ovs: move code from plugin into linux_net helper
The ovs plugin has a bunch of direct calls to the processutils.execute() method. This will make it hard to apply privsep annotations, so move them all out into helper methods in linux_net Change-Id: I7efa532541651849be5be42c58e86645cbebaa67
This commit is contained in:
parent
bf845feb11
commit
48d9e6464a
|
@ -98,6 +98,46 @@ def create_veth_pair(dev1_name, dev2_name, mtu):
|
|||
_set_device_mtu(dev, mtu)
|
||||
|
||||
|
||||
def ensure_bridge(bridge):
|
||||
if not device_exists(bridge):
|
||||
processutils.execute('brctl', 'addbr', bridge,
|
||||
run_as_root=True)
|
||||
processutils.execute('brctl', 'setfd', bridge, 0,
|
||||
run_as_root=True)
|
||||
processutils.execute('brctl', 'stp', bridge, 'off',
|
||||
run_as_root=True)
|
||||
syspath = '/sys/class/net/%s/bridge/multicast_snooping'
|
||||
syspath = syspath % bridge
|
||||
processutils.execute('tee', syspath, process_input='0',
|
||||
check_exit_code=[0, 1],
|
||||
run_as_root=True)
|
||||
disv6 = ('/proc/sys/net/ipv6/conf/%s/disable_ipv6' %
|
||||
bridge)
|
||||
if os.path.exists(disv6):
|
||||
processutils.execute('tee',
|
||||
disv6,
|
||||
process_input='1',
|
||||
run_as_root=True,
|
||||
check_exit_code=[0, 1])
|
||||
|
||||
|
||||
def delete_bridge(bridge, dev):
|
||||
if device_exists(bridge):
|
||||
processutils.execute('brctl', 'delif', bridge, dev,
|
||||
run_as_root=True)
|
||||
processutils.execute('ip', 'link', 'set', bridge, 'down',
|
||||
run_as_root=True)
|
||||
processutils.execute('brctl', 'delbr', bridge,
|
||||
run_as_root=True)
|
||||
|
||||
|
||||
def add_bridge_port(bridge, dev):
|
||||
processutils.execute('ip', 'link', 'set', bridge, 'up',
|
||||
run_as_root=True)
|
||||
processutils.execute('brctl', 'addif', bridge, dev,
|
||||
run_as_root=True)
|
||||
|
||||
|
||||
def _set_device_mtu(dev, mtu):
|
||||
"""Set the device MTU."""
|
||||
processutils.execute('ip', 'link', 'set', dev, 'mtu', mtu,
|
||||
|
|
|
@ -17,13 +17,10 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import os.path
|
||||
from os_vif import objects
|
||||
from os_vif import plugin
|
||||
from oslo_config import cfg
|
||||
|
||||
from oslo_concurrency import processutils
|
||||
|
||||
from vif_plug_ovs import exception
|
||||
from vif_plug_ovs import linux_net
|
||||
|
||||
|
@ -84,34 +81,12 @@ class OvsHybridPlugin(plugin.PluginBase):
|
|||
|
||||
v1_name, v2_name = self.get_veth_pair_names(vif)
|
||||
|
||||
if not linux_net.device_exists(vif.bridge_name):
|
||||
processutils.execute('brctl', 'addbr', vif.bridge_name,
|
||||
run_as_root=True)
|
||||
processutils.execute('brctl', 'setfd', vif.bridge_name, 0,
|
||||
run_as_root=True)
|
||||
processutils.execute('brctl', 'stp', vif.bridge_name, 'off',
|
||||
run_as_root=True)
|
||||
syspath = '/sys/class/net/%s/bridge/multicast_snooping'
|
||||
syspath = syspath % vif.bridge_name
|
||||
processutils.execute('tee', syspath, process_input='0',
|
||||
check_exit_code=[0, 1],
|
||||
run_as_root=True)
|
||||
disv6 = ('/proc/sys/net/ipv6/conf/%s/disable_ipv6' %
|
||||
vif.bridge_name)
|
||||
if os.path.exists(disv6):
|
||||
processutils.execute('tee',
|
||||
disv6,
|
||||
process_input='1',
|
||||
run_as_root=True,
|
||||
check_exit_code=[0, 1])
|
||||
linux_net.ensure_bridge(vif.bridge_name)
|
||||
|
||||
if not linux_net.device_exists(v2_name):
|
||||
linux_net.create_veth_pair(v1_name, v2_name,
|
||||
self.config.network_device_mtu)
|
||||
processutils.execute('ip', 'link', 'set', vif.bridge_name, 'up',
|
||||
run_as_root=True)
|
||||
processutils.execute('brctl', 'addif', vif.bridge_name, v1_name,
|
||||
run_as_root=True)
|
||||
linux_net.add_bridge_port(vif.bridge_name, v1_name)
|
||||
linux_net.create_ovs_vif_port(
|
||||
vif.network.bridge,
|
||||
v2_name,
|
||||
|
@ -135,13 +110,7 @@ class OvsHybridPlugin(plugin.PluginBase):
|
|||
|
||||
v1_name, v2_name = self.get_veth_pair_names(vif)
|
||||
|
||||
if linux_net.device_exists(vif.bridge_name):
|
||||
processutils.execute('brctl', 'delif', vif.bridge_name, v1_name,
|
||||
run_as_root=True)
|
||||
processutils.execute('ip', 'link', 'set', vif.bridge_name, 'down',
|
||||
run_as_root=True)
|
||||
processutils.execute('brctl', 'delbr', vif.bridge_name,
|
||||
run_as_root=True)
|
||||
linux_net.delete_bridge(vif.bridge_name, v1_name)
|
||||
|
||||
linux_net.delete_ovs_vif_port(vif.network.bridge, v2_name,
|
||||
timeout=self.config.ovs_vsctl_timeout)
|
||||
|
|
|
@ -0,0 +1,117 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import contextlib
|
||||
import mock
|
||||
import os.path
|
||||
import six
|
||||
import testtools
|
||||
|
||||
from oslo_concurrency import processutils
|
||||
|
||||
from vif_plug_ovs import linux_net
|
||||
|
||||
|
||||
if six.PY2:
|
||||
nested = contextlib.nested
|
||||
else:
|
||||
@contextlib.contextmanager
|
||||
def nested(*contexts):
|
||||
with contextlib.ExitStack() as stack:
|
||||
yield [stack.enter_context(c) for c in contexts]
|
||||
|
||||
|
||||
class LinuxNetTest(testtools.TestCase):
|
||||
|
||||
@mock.patch.object(processutils, "execute")
|
||||
@mock.patch.object(linux_net, "device_exists", return_value=True)
|
||||
def test_ensure_bridge_exists(self, mock_dev_exists, mock_execute):
|
||||
linux_net.ensure_bridge("br0")
|
||||
|
||||
self.assertEqual(mock_execute.mock_calls, [])
|
||||
self.assertEqual(mock_dev_exists.mock_calls, [
|
||||
mock.call("br0")
|
||||
])
|
||||
|
||||
@mock.patch.object(os.path, "exists", return_value=False)
|
||||
@mock.patch.object(processutils, "execute")
|
||||
@mock.patch.object(linux_net, "device_exists", return_value=False)
|
||||
def test_ensure_bridge_new_ipv4(self, mock_dev_exists, mock_execute,
|
||||
mock_path_exists):
|
||||
linux_net.ensure_bridge("br0")
|
||||
|
||||
self.assertEqual(mock_execute.mock_calls, [
|
||||
mock.call('brctl', 'addbr', 'br0', run_as_root=True),
|
||||
mock.call('brctl', 'setfd', 'br0', 0, run_as_root=True),
|
||||
mock.call('brctl', 'stp', 'br0', "off", run_as_root=True),
|
||||
mock.call('tee', '/sys/class/net/br0/bridge/multicast_snooping',
|
||||
check_exit_code=[0, 1], process_input='0',
|
||||
run_as_root=True),
|
||||
])
|
||||
self.assertEqual(mock_dev_exists.mock_calls, [
|
||||
mock.call("br0")
|
||||
])
|
||||
|
||||
@mock.patch.object(os.path, "exists", return_value=True)
|
||||
@mock.patch.object(processutils, "execute")
|
||||
@mock.patch.object(linux_net, "device_exists", return_value=False)
|
||||
def test_ensure_bridge_new_ipv6(self, mock_dev_exists, mock_execute,
|
||||
mock_path_exists):
|
||||
linux_net.ensure_bridge("br0")
|
||||
|
||||
self.assertEqual(mock_execute.mock_calls, [
|
||||
mock.call('brctl', 'addbr', 'br0', run_as_root=True),
|
||||
mock.call('brctl', 'setfd', 'br0', 0, run_as_root=True),
|
||||
mock.call('brctl', 'stp', 'br0', "off", run_as_root=True),
|
||||
mock.call('tee', '/sys/class/net/br0/bridge/multicast_snooping',
|
||||
check_exit_code=[0, 1], process_input='0',
|
||||
run_as_root=True),
|
||||
mock.call('tee', '/proc/sys/net/ipv6/conf/br0/disable_ipv6',
|
||||
check_exit_code=[0, 1], process_input='1',
|
||||
run_as_root=True),
|
||||
])
|
||||
self.assertEqual(mock_dev_exists.mock_calls, [
|
||||
mock.call("br0")
|
||||
])
|
||||
|
||||
@mock.patch.object(processutils, "execute")
|
||||
@mock.patch.object(linux_net, "device_exists", return_value=False)
|
||||
def test_delete_bridge_none(self, mock_dev_exists, mock_execute):
|
||||
linux_net.delete_bridge("br0", "vnet1")
|
||||
|
||||
self.assertEqual(mock_execute.mock_calls, [])
|
||||
self.assertEqual(mock_dev_exists.mock_calls, [
|
||||
mock.call("br0")
|
||||
])
|
||||
|
||||
@mock.patch.object(processutils, "execute")
|
||||
@mock.patch.object(linux_net, "device_exists", return_value=True)
|
||||
def test_delete_bridge_exists(self, mock_dev_exists, mock_execute):
|
||||
linux_net.delete_bridge("br0", "vnet1")
|
||||
|
||||
self.assertEqual(mock_execute.mock_calls, [
|
||||
mock.call('brctl', 'delif', 'br0', 'vnet1', run_as_root=True),
|
||||
mock.call('ip', 'link', 'set', 'br0', 'down', run_as_root=True),
|
||||
mock.call('brctl', 'delbr', 'br0', run_as_root=True),
|
||||
])
|
||||
self.assertEqual(mock_dev_exists.mock_calls, [
|
||||
mock.call("br0")
|
||||
])
|
||||
|
||||
@mock.patch.object(processutils, "execute")
|
||||
def test_add_bridge_port(self, mock_execute):
|
||||
linux_net.add_bridge_port("br0", "vnet1")
|
||||
|
||||
self.assertEqual(mock_execute.mock_calls, [
|
||||
mock.call('ip', 'link', 'set', 'br0', 'up', run_as_root=True),
|
||||
mock.call('brctl', 'addif', 'br0', 'vnet1', run_as_root=True),
|
||||
])
|
|
@ -12,14 +12,11 @@
|
|||
|
||||
import contextlib
|
||||
import mock
|
||||
import os.path
|
||||
import six
|
||||
import testtools
|
||||
|
||||
from os_vif import objects
|
||||
|
||||
from oslo_concurrency import processutils
|
||||
|
||||
from vif_plug_ovs import linux_net
|
||||
from vif_plug_ovs import ovs_hybrid
|
||||
|
||||
|
@ -74,23 +71,15 @@ class PluginTest(testtools.TestCase):
|
|||
name='demo',
|
||||
uuid='f0000000-0000-0000-0000-000000000001')
|
||||
|
||||
def _test_plug_ovs_hybrid(self, ipv6_exists):
|
||||
def test_plug_ovs_hybrid(self):
|
||||
calls = {
|
||||
'device_exists': [mock.call('qbrvif-xxx-yyy'),
|
||||
mock.call('qvob679325f-ca')],
|
||||
'_create_veth_pair': [mock.call('qvbb679325f-ca',
|
||||
'qvob679325f-ca',
|
||||
1500)],
|
||||
'execute': [mock.call('brctl', 'addbr', 'qbrvif-xxx-yyy',
|
||||
run_as_root=True),
|
||||
mock.call('brctl', 'setfd', 'qbrvif-xxx-yyy', 0,
|
||||
run_as_root=True),
|
||||
mock.call('brctl', 'stp', 'qbrvif-xxx-yyy', 'off',
|
||||
run_as_root=True),
|
||||
mock.call('tee', ('/sys/class/net/qbrvif-xxx-yyy'
|
||||
'/bridge/multicast_snooping'),
|
||||
process_input='0', run_as_root=True,
|
||||
check_exit_code=[0, 1])],
|
||||
'device_exists': [mock.call('qvob679325f-ca')],
|
||||
'create_veth_pair': [mock.call('qvbb679325f-ca',
|
||||
'qvob679325f-ca',
|
||||
1500)],
|
||||
'ensure_bridge': [mock.call('qbrvif-xxx-yyy')],
|
||||
'add_bridge_port': [mock.call('qbrvif-xxx-yyy',
|
||||
'qvbb679325f-ca')],
|
||||
'create_ovs_vif_port': [mock.call(
|
||||
'br0', 'qvob679325f-ca',
|
||||
'e65867e0-9340-4a7f-a256-09af6eb7a3aa',
|
||||
|
@ -99,77 +88,35 @@ class PluginTest(testtools.TestCase):
|
|||
1500,
|
||||
timeout=120)]
|
||||
}
|
||||
# The disable_ipv6 call needs to be added in the middle, if required
|
||||
if ipv6_exists:
|
||||
calls['execute'].extend([
|
||||
mock.call('tee', ('/proc/sys/net/ipv6/conf'
|
||||
'/qbrvif-xxx-yyy/disable_ipv6'),
|
||||
process_input='1', run_as_root=True,
|
||||
check_exit_code=[0, 1])])
|
||||
calls['execute'].extend([
|
||||
mock.call('ip', 'link', 'set', 'qbrvif-xxx-yyy', 'up',
|
||||
run_as_root=True),
|
||||
mock.call('brctl', 'addif', 'qbrvif-xxx-yyy',
|
||||
'qvbb679325f-ca', run_as_root=True)])
|
||||
|
||||
with nested(
|
||||
mock.patch.object(linux_net, 'ensure_bridge'),
|
||||
mock.patch.object(linux_net, 'device_exists',
|
||||
return_value=False),
|
||||
mock.patch.object(processutils, 'execute'),
|
||||
mock.patch.object(linux_net, 'create_veth_pair'),
|
||||
mock.patch.object(linux_net, 'create_ovs_vif_port'),
|
||||
mock.patch.object(os.path, 'exists', return_value=ipv6_exists)
|
||||
) as (device_exists, execute, _create_veth_pair, create_ovs_vif_port,
|
||||
path_exists):
|
||||
mock.patch.object(linux_net, 'add_bridge_port'),
|
||||
mock.patch.object(linux_net, 'create_ovs_vif_port')
|
||||
) as (ensure_bridge, device_exists, create_veth_pair,
|
||||
add_bridge_port, create_ovs_vif_port):
|
||||
plugin = ovs_hybrid.OvsHybridPlugin.load("ovs_hybrid")
|
||||
plugin.plug(self.vif_ovs, self.instance)
|
||||
ensure_bridge.assert_has_calls(calls['ensure_bridge'])
|
||||
device_exists.assert_has_calls(calls['device_exists'])
|
||||
_create_veth_pair.assert_has_calls(calls['_create_veth_pair'])
|
||||
execute.assert_has_calls(calls['execute'])
|
||||
create_veth_pair.assert_has_calls(calls['create_veth_pair'])
|
||||
add_bridge_port.assert_has_calls(calls['add_bridge_port'])
|
||||
create_ovs_vif_port.assert_has_calls(calls['create_ovs_vif_port'])
|
||||
|
||||
def test_plug_ovs_hybrid_ipv6(self):
|
||||
self._test_plug_ovs_hybrid(ipv6_exists=True)
|
||||
|
||||
def test_plug_ovs_hybrid_no_ipv6(self):
|
||||
self._test_plug_ovs_hybrid(ipv6_exists=False)
|
||||
|
||||
def test_unplug_ovs_hybrid(self):
|
||||
calls = {
|
||||
'device_exists': [mock.call('qbrvif-xxx-yyy')],
|
||||
'execute': [mock.call('brctl', 'delif', 'qbrvif-xxx-yyy',
|
||||
'qvbb679325f-ca', run_as_root=True),
|
||||
mock.call('ip', 'link', 'set',
|
||||
'qbrvif-xxx-yyy', 'down', run_as_root=True),
|
||||
mock.call('brctl', 'delbr',
|
||||
'qbrvif-xxx-yyy', run_as_root=True)],
|
||||
'delete_bridge': [mock.call('qbrvif-xxx-yyy', 'qvbb679325f-ca')],
|
||||
'delete_ovs_vif_port': [mock.call('br0', 'qvob679325f-ca',
|
||||
timeout=120)]
|
||||
}
|
||||
with nested(
|
||||
mock.patch.object(linux_net, 'device_exists',
|
||||
return_value=True),
|
||||
mock.patch.object(processutils, 'execute'),
|
||||
mock.patch.object(linux_net, 'delete_bridge'),
|
||||
mock.patch.object(linux_net, 'delete_ovs_vif_port')
|
||||
) as (device_exists, execute, delete_ovs_vif_port):
|
||||
) as (delete_bridge, delete_ovs_vif_port):
|
||||
plugin = ovs_hybrid.OvsHybridPlugin.load("ovs_hybrid")
|
||||
plugin.unplug(self.vif_ovs, self.instance)
|
||||
device_exists.assert_has_calls(calls['device_exists'])
|
||||
execute.assert_has_calls(calls['execute'])
|
||||
delete_ovs_vif_port.assert_has_calls(calls['delete_ovs_vif_port'])
|
||||
|
||||
def test_unplug_ovs_hybrid_bridge_does_not_exist(self):
|
||||
calls = {
|
||||
'device_exists': [mock.call('qbrvif-xxx-yyy')],
|
||||
'delete_ovs_vif_port': [mock.call('br0', 'qvob679325f-ca',
|
||||
timeout=120)]
|
||||
}
|
||||
with nested(
|
||||
mock.patch.object(linux_net, 'device_exists',
|
||||
return_value=False),
|
||||
mock.patch.object(linux_net, 'delete_ovs_vif_port')
|
||||
) as (device_exists, delete_ovs_vif_port):
|
||||
plugin = ovs_hybrid.OvsHybridPlugin.load("ovs_hybrid")
|
||||
plugin.unplug(self.vif_ovs, self.instance)
|
||||
device_exists.assert_has_calls(calls['device_exists'])
|
||||
delete_bridge.assert_has_calls(calls['delete_bridge'])
|
||||
delete_ovs_vif_port.assert_has_calls(calls['delete_ovs_vif_port'])
|
||||
|
|
Loading…
Reference in New Issue