In this commit FWaaS config check skip is skipped
if neutron server does not support this API.
Commit
d6f014d introduced FWaaS config mismatch check between
server and agent. It added a new RPC method get_service_plugin_list
and bumped l3-agent RPC version to 1.3, but this version RPC is
only supported by L3 router service plugin and
it breaks existing plugins using L3 router mixin.
Bumping l3-agent RPC version requires detailed investigation on all
affected plugins and it can be done by plugin maintainer later.
Change-Id: I388a24b0c6a507203674ef108bb14cea0534f98c
Closes-Bug: #
1353309
self.sync_progress = False
# Get the list of service plugins from Neutron Server
- self.neutron_service_plugins = (
- self.plugin_rpc.get_service_plugin_list(self.context))
+ try:
+ self.neutron_service_plugins = (
+ self.plugin_rpc.get_service_plugin_list(self.context))
+ except n_rpc.RemoteError as e:
+ LOG.warning(_('l3-agent cannot check service plugins '
+ 'enabled at the neutron server when startup '
+ 'due to RPC error. It happens when the server '
+ 'does not support this RPC API. If the error '
+ 'is UnsupportedVersion you can ignore '
+ 'this warning. Detail message: %s'), e)
+ self.neutron_service_plugins = None
+
self._clean_stale_namespaces = self.conf.use_namespaces
# dvr data
LOG.debug(_("Initializing firewall agent"))
self.conf = conf
fwaas_driver_class_path = cfg.CONF.fwaas.driver
- fwaas_enabled = cfg.CONF.fwaas.enabled
- fwaas_plugin_configured = (constants.FIREWALL
- in self.neutron_service_plugins)
- if fwaas_plugin_configured and not fwaas_enabled:
- msg = _("FWaaS plugin is configured in the server side, but "
- "FWaaS is disabled in L3-agent.")
- LOG.error(msg)
- raise SystemExit(1)
+ self.fwaas_enabled = cfg.CONF.fwaas.enabled
+
+ # None means l3-agent has no information on the server
+ # configuration due to the lack of RPC support.
+ if self.neutron_service_plugins is not None:
+ fwaas_plugin_configured = (constants.FIREWALL
+ in self.neutron_service_plugins)
+ if fwaas_plugin_configured and not self.fwaas_enabled:
+ msg = _("FWaaS plugin is configured in the server side, but "
+ "FWaaS is disabled in L3-agent.")
+ LOG.error(msg)
+ raise SystemExit(1)
+ self.fwaas_enabled = self.fwaas_enabled and fwaas_plugin_configured
- self.fwaas_enabled = fwaas_enabled and fwaas_plugin_configured
if self.fwaas_enabled:
try:
self.fwaas_driver = importutils.import_object(
from neutron.common import config as base_config
from neutron import context
from neutron.plugins.common import constants
+from neutron.services.firewall.agents import firewall_agent_api
from neutron.services.firewall.agents.l3reference import firewall_l3_agent
from neutron.tests import base
from neutron.tests.unit.services.firewall.agents import test_firewall_agent_api
class FWaasAgent(firewall_l3_agent.FWaaSL3AgentRpcCallback, FWaasHelper):
neutron_service_plugins = []
- def __init__(self, conf=None):
- super(FWaasAgent, self).__init__(conf)
+def _setup_test_agent_class(service_plugins):
+ class FWaasTestAgent(firewall_l3_agent.FWaaSL3AgentRpcCallback,
+ FWaasHelper):
+ neutron_service_plugins = service_plugins
-class FWaasTestAgent(firewall_l3_agent.FWaaSL3AgentRpcCallback, FWaasHelper):
- def __init__(self, conf=None):
- self.neutron_service_plugins = [constants.FIREWALL]
- super(FWaasTestAgent, self).__init__(conf)
+ return FWaasTestAgent
class TestFwaasL3AgentRpcCallback(base.BaseTestCase):
agent_config.register_use_namespaces_opts_helper(self.conf)
agent_config.register_root_helper(self.conf)
self.conf.root_helper = 'sudo'
+ self.conf.register_opts(firewall_agent_api.FWaaSOpts, 'fwaas')
self.api = FWaasAgent(self.conf)
self.api.fwaas_driver = test_firewall_agent_api.NoopFwaasDriver()
- def test_missing_fw_config(self):
- self.conf.fwaas_enabled = False
- self.assertRaises(SystemExit, FWaasTestAgent, self.conf)
+ def test_fw_config_match(self):
+ test_agent_class = _setup_test_agent_class([constants.FIREWALL])
+ cfg.CONF.set_override('enabled', True, 'fwaas')
+ with mock.patch('neutron.openstack.common.importutils.import_object'):
+ test_agent_class(cfg.CONF)
+
+ def test_fw_config_mismatch_plugin_enabled_agent_disabled(self):
+ test_agent_class = _setup_test_agent_class([constants.FIREWALL])
+ cfg.CONF.set_override('enabled', False, 'fwaas')
+ self.assertRaises(SystemExit, test_agent_class, cfg.CONF)
+
+ def test_fw_plugin_list_unavailable(self):
+ test_agent_class = _setup_test_agent_class(None)
+ cfg.CONF.set_override('enabled', False, 'fwaas')
+ with mock.patch('neutron.openstack.common.importutils.import_object'):
+ test_agent_class(cfg.CONF)
def test_create_firewall(self):
fake_firewall = {'id': 0}
from neutron.common import config as base_config
from neutron.common import constants as l3_constants
from neutron.common import exceptions as n_exc
+from neutron.common import rpc as n_rpc
from neutron.openstack.common import processutils
from neutron.openstack.common import uuidutils
+from neutron.plugins.common import constants as p_const
from neutron.tests import base
'11.22.33.42', table=16)
f.assert_called_once_with(fip_ns_name)
+ def test_get_service_plugin_list(self):
+ service_plugins = [p_const.L3_ROUTER_NAT]
+ self.plugin_api.get_service_plugin_list.return_value = service_plugins
+ agent = l3_agent.L3NATAgent(HOSTNAME, self.conf)
+ self.assertEqual(service_plugins, agent.neutron_service_plugins)
+ self.assertTrue(self.plugin_api.get_service_plugin_list.called)
+
+ def test_get_service_plugin_list_failed(self):
+ raise_rpc = n_rpc.RemoteError()
+ self.plugin_api.get_service_plugin_list.side_effect = raise_rpc
+ agent = l3_agent.L3NATAgent(HOSTNAME, self.conf)
+ self.assertIsNone(agent.neutron_service_plugins)
+ self.assertTrue(self.plugin_api.get_service_plugin_list.called)
+
class TestL3AgentEventHandler(base.BaseTestCase):
Code Review / openstack-build / neutron-build.git / commitdiff