From 5392b3e6a9a5a9ac44abb87b75a9c7f0153839f8 Mon Sep 17 00:00:00 2001
From: asarfaty <asarfaty@vmware.com>
Date: Mon, 8 Jun 2020 10:46:51 +0200
Subject: [PATCH] NSX|P: use edge nodes nsx ids for validation

In some cases the edge policy ids are different from the nsx ids.
Since validation is using those ids with the nsxlib objects, the nsx ids
should be used.

In addition - Do not fail plugin init or neutron action when failing to get
the transport nodes. Just issue a warning

Change-Id: I080ac86b1cebf66f11749c5256d1885a9bc7ef9f
---
 .../plugins/nsx_p/availability_zones.py       | 18 +++++------
 vmware_nsx/plugins/nsx_p/plugin.py            | 30 ++++++++++++-------
 vmware_nsx/plugins/nsx_p/utils.py             | 22 ++++++++++++++
 vmware_nsx/tests/unit/nsx_p/test_plugin.py    |  2 +-
 4 files changed, 52 insertions(+), 20 deletions(-)
 create mode 100644 vmware_nsx/plugins/nsx_p/utils.py

diff --git a/vmware_nsx/plugins/nsx_p/availability_zones.py b/vmware_nsx/plugins/nsx_p/availability_zones.py
index 2b95489122..b1247a6fca 100644
--- a/vmware_nsx/plugins/nsx_p/availability_zones.py
+++ b/vmware_nsx/plugins/nsx_p/availability_zones.py
@@ -20,6 +20,7 @@ from vmware_nsx.common import availability_zones as common_az
 from vmware_nsx.common import config
 from vmware_nsx.common import exceptions as nsx_exc
 from vmware_nsx.plugins.common_v3 import availability_zones as v3_az
+from vmware_nsx.plugins.nsx_p import utils
 from vmware_nsxlib.v3 import exceptions as nsx_lib_exc
 from vmware_nsxlib.v3 import nsx_constants
 from vmware_nsxlib.v3.policy import utils as p_utils
@@ -181,16 +182,15 @@ class NsxPAvailabilityZone(v3_az.NsxV3AvailabilityZone):
             else:
                 self._native_md_proxy_uuid = None
 
-    def _get_edge_cluster_tzs(self, nsxpolicy, nsxlib, ec_uuid):
-        ec_nodes = nsxpolicy.edge_cluster.get_edge_node_ids(ec_uuid)
-        ec_tzs = []
-        for tn_uuid in ec_nodes:
-            ec_tzs.extend(nsxlib.transport_node.get_transport_zones(
-                tn_uuid))
-        return ec_tzs
-
     def _validate_tz(self, nsxpolicy, nsxlib, obj_type, obj_id, ec_uuid):
-        obj_tzs = self._get_edge_cluster_tzs(nsxpolicy, nsxlib, ec_uuid)
+        try:
+            obj_tzs = utils.get_edge_cluster_tzs(nsxpolicy, nsxlib, ec_uuid)
+        except nsx_lib_exc.ResourceNotFound as e:
+            # Do not fail plugin init if this code fails
+            LOG.warning("Failed to get edge cluster %s transport zones: %s",
+                        ec_uuid, e)
+            return
+
         if self._default_overlay_tz_uuid not in obj_tzs:
             msg = (_("%(type)s %(id)s of availability zone %(az)s with edge "
                      "cluster %(ec)s does not match the default overlay tz "
diff --git a/vmware_nsx/plugins/nsx_p/plugin.py b/vmware_nsx/plugins/nsx_p/plugin.py
index 103623bd00..f8398bd75d 100644
--- a/vmware_nsx/plugins/nsx_p/plugin.py
+++ b/vmware_nsx/plugins/nsx_p/plugin.py
@@ -76,6 +76,7 @@ from vmware_nsx.extensions import secgroup_rule_local_ip_prefix as sg_prefix
 from vmware_nsx.extensions import securitygrouplogging as sg_logging
 from vmware_nsx.plugins.common_v3 import plugin as nsx_plugin_common
 from vmware_nsx.plugins.nsx_p import availability_zones as nsxp_az
+from vmware_nsx.plugins.nsx_p import utils as plugin_utils
 from vmware_nsx.plugins.nsx_v3 import utils as v3_utils
 from vmware_nsx.services.fwaas.common import utils as fwaas_utils
 from vmware_nsx.services.fwaas.nsx_p import fwaas_callbacks_v2
@@ -1017,11 +1018,16 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base):
         dhcp_ec_path = self.nsxpolicy.dhcp_server_config.get(
             az._policy_dhcp_server_config).get('edge_cluster_path')
         ec_id = p_utils.path_to_id(dhcp_ec_path)
-        ec_nodes = self.nsxlib.edge_cluster.get_transport_nodes(ec_id)
-        ec_tzs = []
-        for tn_uuid in ec_nodes:
-            ec_tzs.extend(self.nsxlib.transport_node.get_transport_zones(
-                tn_uuid))
+
+        try:
+            ec_tzs = plugin_utils.get_edge_cluster_tzs(
+                self.nsxpolicy, self.nsxlib, ec_id)
+        except nsx_lib_exc.ResourceNotFound as e:
+            # Do not fail neutron action init if this code fails
+            LOG.warning("Failed to get edge cluster %s transport zones: %s",
+                        ec_id, e)
+            return
+
         if net_tz not in ec_tzs:
             msg = (_('Network TZ %(tz)s does not match DHCP server '
                      'edge cluster %(ec)s') %
@@ -4197,11 +4203,15 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base):
             md_ec = self.nsxlib.native_md_proxy.get(
                 mdproxy_uuid).get('edge_cluster_id')
 
-        ec_nodes = self.nsxpolicy.edge_cluster.get_edge_node_ids(md_ec)
-        ec_tzs = []
-        for tn_uuid in ec_nodes:
-            ec_tzs.extend(self.nsxlib.transport_node.get_transport_zones(
-                tn_uuid))
+        try:
+            ec_tzs = plugin_utils.get_edge_cluster_tzs(
+                self.nsxpolicy, self.nsxlib, md_ec)
+        except nsx_lib_exc.ResourceNotFound as e:
+            # Do not fail neutron action init if this code fails
+            LOG.warning("Failed to get edge cluster %s transport zones: %s",
+                        md_ec, e)
+            return True
+
         if tz_uuid not in ec_tzs:
             return False
         return True
diff --git a/vmware_nsx/plugins/nsx_p/utils.py b/vmware_nsx/plugins/nsx_p/utils.py
new file mode 100644
index 0000000000..1cf0c9e58f
--- /dev/null
+++ b/vmware_nsx/plugins/nsx_p/utils.py
@@ -0,0 +1,22 @@
+# Copyright 2020 VMware, Inc.
+# All Rights Reserved
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+def get_edge_cluster_tzs(nsxpolicy, nsxlib, ec_uuid):
+    ec_nodes = nsxpolicy.edge_cluster.get_edge_node_nsx_ids(ec_uuid)
+    ec_tzs = []
+    for tn_uuid in ec_nodes:
+        ec_tzs.extend(nsxlib.transport_node.get_transport_zones(
+            tn_uuid))
+    return ec_tzs
diff --git a/vmware_nsx/tests/unit/nsx_p/test_plugin.py b/vmware_nsx/tests/unit/nsx_p/test_plugin.py
index 71ac4e916d..8cc59cab0b 100644
--- a/vmware_nsx/tests/unit/nsx_p/test_plugin.py
+++ b/vmware_nsx/tests/unit/nsx_p/test_plugin.py
@@ -137,7 +137,7 @@ class NsxPPluginTestCaseMixin(
         mock.patch("vmware_nsxlib.v3.policy.core_resources.NsxPolicyTier0Api."
                    "get_edge_cluster_path", return_value="x/1").start()
         mock.patch("vmware_nsxlib.v3.policy.core_resources."
-                   "NsxPolicyEdgeClusterApi.get_edge_node_ids",
+                   "NsxPolicyEdgeClusterApi.get_edge_node_nsx_ids",
                    return_value=["node1"]).start()
         mock.patch("vmware_nsxlib.v3.NsxLib.get_tag_limits",
                    return_value=nsxlib_utils.TagLimits(20, 40, 15)).start()