From 570181d872281f1c6977b06055f207848cde0f32 Mon Sep 17 00:00:00 2001 From: Dan Wendlandt Date: Thu, 30 Aug 2012 22:21:51 -0700 Subject: [PATCH] fix issues with Nova security groups and Quantum bug #1039400 - make quantumv2/api.py fetch actual DHCP server address, which is needed by firewall layer (otherwise, the gateway IP is incorrectly used and all DHCP traffic is dropped). - add missing call from quantumv2/api.py to the security groups API when a VM is allocated/deallocated. - Add a vif-driver that is a hybrid of the existing Open vswitch + linux bridge drivers, which allows OVS quantum plugins to be compatible with iptables based filtering, in particular, nova security groups. - Also clean-up some docstrings in virt/libvirt/vif.py Change-Id: I7cf5cf09583202a12785b616d18db3ee4bbffee0 --- nova/tests/test_libvirt_vif.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/nova/tests/test_libvirt_vif.py b/nova/tests/test_libvirt_vif.py index 9e5ce24b..ca52f14e 100644 --- a/nova/tests/test_libvirt_vif.py +++ b/nova/tests/test_libvirt_vif.py @@ -154,3 +154,19 @@ class LibvirtVifTestCase(test.TestCase): self.assertEquals(script, "") d.unplug(None, (self.net, self.mapping)) + + def test_quantum_hybrid_driver(self): + d = vif.LibvirtHybridOVSBridgeDriver() + xml = self._get_instance_xml(d) + + doc = etree.fromstring(xml) + ret = doc.findall('./devices/interface') + self.assertEqual(len(ret), 1) + node = ret[0] + self.assertEqual(node.get("type"), "bridge") + br_name = node.find("source").get("bridge") + self.assertEqual(br_name, self.net['bridge']) + mac = node.find("mac").get("address") + self.assertEqual(mac, self.mapping['mac']) + + d.unplug(None, (self.net, self.mapping))