From 7533a7e8a538adf38030f67791eea44db9eb84c7 Mon Sep 17 00:00:00 2001 From: Salvatore Orlando Date: Tue, 1 Jun 2021 10:37:51 -0700 Subject: [PATCH] Admin shell: Move ensure_ca_file in nsxv utils module Ensure this function is always called when initializing clients. Change-Id: Ife36d9dd9e817a2e317de3a9bbf611cfefc6ded6 --- .../admin/plugins/nsxv/resources/migration.py | 15 --------------- .../shell/admin/plugins/nsxv/resources/utils.py | 12 ++++++++++++ 2 files changed, 12 insertions(+), 15 deletions(-) diff --git a/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py b/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py index 80ff0b4c69..33f1bb41dd 100644 --- a/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py +++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py @@ -12,7 +12,6 @@ # License for the specific language governing permissions and limitations # under the License. -import os import sys import netaddr @@ -509,17 +508,6 @@ def _validate_l2gw(admin_context): "supported." % (len(l2gws), [l2gw.id for l2gw in l2gws])) -def _ensure_ca_file(): - # Ensure CA file is used if /etc/ssl/certs/vcenter.pem exists - # otherwise secure connection to vcenter will fail - if not cfg.CONF.dvs.ca_file: - ca_file_default = "/etc/ssl/certs/vcenter.pem" - if os.path.isfile(ca_file_default): - LOG.info("ca_file for vCenter unset, defaulting to: %s", - ca_file_default) - cfg.CONF.set_override('ca_file', ca_file_default, 'dvs') - - def _validate_config(): # General config options / per AZ which are unsupported config.register_nsxv_azs(cfg.CONF, cfg.CONF.nsxv.availability_zones) @@ -548,7 +536,6 @@ def validate_config_for_migration(resource, event, trigger, **kwargs): transit_networks = [transit_network] strict = bool(properties.get('strict', 'false').lower() == 'true') out_file = properties.get('summary-file-name') - _ensure_ca_file() LOG.info("Running migration config validation in %sstrict mode", '' if strict else 'non-') @@ -564,7 +551,6 @@ def validate_config_for_migration(resource, event, trigger, **kwargs): admin_context = n_context.get_admin_context() _validate_config() - _ensure_ca_file() try: with utils.NsxVPluginWrapper() as plugin: @@ -637,7 +623,6 @@ def list_ports_vif_ids(resource, event, trigger, **kwargs): admin_context = n_context.get_admin_context() table_results = [] map_results = {} - _ensure_ca_file() with utils.NsxVPluginWrapper() as plugin: neutron_ports = plugin.get_ports(admin_context) diff --git a/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py b/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py index 6516a65f1d..6938767145 100644 --- a/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py +++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py @@ -12,6 +12,7 @@ # License for the specific language governing permissions and limitations # under the License. +import os import time import xml.etree.ElementTree as et @@ -58,10 +59,21 @@ class NeutronDbClient(object): class NsxVPluginWrapper(plugin.NsxVPlugin): + def _ensure_ca_file(self): + # Ensure CA file is used if /etc/ssl/certs/vcenter.pem exists + # otherwise secure connection to vcenter will fail + if not cfg.CONF.dvs.ca_file: + ca_file_default = "/etc/ssl/certs/vcenter.pem" + if os.path.isfile(ca_file_default): + LOG.info("ca_file for vCenter unset, defaulting to: %s", + ca_file_default) + cfg.CONF.set_override('ca_file', ca_file_default, 'dvs') + def __init__(self): config.register_nsxv_azs(cfg.CONF, cfg.CONF.nsxv.availability_zones) self.context = neutron_context.get_admin_context() self.filters = get_plugin_filters(self.context) + self._ensure_ca_file() super(NsxVPluginWrapper, self).__init__() # Make this the core plugin directory.add_plugin('CORE', self)