Add api for waiting for success consolidated status for gateway policy

Change-Id: Ie6516d9d574bf4777f451d44439dc512a89245a7
This commit is contained in:
asarfaty 2020-07-19 18:03:21 +02:00
parent 3f4f651a7f
commit 953d0936ba
3 changed files with 116 additions and 2 deletions

View File

@ -2143,6 +2143,57 @@ class TestPolicyGatewayPolicy(TestPolicyCommunicationMap):
self.resource_type = 'GatewayPolicy'
self.path_name = 'gateway-policies'
def test_get_realized(self):
domain_id = 'd1'
map_id = '111'
result = [{'state': constants.STATE_REALIZED,
'entity_type': 'RealizedFirewallSection'}]
with mock.patch.object(
self.policy_api, "get_realized_entities",
return_value=result) as api_get:
state = self.resourceApi.get_realized_state(
domain_id, map_id, tenant=TEST_TENANT)
self.assertEqual(constants.STATE_REALIZED, state)
path = "/%s/domains/%s/%s/%s" % (
TEST_TENANT, domain_id, self.path_name, map_id)
api_get.assert_called_once_with(path, silent=False)
def test_wait_until_realized_failed(self):
domain_id = 'd1'
map_id = '111'
gw_section_id = 'realized_111'
info = {'state': constants.STATE_UNREALIZED,
'realization_specific_identifier': gw_section_id}
with mock.patch.object(self.resourceApi, "_get_realization_info",
return_value=info):
self.assertRaises(nsxlib_exc.RealizationTimeoutError,
self.resourceApi.wait_until_realized,
domain_id, map_id, tenant=TEST_TENANT,
max_attempts=5, sleep=0.1)
def test_wait_until_state_sucessful_with_error(self):
domain_id = 'd1'
map_id = '111'
info = {'consolidated_status': {'consolidated_status': 'ERROR'}}
with mock.patch.object(self.resourceApi.policy_api,
"get_intent_consolidated_status",
return_value=info):
self.assertRaises(nsxlib_exc.RealizationErrorStateError,
self.resourceApi.wait_until_state_sucessful,
domain_id, map_id, tenant=TEST_TENANT,
max_attempts=5, sleep=0.1)
def test_wait_until_state_sucessful(self):
domain_id = 'd1'
map_id = '111'
info = {'consolidated_status': {'consolidated_status': 'SUCCESS'}}
with mock.patch.object(self.resourceApi.policy_api,
"get_intent_consolidated_status",
return_value=info):
self.resourceApi.wait_until_state_sucessful(
domain_id, map_id, tenant=TEST_TENANT,
max_attempts=5, sleep=0.1)
class TestPolicyEnforcementPoint(NsxPolicyLibTestCase):

View File

@ -18,6 +18,7 @@ import abc
from distutils import version
from oslo_log import log as logging
import requests
import six
from vmware_nsxlib.v3 import nsx_constants
@ -57,8 +58,14 @@ WAF_PROFILES_PATH_PATTERN = (TENANTS_PATH_PATTERN +
CERTIFICATE_PATH_PATTERN = TENANTS_PATH_PATTERN + "certificates/"
EXCLUDE_LIST_PATH_PATTERN = (TENANTS_PATH_PATTERN +
"settings/firewall/security/exclude-list")
REALIZATION_PATH = "infra/realized-state/realized-entities?intent_path=%s"
REALIZATION_PATH_PREFIX = "infra/realized-state/"
REALIZATION_PATH_SUFFIX = "?intent_path=%s"
REALIZATION_PATH = (REALIZATION_PATH_PREFIX + "realized-entities" +
REALIZATION_PATH_SUFFIX)
REALIZATION_REFRESH_PATH = (REALIZATION_PATH_PREFIX + "realized-entity" +
REALIZATION_PATH_SUFFIX + "&action=refresh")
REALIZATION_STATUS_PATH = (REALIZATION_PATH_PREFIX + "status" +
REALIZATION_PATH_SUFFIX)
DHCP_REALY_PATTERN = TENANTS_PATH_PATTERN + "dhcp-relay-configs/"
DHCP_SERVER_PATTERN = TENANTS_PATH_PATTERN + "dhcp-server-configs/"
MDPROXY_PATTERN = TENANTS_PATH_PATTERN + "metadata-proxies/"
@ -2399,3 +2406,13 @@ class NsxPolicyApi(object):
entity = self.get_realized_entity(path, silent=silent)
if entity:
return entity['state']
def refresh_realized_state(self, path):
# Using POST, excepting 204
expected_results = [requests.codes.no_content]
return self.client.create(REALIZATION_REFRESH_PATH % path,
expected_results=expected_results)
def get_intent_consolidated_status(self, path, silent=False):
return self.client.get(REALIZATION_STATUS_PATH % path,
silent=silent)

View File

@ -3606,6 +3606,52 @@ class NsxPolicySecurityPolicyBaseApi(NsxPolicyResourceBase):
sleep=sleep,
max_attempts=max_attempts)
def wait_until_state_sucessful(self, domain_id, map_id,
tenant=constants.POLICY_INFRA_TENANT,
sleep=None, max_attempts=None,
with_refresh=False):
map_def = self.parent_entry_def(map_id=map_id,
domain_id=domain_id,
tenant=tenant)
map_path = map_def.get_resource_full_path()
if sleep is None:
sleep = self.nsxlib_config.realization_wait_sec
if max_attempts is None:
max_attempts = self.nsxlib_config.realization_max_attempts
@utils.retry_upon_none_result(max_attempts, delay=sleep, random=True)
def get_state():
state = self.policy_api.get_intent_consolidated_status(
map_path, silent=True)
if state and state.get('consolidated_status'):
con_state = state['consolidated_status'].get(
'consolidated_status')
if con_state == 'SUCCESS':
return True
if con_state == 'ERROR':
raise exceptions.RealizationErrorStateError(
resource_type=map_def.resource_type(),
resource_id=map_def.get_id(),
error="Unknown")
if with_refresh:
# Refresh the consolidated state for the next time
# (if not, it will be refreshed at the policy level after a
# refresh cycle)
self.policy_api.refresh_realized_state(map_path)
try:
return get_state()
except exceptions.RealizationError as e:
raise e
except Exception:
# max retries reached
raise exceptions.RealizationTimeoutError(
resource_type=map_def.resource_type(),
resource_id=map_def.get_id(),
attempts=max_attempts,
sleep=sleep)
class NsxPolicyCommunicationMapApi(NsxPolicySecurityPolicyBaseApi):
"""NSX Policy CommunicationMap (Under a Domain). AKA Security"""