ovs: move code from plugin into linux_net helper

The ovs plugin has a bunch of direct calls to the processutils.execute() method. This will make it hard to apply privsep annotations, so move them all out into helper methods in linux_net Change-Id: I7efa532541651849be5be42c58e86645cbebaa67
2016-03-29 19:06:55 +01:00 · 2016-03-29 19:06:55 +01:00 · 48d9e6464a
parent bf845feb11
commit 48d9e6464a
4 changed files with 180 additions and 107 deletions
--- a/vif_plug_ovs/linux_net.py
+++ b/vif_plug_ovs/linux_net.py
@ -98,6 +98,46 @@ def create_veth_pair(dev1_name, dev2_name, mtu):
        _set_device_mtu(dev, mtu)


+def ensure_bridge(bridge):
+    if not device_exists(bridge):
+        processutils.execute('brctl', 'addbr', bridge,
+                             run_as_root=True)
+        processutils.execute('brctl', 'setfd', bridge, 0,
+                             run_as_root=True)
+        processutils.execute('brctl', 'stp', bridge, 'off',
+                             run_as_root=True)
+        syspath = '/sys/class/net/%s/bridge/multicast_snooping'
+        syspath = syspath % bridge
+        processutils.execute('tee', syspath, process_input='0',
+                             check_exit_code=[0, 1],
+                             run_as_root=True)
+        disv6 = ('/proc/sys/net/ipv6/conf/%s/disable_ipv6' %
+                 bridge)
+        if os.path.exists(disv6):
+            processutils.execute('tee',
+                                 disv6,
+                                 process_input='1',
+                                 run_as_root=True,
+                                 check_exit_code=[0, 1])
+
+
+def delete_bridge(bridge, dev):
+    if device_exists(bridge):
+        processutils.execute('brctl', 'delif', bridge, dev,
+                             run_as_root=True)
+        processutils.execute('ip', 'link', 'set', bridge, 'down',
+                             run_as_root=True)
+        processutils.execute('brctl', 'delbr', bridge,
+                             run_as_root=True)
+
+
+def add_bridge_port(bridge, dev):
+    processutils.execute('ip', 'link', 'set', bridge, 'up',
+                         run_as_root=True)
+    processutils.execute('brctl', 'addif', bridge, dev,
+                         run_as_root=True)
+
+
 def _set_device_mtu(dev, mtu):
    """Set the device MTU."""
    processutils.execute('ip', 'link', 'set', dev, 'mtu', mtu,
--- a/vif_plug_ovs/ovs_hybrid.py
+++ b/vif_plug_ovs/ovs_hybrid.py
@ -17,13 +17,10 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

-import os.path
 from os_vif import objects
 from os_vif import plugin
 from oslo_config import cfg

-from oslo_concurrency import processutils
-
 from vif_plug_ovs import exception
 from vif_plug_ovs import linux_net

@ -84,34 +81,12 @@ class OvsHybridPlugin(plugin.PluginBase):

        v1_name, v2_name = self.get_veth_pair_names(vif)

-        if not linux_net.device_exists(vif.bridge_name):
-            processutils.execute('brctl', 'addbr', vif.bridge_name,
-                                 run_as_root=True)
-            processutils.execute('brctl', 'setfd', vif.bridge_name, 0,
-                                 run_as_root=True)
-            processutils.execute('brctl', 'stp', vif.bridge_name, 'off',
-                                 run_as_root=True)
-            syspath = '/sys/class/net/%s/bridge/multicast_snooping'
-            syspath = syspath % vif.bridge_name
-            processutils.execute('tee', syspath, process_input='0',
-                                 check_exit_code=[0, 1],
-                                 run_as_root=True)
-            disv6 = ('/proc/sys/net/ipv6/conf/%s/disable_ipv6' %
-                     vif.bridge_name)
-            if os.path.exists(disv6):
-                processutils.execute('tee',
-                                     disv6,
-                                     process_input='1',
-                                     run_as_root=True,
-                                     check_exit_code=[0, 1])
+        linux_net.ensure_bridge(vif.bridge_name)

        if not linux_net.device_exists(v2_name):
            linux_net.create_veth_pair(v1_name, v2_name,
                                       self.config.network_device_mtu)
-            processutils.execute('ip', 'link', 'set', vif.bridge_name, 'up',
-                                 run_as_root=True)
-            processutils.execute('brctl', 'addif', vif.bridge_name, v1_name,
-                                 run_as_root=True)
+            linux_net.add_bridge_port(vif.bridge_name, v1_name)
            linux_net.create_ovs_vif_port(
                vif.network.bridge,
                v2_name,
@ -135,13 +110,7 @@ class OvsHybridPlugin(plugin.PluginBase):

        v1_name, v2_name = self.get_veth_pair_names(vif)

-        if linux_net.device_exists(vif.bridge_name):
-            processutils.execute('brctl', 'delif', vif.bridge_name, v1_name,
-                                 run_as_root=True)
-            processutils.execute('ip', 'link', 'set', vif.bridge_name, 'down',
-                                 run_as_root=True)
-            processutils.execute('brctl', 'delbr', vif.bridge_name,
-                                 run_as_root=True)
+        linux_net.delete_bridge(vif.bridge_name, v1_name)

        linux_net.delete_ovs_vif_port(vif.network.bridge, v2_name,
                                      timeout=self.config.ovs_vsctl_timeout)
--- a/vif_plug_ovs/tests/test_linux_net.py
+++ b/vif_plug_ovs/tests/test_linux_net.py
@ -0,0 +1,117 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import contextlib
+import mock
+import os.path
+import six
+import testtools
+
+from oslo_concurrency import processutils
+
+from vif_plug_ovs import linux_net
+
+
+if six.PY2:
+    nested = contextlib.nested
+else:
+    @contextlib.contextmanager
+    def nested(*contexts):
+        with contextlib.ExitStack() as stack:
+            yield [stack.enter_context(c) for c in contexts]
+
+
+class LinuxNetTest(testtools.TestCase):
+
+    @mock.patch.object(processutils, "execute")
+    @mock.patch.object(linux_net, "device_exists", return_value=True)
+    def test_ensure_bridge_exists(self, mock_dev_exists, mock_execute):
+        linux_net.ensure_bridge("br0")
+
+        self.assertEqual(mock_execute.mock_calls, [])
+        self.assertEqual(mock_dev_exists.mock_calls, [
+            mock.call("br0")
+        ])
+
+    @mock.patch.object(os.path, "exists", return_value=False)
+    @mock.patch.object(processutils, "execute")
+    @mock.patch.object(linux_net, "device_exists", return_value=False)
+    def test_ensure_bridge_new_ipv4(self, mock_dev_exists, mock_execute,
+                                    mock_path_exists):
+        linux_net.ensure_bridge("br0")
+
+        self.assertEqual(mock_execute.mock_calls, [
+            mock.call('brctl', 'addbr', 'br0', run_as_root=True),
+            mock.call('brctl', 'setfd', 'br0', 0, run_as_root=True),
+            mock.call('brctl', 'stp', 'br0', "off", run_as_root=True),
+            mock.call('tee', '/sys/class/net/br0/bridge/multicast_snooping',
+                      check_exit_code=[0, 1], process_input='0',
+                      run_as_root=True),
+        ])
+        self.assertEqual(mock_dev_exists.mock_calls, [
+            mock.call("br0")
+        ])
+
+    @mock.patch.object(os.path, "exists", return_value=True)
+    @mock.patch.object(processutils, "execute")
+    @mock.patch.object(linux_net, "device_exists", return_value=False)
+    def test_ensure_bridge_new_ipv6(self, mock_dev_exists, mock_execute,
+                                    mock_path_exists):
+        linux_net.ensure_bridge("br0")
+
+        self.assertEqual(mock_execute.mock_calls, [
+            mock.call('brctl', 'addbr', 'br0', run_as_root=True),
+            mock.call('brctl', 'setfd', 'br0', 0, run_as_root=True),
+            mock.call('brctl', 'stp', 'br0', "off", run_as_root=True),
+            mock.call('tee', '/sys/class/net/br0/bridge/multicast_snooping',
+                      check_exit_code=[0, 1], process_input='0',
+                      run_as_root=True),
+            mock.call('tee', '/proc/sys/net/ipv6/conf/br0/disable_ipv6',
+                      check_exit_code=[0, 1], process_input='1',
+                      run_as_root=True),
+        ])
+        self.assertEqual(mock_dev_exists.mock_calls, [
+            mock.call("br0")
+        ])
+
+    @mock.patch.object(processutils, "execute")
+    @mock.patch.object(linux_net, "device_exists", return_value=False)
+    def test_delete_bridge_none(self, mock_dev_exists, mock_execute):
+        linux_net.delete_bridge("br0", "vnet1")
+
+        self.assertEqual(mock_execute.mock_calls, [])
+        self.assertEqual(mock_dev_exists.mock_calls, [
+            mock.call("br0")
+        ])
+
+    @mock.patch.object(processutils, "execute")
+    @mock.patch.object(linux_net, "device_exists", return_value=True)
+    def test_delete_bridge_exists(self, mock_dev_exists, mock_execute):
+        linux_net.delete_bridge("br0", "vnet1")
+
+        self.assertEqual(mock_execute.mock_calls, [
+            mock.call('brctl', 'delif', 'br0', 'vnet1', run_as_root=True),
+            mock.call('ip', 'link', 'set', 'br0', 'down', run_as_root=True),
+            mock.call('brctl', 'delbr', 'br0', run_as_root=True),
+        ])
+        self.assertEqual(mock_dev_exists.mock_calls, [
+            mock.call("br0")
+        ])
+
+    @mock.patch.object(processutils, "execute")
+    def test_add_bridge_port(self, mock_execute):
+        linux_net.add_bridge_port("br0", "vnet1")
+
+        self.assertEqual(mock_execute.mock_calls, [
+            mock.call('ip', 'link', 'set', 'br0', 'up', run_as_root=True),
+            mock.call('brctl', 'addif', 'br0', 'vnet1', run_as_root=True),
+        ])
--- a/vif_plug_ovs/tests/test_plugin.py
+++ b/vif_plug_ovs/tests/test_plugin.py
@ -12,14 +12,11 @@

 import contextlib
 import mock
-import os.path
 import six
 import testtools

 from os_vif import objects

-from oslo_concurrency import processutils
-
 from vif_plug_ovs import linux_net
 from vif_plug_ovs import ovs_hybrid

@ -74,23 +71,15 @@ class PluginTest(testtools.TestCase):
            name='demo',
            uuid='f0000000-0000-0000-0000-000000000001')

-    def _test_plug_ovs_hybrid(self, ipv6_exists):
+    def test_plug_ovs_hybrid(self):
        calls = {
-            'device_exists': [mock.call('qbrvif-xxx-yyy'),
-                              mock.call('qvob679325f-ca')],
-            '_create_veth_pair': [mock.call('qvbb679325f-ca',
-                                            'qvob679325f-ca',
-                                            1500)],
-            'execute': [mock.call('brctl', 'addbr', 'qbrvif-xxx-yyy',
-                                  run_as_root=True),
-                        mock.call('brctl', 'setfd', 'qbrvif-xxx-yyy', 0,
-                                  run_as_root=True),
-                        mock.call('brctl', 'stp', 'qbrvif-xxx-yyy', 'off',
-                                  run_as_root=True),
-                        mock.call('tee', ('/sys/class/net/qbrvif-xxx-yyy'
-                                          '/bridge/multicast_snooping'),
-                                  process_input='0', run_as_root=True,
-                                  check_exit_code=[0, 1])],
+            'device_exists': [mock.call('qvob679325f-ca')],
+            'create_veth_pair': [mock.call('qvbb679325f-ca',
+                                           'qvob679325f-ca',
+                                           1500)],
+            'ensure_bridge': [mock.call('qbrvif-xxx-yyy')],
+            'add_bridge_port': [mock.call('qbrvif-xxx-yyy',
+                                          'qvbb679325f-ca')],
            'create_ovs_vif_port': [mock.call(
                                    'br0', 'qvob679325f-ca',
                                    'e65867e0-9340-4a7f-a256-09af6eb7a3aa',
@ -99,77 +88,35 @@ class PluginTest(testtools.TestCase):
                                    1500,
                                    timeout=120)]
        }
-        # The disable_ipv6 call needs to be added in the middle, if required
-        if ipv6_exists:
-            calls['execute'].extend([
-                mock.call('tee', ('/proc/sys/net/ipv6/conf'
-                                  '/qbrvif-xxx-yyy/disable_ipv6'),
-                          process_input='1', run_as_root=True,
-                          check_exit_code=[0, 1])])
-        calls['execute'].extend([
-            mock.call('ip', 'link', 'set', 'qbrvif-xxx-yyy', 'up',
-                      run_as_root=True),
-            mock.call('brctl', 'addif', 'qbrvif-xxx-yyy',
-                      'qvbb679325f-ca', run_as_root=True)])

        with nested(
+                mock.patch.object(linux_net, 'ensure_bridge'),
                mock.patch.object(linux_net, 'device_exists',
                                  return_value=False),
-                mock.patch.object(processutils, 'execute'),
                mock.patch.object(linux_net, 'create_veth_pair'),
-                mock.patch.object(linux_net, 'create_ovs_vif_port'),
-                mock.patch.object(os.path, 'exists', return_value=ipv6_exists)
-        ) as (device_exists, execute, _create_veth_pair, create_ovs_vif_port,
-              path_exists):
+                mock.patch.object(linux_net, 'add_bridge_port'),
+                mock.patch.object(linux_net, 'create_ovs_vif_port')
+        ) as (ensure_bridge, device_exists, create_veth_pair,
+              add_bridge_port, create_ovs_vif_port):
            plugin = ovs_hybrid.OvsHybridPlugin.load("ovs_hybrid")
            plugin.plug(self.vif_ovs, self.instance)
+            ensure_bridge.assert_has_calls(calls['ensure_bridge'])
            device_exists.assert_has_calls(calls['device_exists'])
-            _create_veth_pair.assert_has_calls(calls['_create_veth_pair'])
-            execute.assert_has_calls(calls['execute'])
+            create_veth_pair.assert_has_calls(calls['create_veth_pair'])
+            add_bridge_port.assert_has_calls(calls['add_bridge_port'])
            create_ovs_vif_port.assert_has_calls(calls['create_ovs_vif_port'])

-    def test_plug_ovs_hybrid_ipv6(self):
-        self._test_plug_ovs_hybrid(ipv6_exists=True)
-
-    def test_plug_ovs_hybrid_no_ipv6(self):
-        self._test_plug_ovs_hybrid(ipv6_exists=False)
-
    def test_unplug_ovs_hybrid(self):
        calls = {
-            'device_exists': [mock.call('qbrvif-xxx-yyy')],
-            'execute': [mock.call('brctl', 'delif', 'qbrvif-xxx-yyy',
-                                  'qvbb679325f-ca', run_as_root=True),
-                        mock.call('ip', 'link', 'set',
-                                  'qbrvif-xxx-yyy', 'down', run_as_root=True),
-                        mock.call('brctl', 'delbr',
-                                  'qbrvif-xxx-yyy', run_as_root=True)],
+            'delete_bridge': [mock.call('qbrvif-xxx-yyy', 'qvbb679325f-ca')],
            'delete_ovs_vif_port': [mock.call('br0', 'qvob679325f-ca',
                                    timeout=120)]
        }
        with nested(
-                mock.patch.object(linux_net, 'device_exists',
-                                  return_value=True),
-                mock.patch.object(processutils, 'execute'),
+                mock.patch.object(linux_net, 'delete_bridge'),
                mock.patch.object(linux_net, 'delete_ovs_vif_port')
-        ) as (device_exists, execute, delete_ovs_vif_port):
+        ) as (delete_bridge, delete_ovs_vif_port):
            plugin = ovs_hybrid.OvsHybridPlugin.load("ovs_hybrid")
            plugin.unplug(self.vif_ovs, self.instance)
-            device_exists.assert_has_calls(calls['device_exists'])
-            execute.assert_has_calls(calls['execute'])
-            delete_ovs_vif_port.assert_has_calls(calls['delete_ovs_vif_port'])
-
-    def test_unplug_ovs_hybrid_bridge_does_not_exist(self):
-        calls = {
-            'device_exists': [mock.call('qbrvif-xxx-yyy')],
-            'delete_ovs_vif_port': [mock.call('br0', 'qvob679325f-ca',
-                                              timeout=120)]
-        }
-        with nested(
-                mock.patch.object(linux_net, 'device_exists',
-                                  return_value=False),
-                mock.patch.object(linux_net, 'delete_ovs_vif_port')
-        ) as (device_exists, delete_ovs_vif_port):
-            plugin = ovs_hybrid.OvsHybridPlugin.load("ovs_hybrid")
-            plugin.unplug(self.vif_ovs, self.instance)
-            device_exists.assert_has_calls(calls['device_exists'])
+            delete_bridge.assert_has_calls(calls['delete_bridge'])
            delete_ovs_vif_port.assert_has_calls(calls['delete_ovs_vif_port'])