Admin shell: Move ensure_ca_file in nsxv utils module

Ensure this function is always called when initializing clients. Change-Id: Ife36d9dd9e817a2e317de3a9bbf611cfefc6ded6
2021-06-01 10:37:51 -07:00 · 2021-06-01 10:37:51 -07:00 · 7533a7e8a5
parent 867b96eb81
commit 7533a7e8a5
2 changed files with 12 additions and 15 deletions
--- a/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/migration.py
@ -12,7 +12,6 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

-import os
 import sys

 import netaddr
@ -509,17 +508,6 @@ def _validate_l2gw(admin_context):
                      "supported." % (len(l2gws), [l2gw.id for l2gw in l2gws]))


-def _ensure_ca_file():
-    # Ensure CA file is used if /etc/ssl/certs/vcenter.pem exists
-    # otherwise secure connection to vcenter will fail
-    if not cfg.CONF.dvs.ca_file:
-        ca_file_default = "/etc/ssl/certs/vcenter.pem"
-        if os.path.isfile(ca_file_default):
-            LOG.info("ca_file for vCenter unset, defaulting to: %s",
-                     ca_file_default)
-            cfg.CONF.set_override('ca_file', ca_file_default, 'dvs')
-
-
 def _validate_config():
    # General config options / per AZ which are unsupported
    config.register_nsxv_azs(cfg.CONF, cfg.CONF.nsxv.availability_zones)
@ -548,7 +536,6 @@ def validate_config_for_migration(resource, event, trigger, **kwargs):
            transit_networks = [transit_network]
        strict = bool(properties.get('strict', 'false').lower() == 'true')
        out_file = properties.get('summary-file-name')
-    _ensure_ca_file()
    LOG.info("Running migration config validation in %sstrict mode",
             '' if strict else 'non-')

@ -564,7 +551,6 @@ def validate_config_for_migration(resource, event, trigger, **kwargs):
    admin_context = n_context.get_admin_context()

    _validate_config()
-    _ensure_ca_file()

    try:
        with utils.NsxVPluginWrapper() as plugin:
@ -637,7 +623,6 @@ def list_ports_vif_ids(resource, event, trigger, **kwargs):
    admin_context = n_context.get_admin_context()
    table_results = []
    map_results = {}
-    _ensure_ca_file()

    with utils.NsxVPluginWrapper() as plugin:
        neutron_ports = plugin.get_ports(admin_context)
--- a/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py
@ -12,6 +12,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

+import os
 import time
 import xml.etree.ElementTree as et

@ -58,10 +59,21 @@ class NeutronDbClient(object):

 class NsxVPluginWrapper(plugin.NsxVPlugin):

+    def _ensure_ca_file(self):
+        # Ensure CA file is used if /etc/ssl/certs/vcenter.pem exists
+        # otherwise secure connection to vcenter will fail
+        if not cfg.CONF.dvs.ca_file:
+            ca_file_default = "/etc/ssl/certs/vcenter.pem"
+            if os.path.isfile(ca_file_default):
+                LOG.info("ca_file for vCenter unset, defaulting to: %s",
+                        ca_file_default)
+                cfg.CONF.set_override('ca_file', ca_file_default, 'dvs')
+
    def __init__(self):
        config.register_nsxv_azs(cfg.CONF, cfg.CONF.nsxv.availability_zones)
        self.context = neutron_context.get_admin_context()
        self.filters = get_plugin_filters(self.context)
+        self._ensure_ca_file()
        super(NsxVPluginWrapper, self).__init__()
        # Make this the core plugin
        directory.add_plugin('CORE', self)