Handle create_router when network and subnet exist
Subnets were not assigned if they already existed and were not created, but the router creation code for the configure-resources depends on the subnets variable for iteration. Initialize the subnets from the query for the subnets for the case of existing subnets. Additionally, the octavia charm uses a service user which can see other subnets that are tagged 'charm-octavia'. Narrow the scope of the subnet listing to the network being used by the charm. Closes-Bug: #1866126 Change-Id: Id88a68a398a50532e11daff33fb774caf65a0c0a Co-authored-by: Aurelien Lourot <aurelien.lourot@canonical.com>
This commit is contained in:
parent
58d203465b
commit
07b5dc8ea8
|
@ -617,12 +617,16 @@ def get_mgmt_network(identity_service, create=True):
|
||||||
raise APIUnavailable('neutron', 'networks', e)
|
raise APIUnavailable('neutron', 'networks', e)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
resp = nc.list_subnets(tags='charm-octavia')
|
# The service user can see other subnets that are tagged with
|
||||||
|
# 'charm-octavia' but are not part of this service's lb-mgmt-net. To
|
||||||
|
# avoid that, ensure that the subnets are filtered by the network the
|
||||||
|
# charm cares about.
|
||||||
|
resp = nc.list_subnets(network_id=network['id'], tags='charm-octavia')
|
||||||
except NEUTRON_TEMP_EXCS as e:
|
except NEUTRON_TEMP_EXCS as e:
|
||||||
raise APIUnavailable('neutron', 'subnets', e)
|
raise APIUnavailable('neutron', 'subnets', e)
|
||||||
|
|
||||||
n_resp = len(resp.get('subnets', []))
|
subnets = resp.get('subnets', [])
|
||||||
subnets = None
|
n_resp = len(subnets)
|
||||||
if n_resp < 1 and create:
|
if n_resp < 1 and create:
|
||||||
# make rfc4193 Unique Local IPv6 Unicast Addresses from network UUID
|
# make rfc4193 Unique Local IPv6 Unicast Addresses from network UUID
|
||||||
rfc4193_addr = 'fc00'
|
rfc4193_addr = 'fc00'
|
||||||
|
|
|
@ -374,7 +374,8 @@ class TestAPICrud(test_utils.PatchHelper):
|
||||||
nc.create_network.assert_called_once_with({
|
nc.create_network.assert_called_once_with({
|
||||||
'network': {'name': octavia.OCTAVIA_MGMT_NET}})
|
'network': {'name': octavia.OCTAVIA_MGMT_NET}})
|
||||||
|
|
||||||
nc.list_subnets.assert_called_once_with(tags=resource_tag)
|
nc.list_subnets.assert_called_once_with(network_id=network_uuid,
|
||||||
|
tags=resource_tag)
|
||||||
nc.list_routers.assert_called_once_with(tags=resource_tag)
|
nc.list_routers.assert_called_once_with(tags=resource_tag)
|
||||||
nc.create_router.assert_called_once_with(
|
nc.create_router.assert_called_once_with(
|
||||||
{'router': {'name': 'lb-mgmt', 'distributed': False}})
|
{'router': {'name': 'lb-mgmt', 'distributed': False}})
|
||||||
|
@ -414,7 +415,8 @@ class TestAPICrud(test_utils.PatchHelper):
|
||||||
self.init_neutron_client.assert_called_once_with(
|
self.init_neutron_client.assert_called_once_with(
|
||||||
self.session_from_identity_service())
|
self.session_from_identity_service())
|
||||||
nc.list_networks.assert_called_once_with(tags=resource_tag)
|
nc.list_networks.assert_called_once_with(tags=resource_tag)
|
||||||
nc.list_subnets.assert_called_once_with(tags=resource_tag)
|
nc.list_subnets.assert_called_once_with(network_id=network_uuid,
|
||||||
|
tags=resource_tag)
|
||||||
nc.list_routers.assert_called_once_with(tags=resource_tag)
|
nc.list_routers.assert_called_once_with(tags=resource_tag)
|
||||||
nc.list_security_groups.assert_has_calls([
|
nc.list_security_groups.assert_has_calls([
|
||||||
mock.call(tags=resource_tag),
|
mock.call(tags=resource_tag),
|
||||||
|
@ -426,3 +428,51 @@ class TestAPICrud(test_utils.PatchHelper):
|
||||||
{'id': network_uuid},
|
{'id': network_uuid},
|
||||||
{'id': self.secgrp_uuid},),
|
{'id': self.secgrp_uuid},),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
def test_get_mgmt_network_exists_create_router(self):
|
||||||
|
resource_tag = 'charm-octavia'
|
||||||
|
self.patch_object(api_crud, 'session_from_identity_service')
|
||||||
|
self.patch_object(api_crud, 'init_neutron_client')
|
||||||
|
identity_service = mock.MagicMock()
|
||||||
|
nc = mock.MagicMock()
|
||||||
|
self.init_neutron_client.return_value = nc
|
||||||
|
network_uuid = '83f1a860-9aed-4c0b-8b72-47195580a0c1'
|
||||||
|
nc.list_networks.return_value = {'networks': [{'id': network_uuid}]}
|
||||||
|
nc.list_subnets.return_value = {
|
||||||
|
'subnets': [{'id': 'fake-subnet-uuid'}]}
|
||||||
|
# network and subnet exists, but router doesn't
|
||||||
|
nc.list_routers.return_value = {'routers': []}
|
||||||
|
nc.create_router.return_value = {
|
||||||
|
'router': {'id': 'fake-router-uuid'}}
|
||||||
|
nc.list_security_groups.side_effect = [
|
||||||
|
{'security_groups': [{'id': self.secgrp_uuid}]},
|
||||||
|
{'security_groups': [{'id': self.health_secgrp_uuid}]},
|
||||||
|
]
|
||||||
|
|
||||||
|
self.patch_object(api_crud.neutronclient.common, 'exceptions',
|
||||||
|
name='neutron_exceptions')
|
||||||
|
self.neutron_exceptions.Conflict = FakeNeutronConflictException
|
||||||
|
nc.create_security_group_rule.side_effect = \
|
||||||
|
FakeNeutronConflictException
|
||||||
|
result = api_crud.get_mgmt_network(identity_service)
|
||||||
|
self.init_neutron_client.assert_called_once_with(
|
||||||
|
self.session_from_identity_service())
|
||||||
|
nc.list_networks.assert_called_once_with(tags=resource_tag)
|
||||||
|
self.assertFalse(nc.create_networks.called)
|
||||||
|
nc.list_subnets.assert_called_once_with(network_id=network_uuid,
|
||||||
|
tags=resource_tag)
|
||||||
|
self.assertFalse(nc.create_subnet.called)
|
||||||
|
nc.list_routers.assert_called_once_with(tags=resource_tag)
|
||||||
|
self.assertTrue(nc.create_router.called)
|
||||||
|
nc.add_interface_router.assert_called_once_with('fake-router-uuid', {
|
||||||
|
'subnet_id': 'fake-subnet-uuid'})
|
||||||
|
nc.list_security_groups.assert_has_calls([
|
||||||
|
mock.call(tags=resource_tag),
|
||||||
|
mock.call(tags=resource_tag + '-health'),
|
||||||
|
])
|
||||||
|
nc.create_security_group_rule.assert_has_calls(
|
||||||
|
self.security_group_rule_calls)
|
||||||
|
self.assertEqual(result, (
|
||||||
|
{'id': network_uuid},
|
||||||
|
{'id': self.secgrp_uuid},),
|
||||||
|
)
|
||||||
|
|
Loading…
Reference in New Issue