Merge "NSXP: protect router when it hosts a loadbalancer"

changes/65/651365/2
Zuul 4 years ago committed by Gerrit Code Review
commit e871f7d2e9
  1. 19
      vmware_nsx/services/lbaas/nsx_p/v2/lb_driver_v2.py
  2. 11
      vmware_nsx/tests/unit/nsx_p/test_plugin.py

@ -17,6 +17,7 @@ from neutron_lib.callbacks import events
from neutron_lib.callbacks import registry
from neutron_lib.callbacks import resources
from neutron_lib import constants as n_consts
from neutron_lib import exceptions as n_exc
from oslo_log import helpers as log_helpers
from oslo_log import log as logging
@ -135,9 +136,23 @@ class EdgeLoadbalancerDriverV2(base_mgr.LoadbalancerBaseManager):
def _check_lb_service_on_router(self, resource, event, trigger,
payload=None):
"""Prevent removing a router GW or deleting a router used by LB"""
pass
router_id = payload.resource_id
if self.loadbalancer.core_plugin.service_router_has_loadbalancers(
router_id):
msg = _('Cannot delete a %s as it still has lb service '
'attachment') % resource
raise n_exc.BadRequest(resource='lbaas-lb', msg=msg)
def _check_lb_service_on_router_interface(
self, resource, event, trigger, payload=None):
# Prevent removing the interface of an LB subnet from a router
pass
router_id = payload.resource_id
subnet_id = payload.metadata.get('subnet_id')
if not router_id or not subnet_id:
return
# get LB ports and check if any loadbalancer is using this subnet
if self._get_lb_ports(payload.context.elevated(), [subnet_id]):
msg = _('Cannot delete a router interface as it used by a '
'loadbalancer')
raise n_exc.BadRequest(resource='lbaas-lb', msg=msg)

@ -48,6 +48,7 @@ from vmware_nsx.common import utils
from vmware_nsx.extensions import providersecuritygroup as provider_sg
from vmware_nsx.plugins.common import plugin as com_plugin
from vmware_nsx.plugins.nsx_p import plugin as nsx_plugin
from vmware_nsx.tests import unit as vmware
from vmware_nsx.tests.unit.common_plugin import common_v3
from vmware_nsxlib.v3 import exceptions as nsxlib_exc
@ -1363,6 +1364,16 @@ class NsxPTestL3NatTest(common_v3.FixExternalNetBaseTest,
kwargs['ext_mgr'] = (kwargs.get('ext_mgr') or
NsxPTestL3ExtensionManager())
# Make sure the LB callback is not called on router deletion
self.lb_mock1 = mock.patch(
"vmware_nsx.services.lbaas.nsx_p.v2.lb_driver_v2."
"EdgeLoadbalancerDriverV2._check_lb_service_on_router")
self.lb_mock1.start()
self.lb_mock2 = mock.patch(
"vmware_nsx.services.lbaas.nsx_p.v2.lb_driver_v2."
"EdgeLoadbalancerDriverV2._check_lb_service_on_router_interface")
self.lb_mock2.start()
super(NsxPTestL3NatTest, self).setUp(*args, **kwargs)
self.original_subnet = self.subnet
self.original_network = self.network

Loading…
Cancel
Save