'] + for pt_id in policy_target_list: if op == "ASSOCIATE": - self._assoc_sgs_to_ep(context, ep_id, sg_list) + self._assoc_sgs_to_pt(context, pt_id, sg_list) else: - self._disassoc_sgs_from_ep(context, ep_id, sg_list) + self._disassoc_sgs_from_pt(context, pt_id, sg_list) - # context should be EPG - def _assoc_sg_to_epg(self, context, subnets, provided_contracts, - consumed_contracts): - if not provided_contracts and not consumed_contracts: + # context should be PTG + def _assoc_sg_to_ptg(self, context, subnets, provided_policy_rule_sets, + consumed_policy_rule_sets): + if not provided_policy_rule_sets and not consumed_policy_rule_sets: return cidr_list = [] @@ -1253,37 +1266,38 @@ class ResourceMappingDriver(api.PolicyDriver): cidr_list.append(cidr) prov_cons = ['providing_cidrs', 'consuming_cidrs'] - for pos, contracts in enumerate([provided_contracts, - consumed_contracts]): - for contract_id in contracts: - contract = context._plugin.get_contract( - context._plugin_context, contract_id) - contract_sg_mappings = self._get_contract_sg_mapping( - context._plugin_context.session, contract_id) + for pos, policy_rule_sets in enumerate( + [provided_policy_rule_sets, consumed_policy_rule_sets]): + for policy_rule_set_id in policy_rule_sets: + policy_rule_set = context._plugin.get_policy_rule_set( + context._plugin_context, policy_rule_set_id) + policy_rule_set_sg_mappings = ( + self._get_policy_rule_set_sg_mapping( + context._plugin_context.session, policy_rule_set_id)) cidr_mapping = {prov_cons[pos]: cidr_list, prov_cons[pos - 1]: []} - policy_rules = contract['policy_rules'] + policy_rules = policy_rule_set['policy_rules'] for policy_rule_id in policy_rules: policy_rule = context._plugin.get_policy_rule( context._plugin_context, policy_rule_id) - self._add_or_remove_contract_rule(context, policy_rule, - contract_sg_mappings, - cidr_mapping) + self._add_or_remove_policy_rule_set_rule( + context, policy_rule, policy_rule_set_sg_mappings, + cidr_mapping) - #Revisit(Magesh): Need to handle directions and rule removal/update - #Can merge a part of this method and _assoc_sg_to_epg and - #_add_or_remove_contract_rule into a generic method - def _allow_vip_traffic_on_provider(self, context, provided_contracts, - vip_ip): - if not provided_contracts: + # Revisit(Magesh): Need to handle directions and rule removal/update + # Can merge a part of this method and _assoc_sg_to_ptg and + # _add_or_remove_policy_rule_set_rule into a generic method + def _allow_vip_traffic_on_provider(self, context, + provided_policy_rule_sets, vip_ip): + if not provided_policy_rule_sets: return cidr = vip_ip + "/32" - for contract_id in provided_contracts: - contract = context._plugin.get_contract( - context._plugin_context, contract_id) - contract_sg_mappings = self._get_contract_sg_mapping( - context._plugin_context.session, contract_id) - policy_rules = contract['policy_rules'] + for policy_rule_set_id in provided_policy_rule_sets: + policy_rule_set = context._plugin.get_policy_rule_set( + context._plugin_context, policy_rule_set_id) + policy_rule_set_sg_mappings = self._get_policy_rule_set_sg_mapping( + context._plugin_context.session, policy_rule_set_id) + policy_rules = policy_rule_set['policy_rules'] for policy_rule_id in policy_rules: policy_rule = context._plugin.get_policy_rule( context._plugin_context, policy_rule_id) @@ -1292,33 +1306,33 @@ class ResourceMappingDriver(api.PolicyDriver): context._plugin_context, classifier_id) protocol = classifier['protocol'] port_range = classifier['port_range'] - self._sg_ingress_rule(context, - contract_sg_mappings['provided_sg_id'], - protocol, port_range, - cidr, unset=False) + self._sg_ingress_rule( + context, policy_rule_set_sg_mappings['provided_sg_id'], + protocol, port_range, cidr, unset=False) - def _manage_contract_rules(self, context, contract, policy_rules, - unset=False): - contract_sg_mappings = self._get_contract_sg_mapping( - context._plugin_context.session, contract['id']) - contract = context._plugin._get_contract( - context._plugin_context, contract['id']) - epg_mapping = self._get_contract_epg_mapping(context, contract) - cidr_mapping = self._get_epg_cidrs_mapping(context, epg_mapping) + def _manage_policy_rule_set_rules(self, context, policy_rule_set, + policy_rules, unset=False): + policy_rule_set_sg_mappings = self._get_policy_rule_set_sg_mapping( + context._plugin_context.session, policy_rule_set['id']) + policy_rule_set = context._plugin._get_policy_rule_set( + context._plugin_context, policy_rule_set['id']) + ptg_mapping = self._get_policy_rule_set_ptg_mapping( + context, policy_rule_set) + cidr_mapping = self._get_ptg_cidrs_mapping(context, ptg_mapping) for policy_rule_id in policy_rules: policy_rule = context._plugin.get_policy_rule( context._plugin_context, policy_rule_id) - self._add_or_remove_contract_rule(context, policy_rule, - contract_sg_mappings, - cidr_mapping, unset=unset) + self._add_or_remove_policy_rule_set_rule( + context, policy_rule, policy_rule_set_sg_mappings, + cidr_mapping, unset=unset) - def _add_or_remove_contract_rule(self, context, policy_rule, - contract_sg_mappings, cidr_mapping, - unset=False): + def _add_or_remove_policy_rule_set_rule(self, context, policy_rule, + policy_rule_set_sg_mappings, + cidr_mapping, unset=False): in_out = [gconst.GP_DIRECTION_IN, gconst.GP_DIRECTION_OUT] - prov_cons = [contract_sg_mappings['provided_sg_id'], - contract_sg_mappings['consumed_sg_id']] + prov_cons = [policy_rule_set_sg_mappings['provided_sg_id'], + policy_rule_set_sg_mappings['consumed_sg_id']] cidr_prov_cons = [cidr_mapping['providing_cidrs'], cidr_mapping['consuming_cidrs']] @@ -1339,33 +1353,36 @@ class ResourceMappingDriver(api.PolicyDriver): self._sg_egress_rule(context, sg, protocol, port_range, '0.0.0.0/0', unset=unset) - def _apply_contract_rules(self, context, contract, policy_rules): - if contract['parent_id']: - parent = context._plugin.get_contract( - context._plugin_context, contract['parent_id']) + def _apply_policy_rule_set_rules(self, context, policy_rule_set, + policy_rules): + if policy_rule_set['parent_id']: + parent = context._plugin.get_policy_rule_set( + context._plugin_context, policy_rule_set['parent_id']) policy_rules = policy_rules & set(parent['policy_rules']) # Don't add rules unallowed by the parent - self._manage_contract_rules(context, contract, policy_rules) + self._manage_policy_rule_set_rules( + context, policy_rule_set, policy_rules) - def _remove_contract_rules(self, context, contract, policy_rules): - self._manage_contract_rules(context, contract, policy_rules, - unset=True) + def _remove_policy_rule_set_rules(self, context, policy_rule_set, + policy_rules): + self._manage_policy_rule_set_rules( + context, policy_rule_set, policy_rules, unset=True) - def _recompute_contracts(self, context, children): + def _recompute_policy_rule_sets(self, context, children): # Rules in child but not in parent shall be removed # Child rules will be set after being filtered by the parent for child in children: - child = context._plugin.get_contract( + child = context._plugin.get_policy_rule_set( context._plugin_context, child) child_rules = set(child['policy_rules']) if child['parent_id']: - parent = context._plugin.get_contract( + parent = context._plugin.get_policy_rule_set( context._plugin_context, child['parent_id']) parent_rules = set(parent['policy_rules']) - self._remove_contract_rules(context, child, - child_rules - parent_rules) + self._remove_policy_rule_set_rules( + context, child, child_rules - parent_rules) # Old parent may have filtered some rules, need to add them again - self._apply_contract_rules(context, child, child_rules) + self._apply_policy_rule_set_rules(context, child, child_rules) def _ensure_default_security_group(self, plugin_context, tenant_id): filters = {'name': ['gbp_default'], 'tenant_id': [tenant_id]} @@ -1379,47 +1396,47 @@ class ResourceMappingDriver(api.PolicyDriver): else: return default_group[0]['id'] - def _get_contract_epg_mapping(self, context, contract): + def _get_policy_rule_set_ptg_mapping(self, context, policy_rule_set): # REVISIT(ivar): This will be removed once navigability issue is # solved (bug/1384398) return { - 'providing_epgs': self._get_epgs_by_id( + 'providing_ptgs': self._get_ptgs_by_id( context, - [x['endpoint_group_id'] for x in contract.get( - 'providing_endpoint_groups', [])]), - 'consuming_epgs': self._get_epgs_by_id( + [x['policy_target_group_id'] for x in policy_rule_set.get( + 'providing_policy_target_groups', [])]), + 'consuming_ptgs': self._get_ptgs_by_id( context, - [x['endpoint_group_id'] for x in contract.get( - 'consuming_endpoint_groups', [])])} + [x['policy_target_group_id'] for x in policy_rule_set.get( + 'consuming_policy_target_groups', [])])} - def _get_epgs_by_id(self, context, ids): + def _get_ptgs_by_id(self, context, ids): if ids: filters = {'id': ids} - return context._plugin.get_endpoint_groups(context._plugin_context, - filters) + return context._plugin.get_policy_target_groups( + context._plugin_context, filters) else: return [] - def _get_epg_cidrs(self, context, epgs): + def _get_ptg_cidrs(self, context, ptgs): cidrs = [] - for epg in epgs: + for ptg in ptgs: cidrs.extend([self._core_plugin.get_subnet( - context._plugin_context, x)['cidr'] for x in epg['subnets']]) + context._plugin_context, x)['cidr'] for x in ptg['subnets']]) return cidrs - def _get_epg_cidrs_mapping(self, context, epg_mapping): + def _get_ptg_cidrs_mapping(self, context, ptg_mapping): return { - 'providing_cidrs': self._get_epg_cidrs( - context, epg_mapping['providing_epgs']), - 'consuming_cidrs': self._get_epg_cidrs( - context, epg_mapping['consuming_epgs'])} + 'providing_cidrs': self._get_ptg_cidrs( + context, ptg_mapping['providing_ptgs']), + 'consuming_cidrs': self._get_ptg_cidrs( + context, ptg_mapping['consuming_ptgs'])} def _set_rule_servicechain_instance_mapping(self, session, rule_id, servicechain_instance_id): with session.begin(subtransactions=True): mapping = RuleServiceChainInstanceMapping( - rule_id=rule_id, - servicechain_instance_id=servicechain_instance_id) + rule_id=rule_id, + servicechain_instance_id=servicechain_instance_id) session.add(mapping) def _get_rule_servicechain_mapping(self, session, rule_id): diff --git a/gbp/neutron/services/grouppolicy/group_policy_context.py b/gbp/neutron/services/grouppolicy/group_policy_context.py index db6af6a76..17e773300 100644 --- a/gbp/neutron/services/grouppolicy/group_policy_context.py +++ b/gbp/neutron/services/grouppolicy/group_policy_context.py @@ -20,59 +20,61 @@ class GroupPolicyContext(object): self._plugin_context = plugin_context -class EndpointContext(GroupPolicyContext, api.EndpointContext): +class PolicyTargetContext(GroupPolicyContext, api.PolicyTargetContext): - def __init__(self, plugin, plugin_context, endpoint, - original_endpoint=None): - super(EndpointContext, self).__init__(plugin, plugin_context) - self._endpoint = endpoint - self._original_endpoint = original_endpoint + def __init__(self, plugin, plugin_context, policy_target, + original_policy_target=None): + super(PolicyTargetContext, self).__init__(plugin, plugin_context) + self._policy_target = policy_target + self._original_policy_target = original_policy_target @property def current(self): - return self._endpoint + return self._policy_target @property def original(self): - return self._original_endpoint + return self._original_policy_target def set_port_id(self, port_id): - self._plugin._set_port_for_endpoint( - self._plugin_context, self._endpoint['id'], port_id) - self._endpoint['port_id'] = port_id + self._plugin._set_port_for_policy_target( + self._plugin_context, self._policy_target['id'], port_id) + self._policy_target['port_id'] = port_id -class EndpointGroupContext(GroupPolicyContext, api.EndpointGroupContext): +class PolicyTargetGroupContext(GroupPolicyContext, + api.PolicyTargetGroupContext): - def __init__(self, plugin, plugin_context, endpoint_group, - original_endpoint_group=None): - super(EndpointGroupContext, self).__init__(plugin, plugin_context) - self._endpoint_group = endpoint_group - self._original_endpoint_group = original_endpoint_group + def __init__(self, plugin, plugin_context, policy_target_group, + original_policy_target_group=None): + super(PolicyTargetGroupContext, self).__init__(plugin, plugin_context) + self._policy_target_group = policy_target_group + self._original_policy_target_group = original_policy_target_group @property def current(self): - return self._endpoint_group + return self._policy_target_group @property def original(self): - return self._original_endpoint_group + return self._original_policy_target_group def set_l2_policy_id(self, l2_policy_id): - self._plugin._set_l2_policy_for_endpoint_group( - self._plugin_context, self._endpoint_group['id'], l2_policy_id) - self._endpoint_group['l2_policy_id'] = l2_policy_id + self._plugin._set_l2_policy_for_policy_target_group( + self._plugin_context, self._policy_target_group['id'], + l2_policy_id) + self._policy_target_group['l2_policy_id'] = l2_policy_id def set_network_service_policy_id(self, network_service_policy_id): nsp_id = network_service_policy_id - self._plugin._set_network_service_policy_for_endpoint_group( - self._plugin_context, self._endpoint_group['id'], nsp_id) - self._endpoint_group['network_service_policy_id'] = nsp_id + self._plugin._set_network_service_policy_for_policy_target_group( + self._plugin_context, self._policy_target_group['id'], nsp_id) + self._policy_target_group['network_service_policy_id'] = nsp_id def add_subnet(self, subnet_id): - subnets = self._plugin._add_subnet_to_endpoint_group( - self._plugin_context, self._endpoint_group['id'], subnet_id) - self._endpoint_group['subnets'] = subnets + subnets = self._plugin._add_subnet_to_policy_target_group( + self._plugin_context, self._policy_target_group['id'], subnet_id) + self._policy_target_group['subnets'] = subnets class L2PolicyContext(GroupPolicyContext, api.L2PolicyContext): @@ -194,18 +196,18 @@ class PolicyRuleContext(GroupPolicyContext, api.PolicyRuleContext): return self._original_policy_rule -class ContractContext(GroupPolicyContext, api.ContractContext): +class PolicyRuleSetContext(GroupPolicyContext, api.PolicyRuleSetContext): - def __init__(self, plugin, plugin_context, contract, - original_contract=None): - super(ContractContext, self).__init__(plugin, plugin_context) - self._contract = contract - self._original_contract = original_contract + def __init__(self, plugin, plugin_context, policy_rule_set, + original_policy_rule_set=None): + super(PolicyRuleSetContext, self).__init__(plugin, plugin_context) + self._policy_rule_set = policy_rule_set + self._original_policy_rule_set = original_policy_rule_set @property def current(self): - return self._contract + return self._policy_rule_set @property def original(self): - return self._original_contract + return self._original_policy_rule_set diff --git a/gbp/neutron/services/grouppolicy/group_policy_driver_api.py b/gbp/neutron/services/grouppolicy/group_policy_driver_api.py index 1dbcd39a1..039045ec5 100644 --- a/gbp/neutron/services/grouppolicy/group_policy_driver_api.py +++ b/gbp/neutron/services/grouppolicy/group_policy_driver_api.py @@ -16,100 +16,101 @@ import six @six.add_metaclass(abc.ABCMeta) -class EndpointContext(object): - """Context passed to policy engine for endpoint resource changes. +class PolicyTargetContext(object): + """Context passed to policy engine for policy_target resource changes. - An EndpointContext instance wraps an endpoint resource. It provides + A PolicyTargetContext instance wraps a policy_target resource. It provides helper methods for accessing other relevant information. Results from expensive operations are cached for convenient access. """ @abc.abstractproperty def current(self): - """Return the current state of the endpoint. + """Return the current state of the policy_target. - Return the current state of the endpoint, as defined by - GroupPolicyPlugin.create_endpoint. + Return the current state of the policy_target, as defined by + GroupPolicyPlugin.create_policy_target. """ pass @abc.abstractproperty def original(self): - """Return the original state of the endpoint. + """Return the original state of the policy_target. - Return the original state of the endpoint, prior to a call to - update_endpoint. Method is only valid within calls to - update_endpoint_precommit and update_endpoint_postcommit. + Return the original state of the policy_target, prior to a call to + update_policy_target. Method is only valid within calls to + update_policy_target_precommit and update_policy_target_postcommit. """ pass @abc.abstractmethod def set_port_id(self, port_id): - """Set the port for the endpoint. + """Set the port for the policy_target. - :param port_id: Port to which endpoint is mapped. + :param port_id: Port to which policy_target is mapped. - Set the neutron port to which the endpoint is mapped. + Set the neutron port to which the policy_target is mapped. """ pass @six.add_metaclass(abc.ABCMeta) -class EndpointGroupContext(object): - """Context passed to policy engine for endpoint_group resource changes. +class PolicyTargetGroupContext(object): + """Context passed to policy engine for policy_target_group resource changes. - An EndpointContext instance wraps an endpoint_group resource. It provides - helper methods for accessing other relevant information. Results + PolicyTargetContext instance wraps a policy_target_group resource. It + provides helper methods for accessing other relevant information. Results from expensive operations are cached for convenient access. """ @abc.abstractproperty def current(self): - """Return the current state of the endpoint_group. + """Return the current state of the policy_target_group. - Return the current state of the endpoint_group, as defined by - GroupPolicyPlugin.create_endpoint_group. + Return the current state of the policy_target_group, as defined by + GroupPolicyPlugin.create_policy_target_group. """ pass @abc.abstractproperty def original(self): - """Return the original state of the endpoint_group. + """Return the original state of the policy_target_group. - Return the original state of the endpoint_group, prior to a call to - update_endpoint_group. Method is only valid within calls to - update_endpoint_group_precommit and update_endpoint_group_postcommit. + Return the original state of the policy_target_group, prior to a call + to update_policy_target_group. Method is only valid within calls to + update_policy_target_group_precommit and + update_policy_target_group_postcommit. """ pass @abc.abstractmethod def set_l2_policy_id(self, l2_policy_id): - """Set the l2_policy for the endpoint_group. + """Set the l2_policy for the policy_target_group. - :param l2_policy_id: l2_policy for the endpoint_group. + :param l2_policy_id: l2_policy for the policy_target_group. - Set the l2_policy for the endpoint_group. + Set the l2_policy for the policy_target_group. """ pass @abc.abstractmethod def set_network_service_policy_id(self, network_service_policy_id): - """Set the network_service_policy for the endpoint_group. + """Set the network_service_policy for the policy_target_group. - :param network_service_policy_id: network_service_policy for the epg. + :param network_service_policy_id: network_service_policy for the ptg. - Set the network_service_policy for the endpoint_group. + Set the network_service_policy for the policy_target_group. """ pass @abc.abstractmethod def add_subnet(self, subnet_id): - """Add the subnet to the endpoint_group. + """Add the subnet to the policy_target_group. - :param subnet_id: Subnet to which endpoint_group is mapped. + :param subnet_id: Subnet to which policy_target_group is mapped. Add a neutron subnet to the set of subnets to which the - endpoint_group is mapped. + policy_target_group is mapped. """ pass @@ -242,7 +243,7 @@ class NetworkServicePolicyContext(object): class PolicyClassifierContext(object): """Context passed to policy engine for policy_classifier resource changes. - An PolicyClassifierContext instance wraps an policy_classifier resource. + An PolicyClassifierContext instance wraps a policy_classifier resource. It provides helper methods for accessing other relevant information. Results from expensive operations are cached for convenient access. """ @@ -272,7 +273,7 @@ class PolicyClassifierContext(object): class PolicyActionContext(object): """Context passed to policy engine for policy_action resource changes. - An PolicyActionContext instance wraps an policy_action resource. + An PolicyActionContext instance wraps a policy_action resource. It provides helper methods for accessing other relevant information. Results from expensive operations are cached for convenient access. """ @@ -301,7 +302,7 @@ class PolicyActionContext(object): class PolicyRuleContext(object): """Context passed to policy engine for policy_rule resource changes. - An PolicyRuleContext instance wraps an policy_rule resource. + An PolicyRuleContext instance wraps a policy_rule resource. It provides helper methods for accessing other relevant information. Results from expensive operations are cached for convenient access. """ @@ -328,30 +329,30 @@ class PolicyRuleContext(object): @six.add_metaclass(abc.ABCMeta) -class ContractContext(object): - """Context passed to policy engine for changes to contract resources. +class PolicyRuleSetContext(object): + """Context passed to policy engine for changes to policy_rule_set resources. - An ContractContext instance wraps an contract resource. It provides - helper methods for accessing other relevant information. Results + PolicyRuleSetContext instance wraps a policy_rule_set resource. It + provides helper methods for accessing other relevant information. Results from expensive operations are cached for convenient access. """ @abc.abstractproperty def current(self): - """Return the current state of the contract. + """Return the current state of the policy_rule_set. - Return the current state of the contract, as defined by - GroupPolicyPlugin.create_contract. + Return the current state of the policy_rule_set, as defined by + GroupPolicyPlugin.create_policy_rule_set. """ pass @abc.abstractproperty def original(self): - """Return the original state of the contract. + """Return the original state of the policy_rule_set. - Return the original state of the contract, prior to a call to - update_contract. Method is only valid within calls to - update_contract_precommit and update_contract_postcommit. + Return the original state of the policy_rule_set, prior to a call to + update_policy_rule_set. Method is only valid within calls to + update_policy_rule_set_precommit and update_policy_rule_set_postcommit. """ pass @@ -388,103 +389,105 @@ class PolicyDriver(object): """ pass - def create_endpoint_precommit(self, context): - """Allocate resources for a new endpoint. + def create_policy_target_precommit(self, context): + """Allocate resources for a new policy_target. - :param context: EndpointContext instance describing the new - endpoint. + :param context: PolicyTargetContext instance describing the new + policy_target. """ pass - def create_endpoint_postcommit(self, context): - """Create a endpoint. + def create_policy_target_postcommit(self, context): + """Create a policy_target. - :param context: EndpointContext instance describing the new - endpoint. + :param context: PolicyTargetContext instance describing the new + policy_target. """ pass - def update_endpoint_precommit(self, context): - """Update resources of a endpoint. + def update_policy_target_precommit(self, context): + """Update resources of a policy_target. - :param context: EndpointContext instance describing the new - state of the endpoint, as well as the original state prior - to the update_endpoint call. + :param context: PolicyTargetContext instance describing the new + state of the policy_target, as well as the original state prior + to the update_policy_target call. """ pass - def update_endpoint_postcommit(self, context): - """Update a endpoint. + def update_policy_target_postcommit(self, context): + """Update a policy_target. - :param context: EndpointContext instance describing the new - state of the endpoint, as well as the original state prior - to the update_endpoint call. + :param context: PolicyTargetContext instance describing the new + state of the policy_target, as well as the original state prior + to the update_policy_target call. """ pass - def delete_endpoint_precommit(self, context): - """Delete resources for a endpoint. + def delete_policy_target_precommit(self, context): + """Delete resources for a policy_target. - :param context: EndpointContext instance describing the current - state of the endpoint, prior to the call to delete it. + :param context: PolicyTargetContext instance describing the current + state of the policy_target, prior to the call to delete it. """ pass - def delete_endpoint_postcommit(self, context): - """Delete a endpoint. + def delete_policy_target_postcommit(self, context): + """Delete a policy_target. - :param context: EndpointContext instance describing the current - state of the endpoint, prior to the call to delete it. + :param context: PolicyTargetContext instance describing the current + state of the policy_target, prior to the call to delete it. """ pass - def create_endpoint_group_precommit(self, context): - """Allocate resources for a new endpoint_group. + def create_policy_target_group_precommit(self, context): + """Allocate resources for a new policy_target_group. - :param context: EndpointGroupContext instance describing the new - endpoint_group. + :param context: PolicyTargetGroupContext instance describing the new + policy_target_group. """ pass - def create_endpoint_group_postcommit(self, context): - """Create a endpoint_group. + def create_policy_target_group_postcommit(self, context): + """Create a policy_target_group. - :param context: EndpointGroupContext instance describing the new - endpoint_group. + :param context: PolicyTargetGroupContext instance describing the new + policy_target_group. """ pass - def update_endpoint_group_precommit(self, context): - """Update resources of a endpoint_group. + def update_policy_target_group_precommit(self, context): + """Update resources of a policy_target_group. - :param context: EndpointGroupContext instance describing the new - state of the endpoint_group, as well as the original state prior - to the update_endpoint_group call. + :param context: PolicyTargetGroupContext instance describing the new + state of the policy_target_group, as well as the original state prior + to the update_policy_target_group call. """ pass - def update_endpoint_group_postcommit(self, context): - """Update a endpoint_group. + def update_policy_target_group_postcommit(self, context): + """Update a policy_target_group. - :param context: EndpointGroupContext instance describing the new - state of the endpoint_group, as well as the original state prior - to the update_endpoint_group call. + :param context: PolicyTargetGroupContext instance describing the new + state of the policy_target_group, as well as the original state prior + to the update_policy_target_group call. """ pass - def delete_endpoint_group_precommit(self, context): - """Delete resources for a endpoint_group. + def delete_policy_target_group_precommit(self, context): + """Delete resources for a policy_target_group. - :param context: EndpointGroupContext instance describing the current - state of the endpoint_group, prior to the call to delete it. + :param context: PolicyTargetGroupContext instance describing the + current state of the policy_target_group, prior to the call to delete + it. """ pass - def delete_endpoint_group_postcommit(self, context): - """Delete a endpoint_group. + def delete_policy_target_group_postcommit(self, context): + """Delete a policy_target_group. - :param context: EndpointGroupContext instance describing the current - state of the endpoint_group, prior to the call to delete it. + :param context: PolicyTargetGroupContext instance describing the + current state of the policy_target_group, prior to the call to delete + it. """ pass @@ -738,53 +741,53 @@ class PolicyDriver(object): """ pass - def create_contract_precommit(self, context): - """Allocate resources for a new contract. + def create_policy_rule_set_precommit(self, context): + """Allocate resources for a new policy_rule_set. - :param context: ContractContext instance describing the new - contract. + :param context: PolicyRuleSetContext instance describing the new + policy_rule_set. """ pass - def create_contract_postcommit(self, context): - """Create a contract. + def create_policy_rule_set_postcommit(self, context): + """Create a policy_rule_set. - :param context: ContractContext instance describing the new - contract. + :param context: PolicyRuleSetContext instance describing the new + policy_rule_set. """ pass - def update_contract_precommit(self, context): - """Update resources of a contract. + def update_policy_rule_set_precommit(self, context): + """Update resources of a policy_rule_set. - :param context: ContractContext instance describing the new - state of the contract, as well as the original state prior - to the update_contract call. + :param context: PolicyRuleSetContext instance describing the new + state of the policy_rule_set, as well as the original state prior + to the update_policy_rule_set call. """ pass - def update_contract_postcommit(self, context): - """Update a contract. + def update_policy_rule_set_postcommit(self, context): + """Update a policy_rule_set. - :param context: ContractContext instance describing the new - state of the contract, as well as the original state prior - to the update_contract call. + :param context: PolicyRuleSetContext instance describing the new + state of the policy_rule_set, as well as the original state prior + to the update_policy_rule_set call. """ pass - def delete_contract_precommit(self, context): - """Delete resources for a contract. + def delete_policy_rule_set_precommit(self, context): + """Delete resources for a policy_rule_set. - :param context: ContractContext instance describing the current - state of the contract, prior to the call to delete it. + :param context: PolicyRuleSetContext instance describing the current + state of the policy_rule_set, prior to the call to delete it. """ pass - def delete_contract_postcommit(self, context): - """Delete a contract. + def delete_policy_rule_set_postcommit(self, context): + """Delete a policy_rule_set. - :param context: ContractContext instance describing the current - state of the contract, prior to the call to delete it. + :param context: PolicyRuleSetContext instance describing the current + state of the policy_rule_set, prior to the call to delete it. """ pass diff --git a/gbp/neutron/services/grouppolicy/plugin.py b/gbp/neutron/services/grouppolicy/plugin.py index 18e9ac84c..1b2f3c351 100644 --- a/gbp/neutron/services/grouppolicy/plugin.py +++ b/gbp/neutron/services/grouppolicy/plugin.py @@ -39,134 +39,139 @@ class GroupPolicyPlugin(group_policy_mapping_db.GroupPolicyMappingDbPlugin): self.policy_driver_manager.initialize() @log.log - def create_endpoint(self, context, endpoint): - session = context.session - with session.begin(subtransactions=True): - result = super(GroupPolicyPlugin, self).create_endpoint(context, - endpoint) - policy_context = p_context.EndpointContext(self, context, result) - self.policy_driver_manager.create_endpoint_precommit( - policy_context) - - try: - self.policy_driver_manager.create_endpoint_postcommit( - policy_context) - except gp_exc.GroupPolicyDriverError: - with excutils.save_and_reraise_exception(): - LOG.error(_("create_endpoint_postcommit " - "failed, deleting endpoint '%s'"), result['id']) - self.delete_endpoint(context, result['id']) - - return result - - @log.log - def update_endpoint(self, context, endpoint_id, endpoint): - session = context.session - with session.begin(subtransactions=True): - original_endpoint = super(GroupPolicyPlugin, - self).get_endpoint(context, endpoint_id) - updated_endpoint = super(GroupPolicyPlugin, - self).update_endpoint(context, - endpoint_id, - endpoint) - policy_context = p_context.EndpointContext( - self, context, updated_endpoint, - original_endpoint=original_endpoint) - self.policy_driver_manager.update_endpoint_precommit( - policy_context) - - self.policy_driver_manager.update_endpoint_postcommit(policy_context) - return updated_endpoint - - @log.log - def delete_endpoint(self, context, endpoint_id): - session = context.session - with session.begin(subtransactions=True): - endpoint = self.get_endpoint(context, endpoint_id) - policy_context = p_context.EndpointContext(self, context, endpoint) - self.policy_driver_manager.delete_endpoint_precommit( - policy_context) - super(GroupPolicyPlugin, self).delete_endpoint(context, - endpoint_id) - - try: - self.policy_driver_manager.delete_endpoint_postcommit( - policy_context) - except gp_exc.GroupPolicyDriverError: - with excutils.save_and_reraise_exception(): - LOG.error(_("delete_endpoint_postcommit " - "failed, deleting contract '%s'"), endpoint_id) - - @log.log - def create_endpoint_group(self, context, endpoint_group): + def create_policy_target(self, context, policy_target): session = context.session with session.begin(subtransactions=True): result = super(GroupPolicyPlugin, - self).create_endpoint_group(context, endpoint_group) - policy_context = p_context.EndpointGroupContext(self, context, - result) - self.policy_driver_manager.create_endpoint_group_precommit( + self).create_policy_target(context, policy_target) + policy_context = p_context.PolicyTargetContext(self, context, + result) + self.policy_driver_manager.create_policy_target_precommit( policy_context) try: - self.policy_driver_manager.create_endpoint_group_postcommit( + self.policy_driver_manager.create_policy_target_postcommit( policy_context) except gp_exc.GroupPolicyDriverError: with excutils.save_and_reraise_exception(): - LOG.error(_("create_endpoint_group_postcommit " - "failed, deleting endpoint_group '%s'"), + LOG.error(_("create_policy_target_postcommit " + "failed, deleting policy_target '%s'"), result['id']) - self.delete_endpoint_group(context, result['id']) + self.delete_policy_target(context, result['id']) return result @log.log - def update_endpoint_group(self, context, endpoint_group_id, - endpoint_group): + def update_policy_target(self, context, policy_target_id, policy_target): session = context.session with session.begin(subtransactions=True): - original_endpoint_group = super(GroupPolicyPlugin, - self).get_endpoint_group( - context, endpoint_group_id) - updated_endpoint_group = super(GroupPolicyPlugin, - self).update_endpoint_group( - context, endpoint_group_id, - endpoint_group) - policy_context = p_context.EndpointGroupContext( - self, context, updated_endpoint_group, - original_endpoint_group=original_endpoint_group) - self.policy_driver_manager.update_endpoint_group_precommit( + original_policy_target = super( + GroupPolicyPlugin, self).get_policy_target(context, + policy_target_id) + updated_policy_target = super( + GroupPolicyPlugin, self).update_policy_target( + context, policy_target_id, policy_target) + policy_context = p_context.PolicyTargetContext( + self, context, updated_policy_target, + original_policy_target=original_policy_target) + self.policy_driver_manager.update_policy_target_precommit( policy_context) - self.policy_driver_manager.update_endpoint_group_postcommit( + self.policy_driver_manager.update_policy_target_postcommit( policy_context) - - return updated_endpoint_group + return updated_policy_target @log.log - def delete_endpoint_group(self, context, endpoint_group_id): + def delete_policy_target(self, context, policy_target_id): session = context.session with session.begin(subtransactions=True): - endpoint_group = self.get_endpoint_group(context, - endpoint_group_id) - if endpoint_group['endpoints']: - raise gp_exc.EndpointGroupInUse( - endpoint_group=endpoint_group_id) - policy_context = p_context.EndpointGroupContext(self, context, - endpoint_group) - self.policy_driver_manager.delete_endpoint_group_precommit( + policy_target = self.get_policy_target(context, policy_target_id) + policy_context = p_context.PolicyTargetContext( + self, context, policy_target) + self.policy_driver_manager.delete_policy_target_precommit( policy_context) - super(GroupPolicyPlugin, self).delete_endpoint_group( - context, endpoint_group_id) + super(GroupPolicyPlugin, self).delete_policy_target( + context, policy_target_id) try: - self.policy_driver_manager.delete_endpoint_group_postcommit( + self.policy_driver_manager.delete_policy_target_postcommit( policy_context) except gp_exc.GroupPolicyDriverError: with excutils.save_and_reraise_exception(): - LOG.error(_("delete_endpoint_group_postcommit " - "failed, deleting endpoint_group '%s'"), - endpoint_group_id) + LOG.error(_("delete_policy_target_postcommit " + "failed, deleting policy_rule_set '%s'"), + policy_target_id) + + @log.log + def create_policy_target_group(self, context, policy_target_group): + session = context.session + with session.begin(subtransactions=True): + result = super(GroupPolicyPlugin, + self).create_policy_target_group( + context, policy_target_group) + policy_context = p_context.PolicyTargetGroupContext( + self, context, result) + self.policy_driver_manager.create_policy_target_group_precommit( + policy_context) + + try: + self.policy_driver_manager.create_policy_target_group_postcommit( + policy_context) + except gp_exc.GroupPolicyDriverError: + with excutils.save_and_reraise_exception(): + LOG.error(_("create_policy_target_group_postcommit " + "failed, deleting policy_target_group '%s'"), + result['id']) + self.delete_policy_target_group(context, result['id']) + + return result + + @log.log + def update_policy_target_group(self, context, policy_target_group_id, + policy_target_group): + session = context.session + with session.begin(subtransactions=True): + original_policy_target_group = super( + GroupPolicyPlugin, self).get_policy_target_group( + context, policy_target_group_id) + updated_policy_target_group = super( + GroupPolicyPlugin, self).update_policy_target_group( + context, policy_target_group_id, policy_target_group) + policy_context = p_context.PolicyTargetGroupContext( + self, context, updated_policy_target_group, + original_policy_target_group=original_policy_target_group) + self.policy_driver_manager.update_policy_target_group_precommit( + policy_context) + + self.policy_driver_manager.update_policy_target_group_postcommit( + policy_context) + + return updated_policy_target_group + + @log.log + def delete_policy_target_group(self, context, policy_target_group_id): + session = context.session + with session.begin(subtransactions=True): + policy_target_group = self.get_policy_target_group( + context, policy_target_group_id) + if policy_target_group['policy_targets']: + raise gp_exc.PolicyTargetGroupInUse( + policy_target_group=policy_target_group_id) + policy_context = p_context.PolicyTargetGroupContext( + self, context, policy_target_group) + self.policy_driver_manager.delete_policy_target_group_precommit( + policy_context) + super(GroupPolicyPlugin, self).delete_policy_target_group( + context, policy_target_group_id) + + try: + self.policy_driver_manager.delete_policy_target_group_postcommit( + policy_context) + except gp_exc.GroupPolicyDriverError: + with excutils.save_and_reraise_exception(): + LOG.error(_("delete_policy_target_group_postcommit " + "failed, deleting policy_target_group '%s'"), + policy_target_group_id) @log.log def create_l2_policy(self, context, l2_policy): @@ -255,8 +260,8 @@ class GroupPolicyPlugin(group_policy_mapping_db.GroupPolicyMappingDbPlugin): return result @log.log - def update_network_service_policy( - self, context, network_service_policy_id, network_service_policy): + def update_network_service_policy(self, context, network_service_policy_id, + network_service_policy): session = context.session with session.begin(subtransactions=True): original_network_service_policy = super( @@ -557,58 +562,64 @@ class GroupPolicyPlugin(group_policy_mapping_db.GroupPolicyMappingDbPlugin): " failed, deleting policy_rule '%s'"), id) @log.log - def create_contract(self, context, contract): + def create_policy_rule_set(self, context, policy_rule_set): session = context.session with session.begin(subtransactions=True): - result = super(GroupPolicyPlugin, self).create_contract(context, - contract) - policy_context = p_context.ContractContext(self, context, result) - self.policy_driver_manager.create_contract_precommit( + result = super(GroupPolicyPlugin, + self).create_policy_rule_set( + context, policy_rule_set) + policy_context = p_context.PolicyRuleSetContext( + self, context, result) + self.policy_driver_manager.create_policy_rule_set_precommit( policy_context) try: - self.policy_driver_manager.create_contract_postcommit( + self.policy_driver_manager.create_policy_rule_set_postcommit( policy_context) except gp_exc.GroupPolicyDriverError: with excutils.save_and_reraise_exception(): - LOG.error(_("policy_driver_manager.create_contract_postcommit " - "failed, deleting contract '%s'"), result['id']) - self.delete_contract(context, result['id']) + LOG.error(_( + "policy_driver_manager.create_policy_rule_set_postcommit " + "failed, deleting policy_rule_set '%s'"), result['id']) + self.delete_policy_rule_set(context, result['id']) return result @log.log - def update_contract(self, context, id, contract): + def update_policy_rule_set(self, context, id, policy_rule_set): session = context.session with session.begin(subtransactions=True): - original_contract = super(GroupPolicyPlugin, - self).get_contract(context, id) - updated_contract = super(GroupPolicyPlugin, - self).update_contract(context, id, - contract) - policy_context = p_context.ContractContext( - self, context, updated_contract, - original_contract=original_contract) - self.policy_driver_manager.update_contract_precommit( + original_policy_rule_set = super( + GroupPolicyPlugin, self).get_policy_rule_set(context, id) + updated_policy_rule_set = super( + GroupPolicyPlugin, self).update_policy_rule_set( + context, id, policy_rule_set) + policy_context = p_context.PolicyRuleSetContext( + self, context, updated_policy_rule_set, + original_policy_rule_set=original_policy_rule_set) + self.policy_driver_manager.update_policy_rule_set_precommit( policy_context) - self.policy_driver_manager.update_contract_postcommit(policy_context) - return updated_contract + self.policy_driver_manager.update_policy_rule_set_postcommit( + policy_context) + return updated_policy_rule_set @log.log - def delete_contract(self, context, id): + def delete_policy_rule_set(self, context, id): session = context.session with session.begin(subtransactions=True): - contract = self.get_contract(context, id) - policy_context = p_context.ContractContext(self, context, contract) - self.policy_driver_manager.delete_contract_precommit( + policy_rule_set = self.get_policy_rule_set(context, id) + policy_context = p_context.PolicyRuleSetContext( + self, context, policy_rule_set) + self.policy_driver_manager.delete_policy_rule_set_precommit( policy_context) - super(GroupPolicyPlugin, self).delete_contract(context, id) + super(GroupPolicyPlugin, self).delete_policy_rule_set(context, id) try: - self.policy_driver_manager.delete_contract_postcommit( + self.policy_driver_manager.delete_policy_rule_set_postcommit( policy_context) except gp_exc.GroupPolicyDriverError: with excutils.save_and_reraise_exception(): - LOG.error(_("policy_driver_manager.delete_contract_postcommit " - "failed, deleting contract '%s'"), id) + LOG.error(_( + "policy_driver_manager.delete_policy_rule_set_postcommit " + "failed, deleting policy_rule_set '%s'"), id) diff --git a/gbp/neutron/services/grouppolicy/policy_driver_manager.py b/gbp/neutron/services/grouppolicy/policy_driver_manager.py index 854cf7690..0648c90b9 100644 --- a/gbp/neutron/services/grouppolicy/policy_driver_manager.py +++ b/gbp/neutron/services/grouppolicy/policy_driver_manager.py @@ -32,10 +32,10 @@ class PolicyDriverManager(stevedore.named.NamedExtensionManager): resources. precommit operation: - Notifies all policy drivers during endpoint creation. + Notifies all policy drivers during policy_target creation. Raises neutron.services.grouppolicy.common.GroupPolicyDriverError - if any policy driver create_endpoint_precommit call fails. + if any policy driver create_policy_target_precommit call fails. Called within the database transaction. If a policy driver raises an exception, then a GroupPolicyDriverError is propogated @@ -43,14 +43,14 @@ class PolicyDriverManager(stevedore.named.NamedExtensionManager): that all policy drivers are called in this case. postcommit operation: - Notifies all policy drivers after endpoint creation. + Notifies all policy drivers after policy_target creation. Raises neutron.services.grouppolicy.common.GroupPolicyDriverError - if any policy driver create_endpoint_postcommit call fails. + if any policy driver create_policy_target_postcommit call fails. Called after the database transaction. If a policy driver raises an exception, then a GroupPolicyDriverError is propagated - to the caller, where the endpoint will be deleted, triggering + to the caller, where the policy_target will be deleted, triggering any required cleanup. There is no guarantee that all policy drivers are called in this case. """ @@ -134,42 +134,42 @@ class PolicyDriverManager(stevedore.named.NamedExtensionManager): method=method_name ) - def create_endpoint_precommit(self, context): - self._call_on_drivers("create_endpoint_precommit", context) + def create_policy_target_precommit(self, context): + self._call_on_drivers("create_policy_target_precommit", context) - def create_endpoint_postcommit(self, context): - self._call_on_drivers("create_endpoint_postcommit", context) + def create_policy_target_postcommit(self, context): + self._call_on_drivers("create_policy_target_postcommit", context) - def update_endpoint_precommit(self, context): - self._call_on_drivers("update_endpoint_precommit", context) + def update_policy_target_precommit(self, context): + self._call_on_drivers("update_policy_target_precommit", context) - def update_endpoint_postcommit(self, context): - self._call_on_drivers("update_endpoint_postcommit", context) + def update_policy_target_postcommit(self, context): + self._call_on_drivers("update_policy_target_postcommit", context) - def delete_endpoint_precommit(self, context): - self._call_on_drivers("delete_endpoint_precommit", context) + def delete_policy_target_precommit(self, context): + self._call_on_drivers("delete_policy_target_precommit", context) - def delete_endpoint_postcommit(self, context): - self._call_on_drivers("delete_endpoint_postcommit", context, + def delete_policy_target_postcommit(self, context): + self._call_on_drivers("delete_policy_target_postcommit", context, continue_on_failure=True) - def create_endpoint_group_precommit(self, context): - self._call_on_drivers("create_endpoint_group_precommit", context) + def create_policy_target_group_precommit(self, context): + self._call_on_drivers("create_policy_target_group_precommit", context) - def create_endpoint_group_postcommit(self, context): - self._call_on_drivers("create_endpoint_group_postcommit", context) + def create_policy_target_group_postcommit(self, context): + self._call_on_drivers("create_policy_target_group_postcommit", context) - def update_endpoint_group_precommit(self, context): - self._call_on_drivers("update_endpoint_group_precommit", context) + def update_policy_target_group_precommit(self, context): + self._call_on_drivers("update_policy_target_group_precommit", context) - def update_endpoint_group_postcommit(self, context): - self._call_on_drivers("update_endpoint_group_postcommit", context) + def update_policy_target_group_postcommit(self, context): + self._call_on_drivers("update_policy_target_group_postcommit", context) - def delete_endpoint_group_precommit(self, context): - self._call_on_drivers("delete_endpoint_group_precommit", context) + def delete_policy_target_group_precommit(self, context): + self._call_on_drivers("delete_policy_target_group_precommit", context) - def delete_endpoint_group_postcommit(self, context): - self._call_on_drivers("delete_endpoint_group_postcommit", context, + def delete_policy_target_group_postcommit(self, context): + self._call_on_drivers("delete_policy_target_group_postcommit", context, continue_on_failure=True) def create_l2_policy_precommit(self, context): @@ -292,21 +292,21 @@ class PolicyDriverManager(stevedore.named.NamedExtensionManager): self._call_on_drivers("delete_policy_rule_postcommit", context, continue_on_failure=True) - def create_contract_precommit(self, context): - self._call_on_drivers("create_contract_precommit", context) + def create_policy_rule_set_precommit(self, context): + self._call_on_drivers("create_policy_rule_set_precommit", context) - def create_contract_postcommit(self, context): - self._call_on_drivers("create_contract_postcommit", context) + def create_policy_rule_set_postcommit(self, context): + self._call_on_drivers("create_policy_rule_set_postcommit", context) - def update_contract_precommit(self, context): - self._call_on_drivers("update_contract_precommit", context) + def update_policy_rule_set_precommit(self, context): + self._call_on_drivers("update_policy_rule_set_precommit", context) - def update_contract_postcommit(self, context): - self._call_on_drivers("update_contract_postcommit", context) + def update_policy_rule_set_postcommit(self, context): + self._call_on_drivers("update_policy_rule_set_postcommit", context) - def delete_contract_precommit(self, context): - self._call_on_drivers("delete_contract_precommit", context) + def delete_policy_rule_set_precommit(self, context): + self._call_on_drivers("delete_policy_rule_set_precommit", context) - def delete_contract_postcommit(self, context): - self._call_on_drivers("delete_contract_postcommit", context, + def delete_policy_rule_set_postcommit(self, context): + self._call_on_drivers("delete_policy_rule_set_postcommit", context, continue_on_failure=True) diff --git a/gbp/neutron/services/servicechain/drivers/oneconvergence_servicechain_driver.py b/gbp/neutron/services/servicechain/drivers/oneconvergence_servicechain_driver.py index a898a060e..9c03cdd43 100644 --- a/gbp/neutron/services/servicechain/drivers/oneconvergence_servicechain_driver.py +++ b/gbp/neutron/services/servicechain/drivers/oneconvergence_servicechain_driver.py @@ -44,12 +44,12 @@ class PendingServiceChainInsertions(object): """Encapsulates a ServiceChain Insertion Operation""" def __init__(self, context, node_stacks, chain_instance_id, - provider_epg, consumer_epg, classifier): + provider_ptg, consumer_ptg, classifier): self.context = context self.node_stacks = node_stacks self.chain_instance_id = chain_instance_id - self.provider_epg = provider_epg - self.consumer_epg = consumer_epg + self.provider_ptg = provider_ptg + self.consumer_ptg = consumer_ptg self.classifier = classifier @@ -88,8 +88,8 @@ class OneconvergenceServiceChainDriver(simplechain_driver.SimpleChainDriver): thread_context, node_stacks, context.current['id'], - context.current['provider_epg'], - context.current['consumer_epg'], + context.current['provider_ptg'], + context.current['consumer_ptg'], context.current['classifier']) eventlet.spawn_n(self._process_chain_processing, pendinginsertion) @@ -127,8 +127,8 @@ class OneconvergenceServiceChainDriver(simplechain_driver.SimpleChainDriver): thread_context, node_stacks, context.current['id'], - context.current['provider_epg'], - context.current['consumer_epg'], + context.current['provider_ptg'], + context.current['consumer_ptg'], context.current['classifier']) eventlet.spawn_n(self._process_chain_processing, pendinginsertion) @@ -286,8 +286,8 @@ class OneconvergenceServiceChainDriver(simplechain_driver.SimpleChainDriver): nvsd_action_list = self._create_nvsd_services_action(context, service_ids) - left_group = pending_chain.consumer_epg - right_group = pending_chain.provider_epg + left_group = pending_chain.consumer_ptg + right_group = pending_chain.provider_ptg classifier_id = pending_chain.classifier if nvsd_action_list: policy_id = self.create_nvsd_policy(context, left_group, diff --git a/gbp/neutron/services/servicechain/drivers/simplechain_driver.py b/gbp/neutron/services/servicechain/drivers/simplechain_driver.py index e079d61e1..090ea7e3e 100644 --- a/gbp/neutron/services/servicechain/drivers/simplechain_driver.py +++ b/gbp/neutron/services/servicechain/drivers/simplechain_driver.py @@ -84,7 +84,7 @@ class SimpleChainDriver(object): def update_servicechain_spec_postcommit(self, context): filters = {'servicechain_spec': [context.original['id']]} sc_instances = context._plugin.get_servicechain_instances( - context._plugin_context, filters) + context._plugin_context, filters) if sc_instances: self._update_servicechain_instance(context, sc_instances[0], @@ -122,7 +122,7 @@ class SimpleChainDriver(object): new_spec_id = context.current.get('servicechain_spec') if original_spec_id != new_spec_id: newspec = context._plugin.get_servicechain_spec( - context._plugin_context, new_spec_id) + context._plugin_context, new_spec_id) self._update_servicechain_instance(context, context.current, newspec) @@ -135,17 +135,17 @@ class SimpleChainDriver(object): self._delete_servicechain_instance_stacks(context._plugin_context, context.current['id']) - def _get_epg(self, context, epg_id): + def _get_ptg(self, context, ptg_id): return self._get_resource(self._grouppolicy_plugin, context._plugin_context, - 'endpoint_group', - epg_id) + 'policy_target_group', + ptg_id) - def _get_ep(self, context, ep_id): + def _get_pt(self, context, pt_id): return self._get_resource(self._grouppolicy_plugin, context._plugin_context, - 'endpoint', - ep_id) + 'policy_target', + pt_id) def _get_port(self, context, port_id): return self._get_resource(self._core_plugin, @@ -153,17 +153,17 @@ class SimpleChainDriver(object): 'port', port_id) - def _get_epg_subnet(self, context, epg_id): - epg = self._get_epg(context, epg_id) - return epg.get("subnets")[0] + def _get_ptg_subnet(self, context, ptg_id): + ptg = self._get_ptg(context, ptg_id) + return ptg.get("subnets")[0] - def _get_member_ips(self, context, epg_id): - epg = self._get_epg(context, epg_id) - ep_ids = epg.get("endpoints") + def _get_member_ips(self, context, ptg_id): + ptg = self._get_ptg(context, ptg_id) + pt_ids = ptg.get("policy_targets") member_addresses = [] - for ep_id in ep_ids: - ep = self._get_ep(context, ep_id) - port_id = ep.get("port_id") + for pt_id in pt_ids: + pt = self._get_pt(context, pt_id) + port_id = pt.get("port_id") port = self._get_port(context, port_id) ipAddress = port.get('fixed_ips')[0].get("ip_address") member_addresses.append(ipAddress) @@ -172,7 +172,7 @@ class SimpleChainDriver(object): def _fetch_template_and_params(self, context, sc_instance, sc_spec, sc_node): stack_template = sc_node.get('config') - #TODO(magesh):Raise an exception ?? + # TODO(magesh):Raise an exception ?? if not stack_template: LOG.error(_("Service Config is not defined for the service" " chain Node")) @@ -180,33 +180,33 @@ class SimpleChainDriver(object): stack_template = jsonutils.loads(stack_template) config_param_values = sc_instance.get('config_param_values', {}) stack_params = {} - #config_param_values has the parameters for all Nodes. Only apply - #the ones relevant for this Node + # config_param_values has the parameters for all Nodes. Only apply + # the ones relevant for this Node if config_param_values: config_param_values = jsonutils.loads(config_param_values) config_param_names = sc_spec.get('config_param_names', []) if config_param_names: config_param_names = ast.literal_eval(config_param_names) - #This service chain driver knows how to fill in two parameter values - #for the template at present. - #1)Subnet -> Provider EPG subnet is used - #2)PoolMemberIPs -> List of IP Addresses of all EPs in Provider EPG + # This service chain driver knows how to fill in two parameter values + # for the template at present. + # 1)Subnet -> Provider PTG subnet is used + # 2)PoolMemberIPs -> List of IP Addresses of all PTs in Provider PTG - #TODO(magesh):Process on the basis of ResourceType rather than Name - #eg: Type: OS::Neutron::PoolMember - #Variable number of pool members is not handled yet. We may have to - #dynamically modify the template json to achieve that - provider_epg = sc_instance.get("provider_epg") + # TODO(magesh):Process on the basis of ResourceType rather than Name + # eg: Type: OS::Neutron::PoolMember + # Variable number of pool members is not handled yet. We may have to + # dynamically modify the template json to achieve that + provider_ptg = sc_instance.get("provider_ptg") for key in config_param_names or []: if key == "PoolMemberIPs": - value = self._get_member_ips(context, provider_epg) - #TODO(Magesh):Return one value for now + value = self._get_member_ips(context, provider_ptg) + # TODO(Magesh):Return one value for now if value: value = value[0] config_param_values[key] = value elif key == "Subnet": - value = self._get_epg_subnet(context, provider_epg) + value = self._get_ptg_subnet(context, provider_ptg) config_param_values[key] = value node_params = (stack_template.get('Parameters') or stack_template.get('parameters')) @@ -224,7 +224,7 @@ class SimpleChainDriver(object): context._plugin_context, sc_node_id) stack_template, stack_params = self._fetch_template_and_params( - context, sc_instance, sc_spec, sc_node) + context, sc_instance, sc_spec, sc_node) stack = heatclient.create( "stack_" + sc_instance['name'] + sc_node['name'] @@ -232,8 +232,9 @@ class SimpleChainDriver(object): stack_template, stack_params) - self._insert_chain_stack_db(context._plugin_context.session, - sc_instance['id'], stack['stack']['id']) + self._insert_chain_stack_db( + context._plugin_context.session, sc_instance['id'], + stack['stack']['id']) def _delete_servicechain_instance_stacks(self, context, instance_id): stack_ids = self._get_chain_stacks(context.session, instance_id) @@ -245,7 +246,7 @@ class SimpleChainDriver(object): def _get_instance_by_spec_id(self, context, spec_id): filters = {'servicechain_spec': [spec_id]} return context._plugin.get_servicechain_instances( - context._plugin_context, filters) + context._plugin_context, filters) def _update_servicechain_instance(self, context, sc_instance, newspec): self._delete_servicechain_instance_stacks(context._plugin_context, diff --git a/gbp/neutron/tests/unit/db/grouppolicy/test_group_policy_db.py b/gbp/neutron/tests/unit/db/grouppolicy/test_group_policy_db.py index a0af3451f..2bdc90eee 100644 --- a/gbp/neutron/tests/unit/db/grouppolicy/test_group_policy_db.py +++ b/gbp/neutron/tests/unit/db/grouppolicy/test_group_policy_db.py @@ -58,28 +58,28 @@ class GroupPolicyDBTestBase(object): self.assertEqual(sorted([i['id'] for i in res[resource_plural]]), sorted([i[resource]['id'] for i in items])) - def _get_test_endpoint_attrs(self, name='ep1', description='test ep', - endpoint_group_id=None): + def _get_test_policy_target_attrs( + self, name='pt1', description='test pt', policy_target_group_id=None): attrs = {'name': name, 'description': description, - 'endpoint_group_id': endpoint_group_id, + 'policy_target_group_id': policy_target_group_id, 'tenant_id': self._tenant_id} return attrs - def _get_test_endpoint_group_attrs(self, name='epg1', - description='test epg', - l2_policy_id=None, - provided_contracts=None, - consumed_contracts=None): - pc_ids = cc_ids = [] - if provided_contracts: - pc_ids = [pc_id for pc_id in provided_contracts] - if consumed_contracts: - cc_ids = [cc_id for cc_id in consumed_contracts] + def _get_test_policy_target_group_attrs(self, name='ptg1', + description='test ptg', + l2_policy_id=None, + provided_policy_rule_sets=None, + consumed_policy_rule_sets=None): + pprs_ids = cprs_ids = [] + if provided_policy_rule_sets: + pprs_ids = [pprs_id for pprs_id in provided_policy_rule_sets] + if consumed_policy_rule_sets: + cprs_ids = [cc_id for cc_id in consumed_policy_rule_sets] attrs = {'name': name, 'description': description, 'tenant_id': self._tenant_id, 'l2_policy_id': l2_policy_id, - 'provided_contracts': pc_ids, - 'consumed_contracts': cc_ids} + 'provided_policy_rule_sets': pprs_ids, + 'consumed_policy_rule_sets': cprs_ids} return attrs @@ -145,63 +145,66 @@ class GroupPolicyDBTestBase(object): return attrs - def _get_test_contract_attrs(self, name='contract1', - description='test contract', - child_contracts=None, policy_rules=None): - if not child_contracts: - child_contracts = [] + def _get_test_prs_attrs(self, name='policy_rule_set1', + description='test policy_rule_set', + child_policy_rule_sets=None, + policy_rules=None): + if not child_policy_rule_sets: + child_policy_rule_sets = [] if not policy_rules: policy_rules = [] attrs = {'name': name, 'description': description, 'tenant_id': self._tenant_id, - 'child_contracts': child_contracts, + 'child_policy_rule_sets': child_policy_rule_sets, 'policy_rules': policy_rules} return attrs - def create_endpoint(self, endpoint_group_id=None, - expected_res_status=None, **kwargs): - defaults = {'name': 'ep1', 'description': 'test ep'} + def create_policy_target(self, policy_target_group_id=None, + expected_res_status=None, **kwargs): + defaults = {'name': 'pt1', 'description': 'test pt'} defaults.update(kwargs) - data = {'endpoint': {'endpoint_group_id': endpoint_group_id, - 'tenant_id': self._tenant_id}} - data['endpoint'].update(defaults) + data = {'policy_target': + {'policy_target_group_id': policy_target_group_id, + 'tenant_id': self._tenant_id}} + data['policy_target'].update(defaults) - ep_req = self.new_create_request('endpoints', data, self.fmt) - ep_res = ep_req.get_response(self.ext_api) + pt_req = self.new_create_request('policy_targets', data, self.fmt) + pt_res = pt_req.get_response(self.ext_api) if expected_res_status: - self.assertEqual(ep_res.status_int, expected_res_status) - elif ep_res.status_int >= webob.exc.HTTPClientError.code: - raise webob.exc.HTTPClientError(code=ep_res.status_int) + self.assertEqual(pt_res.status_int, expected_res_status) + elif pt_res.status_int >= webob.exc.HTTPClientError.code: + raise webob.exc.HTTPClientError(code=pt_res.status_int) - ep = self.deserialize(self.fmt, ep_res) + pt = self.deserialize(self.fmt, pt_res) - return ep + return pt - def create_endpoint_group(self, l2_policy_id=None, - expected_res_status=None, **kwargs): - defaults = {'name': 'epg1', 'description': 'test epg', - 'provided_contracts': {}, - 'consumed_contracts': {}} + def create_policy_target_group(self, l2_policy_id=None, + expected_res_status=None, **kwargs): + defaults = {'name': 'ptg1', 'description': 'test ptg', + 'provided_policy_rule_sets': {}, + 'consumed_policy_rule_sets': {}} defaults.update(kwargs) - data = {'endpoint_group': {'tenant_id': self._tenant_id, - 'l2_policy_id': l2_policy_id}} - data['endpoint_group'].update(defaults) + data = {'policy_target_group': {'tenant_id': self._tenant_id, + 'l2_policy_id': l2_policy_id}} + data['policy_target_group'].update(defaults) - epg_req = self.new_create_request('endpoint_groups', data, self.fmt) - epg_res = epg_req.get_response(self.ext_api) + ptg_req = self.new_create_request( + 'policy_target_groups', data, self.fmt) + ptg_res = ptg_req.get_response(self.ext_api) if expected_res_status: - self.assertEqual(epg_res.status_int, expected_res_status) - elif epg_res.status_int >= webob.exc.HTTPClientError.code: - raise webob.exc.HTTPClientError(code=epg_res.status_int) + self.assertEqual(ptg_res.status_int, expected_res_status) + elif ptg_res.status_int >= webob.exc.HTTPClientError.code: + raise webob.exc.HTTPClientError(code=ptg_res.status_int) - epg = self.deserialize(self.fmt, epg_res) + ptg = self.deserialize(self.fmt, ptg_res) - return epg + return ptg def create_l2_policy(self, l3_policy_id=None, expected_res_status=None, **kwargs): @@ -333,26 +336,27 @@ class GroupPolicyDBTestBase(object): return pr - def create_contract(self, expected_res_status=None, **kwargs): - defaults = {'name': 'contract1', 'description': 'test contract', - 'child_contracts': [], 'policy_rules': []} + def create_policy_rule_set(self, expected_res_status=None, **kwargs): + defaults = {'name': 'policy_rule_set1', + 'description': 'test policy_rule_set', + 'child_policy_rule_sets': [], 'policy_rules': []} defaults.update(kwargs) kwargs = defaults - data = {'contract': {'tenant_id': self._tenant_id}} - data['contract'].update(kwargs) + data = {'policy_rule_set': {'tenant_id': self._tenant_id}} + data['policy_rule_set'].update(kwargs) - ct_req = self.new_create_request('contracts', data, self.fmt) - ct_res = ct_req.get_response(self.ext_api) + prs_req = self.new_create_request('policy_rule_sets', data, self.fmt) + prs_res = prs_req.get_response(self.ext_api) if expected_res_status: - self.assertEqual(ct_res.status_int, expected_res_status) - elif ct_res.status_int >= webob.exc.HTTPClientError.code: - raise webob.exc.HTTPClientError(code=ct_res.status_int) + self.assertEqual(prs_res.status_int, expected_res_status) + elif prs_res.status_int >= webob.exc.HTTPClientError.code: + raise webob.exc.HTTPClientError(code=prs_res.status_int) - ct = self.deserialize(self.fmt, ct_res) + prs = self.deserialize(self.fmt, prs_res) - return ct + return prs class GroupPolicyDBTestPlugin(gpdb.GroupPolicyDbPlugin): @@ -398,137 +402,147 @@ class TestGroupResources(GroupPolicyDbTestCase): for k, v in attrs.iteritems(): self.assertEqual(res[resource][k], v) - def test_create_and_show_endpoint(self): - epg_id = self.create_endpoint_group()['endpoint_group']['id'] - attrs = self._get_test_endpoint_attrs(endpoint_group_id=epg_id) + def test_create_and_show_policy_target(self): + ptg_id = self.create_policy_target_group()['policy_target_group']['id'] + attrs = self._get_test_policy_target_attrs( + policy_target_group_id=ptg_id) - ep = self.create_endpoint(endpoint_group_id=epg_id) + pt = self.create_policy_target(policy_target_group_id=ptg_id) for k, v in attrs.iteritems(): - self.assertEqual(ep['endpoint'][k], v) + self.assertEqual(pt['policy_target'][k], v) - req = self.new_show_request('endpoint_groups', epg_id, fmt=self.fmt) + req = self.new_show_request( + 'policy_target_groups', ptg_id, fmt=self.fmt) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual(res['endpoint_group']['endpoints'], - [ep['endpoint']['id']]) + self.assertEqual(res['policy_target_group']['policy_targets'], + [pt['policy_target']['id']]) - self._test_show_resource('endpoint', ep['endpoint']['id'], attrs) + self._test_show_resource( + 'policy_target', pt['policy_target']['id'], attrs) - def test_list_endpoints(self): - eps = [self.create_endpoint(name='ep1', description='ep'), - self.create_endpoint(name='ep2', description='ep'), - self.create_endpoint(name='ep3', description='ep')] - self._test_list_resources('endpoint', eps, - query_params='description=ep') + def test_list_policy_targets(self): + pts = [self.create_policy_target(name='pt1', description='pt'), + self.create_policy_target(name='pt2', description='pt'), + self.create_policy_target(name='pt3', description='pt')] + self._test_list_resources('policy_target', pts, + query_params='description=pt') - def test_update_endpoint(self): - name = 'new_endpoint' + def test_update_policy_target(self): + name = 'new_policy_target' description = 'new desc' - attrs = self._get_test_endpoint_attrs(name=name, - description=description) + attrs = self._get_test_policy_target_attrs(name=name, + description=description) - ep = self.create_endpoint() + pt = self.create_policy_target() - data = {'endpoint': {'name': name, 'description': description}} - req = self.new_update_request('endpoints', data, ep['endpoint']['id']) + data = {'policy_target': {'name': name, 'description': description}} + req = self.new_update_request( + 'policy_targets', data, pt['policy_target']['id']) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) for k, v in attrs.iteritems(): - self.assertEqual(res['endpoint'][k], v) + self.assertEqual(res['policy_target'][k], v) - self._test_show_resource('endpoint', ep['endpoint']['id'], attrs) + self._test_show_resource( + 'policy_target', pt['policy_target']['id'], attrs) - def test_delete_endpoint(self): + def test_delete_policy_target(self): ctx = context.get_admin_context() - ep = self.create_endpoint() - ep_id = ep['endpoint']['id'] + pt = self.create_policy_target() + pt_id = pt['policy_target']['id'] - req = self.new_delete_request('endpoints', ep_id) + req = self.new_delete_request('policy_targets', pt_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) - self.assertRaises(gpolicy.EndpointNotFound, self.plugin.get_endpoint, - ctx, ep_id) + self.assertRaises(gpolicy.PolicyTargetNotFound, + self.plugin.get_policy_target, ctx, pt_id) - def test_create_and_show_endpoint_group(self): - name = "epg1" + def test_create_and_show_policy_target_group(self): + name = "ptg1" l3p = self.create_l3_policy() l3p_id = l3p['l3_policy']['id'] l2p = self.create_l2_policy(name=name, l3_policy_id=l3p_id) l2p_id = l2p['l2_policy']['id'] - provided_ct_id = self.create_contract()['contract']['id'] - consumed_ct_id = self.create_contract()['contract']['id'] - attrs = self._get_test_endpoint_group_attrs(name, - l2_policy_id=l2p_id, - provided_contracts= - [provided_ct_id], - consumed_contracts= - [consumed_ct_id]) + provided_prs_id = ( + self.create_policy_rule_set()['policy_rule_set']['id']) + consumed_prs_id = ( + self.create_policy_rule_set()['policy_rule_set']['id']) + attrs = self._get_test_policy_target_group_attrs( + name, l2_policy_id=l2p_id, + provided_policy_rule_sets=[provided_prs_id], + consumed_policy_rule_sets=[consumed_prs_id]) - epg = self.create_endpoint_group(name=name, l2_policy_id=l2p_id, - provided_contracts={provided_ct_id: - None}, - consumed_contracts={consumed_ct_id: - None}) + ptg = self.create_policy_target_group( + name=name, l2_policy_id=l2p_id, + provided_policy_rule_sets={provided_prs_id: None}, + consumed_policy_rule_sets={consumed_prs_id: None}) for k, v in attrs.iteritems(): - self.assertEqual(epg['endpoint_group'][k], v) + self.assertEqual(ptg['policy_target_group'][k], v) - self._test_show_resource('endpoint_group', epg['endpoint_group']['id'], - attrs) + self._test_show_resource( + 'policy_target_group', ptg['policy_target_group']['id'], attrs) - def test_list_endpoint_groups(self): - epgs = [self.create_endpoint_group(name='epg1', description='epg'), - self.create_endpoint_group(name='epg2', description='epg'), - self.create_endpoint_group(name='epg3', description='epg')] - self._test_list_resources('endpoint_group', epgs, - query_params='description=epg') + def test_list_policy_target_groups(self): + ptgs = ( + [self.create_policy_target_group(name='ptg1', description='ptg'), + self.create_policy_target_group(name='ptg2', description='ptg'), + self.create_policy_target_group(name='ptg3', description='ptg')]) + self._test_list_resources('policy_target_group', ptgs, + query_params='description=ptg') - def test_update_endpoint_group(self): - name = "new_endpoint_group1" + def test_update_policy_target_group(self): + name = "new_policy_target_group1" description = 'new desc' l3p_id = self.create_l3_policy()['l3_policy']['id'] l2p_id = self.create_l2_policy(l3_policy_id=l3p_id)['l2_policy']['id'] - attrs = self._get_test_endpoint_group_attrs(name=name, - description=description, - l2_policy_id=l2p_id) - ct1_id = self.create_contract(name='contract1')['contract']['id'] - ct2_id = self.create_contract(name='contract2')['contract']['id'] - epg = self.create_endpoint_group(consumed_contracts={ct1_id: 'scope'}, - provided_contracts={ct2_id: 'scope'}) - ct3_id = self.create_contract(name='contract3')['contract']['id'] - ct4_id = self.create_contract(name='contract4')['contract']['id'] - data = {'endpoint_group': {'name': name, 'description': description, - 'l2_policy_id': l2p_id, - 'provided_contracts': {ct3_id: 'scope'}, - 'consumed_contracts': {ct4_id: 'scope'}}} - req = self.new_update_request('endpoint_groups', data, - epg['endpoint_group']['id']) + attrs = self._get_test_policy_target_group_attrs( + name=name, description=description, l2_policy_id=l2p_id) + ct1_id = self.create_policy_rule_set( + name='policy_rule_set1')['policy_rule_set']['id'] + ct2_id = self.create_policy_rule_set( + name='policy_rule_set2')['policy_rule_set']['id'] + ptg = self.create_policy_target_group( + consumed_policy_rule_sets={ct1_id: 'scope'}, + provided_policy_rule_sets={ct2_id: 'scope'}) + ct3_id = self.create_policy_rule_set( + name='policy_rule_set3')['policy_rule_set']['id'] + ct4_id = self.create_policy_rule_set( + name='policy_rule_set4')['policy_rule_set']['id'] + data = {'policy_target_group': + {'name': name, 'description': description, + 'l2_policy_id': l2p_id, + 'provided_policy_rule_sets': {ct3_id: 'scope'}, + 'consumed_policy_rule_sets': {ct4_id: 'scope'}}} + req = self.new_update_request('policy_target_groups', data, + ptg['policy_target_group']['id']) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) - attrs['provided_contracts'] = [ct3_id] - attrs['consumed_contracts'] = [ct4_id] + attrs['provided_policy_rule_sets'] = [ct3_id] + attrs['consumed_policy_rule_sets'] = [ct4_id] for k, v in attrs.iteritems(): - self.assertEqual(res['endpoint_group'][k], v) + self.assertEqual(res['policy_target_group'][k], v) - self._test_show_resource('endpoint_group', - epg['endpoint_group']['id'], attrs) + self._test_show_resource('policy_target_group', + ptg['policy_target_group']['id'], attrs) - def test_delete_endpoint_group(self): + def test_delete_policy_target_group(self): ctx = context.get_admin_context() - epg = self.create_endpoint_group() - epg_id = epg['endpoint_group']['id'] + ptg = self.create_policy_target_group() + ptg_id = ptg['policy_target_group']['id'] - req = self.new_delete_request('endpoint_groups', epg_id) + req = self.new_delete_request('policy_target_groups', ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) - self.assertRaises(gpolicy.EndpointGroupNotFound, - self.plugin.get_endpoint_group, ctx, epg_id) + self.assertRaises(gpolicy.PolicyTargetGroupNotFound, + self.plugin.get_policy_target_group, ctx, ptg_id) def test_create_and_show_l2_policy(self): l3p_id = self.create_l3_policy()['l3_policy']['id'] @@ -920,26 +934,26 @@ class TestGroupResources(GroupPolicyDbTestCase): self.assertRaises(gpolicy.PolicyRuleNotFound, self.plugin.get_policy_rule, ctx, pr_id) - def test_create_and_show_contract(self): - name = "contract1" - attrs = self._get_test_contract_attrs(name=name) + def test_create_and_show_policy_rule_set(self): + name = "policy_rule_set1" + attrs = self._get_test_prs_attrs(name=name) - ct = self.create_contract(name=name) + prs = self.create_policy_rule_set(name=name) for k, v in attrs.iteritems(): - self.assertEqual(ct['contract'][k], v) + self.assertEqual(prs['policy_rule_set'][k], v) - req = self.new_show_request('contracts', ct['contract']['id'], - fmt=self.fmt) + req = self.new_show_request( + 'policy_rule_sets', prs['policy_rule_set']['id'], fmt=self.fmt) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) for k, v in attrs.iteritems(): - self.assertEqual(res['contract'][k], v) + self.assertEqual(res['policy_rule_set'][k], v) - self._test_show_resource('contract', - ct['contract']['id'], attrs) + self._test_show_resource('policy_rule_set', + prs['policy_rule_set']['id'], attrs) - def test_create_contract_with_multiple_rules_children(self, **kwargs): + def test_create_prs_with_multiple_rules_children(self, **kwargs): policy_classifiers = [ self.create_policy_classifier()['policy_classifier']['id'], self.create_policy_classifier()['policy_classifier']['id']] @@ -950,109 +964,119 @@ class TestGroupResources(GroupPolicyDbTestCase): self.create_policy_rule( policy_classifier_id= policy_classifiers[1])['policy_rule']['id']]) - child_contracts = sorted([self.create_contract()['contract']['id'], - self.create_contract()['contract']['id']]) - attrs = self._get_test_contract_attrs( - policy_rules=policy_rules, child_contracts=child_contracts) - ct = self.create_contract(policy_rules=policy_rules, - child_contracts=child_contracts) + child_policy_rule_sets = sorted( + [self.create_policy_rule_set()['policy_rule_set']['id'], + self.create_policy_rule_set()['policy_rule_set']['id']]) + attrs = self._get_test_prs_attrs( + policy_rules=policy_rules, + child_policy_rule_sets=child_policy_rule_sets) + prs = self.create_policy_rule_set( + policy_rules=policy_rules, + child_policy_rule_sets=child_policy_rule_sets) - req = self.new_show_request('contracts', ct['contract']['id'], + req = self.new_show_request('policy_rule_sets', + prs['policy_rule_set']['id'], fmt=self.fmt) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) - parent_id = res['contract']['id'] - res['contract']['policy_rules'] = sorted( - res['contract']['policy_rules']) - res['contract']['child_contracts'] = sorted( - res['contract']['child_contracts']) + parent_id = res['policy_rule_set']['id'] + res['policy_rule_set']['policy_rules'] = sorted( + res['policy_rule_set']['policy_rules']) + res['policy_rule_set']['child_policy_rule_sets'] = sorted( + res['policy_rule_set']['child_policy_rule_sets']) for k, v in attrs.iteritems(): - self.assertEqual(res['contract'][k], v) + self.assertEqual(res['policy_rule_set'][k], v) - req = self.new_show_request('contracts', child_contracts[0], + req = self.new_show_request('policy_rule_sets', + child_policy_rule_sets[0], fmt=self.fmt) c1 = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual(c1['contract']['parent_id'], parent_id) - req = self.new_show_request('contracts', child_contracts[1], + self.assertEqual(c1['policy_rule_set']['parent_id'], parent_id) + req = self.new_show_request('policy_rule_sets', + child_policy_rule_sets[1], fmt=self.fmt) c2 = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual(c2['contract']['parent_id'], parent_id) + self.assertEqual(c2['policy_rule_set']['parent_id'], parent_id) - def test_create_child_contract_fail(self, **kwargs): - self.create_contract(child_contracts=[ + def test_create_child_prs_fail(self, **kwargs): + self.create_policy_rule_set(child_policy_rule_sets=[ '00000000-ffff-ffff-ffff-000000000000'], expected_res_status=webob.exc.HTTPNotFound.code) - def test_list_contracts(self): - contracts = [ - self.create_contract(name='ct1', description='ct'), - self.create_contract(name='ct2', description='ct'), - self.create_contract(name='ct3', description='ct')] - self._test_list_resources('contract', contracts, + def test_list_policy_rule_sets(self): + policy_rule_sets = [ + self.create_policy_rule_set(name='ct1', description='ct'), + self.create_policy_rule_set(name='ct2', description='ct'), + self.create_policy_rule_set(name='ct3', description='ct')] + self._test_list_resources('policy_rule_set', policy_rule_sets, query_params='description=ct') - def test_update_contract(self): - name = "new_contract" + def test_update_policy_rule_set(self): + name = "new_policy_rule_set" description = 'new desc' pc_id = self.create_policy_classifier()['policy_classifier']['id'] policy_rules = [self.create_policy_rule( policy_classifier_id=pc_id)['policy_rule']['id']] - child_contracts = [self.create_contract()['contract']['id']] - ct = self.create_contract(child_contracts=child_contracts, - policy_rules=policy_rules) - child_contracts = [self.create_contract()['contract']['id']] + child_policy_rule_sets = [ + self.create_policy_rule_set()['policy_rule_set']['id']] + prs = self.create_policy_rule_set( + child_policy_rule_sets=child_policy_rule_sets, + policy_rules=policy_rules) + child_policy_rule_sets = [ + self.create_policy_rule_set()['policy_rule_set']['id']] policy_rules = [self.create_policy_rule( policy_classifier_id=pc_id)['policy_rule']['id']] - attrs = self._get_test_contract_attrs( + attrs = self._get_test_prs_attrs( name=name, description=description, policy_rules=policy_rules, - child_contracts=child_contracts) - data = {'contract': {'name': name, 'description': description, - 'policy_rules': policy_rules, - 'child_contracts': child_contracts}} + child_policy_rule_sets=child_policy_rule_sets) + data = {'policy_rule_set': + {'name': name, 'description': description, + 'policy_rules': policy_rules, + 'child_policy_rule_sets': child_policy_rule_sets}} - req = self.new_update_request('contracts', data, - ct['contract']['id']) + req = self.new_update_request('policy_rule_sets', data, + prs['policy_rule_set']['id']) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) for k, v in attrs.iteritems(): - self.assertEqual(res['contract'][k], v) + self.assertEqual(res['policy_rule_set'][k], v) - self._test_show_resource('contract', - ct['contract']['id'], attrs) + self._test_show_resource('policy_rule_set', + prs['policy_rule_set']['id'], attrs) - def test_delete_contract(self): + def test_delete_policy_rule_set(self): ctx = context.get_admin_context() - ct = self.create_contract() - ct_id = ct['contract']['id'] + prs = self.create_policy_rule_set() + prs_id = prs['policy_rule_set']['id'] - req = self.new_delete_request('contracts', ct_id) + req = self.new_delete_request('policy_rule_sets', prs_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) - self.assertRaises(gpolicy.ContractNotFound, - self.plugin.get_contract, ctx, ct_id) + self.assertRaises(gpolicy.PolicyRuleSetNotFound, + self.plugin.get_policy_rule_set, ctx, prs_id) - def test_contract_one_hierarchy_children(self): - child = self.create_contract()['contract'] - parent = self.create_contract( - child_contracts = [child['id']])['contract'] - self.create_contract( - child_contracts = [parent['id']], + def test_prs_one_hierarchy_children(self): + child = self.create_policy_rule_set()['policy_rule_set'] + parent = self.create_policy_rule_set( + child_policy_rule_sets=[child['id']])['policy_rule_set'] + self.create_policy_rule_set( + child_policy_rule_sets=[parent['id']], expected_res_status=webob.exc.HTTPBadRequest.code) - def test_contract_one_hierarchy_parent(self): - child = self.create_contract()['contract'] + def test_prs_one_hierarchy_parent(self): + child = self.create_policy_rule_set()['policy_rule_set'] # parent - self.create_contract( - child_contracts = [child['id']])['contract'] - nephew = self.create_contract()['contract'] - data = {'contract': {'child_contracts': [nephew['id']]}} - req = self.new_update_request('contracts', data, child['id']) + self.create_policy_rule_set( + child_policy_rule_sets=[child['id']])['policy_rule_set'] + nephew = self.create_policy_rule_set()['policy_rule_set'] + data = {'policy_rule_set': {'child_policy_rule_sets': [nephew['id']]}} + req = self.new_update_request('policy_rule_sets', data, child['id']) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPBadRequest.code) - def test_contract_parent_no_loop(self): - ct = self.create_contract()['contract'] - data = {'contract': {'child_contracts': [ct['id']]}} - req = self.new_update_request('contracts', data, ct['id']) + def test_prs_parent_no_loop(self): + prs = self.create_policy_rule_set()['policy_rule_set'] + data = {'policy_rule_set': {'child_policy_rule_sets': [prs['id']]}} + req = self.new_update_request('policy_rule_sets', data, prs['id']) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPBadRequest.code) diff --git a/gbp/neutron/tests/unit/db/grouppolicy/test_group_policy_mapping_db.py b/gbp/neutron/tests/unit/db/grouppolicy/test_group_policy_mapping_db.py index 7c9cc2b17..749fda07b 100644 --- a/gbp/neutron/tests/unit/db/grouppolicy/test_group_policy_mapping_db.py +++ b/gbp/neutron/tests/unit/db/grouppolicy/test_group_policy_mapping_db.py @@ -50,24 +50,26 @@ class GroupPolicyMappingDbTestCase(tgpdb.GroupPolicyDbTestCase, service_plugins=service_plugins ) - def _get_test_endpoint_attrs(self, name='ep1', description='test ep', - endpoint_group_id=None, port_id=None): + def _get_test_policy_target_attrs(self, name='pt1', + description='test pt', + policy_target_group_id=None, + port_id=None): attrs = (super(GroupPolicyMappingDbTestCase, self). - _get_test_endpoint_attrs(name, description, - endpoint_group_id)) + _get_test_policy_target_attrs(name, description, + policy_target_group_id)) attrs.update({'port_id': port_id}) return attrs - def _get_test_endpoint_group_attrs(self, name='epg1', - description='test epg', - l2_policy_id=None, - provided_contracts=None, - consumed_contracts=None, subnets=None): + def _get_test_policy_target_group_attrs(self, name='ptg1', + description='test ptg', + l2_policy_id=None, + provided_policy_rule_sets=None, + consumed_policy_rule_sets=None, + subnets=None): attrs = (super(GroupPolicyMappingDbTestCase, self). - _get_test_endpoint_group_attrs(name, description, - l2_policy_id, - provided_contracts, - consumed_contracts)) + _get_test_policy_target_group_attrs( + name, description, l2_policy_id, + provided_policy_rule_sets, consumed_policy_rule_sets)) attrs.update({'subnets': subnets or []}) return attrs @@ -97,62 +99,62 @@ class TestMappedGroupResources(GroupPolicyMappingDbTestCase, class TestMappedGroupResourceAttrs(GroupPolicyMappingDbTestCase): - def test_create_delete_endpoint_with_port(self): + def test_create_delete_policy_target_with_port(self): with self.port() as port: port_id = port['port']['id'] - ep = self.create_endpoint(port_id=port_id) - ep_id = ep['endpoint']['id'] - self.assertEqual(port_id, ep['endpoint']['port_id']) - req = self.new_show_request('endpoints', ep_id, fmt=self.fmt) + pt = self.create_policy_target(port_id=port_id) + pt_id = pt['policy_target']['id'] + self.assertEqual(port_id, pt['policy_target']['port_id']) + req = self.new_show_request('policy_targets', pt_id, fmt=self.fmt) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual(port_id, res['endpoint']['port_id']) - req = self.new_delete_request('endpoints', ep_id) + self.assertEqual(port_id, res['policy_target']['port_id']) + req = self.new_delete_request('policy_targets', pt_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) - def test_create_delete_endpoint_group_with_subnets(self): + def test_create_delete_policy_target_group_with_subnets(self): with contextlib.nested(self.subnet(cidr='10.10.1.0/24'), self.subnet(cidr='10.10.2.0/24')) as ( subnet1, subnet2): subnets = [subnet1['subnet']['id'], subnet2['subnet']['id']] - epg = self.create_endpoint_group(subnets=subnets) - epg_id = epg['endpoint_group']['id'] + ptg = self.create_policy_target_group(subnets=subnets) + ptg_id = ptg['policy_target_group']['id'] self.assertEqual(sorted(subnets), - sorted(epg['endpoint_group']['subnets'])) - req = self.new_show_request('endpoint_groups', epg_id, + sorted(ptg['policy_target_group']['subnets'])) + req = self.new_show_request('policy_target_groups', ptg_id, fmt=self.fmt) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) self.assertEqual(sorted(subnets), - sorted(res['endpoint_group']['subnets'])) - req = self.new_delete_request('endpoint_groups', epg_id) + sorted(res['policy_target_group']['subnets'])) + req = self.new_delete_request('policy_target_groups', ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) - def test_update_endpoint_group_subnets(self): + def test_update_policy_target_group_subnets(self): with contextlib.nested(self.subnet(cidr='10.10.1.0/24'), self.subnet(cidr='10.10.2.0/24'), self.subnet(cidr='10.10.3.0/24')) as ( subnet1, subnet2, subnet3): orig_subnets = [subnet1['subnet']['id'], subnet2['subnet']['id']] - epg = self.create_endpoint_group(subnets=orig_subnets) - epg_id = epg['endpoint_group']['id'] + ptg = self.create_policy_target_group(subnets=orig_subnets) + ptg_id = ptg['policy_target_group']['id'] self.assertEqual(sorted(orig_subnets), - sorted(epg['endpoint_group']['subnets'])) + sorted(ptg['policy_target_group']['subnets'])) new_subnets = [subnet1['subnet']['id'], subnet3['subnet']['id']] - data = {'endpoint_group': {'subnets': new_subnets}} - req = self.new_update_request('endpoint_groups', data, epg_id) + data = {'policy_target_group': {'subnets': new_subnets}} + req = self.new_update_request('policy_target_groups', data, ptg_id) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) self.assertEqual(sorted(new_subnets), - sorted(res['endpoint_group']['subnets'])) - req = self.new_show_request('endpoint_groups', epg_id, + sorted(res['policy_target_group']['subnets'])) + req = self.new_show_request('policy_target_groups', ptg_id, fmt=self.fmt) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) self.assertEqual(sorted(new_subnets), - sorted(res['endpoint_group']['subnets'])) + sorted(res['policy_target_group']['subnets'])) # REVISIT(rkukura): Remove delete once subnet() context # manager is replaced with a function that does not delete # the resource(s) that are created. - req = self.new_delete_request('endpoint_groups', epg_id) + req = self.new_delete_request('policy_target_groups', ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) diff --git a/gbp/neutron/tests/unit/db/grouppolicy/test_servicechain_db.py b/gbp/neutron/tests/unit/db/grouppolicy/test_servicechain_db.py index d0a2f1c22..d83d218d2 100644 --- a/gbp/neutron/tests/unit/db/grouppolicy/test_servicechain_db.py +++ b/gbp/neutron/tests/unit/db/grouppolicy/test_servicechain_db.py @@ -68,8 +68,8 @@ class ServiceChainDBTestBase(object): return attrs def _get_test_servicechain_spec_attrs(self, name='scs1', - description='test scs', - nodes=None): + description='test scs', + nodes=None): node_ids = [] if nodes: node_ids = [node_id for node_id in nodes] @@ -80,18 +80,18 @@ class ServiceChainDBTestBase(object): return attrs def _get_test_servicechain_instance_attrs(self, name='sci1', - description='test sci', - config_param_values="{}", - servicechain_spec=None, - provider_epg=None, - consumer_epg=None, - classifier=None): + description='test sci', + config_param_values="{}", + servicechain_spec=None, + provider_ptg=None, + consumer_ptg=None, + classifier=None): attrs = {'name': name, 'description': description, 'tenant_id': self._tenant_id, 'config_param_values': config_param_values, 'servicechain_spec': servicechain_spec, - 'provider_epg': provider_epg, - 'consumer_epg': consumer_epg, + 'provider_ptg': provider_ptg, + 'consumer_ptg': consumer_ptg, 'classifier': classifier} return attrs @@ -142,19 +142,19 @@ class ServiceChainDBTestBase(object): def create_servicechain_instance(self, servicechain_spec=None, config_param_values="{}", - provider_epg=None, - consumer_epg=None, + provider_ptg=None, + consumer_ptg=None, classifier=None, expected_res_status=None, **kwargs): defaults = {'name': 'sci1', 'description': 'test sci'} defaults.update(kwargs) - data = {'servicechain_instance': { - 'config_param_values': config_param_values, - 'servicechain_spec': servicechain_spec, - 'tenant_id': self._tenant_id, - 'provider_epg': provider_epg, - 'consumer_epg': consumer_epg, - 'classifier': classifier}} + data = {'servicechain_instance': + {'config_param_values': config_param_values, + 'servicechain_spec': servicechain_spec, + 'tenant_id': self._tenant_id, + 'provider_ptg': provider_ptg, + 'consumer_ptg': consumer_ptg, + 'classifier': classifier}} data['servicechain_instance'].update(defaults) sci_req = self.new_create_request('servicechain_instances', @@ -181,7 +181,7 @@ DB_GP_PLUGIN_KLASS = (ServiceChainDBTestPlugin.__module__ + '.' + class ServiceChainDbTestCase(ServiceChainDBTestBase, - test_db_plugin.NeutronDbPluginV2TestCase): + test_db_plugin.NeutronDbPluginV2TestCase): def setUp(self, core_plugin=None, sc_plugin=None, service_plugins=None, ext_mgr=None): @@ -216,10 +216,10 @@ class TestServiceChainResources(ServiceChainDbTestCase): def test_create_and_show_servicechain_node(self): attrs = self._get_test_servicechain_node_attrs( - service_type=constants.LOADBALANCER, config="config1") + service_type=constants.LOADBALANCER, config="config1") scn = self.create_servicechain_node( - service_type=constants.LOADBALANCER, config="config1") + service_type=constants.LOADBALANCER, config="config1") for k, v in attrs.iteritems(): self.assertEqual(scn['servicechain_node'][k], v) @@ -230,8 +230,8 @@ class TestServiceChainResources(ServiceChainDbTestCase): def test_list_servicechain_nodes(self): scns = [self.create_servicechain_node(name='scn1', description='scn'), - self.create_servicechain_node(name='scn2', description='scn'), - self.create_servicechain_node(name='scn3', description='scn')] + self.create_servicechain_node(name='scn2', description='scn'), + self.create_servicechain_node(name='scn3', description='scn')] self._test_list_resources('servicechain_node', scns, query_params='description=scn') @@ -327,22 +327,18 @@ class TestServiceChainResources(ServiceChainDbTestCase): def test_create_and_show_servicechain_instance(self): scs_id = self.create_servicechain_spec()['servicechain_spec']['id'] - endpoint_group_id = uuidutils.generate_uuid() + policy_target_group_id = uuidutils.generate_uuid() classifier_id = uuidutils.generate_uuid() config_param_values = "{}" attrs = self._get_test_servicechain_instance_attrs( - servicechain_spec=scs_id, - provider_epg=endpoint_group_id, - consumer_epg=endpoint_group_id, - classifier=classifier_id, - config_param_values=config_param_values) + servicechain_spec=scs_id, provider_ptg=policy_target_group_id, + consumer_ptg=policy_target_group_id, classifier=classifier_id, + config_param_values=config_param_values) sci = self.create_servicechain_instance( - servicechain_spec=scs_id, - provider_epg=endpoint_group_id, - consumer_epg=endpoint_group_id, - classifier=classifier_id, - config_param_values=config_param_values) + servicechain_spec=scs_id, provider_ptg=policy_target_group_id, + consumer_ptg=policy_target_group_id, classifier=classifier_id, + config_param_values=config_param_values) for k, v in attrs.iteritems(): self.assertEqual(sci['servicechain_instance'][k], v) @@ -355,11 +351,9 @@ class TestServiceChainResources(ServiceChainDbTestCase): def test_list_servicechain_instances(self): servicechain_instances = [self.create_servicechain_instance( - name='sci1', description='sci'), - self.create_servicechain_instance(name='sci2', - description='sci'), - self.create_servicechain_instance(name='sci3', - description='sci')] + name='sci1', description='sci'), + self.create_servicechain_instance(name='sci2', description='sci'), + self.create_servicechain_instance(name='sci3', description='sci')] self._test_list_resources('servicechain_instance', servicechain_instances, query_params='description=sci') @@ -369,24 +363,18 @@ class TestServiceChainResources(ServiceChainDbTestCase): description = 'new desc' config_param_values = "{}" scs_id = self.create_servicechain_spec()['servicechain_spec']['id'] - provider_epg = uuidutils.generate_uuid() - consumer_epg = uuidutils.generate_uuid() + provider_ptg = uuidutils.generate_uuid() + consumer_ptg = uuidutils.generate_uuid() classifier = uuidutils.generate_uuid() attrs = self._get_test_servicechain_instance_attrs( - name=name, - description=description, - servicechain_spec=scs_id, - provider_epg=provider_epg, - consumer_epg=consumer_epg, - classifier=classifier, - config_param_values=config_param_values) + name=name, description=description, servicechain_spec=scs_id, + provider_ptg=provider_ptg, consumer_ptg=consumer_ptg, + classifier=classifier, config_param_values=config_param_values) sci = self.create_servicechain_instance( - servicechain_spec=scs_id, - provider_epg=provider_epg, - consumer_epg=consumer_epg, - classifier=classifier, - config_param_values=config_param_values) + servicechain_spec=scs_id, provider_ptg=provider_ptg, + consumer_ptg=consumer_ptg, classifier=classifier, + config_param_values=config_param_values) data = {'servicechain_instance': {'name': name, 'description': description, 'servicechain_spec': scs_id}} diff --git a/gbp/neutron/tests/unit/services/grouppolicy/test_apic_mapping.py b/gbp/neutron/tests/unit/services/grouppolicy/test_apic_mapping.py index 7fee37b49..19a76c0cd 100644 --- a/gbp/neutron/tests/unit/services/grouppolicy/test_apic_mapping.py +++ b/gbp/neutron/tests/unit/services/grouppolicy/test_apic_mapping.py @@ -29,7 +29,7 @@ from gbp.neutron.tests.unit.services.grouppolicy import test_grouppolicy_plugin APIC_L2_POLICY = 'l2_policy' APIC_L3_POLICY = 'l3_policy' APIC_CONTRACT = 'contract' -APIC_ENDPOINT_GROUP = 'endpoint_group' +APIC_ENDPOINT_GROUP = 'policy_target_group' APIC_POLICY_RULE = 'policy_rule' CORE_PLUGIN = 'neutron.plugins.ml2.plugin.Ml2Plugin' @@ -68,10 +68,10 @@ class ApicMappingTestCase( self.driver.name_mapper.tenant = echo self.driver.name_mapper.l2_policy = echo self.driver.name_mapper.l3_policy = echo - self.driver.name_mapper.contract = echo + self.driver.name_mapper.policy_rule_set = echo self.driver.name_mapper.policy_rule = echo self.driver.name_mapper.app_profile.return_value = mocked.APIC_AP - self.driver.name_mapper.endpoint_group = echo + self.driver.name_mapper.policy_target_group = echo self.driver.apic_manager = mock.Mock(name_mapper=mock.Mock()) self.driver.apic_manager.apic.transaction = self.fake_transaction @@ -80,21 +80,23 @@ class ApicMappingTestCase( return self.deserialize(self.fmt, req.get_response(api)) -class TestEndpoint(ApicMappingTestCase): +class TestPolicyTarget(ApicMappingTestCase): - def test_endpoint_created_on_apic(self): - epg = self.create_endpoint_group()['endpoint_group'] - subnet = self._get_object('subnets', epg['subnets'][0], self.api) + def test_policy_target_created_on_apic(self): + ptg = self.create_policy_target_group()['policy_target_group'] + subnet = self._get_object('subnets', ptg['subnets'][0], self.api) with self.port(subnet=subnet) as port: self._bind_port_to_host(port['port']['id'], 'h1') - self.create_endpoint(epg['id'], port_id=port['port']['id']) + self.create_policy_target(ptg['id'], port_id=port['port']['id']) mgr = self.driver.apic_manager self.assertEqual(mgr.ensure_path_created_for_port.call_count, 1) - def test_endpoint_port_update_on_apic_none_to_host(self): - epg = self.create_endpoint_group(name="epg1")['endpoint_group'] - ep = self.create_endpoint(endpoint_group_id=epg['id'])['endpoint'] - port = self._get_object('ports', ep['port_id'], self.api) + def test_policy_target_port_update_on_apic_none_to_host(self): + ptg = self.create_policy_target_group( + name="ptg1")['policy_target_group'] + pt = self.create_policy_target( + policy_target_group_id=ptg['id'])['policy_target'] + port = self._get_object('ports', pt['port_id'], self.api) port_up = self._bind_port_to_host(port['port']['id'], 'h1') self.driver.process_port_changed(context.get_admin_context(), @@ -102,24 +104,26 @@ class TestEndpoint(ApicMappingTestCase): mgr = self.driver.apic_manager self.assertEqual(mgr.ensure_path_created_for_port.call_count, 1) - def test_endpoint_port_deleted_on_apic(self): - epg = self.create_endpoint_group()['endpoint_group'] - subnet = self._get_object('subnets', epg['subnets'][0], self.api) + def test_policy_target_port_deleted_on_apic(self): + ptg = self.create_policy_target_group()['policy_target_group'] + subnet = self._get_object('subnets', ptg['subnets'][0], self.api) with self.port(subnet=subnet) as port: self._bind_port_to_host(port['port']['id'], 'h1') - ep = self.create_endpoint(epg['id'], port_id=port['port']['id']) - self.new_delete_request('endpoints', ep['endpoint']['id'], - self.fmt).get_response(self.ext_api) + pt = self.create_policy_target( + ptg['id'], port_id=port['port']['id']) + self.new_delete_request( + 'policy_targets', pt['policy_target']['id'], + self.fmt).get_response(self.ext_api) mgr = self.driver.apic_manager self.assertEqual(mgr.ensure_path_deleted_for_port.call_count, 1) - def test_endpoint_port_deleted_on_apic_host_to_host(self): - epg = self.create_endpoint_group()['endpoint_group'] - subnet = self._get_object('subnets', epg['subnets'][0], self.api) + def test_policy_target_port_deleted_on_apic_host_to_host(self): + ptg = self.create_policy_target_group()['policy_target_group'] + subnet = self._get_object('subnets', ptg['subnets'][0], self.api) with self.port(subnet=subnet) as port: # Create EP with bound port port = self._bind_port_to_host(port['port']['id'], 'h1') - self.create_endpoint(epg['id'], port_id=port['port']['id']) + self.create_policy_target(ptg['id'], port_id=port['port']['id']) # Change port binding and notify driver port_up = self._bind_port_to_host(port['port']['id'], 'h2') @@ -132,16 +136,19 @@ class TestEndpoint(ApicMappingTestCase): # Path deleted 1 time self.assertEqual(mgr.ensure_path_deleted_for_port.call_count, 1) - def test_endpoint_port_not_deleted(self): + def test_policy_target_port_not_deleted(self): # Create 2 EP same EPG same host bound - epg = self.create_endpoint_group(name="epg1")['endpoint_group'] - ep1 = self.create_endpoint(endpoint_group_id=epg['id'])['endpoint'] - self._bind_port_to_host(ep1['port_id'], 'h1') - ep2 = self.create_endpoint(endpoint_group_id=epg['id'])['endpoint'] - self._bind_port_to_host(ep2['port_id'], 'h1') + ptg = self.create_policy_target_group( + name="ptg1")['policy_target_group'] + pt1 = self.create_policy_target( + policy_target_group_id=ptg['id'])['policy_target'] + self._bind_port_to_host(pt1['port_id'], 'h1') + pt2 = self.create_policy_target( + policy_target_group_id=ptg['id'])['policy_target'] + self._bind_port_to_host(pt2['port_id'], 'h1') # Delete EP1 - self.new_delete_request('endpoints', ep1['id'], + self.new_delete_request('policy_targets', pt1['id'], self.fmt).get_response(self.ext_api) # APIC path not deleted mgr = self.driver.apic_manager @@ -155,106 +162,113 @@ class TestEndpoint(ApicMappingTestCase): return self.deserialize(self.fmt, req.get_response(self.api)) -class TestEndpointGroup(ApicMappingTestCase): +class TestPolicyTargetGroup(ApicMappingTestCase): - def test_endpoint_group_created_on_apic(self): - epg = self.create_endpoint_group(name="epg1")['endpoint_group'] + def test_policy_target_group_created_on_apic(self): + ptg = self.create_policy_target_group( + name="ptg1")['policy_target_group'] mgr = self.driver.apic_manager mgr.ensure_epg_created.assert_called_once_with( - epg['tenant_id'], epg['id'], bd_name=epg['l2_policy_id']) + ptg['tenant_id'], ptg['id'], bd_name=ptg['l2_policy_id']) - def _test_epg_contract_created(self, provider=True): - cntr = self.create_contract(name='c')['contract'] + def _test_ptg_policy_rule_set_created(self, provider=True): + cntr = self.create_policy_rule_set(name='c')['policy_rule_set'] if provider: - epg = self.create_endpoint_group( - provided_contracts={cntr['id']: 'scope'})['endpoint_group'] + ptg = self.create_policy_target_group( + provided_policy_rule_sets={cntr['id']: 'scope'})[ + 'policy_target_group'] else: - epg = self.create_endpoint_group( - consumed_contracts={cntr['id']: 'scope'})['endpoint_group'] + ptg = self.create_policy_target_group( + consumed_policy_rule_sets={cntr['id']: 'scope'})[ + 'policy_target_group'] # Verify that the apic call is issued mgr = self.driver.apic_manager mgr.set_contract_for_epg.assert_called_with( - epg['tenant_id'], epg['id'], cntr['id'], transaction='transaction', + ptg['tenant_id'], ptg['id'], cntr['id'], transaction='transaction', provider=provider) - def _test_epg_contract_updated(self, provider=True): - p_or_c = {True: 'provided_contracts', False: 'consumed_contracts'} - cntr = self.create_contract(name='c1')['contract'] - new_cntr = self.create_contract(name='c2')['contract'] + def _test_ptg_policy_rule_set_updated(self, provider=True): + p_or_c = {True: 'provided_policy_rule_sets', + False: 'consumed_policy_rule_sets'} + cntr = self.create_policy_rule_set(name='c1')['policy_rule_set'] + new_cntr = self.create_policy_rule_set(name='c2')['policy_rule_set'] if provider: - epg = self.create_endpoint_group( - provided_contracts={cntr['id']: 'scope'}) + ptg = self.create_policy_target_group( + provided_policy_rule_sets={cntr['id']: 'scope'}) else: - epg = self.create_endpoint_group( - consumed_contracts={cntr['id']: 'scope'}) + ptg = self.create_policy_target_group( + consumed_policy_rule_sets={cntr['id']: 'scope'}) - data = {'endpoint_group': {p_or_c[provider]: + data = {'policy_target_group': {p_or_c[provider]: {new_cntr['id']: 'scope'}}} - req = self.new_update_request('endpoint_groups', data, - epg['endpoint_group']['id'], self.fmt) - epg = self.deserialize(self.fmt, req.get_response(self.ext_api)) - epg = epg['endpoint_group'] + req = self.new_update_request('policy_target_groups', data, + ptg['policy_target_group']['id'], + self.fmt) + ptg = self.deserialize(self.fmt, req.get_response(self.ext_api)) + ptg = ptg['policy_target_group'] mgr = self.driver.apic_manager mgr.set_contract_for_epg.assert_called_with( - epg['tenant_id'], epg['id'], new_cntr['id'], + ptg['tenant_id'], ptg['id'], new_cntr['id'], transaction='transaction', provider=provider) mgr.unset_contract_for_epg.assert_called_with( - epg['tenant_id'], epg['id'], cntr['id'], + ptg['tenant_id'], ptg['id'], cntr['id'], transaction='transaction', provider=provider) - def test_epg_contract_provider_created(self): - self._test_epg_contract_created() + def test_ptg_policy_rule_set_provider_created(self): + self._test_ptg_policy_rule_set_created() - def test_epg_contract_provider_updated(self): - self._test_epg_contract_updated() + def test_ptg_policy_rule_set_provider_updated(self): + self._test_ptg_policy_rule_set_updated() - def test_epg_contract_consumer_created(self): - self._test_epg_contract_created(False) + def test_ptg_policy_rule_set_consumer_created(self): + self._test_ptg_policy_rule_set_created(False) - def test_epg_contract_consumer_updated(self): - self._test_epg_contract_updated(False) + def test_ptg_policy_rule_set_consumer_updated(self): + self._test_ptg_policy_rule_set_updated(False) - def test_endpoint_group_deleted_on_apic(self): - epg = self.create_endpoint_group(name="epg1")['endpoint_group'] - req = self.new_delete_request('endpoint_groups', epg['id'], self.fmt) + def test_policy_target_group_deleted_on_apic(self): + ptg = self.create_policy_target_group( + name="ptg1")['policy_target_group'] + req = self.new_delete_request( + 'policy_target_groups', ptg['id'], self.fmt) req.get_response(self.ext_api) mgr = self.driver.apic_manager mgr.delete_epg_for_network.assert_called_once_with( - epg['tenant_id'], epg['id']) + ptg['tenant_id'], ptg['id']) - def test_endpoint_group_subnet_created_on_apic(self): + def test_policy_target_group_subnet_created_on_apic(self): - epg = self._create_explicit_subnet_epg('10.0.0.0/24') + ptg = self._create_explicit_subnet_ptg('10.0.0.0/24') mgr = self.driver.apic_manager mgr.ensure_subnet_created_on_apic.assert_called_once_with( - epg['tenant_id'], epg['l2_policy_id'], '10.0.0.1/24', + ptg['tenant_id'], ptg['l2_policy_id'], '10.0.0.1/24', transaction='transaction') - def test_endpoint_group_subnet_added(self): - epg = self._create_explicit_subnet_epg('10.0.0.0/24') - l2p = self._get_object('l2_policies', epg['l2_policy_id'], + def test_policy_target_group_subnet_added(self): + ptg = self._create_explicit_subnet_ptg('10.0.0.0/24') + l2p = self._get_object('l2_policies', ptg['l2_policy_id'], self.ext_api) network = self._get_object('networks', l2p['l2_policy']['network_id'], self.api) with self.subnet(network=network, cidr='10.0.1.0/24') as subnet: - data = {'endpoint_group': - {'subnets': epg['subnets'] + [subnet['subnet']['id']]}} + data = {'policy_target_group': + {'subnets': ptg['subnets'] + [subnet['subnet']['id']]}} mgr = self.driver.apic_manager - self.new_update_request('endpoint_groups', data, epg['id'], + self.new_update_request('policy_target_groups', data, ptg['id'], self.fmt).get_response(self.ext_api) mgr.ensure_subnet_created_on_apic.assert_called_with( - epg['tenant_id'], epg['l2_policy_id'], '10.0.1.1/24', + ptg['tenant_id'], ptg['l2_policy_id'], '10.0.1.1/24', transaction='transaction') def test_process_subnet_update(self): - epg = self._create_explicit_subnet_epg('10.0.0.0/24') - subnet = self._get_object('subnets', epg['subnets'][0], self.api) + ptg = self._create_explicit_subnet_ptg('10.0.0.0/24') + subnet = self._get_object('subnets', ptg['subnets'][0], self.api) subnet2 = copy.deepcopy(subnet) subnet2['subnet']['gateway_ip'] = '10.0.0.254' mgr = self.driver.apic_manager @@ -262,22 +276,22 @@ class TestEndpointGroup(ApicMappingTestCase): self.driver.process_subnet_changed(context.get_admin_context(), subnet['subnet'], subnet2['subnet']) mgr.ensure_subnet_created_on_apic.assert_called_once_with( - epg['tenant_id'], epg['l2_policy_id'], '10.0.0.254/24', - transaction='transaction') + ptg['tenant_id'], ptg['l2_policy_id'], '10.0.0.254/24', + transaction='transaction') mgr.ensure_subnet_deleted_on_apic.assert_called_with( - epg['tenant_id'], epg['l2_policy_id'], '10.0.0.1/24', - transaction='transaction') + ptg['tenant_id'], ptg['l2_policy_id'], '10.0.0.1/24', + transaction='transaction') - def _create_explicit_subnet_epg(self, cidr): + def _create_explicit_subnet_ptg(self, cidr): l2p = self.create_l2_policy(name="l2p") l2p_id = l2p['l2_policy']['id'] network_id = l2p['l2_policy']['network_id'] network = self._get_object('networks', network_id, self.api) with self.subnet(network=network, cidr=cidr) as subnet: subnet_id = subnet['subnet']['id'] - return self.create_endpoint_group( - name="epg1", l2_policy_id=l2p_id, - subnets=[subnet_id])['endpoint_group'] + return self.create_policy_target_group( + name="ptg1", l2_policy_id=l2p_id, + subnets=[subnet_id])['policy_target_group'] class TestL2Policy(ApicMappingTestCase): @@ -317,22 +331,23 @@ class TestL3Policy(ApicMappingTestCase): l3p['tenant_id'], l3p['id']) -class TestContract(ApicMappingTestCase): +class TestPolicyRuleSet(ApicMappingTestCase): - # TODO(ivar): verify rule intersection with hierarchical contracts happens - # on APIC - def test_contract_created_on_apic(self): - self.create_contract(name="ctr") + # TODO(ivar): verify rule intersection with hierarchical policy_rule_sets + # happens on APIC + def test_policy_rule_set_created_on_apic(self): + self.create_policy_rule_set(name="ctr") mgr = self.driver.apic_manager self.assertEqual(1, mgr.create_contract.call_count) - def test_contract_created_with_rules(self): + def test_policy_rule_set_created_with_rules(self): bi, in_d, out = range(3) rules = self._create_3_direction_rules() # exclude BI rule for now - ctr = self.create_contract( - name="ctr", policy_rules=[x['id'] for x in rules[1:]])['contract'] + ctr = self.create_policy_rule_set( + name="ctr", policy_rules=[x['id'] for x in rules[1:]])[ + 'policy_rule_set'] # Verify that the in-out rules are correctly enforced on the APIC mgr = self.driver.apic_manager @@ -343,9 +358,9 @@ class TestContract(ApicMappingTestCase): ctr['id'], ctr['id'], rules[out]['id'], owner=ctr['tenant_id'], transaction='transaction', unset=False) - # Create contract with BI rule - ctr = self.create_contract( - name="ctr", policy_rules=[rules[bi]['id']])['contract'] + # Create policy_rule_set with BI rule + ctr = self.create_policy_rule_set( + name="ctr", policy_rules=[rules[bi]['id']])['policy_rule_set'] mgr.manage_contract_subject_in_filter.assert_called_with( ctr['id'], ctr['id'], rules[bi]['id'], owner=ctr['tenant_id'], @@ -354,20 +369,22 @@ class TestContract(ApicMappingTestCase): ctr['id'], ctr['id'], rules[bi]['id'], owner=ctr['tenant_id'], transaction='transaction', unset=False) - def test_contract_updated_with_new_rules(self): + def test_policy_rule_set_updated_with_new_rules(self): bi, in_d, out = range(3) old_rules = self._create_3_direction_rules() new_rules = self._create_3_direction_rules() # exclude BI rule for now - ctr = self.create_contract( + ctr = self.create_policy_rule_set( name="ctr", - policy_rules=[x['id'] for x in old_rules[1:]])['contract'] - data = {'contract': {'policy_rules': [x['id'] for x in new_rules[1:]]}} + policy_rules=[x['id'] for x in old_rules[1:]])['policy_rule_set'] + data = {'policy_rule_set': + {'policy_rules': [x['id'] for x in new_rules[1:]]}} mgr = self.driver.apic_manager mgr.manage_contract_subject_in_filter = MockCallRecorder() mgr.manage_contract_subject_out_filter = MockCallRecorder() self.new_update_request( - 'contracts', data, ctr['id'], self.fmt).get_response(self.ext_api) + 'policy_rule_sets', data, ctr['id'], self.fmt).get_response( + self.ext_api) # Verify old IN rule unset and new IN rule set self.assertTrue( mgr.manage_contract_subject_in_filter.call_happened_with( @@ -388,12 +405,13 @@ class TestContract(ApicMappingTestCase): owner=ctr['tenant_id'], transaction='transaction', unset=False)) - ctr = self.create_contract( + ctr = self.create_policy_rule_set( name="ctr", - policy_rules=[old_rules[0]['id']])['contract'] - data = {'contract': {'policy_rules': [new_rules[0]['id']]}} + policy_rules=[old_rules[0]['id']])['policy_rule_set'] + data = {'policy_rule_set': {'policy_rules': [new_rules[0]['id']]}} self.new_update_request( - 'contracts', data, ctr['id'], self.fmt).get_response(self.ext_api) + 'policy_rule_sets', data, ctr['id'], self.fmt).get_response( + self.ext_api) # Verify old BI rule unset and new Bu rule set self.assertTrue( mgr.manage_contract_subject_in_filter.call_happened_with( @@ -465,4 +483,4 @@ class TestPolicyRule(ApicMappingTestCase): action = self.create_policy_action( action_type='allow')['policy_action'] return self.create_policy_rule( - cls['id'], policy_actions=[action['id']])['policy_rule'] \ No newline at end of file + cls['id'], policy_actions=[action['id']])['policy_rule'] diff --git a/gbp/neutron/tests/unit/services/grouppolicy/test_grouppolicy_plugin.py b/gbp/neutron/tests/unit/services/grouppolicy/test_grouppolicy_plugin.py index 881ad5161..020a0f1af 100644 --- a/gbp/neutron/tests/unit/services/grouppolicy/test_grouppolicy_plugin.py +++ b/gbp/neutron/tests/unit/services/grouppolicy/test_grouppolicy_plugin.py @@ -64,10 +64,11 @@ class GroupPolicyPluginTestCase(tgpmdb.GroupPolicyMappingDbTestCase): finally: manager.ordered_policy_drivers = drivers - def test_delete_fails_on_used_epg(self): - epg = self.create_endpoint_group()['endpoint_group'] - self.create_endpoint(endpoint_group_id=epg['id']) - req = self.new_delete_request('endpoint_groups', epg['id'], self.fmt) + def test_delete_fails_on_used_ptg(self): + ptg = self.create_policy_target_group()['policy_target_group'] + self.create_policy_target(policy_target_group_id=ptg['id']) + req = self.new_delete_request('policy_target_groups', ptg['id'], + self.fmt) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, 400) diff --git a/gbp/neutron/tests/unit/services/grouppolicy/test_implicit_policy.py b/gbp/neutron/tests/unit/services/grouppolicy/test_implicit_policy.py index f65763b89..f4f42d628 100644 --- a/gbp/neutron/tests/unit/services/grouppolicy/test_implicit_policy.py +++ b/gbp/neutron/tests/unit/services/grouppolicy/test_implicit_policy.py @@ -30,38 +30,39 @@ class ImplicitPolicyTestCase( class TestImplicitL2Policy(ImplicitPolicyTestCase): def test_impicit_lifecycle(self): - # Create endpoint group with implicit L2 policy. - epg1 = self.create_endpoint_group() - epg1_id = epg1['endpoint_group']['id'] - l2p1_id = epg1['endpoint_group']['l2_policy_id'] + # Create policy_target group with implicit L2 policy. + ptg1 = self.create_policy_target_group() + ptg1_id = ptg1['policy_target_group']['id'] + l2p1_id = ptg1['policy_target_group']['l2_policy_id'] self.assertIsNotNone(l2p1_id) - req = self.new_show_request('endpoint_groups', epg1_id, fmt=self.fmt) + req = self.new_show_request('policy_target_groups', ptg1_id, + fmt=self.fmt) res = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual(l2p1_id, res['endpoint_group']['l2_policy_id']) + self.assertEqual(l2p1_id, res['policy_target_group']['l2_policy_id']) req = self.new_show_request('l2_policies', l2p1_id, fmt=self.fmt) l2p1 = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual(epg1['endpoint_group']['name'], + self.assertEqual(ptg1['policy_target_group']['name'], l2p1['l2_policy']['name']) - # Create 2nd endpoint group with different implicit L2 policy. - epg2 = self.create_endpoint_group() - epg2_id = epg2['endpoint_group']['id'] - l2p2_id = epg2['endpoint_group']['l2_policy_id'] + # Create 2nd policy_target group with different implicit L2 policy. + ptg2 = self.create_policy_target_group() + ptg2_id = ptg2['policy_target_group']['id'] + l2p2_id = ptg2['policy_target_group']['l2_policy_id'] self.assertIsNotNone(l2p2_id) self.assertNotEqual(l2p1_id, l2p2_id) - # Verify deleting 1st endpoint group does cleanup its L2 + # Verify deleting 1st policy_target group does cleanup its L2 # policy. - req = self.new_delete_request('endpoint_groups', epg1_id) + req = self.new_delete_request('policy_target_groups', ptg1_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) req = self.new_show_request('l2_policies', l2p1_id, fmt=self.fmt) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNotFound.code) - # Verify deleting 2nd endpoint group does cleanup its L2 + # Verify deleting 2nd policy_target group does cleanup its L2 # policy. - req = self.new_delete_request('endpoint_groups', epg2_id) + req = self.new_delete_request('policy_target_groups', ptg2_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) req = self.new_show_request('l2_policies', l2p2_id, fmt=self.fmt) @@ -69,15 +70,15 @@ class TestImplicitL2Policy(ImplicitPolicyTestCase): self.assertEqual(res.status_int, webob.exc.HTTPNotFound.code) def test_explicit_lifecycle(self): - # Create endpoint group with explicit L2 policy. + # Create policy_target group with explicit L2 policy. l2p = self.create_l2_policy() l2p_id = l2p['l2_policy']['id'] - epg = self.create_endpoint_group(l2_policy_id=l2p_id) - epg_id = epg['endpoint_group']['id'] - self.assertEqual(l2p_id, epg['endpoint_group']['l2_policy_id']) + ptg = self.create_policy_target_group(l2_policy_id=l2p_id) + ptg_id = ptg['policy_target_group']['id'] + self.assertEqual(l2p_id, ptg['policy_target_group']['l2_policy_id']) - # Verify deleting endpoint group does not cleanup L2 policy. - req = self.new_delete_request('endpoint_groups', epg_id) + # Verify deleting policy_target group does not cleanup L2 policy. + req = self.new_delete_request('policy_target_groups', ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) req = self.new_show_request('l2_policies', l2p_id, fmt=self.fmt) @@ -85,31 +86,31 @@ class TestImplicitL2Policy(ImplicitPolicyTestCase): self.assertEqual(res.status_int, webob.exc.HTTPOk.code) def test_update_from_implicit(self): - # Create endpoint group with implicit L2 policy. - epg = self.create_endpoint_group() - epg_id = epg['endpoint_group']['id'] - l2p1_id = epg['endpoint_group']['l2_policy_id'] + # Create policy_target group with implicit L2 policy. + ptg = self.create_policy_target_group() + ptg_id = ptg['policy_target_group']['id'] + l2p1_id = ptg['policy_target_group']['l2_policy_id'] req = self.new_show_request('l2_policies', l2p1_id, fmt=self.fmt) l2p1 = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual(epg['endpoint_group']['name'], + self.assertEqual(ptg['policy_target_group']['name'], l2p1['l2_policy']['name']) - # Update endpoint group to explicit L2 policy. + # Update policy_target group to explicit L2 policy. l2p2 = self.create_l2_policy() l2p2_id = l2p2['l2_policy']['id'] - data = {'endpoint_group': {'l2_policy_id': l2p2_id}} - req = self.new_update_request('endpoint_groups', data, epg_id) - epg = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual(l2p2_id, epg['endpoint_group']['l2_policy_id']) + data = {'policy_target_group': {'l2_policy_id': l2p2_id}} + req = self.new_update_request('policy_target_groups', data, ptg_id) + ptg = self.deserialize(self.fmt, req.get_response(self.ext_api)) + self.assertEqual(l2p2_id, ptg['policy_target_group']['l2_policy_id']) # Verify old L2 policy was cleaned up. req = self.new_show_request('l2_policies', l2p1_id, fmt=self.fmt) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNotFound.code) - # Verify deleting endpoint group does not cleanup new L2 + # Verify deleting policy_target group does not cleanup new L2 # policy. - req = self.new_delete_request('endpoint_groups', epg_id) + req = self.new_delete_request('policy_target_groups', ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) req = self.new_show_request('l2_policies', l2p2_id, fmt=self.fmt) @@ -117,23 +118,23 @@ class TestImplicitL2Policy(ImplicitPolicyTestCase): self.assertEqual(res.status_int, webob.exc.HTTPOk.code) def test_update_to_implicit(self): - # Create endpoint group with explicit L2 policy. + # Create policy_target group with explicit L2 policy. l2p1 = self.create_l2_policy() l2p1_id = l2p1['l2_policy']['id'] - epg = self.create_endpoint_group(l2_policy_id=l2p1_id) - epg_id = epg['endpoint_group']['id'] - self.assertEqual(l2p1_id, epg['endpoint_group']['l2_policy_id']) + ptg = self.create_policy_target_group(l2_policy_id=l2p1_id) + ptg_id = ptg['policy_target_group']['id'] + self.assertEqual(l2p1_id, ptg['policy_target_group']['l2_policy_id']) - # Update endpoint group to implicit L2 policy. - data = {'endpoint_group': {'l2_policy_id': None}} - req = self.new_update_request('endpoint_groups', data, epg_id) - epg = self.deserialize(self.fmt, req.get_response(self.ext_api)) - l2p2_id = epg['endpoint_group']['l2_policy_id'] + # Update policy_target group to implicit L2 policy. + data = {'policy_target_group': {'l2_policy_id': None}} + req = self.new_update_request('policy_target_groups', data, ptg_id) + ptg = self.deserialize(self.fmt, req.get_response(self.ext_api)) + l2p2_id = ptg['policy_target_group']['l2_policy_id'] self.assertNotEqual(l2p1_id, l2p2_id) self.assertIsNotNone(l2p2_id) req = self.new_show_request('l2_policies', l2p2_id, fmt=self.fmt) l2p2 = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual(epg['endpoint_group']['name'], + self.assertEqual(ptg['policy_target_group']['name'], l2p2['l2_policy']['name']) # Verify old L2 policy was not cleaned up. @@ -141,8 +142,8 @@ class TestImplicitL2Policy(ImplicitPolicyTestCase): res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPOk.code) - # Verify deleting endpoint group does cleanup new L2 policy. - req = self.new_delete_request('endpoint_groups', epg_id) + # Verify deleting policy_target group does cleanup new L2 policy. + req = self.new_delete_request('policy_target_groups', ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) req = self.new_show_request('l2_policies', l2p2_id, fmt=self.fmt) diff --git a/gbp/neutron/tests/unit/services/grouppolicy/test_resource_mapping.py b/gbp/neutron/tests/unit/services/grouppolicy/test_resource_mapping.py index 260279e12..6c9fed26c 100644 --- a/gbp/neutron/tests/unit/services/grouppolicy/test_resource_mapping.py +++ b/gbp/neutron/tests/unit/services/grouppolicy/test_resource_mapping.py @@ -29,8 +29,9 @@ from gbp.neutron.services.servicechain import servicechain_plugin from gbp.neutron.tests.unit.services.grouppolicy import test_grouppolicy_plugin -class NoL3NatSGTestPlugin(test_l3_plugin.TestNoL3NatPlugin, - test_extension_security_group.SecurityGroupTestPlugin): +class NoL3NatSGTestPlugin( + test_l3_plugin.TestNoL3NatPlugin, + test_extension_security_group.SecurityGroupTestPlugin): supported_extension_aliases = ["external-net", "security-group"] @@ -49,24 +50,25 @@ class ResourceMappingTestCase( super(ResourceMappingTestCase, self).setUp(core_plugin=CORE_PLUGIN) -class TestEndpoint(ResourceMappingTestCase): +class TestPolicyTarget(ResourceMappingTestCase): def test_implicit_port_lifecycle(self): - # Create endpoint group. - epg = self.create_endpoint_group(name="epg1") - epg_id = epg['endpoint_group']['id'] + # Create policy_target group. + ptg = self.create_policy_target_group(name="ptg1") + ptg_id = ptg['policy_target_group']['id'] - # Create endpoint with implicit port. - ep = self.create_endpoint(name="ep1", endpoint_group_id=epg_id) - ep_id = ep['endpoint']['id'] - port_id = ep['endpoint']['port_id'] + # Create policy_target with implicit port. + pt = self.create_policy_target(name="pt1", + policy_target_group_id=ptg_id) + pt_id = pt['policy_target']['id'] + port_id = pt['policy_target']['port_id'] self.assertIsNotNone(port_id) - # TODO(rkukura): Verify implicit port belongs to endpoint + # TODO(rkukura): Verify implicit port belongs to policy_target # group's subnet. - # Verify deleting endpoint cleans up port. - req = self.new_delete_request('endpoints', ep_id) + # Verify deleting policy_target cleans up port. + req = self.new_delete_request('policy_targets', pt_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) req = self.new_show_request('ports', port_id, fmt=self.fmt) @@ -74,67 +76,67 @@ class TestEndpoint(ResourceMappingTestCase): self.assertEqual(res.status_int, webob.exc.HTTPNotFound.code) def test_explicit_port_lifecycle(self): - # Create endpoint group. - epg = self.create_endpoint_group(name="epg1") - epg_id = epg['endpoint_group']['id'] - subnet_id = epg['endpoint_group']['subnets'][0] + # Create policy_target group. + ptg = self.create_policy_target_group(name="ptg1") + ptg_id = ptg['policy_target_group']['id'] + subnet_id = ptg['policy_target_group']['subnets'][0] req = self.new_show_request('subnets', subnet_id) subnet = self.deserialize(self.fmt, req.get_response(self.api)) - # Create endpoint with explicit port. + # Create policy_target with explicit port. with self.port(subnet=subnet) as port: port_id = port['port']['id'] - ep = self.create_endpoint(name="ep1", endpoint_group_id=epg_id, - port_id=port_id) - ep_id = ep['endpoint']['id'] - self.assertEqual(port_id, ep['endpoint']['port_id']) + pt = self.create_policy_target( + name="pt1", policy_target_group_id=ptg_id, port_id=port_id) + pt_id = pt['policy_target']['id'] + self.assertEqual(port_id, pt['policy_target']['port_id']) - # Verify deleting endpoint does not cleanup port. - req = self.new_delete_request('endpoints', ep_id) + # Verify deleting policy_target does not cleanup port. + req = self.new_delete_request('policy_targets', pt_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) req = self.new_show_request('ports', port_id, fmt=self.fmt) res = req.get_response(self.api) self.assertEqual(res.status_int, webob.exc.HTTPOk.code) - def test_missing_epg_rejected(self): - data = self.create_endpoint(name="ep1", - expected_res_status= - webob.exc.HTTPBadRequest.code) - self.assertEqual('EndpointRequiresEndpointGroup', + def test_missing_ptg_rejected(self): + data = self.create_policy_target( + name="pt1", expected_res_status=webob.exc.HTTPBadRequest.code) + self.assertEqual('PolicyTargetRequiresPolicyTargetGroup', data['NeutronError']['type']) - def test_epg_update_rejected(self): - # Create two endpoint groups. - epg1 = self.create_endpoint_group(name="epg1") - epg1_id = epg1['endpoint_group']['id'] - epg2 = self.create_endpoint_group(name="epg2") - epg2_id = epg2['endpoint_group']['id'] + def test_ptg_update_rejected(self): + # Create two policy_target groups. + ptg1 = self.create_policy_target_group(name="ptg1") + ptg1_id = ptg1['policy_target_group']['id'] + ptg2 = self.create_policy_target_group(name="ptg2") + ptg2_id = ptg2['policy_target_group']['id'] - # Create endpoint. - ep = self.create_endpoint(name="ep1", endpoint_group_id=epg1_id) - ep_id = ep['endpoint']['id'] + # Create policy_target. + pt = self.create_policy_target(name="pt1", + policy_target_group_id=ptg1_id) + pt_id = pt['policy_target']['id'] - # Verify updating endpoint group rejected. - data = {'endpoint': {'endpoint_group_id': epg2_id}} - req = self.new_update_request('endpoints', data, ep_id) + # Verify updating policy_target group rejected. + data = {'policy_target': {'policy_target_group_id': ptg2_id}} + req = self.new_update_request('policy_targets', data, pt_id) data = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual('EndpointEndpointGroupUpdateNotSupported', + self.assertEqual('PolicyTargetGroupUpdateOfPolicyTargetNotSupported', data['NeutronError']['type']) -class TestEndpointGroup(ResourceMappingTestCase): +class TestPolicyTargetGroup(ResourceMappingTestCase): def test_implicit_subnet_lifecycle(self): # Use explicit L2 policy so network and subnet not deleted - # with endpoint group. + # with policy_target group. l2p = self.create_l2_policy() l2p_id = l2p['l2_policy']['id'] - # Create endpoint group with implicit subnet. - epg = self.create_endpoint_group(name="epg1", l2_policy_id=l2p_id) - epg_id = epg['endpoint_group']['id'] - subnets = epg['endpoint_group']['subnets'] + # Create policy_target group with implicit subnet. + ptg = self.create_policy_target_group(name="ptg1", l2_policy_id=l2p_id) + ptg_id = ptg['policy_target_group']['id'] + subnets = ptg['policy_target_group']['subnets'] self.assertIsNotNone(subnets) self.assertEqual(len(subnets), 1) subnet_id = subnets[0] @@ -143,8 +145,8 @@ class TestEndpointGroup(ResourceMappingTestCase): # network, is within L3 policy's ip_pool, and was added as # router interface. - # Verify deleting endpoint group cleans up subnet. - req = self.new_delete_request('endpoint_groups', epg_id) + # Verify deleting policy_target group cleans up subnet. + req = self.new_delete_request('policy_target_groups', ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) req = self.new_show_request('subnets', subnet_id, fmt=self.fmt) @@ -166,13 +168,13 @@ class TestEndpointGroup(ResourceMappingTestCase): req = self.new_show_request('networks', network_id) network = self.deserialize(self.fmt, req.get_response(self.api)) - # Create endpoint group with explicit subnet. + # Create policy_target group with explicit subnet. with self.subnet(network=network, cidr='10.10.1.0/24') as subnet: subnet_id = subnet['subnet']['id'] - epg = self.create_endpoint_group(name="epg1", l2_policy_id=l2p_id, - subnets=[subnet_id]) - epg_id = epg['endpoint_group']['id'] - subnets = epg['endpoint_group']['subnets'] + ptg = self.create_policy_target_group( + name="ptg1", l2_policy_id=l2p_id, subnets=[subnet_id]) + ptg_id = ptg['policy_target_group']['id'] + subnets = ptg['policy_target_group']['subnets'] self.assertIsNotNone(subnets) self.assertEqual(len(subnets), 1) self.assertEqual(subnet_id, subnets[0]) @@ -180,8 +182,8 @@ class TestEndpointGroup(ResourceMappingTestCase): # TODO(rkukura): Verify explicit subnet was added as # router interface. - # Verify deleting endpoint group does not cleanup subnet. - req = self.new_delete_request('endpoint_groups', epg_id) + # Verify deleting policy_target group does not cleanup subnet. + req = self.new_delete_request('policy_target_groups', ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) req = self.new_show_request('subnets', subnet_id, fmt=self.fmt) @@ -203,7 +205,7 @@ class TestEndpointGroup(ResourceMappingTestCase): req = self.new_show_request('networks', network_id) network = self.deserialize(self.fmt, req.get_response(self.api)) - # Create endpoint group with explicit subnet. + # Create policy_target group with explicit subnet. with contextlib.nested( self.subnet(network=network, cidr='10.10.1.0/24'), self.subnet(network=network, cidr='10.10.2.0/24') @@ -211,14 +213,14 @@ class TestEndpointGroup(ResourceMappingTestCase): subnet1_id = subnet1['subnet']['id'] subnet2_id = subnet2['subnet']['id'] subnets = [subnet1_id] - epg = self.create_endpoint_group(l2_policy_id=l2p_id, - subnets=subnets) - epg_id = epg['endpoint_group']['id'] + ptg = self.create_policy_target_group( + l2_policy_id=l2p_id, subnets=subnets) + ptg_id = ptg['policy_target_group']['id'] # Add subnet. subnets = [subnet1_id, subnet2_id] - data = {'endpoint_group': {'subnets': subnets}} - req = self.new_update_request('endpoint_groups', data, epg_id) + data = {'policy_target_group': {'subnets': subnets}} + req = self.new_update_request('policy_target_groups', data, ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPOk.code) @@ -234,7 +236,7 @@ class TestEndpointGroup(ResourceMappingTestCase): req = self.new_show_request('networks', network_id) network = self.deserialize(self.fmt, req.get_response(self.api)) - # Create endpoint group with explicit subnets. + # Create policy_target group with explicit subnets. with contextlib.nested( self.subnet(network=network, cidr='10.10.1.0/24'), self.subnet(network=network, cidr='10.10.2.0/24') @@ -242,25 +244,25 @@ class TestEndpointGroup(ResourceMappingTestCase): subnet1_id = subnet1['subnet']['id'] subnet2_id = subnet2['subnet']['id'] subnets = [subnet1_id, subnet2_id] - epg = self.create_endpoint_group(l2_policy_id=l2p_id, - subnets=subnets) - epg_id = epg['endpoint_group']['id'] + ptg = self.create_policy_target_group( + l2_policy_id=l2p_id, subnets=subnets) + ptg_id = ptg['policy_target_group']['id'] # Verify removing subnet rejected. - data = {'endpoint_group': {'subnets': [subnet2_id]}} - req = self.new_update_request('endpoint_groups', data, epg_id) + data = {'policy_target_group': {'subnets': [subnet2_id]}} + req = self.new_update_request('policy_target_groups', data, ptg_id) data = self.deserialize(self.fmt, req.get_response(self.ext_api)) - self.assertEqual('EndpointGroupSubnetRemovalNotSupported', + self.assertEqual('PolicyTargetGroupSubnetRemovalNotSupported', data['NeutronError']['type']) def test_subnet_allocation(self): - epg1 = self.create_endpoint_group(name="epg1") - subnets = epg1['endpoint_group']['subnets'] + ptg1 = self.create_policy_target_group(name="ptg1") + subnets = ptg1['policy_target_group']['subnets'] req = self.new_show_request('subnets', subnets[0], fmt=self.fmt) subnet1 = self.deserialize(self.fmt, req.get_response(self.api)) - epg2 = self.create_endpoint_group(name="epg2") - subnets = epg2['endpoint_group']['subnets'] + ptg2 = self.create_policy_target_group(name="ptg2") + subnets = ptg2['policy_target_group']['subnets'] req = self.new_show_request('subnets', subnets[0], fmt=self.fmt) subnet2 = self.deserialize(self.fmt, req.get_response(self.api)) @@ -375,10 +377,12 @@ class NotificationTest(ResourceMappingTestCase): def test_dhcp_notifier(self): with mock.patch.object(dhcp_rpc_agent_api.DhcpAgentNotifyAPI, 'notify') as dhcp_notifier: - epg = self.create_endpoint_group(name="epg1") - epg_id = epg['endpoint_group']['id'] - ep = self.create_endpoint(name="ep1", endpoint_group_id=epg_id) - self.assertEqual(ep['endpoint']['endpoint_group_id'], epg_id) + ptg = self.create_policy_target_group(name="ptg1") + ptg_id = ptg['policy_target_group']['id'] + pt = self.create_policy_target( + name="pt1", policy_target_group_id=ptg_id) + self.assertEqual( + pt['policy_target']['policy_target_group_id'], ptg_id) # REVISIT(rkukura): Check dictionaries for correct id, etc.. dhcp_notifier.assert_any_call(mock.ANY, mock.ANY, "router.create.end") @@ -392,10 +396,12 @@ class NotificationTest(ResourceMappingTestCase): def test_nova_notifier(self): with mock.patch.object(nova.Notifier, 'send_network_change') as nova_notifier: - epg = self.create_endpoint_group(name="epg1") - epg_id = epg['endpoint_group']['id'] - ep = self.create_endpoint(name="ep1", endpoint_group_id=epg_id) - self.assertEqual(ep['endpoint']['endpoint_group_id'], epg_id) + ptg = self.create_policy_target_group(name="ptg1") + ptg_id = ptg['policy_target_group']['id'] + pt = self.create_policy_target( + name="pt1", policy_target_group_id=ptg_id) + self.assertEqual( + pt['policy_target']['policy_target_group_id'], ptg_id) # REVISIT(rkukura): Check dictionaries for correct id, etc.. nova_notifier.assert_any_call("create_router", {}, mock.ANY) nova_notifier.assert_any_call("create_network", {}, mock.ANY) @@ -403,34 +409,37 @@ class NotificationTest(ResourceMappingTestCase): nova_notifier.assert_any_call("create_port", {}, mock.ANY) -# TODO(ivar): We need a UT that verifies that the EP's ports have the default -# SG when there are no contracts involved, that the default SG is properly -# created and shared, and that it has the right content. -class TestContract(ResourceMappingTestCase): +# TODO(ivar): We need a UT that verifies that the PT's ports have the default +# SG when there are no policy_rule_sets involved, that the default SG is +# properly # created and shared, and that it has the right content. +class TestPolicyRuleSet(ResourceMappingTestCase): - def test_contract_creation(self): - # Create contracts - classifier = self.create_policy_classifier(name="class1", - protocol="tcp", direction="out", port_range="50:100") + def test_policy_rule_set_creation(self): + # Create policy_rule_sets + classifier = self.create_policy_classifier( + name="class1", protocol="tcp", direction="out", + port_range="50:100") classifier_id = classifier['policy_classifier']['id'] action = self.create_policy_action(name="action1") action_id = action['policy_action']['id'] action_id_list = [action_id] - policy_rule = self.create_policy_rule(name='pr1', - policy_classifier_id=classifier_id, - policy_actions=action_id_list) + policy_rule = self.create_policy_rule( + name='pr1', policy_classifier_id=classifier_id, + policy_actions=action_id_list) policy_rule_id = policy_rule['policy_rule']['id'] policy_rule_list = [policy_rule_id] - contract = self.create_contract(name="c1", - policy_rules=policy_rule_list) - contract_id = contract['contract']['id'] - epg = self.create_endpoint_group(name="epg1", - provided_contracts={contract_id: None}) - epg_id = epg['endpoint_group']['id'] - ep = self.create_endpoint(name="ep1", endpoint_group_id=epg_id) + policy_rule_set = self.create_policy_rule_set( + name="c1", policy_rules=policy_rule_list) + policy_rule_set_id = policy_rule_set['policy_rule_set']['id'] + ptg = self.create_policy_target_group( + name="ptg1", provided_policy_rule_sets={ + policy_rule_set_id: None}) + ptg_id = ptg['policy_target_group']['id'] + pt = self.create_policy_target( + name="pt1", policy_target_group_id=ptg_id) # verify SG bind to port - port_id = ep['endpoint']['port_id'] + port_id = pt['policy_target']['port_id'] res = self.new_show_request('ports', port_id) port = self.deserialize(self.fmt, res.get_response(self.api)) security_groups = port['port'][ext_sg.SECURITYGROUPS] @@ -438,169 +447,170 @@ class TestContract(ResourceMappingTestCase): # TODO(ivar): we also need to verify that those security groups have the # right rules - def test_consumed_contract(self): - classifier = self.create_policy_classifier(name="class1", - protocol="tcp", direction="in", port_range="20:90") + def test_consumed_policy_rule_set(self): + classifier = self.create_policy_classifier( + name="class1", protocol="tcp", direction="in", port_range="20:90") classifier_id = classifier['policy_classifier']['id'] action = self.create_policy_action(name="action1", action_type=gconst.GP_ACTION_ALLOW) action_id = action['policy_action']['id'] action_id_list = [action_id] - policy_rule = self.create_policy_rule(name='pr1', - policy_classifier_id=classifier_id, - policy_actions=action_id_list) + policy_rule = self.create_policy_rule( + name='pr1', policy_classifier_id=classifier_id, + policy_actions=action_id_list) policy_rule_id = policy_rule['policy_rule']['id'] policy_rule_list = [policy_rule_id] - contract = self.create_contract(name="c1", - policy_rules=policy_rule_list) - contract_id = contract['contract']['id'] - self.create_endpoint_group(name="epg1", - provided_contracts={contract_id: None}) - consumed_epg = self.create_endpoint_group(name="epg2", - consumed_contracts={contract_id: None}) - epg_id = consumed_epg['endpoint_group']['id'] - ep = self.create_endpoint(name="ep2", endpoint_group_id=epg_id) + policy_rule_set = self.create_policy_rule_set( + name="c1", policy_rules=policy_rule_list) + policy_rule_set_id = policy_rule_set['policy_rule_set']['id'] + self.create_policy_target_group( + name="ptg1", provided_policy_rule_sets={policy_rule_set_id: None}) + consumed_ptg = self.create_policy_target_group( + name="ptg2", consumed_policy_rule_sets={policy_rule_set_id: None}) + ptg_id = consumed_ptg['policy_target_group']['id'] + pt = self.create_policy_target( + name="pt2", policy_target_group_id=ptg_id) # verify SG bind to port - port_id = ep['endpoint']['port_id'] + port_id = pt['policy_target']['port_id'] res = self.new_show_request('ports', port_id) port = self.deserialize(self.fmt, res.get_response(self.api)) security_groups = port['port'][ext_sg.SECURITYGROUPS] self.assertEqual(len(security_groups), 2) - # Test update and delete of EPG, how it affects SG mapping - def test_endpoint_group_update(self): - # create two contracts: bind one to an EPG, update with - # adding another one (increase SG count on EP on EPG) - classifier1 = self.create_policy_classifier(name="class1", - protocol="tcp", direction="bi", port_range="30:80") - classifier2 = self.create_policy_classifier(name="class2", - protocol="udp", direction="out", port_range="20:30") + # Test update and delete of PTG, how it affects SG mapping + def test_policy_target_group_update(self): + # create two policy_rule_sets: bind one to an PTG, update with + # adding another one (increase SG count on PT on PTG) + classifier1 = self.create_policy_classifier( + name="class1", protocol="tcp", direction="bi", port_range="30:80") + classifier2 = self.create_policy_classifier( + name="class2", protocol="udp", direction="out", port_range="20:30") classifier1_id = classifier1['policy_classifier']['id'] classifier2_id = classifier2['policy_classifier']['id'] action = self.create_policy_action(name="action1", action_type=gconst.GP_ACTION_ALLOW) action_id = action['policy_action']['id'] action_id_list = [action_id] - policy_rule1 = self.create_policy_rule(name='pr1', - policy_classifier_id=classifier1_id, - policy_actions=action_id_list) - policy_rule2 = self.create_policy_rule(name='pr2', - policy_classifier_id=classifier2_id, - policy_actions=action_id_list) + policy_rule1 = self.create_policy_rule( + name='pr1', policy_classifier_id=classifier1_id, + policy_actions=action_id_list) + policy_rule2 = self.create_policy_rule( + name='pr2', policy_classifier_id=classifier2_id, + policy_actions=action_id_list) policy_rule1_id = policy_rule1['policy_rule']['id'] policy_rule1_list = [policy_rule1_id] policy_rule2_id = policy_rule2['policy_rule']['id'] policy_rule2_list = [policy_rule2_id] - contract1 = self.create_contract(name="c1", - policy_rules=policy_rule1_list) - contract1_id = contract1['contract']['id'] - contract2 = self.create_contract(name="c2", - policy_rules=policy_rule2_list) - contract2_id = contract2['contract']['id'] - epg1 = self.create_endpoint_group(name="epg1", - provided_contracts={contract1_id: None}) - epg2 = self.create_endpoint_group(name="epg2", - consumed_contracts={contract1_id: None}) - epg1_id = epg1['endpoint_group']['id'] - epg2_id = epg2['endpoint_group']['id'] + policy_rule_set1 = self.create_policy_rule_set( + name="c1", policy_rules=policy_rule1_list) + policy_rule_set1_id = policy_rule_set1['policy_rule_set']['id'] + policy_rule_set2 = self.create_policy_rule_set( + name="c2", policy_rules=policy_rule2_list) + policy_rule_set2_id = policy_rule_set2['policy_rule_set']['id'] + ptg1 = self.create_policy_target_group( + name="ptg1", provided_policy_rule_sets={policy_rule_set1_id: None}) + ptg2 = self.create_policy_target_group( + name="ptg2", consumed_policy_rule_sets={policy_rule_set1_id: None}) + ptg1_id = ptg1['policy_target_group']['id'] + ptg2_id = ptg2['policy_target_group']['id'] - # endpoint ep1 now with epg2 consumes contract1_id - ep1 = self.create_endpoint(name="ep1", - endpoint_group_id=epg2_id) - # ep1's port should have 2 SG associated - port_id = ep1['endpoint']['port_id'] + # policy_target pt1 now with ptg2 consumes policy_rule_set1_id + pt1 = self.create_policy_target( + name="pt1", policy_target_group_id=ptg2_id) + # pt1's port should have 2 SG associated + port_id = pt1['policy_target']['port_id'] res = self.new_show_request('ports', port_id) port = self.deserialize(self.fmt, res.get_response(self.api)) security_groups = port['port'][ext_sg.SECURITYGROUPS] self.assertEqual(len(security_groups), 2) - # now add a contract to EPG - # First we update contract2 to be provided by consumed_epg - data = {'endpoint_group': {'provided_contracts': {contract2_id: None}}} - req = self.new_update_request('endpoint_groups', data, epg2_id) + # now add a policy_rule_set to PTG + # First we update policy_rule_set2 to be provided by consumed_ptg + data = {'policy_target_group': + {'provided_policy_rule_sets': {policy_rule_set2_id: None}}} + req = self.new_update_request('policy_target_groups', data, ptg2_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPOk.code) - # set epg1 to provide contract1 and consume contract2 - # contract2 now maps to SG which has epg2's subnet as CIDR on rules - data = {'endpoint_group': {'consumed_contracts': {contract2_id: None}}} - req = self.new_update_request('endpoint_groups', data, epg1_id) + # set ptg1 to provide policy_rule_set1 and consume policy_rule_set2 + # policy_rule_set2 now maps to SG which has ptg2's subnet as CIDR on + # rules + data = {'policy_target_group': + {'consumed_policy_rule_sets': {policy_rule_set2_id: None}}} + req = self.new_update_request('policy_target_groups', data, ptg1_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPOk.code) - port_id = ep1['endpoint']['port_id'] + port_id = pt1['policy_target']['port_id'] res = self.new_show_request('ports', port_id) port = self.deserialize(self.fmt, res.get_response(self.api)) security_groups = port['port'][ext_sg.SECURITYGROUPS] self.assertEqual(len(security_groups), 3) def test_redirect_to_chain(self): - classifier = self.create_policy_classifier(name="class1", - protocol="tcp", direction="in", port_range="20:90") + classifier = self.create_policy_classifier( + name="class1", protocol="tcp", direction="in", port_range="20:90") classifier_id = classifier['policy_classifier']['id'] action = self.create_policy_action( - name="action1", - action_type=gconst.GP_ACTION_REDIRECT, - action_value=uuidutils.generate_uuid()) + name="action1", action_type=gconst.GP_ACTION_REDIRECT, + action_value=uuidutils.generate_uuid()) action_id = action['policy_action']['id'] action_id_list = [action_id] - policy_rule = self.create_policy_rule(name='pr1', - policy_classifier_id=classifier_id, - policy_actions=action_id_list) + policy_rule = self.create_policy_rule( + name='pr1', policy_classifier_id=classifier_id, + policy_actions=action_id_list) policy_rule_id = policy_rule['policy_rule']['id'] policy_rule_list = [policy_rule_id] - contract = self.create_contract(name="c1", - policy_rules=policy_rule_list) - contract_id = contract['contract']['id'] + policy_rule_set = self.create_policy_rule_set( + name="c1", policy_rules=policy_rule_list) + policy_rule_set_id = policy_rule_set['policy_rule_set']['id'] sg_ingress_rule = mock.patch.object( - resource_mapping.ResourceMappingDriver, - '_sg_ingress_rule') + resource_mapping.ResourceMappingDriver, '_sg_ingress_rule') sg_ingress_rule = sg_ingress_rule.start() params = [{'type': 'ip_single', 'name': 'vip', 'value': 'self_subnet'}] nsp = self.create_network_service_policy(network_service_params=params) nsp_id = nsp['network_service_policy']['id'] - self.create_endpoint_group(name="epg1", - provided_contracts={contract_id: None}, - network_service_policy_id=nsp_id) + self.create_policy_target_group( + name="ptg1", provided_policy_rule_sets={policy_rule_set_id: None}, + network_service_policy_id=nsp_id) sg_ingress_rule.assert_called_once_with(mock.ANY, mock.ANY, "tcp", "20:90", mock.ANY, unset=False) create_chain_instance = mock.patch.object( - servicechain_plugin.ServiceChainPlugin, - 'create_servicechain_instance') + servicechain_plugin.ServiceChainPlugin, + 'create_servicechain_instance') create_chain_instance = create_chain_instance.start() chain_instance_id = uuidutils.generate_uuid() create_chain_instance.return_value = {'id': chain_instance_id} - #TODO(Magesh):Add tests which verifies that provide/consumer EPGs - #are set correctly for the SCI + # TODO(Magesh):Add tests which verifies that provide/consumer PTGs + # are set correctly for the SCI with mock.patch.object( resource_mapping.ResourceMappingDriver, '_set_rule_servicechain_instance_mapping') as set_rule: with mock.patch.object(servicechain_db.ServiceChainDbPlugin, 'get_servicechain_spec') as sc_spec_get: sc_spec_get.return_value = {'servicechain_spec': {}} - consumer_epg = self.create_endpoint_group(name="epg2", - consumed_contracts={contract_id: None}) - consumer_epg_id = consumer_epg['endpoint_group']['id'] + consumer_ptg = self.create_policy_target_group( + name="ptg2", + consumed_policy_rule_sets={policy_rule_set_id: None}) + consumer_ptg_id = consumer_ptg['policy_target_group']['id'] set_rule.assert_called_once_with(mock.ANY, policy_rule_id, chain_instance_id) with mock.patch.object(servicechain_plugin.ServiceChainPlugin, 'delete_servicechain_instance'): with mock.patch.object( - resource_mapping.ResourceMappingDriver, - '_get_rule_servicechain_mapping') as get_rule: + resource_mapping.ResourceMappingDriver, + '_get_rule_servicechain_mapping') as get_rule: r_sc_map = resource_mapping.RuleServiceChainInstanceMapping() r_sc_map.rule_id = policy_rule_id r_sc_map.servicechain_instance_id = chain_instance_id get_rule.return_value = r_sc_map get_chain_inst = mock.patch.object( - servicechain_db.ServiceChainDbPlugin, - 'get_servicechain_instance') + servicechain_db.ServiceChainDbPlugin, + 'get_servicechain_instance') get_chain_inst.start() get_chain_inst.return_value = { - "servicechain_instance": { - 'id': chain_instance_id}} + "servicechain_instance": {'id': chain_instance_id}} req = self.new_delete_request( - 'endpoint_groups', - consumer_epg_id) + 'policy_target_groups', consumer_ptg_id) res = req.get_response(self.ext_api) self.assertEqual(res.status_int, webob.exc.HTTPNoContent.code) diff --git a/gbp/neutron/tests/unit/test_extension_group_policy.py b/gbp/neutron/tests/unit/test_extension_group_policy.py index 3c73eef99..d382a2f1d 100644 --- a/gbp/neutron/tests/unit/test_extension_group_policy.py +++ b/gbp/neutron/tests/unit/test_extension_group_policy.py @@ -28,14 +28,14 @@ GP_PLUGIN_BASE_NAME = ( gp.GroupPolicyPluginBase.__module__ + '.' + gp.GroupPolicyPluginBase.__name__) GROUPPOLICY_URI = 'grouppolicy' -ENDPOINTS_URI = GROUPPOLICY_URI + '/' + 'endpoints' -ENDPOINT_GROUPS_URI = GROUPPOLICY_URI + '/' + 'endpoint_groups' +POLICY_TARGETS_URI = GROUPPOLICY_URI + '/' + 'policy_targets' +POLICY_TARGET_GROUPS_URI = GROUPPOLICY_URI + '/' + 'policy_target_groups' L2_POLICIES_URI = GROUPPOLICY_URI + '/' + 'l2_policies' L3_POLICIES_URI = GROUPPOLICY_URI + '/' + 'l3_policies' POLICY_RULES_URI = GROUPPOLICY_URI + '/' + 'policy_rules' POLICY_CLASSIFIERS_URI = GROUPPOLICY_URI + '/' + 'policy_classifiers' POLICY_ACTIONS_URI = GROUPPOLICY_URI + '/' + 'policy_actions' -CONTRACTS_URI = GROUPPOLICY_URI + '/' + 'contracts' +POLICY_RULE_SETS_URI = GROUPPOLICY_URI + '/' + 'policy_rule_sets' NET_SVC_POLICIES_URI = GROUPPOLICY_URI + '/' + 'network_service_policies' @@ -53,204 +53,210 @@ class GroupPolicyExtensionTestCase(test_api_v2_extension.ExtensionTestCase): plural_mappings=plural_mappings) self.instance = self.plugin.return_value - def _test_create_endpoint(self, data, expected_value, default_data=None): + def _test_create_policy_target(self, data, expected_value, + default_data=None): if not default_data: default_data = data - self.instance.create_endpoint.return_value = expected_value - res = self.api.post(_get_path(ENDPOINTS_URI, fmt=self.fmt), + self.instance.create_policy_target.return_value = expected_value + res = self.api.post(_get_path(POLICY_TARGETS_URI, fmt=self.fmt), self.serialize(data), content_type='application/%s' % self.fmt) - self.instance.create_endpoint.assert_called_once_with( - mock.ANY, endpoint=default_data) + self.instance.create_policy_target.assert_called_once_with( + mock.ANY, policy_target=default_data) self.assertEqual(exc.HTTPCreated.code, res.status_int) res = self.deserialize(res) - self.assertIn('endpoint', res) - self.assertEqual(expected_value, res['endpoint']) + self.assertIn('policy_target', res) + self.assertEqual(expected_value, res['policy_target']) - def _get_create_endpoint_default_attrs(self): + def _get_create_policy_target_default_attrs(self): return {'name': '', 'description': ''} - def _get_create_endpoint_attrs(self): - return {'name': 'ep1', 'endpoint_group_id': _uuid(), - 'tenant_id': _uuid(), 'description': 'test endpoint'} + def _get_create_policy_target_attrs(self): + return {'name': 'ep1', 'policy_target_group_id': _uuid(), + 'tenant_id': _uuid(), 'description': 'test policy_target'} - def _get_update_endpoint_attrs(self): + def _get_update_policy_target_attrs(self): return {'name': 'new_name'} - def test_create_endpoint_with_defaults(self): - endpoint_id = _uuid() - data = {'endpoint': {'endpoint_group_id': _uuid(), - 'tenant_id': _uuid()}} - default_attrs = self._get_create_endpoint_default_attrs() + def test_create_policy_target_with_defaults(self): + policy_target_id = _uuid() + data = {'policy_target': {'policy_target_group_id': _uuid(), + 'tenant_id': _uuid()}} + default_attrs = self._get_create_policy_target_default_attrs() default_data = copy.copy(data) - default_data['endpoint'].update(default_attrs) - expected_value = dict(default_data['endpoint']) - expected_value['id'] = endpoint_id + default_data['policy_target'].update(default_attrs) + expected_value = dict(default_data['policy_target']) + expected_value['id'] = policy_target_id - self._test_create_endpoint(data, expected_value, default_data) + self._test_create_policy_target(data, expected_value, default_data) - def test_create_endpoint(self): - endpoint_id = _uuid() - data = {'endpoint': self._get_create_endpoint_attrs()} - expected_value = dict(data['endpoint']) - expected_value['id'] = endpoint_id + def test_create_policy_target(self): + policy_target_id = _uuid() + data = {'policy_target': self._get_create_policy_target_attrs()} + expected_value = dict(data['policy_target']) + expected_value['id'] = policy_target_id - self._test_create_endpoint(data, expected_value) + self._test_create_policy_target(data, expected_value) - def test_list_endpoints(self): - endpoint_id = _uuid() - expected_value = [{'tenant_id': _uuid(), 'id': endpoint_id}] + def test_list_policy_targets(self): + policy_target_id = _uuid() + expected_value = [{'tenant_id': _uuid(), 'id': policy_target_id}] - self.instance.get_endpoints.return_value = expected_value + self.instance.get_policy_targets.return_value = expected_value - res = self.api.get(_get_path(ENDPOINTS_URI, fmt=self.fmt)) + res = self.api.get(_get_path(POLICY_TARGETS_URI, fmt=self.fmt)) - self.instance.get_endpoints.assert_called_once_with( + self.instance.get_policy_targets.assert_called_once_with( mock.ANY, fields=mock.ANY, filters=mock.ANY) self.assertEqual(exc.HTTPOk.code, res.status_int) res = self.deserialize(res) - self.assertIn('endpoints', res) - self.assertEqual(expected_value, res['endpoints']) + self.assertIn('policy_targets', res) + self.assertEqual(expected_value, res['policy_targets']) - def test_get_endpoint(self): - endpoint_id = _uuid() - expected_value = {'tenant_id': _uuid(), 'id': endpoint_id} + def test_get_policy_target(self): + policy_target_id = _uuid() + expected_value = {'tenant_id': _uuid(), 'id': policy_target_id} - self.instance.get_endpoint.return_value = expected_value + self.instance.get_policy_target.return_value = expected_value - res = self.api.get(_get_path(ENDPOINTS_URI, id=endpoint_id, + res = self.api.get(_get_path(POLICY_TARGETS_URI, id=policy_target_id, fmt=self.fmt)) - self.instance.get_endpoint.assert_called_once_with( - mock.ANY, endpoint_id, fields=mock.ANY) + self.instance.get_policy_target.assert_called_once_with( + mock.ANY, policy_target_id, fields=mock.ANY) self.assertEqual(exc.HTTPOk.code, res.status_int) res = self.deserialize(res) - self.assertIn('endpoint', res) - self.assertEqual(expected_value, res['endpoint']) + self.assertIn('policy_target', res) + self.assertEqual(expected_value, res['policy_target']) - def test_update_endpoint(self): - endpoint_id = _uuid() - update_data = {'endpoint': self._get_update_endpoint_attrs()} - expected_value = {'tenant_id': _uuid(), 'id': endpoint_id} + def test_update_policy_target(self): + policy_target_id = _uuid() + update_data = {'policy_target': self._get_update_policy_target_attrs()} + expected_value = {'tenant_id': _uuid(), 'id': policy_target_id} - self.instance.update_endpoint.return_value = expected_value + self.instance.update_policy_target.return_value = expected_value - res = self.api.put(_get_path(ENDPOINTS_URI, id=endpoint_id, + res = self.api.put(_get_path(POLICY_TARGETS_URI, id=policy_target_id, fmt=self.fmt), self.serialize(update_data)) - self.instance.update_endpoint.assert_called_once_with( - mock.ANY, endpoint_id, endpoint=update_data) + self.instance.update_policy_target.assert_called_once_with( + mock.ANY, policy_target_id, policy_target=update_data) self.assertEqual(exc.HTTPOk.code, res.status_int) res = self.deserialize(res) - self.assertIn('endpoint', res) - self.assertEqual(expected_value, res['endpoint']) + self.assertIn('policy_target', res) + self.assertEqual(expected_value, res['policy_target']) - def test_delete_endpoint(self): - self._test_entity_delete('endpoint') + def test_delete_policy_target(self): + self._test_entity_delete('policy_target') - def _test_create_endpoint_group(self, data, expected_value, - default_data=None): + def _test_create_policy_target_group(self, data, expected_value, + default_data=None): if not default_data: default_data = data - self.instance.create_endpoint_group.return_value = expected_value - res = self.api.post(_get_path(ENDPOINT_GROUPS_URI, fmt=self.fmt), + self.instance.create_policy_target_group.return_value = expected_value + res = self.api.post(_get_path(POLICY_TARGET_GROUPS_URI, fmt=self.fmt), self.serialize(data), content_type='application/%s' % self.fmt) - self.instance.create_endpoint_group.assert_called_once_with( - mock.ANY, endpoint_group=default_data) + self.instance.create_policy_target_group.assert_called_once_with( + mock.ANY, policy_target_group=default_data) self.assertEqual(exc.HTTPCreated.code, res.status_int) res = self.deserialize(res) - self.assertIn('endpoint_group', res) - self.assertEqual(expected_value, res['endpoint_group']) + self.assertIn('policy_target_group', res) + self.assertEqual(expected_value, res['policy_target_group']) - def _get_create_endpoint_group_default_attrs(self): + def _get_create_policy_target_group_default_attrs(self): return {'name': '', 'description': '', 'l2_policy_id': None, - 'provided_contracts': {}, 'consumed_contracts': {}, + 'provided_policy_rule_sets': {}, + 'consumed_policy_rule_sets': {}, 'network_service_policy_id': None} - def _get_create_endpoint_group_attrs(self): - return {'name': 'epg1', 'tenant_id': _uuid(), - 'description': 'test endpoint group', 'l2_policy_id': _uuid(), - 'provided_contracts': {_uuid(): None}, - 'consumed_contracts': {_uuid(): None}, + def _get_create_policy_target_group_attrs(self): + return {'name': 'ptg1', 'tenant_id': _uuid(), + 'description': 'test policy_target group', + 'l2_policy_id': _uuid(), + 'provided_policy_rule_sets': {_uuid(): None}, + 'consumed_policy_rule_sets': {_uuid(): None}, 'network_service_policy_id': _uuid()} - def _get_update_endpoint_group_attrs(self): + def _get_update_policy_target_group_attrs(self): return {'name': 'new_name'} - def test_create_endpoint_group_with_defaults(self): - endpoint_group_id = _uuid() - data = {'endpoint_group': {'tenant_id': _uuid()}} - default_attrs = self._get_create_endpoint_group_default_attrs() + def test_create_policy_target_group_with_defaults(self): + policy_target_group_id = _uuid() + data = {'policy_target_group': {'tenant_id': _uuid()}} + default_attrs = self._get_create_policy_target_group_default_attrs() default_data = copy.copy(data) - default_data['endpoint_group'].update(default_attrs) - expected_value = copy.deepcopy(default_data['endpoint_group']) - expected_value['id'] = endpoint_group_id + default_data['policy_target_group'].update(default_attrs) + expected_value = copy.deepcopy(default_data['policy_target_group']) + expected_value['id'] = policy_target_group_id - self._test_create_endpoint_group(data, expected_value, default_data) + self._test_create_policy_target_group(data, expected_value, + default_data) - def test_create_endpoint_group(self): - endpoint_group_id = _uuid() - data = {'endpoint_group': self._get_create_endpoint_group_attrs()} - expected_value = copy.deepcopy(data['endpoint_group']) - expected_value['id'] = endpoint_group_id + def test_create_policy_target_group(self): + policy_target_group_id = _uuid() + data = {'policy_target_group': + self._get_create_policy_target_group_attrs()} + expected_value = copy.deepcopy(data['policy_target_group']) + expected_value['id'] = policy_target_group_id - self._test_create_endpoint_group(data, expected_value) + self._test_create_policy_target_group(data, expected_value) - def test_list_endpoint_groups(self): - endpoint_group_id = _uuid() - expected_value = [{'tenant_id': _uuid(), 'id': endpoint_group_id}] + def test_list_policy_target_groups(self): + policy_target_group_id = _uuid() + expected_value = [{'tenant_id': _uuid(), 'id': policy_target_group_id}] - self.instance.get_endpoint_groups.return_value = expected_value + self.instance.get_policy_target_groups.return_value = expected_value - res = self.api.get(_get_path(ENDPOINT_GROUPS_URI, fmt=self.fmt)) + res = self.api.get(_get_path(POLICY_TARGET_GROUPS_URI, fmt=self.fmt)) - self.instance.get_endpoint_groups.assert_called_once_with( + self.instance.get_policy_target_groups.assert_called_once_with( mock.ANY, fields=mock.ANY, filters=mock.ANY) self.assertEqual(exc.HTTPOk.code, res.status_int) res = self.deserialize(res) - self.assertIn('endpoint_groups', res) - self.assertEqual(expected_value, res['endpoint_groups']) + self.assertIn('policy_target_groups', res) + self.assertEqual(expected_value, res['policy_target_groups']) - def test_get_endpoint_group(self): - endpoint_group_id = _uuid() - expected_value = {'tenant_id': _uuid(), 'id': endpoint_group_id} + def test_get_policy_target_group(self): + policy_target_group_id = _uuid() + expected_value = {'tenant_id': _uuid(), 'id': policy_target_group_id} - self.instance.get_endpoint_group.return_value = expected_value + self.instance.get_policy_target_group.return_value = expected_value - res = self.api.get(_get_path(ENDPOINT_GROUPS_URI, id=endpoint_group_id, + res = self.api.get(_get_path(POLICY_TARGET_GROUPS_URI, + id=policy_target_group_id, fmt=self.fmt)) - self.instance.get_endpoint_group.assert_called_once_with( - mock.ANY, endpoint_group_id, fields=mock.ANY) + self.instance.get_policy_target_group.assert_called_once_with( + mock.ANY, policy_target_group_id, fields=mock.ANY) self.assertEqual(exc.HTTPOk.code, res.status_int) res = self.deserialize(res) - self.assertIn('endpoint_group', res) - self.assertEqual(expected_value, res['endpoint_group']) + self.assertIn('policy_target_group', res) + self.assertEqual(expected_value, res['policy_target_group']) - def test_update_endpoint_group(self): - endpoint_group_id = _uuid() - update_data = {'endpoint_group': - self._get_update_endpoint_group_attrs()} - expected_value = {'tenant_id': _uuid(), 'id': endpoint_group_id} + def test_update_policy_target_group(self): + policy_target_group_id = _uuid() + update_data = {'policy_target_group': + self._get_update_policy_target_group_attrs()} + expected_value = {'tenant_id': _uuid(), 'id': policy_target_group_id} - self.instance.update_endpoint_group.return_value = expected_value + self.instance.update_policy_target_group.return_value = expected_value - res = self.api.put(_get_path(ENDPOINT_GROUPS_URI, - id=endpoint_group_id, fmt=self.fmt), + res = self.api.put(_get_path(POLICY_TARGET_GROUPS_URI, + id=policy_target_group_id, fmt=self.fmt), self.serialize(update_data)) - self.instance.update_endpoint_group.assert_called_once_with( - mock.ANY, endpoint_group_id, endpoint_group=update_data) + self.instance.update_policy_target_group.assert_called_once_with( + mock.ANY, policy_target_group_id, policy_target_group=update_data) self.assertEqual(exc.HTTPOk.code, res.status_int) res = self.deserialize(res) - self.assertIn('endpoint_group', res) - self.assertEqual(expected_value, res['endpoint_group']) + self.assertIn('policy_target_group', res) + self.assertEqual(expected_value, res['policy_target_group']) - def test_delete_endpoint_group(self): - self._test_entity_delete('endpoint_group') + def test_delete_policy_target_group(self): + self._test_entity_delete('policy_target_group') def _test_create_l2_policy(self, data, expected_value, default_data=None): if not default_data: @@ -619,11 +625,8 @@ class GroupPolicyExtensionTestCase(test_api_v2_extension.ExtensionTestCase): res = self.api.get(_get_path(POLICY_CLASSIFIERS_URI, fmt=self.fmt)) - instance.get_policy_classifiers.assert_called_once_with(mock.ANY, - fields= - mock.ANY, - filters= - mock.ANY) + instance.get_policy_classifiers.assert_called_once_with( + mock.ANY, fields=mock.ANY, filters=mock.ANY) self.assertEqual(res.status_int, exc.HTTPOk.code) def test_get_policy_classifier(self): @@ -781,113 +784,114 @@ class GroupPolicyExtensionTestCase(test_api_v2_extension.ExtensionTestCase): def test_delete_policy_rule(self): self._test_entity_delete('policy_action') - def _test_create_contract(self, data, expected_value, default_data=None): + def _test_create_policy_rule_set(self, data, expected_value, + default_data=None): if not default_data: default_data = data - self.instance.create_contract.return_value = expected_value - res = self.api.post(_get_path(CONTRACTS_URI, fmt=self.fmt), + self.instance.create_policy_rule_set.return_value = expected_value + res = self.api.post(_get_path(POLICY_RULE_SETS_URI, fmt=self.fmt), self.serialize(data), content_type='application/%s' % self.fmt) - self.instance.create_contract.assert_called_once_with( - mock.ANY, contract=default_data) + self.instance.create_policy_rule_set.assert_called_once_with( + mock.ANY, policy_rule_set=default_data) self.assertEqual(res.status_int, exc.HTTPCreated.code) res = self.deserialize(res) - self.assertIn('contract', res) - self.assertEqual(expected_value, res['contract']) + self.assertIn('policy_rule_set', res) + self.assertEqual(expected_value, res['policy_rule_set']) - def _get_create_contract_default_attrs(self): + def _get_create_policy_rule_set_default_attrs(self): return {'name': '', 'description': '', - 'child_contracts': [], + 'child_policy_rule_sets': [], 'policy_rules': []} - def _get_create_contract_attrs(self): - return {'name': 'contract1', - 'description': 'test contract', + def _get_create_policy_rule_set_attrs(self): + return {'name': 'policy_rule_set1', + 'description': 'test policy_rule_set', 'tenant_id': _uuid(), - 'child_contracts': [_uuid()], + 'child_policy_rule_sets': [_uuid()], 'policy_rules': [_uuid()]} - def _get_update_contract_attrs(self): + def _get_update_policy_rule_set_attrs(self): return {'name': 'new_name'} - def test_create_contract_with_defaults(self): - contract_id = _uuid() - data = {'contract': {'tenant_id': _uuid()}} - default_attrs = self._get_create_contract_default_attrs() + def test_create_policy_rule_set_with_defaults(self): + policy_rule_set_id = _uuid() + data = {'policy_rule_set': {'tenant_id': _uuid()}} + default_attrs = self._get_create_policy_rule_set_default_attrs() default_data = copy.copy(data) - default_data['contract'].update(default_attrs) - expected_value = dict(default_data['contract']) - expected_value['id'] = contract_id + default_data['policy_rule_set'].update(default_attrs) + expected_value = dict(default_data['policy_rule_set']) + expected_value['id'] = policy_rule_set_id - self._test_create_contract(data, expected_value, default_data) + self._test_create_policy_rule_set(data, expected_value, default_data) - def test_create_contract(self): - contract_id = _uuid() - data = {'contract': - self._get_create_contract_attrs()} - expected_value = dict(data['contract']) - expected_value['id'] = contract_id + def test_create_policy_rule_set(self): + policy_rule_set_id = _uuid() + data = {'policy_rule_set': + self._get_create_policy_rule_set_attrs()} + expected_value = dict(data['policy_rule_set']) + expected_value['id'] = policy_rule_set_id - self._test_create_contract(data, expected_value) + self._test_create_policy_rule_set(data, expected_value) - def test_list_contracts(self): - contract_id = _uuid() + def test_list_policy_rule_sets(self): + policy_rule_set_id = _uuid() expected_value = [{'tenant_id': _uuid(), - 'id': contract_id}] + 'id': policy_rule_set_id}] instance = self.plugin.return_value - instance.get_contracts.return_value = expected_value + instance.get_policy_rule_sets.return_value = expected_value - res = self.api.get(_get_path(CONTRACTS_URI, fmt=self.fmt)) + res = self.api.get(_get_path(POLICY_RULE_SETS_URI, fmt=self.fmt)) - instance.get_contracts.assert_called_once_with(mock.ANY, - fields=mock.ANY, - filters=mock.ANY) + instance.get_policy_rule_sets.assert_called_once_with( + mock.ANY, fields=mock.ANY, filters=mock.ANY) self.assertEqual(res.status_int, exc.HTTPOk.code) - def test_get_contract(self): - contract_id = _uuid() + def test_get_policy_rule_set(self): + policy_rule_set_id = _uuid() expected_value = {'tenant_id': _uuid(), - 'id': contract_id} + 'id': policy_rule_set_id} instance = self.plugin.return_value - instance.get_contract.return_value = expected_value + instance.get_policy_rule_set.return_value = expected_value - res = self.api.get(_get_path(CONTRACTS_URI, - id=contract_id, fmt=self.fmt)) + res = self.api.get(_get_path(POLICY_RULE_SETS_URI, + id=policy_rule_set_id, fmt=self.fmt)) - instance.get_contract.assert_called_once_with( - mock.ANY, contract_id, fields=mock.ANY) + instance.get_policy_rule_set.assert_called_once_with( + mock.ANY, policy_rule_set_id, fields=mock.ANY) self.assertEqual(res.status_int, exc.HTTPOk.code) res = self.deserialize(res) - self.assertIn('contract', res) - self.assertEqual(expected_value, res['contract']) + self.assertIn('policy_rule_set', res) + self.assertEqual(expected_value, res['policy_rule_set']) - def test_update_contract(self): - contract_id = _uuid() - update_data = {'contract': - self._get_update_contract_attrs()} + def test_update_policy_rule_set(self): + policy_rule_set_id = _uuid() + update_data = {'policy_rule_set': + self._get_update_policy_rule_set_attrs()} expected_value = {'tenant_id': _uuid(), - 'id': contract_id} + 'id': policy_rule_set_id} instance = self.plugin.return_value - instance.update_contract.return_value = expected_value + instance.update_policy_rule_set.return_value = expected_value - res = self.api.put(_get_path(CONTRACTS_URI, id=contract_id, + res = self.api.put(_get_path(POLICY_RULE_SETS_URI, + id=policy_rule_set_id, fmt=self.fmt), self.serialize(update_data)) - instance.update_contract.assert_called_once_with( - mock.ANY, contract_id, contract=update_data) + instance.update_policy_rule_set.assert_called_once_with( + mock.ANY, policy_rule_set_id, policy_rule_set=update_data) self.assertEqual(res.status_int, exc.HTTPOk.code) res = self.deserialize(res) - self.assertIn('contract', res) - self.assertEqual(expected_value, res['contract']) + self.assertIn('policy_rule_set', res) + self.assertEqual(expected_value, res['policy_rule_set']) - def test_delete_contract(self): - self._test_entity_delete('contract') + def test_delete_policy_rule_set(self): + self._test_entity_delete('policy_rule_set') def _test_create_network_service_policy( self, data, expected_value, default_data=None): diff --git a/gbp/neutron/tests/unit/test_extension_group_policy_mapping.py b/gbp/neutron/tests/unit/test_extension_group_policy_mapping.py index 55e42b48c..0196ba0c0 100644 --- a/gbp/neutron/tests/unit/test_extension_group_policy_mapping.py +++ b/gbp/neutron/tests/unit/test_extension_group_policy_mapping.py @@ -27,10 +27,10 @@ class GroupPolicyMappingExtTestCase(tgp.GroupPolicyExtensionTestCase): super(tgp.GroupPolicyExtensionTestCase, self).setUp() attr_map = gp.RESOURCE_ATTRIBUTE_MAP - attr_map[gp.ENDPOINTS].update( - gpm.EXTENDED_ATTRIBUTES_2_0[gp.ENDPOINTS]) - attr_map[gp.ENDPOINT_GROUPS].update( - gpm.EXTENDED_ATTRIBUTES_2_0[gp.ENDPOINT_GROUPS]) + attr_map[gp.POLICY_TARGETS].update( + gpm.EXTENDED_ATTRIBUTES_2_0[gp.POLICY_TARGETS]) + attr_map[gp.POLICY_TARGET_GROUPS].update( + gpm.EXTENDED_ATTRIBUTES_2_0[gp.POLICY_TARGET_GROUPS]) attr_map[gp.L2_POLICIES].update( gpm.EXTENDED_ATTRIBUTES_2_0[gp.L2_POLICIES]) attr_map[gp.L3_POLICIES].update( @@ -48,33 +48,33 @@ class GroupPolicyMappingExtTestCase(tgp.GroupPolicyExtensionTestCase): def _restore_gp_attr_map(self): gp.RESOURCE_ATTRIBUTE_MAP = self._saved_gp_attr_map - def _get_create_endpoint_default_attrs(self): + def _get_create_policy_target_default_attrs(self): attrs = (super(GroupPolicyMappingExtTestCase, self). - _get_create_endpoint_default_attrs()) + _get_create_policy_target_default_attrs()) attrs.update({'port_id': None}) return attrs - def _get_create_endpoint_attrs(self): + def _get_create_policy_target_attrs(self): attrs = (super(GroupPolicyMappingExtTestCase, self). - _get_create_endpoint_attrs()) + _get_create_policy_target_attrs()) attrs.update({'port_id': tgp._uuid()}) return attrs - def _get_create_endpoint_group_default_attrs(self): + def _get_create_policy_target_group_default_attrs(self): attrs = (super(GroupPolicyMappingExtTestCase, self). - _get_create_endpoint_group_default_attrs()) + _get_create_policy_target_group_default_attrs()) attrs.update({'subnets': []}) return attrs - def _get_create_endpoint_group_attrs(self): + def _get_create_policy_target_group_attrs(self): attrs = (super(GroupPolicyMappingExtTestCase, self). - _get_create_endpoint_group_attrs()) + _get_create_policy_target_group_attrs()) attrs.update({'subnets': [tgp._uuid()]}) return attrs - def _get_update_endpoint_group_attrs(self): + def _get_update_policy_target_group_attrs(self): attrs = (super(GroupPolicyMappingExtTestCase, self). - _get_update_endpoint_group_attrs()) + _get_update_policy_target_group_attrs()) attrs.update({'subnets': [tgp._uuid()]}) return attrs diff --git a/gbp/neutron/tests/unit/test_extension_servicechain.py b/gbp/neutron/tests/unit/test_extension_servicechain.py index eecc39697..c32913cbe 100644 --- a/gbp/neutron/tests/unit/test_extension_servicechain.py +++ b/gbp/neutron/tests/unit/test_extension_servicechain.py @@ -87,9 +87,9 @@ class ServiceChainExtensionTestCase(test_api_v2_extension.ExtensionTestCase): servicechain_node_id = _uuid() data = { 'servicechain_node': { - 'service_type': 'FIREWALL', - 'tenant_id': _uuid(), - 'config': 'test_config' + 'service_type': 'FIREWALL', + 'tenant_id': _uuid(), + 'config': 'test_config' } } default_attrs = self._get_create_servicechain_node_default_attrs() @@ -127,8 +127,7 @@ class ServiceChainExtensionTestCase(test_api_v2_extension.ExtensionTestCase): def test_get_servicechain_node(self): servicechain_node_id = _uuid() expected_value = { - 'tenant_id': _uuid(), 'id': servicechain_node_id - } + 'tenant_id': _uuid(), 'id': servicechain_node_id} self.instance.get_servicechain_node.return_value = expected_value res = self.api.get(_get_path(SERVICECHAIN_NODES_URI, @@ -207,8 +206,7 @@ class ServiceChainExtensionTestCase(test_api_v2_extension.ExtensionTestCase): servicechain_spec_id = _uuid() data = { 'servicechain_spec': { - 'nodes': [_uuid(), _uuid()], - 'tenant_id': _uuid() + 'nodes': [_uuid(), _uuid()], 'tenant_id': _uuid() } } default_attrs = self._get_create_servicechain_spec_default_attrs() @@ -287,7 +285,7 @@ class ServiceChainExtensionTestCase(test_api_v2_extension.ExtensionTestCase): if not default_data: default_data = data self.instance.create_servicechain_instance.return_value = ( - expected_value) + expected_value) res = self.api.post(_get_path(SERVICECHAIN_INSTANCES_URI, fmt=self.fmt), self.serialize(data), @@ -308,8 +306,8 @@ class ServiceChainExtensionTestCase(test_api_v2_extension.ExtensionTestCase): 'name': 'servicechaininstance1', 'servicechain_spec': _uuid(), 'tenant_id': _uuid(), - 'provider_epg': _uuid(), - 'consumer_epg': _uuid(), + 'provider_ptg': _uuid(), + 'consumer_ptg': _uuid(), 'classifier': _uuid(), 'config_param_values': "{}", 'description': 'test servicechain instance' @@ -325,12 +323,12 @@ class ServiceChainExtensionTestCase(test_api_v2_extension.ExtensionTestCase): servicechain_instance_id = _uuid() data = { 'servicechain_instance': { - 'servicechain_spec': _uuid(), - 'tenant_id': _uuid(), - 'provider_epg': _uuid(), - 'consumer_epg': _uuid(), - 'classifier': _uuid() - } + 'servicechain_spec': _uuid(), + 'tenant_id': _uuid(), + 'provider_ptg': _uuid(), + 'consumer_ptg': _uuid(), + 'classifier': _uuid() + } } default_attrs = self._get_create_servicechain_instance_default_attrs() default_data = copy.copy(data) @@ -387,7 +385,7 @@ class ServiceChainExtensionTestCase(test_api_v2_extension.ExtensionTestCase): self._get_update_servicechain_instance_attrs()} expected_value = {'tenant_id': _uuid(), 'id': servicechain_instance_id} self.instance.update_servicechain_instance.return_value = ( - expected_value) + expected_value) res = self.api.put(_get_path(SERVICECHAIN_INSTANCES_URI, id=servicechain_instance_id,