Integrate with neutron DB engine facade migration

integrate with neutron patch Id3f09b78c8d0a8daa7ec4fa6f5bf79f7d5ab8f8b And also skip new tests added in I99681736d05eefd82bdba72b3866eab9468ef5dd Change-Id: I8b119bc69cc87185ea77646e70135c5984200038
2020-11-23 12:23:45 +02:00 · 2020-11-23 12:23:45 +02:00 · 5da150fcd2
commit 5da150fcd2
parent f6504358f9
14 changed files with 69 additions and 14 deletions
--- a/vmware_nsx/db/extended_security_group.py
+++ b/vmware_nsx/db/extended_security_group.py
@ -28,6 +28,7 @@ from neutron_lib.callbacks import events
 from neutron_lib.callbacks import registry
 from neutron_lib.callbacks import resources
 from neutron_lib import constants as n_constants
+from neutron_lib import context as n_context
 from neutron_lib.db import api as db_api
 from neutron_lib.db import model_base
 from neutron_lib.db import resource_extend
@ -139,7 +140,8 @@ class ExtendedSecurityGroupPropertiesMixin(object):
        sg_res[provider_sg.PROVIDER] = sg_req.get(provider_sg.PROVIDER, False)
        sg_res[sg_policy.POLICY] = sg_req.get(sg_policy.POLICY)

-    def _get_security_group_properties(self, context, security_group_id):
+    @staticmethod
+    def _get_security_group_properties(context, security_group_id):
        with db_api.CONTEXT_READER.using(context):
            try:
                prop = context.session.query(
@ -365,13 +367,21 @@ class ExtendedSecurityGroupPropertiesMixin(object):
    @staticmethod
    @resource_extend.extends([port_def.COLLECTION_NAME])
    def _extend_port_dict_provider_security_group(port_res, port_db):
+        context = n_context.get_admin_context()
        # Add the provider sg list to the port.
        # later we will remove those from the regular sg list
        provider_groups = []
        for sec_group_mapping in port_db.security_groups:
-            if (sec_group_mapping.extended_grp and
-                sec_group_mapping.extended_grp.provider is True):
-                provider_groups.append(sec_group_mapping['security_group_id'])
+            sg_id = sec_group_mapping.security_group_id
+            try:
+                sg_ext = ExtendedSecurityGroupPropertiesMixin.\
+                    _get_security_group_properties(context, sg_id)
+            except ext_sg.SecurityGroupNotFound:
+                pass
+            else:
+                if sg_ext.provider:
+                    provider_groups.append(
+                        sec_group_mapping['security_group_id'])
        port_res[provider_sg.PROVIDER_SECURITYGROUPS] = provider_groups
        return port_res

--- a/vmware_nsx/db/extended_security_group_rule.py
+++ b/vmware_nsx/db/extended_security_group_rule.py
@ -66,6 +66,10 @@ class ExtendedSecurityGroupRuleMixin(object):
        if not rule_specify_local_ip_prefix:
            # remove ATTR_NOT_SPECIFIED
            rule[ext_local_ip.LOCAL_IP_PREFIX] = None
+
+        # remote_address_group_id is not yet supported and might be missing
+        if 'remote_address_group_id' not in rule:
+            rule['remote_address_group_id'] = None
        return rule_specify_local_ip_prefix

    def _process_security_group_rule_properties(self, context,
--- a/vmware_nsx/plugins/nsx_p/plugin.py
+++ b/vmware_nsx/plugins/nsx_p/plugin.py
@ -2602,6 +2602,7 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base):
        # First update the neutron DB
        super(NsxPolicyPlugin, self)._update_router_gw_info(
            context, router_id, info, router=router)
+        router = self._get_router(context, router_id)

        # Get the new tier0 of the updated router (or None if GW was removed)
        new_tier0_uuid = self._get_tier0_uuid_by_router(context, router)
--- a/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py
+++ b/vmware_nsx/plugins/nsx_v/drivers/distributed_router_driver.py
@ -158,6 +158,7 @@ class RouterDistributedDriver(router_driver.RouterBaseDriver):

        super(nsx_v.NsxVPluginV2, self.plugin)._update_router_gw_info(
            context, router_id, info, router=router)
+        router = self.plugin._get_router(context, router_id)

        new_ext_net_id = router.gw_port_id and router.gw_port.network_id
        new_enable_snat = router.enable_snat
--- a/vmware_nsx/plugins/nsx_v/drivers/exclusive_router_driver.py
+++ b/vmware_nsx/plugins/nsx_v/drivers/exclusive_router_driver.py
@ -165,6 +165,7 @@ class RouterExclusiveDriver(router_driver.RouterBaseDriver):

        super(nsx_v.NsxVPluginV2, self.plugin)._update_router_gw_info(
            context, router_id, info, router=router)
+        router = self.plugin._get_router(context, router_id)

        new_ext_net_id = router.gw_port_id and router.gw_port.network_id
        new_enable_snat = router.enable_snat
--- a/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py
+++ b/vmware_nsx/plugins/nsx_v/drivers/shared_router_driver.py
@ -715,6 +715,7 @@ class RouterSharedDriver(router_driver.RouterBaseDriver):
                    context, router))
            super(nsx_v.NsxVPluginV2, self.plugin)._update_router_gw_info(
                context, router_id, info, router=router)
+            router = self.plugin._get_router(context, router_id)
            new_ext_net_id = (router.gw_port_id and
                              router.gw_port.network_id)
            new_enable_snat = router.enable_snat
--- a/vmware_nsx/plugins/nsx_v/plugin.py
+++ b/vmware_nsx/plugins/nsx_v/plugin.py
@ -3773,7 +3773,6 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
                                 'network_id': router.gw_port.network_id,
                                 'updated_port': updated_port
                             }))
-        context.session.expire(router.gw_port)

    def _update_router_gw_info(self, context, router_id, info,
                               is_routes_update=False,
--- a/vmware_nsx/plugins/nsx_v/vshield/edge_utils.py
+++ b/vmware_nsx/plugins/nsx_v/vshield/edge_utils.py
@ -24,6 +24,7 @@ from neutron_lib.api.definitions import extra_dhcp_opt as ext_edo
 from neutron_lib.api import validators
 from neutron_lib import constants
 from neutron_lib import context as q_context
+from neutron_lib.db import api as db_api
 from neutron_lib import exceptions as n_exc
 from neutron_lib.exceptions import l3 as l3_exc
 from oslo_config import cfg
@ -2643,8 +2644,9 @@ class NsxVCallbacks(object):
            if set_errors and context:
                # Set the router status to ERROR
                try:
-                    router_db = self.plugin._get_router(context, router_id)
-                    router_db['status'] = constants.ERROR
+                    with db_api.CONTEXT_WRITER.using(context):
+                        router_db = self.plugin._get_router(context, router_id)
+                        router_db['status'] = constants.ERROR
                except l3_exc.RouterNotFound:
                    # Router might have been deleted before deploy finished
                    LOG.warning("Router %s not found", router_id)
--- a/vmware_nsx/plugins/nsx_v3/plugin.py
+++ b/vmware_nsx/plugins/nsx_v3/plugin.py
@ -1552,7 +1552,8 @@ class NsxV3Plugin(nsx_plugin_common.NsxPluginV3Base,
                raise nsx_exc.NsxPluginException(err_msg=msg)

        if not cfg.CONF.nsx_v3.native_dhcp_metadata:
-            nsx_rpc.handle_port_metadata_access(self, context, neutron_db)
+            with db_api.CONTEXT_WRITER.using(context):
+                nsx_rpc.handle_port_metadata_access(self, context, neutron_db)
        kwargs = {'context': context, 'port': neutron_db}
        registry.notify(resources.PORT, events.AFTER_CREATE, self, **kwargs)
        return port_data
@ -1601,8 +1602,9 @@ class NsxV3Plugin(nsx_plugin_common.NsxPluginV3Base,
        if cfg.CONF.nsx_v3.native_dhcp_metadata:
            self._delete_port_mp_dhcp_binding(context, port)
        else:
-            nsx_rpc.handle_port_metadata_access(self, context, port,
-                                                is_delete=True)
+            with db_api.CONTEXT_WRITER.using(context):
+                nsx_rpc.handle_port_metadata_access(self, context, port,
+                                                    is_delete=True)
        super(NsxV3Plugin, self).delete_port(context, port_id)

    def _get_resource_type_for_device_id(self, device_owner, device_id):
@ -2002,6 +2004,7 @@ class NsxV3Plugin(nsx_plugin_common.NsxPluginV3Base,
        # and we need to make a big change so don't touch it at present.
        super(NsxV3Plugin, self)._update_router_gw_info(
            context, router_id, info, router=router)
+        router = self._get_router(context, router_id)

        new_tier0_uuid = self._get_tier0_uuid_by_router(context, router)
        new_enable_snat = router.enable_snat
--- a/vmware_nsx/tests/unit/extensions/test_metadata.py
+++ b/vmware_nsx/tests/unit/extensions/test_metadata.py
@ -310,6 +310,7 @@ class MetaDataTestCase(object):
    def test_metadata_dhcp_host_route(self):
        self._metadata_setup(config.MetadataModes.INDIRECT)
        subnets = self._list('subnets')['subnets']
+        self.assertEqual(len(subnets), 0)
        with self.subnet() as s:
            with self.port(subnet=s, device_id='1234',
                           device_owner=constants.DEVICE_OWNER_DHCP) as port:
@ -324,5 +325,6 @@ class MetaDataTestCase(object):
            self._delete('ports', port['port']['id'])
            subnets = self._list('subnets')['subnets']
            # Test that route is deleted after dhcp port is removed.
+            self.assertEqual(len(subnets), 1)
            self.assertEqual(len(subnets[0]['host_routes']), 0)
        self._metadata_teardown()
--- a/vmware_nsx/tests/unit/extensions/test_secgroup_rule_local_ip_prefix.py
+++ b/vmware_nsx/tests/unit/extensions/test_secgroup_rule_local_ip_prefix.py
@ -122,12 +122,15 @@ class TestNSXv3ExtendedSGRule(test_nsxv3_plugin.NsxV3PluginTestCaseMixin,
             'project_id': mock.ANY,
             'id': mock.ANY,
             'port_range_min': None,
-             'local_ip_prefix': '239.255.0.0/16',
             'ethertype': 'IPv4',
-             'protocol': u'udp', 'remote_ip_prefix': '10.0.0.0/24',
+             'protocol': u'udp',
             'port_range_max': None,
             'security_group_id': mock.ANY,
-             'remote_group_id': None, 'direction': u'ingress',
+             'remote_group_id': None,
+             'remote_address_group_id': None,
+             'remote_ip_prefix': '10.0.0.0/24',
+             'local_ip_prefix': '239.255.0.0/16',
+             'direction': u'ingress',
             'description': '',
             'standard_attr_id': mock.ANY}]

@ -167,10 +170,11 @@ class TestNSXv3ExtendedSGRule(test_nsxv3_plugin.NsxV3PluginTestCaseMixin,
             'local_ip_prefix': None,
             'ethertype': 'IPv4',
             'protocol': u'udp',
-             'remote_ip_prefix': None,
             'port_range_max': None,
             'security_group_id': mock.ANY,
             'remote_group_id': None,
+             'remote_address_group_id': None,
+             'remote_ip_prefix': None,
             'direction': u'ingress',
             'description': '',
             'standard_attr_id': mock.ANY}]
--- a/vmware_nsx/tests/unit/extensions/test_securitygroup.py
+++ b/vmware_nsx/tests/unit/extensions/test_securitygroup.py
@ -103,3 +103,12 @@ class TestSecurityGroups(test_nsxv3.NsxV3PluginTestCaseMixin,

            except exc.HTTPClientError:
                pass
+
+    def test_create_security_group_rule_remote_address_group_id(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_delete_address_group_in_use(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_create_security_group_rule_multiple_remotes(self):
+        self.skipTest('No support for SG address groups')
--- a/vmware_nsx/tests/unit/nsx_p/test_plugin.py
+++ b/vmware_nsx/tests/unit/nsx_p/test_plugin.py
@ -1502,6 +1502,15 @@ class NsxPTestSecurityGroup(common_v3.FixExternalNetBaseTest,
                del_rule.assert_called_once_with(
                    mock.ANY, rule["security_group_rule"]["id"])

+    def test_create_security_group_rule_remote_address_group_id(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_delete_address_group_in_use(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_create_security_group_rule_multiple_remotes(self):
+        self.skipTest('No support for SG address groups')
+

 class NsxPTestL3ExtensionManager(object):

--- a/vmware_nsx/tests/unit/nsx_v/test_plugin.py
+++ b/vmware_nsx/tests/unit/nsx_v/test_plugin.py
@ -4211,6 +4211,15 @@ class NsxVTestSecurityGroup(ext_sg.TestSecurityGroups,
                del_rule.assert_called_once_with(
                    mock.ANY, rule["security_group_rule"]["id"])

+    def test_create_security_group_rule_remote_address_group_id(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_delete_address_group_in_use(self):
+        self.skipTest('No support for SG address groups')
+
+    def test_create_security_group_rule_multiple_remotes(self):
+        self.skipTest('No support for SG address groups')
+

 class TestVdrTestCase(L3NatTest, L3NatTestCaseBase,
                      test_l3_plugin.L3NatDBIntTestCase,