This is to ensure session creation also works if username and
password contain unicode characters.
Otherwise, python's requests will use latin-1 to encode these string.
Change-Id: Ia2a1c26cffe213d23cafcf5c33b6f82b8ef364e5
When NSX creates the NsxVpcIpAddressAllocationApi for pre-created VPC,
it will create an internal pool. If not using 'X-Allow-Overwrite: True'
NCP will fail to allocate vpcipaddressallocation
Issue: #3455572
Change-Id: Ie9d0c9c478dd8f96b6f091be359d99459013c477
From NSX 9.0, MP api is removed, so in policy resources, it should not
use MP resource apis or MP resource search interface.
following apis are removed:
/api/v1/search/query?query=resource_type:LogicalRouter
/api/v1/search/query?query=resource_type:LogicalSwitch
Change-Id: Ie79c95a491b7fa6364c440522d127f100d44c7c0
This reverts commit 49d9ef1031d9c9373d53c9be10e00d4cc5d7bdb9.
Reason for revert: Not required change
Change-Id: Ie856ab86ac7659f21007881163f28e1e70b451c5
Commit 8eac791328c004013c6ef7ccd5d53fe22184b316 in
openstack/requirements bumped coverage max constraint to
7.6.3 from 7.6.1.
Coverage 7.6.3 does not support python 3.8. pip installation
to always fail on constraint verification.
This commit switches zuul unit tests checks to use python 3.9.
This commit also changes the minimum requirement on coverage,
removing the exception for version 4.4.
Change-Id: Ic222523959658b0144cf5b75c04ee1d427f4200a
Add parameter skip_host_detach=true for delete api for SegmentPort
resource, this parameters allows nsx to delete segment without detach
operation. This parameter is for a corner case that NCP tries to
recreate segment ports that is attached to other vm in vmotion during
backup and restore.
Change-Id: Ia0b4f6c5d5b5b192684090cc2fdd9f309946ccb1
This change ensures special characters are correctly escaped
when using username/password authentication.
Change-Id: I4971e4b138e925965d2bd0f85e85e70df3146c35
In this patch, we support HAPI for lb-pool and lb-virtual-server whose tenant is org-root
We also fix a bug in func _build_wrapper_dict where the children array of wrapper_dict and the children array of node should be the same one.
Change-Id: Iaaf392f7e6904605e8ddd84d6691c92fc845dda6
Signed-off-by: Yun-Tang Hsu <hsuy@vmware.com>
Signed-off-by: Yun-Tang Hsu <yun-tang.hsu@broadcom.com>
We add shareing_strategy option in Share API because sharing_strategy must be ALL_DESCENDANTS for sharedWith path [/orgs/default].
Change-Id: Ib982237f12d10c2b9f1163393697817397916207
Signed-off-by: Yun-Tang Hsu <hsuy@vmware.com>
In order to support cert pinning in WCP, this change adds exact cert
match for checking NSX manager authenticity. Setting "nsx_cert_der"
enables this mode, where the pritotity is below ca cert and above
thumbprints.
Currently in nsxlib, the call chain to manage HTTPs connextion is:
1. NSXHTTPAdapter (subclass of urllib3 HTTPAdapter)
2. urllib3 PoolManager
3. urllib3 HTTPSConnectionPool
4. urllib3 HTTPSConnection
In order to inject custom TLS cert validation, we have to override the
connect() function in HTTPSConnection level. Introducing a child class
of HTTPSConnectionPool is also needed to pass the new param. Pool
manager only needs overrding two attrs to allow passing the new param
and properly binding to the new child class of connection pool.
When leaf cert verification is not used, the native urllib3 behavior
will be kept to reduce regression risk.
Change-Id: Icecf30b6df3b60fbeac20cf79586827f3370ce13
This change adds a new config param ssl_assert_hostname. Its value will
be ultimately passed to the underlying urllib3 param "assert_hostname".
Technically, the value coud be bool or string. This patch focuses to set
it to False to disable hostname check while keeping other cert
verifications.
Change-Id: I8b1ef5fe915d8317f65ce5e1927eb71141027e16
This patch will add the support for parameter skip_host_detach in
LogicalPort deletion request as the preparation of a corner fix
which will delete the discovered port without host detach.
The other preparation in this patch is to add the new Exception
class VifRestoreAlreadyCompleted.
Change-Id: I012dbc7db5c0af31d670e71e1d04fa6216f269b3
This change adds LBS usage, statistics and status API with param
'enforcement_point_path' to support querying in a multi enforcement
point setup.
Change-Id: I08cbc05bbad6e70dbd3a1c96fba72931a94f0b7f
Signed-off-by: Shawn Wang <wshaoquan@vmware.com>
This change adds hierarchical call support for deleting Policy Tier1.
H-API is already enabled for Tier1 creation. The change has no impact
for callers not using H-API for delete.
Change-Id: Ib36a0faa125b2c12c206b7c6c9ebc3bd0e04330e
According to NSX side fix merged in NSX versions 3.2.3
(and later impactor releases if any) and 4.1.*, update
the version check.
Change-Id: I8e5b29da1d10b076bef159d45ba436d135718ca8
This reverts commit d2836e34528d9061e2783283d7fad6a79b689ff2.
Reason for revert: backend support is now available
Change-Id: I835c4a99f38760e5cb834852adb4fb56b3bd234e
When creating IpPool, ip_release_delay can be set
to indicate the delay for releasing allocated IP address from IP pool.
Default is 2mins.
Change-Id: I56e9edd09df34f7909a7ce47339ae903f518fbda
This reverts commit b0c97de6605f719a6febe9febb66a44d562ddd84.
Reason for revert: it depends on nsxt support. but nsxt didn't merge the code
Change-Id: Id053d28cc9b315462849fd8df2d99b2ca7f6059c
Since the new POST API to restore vif only exists
on NSX version >=4.1.0, add version check before
invoking the new POST API. Otherwise, still use
the old patch API.
Change-Id: Ic0047cba6ccaf275830b3c24a73f59ca28883de6
tox 4.2.4 starts to fail if basepython mismatches with python env[1].
This change works around the issue by setting [tox]
ignore_base_python_conflict.
Also changing envlist from py37 to py38 given the Zuul env using py3.8
now.
[1] https://github.com/tox-dev/tox/pull/2824/
Change-Id: I380c1073a4b1f5b8d8a066345c7512061bd007fb
When restore vif, we need to use POST api with init_state:RESTORE_VIF
for NSX to persist all properties including tags and address_bindings.
Change-Id: I0d49a3860349a4d021cc9c881fb60543936feefc
New field Introduced in IPblockSubnet in order to cap the
maximum Ip Subnets across different clusters.
Jira: #NCP-439
Change-Id: I2e01f7e787c5be5d20256b96b19e9ce8b68edbe6
