x
/
vmware-nsxlib
Code Issues Proposed changes

Merge "Full support for policy QoS profile"

This commit is contained in:
Zuul 2019-01-02 19:19:40 +00:00 committed by Gerrit Code Review
parent 470fea025e 706c6eddbc
commit d55df96d27
4 changed files with 340 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
vmware_nsxlib/tests/unit/v3/test_policy_resources.py
View File

@ -2287,6 +2287,31 @@ class TestPolicyQosProfile(TestPolicySegmentProfileBase):
resource_api_name='qos_profile',
resource_def=policy_defs.QosProfileDef)
def test_create_with_params(self):
name = 'test'
description = 'desc'
dscp = self.resourceApi.build_dscp(trusted=False, priority=7)
limiter = self.resourceApi.build_ingress_rate_limiter(
average_bandwidth=700,
enabled=True)
with mock.patch.object(self.policy_api,
"create_or_update") as api_call:
self.resourceApi.create_or_overwrite(
name,
description=description,
dscp=dscp,
shaper_configurations=[limiter],
tenant=TEST_TENANT)
expected_def = self.resourceDef(
profile_id=mock.ANY,
name=name,
description=description,
dscp=dscp,
shaper_configurations=[limiter],
tenant=TEST_TENANT)
self.assert_called_with_def(api_call, expected_def)
class TestPolicySpoofguardProfile(TestPolicySegmentProfileBase):
@ -2345,11 +2370,11 @@ class TestPolicySegmentSecurityProfile(TestPolicySegmentProfileBase):
self.assert_called_with_def(api_call, expected_def)
class TestPolicySegmentSecProfilesBindingBase(NsxPolicyLibTestCase):
class TestPolicySegmentSecProfilesBinding(NsxPolicyLibTestCase):
def setUp(self, resource_api_name='segment_port_security_profiles',
resource_def=policy_defs.SegmentPortSecProfilesBindingMapDef):
super(TestPolicySegmentSecProfilesBindingBase, self).setUp()
super(TestPolicySegmentSecProfilesBinding, self).setUp()
self.resourceApi = getattr(self.policy_lib, resource_api_name)
self.resourceDef = resource_def
@ -2439,13 +2464,13 @@ class TestPolicySegmentSecProfilesBindingBase(NsxPolicyLibTestCase):
update_call, expected_def)
class TestPolicySegmentDiscSecProfilesBindingBase(NsxPolicyLibTestCase):
class TestPolicySegmentDiscoveryProfilesBinding(NsxPolicyLibTestCase):
def setUp(
self, resource_api_name='segment_port_discovery_profiles',
resource_def=policy_defs.SegmentPortDiscoveryProfilesBindingMapDef):
super(TestPolicySegmentDiscSecProfilesBindingBase, self).setUp()
super(TestPolicySegmentDiscoveryProfilesBinding, self).setUp()
self.resourceApi = getattr(self.policy_lib, resource_api_name)
self.resourceDef = resource_def
@ -2535,6 +2560,96 @@ class TestPolicySegmentDiscSecProfilesBindingBase(NsxPolicyLibTestCase):
update_call, expected_def)
class TestPolicySegmentQosProfilesBinding(NsxPolicyLibTestCase):
def setUp(
self, resource_api_name='segment_port_qos_profiles',
resource_def=policy_defs.SegmentPortQoSProfilesBindingMapDef):
super(TestPolicySegmentQosProfilesBinding, self).setUp()
self.resourceApi = getattr(self.policy_lib, resource_api_name)
self.resourceDef = resource_def
def test_create(self):
name = 'test'
segment_id = 'seg1'
port_id = 'port1'
prf1 = '1'
with mock.patch.object(self.policy_api,
"create_or_update") as api_call:
self.resourceApi.create_or_overwrite(
name, segment_id, port_id,
qos_profile_id=prf1,
tenant=TEST_TENANT)
expected_def = self.resourceDef(
segment_id=segment_id,
port_id=port_id,
map_id=policy_resources.DEFAULT_MAP_ID,
name=name,
qos_profile_id=prf1,
tenant=TEST_TENANT)
self.assert_called_with_def(api_call, expected_def)
def test_delete(self):
segment_id = 'seg1'
port_id = 'port1'
with mock.patch.object(self.policy_api, "delete") as api_call:
self.resourceApi.delete(segment_id, port_id, tenant=TEST_TENANT)
expected_def = self.resourceDef(
segment_id=segment_id,
port_id=port_id,
map_id=policy_resources.DEFAULT_MAP_ID,
tenant=TEST_TENANT)
self.assert_called_with_def(api_call, expected_def)
def test_get(self):
segment_id = 'seg1'
port_id = 'port1'
with mock.patch.object(self.policy_api, "get") as api_call:
self.resourceApi.get(segment_id, port_id, tenant=TEST_TENANT)
expected_def = self.resourceDef(
segment_id=segment_id,
port_id=port_id,
map_id=policy_resources.DEFAULT_MAP_ID,
tenant=TEST_TENANT)
self.assert_called_with_def(api_call, expected_def)
def test_list(self):
segment_id = 'seg1'
port_id = 'port1'
with mock.patch.object(self.policy_api, "list") as api_call:
self.resourceApi.list(segment_id, port_id, tenant=TEST_TENANT)
expected_def = self.resourceDef(
segment_id=segment_id,
port_id=port_id,
tenant=TEST_TENANT)
self.assert_called_with_def(api_call, expected_def)
def test_update(self):
name = 'new name'
segment_id = 'seg1'
port_id = 'port1'
prf1 = '1'
with mock.patch.object(self.policy_api,
"create_or_update") as update_call:
self.resourceApi.update(
segment_id=segment_id,
port_id=port_id,
name=name,
qos_profile_id=prf1,
tenant=TEST_TENANT)
expected_def = self.resourceDef(
segment_id=segment_id,
port_id=port_id,
map_id=policy_resources.DEFAULT_MAP_ID,
name=name,
qos_profile_id=prf1,
tenant=TEST_TENANT)
self.assert_called_with_def(
update_call, expected_def)
class TestPolicyLBClientSSLProfileApi(NsxPolicyLibTestCase):
def setUp(self, *args, **kwargs):

7
vmware_nsxlib/v3/__init__.py
View File

@ -459,10 +459,13 @@ class NsxPolicyLib(NsxLibBase):
self.mac_discovery_profile = (
policy_resources.NsxMacDiscoveryProfileApi(*args))
self.segment_port_security_profiles = (
policy_resources.SegmentPortSecurityProfilesBindingMapDef(
policy_resources.SegmentPortSecurityProfilesBindingMapApi(
*args))
self.segment_port_discovery_profiles = (
policy_resources.SegmentPortDiscoveryProfilesBindingMapDef(
policy_resources.SegmentPortDiscoveryProfilesBindingMapApi(
*args))
self.segment_port_qos_profiles = (
policy_resources.SegmentPortQosProfilesBindingMapApi(
*args))
self.load_balancer = (
policy_load_balancer.NsxPolicyLoadBalancerApi(*args))

114
vmware_nsxlib/v3/policy_defs.py
View File

@ -631,25 +631,26 @@ class SegmentPortDef(ResourceDef):
return body
class SegmentPortSecProfilesBindingMapDef(ResourceDef):
'''Infra segment port'''
@property
def path_pattern(self):
return (SEGMENTS_PATH_PATTERN +
"%s/ports/%s/port-security-profile-binding-maps/")
class SegmentPortBindingMapDefBase(ResourceDef):
@property
def path_ids(self):
return ('tenant', 'segment_id', 'port_id', 'map_id')
def path_defs(self):
return (TenantDef, SegmentDef, SegmentPortDef)
class SegmentPortSecProfilesBindingMapDef(SegmentPortBindingMapDefBase):
@property
def path_pattern(self):
return (SEGMENTS_PATH_PATTERN +
"%s/ports/%s/port-security-profile-binding-maps/")
@staticmethod
def resource_type():
return 'PortSecurityProfileBindingMap'
def path_defs(self):
return (TenantDef, SegmentDef, SegmentPortDef)
def get_obj_dict(self):
body = super(SegmentPortSecProfilesBindingMapDef, self).get_obj_dict()
@ -680,25 +681,16 @@ class SegmentPortSecProfilesBindingMapDef(ResourceDef):
return body
class SegmentPortDiscoveryProfilesBindingMapDef(ResourceDef):
'''Infra segment port'''
class SegmentPortDiscoveryProfilesBindingMapDef(SegmentPortBindingMapDefBase):
@property
def path_pattern(self):
return (SEGMENTS_PATH_PATTERN +
"%s/ports/%s/port-discovery-profile-binding-maps/")
@property
def path_ids(self):
return ('tenant', 'segment_id', 'port_id', 'map_id')
@staticmethod
def resource_type():
return 'PortDiscoveryProfileBindingMap'
def path_defs(self):
return (TenantDef, SegmentDef, SegmentPortDef)
def get_obj_dict(self):
body = super(SegmentPortDiscoveryProfilesBindingMapDef,
self).get_obj_dict()
@ -730,6 +722,35 @@ class SegmentPortDiscoveryProfilesBindingMapDef(ResourceDef):
return body
class SegmentPortQoSProfilesBindingMapDef(SegmentPortBindingMapDefBase):
@property
def path_pattern(self):
return (SEGMENTS_PATH_PATTERN +
"%s/ports/%s/port-qos-profile-binding-maps/")
@staticmethod
def resource_type():
return 'PortQoSProfileBindingMap'
def get_obj_dict(self):
body = super(SegmentPortQoSProfilesBindingMapDef,
self).get_obj_dict()
if self.has_attr('qos_profile_id'):
path = None
if self.get_attr('qos_profile_id'):
profile = QosProfileDef(
profile_id=self.get_attr('qos_profile_id'),
tenant=self.get_tenant())
path = profile.get_resource_full_path()
self._set_attr_if_specified(
body, 'qos_profile_id',
body_attr='qos_profile_path',
value=path)
return body
class Tier1SegmentPortDef(SegmentPortDef):
'''Tier1 segment port'''
@ -1214,6 +1235,41 @@ class SegmentSecurityProfileDef(ResourceDef):
return body
class QoSObjectBase(object):
keys = []
def __init__(self, **kwargs):
self.attrs = kwargs
def get_obj_dict(self):
obj_dict = {}
for key in self.attrs:
if key in self.keys:
obj_dict[key] = self.attrs[key]
return obj_dict
class QoSRateLimiter(QoSObjectBase):
INGRESS_RATE_LIMITER_TYPE = 'IngressRateLimiter'
EGRESS_RATE_LIMITER_TYPE = 'EgressRateLimiter'
INGRESS_BRD_RATE_LIMITER_TYPE = 'IngressBroadcastRateLimiter'
keys = ['resource_type',
'average_bandwidth', # Mb/s
'peak_bandwidth', # Mb/s
'burst_size', # byes
'enabled'
]
class QoSDscp(QoSObjectBase):
QOS_DSCP_TRUSTED = 'TRUSTED'
QOS_DSCP_UNTRUSTED = 'UNTRUSTED'
keys = ['mode', 'priority']
class QosProfileDef(ResourceDef):
@property
def path_pattern(self):
@ -1232,7 +1288,23 @@ class QosProfileDef(ResourceDef):
def get_obj_dict(self):
body = super(QosProfileDef, self).get_obj_dict()
# TODO(asarfaty): add all attributes here. currently used for read only
self._set_attr_if_specified(body, 'class_of_service')
if self.has_attr('dscp'):
value = None
if self.get_attr('dscp'):
value = self.get_attr('dscp').get_obj_dict()
self._set_attr_if_specified(body, 'dscp', value=value)
if self.has_attr('shaper_configurations'):
value = None
if self.get_attr('shaper_configurations'):
value = [s.get_obj_dict()
for s in self.get_attr('shaper_configurations')]
self._set_attr_if_specified(body, 'shaper_configurations',
value=value)
return body

130
vmware_nsxlib/v3/policy_resources.py
View File

@ -1398,7 +1398,7 @@ class NsxPolicySegmentPortApi(NsxPolicyResourceBase):
return self._get_realization_info(port_def, entity_type=entity_type)
class SegmentPortProfilesBindingMapBaseDef(NsxPolicyResourceBase):
class SegmentPortProfilesBindingMapBaseApi(NsxPolicyResourceBase):
def delete(self, segment_id, port_id, map_id=DEFAULT_MAP_ID,
tenant=policy_constants.POLICY_INFRA_TENANT):
@ -1424,8 +1424,8 @@ class SegmentPortProfilesBindingMapBaseDef(NsxPolicyResourceBase):
return self._list(map_def)
class SegmentPortSecurityProfilesBindingMapDef(
SegmentPortProfilesBindingMapBaseDef):
class SegmentPortSecurityProfilesBindingMapApi(
SegmentPortProfilesBindingMapBaseApi):
@property
def entry_def(self):
@ -1473,8 +1473,8 @@ class SegmentPortSecurityProfilesBindingMapDef(
tenant=tenant)
class SegmentPortDiscoveryProfilesBindingMapDef(
SegmentPortProfilesBindingMapBaseDef):
class SegmentPortDiscoveryProfilesBindingMapApi(
SegmentPortProfilesBindingMapBaseApi):
@property
def entry_def(self):
@ -1522,6 +1522,51 @@ class SegmentPortDiscoveryProfilesBindingMapDef(
tenant=tenant)
class SegmentPortQosProfilesBindingMapApi(
SegmentPortProfilesBindingMapBaseApi):
@property
def entry_def(self):
return policy_defs.SegmentPortQoSProfilesBindingMapDef
def create_or_overwrite(self, name, segment_id, port_id,
map_id=DEFAULT_MAP_ID,
description=IGNORE,
qos_profile_id=IGNORE,
tags=IGNORE,
tenant=policy_constants.POLICY_INFRA_TENANT):
map_id = self._init_obj_uuid(map_id)
map_def = self._init_def(
segment_id=segment_id,
port_id=port_id,
map_id=map_id,
name=name,
description=description,
qos_profile_id=qos_profile_id,
tags=tags,
tenant=tenant)
self._create_or_store(map_def)
return map_id
def update(self, segment_id, port_id,
map_id=DEFAULT_MAP_ID,
name=IGNORE,
description=IGNORE,
qos_profile_id=IGNORE,
tags=IGNORE,
tenant=policy_constants.POLICY_INFRA_TENANT):
self._update(
segment_id=segment_id,
port_id=port_id,
map_id=map_id,
name=name,
description=description,
qos_profile_id=qos_profile_id,
tags=tags,
tenant=tenant)
class NsxPolicyTier1SegmentPortApi(NsxPolicyResourceBase):
"""NSX Tier1 Segment Port API """
@property
@ -2375,12 +2420,14 @@ class NsxSegmentProfileBaseApi(NsxPolicyResourceBase):
def create_or_overwrite(self, name,
profile_id=None,
description=IGNORE,
tags=IGNORE,
tenant=policy_constants.POLICY_INFRA_TENANT):
profile_id = self._init_obj_uuid(profile_id)
profile_def = self._init_def(profile_id=profile_id,
name=name,
description=description,
tags=tags,
tenant=tenant)
self._create_or_store(profile_def)
@ -2404,10 +2451,11 @@ class NsxSegmentProfileBaseApi(NsxPolicyResourceBase):
return super(NsxSegmentProfileBaseApi, self).get_by_name(
name, tenant=tenant)
def update(self, profile_id, name=IGNORE, tags=IGNORE,
tenant=policy_constants.POLICY_INFRA_TENANT):
def update(self, profile_id, name=IGNORE, description=IGNORE,
tags=IGNORE, tenant=policy_constants.POLICY_INFRA_TENANT):
self._update(profile_id=profile_id,
name=name,
description=description,
tags=tags,
tenant=tenant)
@ -2419,6 +2467,7 @@ class NsxSegmentSecurityProfileApi(NsxSegmentProfileBaseApi):
def create_or_overwrite(self, name,
profile_id=None,
description=IGNORE,
bpdu_filter_enable=IGNORE,
dhcp_client_block_enabled=IGNORE,
dhcp_client_block_v6_enabled=IGNORE,
@ -2434,6 +2483,7 @@ class NsxSegmentSecurityProfileApi(NsxSegmentProfileBaseApi):
profile_def = self._init_def(
profile_id=profile_id,
name=name,
description=description,
bpdu_filter_enable=bpdu_filter_enable,
dhcp_client_block_enabled=dhcp_client_block_enabled,
dhcp_client_block_v6_enabled=dhcp_client_block_v6_enabled,
@ -2453,6 +2503,68 @@ class NsxQosProfileApi(NsxSegmentProfileBaseApi):
def entry_def(self):
return policy_defs.QosProfileDef
def _build_rate_limiter(self, resource_type, average_bandwidth,
peak_bandwidth, burst_size, enabled):
return policy_defs.QoSRateLimiter(
resource_type=resource_type,
average_bandwidth=average_bandwidth,
peak_bandwidth=peak_bandwidth,
burst_size=burst_size,
enabled=enabled)
def build_ingress_rate_limiter(
self,
average_bandwidth=None,
peak_bandwidth=None,
burst_size=None,
enabled=True):
return self._build_rate_limiter(
resource_type=policy_defs.QoSRateLimiter.INGRESS_RATE_LIMITER_TYPE,
average_bandwidth=average_bandwidth,
peak_bandwidth=peak_bandwidth,
burst_size=burst_size,
enabled=enabled)
def build_egress_rate_limiter(
self,
average_bandwidth=None,
peak_bandwidth=None,
burst_size=None,
enabled=True):
return self._build_rate_limiter(
resource_type=policy_defs.QoSRateLimiter.EGRESS_RATE_LIMITER_TYPE,
average_bandwidth=average_bandwidth,
peak_bandwidth=peak_bandwidth,
burst_size=burst_size,
enabled=enabled)
def build_dscp(self, trusted=False, priority=None):
mode = (policy_defs.QoSDscp.QOS_DSCP_TRUSTED if trusted
else policy_defs.QoSDscp.QOS_DSCP_UNTRUSTED)
return policy_defs.QoSDscp(mode=mode, priority=priority)
def create_or_overwrite(self, name,
profile_id=None,
description=IGNORE,
class_of_service=IGNORE,
dscp=IGNORE,
shaper_configurations=IGNORE,
tags=IGNORE,
tenant=policy_constants.POLICY_INFRA_TENANT):
profile_id = self._init_obj_uuid(profile_id)
profile_def = self._init_def(
profile_id=profile_id,
name=name,
description=description,
class_of_service=class_of_service,
dscp=dscp,
shaper_configurations=shaper_configurations,
tags=tags,
tenant=tenant)
self._create_or_store(profile_def)
return profile_id
class NsxSpoofguardProfileApi(NsxSegmentProfileBaseApi):
@property
@ -2461,6 +2573,7 @@ class NsxSpoofguardProfileApi(NsxSegmentProfileBaseApi):
def create_or_overwrite(self, name,
profile_id=None,
description=IGNORE,
address_binding_whitelist=IGNORE,
tags=IGNORE,
tenant=policy_constants.POLICY_INFRA_TENANT):
@ -2469,6 +2582,7 @@ class NsxSpoofguardProfileApi(NsxSegmentProfileBaseApi):
profile_def = self._init_def(
profile_id=profile_id,
name=name,
description=description,
address_binding_whitelist=address_binding_whitelist,
tags=tags,
tenant=tenant)
@ -2489,6 +2603,7 @@ class NsxMacDiscoveryProfileApi(NsxSegmentProfileBaseApi):
def create_or_overwrite(self, name,
profile_id=None,
description=IGNORE,
mac_change_enabled=IGNORE,
mac_learning_enabled=IGNORE,
unknown_unicast_flooding_enabled=IGNORE,
@ -2501,6 +2616,7 @@ class NsxMacDiscoveryProfileApi(NsxSegmentProfileBaseApi):
profile_def = self._init_def(
profile_id=profile_id,
name=name,
description=description,
mac_change_enabled=mac_change_enabled,
mac_learning_enabled=mac_learning_enabled,
unknown_unicast_flooding_enabled=unknown_unicast_flooding_enabled,