Commit Graph

31 Commits

Author SHA1 Message Date
ericxiett 4b4f291545 Fix typos
Change-Id: I605bcdde50a3e4427af74ba616887c15c787a40a
2021-09-21 09:33:29 +08:00
Takashi Natsume ee0b34eb3e Use unittest.mock instead of third party mock
Now that we no longer support py27, we can use the standard library
unittest.mock module instead of the third party mock lib.

Change-Id: I67fcc16530f1c46eecb62e27eb7b88d1dee6f9df
Signed-off-by: Takashi Natsume <takanattie@gmail.com>
2020-05-25 06:41:16 +00:00
Takashi Natsume 727d8da342 Remove six
Now that we no longer support py27, we can remove six.

Change-Id: Ie3ff2b7f5e8a5ff1357d6147ab1eb481f562aba3
Signed-off-by: Takashi Natsume <takanattie@gmail.com>
2020-05-02 18:28:47 +09:00
Stephen Finucane ba9d4ca956 trivial: Remove some rules from flake8 ignore list
Most of these were either unnecessary or trivial to resolve.

Change-Id: I2952e4906a511f6ffc6c53dc1c582464000e22de
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
2020-03-31 11:05:27 +01:00
Andreas Jaeger d57a5f39ed Update hacking for Python3
The repo is Python 3 now, so update hacking to version 3.0 which
supports Python 3.

Fix problems found by updated hacking version.

Change-Id: I8d4a0fc1b7c4e0c1e474a707aa900d09181ba11f
2020-03-31 06:44:56 +00:00
Rodolfo Alonso Hernandez 9ad9b84839 Prevent "qbr" Linux Bridge from replying to ARP messages
The Linux Bridge in between the VM TAP interface and OVS should [1][2]:
- Reply only if the target IP address is local address configured
  on the incoming interface.
- Always use the best local address.

[1]http://kb.linuxvirtualserver.org/wiki/Using_arp_announce/arp_ignore_to_disable_ARP
[2]http://linux-ip.net/html/ether-arp.html#ether-arp-flux

Change-Id: I8721b680bbd9f59a67bd8e6855ffb291c208cdb8
Closes-Bug: #1825888
2019-04-26 09:19:55 +00:00
Rodolfo Alonso Hernandez ee124d2e98 Remove IP proxy methods
Remove IP proxy methods in os_vif.internal.command.ip.__init__.py. Both
Windows and Linux IP implementations have the same interface, IpCommand.
Method calls (set, add, delete, exists) must be the same for both IP
classes, making those proxy calls unnecessary.

Removed a nesting level for internal IP commands. Now those commands are
located in os_vif.internal.ip.

Change-Id: Id8b71172fb06b435cf169a7e55c11233f22fa65b
Closes-Bug: #1817940
2019-04-25 13:43:34 +00:00
Jan Gutter 646839649f Fix nits in brctl removal (vif_plug_linux_bridge)
This commit fixes the nits caught in:
Id03be72e22302a0954f3e47c116f389cb4304c03

Change-Id: Ib7fcb3c6f809222c33d163fe7a2d854016c7d392
Signed-off-by: Jan Gutter <jan.gutter@netronome.com>
2019-02-25 16:22:57 +02:00
Sean Mooney 1f6fed6a69 remove use of brctl from vif_plug_linux_bridge
- This change replaces calls to brctl with calls
  to the ip_command interface.
- This change adds a release note for the brctl
  removal.
- This change removes the use of tee to disable
  ipv6 in the linux bridge plugin.

Change-Id: Id03be72e22302a0954f3e47c116f389cb4304c03
Closes-Bug: #1801919
2019-02-21 15:13:07 +00:00
Rodolfo Alonso Hernandez e8d102b500 Add support for Windows network commands
Added a network library dependant on the operating system. Windows
and Linux OS are supported. The library is choosen automatically
depending on Python ``os.name``.

Linux library is based on ``ip`` commands and still relying on
``processutils`` library. Linux implementation can't use ``netifaces``
because this library doesn't provide the needed functionality. [1] will
migrate all ``ip`` commands to ``pyroute2`` library.

Windows library relies on Python's ``netifaces`` library because is
enough for the reduced set of commands used. The only functionality
implemented, to cover the bug resolution, is the device existence
check. New functionalities could be added following, for example,
the Neutron implementation.

[1] https://review.openstack.org/#/c/484386/

Closes-Bug: #1672812

Change-Id: I84e3582135ed02137366c8f55f1dd1e4c115f0b5
2018-09-26 14:40:21 +01:00
Rodolfo Alonso Hernandez dff9093ab6 Migrate from 'ip' commands to 'pyroute2'
This patch migrates the use of command line 'ip' commands
to pyroute2 library. A new class, 'IpCommand', is created
to wrap the use of the library, implementing the functionalities
needed in this project.

The new wrapper class is defined in 'os_vif' and is used in
'vif_plug_linux_bridge' and 'vif_plug_ovs'.

This patch also adds functional tests in 'os_vif'. The aim
of these functional tests is to check 'pyroute2' implementation
works correctly, by creating, modifying and deleting network
interfaces. 'ip' commands are used to execute additional actions,
not relying on the tested library to check its own results.

Co-Authored-By: Stephen Finucane <stephenfin@redhat.com>

Closes-Bug: #1677238
Change-Id: I18f7b3424a6c447ee89df1f0326ece75f2333bf2
2018-01-08 10:17:42 +00:00
Rodolfo Alonso Hernandez 0805101573 Add Port Profile info to VIF objects Linux Bridge plugin
Added the Port Profile information to each VIF type in
``vif_plug_linux_bridge``. This information will be populated to
Nova trough os_vif.host_info function.

Change-Id: Ib693388f7a7eb9aa359976a1d0aba35e5b325ddb
Blueprint: vif-port-profile
2017-10-04 15:12:12 +01:00
Rodolfo Alonso Hernandez 9fbc124f7f Add plugin names as constants.
HostPluginInfo plugin_name field is the name of the possible
different plugins that could be used, defined in-tree or out-of-tree
this project.

To avoid typing errors, PLUGIN_NAME constant is added to each project.

Closes-Bug: #1714472
Change-Id: Ibb3b65314958ae56a2389704903c04dc985114d7
2017-09-05 11:38:12 +00:00
Sean Mooney e15e8dc46e set mtu on all code paths
- This change ensures that the mtu is always set
  by the linux bridge plugin if provided.

related-bug: #bug/1684326
Change-Id: I9f901dcf67823a6dd78b9b18cb3e06a3f6a13e37
2017-07-10 15:43:37 +00:00
Rodolfo Alonso Hernandez c1a8f7a5da Use ``assert_has_calls`` to check function calls
The preferred method to test mocked function calls in unit tests
is ``mock.assert_has_calls``. All assertions in unit tests are
substituted by this method.

Change-Id: I25c665f690f61c1d862431bc60a194d1d9279f22
Closes-Bug: #1697010
2017-06-27 14:37:45 +01:00
Rodolfo Alonso Hernandez 21d7392c79 Rehome unit tests to ``tests\unit`` folder
Currently only unit tests are executed, but other type could be needed
(functional, for example). All tests in ``os_vif``, ``vif_plug_ovs`` and
``vif_plug_linux_bridge`` are moved to ``tests\unit`` folder.

TrivialFix

Change-Id: I3ea64a407b5fa8b23e0c8e656a55524139d1b79f
2017-06-27 09:05:37 +01:00
Kevin Benton 10e6b6bd1b Don't install iptables rules if neutron is filtering
Don't setup iptables rules in the Linux Bridge driver
if Neutron is providing security groups filtering.
When neutron is providing filtering, it handles everything
ranging from security-group enforcement to anti-spoofing
rules so Nova/os-vif shouldn't need to do anything on plug.

Change-Id: I19d62a8ac730aba2586b9f8eb08e153746ec2bcb
2017-02-28 12:08:59 +00:00
Davanum Srinivas 85ae306602 [py35] Switch filter to list comprehensions
Pick up the changes made in the copy of the code in Nova for converting
most of the filters to list comprehensions

Change-Id: Iaddc8788424c9bddf2923e23be085e32a223735b
2017-01-23 02:53:50 +00:00
Sean Mooney 54172168e2 remove use of contextlib and with nested
- The use of contextlib and "with nested" statements are deprecated.
- This change remove the deprecation warning by refactoring all
  unit test that used "with neted" statements to create mocks via
  with the decorator syntax.
- This chage removes all depencies on contexlib.

trivial_fix

Change-Id: I6d929e59306f9289f717fff3fb79542e804396b6
2016-11-22 23:09:46 +00:00
Kevin Benton f3130fe8e2 Add MTU to Network model and use it in plugging
This adds an MTU field to the network model and
has the vif_plug_ovs and vif_plug_linux_bridge drivers
check for it before referencing the global config variable.

Closes-Bug: #1623876
Change-Id: I327c901a285bca23560f49a921a5d030f7f71cad
2016-09-15 13:16:32 +00:00
Kevin Benton c25ce5a852 Check for concurrent bridge creation in bridge add
With Linux bridge, either Neutron or Nova may create the bridge
associated with a network so this process must be robust to
concurrent creations of the same bridge.

This change just has the addbr call capture exceptions and avoid
reraising if the device already exists.

Closes-Bug: #1617447
Change-Id: Ib0266086e0caffecf3f9f2a8291369cfa155f386
2016-08-26 23:52:29 +00:00
Brian Haley c74f92a0e0 Disable IPv6 on bridge devices in linux bridge code
Bridges should not have any IPv6 addresses, either
link-local, or on the tenant's private network due
to the bridge processing Router Advertisements from
Neutron and auto-configuring addresses, since it will
allow access to the hypervisor from a tenant VM.

The bridge only exists for the Neutron security group
code, so we can safely disable IPv6 on it.

Similar to other nova and neutron changes such as
https://review.openstack.org/#/c/313070/

Change-Id: I2ce540b4201cd227c5df53daeb686c4cc49a6e59
Closes-bug: 1302080
2016-08-05 11:37:34 -04:00
Jenkins 6292a98348 Merge "mtu: don't attempt to set link mtu if it's invalid" 2016-08-05 11:29:13 +00:00
Takashi NATSUME ff28181fdd Fix logging calls
This patch fixes the following items.

- Missing a marker function _LI
- String interpolation
- A typo (ENsuring -> Ensuring)

* Guidelines for Use In OpenStack — oslo.i18n
http://docs.openstack.org/developer/oslo.i18n/guidelines.html

Change-Id: I4cc5781100fd2d2be3dd5c44c789396f3fdbd649
Closes-Bug: #1596829
2016-08-02 13:22:30 +09:00
Ihar Hrachyshka 138312122e mtu: don't attempt to set link mtu if it's invalid
network_device_mtu option does not have an explicit default value set,
in which case it is implicitly None. Also, it can be set to e.g. 0.

In those both cases, we should not attempt to set 'None' or '0' MTU
value on interfaces, since such requests are doomed to fail.

Instead of calling to 'ip link' as we do now, validate MTU value first
and issue a warning if MTU is not properly configured for the device.

Change-Id: I6b4a5e281297ee0c71b6968595480e805ec4279c
Co-Authored-By: Sean Mooney <sean.k.mooney@intel.com>
Closes-Bug: #1591127
2016-06-10 14:00:15 +01:00
Daniel P. Berrange bf845feb11 linux_bridge: convert over to use privsep module
Instead of relying on root wrap, convert the Linux bridge
network and iptables code to use the privsep module to
run privileged actions.

Change-Id: Ief902f63c49e4529bae43c619c1284fe51c90a90
2016-04-04 12:42:16 +01:00
Daniel P. Berrange 76994a02d4 test: use real UUID in all UUID fields
Many of the fields in VIF related objects required a UUID, but
tests are passing in random garbage. The UUIDField is going to
start rejecting these bogus UUIDs so they need fixing

Closes-Bug: #1550629
Change-Id: I8ccc68a6f6e709951ae1ba6c1388d6c025775332
2016-03-31 12:17:12 +00:00
Daniel P. Berrange 9686110d53 os-vif: introduce a ComputeInfo object to represent compute info
When a compute service is allocating ports with the network service,
it needs to pass across information about the capabilities of the
compute host. Currently each plugin provides information about its
own capabilities. This introduces a ComputeInfo class which,
initially, just contains a dict of PluginInfo classes.

With this change, there is a versioning constraint between the
compute and network hosts. The compute host must not pass the network
host a ComputeInfo object with a version that the network host
is unable to deserialize(). This implies that as a general rule the
version of os-vif on the network host must be at least as new as the
version on the compute hosts. During a live upgrade, the network
hosts must be upgraded before the compute hosts.

Change-Id: I7b51c97b5e03ffa51a56ceb3d4f97e188508379d
2016-03-18 13:37:33 +00:00
Daniel P. Berrange 2d9c516c49 linux_bridge: actually apply the iptables rules
The linux bridge network code for creating bridges never
actually told the iptables manager to apply the rules it
just set. Previously when this code lived inside Nova it
just happened to work, because there was a single iptables
manager instance in nova and other unrelated code would
fortunately apply iptables rules. Now we're standalone
we must explicitly apply them

Change-Id: I26e27c1c4b337d0a51efbe37ca671b4f23cf38db
2016-03-03 11:15:55 +00:00
Moshe Levi b2a910ca48 Change network vlan to integer
Change-Id: I10e327d6a1dbffbdca92b767b25f7b9de1f8c540
2016-02-22 15:56:50 +02:00
Daniel P. Berrange 5888af0815 import linux bridge plugin implementation
While most of the vendor plugins will be in separate repositories,
the os-vif library will include the Linux bridge plugin as one of
the reference implementations.

Change-Id: If53e1e987991a9695ff4390bb9a52d7a80c0e2ee
2016-02-16 11:06:59 +00:00