x/vmware-nsx
Code Issues Proposed changes

Change firewall to DOWN when admin state down

Browse Source 
Currently firewall remains in status "ACTIVE" after admin state
is changed to DOWN.

This fix sets firewall status to "DOWN" if admin state is updated
from "UP" to "DOWN". "DOWN" status is used by other network resources
so use "DOWN" to keep consistent.

Change-Id: If316b114c4df78368b43c2a15a820bb1177b3a54
Closes-Bug: 1279213
This commit is contained in:
Xuhan Peng
2014-02-14 04:20:01 -05:00
parent 86cdcd3605
commit fc5e52b476
3 changed files with 52 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
neutron/services/firewall/agents/l3reference/firewall_l3_agent.py
View File

@@ -129,7 +129,10 @@ class FWaaSL3AgentRpcCallback(api.FWaaSAgentRpcCallbackMixin):
self.fwaas_driver.__getattribute__(func_name)( self.fwaas_driver.__getattribute__(func_name)(
router_info_list, router_info_list,
fw) fw)
if fw['admin_state_up']:
status = constants.ACTIVE status = constants.ACTIVE
else:
status = constants.DOWN
except fw_ext.FirewallInternalDriverError: except fw_ext.FirewallInternalDriverError:
LOG.error(_("Firewall Driver Error for %(func_name)s " LOG.error(_("Firewall Driver Error for %(func_name)s "
"for fw: %(fwid)s"), "for fw: %(fwid)s"),
@@ -137,7 +140,7 @@ class FWaaSL3AgentRpcCallback(api.FWaaSAgentRpcCallbackMixin):
status = constants.ERROR status = constants.ERROR
# delete needs different handling # delete needs different handling
if func_name == 'delete_firewall': if func_name == 'delete_firewall':
if status == constants.ACTIVE: if status in [constants.ACTIVE, constants.DOWN]:
self.fwplugin_rpc.firewall_deleted(context, fw['id']) self.fwplugin_rpc.firewall_deleted(context, fw['id'])
else: else:
self.fwplugin_rpc.set_firewall_status( self.fwplugin_rpc.set_firewall_status(
@@ -174,7 +177,10 @@ class FWaaSL3AgentRpcCallback(api.FWaaSAgentRpcCallbackMixin):
# PENDING_UPDATE, PENDING_CREATE, ... # PENDING_UPDATE, PENDING_CREATE, ...
try: try:
self.fwaas_driver.update_firewall(router_info_list, fw) self.fwaas_driver.update_firewall(router_info_list, fw)
if fw['admin_state_up']:
status = constants.ACTIVE status = constants.ACTIVE
else:
status = constants.DOWN
except fw_ext.FirewallInternalDriverError: except fw_ext.FirewallInternalDriverError:
LOG.error(_("Firewall Driver Error on fw state %(fwmsg)s " LOG.error(_("Firewall Driver Error on fw state %(fwmsg)s "
"for fw: %(fwid)s"), "for fw: %(fwid)s"),

4
neutron/services/firewall/fwaas_plugin.py
View File

@@ -49,7 +49,9 @@ class FirewallCallbacks(object):
LOG.debug(_("set_firewall_status() called")) LOG.debug(_("set_firewall_status() called"))
with context.session.begin(subtransactions=True): with context.session.begin(subtransactions=True):
fw_db = self.plugin._get_firewall(context, firewall_id) fw_db = self.plugin._get_firewall(context, firewall_id)
if status in (const.ACTIVE, const.INACTIVE): #TODO(xuhanp): Remove INACTIVE status and use DOWN to
# be consistent with other network resources
if status in (const.ACTIVE, const.INACTIVE, const.DOWN):
fw_db.status = status fw_db.status = status
return True return True
else: else:

43
neutron/tests/unit/services/firewall/agents/l3reference/test_firewall_l3_agent.py
View File

@@ -98,7 +98,8 @@ class TestFwaasL3AgentRpcCallback(base.BaseTestCase):
mock_driver.return_value) mock_driver.return_value)
def test_invoke_driver_for_plugin_api(self): def test_invoke_driver_for_plugin_api(self):
fake_firewall = {'id': 0, 'tenant_id': 1} fake_firewall = {'id': 0, 'tenant_id': 1,
'admin_state_up': True}
self.api.plugin_rpc = mock.Mock() self.api.plugin_rpc = mock.Mock()
with contextlib.nested( with contextlib.nested(
mock.patch.object(self.api.plugin_rpc, 'get_routers'), mock.patch.object(self.api.plugin_rpc, 'get_routers'),
@@ -127,8 +128,43 @@ class TestFwaasL3AgentRpcCallback(base.BaseTestCase):
fake_firewall['id'], fake_firewall['id'],
'ACTIVE') 'ACTIVE')
def test_invoke_driver_for_plugin_api_admin_state_down(self):
fake_firewall = {'id': 0, 'tenant_id': 1,
'admin_state_up': False}
self.api.plugin_rpc = mock.Mock()
with contextlib.nested(
mock.patch.object(self.api.plugin_rpc, 'get_routers'),
mock.patch.object(self.api, '_get_router_info_list_for_tenant'),
mock.patch.object(self.api.fwaas_driver, 'update_firewall'),
mock.patch.object(self.api.fwplugin_rpc,
'get_firewalls_for_tenant'),
mock.patch.object(self.api.fwplugin_rpc, 'set_firewall_status')
) as (
mock_get_routers,
mock_get_router_info_list_for_tenant,
mock_driver_update_firewall,
mock_get_firewalls_for_tenant,
mock_set_firewall_status):
mock_driver_update_firewall.return_value = True
self.api.update_firewall(
context=mock.sentinel.context,
firewall=fake_firewall, host='host')
mock_get_routers.assert_called_once_with(
mock.sentinel.context)
mock_get_router_info_list_for_tenant.assert_called_once_with(
mock_get_routers.return_value, fake_firewall['tenant_id'])
mock_set_firewall_status.assert_called_once_with(
mock.sentinel.context,
fake_firewall['id'],
'DOWN')
def test_invoke_driver_for_plugin_api_delete(self): def test_invoke_driver_for_plugin_api_delete(self):
fake_firewall = {'id': 0, 'tenant_id': 1} fake_firewall = {'id': 0, 'tenant_id': 1,
'admin_state_up': True}
self.api.plugin_rpc = mock.Mock() self.api.plugin_rpc = mock.Mock()
with contextlib.nested( with contextlib.nested(
mock.patch.object(self.api.plugin_rpc, 'get_routers'), mock.patch.object(self.api.plugin_rpc, 'get_routers'),
@@ -185,7 +221,8 @@ class TestFwaasL3AgentRpcCallback(base.BaseTestCase):
def test_process_router_add_fw_update(self): def test_process_router_add_fw_update(self):
fake_firewall_list = [{'id': 0, 'tenant_id': 1, fake_firewall_list = [{'id': 0, 'tenant_id': 1,
'status': constants.PENDING_UPDATE}] 'status': constants.PENDING_UPDATE,
'admin_state_up': True}]
fake_router = {'id': 1111, 'tenant_id': 2} fake_router = {'id': 1111, 'tenant_id': 2}
self.api.plugin_rpc = mock.Mock() self.api.plugin_rpc = mock.Mock()
ri = mock.Mock() ri = mock.Mock()