NSXT LB: initialize client, server SSL profiles

During first init, the plugin creates client and server SSL profiles. However, these aren't preserved within the plugin - they'll be retrieved after the plugin is restarted. Therefore on the initial execution, creation of HTTPS listeners will fail. Change-Id: I685e5f7c3589f8e79e99f3a627bd595ba66eff33
2019-05-02 12:54:14 +03:00 · 2019-05-02 12:54:14 +03:00 · 7ebfa76139
parent 011f195599
commit 7ebfa76139
1 changed files with 14 additions and 19 deletions
--- a/vmware_nsx/plugins/nsx_v3/plugin.py
+++ b/vmware_nsx/plugins/nsx_v3/plugin.py
@ -700,34 +700,29 @@ class NsxV3Plugin(nsx_plugin_common.NsxPluginV3Base,
        return self._mac_learning_disabled_profile

    def _init_lb_profiles(self):
+        ssl_c_prof_client = self.nsxlib.load_balancer.client_ssl_profile
+        ssl_s_prof_client = self.nsxlib.load_balancer.server_ssl_profile
        with locking.LockManager.get_lock('nsxv3_lb_profiles_init'):
-            lb_profiles = self._get_lb_profiles()
-            if not lb_profiles.get('client_ssl_profile'):
-                self.nsxlib.load_balancer.client_ssl_profile.create(
+            if not self.client_ssl_profile:
+                profile = ssl_c_prof_client.find_by_display_name(
+                    NSX_V3_CLIENT_SSL_PROFILE)
+            if not profile:
+                profile = ssl_c_prof_client.create(
                    NSX_V3_CLIENT_SSL_PROFILE,
                    'Neutron LB Client SSL Profile',
                    tags=self.nsxlib.build_v3_api_version_tag())
-            if not lb_profiles.get('server_ssl_profile'):
-                self.nsxlib.load_balancer.server_ssl_profile.create(
+            self.client_ssl_profile = profile[0]['id'] if profile else None
+
+            if not self.server_ssl_profile:
+                profile = ssl_s_prof_client.find_by_display_name(
+                    NSX_V3_SERVER_SSL_PROFILE)
+            if not profile:
+                profile = self.nsxlib.load_balancer.server_ssl_profile.create(
                    NSX_V3_SERVER_SSL_PROFILE,
                    'Neutron LB Server SSL Profile',
                    tags=self.nsxlib.build_v3_api_version_tag())
-
-    def _get_lb_profiles(self):
-        if not self.client_ssl_profile:
-            ssl_profile_client = self.nsxlib.load_balancer.client_ssl_profile
-            profile = ssl_profile_client.find_by_display_name(
-                NSX_V3_CLIENT_SSL_PROFILE)
-            self.client_ssl_profile = profile[0]['id'] if profile else None
-        if not self.server_ssl_profile:
-            ssl_profile_client = self.nsxlib.load_balancer.server_ssl_profile
-            profile = ssl_profile_client.find_by_display_name(
-                NSX_V3_SERVER_SSL_PROFILE)
            self.server_ssl_profile = profile[0]['id'] if profile else None

-        return {'client_ssl_profile': self.client_ssl_profile,
-                'server_ssl_profile': self.server_ssl_profile}
-
    def _get_port_security_profile_id(self):
        return self.nsxlib.switching_profile.build_switch_profile_ids(
            self.nsxlib.switching_profile, self._psec_profile)[0]