Implement neutron network protectable plugin
Closes-Bug: 1569998 Change-Id: Ie99bb1e7a6ba9e70e1f65ab7b252827cf783e6c5
This commit is contained in:
parent
a50b4fefb1
commit
5f5680fcb2
|
@ -7,6 +7,7 @@ plugin=karbor-volume-protection-plugin
|
|||
plugin=karbor-image-protection-plugin
|
||||
plugin=karbor-server-protection-plugin
|
||||
plugin=karbor-share-protection-plugin
|
||||
plugin=karbor-network-protection-plugin
|
||||
bank=karbor-swift-bank-plugin
|
||||
|
||||
[swift_client]
|
||||
|
|
|
@ -35,11 +35,13 @@ RESOURCE_TYPES = (PROJECT_RESOURCE_TYPE,
|
|||
VOLUME_RESOURCE_TYPE,
|
||||
IMAGE_RESOURCE_TYPE,
|
||||
SHARE_RESOURCE_TYPE,
|
||||
NETWORK_RESOURCE_TYPE,
|
||||
) = ('OS::Keystone::Project',
|
||||
'OS::Nova::Server',
|
||||
'OS::Cinder::Volume',
|
||||
'OS::Glance::Image',
|
||||
'OS::Manila::Share'
|
||||
'OS::Manila::Share',
|
||||
'OS::Neutron::Network',
|
||||
)
|
||||
# plan status
|
||||
PLAN_STATUS_SUSPENDED = 'suspended'
|
||||
|
|
|
@ -0,0 +1,156 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import six
|
||||
|
||||
from karbor.common import constants
|
||||
from karbor import exception
|
||||
from karbor import resource
|
||||
from karbor.services.protection.client_factory import ClientFactory
|
||||
from karbor.services.protection import protectable_plugin
|
||||
from oslo_log import log as logging
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class NetworkProtectablePlugin(protectable_plugin.ProtectablePlugin):
|
||||
"""Protectable plugin implementation for Network from Neutron.
|
||||
|
||||
"""
|
||||
|
||||
_SUPPORT_RESOURCE_TYPE = constants.NETWORK_RESOURCE_TYPE
|
||||
|
||||
def _neutron_client(self, cntxt):
|
||||
return ClientFactory.create_client('neutron', cntxt)
|
||||
|
||||
def _nova_client(self, cntxt):
|
||||
return ClientFactory.create_client('nova', cntxt)
|
||||
|
||||
def get_resource_type(self):
|
||||
return self._SUPPORT_RESOURCE_TYPE
|
||||
|
||||
def get_parent_resource_types(self):
|
||||
return (constants.SERVER_RESOURCE_TYPE,
|
||||
constants.PROJECT_RESOURCE_TYPE)
|
||||
|
||||
def _get_network_id(self):
|
||||
"""Set network_id as project_id
|
||||
|
||||
Cause the network plugin include the ports, networks,
|
||||
subnets, routes, securitygroups, So make the id for
|
||||
the whole plugin-package info, not just like the server
|
||||
plugin which have the real server-id for the server.
|
||||
"""
|
||||
|
||||
network_id = self._context.project_id
|
||||
return network_id
|
||||
|
||||
def list_resources(self, context, parameters=None):
|
||||
try:
|
||||
netclient = self._neutron_client(context)
|
||||
networks = netclient.list_networks().get('networks')
|
||||
except Exception as e:
|
||||
LOG.exception("List all summary networks from neutron failed.")
|
||||
raise exception.ListProtectableResourceFailed(
|
||||
type=self._SUPPORT_RESOURCE_TYPE,
|
||||
reason=six.text_type(e))
|
||||
else:
|
||||
if networks:
|
||||
return [resource.Resource(type=self._SUPPORT_RESOURCE_TYPE,
|
||||
id=self._get_network_id(),
|
||||
name="Network Topology")]
|
||||
return []
|
||||
|
||||
def show_resource(self, context, resource_id, parameters=None):
|
||||
try:
|
||||
if resource_id != self._get_network_id():
|
||||
return None
|
||||
|
||||
netclient = self._neutron_client(context)
|
||||
networks = netclient.list_networks().get('networks')
|
||||
except Exception as e:
|
||||
LOG.exception("List all summary networks from neutron failed.")
|
||||
raise exception.ListProtectableResourceFailed(
|
||||
type=self._SUPPORT_RESOURCE_TYPE,
|
||||
reason=six.text_type(e))
|
||||
else:
|
||||
if networks:
|
||||
return resource.Resource(type=self._SUPPORT_RESOURCE_TYPE,
|
||||
id=self._get_network_id(),
|
||||
name="Network Topology")
|
||||
return None
|
||||
|
||||
def _get_dependent_resources_by_server(self,
|
||||
context,
|
||||
parent_resource):
|
||||
try:
|
||||
# get metadata about network from neutron
|
||||
net_client = self._neutron_client(context)
|
||||
network_infos = net_client.list_networks().get('networks')
|
||||
neutron_networks = {network["id"] for network in network_infos}
|
||||
|
||||
# get interface info from server
|
||||
nova_networks = set()
|
||||
serverid = parent_resource.id
|
||||
nova_client = ClientFactory.create_client("nova", context)
|
||||
interface_list = nova_client.servers.interface_list(serverid)
|
||||
|
||||
# check net_id in interface
|
||||
for iface in interface_list:
|
||||
net_id = iface.net_id
|
||||
if net_id not in nova_networks:
|
||||
nova_networks.add(net_id)
|
||||
|
||||
# get the exsited networks
|
||||
valid_networks = nova_networks.intersection(neutron_networks)
|
||||
if valid_networks:
|
||||
return [resource.Resource(type=self._SUPPORT_RESOURCE_TYPE,
|
||||
id=self._get_network_id(),
|
||||
name="Network Topology")]
|
||||
return []
|
||||
except Exception as e:
|
||||
LOG.exception("List all interfaces from nova failed.")
|
||||
raise exception.ListProtectableResourceFailed(
|
||||
type=self._SUPPORT_RESOURCE_TYPE,
|
||||
reason=six.text_type(e))
|
||||
|
||||
def _get_dependent_resources_by_project(self,
|
||||
context,
|
||||
parent_resource):
|
||||
try:
|
||||
tid = parent_resource.id
|
||||
netclient = self._neutron_client(context)
|
||||
networks = netclient.list_networks(tenant_id=tid).get('networks')
|
||||
|
||||
if networks:
|
||||
return [resource.Resource(type=self._SUPPORT_RESOURCE_TYPE,
|
||||
id=self._get_network_id(),
|
||||
name="Network Topology")]
|
||||
else:
|
||||
return []
|
||||
|
||||
except Exception as e:
|
||||
LOG.exception("List all summary networks from neutron failed.")
|
||||
raise exception.ListProtectableResourceFailed(
|
||||
type=self._SUPPORT_RESOURCE_TYPE,
|
||||
reason=six.text_type(e))
|
||||
|
||||
def get_dependent_resources(self, context, parent_resource):
|
||||
if parent_resource.type == constants.SERVER_RESOURCE_TYPE:
|
||||
return self._get_dependent_resources_by_server(context,
|
||||
parent_resource)
|
||||
|
||||
if parent_resource.type == constants.PROJECT_RESOURCE_TYPE:
|
||||
return self._get_dependent_resources_by_project(context,
|
||||
parent_resource)
|
||||
|
||||
return []
|
|
@ -0,0 +1,57 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from karbor.common import constants
|
||||
from karbor.services.protection import protection_plugin
|
||||
|
||||
|
||||
class NeutronProtectionPlugin(protection_plugin.ProtectionPlugin):
|
||||
_SUPPORT_RESOURCE_TYPES = [constants.NETWORK_RESOURCE_TYPE]
|
||||
|
||||
def __init__(self, config=None):
|
||||
super(NeutronProtectionPlugin, self).__init__(config)
|
||||
|
||||
@classmethod
|
||||
def get_supported_resources_types(self):
|
||||
return self._SUPPORT_RESOURCE_TYPES
|
||||
|
||||
@classmethod
|
||||
def get_options_schema(self, resources_type):
|
||||
# TODO(chenhuayi)
|
||||
pass
|
||||
|
||||
@classmethod
|
||||
def get_restore_schema(self, resources_type):
|
||||
# TODO(chenhuayi)
|
||||
pass
|
||||
|
||||
@classmethod
|
||||
def get_saved_info_schema(self, resources_type):
|
||||
# TODO(chenhuayi)
|
||||
pass
|
||||
|
||||
@classmethod
|
||||
def get_saved_info(self, metadata_store, resource):
|
||||
# TODO(chenhuayi)
|
||||
pass
|
||||
|
||||
def get_protect_operation(self, resource):
|
||||
# TODO(chenhuayi)
|
||||
pass
|
||||
|
||||
def get_restore_operation(self, resource):
|
||||
# TODO(chenhuayi)
|
||||
pass
|
||||
|
||||
def get_delete_operation(self, resource):
|
||||
# TODO(chenhuayi)
|
||||
pass
|
|
@ -416,3 +416,55 @@ class Share(object):
|
|||
return
|
||||
utils.wait_until_none(self._share_status, timeout=timeout,
|
||||
sleep=MEDIUM_SLEEP)
|
||||
|
||||
|
||||
class Network(object):
|
||||
def __init__(self):
|
||||
super(Network, self).__init__()
|
||||
self.id = None
|
||||
self.project_id = None
|
||||
self._name = "private-net"
|
||||
self.neutron_client = base._get_neutron_client()
|
||||
|
||||
def _network_status(self, status=None):
|
||||
try:
|
||||
networks = self.neutron_client.list_networks(name=self._name)
|
||||
assert len(networks['networks']) > 0
|
||||
network = networks['networks'][0]
|
||||
except Exception:
|
||||
return False
|
||||
|
||||
if status is None or status == network['status']:
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
||||
def to_dict(self):
|
||||
return {
|
||||
"id": self.id,
|
||||
"type": constants.NETWORK_RESOURCE_TYPE,
|
||||
"name": self._name,
|
||||
}
|
||||
|
||||
def create(self, timeout=MEDIUM_TIMEOUT):
|
||||
network = {'name': self._name, 'admin_state_up': True}
|
||||
self.neutron_client.create_network({'network': network})
|
||||
|
||||
networks = self.neutron_client.list_networks(name=self._name)
|
||||
assert len(networks['networks']) > 0
|
||||
network_id = networks['networks'][0]['id']
|
||||
self.id = network_id
|
||||
self.project_id = networks['networks'][0]['tenant_id']
|
||||
|
||||
utils.wait_until_true(partial(self._network_status, 'ACTIVE'),
|
||||
timeout=timeout, sleep=MEDIUM_SLEEP)
|
||||
|
||||
return self.id
|
||||
|
||||
def close(self, timeout=LONG_TIMEOUT):
|
||||
try:
|
||||
self.neutron_client.delete_network(self.id)
|
||||
except Exception:
|
||||
return
|
||||
utils.wait_until_none(self._network_status, timeout=timeout,
|
||||
sleep=MEDIUM_SLEEP)
|
||||
|
|
|
@ -32,6 +32,10 @@ class ProtectablesTest(karbor_base.KarborBaseTest):
|
|||
res = self.karbor_client.protectables.get(protectable_type)
|
||||
self.assertEqual(protectable_type, res.name)
|
||||
|
||||
protectable_type = 'OS::Neutron::Network'
|
||||
res = self.karbor_client.protectables.get(protectable_type)
|
||||
self.assertEqual(protectable_type, res.name)
|
||||
|
||||
def test_protectables_list_instances(self):
|
||||
volume = self.store(objects.Volume())
|
||||
volume.create(1)
|
||||
|
@ -47,6 +51,12 @@ class ProtectablesTest(karbor_base.KarborBaseTest):
|
|||
ids = [item.id for item in items]
|
||||
self.assertTrue(server.id in ids)
|
||||
|
||||
network = self.store(objects.Network())
|
||||
network.create()
|
||||
items = self.karbor_client.protectables.list_instances(
|
||||
'OS::Neutron::Network')
|
||||
self.assertEqual(items[0].id, network.project_id)
|
||||
|
||||
def test_protectables_get_instance(self):
|
||||
volume = self.store(objects.Volume())
|
||||
volume.create(1)
|
||||
|
|
|
@ -0,0 +1,160 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from collections import namedtuple
|
||||
import mock
|
||||
|
||||
from karbor.common import constants
|
||||
from karbor.context import RequestContext
|
||||
from karbor import resource
|
||||
from karbor.services.protection.protectable_plugins.network import \
|
||||
NetworkProtectablePlugin
|
||||
from karbor.tests import base
|
||||
from keystoneauth1 import session as keystone_session
|
||||
from neutronclient.v2_0 import client
|
||||
from oslo_config import cfg
|
||||
|
||||
CONF = cfg.CONF
|
||||
|
||||
server_info = namedtuple('server_info',
|
||||
field_names=['id', 'type', 'name', 'addresses'])
|
||||
project_info = namedtuple('project_info', field_names=['id', 'type'])
|
||||
|
||||
FakePorts = {'ports': [
|
||||
{'fixed_ips': [{'subnet_id': 'subnet-1',
|
||||
'ip_address': '10.0.0.21'}],
|
||||
'id': 'port-1',
|
||||
'mac_address': 'mac_address_1',
|
||||
'device_id': 'vm_id_1',
|
||||
'name': '',
|
||||
'admin_state_up': True,
|
||||
'network_id': '658e1063-4ee3-4649-a2c9'},
|
||||
{'fixed_ips': [{'subnet_id': 'subnet-1',
|
||||
'ip_address': '10.0.0.22'}],
|
||||
'id': 'port-2',
|
||||
'mac_address': 'mac_address_2',
|
||||
'device_id': 'vm_id_2',
|
||||
'name': '',
|
||||
'admin_state_up': True,
|
||||
'network_id': 'network_id_2'}
|
||||
]}
|
||||
|
||||
|
||||
class NetworkProtectablePluginTest(base.TestCase):
|
||||
def setUp(self):
|
||||
super(NetworkProtectablePluginTest, self).setUp()
|
||||
|
||||
service_catalog = [{
|
||||
'type': 'network',
|
||||
'endpoints': [{'publicURL': 'http://127.0.0.1:9696'}]
|
||||
}, {
|
||||
'type': 'compute',
|
||||
'endpoints': [{'publicURL': 'http://127.0.0.1:8774/v2.1/abcd'}]
|
||||
}]
|
||||
self._context = RequestContext(user_id='admin',
|
||||
project_id='abcd',
|
||||
auth_token='efgh',
|
||||
service_catalog=service_catalog)
|
||||
|
||||
@mock.patch('karbor.services.protection.client_factory.ClientFactory.'
|
||||
'_generate_session')
|
||||
def test_create_client_by_endpoint(self, mock_generate_session):
|
||||
CONF.set_default('neutron_endpoint', 'http://127.0.0.1:9696',
|
||||
'neutron_client')
|
||||
CONF.set_default('nova_endpoint', 'http://127.0.0.1:8774/v2.1',
|
||||
'nova_client')
|
||||
plugin = NetworkProtectablePlugin(self._context)
|
||||
neutronclient = plugin._neutron_client(self._context)
|
||||
novaclient = plugin._nova_client(self._context)
|
||||
mock_generate_session.return_value = keystone_session.Session(
|
||||
auth=None)
|
||||
self.assertEqual('network',
|
||||
neutronclient.httpclient.service_type)
|
||||
self.assertEqual(neutronclient.httpclient.endpoint_url,
|
||||
'http://127.0.0.1:9696')
|
||||
self.assertEqual(novaclient.client.management_url,
|
||||
'http://127.0.0.1:8774/v2.1/abcd')
|
||||
|
||||
@mock.patch('karbor.services.protection.client_factory.ClientFactory.'
|
||||
'_generate_session')
|
||||
def test_create_client_by_catalog(self, mock_generate_session):
|
||||
CONF.set_default('neutron_catalog_info', 'network:neutron:publicURL',
|
||||
'neutron_client')
|
||||
CONF.set_default('nova_catalog_info', 'compute:nova:publicURL',
|
||||
'nova_client')
|
||||
plugin = NetworkProtectablePlugin(self._context)
|
||||
neutronclient = plugin._neutron_client(self._context)
|
||||
novaclient = plugin._nova_client(self._context)
|
||||
mock_generate_session.return_value = keystone_session.Session(
|
||||
auth=None)
|
||||
self.assertEqual('network',
|
||||
neutronclient.httpclient.service_type)
|
||||
self.assertEqual(neutronclient.httpclient.endpoint_url,
|
||||
'http://127.0.0.1:9696')
|
||||
self.assertEqual(novaclient.client.management_url,
|
||||
'http://127.0.0.1:8774/v2.1/abcd')
|
||||
|
||||
def test_get_resource_type(self):
|
||||
plugin = NetworkProtectablePlugin(self._context)
|
||||
self.assertEqual(plugin.get_resource_type(),
|
||||
constants.NETWORK_RESOURCE_TYPE)
|
||||
|
||||
def test_get_parent_resource_type(self):
|
||||
plugin = NetworkProtectablePlugin(self._context)
|
||||
self.assertItemsEqual(plugin.get_parent_resource_types(),
|
||||
(constants.SERVER_RESOURCE_TYPE,
|
||||
constants.PROJECT_RESOURCE_TYPE))
|
||||
|
||||
@mock.patch.object(client.Client, 'list_networks')
|
||||
def test_list_resources(self, mock_client_list_networks):
|
||||
plugin = NetworkProtectablePlugin(self._context)
|
||||
|
||||
fake_network_info = {'networks': [
|
||||
{u'status': u'ACTIVE',
|
||||
u'description': u'',
|
||||
u'tenant_id': u'abcd',
|
||||
u'name': u'private'},
|
||||
{u'status': u'ACTIVE',
|
||||
u'description': u'',
|
||||
u'name': u'ext_net',
|
||||
u'tenant_id': u'abcd'}
|
||||
]}
|
||||
|
||||
mock_client_list_networks.return_value = fake_network_info
|
||||
self.assertEqual(plugin.list_resources(self._context),
|
||||
[resource.Resource
|
||||
(type=constants.NETWORK_RESOURCE_TYPE,
|
||||
id='abcd',
|
||||
name="Network Topology")])
|
||||
|
||||
@mock.patch.object(client.Client, 'list_networks')
|
||||
def test_get_project_dependent_resources(self, mock_client_list_networks):
|
||||
project = project_info(id='abcd',
|
||||
type=constants.PROJECT_RESOURCE_TYPE)
|
||||
plugin = NetworkProtectablePlugin(self._context)
|
||||
fake_network_info = {'networks': [
|
||||
{u'status': u'ACTIVE',
|
||||
u'description': u'',
|
||||
u'tenant_id': u'abcd',
|
||||
u'name': u'private'},
|
||||
{u'status': u'ACTIVE',
|
||||
u'description': u'',
|
||||
u'name': u'ext_net',
|
||||
u'tenant_id': u'abcd'}
|
||||
]}
|
||||
mock_client_list_networks.return_value = fake_network_info
|
||||
self.assertEqual(plugin.get_dependent_resources(self._context,
|
||||
project),
|
||||
[resource.Resource
|
||||
(type=constants.NETWORK_RESOURCE_TYPE,
|
||||
id='abcd',
|
||||
name="Network Topology")])
|
|
@ -65,7 +65,8 @@ class ProtectionServiceTest(base.TestCase):
|
|||
result = self.pro_manager.show_protectable_type(None,
|
||||
"OS::Nova::Server")
|
||||
self.assertEqual("OS::Nova::Server", result["name"])
|
||||
self.assertEqual({"OS::Cinder::Volume", "OS::Glance::Image"},
|
||||
self.assertEqual({"OS::Cinder::Volume", "OS::Glance::Image",
|
||||
"OS::Neutron::Network"},
|
||||
set(result["dependent_types"]))
|
||||
|
||||
@mock.patch.object(protectable_registry.ProtectableRegistry,
|
||||
|
|
|
@ -48,6 +48,7 @@ karbor.protections =
|
|||
karbor-server-protection-plugin = karbor.services.protection.protection_plugins.server.nova_protection_plugin:NovaProtectionPlugin
|
||||
karbor-share-protection-plugin = karbor.services.protection.protection_plugins.share.share_snapshot_plugin:ManilaSnapshotProtectionPlugin
|
||||
karbor-noop-protection-plugin = karbor.services.protection.protection_plugins.noop_plugin:NoopProtectionPlugin
|
||||
karbor-network-protection-plugin = karbor.services.protection.protection_plugins.network.neutron_protection_plugin:NeutronProtectionPlugin
|
||||
karbor.provider =
|
||||
provider-registry = karbor.services.protection.provider:ProviderRegistry
|
||||
karbor.protectables =
|
||||
|
@ -56,6 +57,7 @@ karbor.protectables =
|
|||
volume = karbor.services.protection.protectable_plugins.volume:VolumeProtectablePlugin
|
||||
image = karbor.services.protection.protectable_plugins.image:ImageProtectablePlugin
|
||||
share = karbor.services.protection.protectable_plugins.share:ShareProtectablePlugin
|
||||
network = karbor.services.protection.protectable_plugins.network:NetworkProtectablePlugin
|
||||
karbor.operationengine.engine.timetrigger.time_format =
|
||||
crontab = karbor.services.operationengine.engine.triggers.timetrigger.timeformats.crontab_time:Crontab
|
||||
calendar = karbor.services.operationengine.engine.triggers.timetrigger.timeformats.calendar_time:ICal
|
||||
|
|
Loading…
Reference in New Issue