From 576f67ba06f4fc7ee4c518d9c6e0c99f44e16b32 Mon Sep 17 00:00:00 2001 From: Xuhan Peng Date: Fri, 14 Feb 2014 04:20:01 -0500 Subject: [PATCH] Change firewall to DOWN when admin state down Currently firewall remains in status "ACTIVE" after admin state is changed to DOWN. This fix sets firewall status to "DOWN" if admin state is updated from "UP" to "DOWN". "DOWN" status is used by other network resources so use "DOWN" to keep consistent. Change-Id: If316b114c4df78368b43c2a15a820bb1177b3a54 Closes-Bug: 1279213 --- .../agents/l3reference/firewall_l3_agent.py | 12 ++++-- neutron/services/firewall/fwaas_plugin.py | 4 +- .../l3reference/test_firewall_l3_agent.py | 43 +++++++++++++++++-- 3 files changed, 52 insertions(+), 7 deletions(-) diff --git a/neutron/services/firewall/agents/l3reference/firewall_l3_agent.py b/neutron/services/firewall/agents/l3reference/firewall_l3_agent.py index 75477e8399..f3158c2805 100644 --- a/neutron/services/firewall/agents/l3reference/firewall_l3_agent.py +++ b/neutron/services/firewall/agents/l3reference/firewall_l3_agent.py @@ -129,7 +129,10 @@ class FWaaSL3AgentRpcCallback(api.FWaaSAgentRpcCallbackMixin): self.fwaas_driver.__getattribute__(func_name)( router_info_list, fw) - status = constants.ACTIVE + if fw['admin_state_up']: + status = constants.ACTIVE + else: + status = constants.DOWN except fw_ext.FirewallInternalDriverError: LOG.error(_("Firewall Driver Error for %(func_name)s " "for fw: %(fwid)s"), @@ -137,7 +140,7 @@ class FWaaSL3AgentRpcCallback(api.FWaaSAgentRpcCallbackMixin): status = constants.ERROR # delete needs different handling if func_name == 'delete_firewall': - if status == constants.ACTIVE: + if status in [constants.ACTIVE, constants.DOWN]: self.fwplugin_rpc.firewall_deleted(context, fw['id']) else: self.fwplugin_rpc.set_firewall_status( @@ -174,7 +177,10 @@ class FWaaSL3AgentRpcCallback(api.FWaaSAgentRpcCallbackMixin): # PENDING_UPDATE, PENDING_CREATE, ... try: self.fwaas_driver.update_firewall(router_info_list, fw) - status = constants.ACTIVE + if fw['admin_state_up']: + status = constants.ACTIVE + else: + status = constants.DOWN except fw_ext.FirewallInternalDriverError: LOG.error(_("Firewall Driver Error on fw state %(fwmsg)s " "for fw: %(fwid)s"), diff --git a/neutron/services/firewall/fwaas_plugin.py b/neutron/services/firewall/fwaas_plugin.py index b7b59bbf1d..74b889a28c 100644 --- a/neutron/services/firewall/fwaas_plugin.py +++ b/neutron/services/firewall/fwaas_plugin.py @@ -49,7 +49,9 @@ class FirewallCallbacks(object): LOG.debug(_("set_firewall_status() called")) with context.session.begin(subtransactions=True): fw_db = self.plugin._get_firewall(context, firewall_id) - if status in (const.ACTIVE, const.INACTIVE): + #TODO(xuhanp): Remove INACTIVE status and use DOWN to + # be consistent with other network resources + if status in (const.ACTIVE, const.INACTIVE, const.DOWN): fw_db.status = status return True else: diff --git a/neutron/tests/unit/services/firewall/agents/l3reference/test_firewall_l3_agent.py b/neutron/tests/unit/services/firewall/agents/l3reference/test_firewall_l3_agent.py index d9c6a640ce..77b0b48b01 100644 --- a/neutron/tests/unit/services/firewall/agents/l3reference/test_firewall_l3_agent.py +++ b/neutron/tests/unit/services/firewall/agents/l3reference/test_firewall_l3_agent.py @@ -98,7 +98,8 @@ class TestFwaasL3AgentRpcCallback(base.BaseTestCase): mock_driver.return_value) def test_invoke_driver_for_plugin_api(self): - fake_firewall = {'id': 0, 'tenant_id': 1} + fake_firewall = {'id': 0, 'tenant_id': 1, + 'admin_state_up': True} self.api.plugin_rpc = mock.Mock() with contextlib.nested( mock.patch.object(self.api.plugin_rpc, 'get_routers'), @@ -127,8 +128,43 @@ class TestFwaasL3AgentRpcCallback(base.BaseTestCase): fake_firewall['id'], 'ACTIVE') + def test_invoke_driver_for_plugin_api_admin_state_down(self): + fake_firewall = {'id': 0, 'tenant_id': 1, + 'admin_state_up': False} + self.api.plugin_rpc = mock.Mock() + with contextlib.nested( + mock.patch.object(self.api.plugin_rpc, 'get_routers'), + mock.patch.object(self.api, '_get_router_info_list_for_tenant'), + mock.patch.object(self.api.fwaas_driver, 'update_firewall'), + mock.patch.object(self.api.fwplugin_rpc, + 'get_firewalls_for_tenant'), + mock.patch.object(self.api.fwplugin_rpc, 'set_firewall_status') + ) as ( + mock_get_routers, + mock_get_router_info_list_for_tenant, + mock_driver_update_firewall, + mock_get_firewalls_for_tenant, + mock_set_firewall_status): + + mock_driver_update_firewall.return_value = True + self.api.update_firewall( + context=mock.sentinel.context, + firewall=fake_firewall, host='host') + + mock_get_routers.assert_called_once_with( + mock.sentinel.context) + + mock_get_router_info_list_for_tenant.assert_called_once_with( + mock_get_routers.return_value, fake_firewall['tenant_id']) + + mock_set_firewall_status.assert_called_once_with( + mock.sentinel.context, + fake_firewall['id'], + 'DOWN') + def test_invoke_driver_for_plugin_api_delete(self): - fake_firewall = {'id': 0, 'tenant_id': 1} + fake_firewall = {'id': 0, 'tenant_id': 1, + 'admin_state_up': True} self.api.plugin_rpc = mock.Mock() with contextlib.nested( mock.patch.object(self.api.plugin_rpc, 'get_routers'), @@ -185,7 +221,8 @@ class TestFwaasL3AgentRpcCallback(base.BaseTestCase): def test_process_router_add_fw_update(self): fake_firewall_list = [{'id': 0, 'tenant_id': 1, - 'status': constants.PENDING_UPDATE}] + 'status': constants.PENDING_UPDATE, + 'admin_state_up': True}] fake_router = {'id': 1111, 'tenant_id': 2} self.api.plugin_rpc = mock.Mock() ri = mock.Mock()