FWaaS v2: L3 logging agent extension
This patch introduces L3 logging agent extension for firewall group. It also configures the extension for devstack when log plugin is enabled. Co-Authored-By: Kim Bao Long <longkb@vn.fujitsu.com> Partial-Bug: #1720727 Change-Id: I4d9af5325f157fbb35ea6fdb25723268856a0db4
This commit is contained in:
parent
a64c056f2b
commit
3b1590ff69
|
@ -54,6 +54,10 @@ function configure_fwaas_v2() {
|
|||
iniset /$NEUTRON_CORE_PLUGIN_CONF agent extensions fwaas_v2
|
||||
}
|
||||
|
||||
function configure_l3_log_fwaas_v2(){
|
||||
iniadd $Q_L3_CONF_FILE agent extensions fwaas_v2_log
|
||||
}
|
||||
|
||||
function neutron_fwaas_generate_config_files {
|
||||
(cd $NEUTRON_FWAAS_DIR && exec ./tools/generate_config_file_samples.sh)
|
||||
}
|
||||
|
@ -113,6 +117,10 @@ if is_service_enabled q-svc neutron-api && is_service_enabled q-fwaas q-fwaas-v1
|
|||
elif is_service_enabled q-fwaas-v2 neutron-fwaas-v2; then
|
||||
echo_summary "Configuring neutron-fwaas for FWaaS v2"
|
||||
configure_fwaas_v2
|
||||
if is_service_enabled q-log neutron-log; then
|
||||
echo_summary "Configuring FwaaS V2 packet log for l3 extension"
|
||||
configure_l3_log_fwaas_v2
|
||||
fi
|
||||
else
|
||||
echo_summary "Configuring neutron-fwaas for FWaaS v1"
|
||||
configure_fwaas_v1
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
# Copyright (c) 2018 Fujitsu Limited
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from neutron.services.logapi.agent.l3 import base
|
||||
from neutron.services.logapi.agent import log_extension as log_ext
|
||||
from neutron.services.logapi.rpc import agent as agent_rpc
|
||||
from neutron_lib.agent import l3_extension
|
||||
|
||||
#TODO(annp) move to neutron-lib
|
||||
FIREWALL_LOG_DRIVER_NAME = 'fwaas_v2_log'
|
||||
|
||||
|
||||
class FWaaSL3LoggingExtension(base.L3LoggingExtensionBase,
|
||||
l3_extension.L3AgentExtension):
|
||||
|
||||
def initialize(self, connection, driver_type):
|
||||
"""Initialize L3 logging agent extension"""
|
||||
|
||||
fw_log_cls = self._load_driver_cls(
|
||||
log_ext.LOGGING_DRIVERS_NAMESPACE, FIREWALL_LOG_DRIVER_NAME)
|
||||
self.log_driver = fw_log_cls(self.agent_api)
|
||||
self.resource_rpc = agent_rpc.LoggingApiStub()
|
||||
self._register_rpc_consumers()
|
||||
self.log_driver.initialize(self.resource_rpc)
|
|
@ -0,0 +1,51 @@
|
|||
# Copyright (c) 2018 Fujitsu Limited.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import mock
|
||||
|
||||
from neutron.api.rpc.callbacks.consumer import registry
|
||||
from neutron.api.rpc.callbacks import resources
|
||||
from neutron.api.rpc.handlers import resources_rpc
|
||||
from neutron.tests.unit.services.logapi.agent.l3 import test_base as base
|
||||
from neutron_lib import constants as lib_const
|
||||
|
||||
from neutron_fwaas.services.logapi.agents.l3 import fwg_log
|
||||
|
||||
|
||||
class FWaaSL3LoggingExtensionInitializeTestCase(base.L3LoggingExtBaseTestCase):
|
||||
|
||||
def setUp(self):
|
||||
super(FWaaSL3LoggingExtensionInitializeTestCase, self).setUp()
|
||||
self.fw_l3_log_ext = fwg_log.FWaaSL3LoggingExtension()
|
||||
self.fw_l3_log_ext.consume_api(self.agent_api)
|
||||
|
||||
@mock.patch.object(registry, 'register')
|
||||
@mock.patch.object(resources_rpc, 'ResourcesPushRpcCallback')
|
||||
def test_initialize_subscribed_to_rpc(self, rpc_mock, subscribe_mock):
|
||||
call_to_patch = 'neutron.common.rpc.Connection'
|
||||
with mock.patch(call_to_patch,
|
||||
return_value=self.connection) as create_connection:
|
||||
self.fw_l3_log_ext.initialize(
|
||||
self.connection, lib_const.L3_AGENT_MODE)
|
||||
create_connection.assert_has_calls([mock.call()])
|
||||
self.connection.create_consumer.assert_has_calls(
|
||||
[mock.call(
|
||||
resources_rpc.resource_type_versioned_topic(
|
||||
resources.LOGGING_RESOURCE),
|
||||
[rpc_mock()],
|
||||
fanout=True)]
|
||||
)
|
||||
subscribe_mock.assert_called_with(
|
||||
mock.ANY, resources.LOGGING_RESOURCE)
|
|
@ -57,6 +57,7 @@ neutron.agent.l2.firewall_drivers =
|
|||
neutron.agent.l3.extensions =
|
||||
fwaas = neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent:L3WithFWaaS
|
||||
fwaas_v2 = neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent_v2:L3WithFWaaS
|
||||
fwaas_v2_log = neutron_fwaas.services.logapi.agents.l3.fwg_log:FWaaSL3LoggingExtension
|
||||
neutron.agent.l3.firewall_drivers =
|
||||
conntrack = neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.legacy_conntrack:ConntrackLegacy
|
||||
netlink_conntrack = neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.netlink_conntrack:ConntrackNetlink
|
||||
|
|
Loading…
Reference in New Issue