Add revision_id when creating FW rule

NSXT backend recently enforced POST FW rule API to have the
revision id in the request body. This patch added revision id
for both add_rule and add_rules method.

If the revision is not valid we will do a retry.

Change-Id: If343c6f256dda6bcbe300c10863df6cc6cfa4b3e
changes/46/558246/4
Tong Liu 5 years ago committed by Gary Kotton
parent e483b2d70f
commit f5d7d1aa97

@ -125,6 +125,7 @@ NSX_VERSION_1_1_0 = '1.1.0'
NSX_VERSION_2_0_0 = '2.0.0'
NSX_VERSION_2_1_0 = '2.1.0'
NSX_VERSION_2_2_0 = '2.2.0'
NSX_VERSION_2_3_0 = '2.3.0'
NSX_VERSION_3_0_0 = '3.0.0'
# Features available depending on the backend version

@ -18,6 +18,8 @@
NSX-V3 Plugin security & Distributed Firewall integration module
"""
from distutils import version
from oslo_log import log
from oslo_utils import excutils
@ -457,14 +459,30 @@ class NsxLibFirewallSection(utils.NsxLibApiBase):
return rule_dict
def add_rule(self, rule, section_id, operation=consts.FW_INSERT_BOTTOM):
resource = '%s/rules' % self.get_path(section_id)
params = '?operation=%s' % operation
return self._create_with_retry(resource + params, rule)
@utils.retry_upon_exception(exceptions.StaleRevision,
max_attempts=self.client.max_attempts)
def do_add_rule():
resource = '%s/rules' % self.get_path(section_id)
params = '?operation=%s' % operation
if (version.LooseVersion(self.nsxlib.get_version()) >=
version.LooseVersion(consts.NSX_VERSION_2_3_0)):
rule['_revision'] = self.get(section_id)['_revision']
return self._create_with_retry(resource + params, rule)
return do_add_rule()
def add_rules(self, rules, section_id, operation=consts.FW_INSERT_BOTTOM):
resource = '%s/rules' % self.get_path(section_id)
params = '?action=create_multiple&operation=%s' % operation
return self._create_with_retry(resource + params, {'rules': rules})
@utils.retry_upon_exception(exceptions.StaleRevision,
max_attempts=self.client.max_attempts)
def do_add_rules():
resource = '%s/rules' % self.get_path(section_id)
params = '?action=create_multiple&operation=%s' % operation
if (version.LooseVersion(self.nsxlib.get_version()) >=
version.LooseVersion(consts.NSX_VERSION_2_3_0)):
rev_id = self.get(section_id)['_revision']
for rule in rules:
rule['_revision'] = rev_id
return self._create_with_retry(resource + params, {'rules': rules})
return do_add_rules()
def delete_rule(self, section_id, rule_id):
resource = '%s/rules/%s' % (section_id, rule_id)

Loading…
Cancel
Save