def create_trunk(self, context, trunk): """Create a trunk.""" trunk = self.validate(context, trunk['trunk']) sub_ports = [trunk_objects.SubPort( context=context, port_id=p['port_id'], segmentation_id=p['segmentation_id'], segmentation_type=p['segmentation_type']) for p in trunk['sub_ports']] admin_state_up = trunk.get('admin_state_up', True) # NOTE(status_police): a trunk is created in PENDING status. Depending # on the nature of the create request, a driver may set the status # immediately to ACTIVE if no physical provisioning is required. # Otherwise a transition to BUILD (or ERROR) should be expected # depending on how the driver reacts. PRECOMMIT failures prevent the # trunk from being created altogether. trunk_obj = trunk_objects.Trunk(context=context, admin_state_up=admin_state_up, id=uuidutils.generate_uuid(), name=trunk.get('name', ""), tenant_id=trunk['tenant_id'], port_id=trunk['port_id'], status=constants.PENDING_STATUS, sub_ports=sub_ports) with db_api.autonested_transaction(context.session): trunk_obj.create() payload = callbacks.TrunkPayload(context, trunk_obj.id, current_trunk=trunk_obj) registry.notify( constants.TRUNK, events.PRECOMMIT_CREATE, self, payload=payload) registry.notify( constants.TRUNK, events.AFTER_CREATE, self, payload=payload) return trunk_obj
def _process_updated_router(self, router): ri = self.router_info[router['id']] ri.router = router registry.notify(resources.ROUTER, events.BEFORE_UPDATE, self, router=ri) ri.process(self) registry.notify(resources.ROUTER, events.AFTER_UPDATE, self, router=ri)
def update_security_group(self, context, id, security_group): s = security_group['security_group'] kwargs = { 'context': context, 'security_group_id': id, 'security_group': s, } self._registry_notify(resources.SECURITY_GROUP, events.BEFORE_UPDATE, exc_cls=ext_sg.SecurityGroupConflict, **kwargs) with context.session.begin(subtransactions=True): sg = self._get_security_group(context, id) if sg['name'] == 'default' and 'name' in s: raise ext_sg.SecurityGroupCannotUpdateDefault() self._registry_notify( resources.SECURITY_GROUP, events.PRECOMMIT_UPDATE, exc_cls=ext_sg.SecurityGroupConflict, **kwargs) sg.update(s) sg_dict = self._make_security_group_dict(sg) kwargs['security_group'] = sg_dict registry.notify(resources.SECURITY_GROUP, events.AFTER_UPDATE, self, **kwargs) return sg_dict
def delete_security_group(self, context, id): filters = {"security_group_id": [id]} ports = self._get_port_security_group_bindings(context, filters) if ports: raise ext_sg.SecurityGroupInUse(id=id) # confirm security group exists sg = self._get_security_group(context, id) if sg["name"] == "default" and not context.is_admin: raise ext_sg.SecurityGroupCannotRemoveDefault() kwargs = {"context": context, "security_group_id": id, "security_group": sg} self._registry_notify( resources.SECURITY_GROUP, events.BEFORE_DELETE, exc_cls=ext_sg.SecurityGroupInUse, id=id, **kwargs ) with context.session.begin(subtransactions=True): # pass security_group_rule_ids to ensure # consistency with deleted rules kwargs["security_group_rule_ids"] = [r["id"] for r in sg.rules] self._registry_notify( resources.SECURITY_GROUP, events.PRECOMMIT_DELETE, exc_cls=ext_sg.SecurityGroupInUse, id=id, **kwargs ) context.session.delete(sg) kwargs.pop("security_group") registry.notify(resources.SECURITY_GROUP, events.AFTER_DELETE, self, **kwargs)
def delete_security_group_rule(self, context, id): kwargs = { 'context': context, 'security_group_rule_id': id } # NOTE(armax): a callback exception here will prevent the request # from being processed. This is a hook point for backend's validation; # we raise to propagate the reason for the failure. try: registry.notify( resources.SECURITY_GROUP_RULE, events.BEFORE_DELETE, self, **kwargs) except exceptions.CallbackFailure as e: reason = _('cannot be deleted due to %s') % e raise ext_sg.SecurityGroupRuleInUse(id=id, reason=reason) with context.session.begin(subtransactions=True): query = self._model_query(context, SecurityGroupRule).filter( SecurityGroupRule.id == id) try: # As there is a filter on a primary key it is not possible for # MultipleResultsFound to be raised context.session.delete(query.one()) except exc.NoResultFound: raise ext_sg.SecurityGroupRuleNotFound(id=id) registry.notify( resources.SECURITY_GROUP_RULE, events.AFTER_DELETE, self, **kwargs)
def create_segment(self, context, segment): """Create a segment.""" segment = segment['segment'] segment_id = segment.get('id') or uuidutils.generate_uuid() with context.session.begin(subtransactions=True): network_id = segment['network_id'] physical_network = segment[extension.PHYSICAL_NETWORK] if physical_network == constants.ATTR_NOT_SPECIFIED: physical_network = None network_type = segment[extension.NETWORK_TYPE] segmentation_id = segment[extension.SEGMENTATION_ID] if segmentation_id == constants.ATTR_NOT_SPECIFIED: segmentation_id = None args = {'id': segment_id, 'network_id': network_id, db.PHYSICAL_NETWORK: physical_network, db.NETWORK_TYPE: network_type, db.SEGMENTATION_ID: segmentation_id} new_segment = db.NetworkSegment(**args) try: context.session.add(new_segment) context.session.flush([new_segment]) except db_exc.DBReferenceError: raise n_exc.NetworkNotFound(net_id=network_id) registry.notify(resources.SEGMENT, events.PRECOMMIT_CREATE, self, context=context, segment=new_segment) return self._make_segment_dict(new_segment)
def delete_security_group(self, context, id): filters = {'security_group_id': [id]} ports = self._get_port_security_group_bindings(context, filters) if ports: raise ext_sg.SecurityGroupInUse(id=id) # confirm security group exists sg = self._get_security_group(context, id) if sg['name'] == 'default' and not context.is_admin: raise ext_sg.SecurityGroupCannotRemoveDefault() kwargs = { 'context': context, 'security_group_id': id, 'security_group': sg, } self._registry_notify(resources.SECURITY_GROUP, events.BEFORE_DELETE, exc_cls=ext_sg.SecurityGroupInUse, id=id, **kwargs) with context.session.begin(subtransactions=True): self._registry_notify(resources.SECURITY_GROUP, events.PRECOMMIT_DELETE, exc_cls=ext_sg.SecurityGroupInUse, id=id, **kwargs) context.session.delete(sg) kwargs.pop('security_group') registry.notify(resources.SECURITY_GROUP, events.AFTER_DELETE, self, **kwargs)
def create_security_group(self, context, security_group, default_sg=False): """Create security group. If default_sg is true that means we are a default security group for a given tenant if it does not exist. """ s = security_group["security_group"] kwargs = {"context": context, "security_group": s, "is_default": default_sg} # NOTE(armax): a callback exception here will prevent the request # from being processed. This is a hook point for backend's validation; # we raise to propagate the reason for the failure. try: registry.notify(resources.SECURITY_GROUP, events.BEFORE_CREATE, self, **kwargs) except exceptions.CallbackFailure as e: raise ext_sg.SecurityGroupConflict(reason=e) tenant_id = self._get_tenant_id_for_create(context, s) if not default_sg: self._ensure_default_security_group(context, tenant_id) with context.session.begin(subtransactions=True): security_group_db = SecurityGroup( id=s.get("id") or (uuidutils.generate_uuid()), description=s["description"], tenant_id=tenant_id, name=s["name"], ) context.session.add(security_group_db) if default_sg: context.session.add( DefaultSecurityGroup(security_group=security_group_db, tenant_id=security_group_db["tenant_id"]) ) for ethertype in ext_sg.sg_supported_ethertypes: if default_sg: # Allow intercommunication ingress_rule = SecurityGroupRule( id=uuidutils.generate_uuid(), tenant_id=tenant_id, security_group=security_group_db, direction="ingress", ethertype=ethertype, source_group=security_group_db, ) context.session.add(ingress_rule) egress_rule = SecurityGroupRule( id=uuidutils.generate_uuid(), tenant_id=tenant_id, security_group=security_group_db, direction="egress", ethertype=ethertype, ) context.session.add(egress_rule) secgroup_dict = self._make_security_group_dict(security_group_db) kwargs["security_group"] = secgroup_dict registry.notify(resources.SECURITY_GROUP, events.AFTER_CREATE, self, **kwargs) return secgroup_dict
def create_security_group(self, context, security_group, default_sg=False): """Create security group. If default_sg is true that means we are a default security group for a given tenant if it does not exist. """ s = security_group['security_group'] kwargs = { 'context': context, 'security_group': s, 'is_default': default_sg, } self._registry_notify(resources.SECURITY_GROUP, events.BEFORE_CREATE, exc_cls=ext_sg.SecurityGroupConflict, **kwargs) tenant_id = s['tenant_id'] if not default_sg: self._ensure_default_security_group(context, tenant_id) with db_api.autonested_transaction(context.session): security_group_db = SecurityGroup(id=s.get('id') or ( uuidutils.generate_uuid()), description=s['description'], tenant_id=tenant_id, name=s['name']) context.session.add(security_group_db) if default_sg: context.session.add(DefaultSecurityGroup( security_group=security_group_db, tenant_id=security_group_db['tenant_id'])) for ethertype in ext_sg.sg_supported_ethertypes: if default_sg: # Allow intercommunication ingress_rule = SecurityGroupRule( id=uuidutils.generate_uuid(), tenant_id=tenant_id, security_group=security_group_db, direction='ingress', ethertype=ethertype, source_group=security_group_db) context.session.add(ingress_rule) egress_rule = SecurityGroupRule( id=uuidutils.generate_uuid(), tenant_id=tenant_id, security_group=security_group_db, direction='egress', ethertype=ethertype) context.session.add(egress_rule) self._registry_notify(resources.SECURITY_GROUP, events.PRECOMMIT_CREATE, exc_cls=ext_sg.SecurityGroupConflict, **kwargs) secgroup_dict = self._make_security_group_dict(security_group_db) kwargs['security_group'] = secgroup_dict registry.notify(resources.SECURITY_GROUP, events.AFTER_CREATE, self, **kwargs) return secgroup_dict
def _create_security_group_rule(self, context, security_group_rule, validate=True): if validate: self._validate_security_group_rule(context, security_group_rule) rule_dict = security_group_rule["security_group_rule"] kwargs = {"context": context, "security_group_rule": rule_dict} self._registry_notify( resources.SECURITY_GROUP_RULE, events.BEFORE_CREATE, exc_cls=ext_sg.SecurityGroupConflict, **kwargs ) with context.session.begin(subtransactions=True): if validate: self._check_for_duplicate_rules_in_db(context, security_group_rule) db = sg_models.SecurityGroupRule( id=(rule_dict.get("id") or uuidutils.generate_uuid()), tenant_id=rule_dict["tenant_id"], security_group_id=rule_dict["security_group_id"], direction=rule_dict["direction"], remote_group_id=rule_dict.get("remote_group_id"), ethertype=rule_dict["ethertype"], protocol=rule_dict["protocol"], port_range_min=rule_dict["port_range_min"], port_range_max=rule_dict["port_range_max"], remote_ip_prefix=rule_dict.get("remote_ip_prefix"), description=rule_dict.get("description"), ) context.session.add(db) self._registry_notify( resources.SECURITY_GROUP_RULE, events.PRECOMMIT_CREATE, exc_cls=ext_sg.SecurityGroupConflict, **kwargs ) res_rule_dict = self._make_security_group_rule_dict(db) kwargs["security_group_rule"] = res_rule_dict registry.notify(resources.SECURITY_GROUP_RULE, events.AFTER_CREATE, self, **kwargs) return res_rule_dict
def _update_fip_assoc(self, context, fip, floatingip_db, external_port): previous_router_id = floatingip_db.router_id port_id, internal_ip_address, router_id = ( self._check_and_get_fip_assoc(context, fip, floatingip_db)) floatingip_db.update({'fixed_ip_address': internal_ip_address, 'fixed_port_id': port_id, 'router_id': router_id, 'last_known_router_id': previous_router_id}) next_hop = None if router_id: router = self._get_router(context.elevated(), router_id) gw_port = router.gw_port if gw_port: for fixed_ip in gw_port.fixed_ips: addr = netaddr.IPAddress(fixed_ip.ip_address) if addr.version == l3_constants.IP_VERSION_4: next_hop = fixed_ip.ip_address break args = {'fixed_ip_address': internal_ip_address, 'fixed_port_id': port_id, 'router_id': router_id, 'last_known_router_id': previous_router_id, 'floating_ip_address': floatingip_db.floating_ip_address, 'floating_network_id': floatingip_db.floating_network_id, 'next_hop': next_hop, 'context': context} registry.notify(resources.FLOATING_IP, events.AFTER_UPDATE, self._update_fip_assoc, **args)
def _process_added_router(self, router): #import ipdb;ipdb.set_trace() self._router_added(router['id'], router) ri = self.router_info[router['id']] ri.router = router ri.process(self) registry.notify(resources.ROUTER, events.AFTER_CREATE, self, router=ri)
def record_resource_update(self, context, rtype, resource): """Takes in an OVO and generates an event on relevant changes. A change is deemed to be relevant if it is not stale and if any fields changed beyond the revision number and update time. Both creates and updates are handled in this function. """ if self._is_stale(rtype, resource): LOG.debug("Ignoring stale update for %s: %s", rtype, resource) return existing = self._type_cache(rtype).get(resource.id) self._type_cache(rtype)[resource.id] = resource changed_fields = self._get_changed_fields(existing, resource) if not changed_fields: LOG.debug("Received resource %s update without any changes: %s", rtype, resource.id) return if existing: LOG.debug("Resource %s %s updated (revision_number %s->%s). " "Old fields: %s New fields: %s", rtype, existing.id, existing.revision_number, resource.revision_number, {f: existing.get(f) for f in changed_fields}, {f: resource.get(f) for f in changed_fields}) else: LOG.debug("Received new resource %s: %s", rtype, resource) # local notification for agent internals to subscribe to registry.notify(rtype, events.AFTER_UPDATE, self, context=context, changed_fields=changed_fields, existing=existing, updated=resource, resource_id=resource.id)
def _setup_test_create_floatingip( self, fip, floatingip_db, router_db): port = { 'id': '1234', portbindings.HOST_ID: 'myhost', 'network_id': 'external_net' } with mock.patch.object(self.mixin, 'get_router') as grtr,\ mock.patch.object(self.mixin, '_get_dvr_service_port_hostid') as vmp,\ mock.patch.object( self.mixin, '_get_dvr_migrating_service_port_hostid' ) as mvmp,\ mock.patch.object( self.mixin, 'create_fip_agent_gw_port_if_not_exists') as c_fip,\ mock.patch.object(l3_dvr_db.l3_db.L3_NAT_db_mixin, '_update_fip_assoc'): grtr.return_value = router_db vmp.return_value = 'my-host' mvmp.return_value = 'my-future-host' registry.notify(resources.FLOATING_IP, events.AFTER_UPDATE, self, context=mock.Mock(), router_id=router_db['id'], fixed_port_id=port['id'], floating_ip_id=fip['id'], floating_network_id=fip['floating_network_id'], fixed_ip_address='1.2.3.4') return c_fip
def add_subports(self, context, trunk_id, subports): """Add one or more subports to trunk.""" # Check for basic validation since the request body here is not # automatically validated by the API layer. subports_validator = rules.SubPortsValidator( self._segmentation_types, subports) subports = subports_validator.validate(context, basic_validation=True) added_subports = [] with db_api.autonested_transaction(context.session): trunk = self._get_trunk(context, trunk_id) rules.trunk_can_be_managed(context, trunk) for subport in subports: obj = trunk_objects.SubPort( context=context, trunk_id=trunk_id, port_id=subport['port_id'], segmentation_type=subport['segmentation_type'], segmentation_id=subport['segmentation_id']) obj.create() trunk['sub_ports'].append(obj) added_subports.append(obj) registry.notify( constants.SUBPORTS, events.AFTER_CREATE, self, added_subports=added_subports) return trunk
def treat_devices_removed(self, devices): resync = False self.sg_agent.remove_devices_filter(devices) for device in devices: LOG.info(_LI("Attachment %s removed"), device) details = None try: details = self.plugin_rpc.update_device_down(self.context, device, self.agent_id, cfg.CONF.host) except Exception: LOG.exception(_LE("Error occurred while removing port %s"), device) resync = True if details and details['exists']: LOG.info(_LI("Port %s updated."), device) else: LOG.debug("Device %s not defined on plugin", device) port_id = self._clean_network_ports(device) self.ext_manager.delete_port(self.context, {'device': device, 'port_id': port_id}) registry.notify(local_resources.PORT_DEVICE, events.AFTER_DELETE, self, context=self.context, device=device, port_id=port_id) if self.prevent_arp_spoofing: self.mgr.delete_arp_spoofing_protection(devices) return resync
def update_security_group(self, context, id, security_group): s = security_group['security_group'] kwargs = { 'context': context, 'security_group_id': id, 'security_group': s, } # NOTE(armax): a callback exception here will prevent the request # from being processed. This is a hook point for backend's validation; # we raise to propagate the reason for the failure. try: registry.notify( resources.SECURITY_GROUP, events.BEFORE_UPDATE, self, **kwargs) except exceptions.CallbackFailure as e: raise ext_sg.SecurityGroupConflict(reason=e) with context.session.begin(subtransactions=True): sg = self._get_security_group(context, id) if sg['name'] == 'default' and 'name' in s: raise ext_sg.SecurityGroupCannotUpdateDefault() sg.update(s) sg_dict = self._make_security_group_dict(sg) kwargs['security_group'] = sg_dict registry.notify(resources.SECURITY_GROUP, events.AFTER_UPDATE, self, **kwargs) return sg_dict
def delete_port(self, context, port_id, hdn_operator_call=False, l3_port_check=True): # if needed, check to see if this is a port owned by # a l3-router. If so, we should prevent deletion. # Therefore notify registry so that pre-delete checks can be run with context.session.begin(subtransactions=True): # _get_port returns a sqlalchemy model port = self._get_port(context, port_id) if hdn_operator_call: # the port must be removed from the DB super(HdnNeutronPlugin, self).delete_port(context, port_id) LOG.debug("Port delete operation for %s completed", port_id) return # Put the port in PENDING_DELETE constants.STATUS port.status = constants.STATUS_PENDING_DELETE # TODO(salv-orlando): Notify callback to disassociate floating IPs # on l3 service plugin if not hdn_operator_call: registry.notify(resources.PORT, events.AFTER_DELETE, self, tenant_id=context.tenant_id, resource_id=port_id) # Notify HDN operators hdnlib.notify_port_delete({'id': port_id, 'tenant_id': context.tenant_id}) LOG.debug(_("Queued request to delete port: %s"), port_id) else: LOG.debug(_("Port %s destroyed"), port_id)
def _validate_router_migration(self, context, router_db, router_res): """Allow centralized -> distributed state transition only.""" if (router_db.extra_attributes.distributed and router_res.get('distributed') is False): LOG.info(_LI("Centralizing distributed router %s " "is not supported"), router_db['id']) raise n_exc.BadRequest( resource='router', msg=_("Migration from distributed router to centralized is " "not supported")) elif (not router_db.extra_attributes.distributed and router_res.get('distributed')): # router should be disabled in order for upgrade if router_db.admin_state_up: msg = _('Cannot upgrade active router to distributed. Please ' 'set router admin_state_up to False prior to upgrade.') raise n_exc.BadRequest(resource='router', msg=msg) # Notify advanced services of the imminent state transition # for the router. try: kwargs = {'context': context, 'router': router_db} registry.notify( resources.ROUTER, events.BEFORE_UPDATE, self, **kwargs) except exceptions.CallbackFailure as e: with excutils.save_and_reraise_exception(): # NOTE(armax): preserve old check's behavior if len(e.errors) == 1: raise e.errors[0].error raise l3.RouterInUse(router_id=router_db['id'], reason=e)
def _process_l3_create(self, context, net_data, req_data): external = req_data.get(external_net.EXTERNAL) external_set = validators.is_attr_set(external) if not external_set: return # TODO(armax): these notifications should switch to *_COMMIT # when the event becomes available, as this block is expected # to be called within a plugin's session if external: try: registry.notify( resources.EXTERNAL_NETWORK, events.BEFORE_CREATE, self, context=context, request=req_data, network=net_data) except c_exc.CallbackFailure as e: # raise the underlying exception raise e.errors[0].error context.session.add( ext_net_models.ExternalNetwork(network_id=net_data['id'])) context.session.add(rbac_db.NetworkRBAC( object_id=net_data['id'], action='access_as_external', target_tenant='*', tenant_id=net_data['tenant_id'])) registry.notify( resources.EXTERNAL_NETWORK, events.AFTER_CREATE, self, context=context, request=req_data, network=net_data) net_data[external_net.EXTERNAL] = external
def _process_added_router(self, router): self._router_added(router['id'], router) ri = self.router_info[router['id']] ri.router = router ri.process(self) registry.notify(resources.ROUTER, events.AFTER_CREATE, self, router=ri) self.l3_ext_manager.add_router(self.context, router)
def _delete(self, request, id, **kwargs): action = self._plugin_handlers[self.DELETE] # Check authz policy.init() parent_id = kwargs.get(self._parent_id_name) obj = self._item(request, id, parent_id=parent_id) try: policy.enforce(request.context, action, obj, pluralized=self._collection) except oslo_policy.PolicyNotAuthorized: # To avoid giving away information, pretend that it # doesn't exist msg = _('The resource could not be found.') raise webob.exc.HTTPNotFound(msg) obj_deleter = getattr(self._plugin, action) obj_deleter(request.context, id, **kwargs) # A delete operation usually alters resource usage, so mark affected # usage trackers as dirty resource_registry.set_resources_dirty(request.context) notifier_method = self._resource + '.delete.end' self._notifier.info(request.context, notifier_method, {self._resource + '_id': id}) result = {self._resource: self._view(request.context, obj)} registry.notify(self._resource, events.BEFORE_RESPONSE, self, context=request.context, data=result, method_name=notifier_method, action=action, original={})
def delete_security_group_rule(self, context, id): kwargs = { 'context': context, 'security_group_rule_id': id } self._registry_notify(resources.SECURITY_GROUP_RULE, events.BEFORE_DELETE, id=id, exc_cls=ext_sg.SecurityGroupRuleInUse, **kwargs) with context.session.begin(subtransactions=True): query = self._model_query(context, SecurityGroupRule).filter( SecurityGroupRule.id == id) self._registry_notify(resources.SECURITY_GROUP_RULE, events.PRECOMMIT_DELETE, exc_cls=ext_sg.SecurityGroupRuleInUse, id=id, **kwargs) try: # As there is a filter on a primary key it is not possible for # MultipleResultsFound to be raised context.session.delete(query.one()) except exc.NoResultFound: raise ext_sg.SecurityGroupRuleNotFound(id=id) registry.notify( resources.SECURITY_GROUP_RULE, events.AFTER_DELETE, self, **kwargs)
def update_device_up(self, rpc_context, **kwargs): """Device is up on agent.""" agent_id = kwargs.get('agent_id') device = kwargs.get('device') host = kwargs.get('host') LOG.debug("Device %(device)s up at agent %(agent_id)s", {'device': device, 'agent_id': agent_id}) plugin = manager.NeutronManager.get_plugin() port_id = plugin._device_to_port_id(device) if (host and not plugin.port_bound_to_host(rpc_context, port_id, host)): LOG.debug("Device %(device)s not bound to the" " agent host %(host)s", {'device': device, 'host': host}) return port_id = plugin.update_port_status(rpc_context, port_id, q_const.PORT_STATUS_ACTIVE, host) try: # NOTE(armax): it's best to remove all objects from the # session, before we try to retrieve the new port object rpc_context.session.expunge_all() port = plugin._get_port(rpc_context, port_id) except exceptions.PortNotFound: LOG.debug('Port %s not found during update', port_id) else: kwargs = { 'context': rpc_context, 'port': port, 'update_device_up': True } registry.notify( resources.PORT, events.AFTER_UPDATE, plugin, **kwargs)
def _check_subnet_not_used(context, subnet_id): try: kwargs = {'context': context, 'subnet_id': subnet_id} registry.notify( resources.SUBNET, events.BEFORE_DELETE, None, **kwargs) except exceptions.CallbackFailure as e: raise n_exc.SubnetInUse(subnet_id=subnet_id, reason=e)
def _process_l3_update(self, context, net_data, req_data): try: registry.notify( resources.EXTERNAL_NETWORK, events.BEFORE_UPDATE, self, context=context, request=req_data, network=net_data) except c_exc.CallbackFailure as e: # raise the underlying exception raise e.errors[0].error new_value = req_data.get(external_net.EXTERNAL) net_id = net_data['id'] if not attributes.is_attr_set(new_value): return if net_data.get(external_net.EXTERNAL) == new_value: return if new_value: context.session.add(ExternalNetwork(network_id=net_id)) net_data[external_net.EXTERNAL] = True else: # must make sure we do not have any external gateway ports # (and thus, possible floating IPs) on this network before # allow it to be update to external=False port = context.session.query(models_v2.Port).filter_by( device_owner=DEVICE_OWNER_ROUTER_GW, network_id=net_data['id']).first() if port: raise external_net.ExternalNetworkInUse(net_id=net_id) context.session.query(ExternalNetwork).filter_by( network_id=net_id).delete() net_data[external_net.EXTERNAL] = False
def remove_subports(self, context, trunk_id, subports): """Remove one or more subports from trunk.""" with db_api.autonested_transaction(context.session): trunk = self._get_trunk(context, trunk_id) rules.trunk_can_be_managed(context, trunk) subports_validator = rules.SubPortsValidator( self._segmentation_types, subports) # the subports are being removed, therefore we do not need to # enforce any specific trunk rules, other than basic validation # of the request body. subports = subports_validator.validate( context, basic_validation=True, trunk_validation=False) current_subports = {p.port_id: p for p in trunk.sub_ports} removed_subports = [] for subport in subports: subport_obj = current_subports.pop(subport['port_id'], None) if not subport_obj: raise trunk_exc.SubPortNotFound(trunk_id=trunk_id, port_id=subport['port_id']) subport_obj.delete() removed_subports.append(subport_obj) trunk.sub_ports = list(current_subports.values()) registry.notify( constants.SUBPORTS, events.AFTER_DELETE, self, removed_subports=removed_subports) return trunk
def _update(self, request, id, body, **kwargs): body = Controller.prepare_request_body( request.context, copy.deepcopy(body), False, self._resource, self._attr_info, allow_bulk=self._allow_bulk ) action = self._plugin_handlers[self.UPDATE] # Load object to check authz # but pass only attributes in the original body and required # by the policy engine to the policy 'brain' field_list = [ name for (name, value) in six.iteritems(self._attr_info) if (value.get("required_by_policy") or value.get("primary_key") or "default" not in value) ] # Ensure policy engine is initialized policy.init() parent_id = kwargs.get(self._parent_id_name) orig_obj = self._item(request, id, field_list=field_list, parent_id=parent_id) orig_object_copy = copy.copy(orig_obj) orig_obj.update(body[self._resource]) # Make a list of attributes to be updated to inform the policy engine # which attributes are set explicitly so that it can distinguish them # from the ones that are set to their default values. orig_obj[n_const.ATTRIBUTES_TO_UPDATE] = body[self._resource].keys() try: policy.enforce(request.context, action, orig_obj, pluralized=self._collection) except oslo_policy.PolicyNotAuthorized: with excutils.save_and_reraise_exception() as ctxt: # If a tenant is modifying it's own object, it's safe to return # a 403. Otherwise, pretend that it doesn't exist to avoid # giving away information. if request.context.tenant_id != orig_obj["tenant_id"]: ctxt.reraise = False msg = _("The resource could not be found.") raise webob.exc.HTTPNotFound(msg) obj_updater = getattr(self._plugin, action) kwargs = {self._resource: body} if parent_id: kwargs[self._parent_id_name] = parent_id obj = obj_updater(request.context, id, **kwargs) # Usually an update operation does not alter resource usage, but as # there might be side effects it might be worth checking for changes # in resource usage here as well (e.g: a tenant port is created when a # router interface is added) resource_registry.set_resources_dirty(request.context) result = {self._resource: self._view(request.context, obj)} notifier_method = self._resource + ".update.end" self._notifier.info(request.context, notifier_method, result) registry.notify( self._resource, events.BEFORE_RESPONSE, self, context=request.context, data=result, method_name=notifier_method, action=action, original=orig_object_copy, ) return result
def create_network(self, context, network): """Instruct HDN operators to create a network This function implements the "network create" Neutron API operation. @param context - The Neutron context reference. This parameter holds a database session (context.session), the identifier of the tenant performing the operation (context.tenant_id), and other attributes such as a flag to test whether the tenant is an administrator (context.is_admin) @param network - A dict containing data of the network to be created """ # Set the status of the network as 'PENDING CREATE' network['network']['status'] = constants.STATUS_PENDING_CREATE with db_api.autonested_transaction(context.session): new_net = super(HdnNeutronPlugin, self).create_network( context, network) self._process_l3_create(context, new_net, network['network']) # Use the HDN library to notify operators about the new network LOG.debug("Queued request to create network: %s", new_net['id']) hdnlib.notify_network_create(new_net) # Network is not present in neutron.callbacks.resources # TODO(salv-orlando): do not use literal for resource name registry.notify('NETWORK', events.AFTER_CREATE, self, tenant_id=context.tenant_id, resource_id=new_net['id']) return new_net
def delete_security_group(self, context, id): filters = {'security_group_id': [id]} ports = self._get_port_security_group_bindings(context, filters) if ports: raise ext_sg.SecurityGroupInUse(id=id) # confirm security group exists sg = self._get_security_group(context, id) if sg['name'] == 'default' and not context.is_admin: raise ext_sg.SecurityGroupCannotRemoveDefault() kwargs = { 'context': context, 'security_group_id': id, 'security_group': sg, } # NOTE(armax): a callback exception here will prevent the request # from being processed. This is a hook point for backend's validation; # we raise to propagate the reason for the failure. try: registry.notify( resources.SECURITY_GROUP, events.BEFORE_DELETE, self, **kwargs) except exceptions.CallbackFailure as e: reason = _('cannot be deleted due to %s') % e raise ext_sg.SecurityGroupInUse(id=id, reason=reason) with context.session.begin(subtransactions=True): context.session.delete(sg) kwargs.pop('security_group') registry.notify(resources.SECURITY_GROUP, events.AFTER_DELETE, self, **kwargs)
def create_net_assoc_postcommit(self, context, net_assoc): kwargs = { 'context': context, 'bgpvpn_id': net_assoc['bgpvpn_id'], 'network_id': net_assoc['network_id'] } registry.notify(resources.BGPVPN_NETWORK_ASSOC, events.AFTER_CREATE, self, **kwargs)
def __init__(self): db_base_plugin_v2.NeutronDbPluginV2.register_dict_extend_funcs( attributes.PORTS, [_extend_port_trunk_details]) self._segmentation_types = {} registry.subscribe(rules.enforce_port_deletion_rules, resources.PORT, events.BEFORE_DELETE) registry.notify(constants.TRUNK_PLUGIN, events.AFTER_INIT, self) LOG.debug('Trunk plugin loaded')
def _router_added(self, router_id, router): ri = self._create_router(router_id, router) registry.notify(resources.ROUTER, events.BEFORE_CREATE, self, router=ri) self.router_info[router_id] = ri ri.initialize(self.process_monitor)
def create_security_group_rule(self, context, security_group_rule): res = self._create_security_group_rule(context, security_group_rule) registry.notify(resources.SECURITY_GROUP_RULE, events.AFTER_CREATE, self, context=context, security_group_rule=res) return res
def delete_router_assoc_postcommit(self, ctx, router_assoc): kwargs = { 'context': ctx, 'bgpvpn_id': router_assoc['bgpvpn_id'], 'router_id': router_assoc['router_id'] } registry.notify(resources.BGPVPN_ROUTER_ASSOC, events.AFTER_DELETE, self, **kwargs)
def _process_updated_router(self, router): ri = self.router_info[router['id']] ri.router = router registry.notify(resources.ROUTER, events.BEFORE_UPDATE, self, router=ri) ri.process(self) registry.notify(resources.ROUTER, events.AFTER_UPDATE, self, router=ri) self.l3_ext_manager.update_router(self.context, router)
def _update(self, request, id, body, **kwargs): body = Controller.prepare_request_body(request.context, copy.deepcopy(body), False, self._resource, self._attr_info, allow_bulk=self._allow_bulk) action = self._plugin_handlers[self.UPDATE] # Load object to check authz # but pass only attributes in the original body and required # by the policy engine to the policy 'brain' field_list = [name for (name, value) in six.iteritems(self._attr_info) if (value.get('required_by_policy') or value.get('primary_key') or 'default' not in value)] # Ensure policy engine is initialized policy.init() parent_id = kwargs.get(self._parent_id_name) orig_obj = self._item(request, id, field_list=field_list, parent_id=parent_id) orig_object_copy = copy.copy(orig_obj) orig_obj.update(body[self._resource]) # Make a list of attributes to be updated to inform the policy engine # which attributes are set explicitly so that it can distinguish them # from the ones that are set to their default values. orig_obj[n_const.ATTRIBUTES_TO_UPDATE] = body[self._resource].keys() try: policy.enforce(request.context, action, orig_obj, pluralized=self._collection) except oslo_policy.PolicyNotAuthorized: with excutils.save_and_reraise_exception() as ctxt: # If a tenant is modifying it's own object, it's safe to return # a 403. Otherwise, pretend that it doesn't exist to avoid # giving away information. if request.context.tenant_id != orig_obj['tenant_id']: ctxt.reraise = False msg = _('The resource could not be found.') raise webob.exc.HTTPNotFound(msg) obj_updater = getattr(self._plugin, action) kwargs = {self._resource: body} if parent_id: kwargs[self._parent_id_name] = parent_id obj = obj_updater(request.context, id, **kwargs) # Usually an update operation does not alter resource usage, but as # there might be side effects it might be worth checking for changes # in resource usage here as well (e.g: a tenant port is created when a # router interface is added) resource_registry.set_resources_dirty(request.context) result = {self._resource: self._view(request.context, obj)} notifier_method = self._resource + '.update.end' self._notifier.info(request.context, notifier_method, result) registry.notify(self._resource, events.BEFORE_RESPONSE, self, context=request.context, data=result, method_name=notifier_method, action=action, original=orig_object_copy) return result
def create_or_update_agent(self, context, agent_state): """Registers new agent in the database or updates existing. Returns tuple of agent status and state. Status is from server point of view: alive, new or revived. It could be used by agent to do some sync with the server if needed. """ status = n_const.AGENT_ALIVE with context.session.begin(subtransactions=True): res_keys = ['agent_type', 'binary', 'host', 'topic'] res = dict((k, agent_state[k]) for k in res_keys) if 'availability_zone' in agent_state: res['availability_zone'] = agent_state['availability_zone'] configurations_dict = agent_state.get('configurations', {}) res['configurations'] = jsonutils.dumps(configurations_dict) resource_versions_dict = agent_state.get('resource_versions') if resource_versions_dict: res['resource_versions'] = jsonutils.dumps( resource_versions_dict) res['load'] = self._get_agent_load(agent_state) current_time = timeutils.utcnow() try: agent_db = self._get_agent_by_type_and_host( context, agent_state['agent_type'], agent_state['host']) if not agent_db.is_active: status = n_const.AGENT_REVIVED if 'resource_versions' not in agent_state: # updating agent_state with resource_versions taken # from db so that # _update_local_agent_resource_versions() will call # version_manager and bring it up to date agent_state['resource_versions'] = self._get_dict( agent_db, 'resource_versions', ignore_missing=True) res['heartbeat_timestamp'] = current_time if agent_state.get('start_flag'): res['started_at'] = current_time greenthread.sleep(0) self._log_heartbeat(agent_state, agent_db, configurations_dict) agent_db.update(res) event_type = events.AFTER_UPDATE except ext_agent.AgentNotFoundByTypeHost: greenthread.sleep(0) res['created_at'] = current_time res['started_at'] = current_time res['heartbeat_timestamp'] = current_time res['admin_state_up'] = cfg.CONF.enable_new_agents agent_db = Agent(**res) greenthread.sleep(0) context.session.add(agent_db) event_type = events.AFTER_CREATE self._log_heartbeat(agent_state, agent_db, configurations_dict) status = n_const.AGENT_NEW greenthread.sleep(0) registry.notify(resources.AGENT, event_type, self, context=context, host=agent_state['host'], plugin=self, agent=agent_state) return status, agent_state
def delete_agent(self, context, id): agent = self._get_agent(context, id) registry.notify(resources.AGENT, events.BEFORE_DELETE, self, context=context, agent=agent) with context.session.begin(subtransactions=True): context.session.delete(agent)
def test_vif_details_bridge_name_handler_registration(self, mock_gen_br_name): driver.register() mock_gen_br_name.return_value = 'fake-trunk-br-name' test_trigger = mock.Mock() registry.notify(agent_consts.OVS_BRIDGE_NAME, events.BEFORE_READ, test_trigger, **{'port': {'trunk_details': {'trunk_id': 'foo'}}}) test_trigger.assert_called_once_with('fake-trunk-br-name')
def test_subscribe_address_scope_of_subnetpool(self, notify): l3_db.subscribe() registry.notify(resources.SUBNETPOOL_ADDRESS_SCOPE, events.AFTER_UPDATE, mock.ANY, context=mock.ANY, subnetpool_id='fake_id') notify.assert_called_once_with(resources.SUBNETPOOL_ADDRESS_SCOPE, events.AFTER_UPDATE, mock.ANY, context=mock.ANY, subnetpool_id='fake_id')
def remove_subports(self, context, trunk_id, subports): """Remove one or more subports from trunk.""" subports = subports['sub_ports'] with db_api.autonested_transaction(context.session): trunk = self._get_trunk(context, trunk_id) original_trunk = copy.deepcopy(trunk) rules.trunk_can_be_managed(context, trunk) subports_validator = rules.SubPortsValidator( self._segmentation_types, subports) # the subports are being removed, therefore we do not need to # enforce any specific trunk rules, other than basic validation # of the request body. subports = subports_validator.validate(context, basic_validation=True, trunk_validation=False) current_subports = {p.port_id: p for p in trunk.sub_ports} removed_subports = [] for subport in subports: subport_obj = current_subports.pop(subport['port_id'], None) if not subport_obj: raise trunk_exc.SubPortNotFound(trunk_id=trunk_id, port_id=subport['port_id']) subport_obj.delete() removed_subports.append(subport_obj) del trunk.sub_ports[:] trunk.sub_ports.extend(current_subports.values()) # NOTE(status_police): the trunk status should transition to # PENDING irrespective of the status in which it is in to allow # the user to resolve potential conflicts due to prior add_subports # operations. # Should a trunk be in PENDING or BUILD state (e.g. when dealing # with multiple concurrent requests), the status is still forced # to PENDING. See add_subports() for more details. trunk.status = constants.PENDING_STATUS trunk.update() payload = callbacks.TrunkPayload(context, trunk_id, current_trunk=trunk, original_trunk=original_trunk, subports=removed_subports) if removed_subports: registry.notify(constants.SUBPORTS, events.PRECOMMIT_DELETE, self, payload=payload) if removed_subports: registry.notify(constants.SUBPORTS, events.AFTER_DELETE, self, payload=payload) return trunk
def add_subports(self, context, trunk_id, subports): """Add one or more subports to trunk.""" with db_api.autonested_transaction(context.session): trunk = self._get_trunk(context, trunk_id) # Check for basic validation since the request body here is not # automatically validated by the API layer. subports = subports['sub_ports'] subports_validator = rules.SubPortsValidator( self._segmentation_types, subports, trunk['port_id']) subports = subports_validator.validate(context, basic_validation=True) added_subports = [] rules.trunk_can_be_managed(context, trunk) original_trunk = copy.deepcopy(trunk) # NOTE(status_police): the trunk status should transition to # DOWN (and finally in ACTIVE or ERROR), only if it is not in # ERROR status already. A user should attempt to resolve the ERROR # condition before adding more subports to the trunk. Should a # trunk be in DOWN or BUILD state (e.g. when dealing with # multiple concurrent requests), the status is still forced to # DOWN and thus can potentially overwrite an interleaving state # change to ACTIVE. Eventually the driver should bring the status # back to ACTIVE or ERROR. if trunk.status == constants.ERROR_STATUS: raise trunk_exc.TrunkInErrorState(trunk_id=trunk_id) else: trunk.update(status=constants.DOWN_STATUS) for subport in subports: obj = trunk_objects.SubPort( context=context, trunk_id=trunk_id, port_id=subport['port_id'], segmentation_type=subport['segmentation_type'], segmentation_id=subport['segmentation_id']) obj.create() trunk['sub_ports'].append(obj) added_subports.append(obj) payload = callbacks.TrunkPayload(context, trunk_id, current_trunk=trunk, original_trunk=original_trunk, subports=added_subports) if added_subports: registry.notify(constants.SUBPORTS, events.PRECOMMIT_CREATE, self, payload=payload) if added_subports: registry.notify(constants.SUBPORTS, events.AFTER_CREATE, self, payload=payload) return trunk
def _check_router_not_in_use(self, context, router_id): try: kwargs = {'context': context, 'router_id': router_id} registry.notify( resources.ROUTER, events.BEFORE_DELETE, self, **kwargs) except exceptions.CallbackFailure as e: with excutils.save_and_reraise_exception(): if len(e.errors) == 1: raise e.errors[0].error raise l3.RouterInUse(router_id=router_id, reason=e)
def check_delete_network_precommit(context, id): try: kwargs = {'context': context, 'network_id': id} registry.notify(midonet_const.MIDONET_NETWORK, events.PRECOMMIT_DELETE, None, **kwargs) except callback_exc.CallbackFailure as e: with excutils.save_and_reraise_exception(): if len(e.errors) == 1: raise e.errors[0].error raise midonet_exc.MidonetNetworkInUse(network_id=id, reason=e)
def main(argv=sys.argv[1:]): _init_cfg() _init_resource_plugin() nsx_plugin_in_use = _get_plugin() LOG.info(_LI('NSX Plugin in use: %s'), nsx_plugin_in_use) _validate_resource_choice(cfg.CONF.resource, nsx_plugin_in_use) _validate_op_choice(cfg.CONF.operation, nsx_plugin_in_use) registry.notify(cfg.CONF.resource, cfg.CONF.operation, 'nsxadmin', force=cfg.CONF.force, property=cfg.CONF.property)
def _set_bridge_name(port, vif_details): # REVISIT(rawlin): add BridgeName as a nullable column to the Port # model and simply check here if it's set and insert it into the # vif_details. def set_bridge_name_inner(bridge_name): vif_details[portbindings.VIF_DETAILS_BRIDGE_NAME] = bridge_name registry.notify( a_const.OVS_BRIDGE_NAME, events.BEFORE_READ, set_bridge_name_inner, port=port)
def _registry_notify(self, res, event, id=None, exc_cls=None, **kwargs): # NOTE(armax): a callback exception here will prevent the request # from being processed. This is a hook point for backend's validation; # we raise to propagate the reason for the failure. try: registry.notify(res, event, self, **kwargs) except exceptions.CallbackFailure as e: if exc_cls: reason = (_('cannot perform %(event)s due to %(reason)s') % {'event': event, 'reason': e}) raise exc_cls(reason=reason, id=id)
def _router_added(self, router_id, router): ri = self._create_router(router_id, router) registry.notify(resources.ROUTER, events.BEFORE_CREATE, self, router=ri) self.router_info[router_id] = ri ri.initialize(self.process_monitor) # TODO(Carl) This is a hook in to fwaas. It should be cleaned up. self.process_router_add(ri)
def create_segment(self, context, segment): """Create a segment.""" segment = segment['segment'] segment_id = segment.get('id') or uuidutils.generate_uuid() try: new_segment = self._create_segment_db(context, segment_id, segment) except db_exc.DBReferenceError: raise n_exc.NetworkNotFound(net_id=segment['network_id']) registry.notify(resources.SEGMENT, events.AFTER_CREATE, self, context=context, segment=new_segment) return self._make_segment_dict(new_segment)
def create_subnet(self, context, subnet): subnet['subnet']['status'] = constants.STATUS_PENDING_CREATE new_subnet = super(HdnNeutronPlugin, self).create_subnet( context, subnet) registry.notify(resources.SUBNET, events.AFTER_CREATE, self, tenant_id=context.tenant_id, resource_id=new_subnet['id']) # Notify HDN operators hdnlib.notify_subnet_create(new_subnet) LOG.debug("Queued request to create subnet: %s", new_subnet['id']) return new_subnet
def after(self, state): resource_name = state.request.context.get('resource') collection_name = state.request.context.get('collection') neutron_context = state.request.context.get('neutron_context') if not resource_name: LOG.debug("Skipping NotifierHook processing as there was no " "resource associated with the request") return action = pecan_constants.ACTION_MAP.get(state.request.method) if not action or action not in ('create', 'update', 'delete'): LOG.debug("No notification will be sent for action: %s", action) return if utils.is_member_action(utils.get_controller(state)): return if state.response.status_int > 300: LOG.debug( "No notification will be sent due to unsuccessful " "status code: %s", state.response.status_int) return original = {} if (action in ('delete', 'update') and state.request.context.get('original_resources', [])): # We only need the original resource for updates and deletes original = state.request.context.get('original_resources')[0] if action == 'delete': # The object has been deleted, so we must notify the agent with the # data of the original object as the payload, but we do not need # to pass it in as the original result = {resource_name: original} original = {} else: if not state.response.body: result = {} else: result = state.response.json notifier_method = '%s.%s.end' % (resource_name, action) notifier_action = utils.get_controller(state).plugin_handlers[action] registry.notify(resource_name, events.BEFORE_RESPONSE, self, context=neutron_context, data=result, method_name=notifier_method, action=notifier_action, collection=collection_name, original=original) if action == 'delete': resource_id = state.request.context.get('resource_id') result = {resource_name + '_id': resource_id} self._notifier.info(neutron_context, notifier_method, result)
def create_bgpvpn_postcommit(self, ctx, bgpvpn): bgpvpn_rts = self._format_bgpvpn_route_targets(bgpvpn) kwargs = { 'id': bgpvpn['id'], 'name': bgpvpn['name'], 'context': ctx, 'type': bgpvpn['type'], 'rd': bgpvpn['route_distinguishers'], 'vni': bgpvpn['vni'] } kwargs.update(bgpvpn_rts) registry.notify(resources.BGPVPN, events.AFTER_CREATE, self, **kwargs)
def update_network(core_plugin, context, network_id, net_data): network = core_plugin.update_network(context, network_id, {resources.NETWORK: net_data}) # bundle the plugin API update with any other action required to # reflect a state change on the network, e.g. DHCP notifications registry.notify(resources.NETWORK, events.BEFORE_RESPONSE, core_plugin, context=context, data={resources.NETWORK: network}, method_name='network.update.end') return network
def update_subnet(self, context, subnet_id, subnet): # Put the subnet in PENDING UPDATE status subnet['subnet']['status'] = constants.STATUS_PENDING_UPDATE upd_subnet = super(HdnNeutronPlugin, self).update_subnet( context, subnet_id, subnet) LOG.debug("Queued request to update subnet: %s", subnet['id']) registry.notify(resources.SUBNET, events.AFTER_UPDATE, self, tenant_id=context.tenant_id, resource_id=subnet_id) # Notify HDN operators hdnlib.notify_subnet_update(upd_subnet) return upd_subnet
def audit_agent_state(self): """ Audit the current state of the agent to determine if fault reports need to be raised or cleared """ LOG.debug("Audit agent state") previous_agents = self.agents admin_context = context.get_admin_context() self.agents = {a['id']: a for a in self.get_agents(admin_context)} new_alive_topics = set() host_availability = {} for uuid, agent in six.iteritems(self.agents): if agent['agent_type'] == constants.AGENT_TYPE_BGP_ROUTING: if not self.is_bgp_enabled(): self.agents[uuid] = None self.delete_agent(admin_context, uuid) continue hostname = agent['host'] if hostname not in host_availability: # NOTE(alegacy): Cache to avoid repeating for multiple # agents on same host. host_availability[hostname] = \ self.is_host_available(admin_context, hostname) if not host_availability[hostname]: # If agent dies while host is down, delay updating list of # agents until after the host comes online, so that audit # can correctly assess change in agent state at that point. # Set to None so that alarm will be raised or cleared when # host comes up. self.agents[uuid] = None continue elif uuid in previous_agents: previous = previous_agents[uuid] else: previous = None # Raise or clear alarm either if the alive state changes, or # if the alarm hasn't been raised/cleared for this agent yet. if not previous or agent['alive'] != previous['alive']: registry.notify(resources.AGENT, events.AFTER_UPDATE, self, context=admin_context, host=agent['host'], plugin=self, agent=agent) # TODO(alegacy): move fault reporting to a registry callback # Clear fault if agent is alive if agent['alive']: self.clear_agent_fault(agent) new_alive_topics.add(agent['topic']) # Only report fault if agent's host is online else: self.report_agent_fault(agent) for new_alive_topic in new_alive_topics: self._redistribute_for_new_agent(admin_context, new_alive_topic)
def serve_wsgi(cls): try: service = cls.create() service.start() except Exception: with excutils.save_and_reraise_exception(): LOG.exception( _LE('Unrecoverable error: please check log ' 'for details.')) registry.notify(resources.PROCESS, events.BEFORE_SPAWN, service) return service
def delete_rbac_policy(self, context, id): entry = self._get_rbac_policy(context, id) object_type = entry['object_type'] try: registry.notify(RBAC_POLICY, events.BEFORE_DELETE, self, context=context, object_type=object_type, policy=entry) except c_exc.CallbackFailure as ex: raise ext_rbac.RbacPolicyInUse(object_id=entry['object_id'], details=ex) with context.session.begin(subtransactions=True): context.session.delete(entry) self.object_type_cache.pop(id, None)
def test_create_duplicate_default_l2_gateway_noop(self): def_bridge_cluster_name = nsx_v3_mocks.NSX_BRIDGE_CLUSTER_NAME cfg.CONF.set_override("default_bridge_cluster", def_bridge_cluster_name, "nsx_v3") for i in range(0, 2): nsx_v3_driver.NsxV3Driver(mock.MagicMock()) # fake the callback invoked after init registry.notify(resources.PROCESS, events.BEFORE_SPAWN, mock.MagicMock()) l2gws = self.driver._get_l2_gateways(self.context) # Verify whether only one default L2 gateway is created self.assertEqual(1, len(l2gws))
def create_port(self, context, port): # Set port status as PENDING_CREATE port['port']['status'] = constants.STATUS_PENDING_CREATE with db_api.autonested_transaction(context.session): new_port = super(HdnNeutronPlugin, self).create_port( context, port) registry.notify(resources.PORT, events.AFTER_CREATE, self, tenant_id=context.tenant_id, resource_id=new_port['id']) # Notify HDN operators hdnlib.notify_port_create(new_port) LOG.debug("Queued request to create port: %s", new_port['id']) return new_port