V2T migration: Validate direct vnic ports security disabled

Change-Id: I66a8b2efe6d882c5247fdf9b2d118b0212ab31a7
This commit is contained in:
asarfaty 2021-03-10 06:52:39 +02:00
parent 8a50c3d1a6
commit a63d2e9c09
1 changed files with 6 additions and 1 deletions

View File

@ -21,6 +21,7 @@ from oslo_utils import uuidutils
from networking_l2gw.db.l2gateway import l2gateway_models
from neutron.services.qos import qos_plugin
from neutron_lib.api.definitions import allowedaddresspairs as addr_apidef
from neutron_lib.api.definitions import port_security as psec
from neutron_lib.api.definitions import portbindings as pbin
from neutron_lib.api.definitions import provider_net as pnet
from neutron_lib.api import validators
@ -110,7 +111,8 @@ def _validate_ports(plugin, admin_context):
log_error("Compute port %s on external network %s is "
"not allowed." % (port['id'], net_id))
# direct vnic ports are allowed only with vlan networks
# direct vnic ports are allowed only with vlan networks, and port
# security must be disabled
vnic = port.get(pbin.VNIC_TYPE)
if vnic in portbinding.VNIC_TYPES_DIRECT_PASSTHROUGH:
net = plugin.get_network(admin_context, port['network_id'])
@ -119,6 +121,9 @@ def _validate_ports(plugin, admin_context):
log_error("Port %s vnic type %s is not supported "
"with network type %s." % (port['id'],
vnic, net_type))
elif port.get(psec.PORTSECURITY):
log_error("Security features are not supported for port %s "
"with vnic type %s." % (port['id'], vnic))
def _validate_networks(plugin, admin_context, transit_networks):