The patch removes the neutron-lib from the dependencies. We do not
want/need the consumers of this library to pull in all of the
neutron-lib dependencies.
The patch adds the following:
1. callback to bind is_attr_set - set_is_attr_callback
2. A new exception NsxLibInvalidInput - this is raised when inputs
are invalid.
Change-Id: Ia8ec71dee2d5de921700a9b4fd7e789d2aed4679
NSX allows DFW rules to be added to a DFW section with query
param 'operation', which can be used to create the said rule
at top or bottom within the DFW section. This patch
adds 'operation' as an argument for the methods 'add_rule'
and 'add_rules'.
Change-Id: I82dd206967543b3382dd20d7bffb140fce9cb59d
Version 2.2 has a logging feature wher the NSX can log via the
X-NSX-EUSER header details of who the request was made for.
This feature will enable the plugin to determine whether or
not to send this header.
Change-Id: Ib87d5df2fbf5e15856511a50013ea47dbd4ca728
Part of the work we did while rehoming the callback modules introduced
the notion of payload objects [1] to replace the unstructured kwargs
used today. When using payloads event sources need to use publish()
rather than notify() to trigger the callback(s) and pass along a payload
object (if needed).
This patch begins to move us onto the payload objects by updating
BEFORE_INIT and AFTER_INIT event types to use the payloads.
Depends-On: I9194c7857f10392149159071cda8e080e93adc10
[1] https://github.com/openstack/neutron-lib/blob/master/doc/source/devref/callbacks.rst#event-payloads
Change-Id: Ie8311f28ebac6c1990a261cc6cfa130fac0cfc5f
Enable application to bind to a callback that will inject
headers to the requests sent to the NSX. This can for example
be: 'X-NSX-EUSER' which will provide the NSX context of the user
on behalf of whom the opertaion is done.
A new method set_inject_headers_callback(in is added. This method
receives a callback that should return a dictionary of headers to
be added.
Change-Id: I90fa7ea8c7828bf97aec66321e4169588108760e
This patch adds support to retrieve resources of type
VirtualMachines and VirtualNetworkInterface.
Change-Id: I9d551e35e68cbaadbe2787f23775296f61c0e72d
NSXv3 backend has a limitation that it only supports realtime
mode for now. This patch adds a source param for stats api.
Change-Id: I56a8ad0bb3641c9560cffdb1efcf3b8a7c461580
Add two methods for load balancer virtual server ssl profile
binding.
- Add client_ssl_profile_binding for virtual server. This
setting is used when load balancer acts as an SSL server and
terminating the client SSL connection.
- Add server_ssl_profile_binding for virtual server. This
setting is used when load balancer acts as an SSL client and
establishing a connection to the backend server.
This patch also fixes a typo in server_ssl_profile.
Change-Id: I692a3cc30dcef9c8d68fe1b40c0624b881954bdd
Currently, only pem_encoded option is availabe when importing a
certificate into NSX. There are two more options we can expose
including private_key and passphrase. Also, we don't need to
remove '\n' from the cert as NSX backend will do it automatically.
This patch aslo adds a trust_management object in the NsxLib for
nsxlib consumer accessing it easily.
Change-Id: I0429d1d7caf7995f044d4daaa46da13e506fddb2
Adding a caching mechanism to remember previous results of get commands
and return them if they are not too old.
This mechanism is disabled for most of the nsxlib resources, and used only
by a few resources that are accessed frequently and modifies rarely
such as transport zones.
Change-Id: I4c1c723ee878feab9a86ff9015246c9e1773bd8b
NSX 3.0.0 (version may change later) will support adding a vlan
router interface and not just overlay ones.
This patch adds a feature for this, so the plugin can check if this
is supported or not.
Change-Id: I86d79e5a14a326db5659bd7a746fefb9b44dbf46
Application profiles are of type TCP, UDP or HTTP. In case the
application profile is being updated with a new type, the virtual
server must also be updated with the new IP Protocol.
Additionally, it should not be necessary to update both the
persistence profile and application profile simultaneously.
Change-Id: I4953dcefa6b168406276851c59b89c3ddaa2f9ad
Using the load balancing related args for the router
update_advertisement should be done only if the NSX version
supports the load balancing feature.
Change-Id: I1a94ee58e6b8908e6122a69f6515dfdf2d2c1b28
Refactor tests resources
- Add a base class for the tests
- Add get/list/delete tests in the base class so that all the
resources will have at least this minimal set of tests
- Move logical switch tests under the test-resources file too
- Add basic tests for resources and core resources that were missing
Change-Id: I3d1aac78ebc68cadaa2c1cf77b658acbeb4339d2
With client auth, request for XSRF token should not carry admin
username/password, for two reasons:
1. username/password may not exist in config
2. backend treats these credentials as authentication and ignores
the desired principal identity
Change-Id: I35af9536018196959297dcad6b11b98d0681d625
Adding a new api to update the server url, secret or edge cluster
of a metadata proxy server on the nsx.
Change-Id: I702398f254a1329299ec2cb82e214caf0ae59a9c
Adding log messages before & after each retry call, to help debugging.
The before message (will not appear before the first call):
Retrying call to 'func-name' for the #th time:[Last exception here]
The after message:
Finished retry number #th to 'func-name' after X(s) with args: (...):
[Last exception here]
Change-Id: Ib4a91fbfd45d9454bbd92d9f77f8c888cec80efa
Current version of requests library checks for client certificate
file existance on each request, regardless of whether the cert is
going to be needed for this request.
Therefore it is useless to save the effort of populating cert file
for non-first requests on the connection.
In addition, add a retry for the case SSL error comes from within
SSL C code.
Change-Id: I32b8304b3217049752e8d25a1b735a6d2035fa0b
The XSRF token might be expired after too long with no activity.
This should not happen because the nsxlib cluster uses keep alive
messages.
in case it does happen, the keep alive will detect this incident
and renew the session.
Change-Id: I6c9a7af01b5b18c2a7e46cc6bf8337b7205d161f
Gary Kotton