Skip to content

Commit

Permalink
1.Modified vnc_openstack to catch proper error from the api-server an…
Browse files Browse the repository at this point in the history 
…d pass it to the neutron.

2.Added config option 'strict_compliance" for enabling port create of with IP of service address

Closes-Bug: 1604373
Closes-Bug: 1604556
Closes-Bug: 1604578
Closes-Bug: 1604935
Closes-Bug: 1604354
Change-Id: Ibd66e36d57a1079fb8a3032ea117d0a7c7f7b634
(cherry picked from commit 44c1853)
  • Loading branch information
@sahilsabharwal
sahilsabharwal committed Aug 4, 2016
1 parent 0be7f12 commit 555039c
Show file tree
Hide file tree
Showing 14 changed files with 74 additions and 64 deletions.
4 changes: 2 additions & 2 deletions src/config/api-server/tests/test_crud_basic.py
View file
Expand Up @@ -1155,7 +1155,7 @@ def test_floatingip_as_instanceip(self):
ip_allocated = fip_fixt.getObj().floating_ip_address

logger.info("Creating auto-alloc instance-ip, expecting an error")
with ExpectedException(PermissionDenied) as e:
with ExpectedException(BadRequest) as e:
iip_fixt = self.useFixture(
InstanceIpTestFixtureGen(
self._vnc_lib, 'iip1', auto_prop_val=False,
Expand Down Expand Up @@ -1191,7 +1191,7 @@ def test_aliasip_as_instanceip(self):
ip_allocated = aip_fixt.getObj().alias_ip_address

logger.info("Creating auto-alloc instance-ip, expecting an error")
with ExpectedException(PermissionDenied) as e:
with ExpectedException(BadRequest) as e:
iip_fixt = self.useFixture(
InstanceIpTestFixtureGen(
self._vnc_lib, 'iip1', auto_prop_val=False,
Expand Down
36 changes: 16 additions & 20 deletions src/config/api-server/tests/test_ip_alloc.py
View file
Expand Up @@ -145,11 +145,9 @@ def test_subnet_alloc_unit(self):

logger.debug('Wrong ip address request,not aligned with alloc-unit')
ipv4_obj1.set_instance_ip_address('11.1.1.249')
try:
with ExpectedException(BadRequest,
'Virtual-Network\(my-v4-v6-domain:my-v4-v6-proj:my-v4-v6-vn:11.1.1.0/24\) has invalid alloc_unit\(4\) in subnet\(11.1.1.0/24\)') as e:
ipv4_id1 = self._vnc_lib.instance_ip_create(ipv4_obj1)
except HttpError:
logger.debug('requested ipaddr is not aligned with alloc-unit')
pass

ipv4_obj1.set_instance_ip_address(None)
logger.debug('Allocating an IP4 address for first VM')
Expand Down Expand Up @@ -753,12 +751,10 @@ def test_v4_ip_allocation_exhaust(self):
logger.debug('Created extra instance')

logger.debug('Allocating an IP4 address for extra instance')
try:
with ExpectedException(BadRequest,
'Virtual-Network\(\[\'v4-domain\', \'v4-proj\', \'v4-vn\'\]\) has exhausted subnet\(all\)') as e:
ip_id1 = self._vnc_lib.instance_ip_create(ip_obj1)
except HttpError:
logger.debug('alloc pool is exhausted')
pass


# cleanup for negative test
self._vnc_lib.virtual_machine_interface_delete(id=port_obj1.uuid)
self._vnc_lib.virtual_machine_delete(id=vm_inst_obj1.uuid)
Expand Down Expand Up @@ -1015,59 +1011,59 @@ def test_ip_alloc_clash(self):
iip2_obj = InstanceIp('clashing-iip-%s' %(self.id()),
instance_ip_address=iip_obj.instance_ip_address)
iip2_obj.add_virtual_network(vn_obj)
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Ip address already in use') as e:
self._vnc_lib.instance_ip_create(iip2_obj)

# allocate instance-ip clashing with existing floating-ip
iip2_obj.set_instance_ip_address(fip_obj.floating_ip_address)
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Ip address already in use') as e:
self._vnc_lib.instance_ip_create(iip2_obj)

# allocate floating-ip clashing with existing floating-ip
fip2_obj = FloatingIp('clashing-fip-%s' %(self.id()), fip_pool_obj,
floating_ip_address=fip_obj.floating_ip_address)
fip2_obj.add_project(proj_obj)
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Ip address already in use') as e:
self._vnc_lib.floating_ip_create(fip2_obj)

# allocate alias-ip clashing with existing alias-ip
aip2_obj = AliasIp('clashing-aip-%s' %(self.id()), aip_pool_obj,
alias_ip_address=aip_obj.alias_ip_address)
aip2_obj.add_project(proj_obj)
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Ip address already in use') as e:
self._vnc_lib.alias_ip_create(aip2_obj)

# allocate floating-ip clashing with existing instance-ip
fip2_obj.set_floating_ip_address(iip_obj.instance_ip_address)
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Ip address already in use') as e:
self._vnc_lib.floating_ip_create(fip2_obj)

# allocate alias-ip clashing with existing instance-ip
aip2_obj.set_alias_ip_address(iip_obj.instance_ip_address)
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Ip address already in use') as e:
self._vnc_lib.alias_ip_create(aip2_obj)

# allocate alias-ip clashing with existing floating-ip
aip2_obj.set_alias_ip_address(fip_obj.floating_ip_address)
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Ip address already in use') as e:
self._vnc_lib.alias_ip_create(aip2_obj)

# allocate floating-ip with gateway ip and verify failure
fip2_obj.set_floating_ip_address('11.1.1.254')
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Ip address already in use') as e:
self._vnc_lib.floating_ip_create(fip2_obj)

# allocate alias-ip with gateway ip and verify failure
aip2_obj.set_alias_ip_address('11.1.1.254')
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Ip address already in use') as e:
self._vnc_lib.alias_ip_create(aip2_obj)

Expand All @@ -1085,7 +1081,7 @@ def test_ip_alloc_clash(self):
self._vnc_lib.instance_ip_create(iip2_gw_ip)

iip_gw_ip.add_virtual_machine_interface(vm_vmi_obj)
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Gateway IP cannot be used by VM port') as e:
self._vnc_lib.instance_ip_update(iip_gw_ip)

Expand All @@ -1097,7 +1093,7 @@ def test_ip_alloc_clash(self):
self._vnc_lib.instance_ip_update(iip2_gw_ip)

isolated_vmi_obj.add_virtual_machine(vm_obj)
with ExpectedException(cfgm_common.exceptions.PermissionDenied,
with ExpectedException(cfgm_common.exceptions.BadRequest,
'Gateway IP cannot be used by VM port') as e:
self._vnc_lib.virtual_machine_interface_update(
isolated_vmi_obj)
Expand Down
7 changes: 5 additions & 2 deletions src/config/api-server/tests/test_kombu.py
View file
Expand Up @@ -94,13 +94,15 @@ def Connection(self, urls, **kwargs):
@unittest.skipIf(is_kombu_client_v1,
"skipping because kombu client is older")
def test_connection_monitor(self):
flexmock(self.mock_connect).should_receive("close").twice()
flexmock(self.mock_connect).should_receive("close").times(3)
flexmock(self.mock_connect).should_receive("connect").twice()
flexmock(self.mock_connect).should_receive("ensure_connection").twice()
flexmock(self.mock_connect).should_receive("channel").twice()
flexmock(self.db_client_mgr).should_receive("wait_for_resync_done"). \
with_args().once()
flexmock(self.mock_consumer).should_receive("consume").twice()
flexmock(self.mock_consumer).should_receive("close").once()
flexmock(self.mock_producer).should_receive("close").once()

_lock = gevent.lock.Semaphore()
_lock.acquire()
Expand All @@ -120,6 +122,7 @@ def _drain_events():
self.password,
self.vhost, False)
_lock.wait()
kc.shutdown()

@unittest.skipIf(is_kombu_client_v1,
"skipping because kombu client is older")
Expand All @@ -130,7 +133,7 @@ def test_connection_publish(self):
flexmock(self.mock_connect).should_receive("channel").twice()
flexmock(self.db_client_mgr).should_receive("wait_for_resync_done"). \
with_args().once()
flexmock(self.mock_consumer).should_receive("consume").twice()
flexmock(self.mock_consumer).should_receive("consume").once()

_lock = gevent.lock.Semaphore()
_lock.acquire()
Expand Down
11 changes: 6 additions & 5 deletions src/config/api-server/tests/test_logical_router.py
View file
Expand Up @@ -432,7 +432,7 @@ def test_vm_port_not_added_to_lr(self):
# Add Router Interface
lr.add_virtual_machine_interface(vm_port_obj)
logger.debug("Trying to Link VM's VMI object and LR object")
with ExpectedException(cfgm_common.exceptions.PermissionDenied) as e:
with ExpectedException(cfgm_common.exceptions.BadRequest) as e:
self._vnc_lib.logical_router_update(lr)
logger.debug("Linking VM's VMI object and LR object failed as expected")
lr.del_virtual_machine_interface(vm_port_obj)
Expand All @@ -443,10 +443,11 @@ def test_vm_port_not_added_to_lr(self):
lr.add_virtual_machine_interface(port_obj)
self._vnc_lib.logical_router_update(lr)
logger.debug("Link VM to internal interface of a LR")
with ExpectedException(cfgm_common.exceptions.PermissionDenied) as e:
with ExpectedException(cfgm_common.exceptions.BadRequest) as e:
port_obj.add_virtual_machine(vm_inst_obj)
self._vnc_lib.virtual_machine_interface_update(port_obj)
logger.debug("Linking VM to internal interface of LR failed as expected")
self._vnc_lib.logical_router_delete(id=lr.uuid)
# end test_vm_port_not_added_to_lr

def create_port(self, project, vn):
Expand Down Expand Up @@ -513,7 +514,7 @@ def test_same_network_not_attached_to_lr(self):
self._vnc_lib.virtual_network_update(net_obj)

logger.debug("Try adding gateway from same network as of interface to LR object")
with ExpectedException(cfgm_common.exceptions.PermissionDenied) as e:
with ExpectedException(cfgm_common.exceptions.BadRequest) as e:
lr.add_virtual_network(net_obj)
self._vnc_lib.logical_router_update(lr)
logger.debug("Adding gateway from same network as of interface to LR object failed as expected")
Expand All @@ -529,11 +530,11 @@ def test_same_network_not_attached_to_lr(self):
# Create Port
port_obj = self.create_port(project, net_obj)
logger.debug("Try adding interafce from same network as of gateway to LR object")
with ExpectedException(cfgm_common.exceptions.PermissionDenied) as e:
with ExpectedException(cfgm_common.exceptions.BadRequest) as e:
lr.add_virtual_machine_interface(port_obj)
self._vnc_lib.logical_router_update(lr)
logger.debug("Adding interface from same network as of gateway to LR object failed as expected")

self._vnc_lib.logical_router_delete(id=lr.uuid)

# end test_same_network_not_attached_to_lr
#end class TestLogicalRouter
Expand Down
2 changes: 1 addition & 1 deletion src/config/api-server/vnc_addr_mgmt.py
View file
Expand Up @@ -1051,7 +1051,7 @@ def ip_alloc_req(self, vn_fq_name, vn_dict=None, sub=None, asked_ip_addr=None,
raise AddrMgmtAllocUnitInvalid(
subnet_obj._name,
subnet_obj._prefix+'/'+subnet_obj._prefix_len,
ip_alloc_unit)
subnet_obj.alloc_unit)

return subnet_obj.ip_reserve(ipaddr=asked_ip_addr,
value=alloc_id)
Expand Down
24 changes: 12 additions & 12 deletions src/config/api-server/vnc_cfg_types.py
View file
Expand Up @@ -185,7 +185,7 @@ def pre_dbe_create(cls, tenant_name, obj_dict, db_conn):
vn_fq_name = obj_dict['fq_name'][:-2]
req_ip = obj_dict.get("floating_ip_address")
if req_ip and cls.addr_mgmt.is_ip_allocated(req_ip, vn_fq_name):
return (False, (403, 'Ip address already in use'))
return (False, (400, 'Ip address already in use'))
try:
fip_addr = cls.addr_mgmt.ip_alloc_req(vn_fq_name,
asked_ip_addr=req_ip,
Expand Down Expand Up @@ -271,7 +271,7 @@ def pre_dbe_create(cls, tenant_name, obj_dict, db_conn):
vn_fq_name = obj_dict['fq_name'][:-2]
req_ip = obj_dict.get("alias_ip_address")
if req_ip and cls.addr_mgmt.is_ip_allocated(req_ip, vn_fq_name):
return (False, (403, 'Ip address already in use'))
return (False, (400, 'Ip address already in use'))
try:
aip_addr = cls.addr_mgmt.ip_alloc_req(vn_fq_name,
asked_ip_addr=req_ip,
Expand Down Expand Up @@ -430,10 +430,10 @@ def pre_dbe_create(cls, tenant_name, obj_dict, db_conn):
# for g/w ip, creation allowed but only can ref to router port.
if req_ip and cls.addr_mgmt.is_ip_allocated(req_ip, vn_fq_name):
if not cls._is_gateway_ip(vn_dict, req_ip):
return (False, (403, 'Ip address already in use'))
return (False, (400, 'Ip address already in use'))
elif cls._vmi_has_vm_ref(db_conn, obj_dict):
return (False,
(403, 'Gateway IP cannot be used by VM port'))
(400, 'Gateway IP cannot be used by VM port'))
# end if request has ip addr

try:
Expand All @@ -451,7 +451,7 @@ def undo():
# end undo
get_context().push_undo(undo)
except Exception as e:
return (False, (500, str(e)))
return (False, (400, str(e)))
obj_dict['instance_ip_address'] = ip_addr
db_conn.config_log('AddrMgmt: alloc %s for vn=%s, tenant=%s, askip=%s'
% (obj_dict['instance_ip_address'],
Expand Down Expand Up @@ -489,7 +489,7 @@ def pre_dbe_update(cls, id, fq_name, obj_dict, db_conn,
if cls._is_gateway_ip(vn_dict,
db_iip_dict.get('instance_ip_address')):
if cls._vmi_has_vm_ref(db_conn, req_iip_dict):
return (False, (403, 'Gateway IP cannot be used by VM port'))
return (False, (400, 'Gateway IP cannot be used by VM port'))
# end if gateway ip

return True, ""
Expand Down Expand Up @@ -553,7 +553,7 @@ def is_port_in_use_by_vm(cls, obj_dict, db_conn):
read_result.get('virtual_machine_refs')):
msg = "Port(%s) already in use by virtual-machine(%s)" %\
(vmi_id, read_result['parent_uuid'])
return (False, (403, msg))
return (False, (400, msg))
return (True, '')

@classmethod
Expand All @@ -570,7 +570,7 @@ def is_port_gateway_in_same_network(cls, db_conn, vmi_refs, vn_refs):
if vn_ref['uuid'] in interface_vn_uuids:
msg = "Logical router interface and gateway cannot be in VN(%s)" %\
(vn_ref['uuid'])
return (False, (403, msg))
return (False, (400, msg))
return (True, '')

@classmethod
Expand Down Expand Up @@ -810,13 +810,13 @@ def pre_dbe_update(cls, id, fq_name, obj_dict, db_conn,
if (read_result.get('logical_router_back_refs') and
obj_dict.get('virtual_machine_refs')):
return (False,
(403, 'Logical router interface cannot be used by VM'))
(400, 'Logical router interface cannot be used by VM'))
# check if vmi is going to point to vm and if its using
# gateway address in iip, disallow
for iip_ref in read_result.get('instance_ip_back_refs') or []:
if (obj_dict.get('virtual_machine_refs') and
InstanceIpServer.is_gateway_ip(db_conn, iip_ref['uuid'])):
return (False, (403, 'Gateway IP cannot be used by VM port'))
return (False, (400, 'Gateway IP cannot be used by VM port'))

if ('virtual_machine_interface_refs' in obj_dict and
'virtual_machine_interface_refs' in read_result):
Expand Down Expand Up @@ -1424,7 +1424,7 @@ def validate_dns_server(cls, obj_dict, db_conn):

ttl = vdns_data['default_ttl_seconds']
if ttl < 0 or ttl > 2147483647:
return (False, (403, "Invalid value for TTL"))
return (False, (400, "Invalid value for TTL"))

if 'next_virtual_DNS' in vdns_data:
vdns_next = vdns_data['next_virtual_DNS']
Expand All @@ -1440,7 +1440,7 @@ def validate_dns_server(cls, obj_dict, db_conn):
vdns_data['next_virtual_DNS']):
return (
False,
(403,
(400,
"Invalid Virtual Forwarder(next virtual dns server)"))
else:
return True, ""
Expand Down
2 changes: 1 addition & 1 deletion src/config/common/exceptions.py
View file
Expand Up @@ -48,7 +48,7 @@ def __init__(self, status_code, content):
# end __init__

def __str__(self):
return 'HTTP Status: %s Content: %s' % (self.status_code, self.content)
return self.content
# end __str__
# end class BadRequest

Expand Down
1 change: 0 additions & 1 deletion src/config/schema-transformer/test/test_route_table.py
View file
Expand Up @@ -134,7 +134,6 @@ def _match_route_table_cleanup(vn):

self._vnc_lib.virtual_network_delete(fq_name=vn1.get_fq_name())
self._vnc_lib.virtual_network_delete(fq_name=vn2.get_fq_name())
gevent.sleep(2)
self._vnc_lib.route_table_delete(fq_name=rt.get_fq_name())
# test_add_delete_static_route

Expand Down
2 changes: 1 addition & 1 deletion src/config/svc-monitor/svc_monitor/instance_manager.py
View file
Expand Up @@ -109,7 +109,7 @@ def _allocate_iip_for_family(self, vn_obj, iip_name, iip_family):
self._vnc_lib.instance_ip_create(iip_obj)
except RefsExistError:
iip_obj = self._vnc_lib.instance_ip_read(fq_name=[iip_name])
except HttpError:
except BadRequest:
return None

InstanceIpSM.locate(iip_obj.uuid)
Expand Down
9 changes: 9 additions & 0 deletions src/config/svc-monitor/svc_monitor/snat_agent.py
View file
Expand Up @@ -218,6 +218,15 @@ def delete_snat_instance(self, router_obj):
# Delete service instance
if si_obj:
self._vnc_lib.service_instance_delete(id=si_uuid)

# Delete left network
vn_name = '%s_%s' % (svc_info.get_snat_left_vn_prefix(),
si_obj.name)
vn_fq_name = si_obj.fq_name[:-1] + [vn_name]
try:
self._vnc_lib.virtual_network_delete(fq_name=vn_fq_name)
except (RefsExistError, NoIdError):
pass
# end delete_snat_instance

def cleanup_snat_instance(self, lr_id, si_id):
Expand Down
2 changes: 0 additions & 2 deletions src/config/svc-monitor/svc_monitor/svc_monitor.py
View file
Expand Up @@ -591,8 +591,6 @@ def timer_callback(monitor):
continue
if vn.name in svc_info.get_shared_vn_list():
monitor._delete_shared_vn(vn.uuid)
elif vn.name.startswith(svc_info.get_snat_left_vn_prefix()):
monitor._delete_shared_vn(vn.uuid)


def launch_timer(monitor):
Expand Down

0 comments on commit 555039c

Please sign in to comment.