From c06d20e21bbfbd002bf02219f37bff025c727df6 Mon Sep 17 00:00:00 2001
From: Adit Sarfaty <asarfaty@vmware.com>
Date: Tue, 16 Jan 2018 16:09:21 +0200
Subject: [PATCH] TVD AdminUtils: Use only objects from specific plugin
filter get_<>s results in AdminUtils to retirve only the neutron objects
that belong to the nsxv/v3 plugin
Change-Id: I2d0675764c6b10861949c69b2f152e585d790f21
---
vmware_nsx/db/db.py | 5 +++
.../shell/admin/plugins/common/utils.py | 14 ++++++++
.../plugins/nsxv/resources/securitygroups.py | 3 +-
.../admin/plugins/nsxv/resources/utils.py | 35 +++++++++++++++++++
.../admin/plugins/nsxv3/resources/networks.py | 3 +-
.../admin/plugins/nsxv3/resources/ports.py | 10 +++---
.../admin/plugins/nsxv3/resources/routers.py | 25 ++++++-------
.../plugins/nsxv3/resources/securitygroups.py | 4 ++-
.../admin/plugins/nsxv3/resources/utils.py | 19 ++++++++++
9 files changed, 99 insertions(+), 19 deletions(-)
diff --git a/vmware_nsx/db/db.py b/vmware_nsx/db/db.py
index 4a3c8be47e..7b655997aa 100644
--- a/vmware_nsx/db/db.py
+++ b/vmware_nsx/db/db.py
@@ -694,6 +694,11 @@ def get_project_plugin_mappings(session):
return session.query(nsx_models.NsxProjectPluginMapping).all()
+def get_project_plugin_mappings_by_plugin(session, plugin):
+ return session.query(nsx_models.NsxProjectPluginMapping).filter_by(
+ plugin=plugin).all()
+
+
def add_nsx_vpn_connection_mapping(session, neutron_id, session_id,
dpd_profile_id, ike_profile_id,
ipsec_profile_id, peer_ep_id):
diff --git a/vmware_nsx/shell/admin/plugins/common/utils.py b/vmware_nsx/shell/admin/plugins/common/utils.py
index 8da7bb1772..7c6232b2ee 100644
--- a/vmware_nsx/shell/admin/plugins/common/utils.py
+++ b/vmware_nsx/shell/admin/plugins/common/utils.py
@@ -16,6 +16,7 @@ import sys
import six
from vmware_nsx._i18n import _
+from vmware_nsx.db import db
from vmware_nsx.shell import resources as nsxadmin
from neutron.common import profiler # noqa
@@ -112,3 +113,16 @@ def fix_mismatches_handler(resource):
nsxadmin.Operations.FIX_MISMATCH.value)
return func
return wrap
+
+
+def get_plugin_filters(context, plugin):
+ # Return filters for the neutron list apis so that only resources from
+ # a specific plugin will be returned.
+ filters = {}
+ core_plugin = nsxadmin.get_plugin()
+ if core_plugin == 'nsxtvd':
+ maps = db.get_project_plugin_mappings_by_plugin(
+ context.session, plugin)
+ if maps:
+ filters['project_id'] = [m.project for m in maps]
+ return filters
diff --git a/vmware_nsx/shell/admin/plugins/nsxv/resources/securitygroups.py b/vmware_nsx/shell/admin/plugins/nsxv/resources/securitygroups.py
index 52f5aca3c4..b91aacbe61 100644
--- a/vmware_nsx/shell/admin/plugins/nsxv/resources/securitygroups.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/securitygroups.py
@@ -73,8 +73,9 @@ class NeutronSecurityGroupDB(
self.context, sg_id)
def get_security_groups(self):
+ filters = utils.get_plugin_filters(self.context)
return super(NeutronSecurityGroupDB,
- self).get_security_groups(self.context)
+ self).get_security_groups(self.context, filters=filters)
def get_security_group_id_by_section_id(self, section_id):
section_url = ("/api/4.0/firewall/globalroot-0/config/layer3sections"
diff --git a/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py b/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py
index f3b25170b0..b8f2152f1f 100644
--- a/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv/resources/utils.py
@@ -22,8 +22,10 @@ from neutron_lib import context as neutron_context
from neutron_lib.plugins import directory
from vmware_nsx.common import config
+from vmware_nsx.extensions import projectpluginmap
from vmware_nsx import plugin
from vmware_nsx.plugins.nsx_v.vshield import vcns
+from vmware_nsx.shell.admin.plugins.common import utils as admin_utils
LOG = logging.getLogger(__name__)
@@ -37,6 +39,11 @@ def get_nsxv_client():
insecure=cfg.CONF.nsxv.insecure)
+def get_plugin_filters(context):
+ return admin_utils.get_plugin_filters(
+ context, projectpluginmap.NsxPlugins.NSX_V)
+
+
class NeutronDbClient(common_db.CommonDbMixin):
def __init__(self):
super(NeutronDbClient, self)
@@ -47,6 +54,8 @@ class NsxVPluginWrapper(plugin.NsxVPlugin):
def __init__(self):
config.register_nsxv_azs(cfg.CONF, cfg.CONF.nsxv.availability_zones)
+ self.context = neutron_context.get_admin_context()
+ self.filters = get_plugin_filters(self.context)
super(NsxVPluginWrapper, self).__init__()
# Make this the core plugin
directory.add_plugin('CORE', self)
@@ -98,6 +107,32 @@ class NsxVPluginWrapper(plugin.NsxVPlugin):
LOG.warning("Sorry. Waited for too long. Some jobs are still "
"running.")
+ def _update_filters(self, requested_filters):
+ filters = self.filters.copy()
+ if requested_filters:
+ filters.update(requested_filters)
+ return filters
+
+ def get_networks(self, context, filters=None, fields=None):
+ filters = self._update_filters(filters)
+ return super(NsxVPluginWrapper, self).get_networks(
+ context, filters=filters, fields=fields)
+
+ def get_subnets(self, context, filters=None, fields=None):
+ filters = self._update_filters(filters)
+ return super(NsxVPluginWrapper, self).get_subnets(
+ context, filters=filters, fields=fields)
+
+ def get_ports(self, context, filters=None, fields=None):
+ filters = self._update_filters(filters)
+ return super(NsxVPluginWrapper, self).get_ports(
+ self.context, filters=filters, fields=fields)
+
+ def get_routers(self, context, filters=None, fields=None):
+ filters = self._update_filters(filters)
+ return super(NsxVPluginWrapper, self).get_routers(
+ self.context, filters=filters, fields=fields)
+
def get_nsxv_backend_edges():
"""Get a list of all the backend edges and some of their attributes
diff --git a/vmware_nsx/shell/admin/plugins/nsxv3/resources/networks.py b/vmware_nsx/shell/admin/plugins/nsxv3/resources/networks.py
index a1ec9a8625..0d40e25c40 100644
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/networks.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/networks.py
@@ -45,7 +45,8 @@ def list_missing_networks(resource, event, trigger, **kwargs):
nsxlib = utils.get_connected_nsxlib()
plugin = db_base_plugin_v2.NeutronDbPluginV2()
admin_cxt = neutron_context.get_admin_context()
- neutron_networks = plugin.get_networks(admin_cxt)
+ filters = utils.get_plugin_filters(admin_cxt)
+ neutron_networks = plugin.get_networks(admin_cxt, filters=filters)
networks = []
for net in neutron_networks:
neutron_id = net['id']
diff --git a/vmware_nsx/shell/admin/plugins/nsxv3/resources/ports.py b/vmware_nsx/shell/admin/plugins/nsxv3/resources/ports.py
index 5b4b024278..2a4024faf8 100644
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/ports.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/ports.py
@@ -119,9 +119,9 @@ def list_missing_ports(resource, event, trigger, **kwargs):
And ports with wrong switch profiles
"""
admin_cxt = neutron_context.get_admin_context()
-
+ filters = v3_utils.get_plugin_filters(admin_cxt)
with PortsPlugin() as plugin:
- neutron_ports = plugin.get_ports(admin_cxt)
+ neutron_ports = plugin.get_ports(admin_cxt, filters=filters)
port_client, profile_client = get_port_and_profile_clients()
# get pre-defined profile ids
@@ -228,7 +228,8 @@ def migrate_compute_ports_vms(resource, event, trigger, **kwargs):
# Go over all the compute ports from the plugin
admin_cxt = neutron_context.get_admin_context()
- port_filters = {'device_owner': ['compute:None']}
+ port_filters = v3_utils.get_plugin_filters(admin_cxt)
+ port_filters['device_owner'] = ['compute:None']
with PortsPlugin() as plugin:
neutron_ports = plugin.get_ports(admin_cxt, filters=port_filters)
@@ -325,11 +326,12 @@ def migrate_exclude_ports(resource, event, trigger, **kwargs):
def tag_default_ports(resource, event, trigger, **kwargs):
nsxlib = v3_utils.get_connected_nsxlib()
admin_cxt = neutron_context.get_admin_context()
+ filters = v3_utils.get_plugin_filters(admin_cxt)
# the plugin creation below will create the NS group and update the default
# OS section to have the correct applied to group
with v3_utils.NsxV3PluginWrapper() as _plugin:
- neutron_ports = _plugin.get_ports(admin_cxt)
+ neutron_ports = _plugin.get_ports(admin_cxt, filters=filters)
for port in neutron_ports:
neutron_id = port['id']
# get the network nsx id from the mapping table
diff --git a/vmware_nsx/shell/admin/plugins/nsxv3/resources/routers.py b/vmware_nsx/shell/admin/plugins/nsxv3/resources/routers.py
index 350f92eb92..d26af9d693 100644
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/routers.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/routers.py
@@ -14,7 +14,6 @@
import sys
-from vmware_nsx.common import config # noqa
from vmware_nsx.common import utils as nsx_utils
from vmware_nsx.db import db as nsx_db
from vmware_nsx.shell.admin.plugins.common import constants
@@ -29,7 +28,6 @@ from neutron.db import db_base_plugin_v2
from neutron.db import l3_db
from neutron_lib.callbacks import registry
from neutron_lib import context as neutron_context
-from oslo_config import cfg
from oslo_log import log as logging
LOG = logging.getLogger(__name__)
@@ -48,7 +46,8 @@ def list_missing_routers(resource, event, trigger, **kwargs):
nsxlib = utils.get_connected_nsxlib()
plugin = RoutersPlugin()
admin_cxt = neutron_context.get_admin_context()
- neutron_routers = plugin.get_routers(admin_cxt)
+ filters = utils.get_plugin_filters(admin_cxt)
+ neutron_routers = plugin.get_routers(admin_cxt, filters=filters)
routers = []
for router in neutron_routers:
neutron_id = router['id']
@@ -90,7 +89,8 @@ def update_nat_rules(resource, event, trigger, **kwargs):
# Go over all neutron routers
plugin = RoutersPlugin()
admin_cxt = neutron_context.get_admin_context()
- neutron_routers = plugin.get_routers(admin_cxt)
+ filters = utils.get_plugin_filters(admin_cxt)
+ neutron_routers = plugin.get_routers(admin_cxt, filters=filters)
num_of_updates = 0
for router in neutron_routers:
neutron_id = router['id']
@@ -185,21 +185,19 @@ def update_dhcp_relay(resource, event, trigger, **kwargs):
LOG.error("DHCP relay is not supported by NSX version %s", version)
return
- # initialize the availability zones and nsxlib
- config.register_nsxv3_azs(cfg.CONF, cfg.CONF.nsx_v3.availability_zones)
-
admin_cxt = neutron_context.get_admin_context()
+ filters = utils.get_plugin_filters(admin_cxt)
with utils.NsxV3PluginWrapper() as plugin:
# Make sure FWaaS was initialized
plugin.init_fwaas_for_admin_utils()
# get all neutron routers and interfaces ports
- routers = plugin.get_routers(admin_cxt)
+ routers = plugin.get_routers(admin_cxt, filters=filters)
for router in routers:
LOG.info("Updating router %s", router['id'])
- filters = {'device_owner': [l3_db.DEVICE_OWNER_ROUTER_INTF],
- 'device_id': [router['id']]}
- ports = plugin.get_ports(admin_cxt, filters=filters)
+ port_filters = {'device_owner': [l3_db.DEVICE_OWNER_ROUTER_INTF],
+ 'device_id': [router['id']]}
+ ports = plugin.get_ports(admin_cxt, filters=port_filters)
for port in ports:
# get the backend router port by the tag
nsx_port_id = nsxlib.get_id_by_resource_and_tag(
@@ -217,7 +215,10 @@ def update_dhcp_relay(resource, event, trigger, **kwargs):
nsx_port_id, relay_service_uuid=az.dhcp_relay_service)
# if FWaaS is enables, also update the firewall rules
- plugin.update_router_firewall(admin_cxt, router['id'])
+ try:
+ plugin.update_router_firewall(admin_cxt, router['id'])
+ except Exception:
+ pass
LOG.info("Done.")
diff --git a/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py b/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py
index 40aa736f07..ef5af386c3 100644
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/securitygroups.py
@@ -41,10 +41,12 @@ class NeutronSecurityGroupApi(securitygroups_db.SecurityGroupDbMixin,
def __init__(self):
super(NeutronSecurityGroupApi, self)
self.context = neutron_context.get_admin_context()
+ self.filters = v3_utils.get_plugin_filters(self.context)
def get_security_groups(self):
return super(NeutronSecurityGroupApi,
- self).get_security_groups(self.context)
+ self).get_security_groups(self.context,
+ filters=self.filters)
def delete_security_group(self, sg_id):
return super(NeutronSecurityGroupApi,
diff --git a/vmware_nsx/shell/admin/plugins/nsxv3/resources/utils.py b/vmware_nsx/shell/admin/plugins/nsxv3/resources/utils.py
index c47c147c1a..36e425d61e 100644
--- a/vmware_nsx/shell/admin/plugins/nsxv3/resources/utils.py
+++ b/vmware_nsx/shell/admin/plugins/nsxv3/resources/utils.py
@@ -25,11 +25,14 @@ from neutron_lib.plugins import directory
from neutron_fwaas.services.firewall import fwaas_plugin as fwaas_plugin_v1
from neutron_fwaas.services.firewall import fwaas_plugin_v2
+from vmware_nsx.common import config
from vmware_nsx.db import db as nsx_db
+from vmware_nsx.extensions import projectpluginmap
from vmware_nsx.plugins.nsx_v3 import plugin
from vmware_nsx.plugins.nsx_v3 import utils as v3_utils
from vmware_nsx.services.fwaas.nsx_v3 import fwaas_callbacks_v1
from vmware_nsx.services.fwaas.nsx_v3 import fwaas_callbacks_v2
+from vmware_nsx.shell.admin.plugins.common import utils as admin_utils
from vmware_nsxlib.v3 import nsx_constants
_NSXLIB = None
@@ -57,16 +60,30 @@ def get_connected_nsxlib(nsx_username=None, nsx_password=None,
return _NSXLIB
+def get_plugin_filters(context):
+ return admin_utils.get_plugin_filters(
+ context, projectpluginmap.NsxPlugins.NSX_T)
+
+
class NeutronDbClient(db_base_plugin_v2.NeutronDbPluginV2):
def __init__(self):
super(NeutronDbClient, self).__init__()
self.context = context.get_admin_context()
+ self.filters = get_plugin_filters(self.context)
+
+ def _update_filters(self, requested_filters):
+ filters = self.filters.copy()
+ if requested_filters:
+ filters.update(requested_filters)
+ return filters
def get_ports(self, filters=None, fields=None):
+ filters = self._update_filters(filters)
return super(NeutronDbClient, self).get_ports(
self.context, filters=filters, fields=fields)
def get_networks(self, filters=None, fields=None):
+ filters = self._update_filters(filters)
return super(NeutronDbClient, self).get_networks(
self.context, filters=filters, fields=fields)
@@ -106,6 +123,8 @@ class NeutronDbClient(db_base_plugin_v2.NeutronDbPluginV2):
class NsxV3PluginWrapper(plugin.NsxV3Plugin):
def __init__(self):
+ # initialize the availability zones
+ config.register_nsxv3_azs(cfg.CONF, cfg.CONF.nsx_v3.availability_zones)
super(NsxV3PluginWrapper, self).__init__()
self.context = context.get_admin_context()