Initializing proxy pool attrs from conf

We had defined the following configuration:
[group_policy_implicit_policy]
...
default_proxy_ip_pool=<cidr>
default_proxy_subnet_prefix_length=<integer>
...

but this was being used only when a L3P was being created
implicitly. Per the bug filed it is desirable to pick up
these config values even when a L3P is explicitly created
(and the proxy group is created internally).

This is now achieved by moving the above config to a new
section:
[group_policy_proxy_group]

This configuration is loaded from the proxy_group externsion
is and the default values are set from the loaded configuration.

And while at it, the default_proxy_subnet_prefix_length is being
increased to 28 to accomodate basic cases for services with
mutiple interfaces, and/or in HA configuration.

Change-Id: Ib955611cbf4516e7502d2b07e5b44589dc95b325
Closes-bug: bug/1535649

gbpservice/neutron/extensions/driver_proxy_group.py

@@ -13,6 +13,7 @@
 from neutron.api import extensions
 from neutron.api.v2 import attributes as attr
 from neutron.common import exceptions as nexc
+from oslo_config import cfg
 
 from gbpservice.neutron.extensions import group_policy as gp
 from gbpservice.neutron.services.grouppolicy.common import exceptions as gp_exc
@@ -22,6 +23,24 @@ PROXY_TYPE_L3 = 'l3'
 DEFAULT_PROXY_TYPE = PROXY_TYPE_L3
 PROXY_GROUP = 'proxy_group'
 
+opts = [
+    cfg.StrOpt('default_proxy_ip_pool',
+               default='192.168.0.0/16',
+               help=_("Proxy IP pool for implicitly created default "
+                      "L3 policies, from which subnets are allocated for "
+                      "policy target groups with proxy_group_id set to a "
+                      "valid value.")),
+    cfg.IntOpt('default_proxy_subnet_prefix_length',
+               default=28,
+               help=_("Proxy Subnet prefix length for implicitly created "
+                      "default L3 polices, controlling size of subnets "
+                      "allocated for policy target groups with proxy_group_id "
+                      "set to a valid value.")),
+]
+
+cfg.CONF.register_opts(opts, "group_policy_proxy_group")
+PROXY_CONF = cfg.CONF.group_policy_proxy_group
+
 
 class ProxyGroupBadRequest(gp_exc.GroupPolicyBadRequest):
     message = _("Invalid input for Proxy Group extension, reason: %(msg)s")
@@ -62,12 +81,14 @@ EXTENDED_ATTRIBUTES_2_0 = {
     gp.L3_POLICIES: {
         'proxy_ip_pool': {'allow_post': True, 'allow_put': False,
                           'validate': {'type:subnet': None},
-                          'default': '192.168.0.0/16', 'is_visible': True},
-        'proxy_subnet_prefix_length': {'allow_post': True, 'allow_put': True,
-                                       'convert_to': attr.convert_to_int,
-                                       # for ipv4 legal values are 2 to 30
-                                       # for ipv6 legal values are 2 to 127
-                                       'default': 29, 'is_visible': True},
+                          'default': PROXY_CONF.default_proxy_ip_pool,
+                          'is_visible': True},
+        'proxy_subnet_prefix_length': {
+            'allow_post': True, 'allow_put': True,
+            'convert_to': attr.convert_to_int,
+            'default': attr.convert_to_int(
+                PROXY_CONF.default_proxy_subnet_prefix_length),
+            'is_visible': True},
         # Proxy IP version is the same as the standard L3 pool ip version
     },
     gp.POLICY_TARGETS: {

gbpservice/neutron/services/grouppolicy/drivers/implicit_policy.py

@@ -45,18 +45,6 @@ opts = [
                help=_("Subnet prefix length for implicitly created default L3 "
                       "polices, controlling size of subnets allocated for "
                       "policy target groups.")),
-    cfg.StrOpt('default_proxy_ip_pool',
-               default='192.168.0.0/16',
-               help=_("Proxy IP pool for implicitly created default "
-                      "L3 policies, from which subnets are allocated for "
-                      "policy target groups with proxy_group_id set to a "
-                      "valid value.")),
-    cfg.IntOpt('default_proxy_subnet_prefix_length',
-               default=29,
-               help=_("Proxy Subnet prefix length for implicitly created "
-                      "default L3 polices, controlling size of subnets "
-                      "allocated for policy target groups with proxy_group_id "
-                      "set to a valid value.")),
     cfg.StrOpt('default_external_segment_name',
                default='default',
                help=_("Name of default External Segment. This will be used "
@@ -101,16 +89,16 @@ class ImplicitPolicyDriver(api.PolicyDriver, local_api.LocalAPI):
     def initialize(self):
         gpip = cfg.CONF.group_policy_implicit_policy
         gpconf = cfg.CONF.group_policy
+        gpproxy = cfg.CONF.group_policy_proxy_group
         self._proxy_group_enabled = (pg_ext.PROXY_GROUP in
                                      gpconf.extension_drivers)
         self._default_l3p_name = gpip.default_l3_policy_name
         self._default_ip_version = gpip.default_ip_version
         self._default_ip_pool = gpip.default_ip_pool
-        self._default_proxy_ip_pool = gpip.default_proxy_ip_pool
         self._default_subnet_prefix_length = gpip.default_subnet_prefix_length
+        self._default_proxy_ip_pool = gpproxy.default_proxy_ip_pool
         self._default_proxy_subnet_prefix_length = (
-            gpip.default_proxy_subnet_prefix_length)
-
+            gpproxy.default_proxy_subnet_prefix_length)
         self._default_es_name = gpip.default_external_segment_name
 
     @log.log

gbpservice/neutron/tests/unit/services/grouppolicy/test_group_proxy_extension.py

@@ -23,7 +23,7 @@ class ExtensionDriverTestCaseMixin(object):
     def test_proxy_group_extension(self):
         l3p = self.create_l3_policy()['l3_policy']
         self.assertEqual('192.168.0.0/16', l3p['proxy_ip_pool'])
-        self.assertEqual(29, l3p['proxy_subnet_prefix_length'])
+        self.assertEqual(28, l3p['proxy_subnet_prefix_length'])
 
         l2p = self.create_l2_policy(l3_policy_id=l3p['id'])['l2_policy']
         ptg = self.create_policy_target_group(
@@ -35,7 +35,7 @@ class ExtensionDriverTestCaseMixin(object):
         # Verify Default L3P pool mapping on show
         l3p = self.show_l3_policy(l3p['id'])['l3_policy']
         self.assertEqual('192.168.0.0/16', l3p['proxy_ip_pool'])
-        self.assertEqual(29, l3p['proxy_subnet_prefix_length'])
+        self.assertEqual(28, l3p['proxy_subnet_prefix_length'])
 
         ptg_proxy = self.create_policy_target_group(
             proxied_group_id=ptg['id'])['policy_target_group']

gbpservice/neutron/tests/unit/services/grouppolicy/test_resource_mapping_proxy_group.py

@@ -182,13 +182,44 @@ class ResourceMappingProxyGroupGBPTestCase(
             self.assertEqual(expected_chain_length, chain_length)
 
 
+class TestProxyGroupSubnetPrefixRMD(ResourceMappingProxyGroupGBPTestCase):
+
+    def setUp(self):
+        config.cfg.CONF.set_override(
+                'default_proxy_subnet_prefix_length', '26',
+                group='group_policy_proxy_group')
+        config.cfg.CONF.set_override(
+                'default_proxy_ip_pool', '192.168.1.0/24',
+                group='group_policy_proxy_group')
+        super(TestProxyGroupSubnetPrefixRMD, self).setUp()
+
+    def test_proxy_group_updated_prefix_length(self):
+        l3p = self.create_l3_policy(ip_pool='11.0.0.0/8')['l3_policy']
+        self.assertEqual('192.168.1.0/24', l3p['proxy_ip_pool'])
+        self.assertEqual(26, l3p['proxy_subnet_prefix_length'])
+
+        l2p = self.create_l2_policy(l3_policy_id=l3p['id'])['l2_policy']
+        ptg = self.create_policy_target_group(
+            l2_policy_id=l2p['id'])['policy_target_group']
+
+        l2p2 = self.create_l2_policy(l3_policy_id=l3p['id'])['l2_policy']
+        ptg_proxy = self.create_policy_target_group(
+            proxied_group_id=ptg['id'],
+            l2_policy_id=l2p2['id'])['policy_target_group']
+
+        subnet = self._get_object('subnets', ptg_proxy['subnets'][0],
+                                  self.api)['subnet']
+        self.assertEqual(str(l3p['proxy_subnet_prefix_length']),
+                         subnet['cidr'].split('/')[1])
+
+
 class TestProxyGroupRMD(ResourceMappingProxyGroupGBPTestCase,
                         test_gp_ext.ExtensionDriverTestCaseMixin):
 
     def test_proxy_group_extension(self):
         l3p = self.create_l3_policy(ip_pool='11.0.0.0/8')['l3_policy']
         self.assertEqual('192.168.0.0/16', l3p['proxy_ip_pool'])
-        self.assertEqual(29, l3p['proxy_subnet_prefix_length'])
+        self.assertEqual(28, l3p['proxy_subnet_prefix_length'])
 
         l2p = self.create_l2_policy(l3_policy_id=l3p['id'])['l2_policy']
         ptg = self.create_policy_target_group(
@@ -200,7 +231,7 @@ class TestProxyGroupRMD(ResourceMappingProxyGroupGBPTestCase,
         # Verify Default L3P pool mapping on show
         l3p = self.show_l3_policy(l3p['id'])['l3_policy']
         self.assertEqual('192.168.0.0/16', l3p['proxy_ip_pool'])
-        self.assertEqual(29, l3p['proxy_subnet_prefix_length'])
+        self.assertEqual(28, l3p['proxy_subnet_prefix_length'])
 
         l2p2 = self.create_l2_policy(l3_policy_id=l3p['id'])['l2_policy']
         ptg_proxy = self.create_policy_target_group(
@@ -452,7 +483,7 @@ class TestL3Policy(ResourceMappingProxyGroupGBPTestCase,
 
     def test_implicit_l3p_proxy_pool(self):
         default_proxy_pool = '192.168.0.0/16'
-        default_proxy_subnet_prefix_length = 29
+        default_proxy_subnet_prefix_length = 28
         l2p = self.create_l2_policy()['l2_policy']
         l3p = self.show_l3_policy(l2p['l3_policy_id'])['l3_policy']
         self.assertEqual(default_proxy_pool, l3p['proxy_ip_pool'])