x/vmware-nsx
Code Issues Proposed changes

Merge "psec profile distributed locking"

Browse Source
This commit is contained in:
Jenkins
2015-10-18 10:56:06 +00:00
committed by Gerrit Code Review
parent 7a180f8143 95342f389c
commit 5b8e132cfb
2 changed files with 18 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
vmware_nsx/plugins/nsx_v3/plugin.py
View File

@@ -59,6 +59,7 @@ from oslo_utils import importutils
from oslo_utils import uuidutils from oslo_utils import uuidutils
from vmware_nsx.common import config # noqa from vmware_nsx.common import config # noqa
from vmware_nsx.common import exceptions as nsx_exc from vmware_nsx.common import exceptions as nsx_exc
from vmware_nsx.common import locking
from vmware_nsx.common import nsx_constants from vmware_nsx.common import nsx_constants
from vmware_nsx.common import utils from vmware_nsx.common import utils
from vmware_nsx.db import db as nsx_db from vmware_nsx.db import db as nsx_db
@@ -194,19 +195,22 @@ class NsxV3Plugin(addr_pair_db.AllowedAddressPairsMixin,
@utils.retry_upon_exception_nsxv3(Exception) @utils.retry_upon_exception_nsxv3(Exception)
def _init_port_security_profile(self): def _init_port_security_profile(self):
# NOTE(boden): potential race cond with distributed plugins
# whereupon a different plugin could create the profile
# after we don't find an existing one and create another
profile = self._get_port_security_profile() profile = self._get_port_security_profile()
if profile: if profile:
return profile return profile
self._switching_profiles.create_spoofguard_profile( with locking.LockManager.get_lock('nsxv3_psec_profile_init'):
NSX_V3_PSEC_PROFILE_NAME, 'Neutron Port Security Profile', # NOTE(boden): double-checked locking pattern
whitelist_ports=True, whitelist_switches=False, profile = self._get_port_security_profile()
tags=utils.build_v3_tags_payload({ if profile:
'id': NSX_V3_PSEC_PROFILE_NAME, return profile
'tenant_id': 'neutron-nsx-plugin'}))
self._switching_profiles.create_spoofguard_profile(
NSX_V3_PSEC_PROFILE_NAME, 'Neutron Port Security Profile',
whitelist_ports=True, whitelist_switches=False,
tags=utils.build_v3_tags_payload({
'id': NSX_V3_PSEC_PROFILE_NAME,
'tenant_id': 'neutron-nsx-plugin'}))
return self._get_port_security_profile() return self._get_port_security_profile()

5
vmware_nsx/tests/unit/nsx_v3/test_plugin.py
View File

@@ -80,6 +80,11 @@ class NsxV3PluginTestCaseMixin(test_plugin.NeutronDbPluginV2TestCase,
if getattr(self.plugin, '_port_client', None): if getattr(self.plugin, '_port_client', None):
self.plugin._port_client._client._session = self.mock_api self.plugin._port_client._client._session = self.mock_api
mocked_locking = mock.patch.object(
nsx_plugin, 'locking', new=mock.Mock())
mocked_locking.start()
self._patchers.append(mocked_locking)
self.maxDiff = None self.maxDiff = None
def tearDown(self): def tearDown(self):