openstack/nova
Code Issues Proposed changes

Merge "Move bridge creation to privsep."

Browse Source
This commit is contained in:
Zuul 2018-12-28 03:04:40 +00:00 committed by Gerrit Code Review
commit 357b8b38e8
6 changed files with 32 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nova/network/linux_net.py
View File

@ -1422,8 +1422,7 @@ class LinuxBridgeInterfaceDriver(LinuxNetInterfaceDriver):
""" """
if not linux_net_utils.device_exists(bridge): if not linux_net_utils.device_exists(bridge):
LOG.debug('Starting Bridge %s', bridge) LOG.debug('Starting Bridge %s', bridge)
out, err = _execute('brctl', 'addbr', bridge, out, err = nova.privsep.linux_net.add_bridge(bridge)
check_exit_code=False, run_as_root=True)
if (err and err != "device %s already exists; can't create " if (err and err != "device %s already exists; can't create "
"bridge with the same name\n" % (bridge)): "bridge with the same name\n" % (bridge)):
msg = _('Failed to add bridge: %s') % err msg = _('Failed to add bridge: %s') % err

9
nova/privsep/linux_net.py
View File

@ -22,6 +22,15 @@ from oslo_concurrency import processutils
import nova.privsep import nova.privsep
@nova.privsep.sys_admin_pctxt.entrypoint
def add_bridge(interface):
"""Add a bridge.
:param interface: the name of the bridge
"""
processutils.execute('brctl', 'addbr', interface)
@nova.privsep.sys_admin_pctxt.entrypoint @nova.privsep.sys_admin_pctxt.entrypoint
def delete_bridge(interface): def delete_bridge(interface):
"""Delete a bridge. """Delete a bridge.

5
nova/tests/functional/api_sample_tests/api_sample_base.py
View File

@ -120,5 +120,10 @@ class ApiSampleTestBaseV21(testscenarios.WithScenarios,
# this is used to generate sample docs # this is used to generate sample docs
self.generate_samples = os.getenv('GENERATE_SAMPLES') is not None self.generate_samples = os.getenv('GENERATE_SAMPLES') is not None
# NOTE(mikal): this is used to stub away privsep helpers
def fake_noop(*args, **kwargs):
return '', ''
self.stub_out('nova.privsep.linux_net.add_bridge', fake_noop)
def _setup_services(self): def _setup_services(self):
pass pass

11
nova/tests/unit/network/test_linux_net.py
View File

@ -590,21 +590,18 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
self.assertEqual(expected, actual) self.assertEqual(expected, actual)
@mock.patch.object(linux_net.iptables_manager.ipv4['filter'], 'add_rule') @mock.patch.object(linux_net.iptables_manager.ipv4['filter'], 'add_rule')
@mock.patch.object(utils, 'execute') @mock.patch('nova.privsep.linux_net.add_bridge',
def test_linux_bridge_driver_plug(self, mock_execute, mock_add_rule): return_value=('', ''))
def test_linux_bridge_driver_plug(self, mock_add_bridge, mock_add_rule):
"""Makes sure plug doesn't drop FORWARD by default. """Makes sure plug doesn't drop FORWARD by default.
Ensures bug 890195 doesn't reappear. Ensures bug 890195 doesn't reappear.
""" """
def fake_execute(*args, **kwargs):
return "", ""
def verify_add_rule(chain, rule): def verify_add_rule(chain, rule):
self.assertEqual('FORWARD', chain) self.assertEqual('FORWARD', chain)
self.assertIn('ACCEPT', rule) self.assertIn('ACCEPT', rule)
mock_execute.side_effect = fake_execute
mock_add_rule.side_effect = verify_add_rule mock_add_rule.side_effect = verify_add_rule
driver = linux_net.LinuxBridgeInterfaceDriver() driver = linux_net.LinuxBridgeInterfaceDriver()
@ -1183,7 +1180,7 @@ class LinuxNetworkTestCase(test.NoDBTestCase):
with test.nested( with test.nested(
mock.patch('nova.network.linux_utils.device_exists', mock.patch('nova.network.linux_utils.device_exists',
return_value=False), return_value=False),
mock.patch.object(linux_net, '_execute', fake_execute) mock.patch('nova.privsep.linux_net.add_bridge', fake_execute)
) as (device_exists, _): ) as (device_exists, _):
driver = linux_net.LinuxBridgeInterfaceDriver() driver = linux_net.LinuxBridgeInterfaceDriver()
driver.ensure_bridge('brq1234567-89', '') driver.ensure_bridge('brq1234567-89', '')

16
nova/tests/unit/network/test_manager.py
View File

@ -935,7 +935,8 @@ class VlanNetworkTestCase(test.TestCase):
self.assertEqual(objects.QuotasNoOp, self.assertEqual(objects.QuotasNoOp,
self.network.quotas_cls) self.network.quotas_cls)
def test_vpn_allocate_fixed_ip(self): @mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
def test_vpn_allocate_fixed_ip(self, mock_add_bridge):
self.mox.StubOutWithMock(db, 'fixed_ip_associate') self.mox.StubOutWithMock(db, 'fixed_ip_associate')
self.mox.StubOutWithMock(db, 'fixed_ip_update') self.mox.StubOutWithMock(db, 'fixed_ip_update')
self.mox.StubOutWithMock(db, self.mox.StubOutWithMock(db,
@ -968,7 +969,8 @@ class VlanNetworkTestCase(test.TestCase):
self.network.allocate_fixed_ip(self.context, FAKEUUID, network, self.network.allocate_fixed_ip(self.context, FAKEUUID, network,
vpn=True) vpn=True)
def test_allocate_fixed_ip(self): @mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
def test_allocate_fixed_ip(self, mock_add_bridge):
self.stubs.Set(self.network, self.stubs.Set(self.network,
'_do_trigger_security_group_members_refresh_for_instance', '_do_trigger_security_group_members_refresh_for_instance',
lambda *a, **kw: None) lambda *a, **kw: None)
@ -1685,7 +1687,9 @@ class VlanNetworkTestCase(test.TestCase):
ctxt, ctxt,
mox.IgnoreArg()) mox.IgnoreArg())
def test_add_fixed_ip_instance_without_vpn_requested_networks(self): @mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
def test_add_fixed_ip_instance_without_vpn_requested_networks(
self, mock_add_bridge):
self.stubs.Set(self.network, self.stubs.Set(self.network,
'_do_trigger_security_group_members_refresh_for_instance', '_do_trigger_security_group_members_refresh_for_instance',
lambda *a, **kw: None) lambda *a, **kw: None)
@ -2829,7 +2833,8 @@ class AllocateTestCase(test.TestCase):
self.user_context = context.RequestContext('testuser', self.user_context = context.RequestContext('testuser',
fakes.FAKE_PROJECT_ID) fakes.FAKE_PROJECT_ID)
def test_allocate_for_instance(self): @mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
def test_allocate_for_instance(self, mock_add_bridge):
address = "10.10.10.10" address = "10.10.10.10"
self.flags(auto_assign_floating_ip=True) self.flags(auto_assign_floating_ip=True)
@ -2893,7 +2898,8 @@ class AllocateTestCase(test.TestCase):
project_id=self.context.project_id, macs=None, project_id=self.context.project_id, macs=None,
requested_networks=requested_networks) requested_networks=requested_networks)
def test_allocate_for_instance_with_mac(self): @mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
def test_allocate_for_instance_with_mac(self, mock_add_bridge):
available_macs = set(['ca:fe:de:ad:be:ef']) available_macs = set(['ca:fe:de:ad:be:ef'])
inst = db.instance_create(self.context, {'host': HOST, inst = db.instance_create(self.context, {'host': HOST,
'display_name': HOST, 'display_name': HOST,

3
nova/tests/unit/virt/xenapi/test_xenapi.py
View File

@ -1135,7 +1135,8 @@ class XenAPIVMTestCase(stubs.XenAPITestBase,
mock.ANY) mock.ANY)
@mock.patch.object(vmops.VMOps, '_create_vifs') @mock.patch.object(vmops.VMOps, '_create_vifs')
def test_spawn_vlanmanager(self, mock_create_vifs): @mock.patch('nova.privsep.linux_net.add_bridge', return_value=('', ''))
def test_spawn_vlanmanager(self, mock_add_bridge, mock_create_vifs):
self.flags(network_manager='nova.network.manager.VlanManager', self.flags(network_manager='nova.network.manager.VlanManager',
vlan_interface='fake0') vlan_interface='fake0')
# Reset network table # Reset network table