x/vmware-nsx
Code Issues Proposed changes

Merge "NSX|P: Remove LB WAF support"

Browse Source
This commit is contained in:
Zuul 2019-06-30 08:03:42 +00:00 committed by Gerrit Code Review
commit a64de7044f
3 changed files with 4 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
vmware_nsx/common/config.py
View File

@ -530,11 +530,6 @@ nsx_p_opts = nsx_v3_and_p + [
cfg.StrOpt('waf_profile', cfg.StrOpt('waf_profile',
help=_("(Optional) Name or UUID of the default WAF profile to " help=_("(Optional) Name or UUID of the default WAF profile to "
"be attached to L7 loadbalancer listeners")), "be attached to L7 loadbalancer listeners")),
cfg.BoolOpt('waf_protect',
default=False,
help=_("If True and waf_profile is set, it will be used with "
"protection mode. If False - it will be used only for "
"detection")),
cfg.BoolOpt('allow_passthrough', cfg.BoolOpt('allow_passthrough',
default=True, default=True,
help=_("If True, use nsx manager api for cases which are not " help=_("If True, use nsx manager api for cases which are not "

16
vmware_nsx/plugins/nsx_p/plugin.py
View File

@ -274,10 +274,8 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base):
az.translate_configured_names_to_uuids( az.translate_configured_names_to_uuids(
self.nsxpolicy, nsxlib=self.nsxlib, search_scope=search_scope) self.nsxpolicy, nsxlib=self.nsxlib, search_scope=search_scope)
self._waf_profile_uuid = self._init_backend_resource( # WAF is currently not supported by the NSX
self.nsxpolicy.waf_profile, self._waf_profile_uuid = None
cfg.CONF.nsx_p.waf_profile,
search_scope=search_scope)
# create or override ipv6 RA service # create or override ipv6 RA service
unicast_ra = self.nsxpolicy.icmp_service.build_entry( unicast_ra = self.nsxpolicy.icmp_service.build_entry(
@ -325,14 +323,8 @@ class NsxPolicyPlugin(nsx_plugin_common.NsxPluginV3Base):
raise nsx_exc.NsxPluginException(err_msg=msg) raise nsx_exc.NsxPluginException(err_msg=msg)
def get_waf_profile_path_and_mode(self): def get_waf_profile_path_and_mode(self):
if not self._waf_profile_uuid: # WAF is currently not supported by the NSX
return None, None return None, None
path = self.nsxpolicy.waf_profile.get_path(
profile_id=self._waf_profile_uuid)
mode = (policy_constants.WAF_OPERATIONAL_MODE_PROTECTION
if cfg.CONF.nsx_p.waf_protect
else policy_constants.WAF_OPERATIONAL_MODE_DETECTION)
return path, mode
def _init_dhcp_metadata(self): def _init_dhcp_metadata(self):
if (cfg.CONF.dhcp_agent_notification and if (cfg.CONF.dhcp_agent_notification and

2
vmware_nsx/tests/unit/nsx_p/test_plugin.py
View File

@ -67,7 +67,6 @@ DEFAULT_TIER0_ROUTER_UUID = "efad0078-9204-4b46-a2d8-d4dd31ed448f"
NSX_DHCP_PROFILE_ID = 'DHCP_PROFILE' NSX_DHCP_PROFILE_ID = 'DHCP_PROFILE'
NSX_MD_PROXY_ID = 'MD_PROXY' NSX_MD_PROXY_ID = 'MD_PROXY'
LOGICAL_SWITCH_ID = '00000000-1111-2222-3333-444444444444' LOGICAL_SWITCH_ID = '00000000-1111-2222-3333-444444444444'
WAF_PROFILE_ID = 'WAF'
def _return_id_key(*args, **kwargs): def _return_id_key(*args, **kwargs):
@ -189,7 +188,6 @@ class NsxPPluginTestCaseMixin(
cfg.CONF.set_override('default_vlan_tz', NSX_VLAN_TZ_NAME, 'nsx_p') cfg.CONF.set_override('default_vlan_tz', NSX_VLAN_TZ_NAME, 'nsx_p')
cfg.CONF.set_override('dhcp_profile', NSX_DHCP_PROFILE_ID, 'nsx_p') cfg.CONF.set_override('dhcp_profile', NSX_DHCP_PROFILE_ID, 'nsx_p')
cfg.CONF.set_override('metadata_proxy', NSX_MD_PROXY_ID, 'nsx_p') cfg.CONF.set_override('metadata_proxy', NSX_MD_PROXY_ID, 'nsx_p')
cfg.CONF.set_override('waf_profile', WAF_PROFILE_ID, 'nsx_p')
cfg.CONF.set_override('dhcp_agent_notification', False) cfg.CONF.set_override('dhcp_agent_notification', False)
def _create_network(self, fmt, name, admin_state_up, def _create_network(self, fmt, name, admin_state_up,