def setup_conf(): ovs_conf.register_ovs_agent_opts(cfg.CONF) lb_conf.register_linuxbridge_opts(cfg.CONF) ml2_conf.register_ml2_plugin_opts(cfg.CONF) securitygroups_rpc.register_securitygroups_opts(cfg.CONF) dhcp_agent.register_options(cfg.CONF) l3_hamode_db.register_db_l3_hamode_opts(cfg.CONF)
def setUp(self): super(TestACLs, self).setUp() self.driver = mock.Mock() self.driver._nb_ovn = fakes.FakeOvsdbNbOvnIdl() self.plugin = fakes.FakePlugin() self.admin_context = mock.Mock() self.fake_port = fakes.FakePort.create_one_port({ 'id': 'fake_port_id1', 'network_id': 'network_id1', 'fixed_ips': [{ 'subnet_id': 'subnet_id1', 'ip_address': '1.1.1.1' }], }).info() self.fake_subnet = fakes.FakeSubnet.create_one_subnet({ 'id': 'subnet_id1', 'ip_version': 4, 'cidr': '1.1.1.0/24', }).info() mock_row_by_value = mock.patch.object(idlutils, 'row_by_value') mock_row_by_value.start() self.addCleanup(mock_row_by_value.stop) mock_acl_columns_severity = mock.patch.object( ovn_acl, '_acl_columns_name_severity_supported', return_value=True) mock_acl_columns_severity.start() self.addCleanup(mock_acl_columns_severity.stop) securitygroups_rpc.register_securitygroups_opts()
def setup_conf(): config.register_common_config_options() ovs_conf.register_ovs_agent_opts(cfg.CONF) lb_conf.register_linuxbridge_opts(cfg.CONF) sriov_conf.register_agent_sriov_nic_opts(cfg.CONF) ml2_conf.register_ml2_plugin_opts(cfg.CONF) securitygroups_rpc.register_securitygroups_opts(cfg.CONF) dhcp_agent.register_options(cfg.CONF) l3_hamode_db.register_db_l3_hamode_opts(cfg.CONF) common_config.register_core_common_config_opts(cfg.CONF)
def setUp(self): super(TestOVSFirewallDriver, self).setUp() mock_bridge = mock.patch.object(ovs_lib, 'OVSBridge', autospec=True).start() securitygroups_rpc.register_securitygroups_opts() self.firewall = ovsfw.OVSFirewallDriver(mock_bridge) self.mock_bridge = self.firewall.int_br self.mock_bridge.reset_mock() self.fake_ovs_port = FakeOVSPort('port', 1, '00:00:00:00:00:00') self.mock_bridge.br.get_vif_port_by_id.return_value = \ self.fake_ovs_port
def setUp(self): security_config.register_securitygroups_opts() super(BaseFirewallTestCase, self).setUp() self.tester, self.firewall = getattr(self, self.initialize)() if self.firewall_name == "openvswitch": self.assign_vlan_to_peers() self.src_port_desc = self._create_port_description( self.tester.vm_port_id, [self.tester.vm_ip_address], self.tester.vm_mac_address, [self.FAKE_SECURITY_GROUP_ID]) # FIXME(jlibosva): We should consider to call prepare_port_filter with # deferred bridge depending on its performance self.firewall.prepare_port_filter(self.src_port_desc)
def register_securitygroups_opts(cfg): # Mitaka compatibility try: from neutron.conf.agent import securitygroups_rpc securitygroups_rpc.register_securitygroups_opts() except ImportError: security_group_opts = [ cfg.BoolOpt( 'enable_security_group', default=True, help=_('Controls whether neutron security groups is enabled ' 'Set it to false to disable security groups')), ] # This can get loaded from other parts of Mitaka because other # mechanism drivers respect this flag too if not (hasattr(cfg.CONF, 'SECURITYGROUP') and hasattr(cfg.CONF.SECURITYGROUP.enable_security_group)): cfg.register_opts(security_group_opts, 'SECURITYGROUP')
def setUp(self): super(TestCookieContext, self).setUp() # Don't attempt to connect to ovsdb mock.patch('neutron.agent.ovsdb.impl_idl.api_factory').start() # Don't trigger iptables -> ovsfw migration mock.patch('neutron.agent.linux.openvswitch_firewall.iptables.Helper' ).start() self.execute = mock.patch.object(utils, "execute", spec=utils.execute).start() bridge = ovs_bridge.OVSAgentBridge('foo', os_ken_app=mock.Mock()) mock.patch.object(ovsfw.OVSFirewallDriver, 'initialize_bridge', return_value=bridge.deferred( full_ordered=True, use_bundle=True)).start() securitygroups_rpc.register_securitygroups_opts() self.firewall = ovsfw.OVSFirewallDriver(bridge) # Remove calls from firewall initialization self.execute.reset_mock()
import functools from oslo_concurrency import lockutils from oslo_config import cfg from oslo_log import log as logging import oslo_messaging from neutron.agent import firewall from neutron.common import constants as common_constants from neutron.conf.agent import securitygroups_rpc as sc_cfg LOG = logging.getLogger(__name__) sc_cfg.register_securitygroups_opts() def is_firewall_enabled(): return cfg.CONF.SECURITYGROUP.enable_security_group def _disable_extension(extension, aliases): if extension in aliases: aliases.remove(extension) def disable_security_group_extension_by_config(aliases): if not is_firewall_enabled(): LOG.info('Disabled security-group extension.') _disable_extension('security-group', aliases)
# import functools from oslo_config import cfg from oslo_log import log as logging import oslo_messaging from neutron.agent import firewall from neutron.conf.agent import securitygroups_rpc as sc_cfg LOG = logging.getLogger(__name__) sc_cfg.register_securitygroups_opts() def is_firewall_enabled(): return cfg.CONF.SECURITYGROUP.enable_security_group def _disable_extension(extension, aliases): if extension in aliases: aliases.remove(extension) def disable_security_group_extension_by_config(aliases): if not is_firewall_enabled(): LOG.info('Disabled security-group extension.') _disable_extension('security-group', aliases)