Browse Source

NSX|V: Add configuration validation

For each availability zone, check that all the resources in the configuration
and connected on teh NSX

Change-Id: I60551294c4f2d1d9d43032ac64468e5915e1f09d
changes/07/679007/1
Adit Sarfaty 1 month ago
parent
commit
a14b8a6f32

+ 5
- 0
vmware_nsx/common/utils.py View File

@@ -110,6 +110,11 @@ def is_nsxv_version_6_3(nsx_version):
110 110
             version.LooseVersion('6.3'))
111 111
 
112 112
 
113
+def is_nsxv_version_6_4_6(nsx_version):
114
+    return (version.LooseVersion(nsx_version) >=
115
+            version.LooseVersion('6.4.6'))
116
+
117
+
113 118
 def is_nsxv_dhcp_binding_supported(nsx_version):
114 119
     return ((version.LooseVersion(nsx_version) >=
115 120
              version.LooseVersion('6.3.3')) or

+ 97
- 0
vmware_nsx/plugins/nsx_v/availability_zones.py View File

@@ -14,13 +14,16 @@
14 14
 #    under the License.
15 15
 
16 16
 from oslo_config import cfg
17
+from oslo_log import log as logging
17 18
 
18 19
 from vmware_nsx._i18n import _
19 20
 from vmware_nsx.common import availability_zones as common_az
20 21
 from vmware_nsx.common import config
21 22
 from vmware_nsx.common import exceptions as nsx_exc
23
+from vmware_nsx.common import utils as c_utils
22 24
 
23 25
 DEFAULT_NAME = common_az.DEFAULT_NAME
26
+LOG = logging.getLogger(__name__)
24 27
 
25 28
 
26 29
 class NsxVAvailabilityZone(common_az.ConfiguredAvailabilityZone):
@@ -207,6 +210,92 @@ class NsxVAvailabilityZone(common_az.ConfiguredAvailabilityZone):
207 210
         # If False - it uses the global metadata (if defined)
208 211
         return self.az_metadata_support
209 212
 
213
+    def _validate_opt_connectivity(self, cluster_info, cluster_field,
214
+                                   az_value):
215
+        for obj in cluster_info.get(cluster_field, []):
216
+            if obj['id'] == az_value:
217
+                return True
218
+        return False
219
+
220
+    def validate_az_connectivity(self, vcns):
221
+        info = vcns.get_tz_connectivity_info(self.vdn_scope_id)
222
+        if not info or not info.get('clustersInfo'):
223
+            LOG.warning("Couldn't get TZ %s connectivity information to "
224
+                        "validate the configuration", self.vdn_scope_id)
225
+            return
226
+
227
+        LOG.info("Validating connectivity of availability zone %s With TZ %s, "
228
+                 "clusters %s, DVS %s external net %s and mdproxy net %s",
229
+                 self.name, self.vdn_scope_id, cfg.CONF.nsxv.cluster_moid,
230
+                 self.dvs_id, self.external_network, self.mgt_net_moid)
231
+
232
+        # Look for each configured cluster
233
+        for configured_cluster in cfg.CONF.nsxv.cluster_moid:
234
+            found_cluster = False
235
+            for cluster_info in info['clustersInfo']:
236
+                if cluster_info.get('clusterId') == configured_cluster:
237
+                    found_cluster = True
238
+                    # Validate the external network:
239
+                    external_net_standard = self._validate_opt_connectivity(
240
+                        cluster_info, 'standardNetworks',
241
+                        self.external_network)
242
+                    external_net_portgroup = self._validate_opt_connectivity(
243
+                        cluster_info, 'distributedVirtualPortGroups',
244
+                        self.external_network)
245
+                    if (not external_net_standard and
246
+                        not external_net_portgroup):
247
+                        raise nsx_exc.NsxInvalidConfiguration(
248
+                            opt_name='external_network',
249
+                            opt_value=self.external_network,
250
+                            reason=(_("Edge cluster %(ec)s in not connected "
251
+                                      "to external network %(val)s in AZ "
252
+                                      "%(az)s") % {
253
+                                    'ec': configured_cluster,
254
+                                    'val': self.external_network,
255
+                                    'az': self.name}))
256
+
257
+                    # Validate mgt_net_moid
258
+                    if self.mgt_net_moid:
259
+                        mgt_net_standard = self._validate_opt_connectivity(
260
+                            cluster_info, 'standardNetworks',
261
+                            self.mgt_net_moid)
262
+                        mgt_net_portgroup = self._validate_opt_connectivity(
263
+                            cluster_info, 'distributedVirtualPortGroups',
264
+                            self.mgt_net_moid)
265
+                        if not mgt_net_standard and not mgt_net_portgroup:
266
+                            raise nsx_exc.NsxInvalidConfiguration(
267
+                                opt_name='mgt_net_moid',
268
+                                opt_value=self.mgt_net_moid,
269
+                                reason=(_("Edge cluster %(ec)s in not "
270
+                                          "connected to mgt_net_moid %(val)s "
271
+                                          "in AZ %(az)s") % {
272
+                                        'ec': configured_cluster,
273
+                                        'val': self.mgt_net_moid,
274
+                                        'az': self.name}))
275
+
276
+                    # Validate DVS
277
+                    if self.dvs_id and not self._validate_opt_connectivity(
278
+                        cluster_info, 'distributedVirtualSwitches',
279
+                        self.dvs_id):
280
+                        raise nsx_exc.NsxInvalidConfiguration(
281
+                            opt_name='dvs_id', opt_value=self.dvs_id,
282
+                            reason=(_("Edge cluster %(ec)s in not connected "
283
+                                      "to dvs_id %(val)s in AZ %(az)s") % {
284
+                                    'ec': configured_cluster,
285
+                                    'val': self.dvs_id,
286
+                                    'az': self.name}))
287
+                    break
288
+
289
+            # Didn't find the edge cluster
290
+            if not found_cluster:
291
+                raise nsx_exc.NsxInvalidConfiguration(
292
+                    opt_name='vdn_scope_id', opt_value=self.vdn_scope_id,
293
+                    reason=(_("Edge cluster %(ec)s in not connected "
294
+                              "to vdn_scope_id %(val)s in AZ %(az)s") % {
295
+                            'ec': configured_cluster,
296
+                            'val': self.vdn_scope_id,
297
+                            'az': self.name}))
298
+
210 299
 
211 300
 class NsxVAvailabilityZones(common_az.ConfiguredAvailabilityZones):
212 301
 
@@ -266,3 +355,11 @@ class NsxVAvailabilityZones(common_az.ConfiguredAvailabilityZones):
266 355
 
267 356
     def get_additional_dvs_ids(self):
268 357
         return self.get_unique_non_default_param("dvs_id")
358
+
359
+    def validate_connectivity(self, vcns):
360
+        if (not c_utils.is_nsxv_version_6_4_6(vcns.get_version()) or
361
+            not cfg.CONF.nsxv.cluster_moid):
362
+            return
363
+
364
+        for az in self.list_availability_zones_objects():
365
+            az.validate_az_connectivity(vcns)

+ 3
- 0
vmware_nsx/plugins/nsx_v/plugin.py View File

@@ -5047,6 +5047,9 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
5047 5047
         if cfg.CONF.nsxv.vdr_transit_network:
5048 5048
             edge_utils.validate_vdr_transit_network()
5049 5049
 
5050
+        # Validate configuration connectivity per AZ
5051
+        self._availability_zones_data.validate_connectivity(self.nsx_v.vcns)
5052
+
5050 5053
     def _nsx_policy_is_hidden(self, policy):
5051 5054
         for attrib in policy.get('extendedAttributes', []):
5052 5055
             if (attrib['name'].lower() == 'ishidden' and

+ 6
- 0
vmware_nsx/plugins/nsx_v/vshield/vcns.py View File

@@ -51,6 +51,7 @@ EXCLUDELIST_PREFIX = '/api/2.1/app/excludelist'
51 51
 SERVICE_INSERTION_PROFILE_PREFIX = '/api/2.0/si/serviceprofile'
52 52
 SECURITY_POLICY_PREFIX = '/api/2.0/services/policy/securitypolicy'
53 53
 APPLICATION_PREFIX = '%s/%s' % (SERVICES_PREFIX, 'application')
54
+TZ_CONNECTIVITY_PREFIX = '/api/4.0/edges/transportzonenetworks'
54 55
 
55 56
 #LbaaS Constants
56 57
 LOADBALANCER_SERVICE = "loadbalancer/config"
@@ -1206,3 +1207,8 @@ class Vcns(object):
1206 1207
 
1207 1208
     def get_application_id(self, name):
1208 1209
         return self._globalobjects_lookup(name, use_cache=True)
1210
+
1211
+    def get_tz_connectivity_info(self, vdn_scope_id):
1212
+        uri = '%s/%s' % (TZ_CONNECTIVITY_PREFIX, vdn_scope_id)
1213
+        h, info = self.do_request(HTTP_GET, uri, decode=True)
1214
+        return info

+ 9
- 1
vmware_nsx/tests/unit/nsx_v/vshield/fake_vcns.py View File

@@ -1221,7 +1221,7 @@ class FakeVcns(object):
1221 1221
         return True
1222 1222
 
1223 1223
     def get_version(self):
1224
-        return '6.2.3'
1224
+        return '6.4.6'
1225 1225
 
1226 1226
     def get_tuning_configuration(self):
1227 1227
         return {
@@ -1628,3 +1628,11 @@ class FakeVcns(object):
1628 1628
 
1629 1629
     def get_application_id(self, name):
1630 1630
         return 'application-123'
1631
+
1632
+    def get_tz_connectivity_info(self, vdn_scope_id):
1633
+        return {'clustersInfo': [{
1634
+            'clusterId': 'fake_cluster_moid',
1635
+            'standardNetworks': [{'id': 'fake_net'}],
1636
+            'distributedVirtualPortGroups': [{'id': 'net-1'}],
1637
+            'distributedVirtualSwitches': [{'id': 'fake_dvs_id'}],
1638
+        }]}

+ 2
- 0
vmware_nsx/tests/unit/test_utils.py View File

@@ -30,6 +30,8 @@ def override_nsx_ini_test():
30 30
     cfg.CONF.set_override("vdn_scope_id", "fake_vdn_scope_id",
31 31
                           group="nsxv")
32 32
     cfg.CONF.set_override("dvs_id", "fake_dvs_id", group="nsxv")
33
+    cfg.CONF.set_override("cluster_moid", "fake_cluster_moid", group="nsxv")
34
+    cfg.CONF.set_override("external_network", "fake_net", group="nsxv")
33 35
 
34 36
 
35 37
 def override_nsx_ini_full_test():

Loading…
Cancel
Save