def test_vrf_contract_update(self): l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') ext_net = a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1', display_name='INET1') self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name)) self.ns.create_l3outside(self.ctx, l3out) self.ns.create_external_network(self.ctx, ext_net) vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1', display_name='VRF1') self.mgr.create(self.ctx, vrf1) if self.fix_l3out_vrf: self.mgr.update(self.ctx, l3out, vrf_name=vrf1.name) ext_net.provided_contract_names = ['p1_vrf1', 'p2_vrf1'] ext_net.consumed_contract_names = ['c1_vrf1', 'c2_vrf1'] self.ns.connect_vrf(self.ctx, ext_net, vrf1) self._check_vrf_contract_update('stage1') # update contracts ext_net.provided_contract_names = ['arp', 'p2_vrf1'] ext_net.consumed_contract_names = ['arp', 'c2_vrf1'] self.ns.connect_vrf(self.ctx, ext_net, vrf1) self._check_vrf_contract_update('stage2') # unset contracts ext_net.provided_contract_names = [] ext_net.consumed_contract_names = [] self.ns.connect_vrf(self.ctx, ext_net, vrf1) self._check_vrf_contract_update('stage3')
def test_external_subnet_update(self): l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') ext_net = a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1', display_name='INET1') self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name)) self.ns.create_l3outside(self.ctx, l3out) self.ns.create_external_network(self.ctx, ext_net) self.ns.update_external_cidrs(self.ctx, ext_net, ['20.20.20.0/24', '50.50.0.0/16']) # Connect vrf1 to ext_net vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1', display_name='VRF1') self.mgr.create(self.ctx, vrf1) if self.fix_l3out_vrf: self.mgr.update(self.ctx, l3out, vrf_name=vrf1.name) ext_net.provided_contract_names = ['p1_vrf1', 'p2_vrf1'] ext_net.consumed_contract_names = ['c1_vrf1', 'c2_vrf1'] self.ns.connect_vrf(self.ctx, ext_net, vrf1) self._check_external_subnet_update("stage1") # Add & remove external-subnet self.ns.update_external_cidrs(self.ctx, ext_net, ['100.200.0.0/28', '50.50.0.0/16']) self._check_external_subnet_update("stage2") # Remove all external-subnets self.ns.update_external_cidrs(self.ctx, ext_net, []) self._check_external_subnet_update("stage3")
def test_external_network_pre(self): self.mgr.create(self.ctx, a_res.Tenant(name='t1')) l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT', monitored=True) self.mgr.create(self.ctx, l3out) self.ns.create_l3outside(self.ctx, l3out) ext_net = a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1', display_name='INET1', monitored=True, provided_contract_names=['foo'], consumed_contract_names=['bar']) self.mgr.create(self.ctx, ext_net) self.ns.create_external_network(self.ctx, ext_net) ext_net.provided_contract_names.append('EXT-o1') ext_net.consumed_contract_names.append('EXT-o1') self._verify(present=[ext_net]) self.ns.delete_external_network(self.ctx, ext_net) ext_net.provided_contract_names = ['foo'] ext_net.consumed_contract_names = ['bar'] self._verify(present=[ext_net])
def _get_vrf_1_ext_net_1_objects(self, connected=True): return { 'l3out': a_res.L3Outside( tenant_name='t1', name='o1', display_name='OUT', vrf_name='vrf1'), 'ext_net': a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1', display_name='INET1', provided_contract_names=( ['EXT-o1', 'p1_vrf1', 'p2_vrf1'] if connected else ['EXT-o1']), consumed_contract_names=( ['EXT-o1', 'c1_vrf1', 'c2_vrf1'] if connected else ['EXT-o1'])), 'nat_bd': a_res.BridgeDomain( tenant_name='t1', name='EXT-o1', display_name='EXT-OUT', vrf_name='EXT-o1', limit_ip_learn_to_subnets=True, l3out_names=['o1']), 'ext_sub_1': a_res.ExternalSubnet( tenant_name='t1', l3out_name='o1', external_network_name='inet1', cidr='20.20.20.0/24'), 'ext_sub_2': a_res.ExternalSubnet( tenant_name='t1', l3out_name='o1', external_network_name='inet1', cidr='50.50.0.0/16')}
def test_delete_l3outside_with_vrf(self): self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name)) l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') ext_net = a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1', display_name='INET1') ext_net2 = a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1_1', display_name='INET1_1') self.ns.create_l3outside(self.ctx, l3out) self.ns.create_subnet(self.ctx, l3out, '200.10.20.1/28') self.ns.create_external_network(self.ctx, ext_net) self.ns.create_external_network(self.ctx, ext_net2) self.ns.update_external_cidrs(self. ctx, ext_net, ['20.20.20.0/24', '50.50.0.0/16']) # Connect vrf1 to ext_net with external-subnet vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1', display_name='VRF1') self.mgr.create(self.ctx, vrf1) if self.fix_l3out_vrf: self.mgr.update(self.ctx, l3out, vrf_name=vrf1.name) ext_net.provided_contract_names = ['p1_vrf1', 'p2_vrf1'] ext_net.consumed_contract_names = ['c1_vrf1', 'c2_vrf1'] self.ns.connect_vrf(self.ctx, ext_net, vrf1) self._check_delete_l3outside_with_vrf('stage1') self.ns.delete_l3outside(self.ctx, l3out) self._check_delete_l3outside_with_vrf('stage2')
def test_bd_l3out_vrf_in_tenant(self): self.mgr.create(self.ctx, a_res.Tenant(name='dept1')) vrf = a_res.VRF(tenant_name='dept1', name='default') bd1_dept1 = a_res.BridgeDomain(tenant_name='dept1', name='bd1', limit_ip_learn_to_subnets=True, vrf_name='default') bd2_dept1 = a_res.BridgeDomain(tenant_name='dept1', name='bd2', limit_ip_learn_to_subnets=True, vrf_name='foo') for o in [vrf, bd1_dept1, bd2_dept1]: self.mgr.create(self.ctx, o) l3out = a_res.L3Outside(tenant_name='dept1', name='o1') ext_net = a_res.ExternalNetwork( tenant_name='dept1', l3out_name='o1', name='inet1') self.ns.create_l3outside(self.ctx, l3out) self.ns.create_external_network(self.ctx, ext_net) self.mgr.update(self.ctx, l3out, vrf_name='default') self._verify(present=[bd1_dept1, bd2_dept1]) self.ns.connect_vrf(self.ctx, ext_net, vrf) bd1_dept1.l3out_names = ['o1'] self._verify(present=[bd1_dept1, bd2_dept1]) self.ns.disconnect_vrf(self.ctx, ext_net, vrf) bd1_dept1.l3out_names = [] self._verify(present=[bd1_dept1, bd2_dept1])
def fix_no_nat_l3out_ownership(aim_ctx): """Relinquish ownership of no-NAT L3Outs in AIM and APIC.""" saved_l3out_table = sa.Table( 'aim_lib_save_l3out', sa.MetaData(), sa.Column('tenant_name', sa.String(), primary_key=True), sa.Column('name', sa.String(), primary_key=True), sa.Column('monitored', nullable=True), sa.Column('vrf_name', nullable=True)) session = aim_ctx.store.db_session bind = session.get_bind() with session.begin(subtransactions=True): if not saved_l3out_table.exists(bind=bind): return results = session.execute( saved_l3out_table.select(saved_l3out_table.c.monitored.is_(True))) click.echo("Fixing ownership of no-NAT L3Outs") rows = results.fetchall() if rows: cfg_mgr = config.ConfigManager(aim_ctx) system_id = cfg_mgr.get_option('aim_system_id', 'aim') aim_mgr = aim_manager.AimManager() apic = aci_universe.AciUniverse.establish_aci_session(cfg_mgr) for row in rows: l3out = resource.L3Outside(tenant_name=row['tenant_name'], name=row['name']) aim_mgr.update(aim_ctx, l3out, monitored=True) tag_dn = "/mo/" + l3out.dn + "/tag-" + system_id click.echo('Deleting AIM tag %s' % tag_dn) apic.DELETE(tag_dn + ".json") # drop the table after the transaction completes because databases # like MySQL hold locks on the table saved_l3out_table.drop(bind=bind)
def test_connect_vrfs(self): l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') ext_net = a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1', display_name='INET1') self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name)) self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf2_tenant_name)) self.ns.create_l3outside(self.ctx, l3out) self.ns.create_external_network(self.ctx, ext_net) self.ns.update_external_cidrs(self.ctx, ext_net, ['20.20.20.0/24', '50.50.0.0/16']) # connect vrf_1 vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1', display_name='VRF1') if self.vrf1_tenant_name != self.bd1_tenant_name: self.mgr.create(self.ctx, a_res.Tenant(name='dept1')) if self.fix_l3out_vrf: self.mgr.update(self.ctx, l3out, vrf_name=vrf1.name) bd1 = a_res.BridgeDomain(tenant_name=self.bd1_tenant_name, name='bd1', limit_ip_learn_to_subnets=True, vrf_name='vrf1') self.mgr.create(self.ctx, vrf1) self.mgr.create(self.ctx, bd1) ext_net.provided_contract_names = ['p1_vrf1', 'p2_vrf1'] ext_net.consumed_contract_names = ['c1_vrf1', 'c2_vrf1'] self.ns.connect_vrf(self.ctx, ext_net, vrf1) connected_vrfs = self.ns.read_vrfs(self.ctx, ext_net) self.assertEqual(vrf1, connected_vrfs[0]) self._check_connect_vrfs('stage1') # connect vrf_1 again - should be no-op self.ns.connect_vrf(self.ctx, ext_net, vrf1) self._check_connect_vrfs('stage1') # connect vrf_2 vrf2 = a_res.VRF(tenant_name=self.vrf2_tenant_name, name='vrf2', display_name='VRF2') bd2 = a_res.BridgeDomain(tenant_name=self.vrf2_tenant_name, name='bd2', limit_ip_learn_to_subnets=True, vrf_name='vrf2') self.mgr.create(self.ctx, vrf2) self.mgr.create(self.ctx, bd2) ext_net.provided_contract_names = ['p1_vrf2', 'p2_vrf2'] ext_net.consumed_contract_names = ['c1_vrf2', 'c2_vrf2'] if self.fix_l3out_vrf: self.mgr.update(self.ctx, l3out, vrf_name=vrf2.name) self.ns.connect_vrf(self.ctx, ext_net, vrf2) self._check_connect_vrfs('stage2') # disconnect vrf_1 self.ns.disconnect_vrf(self.ctx, ext_net, vrf1) self._check_connect_vrfs('stage3') # disconnect vrf_2 self.ns.disconnect_vrf(self.ctx, ext_net, vrf2) self._check_connect_vrfs('stage4')
def test_connect_vrf_multiple(self): l3out1 = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') ext_net1 = a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1', display_name='INET1') self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name)) self.ns.create_l3outside(self.ctx, l3out1) self.ns.create_external_network(self.ctx, ext_net1) self.ns.update_external_cidrs(self. ctx, ext_net1, ['20.20.20.0/24', '50.50.0.0/16']) l3out2 = a_res.L3Outside(tenant_name='t2', name='o2', display_name='OUT2') ext_net2 = a_res.ExternalNetwork( tenant_name='t2', l3out_name='o2', name='inet2', display_name='INET2') self.ns.create_l3outside(self.ctx, l3out2) self.ns.create_external_network(self.ctx, ext_net2) self.ns.update_external_cidrs(self. ctx, ext_net2, ['0.0.0.0/0']) vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1', display_name='VRF1') bd1 = a_res.BridgeDomain(tenant_name=self.vrf1_tenant_name, name='bd1', limit_ip_learn_to_subnets=True, vrf_name='vrf1') self.mgr.create(self.ctx, vrf1) self.mgr.create(self.ctx, bd1) if self.fix_l3out_vrf: self.mgr.update(self.ctx, l3out1, vrf_name=vrf1.name) self.mgr.update(self.ctx, l3out2, vrf_name=vrf1.name) ext_net1.provided_contract_names = ['p1_vrf1', 'p2_vrf1'] ext_net1.consumed_contract_names = ['c1_vrf1', 'c2_vrf1'] ext_net2.provided_contract_names = ['p3_vrf1', 'p4_vrf1'] ext_net2.consumed_contract_names = ['c3_vrf1', 'c4_vrf1'] self.ns.connect_vrf(self.ctx, ext_net1, vrf1) self.ns.connect_vrf(self.ctx, ext_net2, vrf1) self._check_connect_vrf_multiple('stage1') self.ns.disconnect_vrf(self.ctx, ext_net1, vrf1) self._check_connect_vrf_multiple('stage2') self.ns.disconnect_vrf(self.ctx, ext_net2, vrf1) self._check_connect_vrf_multiple('stage3')
def _make_l3out_clone(self, ctx, l3out, vrf): new_tenant = vrf.tenant_name new_name, new_display_name = self._generate_l3out_name(l3out, vrf) clone_l3out = resource.L3Outside(tenant_name=new_tenant, name=new_name, display_name=new_display_name, vrf_name=vrf.name) return clone_l3out
def test_l3outside_multiple(self): l3out1 = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') self.ns.create_l3outside(self.ctx, l3out1) other_objs1 = self._get_l3out_objects() l3out1.vrf_name = 'EXT-o1' l3out2 = a_res.L3Outside(tenant_name='t1', name='o2', display_name='OUT2') self.ns.create_l3outside(self.ctx, l3out2) other_objs2 = self._get_l3out_objects('o2', 'OUT2') l3out2.vrf_name = 'EXT-o2' self._verify(present=[l3out1, l3out2] + other_objs1 + other_objs2) self.ns.delete_l3outside(self.ctx, l3out1) self._verify(present=[l3out2] + other_objs2) self.ns.delete_l3outside(self.ctx, l3out2) self._verify(absent=[l3out1, l3out2] + other_objs1 + other_objs2)
def test_get_resources_for_delete(self): objs = [ {'fvBD': {'attributes': { 'dn': 'uni/tn-t1/BD-test'}}}, {'vzRsSubjFiltAtt': {'attributes': { 'dn': 'uni/tn-t1/brc-c/subj-s/rssubjFiltAtt-f'}}}, {'vzRsFiltAtt': {'attributes': { 'dn': 'uni/tn-t1/brc-c/subj-s/intmnl/rsfiltAtt-g'}}}, {'vzRsFiltAtt': {'attributes': { 'dn': 'uni/tn-t1/brc-c/subj-s/outtmnl/rsfiltAtt-h'}}}] keys = [('fvTenant|t1', 'fvBD|test'), ('fvTenant|t1', 'vzBrCP|c', 'vzSubj|s', 'vzRsSubjFiltAtt|f'), ('fvTenant|t1', 'vzBrCP|c', 'vzSubj|s', 'vzInTerm|intmnl', 'vzRsFiltAtt|g'), ('fvTenant|t1', 'vzBrCP|c', 'vzSubj|s', 'vzOutTerm|outtmnl', 'vzRsFiltAtt|h')] result = self.universe.get_resources_for_delete(keys) self.assertEqual(utils.deep_sort(objs), utils.deep_sort(result)) # Create a pending monitored object tn1 = resource.Tenant(name='tn1', monitored=True) monitored_bd = resource.BridgeDomain( tenant_name='tn1', name='monitoredBD', monitored=True) self.universe.manager.create(self.ctx, tn1) self.universe.manager.set_resource_sync_pending(self.ctx, tn1) self.universe.manager.create(self.ctx, monitored_bd) self.universe.manager.set_resource_sync_pending(self.ctx, monitored_bd) self.universe.multiverse = [] result = self.universe.get_resources_for_delete( [('fvTenant|tn1', 'fvBD|monitoredBD')]) self.assertEqual(1, len(result)) result = result[0] self.assertEqual('tagInst', result.keys()[0]) self.assertEqual('uni/tn-tn1/BD-monitoredBD/tag-openstack_aid', list(result.values())[0]['attributes']['dn']) # Delete an RS-node of a monitored object self.universe.manager.create(self.ctx, resource.L3Outside( tenant_name='tn1', name='out', monitored=True)) ext_net = self.universe.manager.create( self.ctx, resource.ExternalNetwork(tenant_name='tn1', l3out_name='out', name='inet', provided_contract_names=['p1'], monitored=True)) self.universe.manager.set_resource_sync_synced(self.ctx, ext_net) result = self.universe.get_resources_for_delete( [('fvTenant|tn1', 'l3extOut|out', 'l3extInstP|inet', 'fvRsProv|p1')]) self.assertEqual(1, len(result)) result = result[0] self.assertEqual('fvRsProv', result.keys()[0]) self.assertEqual('uni/tn-tn1/out-out/instP-inet/rsprov-p1', list(result.values())[0]['attributes']['dn'])
def _get_network_l3out(self, mapping): if not mapping: # REVISIT: Is this still needed now that # _add_network_mapping updates the Network instance's # aim_mapping? If so, the test should probably be moved to # the caller to make all these # _get_<neutron-resource>_<aim-resource> methods more # consistent. return None return aim_resource.L3Outside( tenant_name=mapping.l3out_tenant_name, name=mapping.l3out_name)
def _get_vrf_1_ext_net_2_objects(self): return [ a_res.L3Outside(tenant_name='dept1', name='o2-vrf1', display_name='OUT2-VRF1', vrf_name='vrf1'), a_res.ExternalNetwork( tenant_name='dept1', l3out_name='o2-vrf1', name='inet2', display_name='INET2', provided_contract_names=['p3_vrf1', 'p4_vrf1'], consumed_contract_names=['c3_vrf1', 'c4_vrf1'], nat_epg_dn=('uni/tn-t2/ap-myapp/epg-EXT-o2' if self.with_nat_epg else '')), a_res.ExternalSubnet( tenant_name='dept1', l3out_name='o2-vrf1', external_network_name='inet2', cidr='0.0.0.0/0')]
def read_vrfs(self, ctx, external_network): l3out = self.mgr.get(ctx, self._ext_net_to_l3out(external_network)) result = [] for c in self.db.get_clones(ctx, l3out): l3c = self.mgr.get(ctx, resource.L3Outside(tenant_name=c[0], name=c[1])) if l3c: vrf = self.mgr.get( ctx, resource.VRF(tenant_name=l3c.tenant_name, name=l3c.vrf_name)) if vrf: result.append(vrf) return result
def _delete_shadow(self, ctx, ext_net, vrf): l3out = self.mgr.get(ctx, self._ext_net_to_l3out(ext_net)) clone_l3out = resource.L3Outside(tenant_name=vrf.tenant_name, name=self._generate_l3out_name( l3out, vrf)[0]) clone_ext_net = resource.ExternalNetwork( tenant_name=clone_l3out.tenant_name, l3out_name=clone_l3out.name, name=ext_net.name) with ctx.store.begin(subtransactions=True): self._delete_ext_net(ctx, clone_ext_net) self._delete_unused_l3out(ctx, clone_l3out)
def test_set_unset_bd_l3out(self): l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') bd1 = a_res.BridgeDomain(tenant_name=self.bd1_tenant_name, name='bd1', limit_ip_learn_to_subnets=True, vrf_name='vrf1') self.mgr.create(self.ctx, bd1) self.ns.set_bd_l3out(self.ctx, bd1, l3out) self._check_bd_l3out(bd1, l3out) # add the same l3out again self.ns.set_bd_l3out(self.ctx, bd1, l3out) self._check_bd_l3out(bd1, l3out) self.ns.unset_bd_l3out(self.ctx, bd1, l3out) bd1 = self.mgr.get(self.ctx, bd1) self.assertEqual([], bd1.l3out_names)
def test_connect_vrf_change_disallowed(self): vrf = a_res.VRF(tenant_name='t1', name='vrf', display_name='VRF') l3out = a_res.L3Outside(tenant_name='t1', name='o1') ext_net = a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1') self.ns.create_l3outside(self.ctx, l3out) self.ns.create_external_network(self.ctx, ext_net) self.assertRaises(nat_strategy.L3OutsideVrfChangeDisallowed, self.ns.connect_vrf, self.ctx, ext_net, vrf) vrf = a_res.VRF(tenant_name='common', name='EXT-o1', display_name='VRF2') self.assertRaises(nat_strategy.L3OutsideVrfChangeDisallowed, self.ns.connect_vrf, self.ctx, ext_net, vrf)
def _get_vrf_2_ext_net_1_objects(self): return [ a_res.L3Outside(tenant_name='dept2', name='o1-vrf2', display_name='OUT-VRF2', vrf_name='vrf2'), a_res.ExternalNetwork( tenant_name='dept2', l3out_name='o1-vrf2', name='inet1', display_name='INET1', provided_contract_names=['p1_vrf2', 'p2_vrf2'], consumed_contract_names=['c1_vrf2', 'c2_vrf2'], nat_epg_dn=('uni/tn-t1/ap-myapp/epg-EXT-o1' if self.with_nat_epg else '')), a_res.ExternalSubnet( tenant_name='dept2', l3out_name='o1-vrf2', external_network_name='inet1', cidr='20.20.20.0/24'), a_res.ExternalSubnet( tenant_name='dept2', l3out_name='o1-vrf2', external_network_name='inet1', cidr='50.50.0.0/16')]
def test_l3outside(self): l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') res = self.ns.create_l3outside(self.ctx, l3out) self.assertIsNotNone(res) other_objs = self._get_l3out_objects() l3out.vrf_name = 'EXT-o1' self._verify(present=[l3out] + other_objs) get_objs = self.ns.get_l3outside_resources(self.ctx, l3out) other_objs.append(l3out) self._assert_res_list_eq(get_objs, other_objs) self.ns.delete_l3outside(self.ctx, l3out) self._verify(absent=[l3out] + other_objs) get_objs = self.ns.get_l3outside_resources(self.ctx, l3out) self.assertEqual([], get_objs)
def test_connect_vrf_wrong_tenant(self): vrf = a_res.VRF(tenant_name='dept1', name='vrf', display_name='VRF') l3out = a_res.L3Outside(tenant_name='t1', name='o1') ext_net = a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1') self.ns.create_l3outside(self.ctx, l3out) self.ns.create_external_network(self.ctx, ext_net) self.assertRaises(nat_strategy.VrfNotVisibleFromExternalNetwork, self.ns.connect_vrf, self.ctx, ext_net, vrf) l3out.tenant_name = 'common' ext_net.tenant_name = 'common' self.ns.create_l3outside(self.ctx, l3out) self.ns.create_external_network(self.ctx, ext_net) self.assertRaises(nat_strategy.VrfNotVisibleFromExternalNetwork, self.ns.connect_vrf, self.ctx, ext_net, vrf)
def test_subnet(self): l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') self.ns.create_l3outside(self.ctx, l3out) self.ns.create_subnet(self.ctx, l3out, '200.10.20.1/28') sub = a_res.Subnet(tenant_name='t1', bd_name='EXT-o1', gw_ip_mask='200.10.20.1/28') self._verify(present=[sub]) self._assert_res_eq(sub, self.ns.get_subnet(self.ctx, l3out, '200.10.20.1/28')) self.ns.delete_subnet(self.ctx, l3out, '200.10.20.1/28') self._verify(absent=[sub]) self.assertIsNone(self.ns.get_subnet(self.ctx, l3out, '200.10.20.1/28'))
def test_l3outside_pre(self): self.mgr.create(self.ctx, a_res.Tenant(name='t1')) vrf = a_res.VRF(tenant_name='t1', name='ctx1', monitored=True) self.mgr.create(self.ctx, vrf) l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT', vrf_name='ctx1', monitored=True) self.mgr.create(self.ctx, l3out) self.ns.create_l3outside(self.ctx, l3out) other_objs = self._get_l3out_objects(nat_vrf_name='ctx1') self._verify(present=[l3out, vrf] + other_objs) get_objs = self.ns.get_l3outside_resources(self.ctx, l3out) self._assert_res_list_eq(other_objs + [l3out, vrf], get_objs) self.ns.delete_l3outside(self.ctx, l3out) self._verify(present=[l3out, vrf], absent=other_objs) get_objs = self.ns.get_l3outside_resources(self.ctx, l3out) self.assertEqual([l3out, vrf], get_objs)
def _check_delete_l3outside_with_vrf(self, stage): objs = [a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT', vrf_name='EXT-o1'), a_res.Subnet(tenant_name='t1', bd_name='EXT-o1', gw_ip_mask='200.10.20.1/28'), a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1', display_name='INET1', provided_contract_names=['EXT-o1'], consumed_contract_names=['EXT-o1']), a_res.ExternalNetwork( tenant_name='t1', l3out_name='o1', name='inet1_1', display_name='INET1_1', provided_contract_names=['EXT-o1'], consumed_contract_names=['EXT-o1'])] objs += self._get_vrf_1_ext_net_1_objects() objs += self._get_l3out_objects() if stage == 'stage1': self._verify(present=objs) elif stage == 'stage2': self._verify(absent=objs) else: self.assertFalse(True, 'Unknown test stage %s' % stage)
def test_l3outside_vmm_domains_limited_domains(self): l3out = a_res.L3Outside(tenant_name='t1', name='o1', display_name='OUT') vmm_domains = [{'type': 'OpenStack', 'name': 'ostack'}, {'type': 'VMware', 'name': 'vmware1'}] phys_domains = [{'name': 'phys2'}] res = self.ns.create_l3outside(self.ctx, l3out, vmm_domains=vmm_domains, phys_domains=phys_domains) self.assertIsNotNone(res) other_objs = self._get_l3out_objects(vmm_domains=vmm_domains, phys_domains=phys_domains) l3out.vrf_name = 'EXT-o1' self._verify(present=[l3out] + other_objs) get_objs = self.ns.get_l3outside_resources(self.ctx, l3out) other_objs.append(l3out) self._assert_res_list_eq(get_objs, other_objs) self.ns.delete_l3outside(self.ctx, l3out) self._verify(absent=[l3out] + other_objs) get_objs = self.ns.get_l3outside_resources(self.ctx, l3out) self.assertEqual([], get_objs)
def _get_vrf_1_ext_net_2_objects(self, connected=True): return { 'l3out': a_res.L3Outside( tenant_name='t2', name='o2', display_name='OUT2', vrf_name='vrf1'), 'ext_net': a_res.ExternalNetwork( tenant_name='t2', l3out_name='o2', name='inet2', display_name='INET2', provided_contract_names=( ['EXT-o2', 'p3_vrf1', 'p4_vrf1'] if connected else ['EXT-o2']), consumed_contract_names=( ['EXT-o2', 'c3_vrf1', 'c4_vrf1'] if connected else ['EXT-o2'])), 'nat_bd': a_res.BridgeDomain( tenant_name='t2', name='EXT-o2', display_name='EXT-OUT2', vrf_name='EXT-o2', limit_ip_learn_to_subnets=True, l3out_names=['o2']), 'ext_sub_1': a_res.ExternalSubnet( tenant_name='t2', l3out_name='o2', external_network_name='inet2', cidr='0.0.0.0/0')}
def do_apic_aim_persist_migration(session): alembic_util.msg( "Starting data migration for apic_aim mechanism driver persistence.") db_mixin = db.DbMixin() aim = aim_manager.AimManager() aim_ctx = aim_context.AimContext(session) mapper = apic_mapper.APICNameMapper() with session.begin(subtransactions=True): # Migrate address scopes. scope_dbs = (session.query(as_db.AddressScope).all()) for scope_db in scope_dbs: alembic_util.msg("Migrating address scope: %s" % scope_db) vrf = None ext_db = (session.query(DefunctAddressScopeExtensionDb).filter_by( address_scope_id=scope_db.id).one_or_none()) if ext_db: # It has a pre-existing VRF. vrf = aim_resource.VRF.from_dn(ext_db.vrf_dn) # REVISIT: Get VRF to verify it exists? vrf_owned = False if not vrf: # It does not have a pre-existing VRF. aname = mapper.address_scope(session, scope_db.id) vrfs = aim.find(aim_ctx, aim_resource.VRF, name=aname) if vrfs: vrf = vrfs[0] vrf_owned = True if vrf: db_mixin._add_address_scope_mapping(session, scope_db.id, vrf, vrf_owned) else: alembic_util.warn("No AIM VRF found for address scope: %s" % scope_db) # Migrate networks. net_dbs = (session.query(models_v2.Network).all()) for net_db in net_dbs: alembic_util.msg("Migrating network: %s" % net_db) bd = None epg = None vrf = None ext_db = (session.query(extension_db.NetworkExtensionDb).filter_by( network_id=net_db.id).one_or_none()) if ext_db and ext_db.external_network_dn: # Its a managed external network. ext_net = aim_resource.ExternalNetwork.from_dn( ext_db.external_network_dn) # REVISIT: Get ExternalNetwork to verify it exists? l3out = aim_resource.L3Outside(tenant_name=ext_net.tenant_name, name=ext_net.l3out_name) if ext_db.nat_type == '': ns_cls = nat_strategy.NoNatStrategy elif ext_db.nat_type == 'edge': ns_cls = nat_strategy.EdgeNatStrategy else: ns_cls = nat_strategy.DistributedNatStrategy ns = ns_cls(aim) ns.app_profile_name = 'OpenStack' for resource in ns.get_l3outside_resources(aim_ctx, l3out): if isinstance(resource, aim_resource.BridgeDomain): bd = resource elif isinstance(resource, aim_resource.EndpointGroup): epg = resource elif isinstance(resource, aim_resource.VRF): vrf = resource if not bd: # It must be a normal network. aname = mapper.network(session, net_db.id) bds = aim.find(aim_ctx, aim_resource.BridgeDomain, name=aname) if bds: bd = bds[0] epgs = aim.find(aim_ctx, aim_resource.EndpointGroup, name=aname) if epgs: epg = epgs[0] if bd: vrfs = (aim.find(aim_ctx, aim_resource.VRF, tenant_name=bd.tenant_name, name=bd.vrf_name) or aim.find(aim_ctx, aim_resource.VRF, tenant_name='common', name=bd.vrf_name)) if vrfs: vrf = vrfs[0] if bd and epg and vrf: db_mixin._add_network_mapping(session, net_db.id, bd, epg, vrf) elif not net_db.external: alembic_util.warn( "AIM BD, EPG or VRF not found for network: %s" % net_db) alembic_util.msg( "Finished data migration for apic_aim mechanism driver persistence.")
def do_ap_name_change(session, conf=None): alembic_util.msg("Starting data migration for apic_aim ap name change.") cfg = conf or CONF aim = aim_manager.AimManager() aim_ctx = aim_context.AimContext(session) system_id = cfg.apic_system_id alembic_util.msg("APIC System ID: %s" % system_id) ext_mixin = extension_db.ExtensionDbMixin() db_mixin = db.DbMixin() with session.begin(subtransactions=True): net_dbs = session.query(models_v2.Network).all() for net_db in net_dbs: ext_db = ext_mixin.get_network_extn_db(session, net_db.id) if ext_db and ext_db[ext.EXTERNAL_NETWORK]: alembic_util.msg("Migrating external network: %s" % net_db) # Its a managed external network. ext_net = aim_resource.ExternalNetwork.from_dn( ext_db[ext.EXTERNAL_NETWORK]) ext_net = aim.get(aim_ctx, ext_net) l3out = aim_resource.L3Outside(tenant_name=ext_net.tenant_name, name=ext_net.l3out_name) if ext_db[ext.NAT_TYPE] == '': ns_cls = nat_strategy.NoNatStrategy elif ext_db[ext.NAT_TYPE] == 'edge': ns_cls = nat_strategy.EdgeNatStrategy else: ns_cls = nat_strategy.DistributedNatStrategy clone_ext_nets = {} ns = ns_cls(aim) ns.app_profile_name = 'OpenStack' ns.common_scope = None # Start Cleanup if not isinstance(ns, nat_strategy.NoNatStrategy): l3out_clones = ns.db.get_clones(aim_ctx, l3out) # Retrieve External Networks for l3out_clone in l3out_clones: for extc in aim.find(aim_ctx, aim_resource.ExternalNetwork, tenant_name=l3out_clone[0], l3out_name=l3out_clone[1]): clone_ext_nets[(l3out.tenant_name, l3out.name, extc.name)] = extc vrfs = ns.read_vrfs(aim_ctx, ext_net) session.query(db.NetworkMapping).filter( db.NetworkMapping.network_id == net_db.id).delete() for vrf in vrfs: ns.disconnect_vrf(aim_ctx, ext_net, vrf) ns.delete_external_network(aim_ctx, ext_net) ns.delete_l3outside(aim_ctx, l3out) # Recreate ns.common_scope = system_id ns.create_l3outside(aim_ctx, l3out) ns.create_external_network(aim_ctx, ext_net) ns.update_external_cidrs(aim_ctx, ext_net, ext_db[ext.EXTERNAL_CIDRS]) for subnet in net_db.subnets: aim_subnet = aim_resource.Subnet.to_gw_ip_mask( subnet.gateway_ip, int(subnet.cidr.split('/')[1])) ns.create_subnet(aim_ctx, l3out, aim_subnet) for resource in ns.get_l3outside_resources(aim_ctx, l3out): if isinstance(resource, aim_resource.BridgeDomain): bd = resource elif isinstance(resource, aim_resource.EndpointGroup): epg = resource elif isinstance(resource, aim_resource.VRF): vrf = resource db_mixin._add_network_mapping(session, net_db.id, bd, epg, vrf) eid = (ext_net.tenant_name, ext_net.l3out_name, ext_net.name) for vrf in vrfs: if eid in clone_ext_nets: ext_net.provided_contract_names = clone_ext_nets[ eid].provided_contract_names ext_net.consumed_contract_names = clone_ext_nets[ eid].consumed_contract_names ns.connect_vrf(aim_ctx, ext_net, vrf)
def _find_l3out_clones(self, ctx, l3outside): clone_keys = self.db.get_clones(ctx, l3outside) return [ resource.L3Outside(tenant_name=x[0], name=x[1]) for x in clone_keys ]
def _ext_net_to_l3out(self, ext_net): return resource.L3Outside(tenant_name=ext_net.tenant_name, name=ext_net.l3out_name)