[apic_aim] Map neutron resources to AIM, part 3

Implements an L3 service plugin, apic_aim_l3, that, in conjunction
with the apic_aim mechanism driver, maps each Neutron router to an AIM
Contract and ContractSubject whose DNs and status are exposed via
extended attributes similar to those on the core Neutron resources. An
"any" Filter and FilterEntry are created per-tenant, and referenced in
this contract, allowing all traffic from EPGs providing and consuming
this contract to be routed.

The add_router_interface and remove_router_interface methods are stubs
that will be implemented in the next patch set. They will manage the
mapping of router interfaces to AIM Subnets, along with having the
default EPGs associated with those interfaces provide and consume the
router's Contract.

The corresponding GBP policy driver's extension is renamed
apic_aim_gbp for consistency with the apic_aim and apic_aim_l3
extensions at the Neutron level, and all extensions are now in the
gbpservice.neutron.extensions module.

The GBP policy driver's unit tests are updated to account for the
Filter and FilterEntry resources created by the mechanism driver.

The apic_aim unit tests wipe the AIM DB in tearDown, and use the
aci_integration_manager branch of the apicapi repo.

The GBP devstack plugin, when ENABLE_APIC_AIM=True, configures neutron
to use the apic_aim_l3 service plugin, and installs the
aci_integration_manager branch of the apicapi repo.

Change-Id: I1b7f0c80e66d55d58c27fe9e4cb461f62aec3c42
(cherry picked from commit e382e7611f)

devstack/lib/apic_aim

@@ -4,6 +4,7 @@ function install_apic_aim {
     install_apic_ml2
     install_aim
     install_opflex
+    install_apicapi
 }
 
 function configure_apic_aim {

devstack/lib/gbp

@@ -28,6 +28,8 @@ APICML2_REPO=http://github.com/noironetworks/apic-ml2-driver.git
 APICML2_DIR=$DEST/apic_ml2
 OPFLEX_REPO=http://github.com/noironetworks/python-opflex-agent.git
 OPFLEX_DIR=$DEST/opflexagent
+APICAPI_REPO=http://github.com/noironetworks/apicapi.git
+APICAPI_DIR=$DEST/apicapi
 
 # Save trace setting
 XTRACE=$(set +o | grep xtrace)
@@ -90,6 +92,14 @@ function install_apic_ml2 {
     mv $APICML2_DIR/_test-requirements.txt $APICML2_DIR/test-requirements.txt
 }
 
+function install_apicapi {
+    git_clone $APICAPI_REPO $APICAPI_DIR $APICAPI_BRANCH
+    mv $APICAPI_DIR/test-requirements.txt $APICAPI_DIR/_test-requirements.txt
+    touch $APICAPI_DIR/setup.cfg
+    setup_develop $APICAPI_DIR
+    mv $APICAPI_DIR/_test-requirements.txt $APICAPI_DIR/test-requirements.txt
+}
+
 
 # Restore xtrace
 $XTRACE

devstack/override-defaults

@@ -9,5 +9,6 @@ if [[ $ENABLE_APIC_AIM = True ]]; then
     Q_ML2_TENANT_NETWORK_TYPE=${Q_ML2_TENANT_NETWORK_TYPE:-opflex}
     Q_ML2_PLUGIN_TYPE_DRIVERS=${Q_ML2_PLUGIN_TYPE_DRIVERS:-local,vlan,opflex}
     Q_ML2_PLUGIN_MECHANISM_DRIVERS=${Q_ML2_PLUGIN_MECHANISM_DRIVERS:-apic_aim}
-    Q_ML2_PLUGIN_EXT_DRIVERS=${Q_ML2_PLUGIN_EXT_DRIVERS-apic_aim,port_security}
+    Q_ML2_PLUGIN_EXT_DRIVERS=${Q_ML2_PLUGIN_EXT_DRIVERS:-apic_aim,port_security}
+    ML2_L3_PLUGIN=${ML2_L3_PLUGIN:-apic_aim_l3}
 fi

devstack/settings

@@ -9,8 +9,9 @@ ENABLE_NFP=${ENABLE_NFP:-False}
 # VM locations
 ConfiguratorQcow2Image=${ConfiguratorQcow2Image:-build}
 
-# Enable necessary Neutron plugins, including group_policy and ncp
-Q_SERVICE_PLUGIN_CLASSES=neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,group_policy,ncp
+# Enable necessary Neutron plugins, including group_policy and ncp (L3
+# is set via ML2_L3_PLUGIN, so isn't listed here).
+Q_SERVICE_PLUGIN_CLASSES=group_policy,ncp
 
 # Preferred git mirror
 GIT_BASE=${GIT_BASE:-https://git.openstack.org}
@@ -27,6 +28,7 @@ GBPHEAT_BRANCH=${GBPHEAT_BRANCH:-stable/mitaka}
 AIM_BRANCH=${AIM_BRANCH:-master}
 APICML2_BRANCH=${APICML2_BRANCH:-stable/mitaka}
 OPFLEX_BRANCH=${OPFLEX_BRANCH:-master}
+APICAPI_BRANCH=${APICAPI_BRANCH:-aci_integration_manager}
 
 # Enable necessary services, including group-policy (and disable others)
 disable_service n-net