From acc08e0da71eb23c869f4053c876bf7f25028f89 Mon Sep 17 00:00:00 2001 From: Nguyen Phuong An Date: Tue, 27 Feb 2018 16:11:33 +0700 Subject: [PATCH] Make firewall l2 agent extension more generic Currently, firewall l2 agent extension is not compatible with LB agent. This patch make firewall l2 agent extension to be more generic by moving 'request_int_br' to driver side. Change-Id: Ibcbf55b3cfd960a04b515933c8ede8b4e16cf0b9 Related-Bug: #1752006 --- neutron_fwaas/services/firewall/agents/l2/fwaas_v2.py | 3 +-- .../drivers/linux/l2/openvswitch_firewall/firewall.py | 9 +++------ .../linux/l2/openvswitch_firewall/test_firewall.py | 7 ++++++- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/neutron_fwaas/services/firewall/agents/l2/fwaas_v2.py b/neutron_fwaas/services/firewall/agents/l2/fwaas_v2.py index e424a4e65..486b1de29 100644 --- a/neutron_fwaas/services/firewall/agents/l2/fwaas_v2.py +++ b/neutron_fwaas/services/firewall/agents/l2/fwaas_v2.py @@ -70,14 +70,13 @@ class FWaaSV2AgentExtension(l2_extension.L2AgentExtension): """Perform Agent Extension initialization""" self.conf = cfg.CONF - int_br = self.agent_api.request_int_br() self.vlan_manager = vlanmanager.LocalVlanManager() fw_l2_driver_cls = self._load_l2_driver_class(driver_type) sg_enabled = securitygroups_rpc.is_firewall_enabled() sg_firewall_driver = self.conf.SECURITYGROUP.firewall_driver sg_with_ovs = sg_enabled and (sg_firewall_driver == SG_OVS_DRIVER) self.driver = manager.NeutronManager.load_class_for_provider( - FWAAS_L2_DRIVER, fw_l2_driver_cls)(int_br, sg_with_ovs) + FWAAS_L2_DRIVER, fw_l2_driver_cls)(self.agent_api, sg_with_ovs) self.plugin_rpc = FWaaSL2PluginApi( consts.FIREWALL_PLUGIN, self.conf.host) self.start_rpc_listeners() diff --git a/neutron_fwaas/services/firewall/drivers/linux/l2/openvswitch_firewall/firewall.py b/neutron_fwaas/services/firewall/drivers/linux/l2/openvswitch_firewall/firewall.py index 2876abb87..1f1b6c402 100644 --- a/neutron_fwaas/services/firewall/drivers/linux/l2/openvswitch_firewall/firewall.py +++ b/neutron_fwaas/services/firewall/drivers/linux/l2/openvswitch_firewall/firewall.py @@ -228,13 +228,10 @@ class OVSFirewallDriver(driver_base.FirewallL2DriverBase): # NOTE(ivasilevskaya) That's a copy-paste from neutron ovsfw driver. # This driver won't have any conj_manager logic because there is no concept # of remote_group_id for firewall groups (that I know of at least) - def __init__(self, integration_bridge, sg_with_ovs=False): - """Initialize object + def __init__(self, agent_api, sg_with_ovs=False): + """Initialize object""" - :param integration_bridge: Bridge on which openflow rules will be - applied - - """ + integration_bridge = agent_api.request_int_br() self.int_br = self.initialize_bridge(integration_bridge) self.fwg_port_map = FWGPortMap() self.fwg_to_delete = set() diff --git a/neutron_fwaas/tests/unit/services/firewall/drivers/linux/l2/openvswitch_firewall/test_firewall.py b/neutron_fwaas/tests/unit/services/firewall/drivers/linux/l2/openvswitch_firewall/test_firewall.py index 0af204fb6..f4fe762ae 100644 --- a/neutron_fwaas/tests/unit/services/firewall/drivers/linux/l2/openvswitch_firewall/test_firewall.py +++ b/neutron_fwaas/tests/unit/services/firewall/drivers/linux/l2/openvswitch_firewall/test_firewall.py @@ -20,6 +20,8 @@ from neutron.agent.common import ovs_lib from neutron.common import constants as n_const from neutron.plugins.ml2.drivers.openvswitch.agent.common import constants \ as ovs_consts +from neutron.plugins.ml2.drivers.openvswitch.agent import \ + ovs_agent_extension_api as ovs_ext_api from neutron.tests import base from neutron_fwaas.services.firewall.drivers.linux.l2.openvswitch_firewall \ @@ -261,7 +263,10 @@ class TestOVSFirewallDriver(base.BaseTestCase): super(TestOVSFirewallDriver, self).setUp() mock_bridge = mock.patch.object( ovs_lib, 'OVSBridge', autospec=True).start() - self.firewall = ovsfw.OVSFirewallDriver(mock_bridge) + mock_agent_api = mock.patch.object( + ovs_ext_api.OVSAgentExtensionAPI, 'request_int_br', + return_value=mock_bridge).start() + self.firewall = ovsfw.OVSFirewallDriver(mock_agent_api) self.mock_bridge = self.firewall.int_br self.mock_bridge.reset_mock() self.fake_ovs_port = FakeOVSPort('port', 1, '00:00:00:00:00:00')