Browse Source

Validate transport zone type upon neutron startup

Upon startup, the plugin validates that configured default tzs
exist on backend, however does not validate their type. This
change adds type validation (OVERLAY or VLAN), and throws startup
exception if type is incorrect.
In addition, this change adds null validation and removes dead
code.

Change-Id: Ibeff164eb03fec9141326c24b0c069f0e16a1e7b
(cherry picked from commit f5cdef72a6)
changes/57/789657/1
Anna Khmelnitsky 3 months ago
committed by Salvatore Orlando
parent
commit
fdfb1a9bae
  1. 41
      vmware_nsx/plugins/nsx_p/availability_zones.py
  2. 28
      vmware_nsx/plugins/nsx_p/plugin.py

41
vmware_nsx/plugins/nsx_p/availability_zones.py

@ -55,6 +55,12 @@ class NsxPAvailabilityZone(v3_az.NsxV3AvailabilityZone):
# NOTE(annak): we may need to generalize this for API calls
# requiring path ids
name_or_id = getattr(self, config_name)
err_msg = (_("Could not find %(res)s %(id)s for availability "
"zone %(az)s") % {
'res': config_name,
'id': name_or_id,
'az': self.name})
if not name_or_id:
if auto_config:
# If the field not specified, the system will auto-configure
@ -76,9 +82,23 @@ class NsxPAvailabilityZone(v3_az.NsxV3AvailabilityZone):
raise nsx_exc.NsxPluginException(err_msg=msg)
return None
# If filtering was specified, we need to ensure the configured
# resource matches the filter
def verify_resource_matches_filter(result):
if filter_list_results:
exists = filter_list_results([result])
if not exists:
LOG.error("Resource %s doesn't match config "
"requirement for %s" % (name_or_id, config_name))
if self.is_default():
raise cfg.RequiredOptError(config_name,
group=cfg.OptGroup('nsx_p'))
raise nsx_exc.NsxPluginException(err_msg=err_msg)
try:
# Check if the configured value is the ID
resource_api.get(name_or_id, silent=True)
resource = resource_api.get(name_or_id, silent=True)
verify_resource_matches_filter(resource)
return name_or_id
except nsx_lib_exc.ResourceNotFound:
# Search by tags
@ -94,18 +114,14 @@ class NsxPAvailabilityZone(v3_az.NsxV3AvailabilityZone):
# Check if the configured value is the name
resource = resource_api.get_by_name(name_or_id)
if resource:
verify_resource_matches_filter(resource)
return resource['id']
# Resource not found
if self.is_default():
raise cfg.RequiredOptError(config_name,
group=cfg.OptGroup('nsx_p'))
msg = (_("Could not find %(res)s %(id)s for availability "
"zone %(az)s") % {
'res': config_name,
'id': name_or_id,
'az': self.name})
raise nsx_exc.NsxPluginException(err_msg=msg)
raise nsx_exc.NsxPluginException(err_msg=err_msg)
def translate_configured_names_to_uuids(self, nsxpolicy, nsxlib=None,
search_scope=None):
@ -237,11 +253,12 @@ class NsxPAvailabilityZone(v3_az.NsxV3AvailabilityZone):
if self.use_policy_dhcp:
dhcp_ec_path = nsxpolicy.dhcp_server_config.get(
self._policy_dhcp_server_config).get('edge_cluster_path')
dhcp_ec = p_utils.path_to_id(dhcp_ec_path)
if dhcp_ec != tier0_ec_uuid:
self._validate_tz(nsxpolicy, nsxlib, 'DHCP server config',
self._policy_dhcp_server_config,
dhcp_ec)
if dhcp_ec_path:
dhcp_ec = p_utils.path_to_id(dhcp_ec_path)
if dhcp_ec != tier0_ec_uuid:
self._validate_tz(nsxpolicy, nsxlib, 'DHCP server config',
self._policy_dhcp_server_config,
dhcp_ec)
elif self._native_dhcp_profile_uuid:
dhcp_ec = nsxlib.native_dhcp_profile.get(
self._native_dhcp_profile_uuid).get('edge_cluster_id')

28
vmware_nsx/plugins/nsx_p/plugin.py

@ -325,34 +325,6 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base):
LOG.error(msg)
raise nsx_exc.NsxPluginException(err_msg=msg)
def _init_backend_resource(self, resource_api, name_or_id,
search_scope=None):
resource_type = resource_api.entry_def.resource_type()
if not name_or_id:
return None
try:
# Check if the configured value is the ID
resource_api.get(name_or_id, silent=True)
return name_or_id
except nsx_lib_exc.ResourceNotFound:
# Search by tags
if search_scope:
resource_id = self.nsxpolicy.get_id_by_resource_and_tag(
resource_type,
search_scope,
name_or_id)
if resource_id:
return resource_id
# Check if the configured value is the name
resource = resource_api.get_by_name(name_or_id)
if resource:
return resource['id']
msg = (_("Could not find %(type)s %(id)s") % {
'type': resource_type, 'id': name_or_id})
raise nsx_exc.NsxPluginException(err_msg=msg)
def get_waf_profile_path_and_mode(self):
# WAF is currently not supported by the NSX
return None, None

Loading…
Cancel
Save