From: Russell Bryant Date: Thu, 22 Jan 2015 15:18:17 +0000 (-0500) Subject: Add and use SecurityGroupAgentRpc X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=f2a7acdbd2bb5b19c84383ce83aead9705bde6ec;p=openstack-build%2Fneutron-build.git Add and use SecurityGroupAgentRpc Add a new class, SecurityGroupAgentRpc, which is based on SecurityGroupAgentRpcMixin. Most uses of SecurityGroupAgentRpcMixin follow the same pattern, so this class makes it possible to cut down on some duplicated code. Make use of SecurityGroupAgentRpc in: linuxbridge, openvswitch, mlnx, nec, ofagent, oneconvergence, sriovnicagent, bigswitch, and hyperv. Part of blueprint rpc-docs-and-namespaces. Change-Id: I2aaa55e8e539e47427e56b4da42321cfcfcde622 --- diff --git a/neutron/agent/securitygroups_rpc.py b/neutron/agent/securitygroups_rpc.py index 2b7168214..9ecdf0fbd 100644 --- a/neutron/agent/securitygroups_rpc.py +++ b/neutron/agent/securitygroups_rpc.py @@ -157,10 +157,15 @@ class SecurityGroupAgentRpcCallbackMixin(object): self.sg_agent.security_groups_provider_updated() -class SecurityGroupAgentRpcMixin(object): - """A mix-in that enable SecurityGroup agent - support in agent implementations. - """ +class SecurityGroupAgentRpc(object): + """Enables SecurityGroup agent support in agent implementations.""" + + def __init__(self, context, plugin_rpc, root_helper, + defer_refresh_firewall=False): + self.context = context + self.plugin_rpc = plugin_rpc + self.root_helper = root_helper + self.init_firewall(defer_refresh_firewall) def init_firewall(self, defer_refresh_firewall=False): firewall_driver = cfg.CONF.SECURITYGROUP.firewall_driver diff --git a/neutron/plugins/bigswitch/agent/restproxy_agent.py b/neutron/plugins/bigswitch/agent/restproxy_agent.py index b8ec85fbe..3591d02d0 100644 --- a/neutron/plugins/bigswitch/agent/restproxy_agent.py +++ b/neutron/plugins/bigswitch/agent/restproxy_agent.py @@ -71,14 +71,6 @@ class IVSBridge(ovs_lib.OVSBridge): return False -class SecurityGroupAgent(sg_rpc.SecurityGroupAgentRpcMixin): - def __init__(self, context, plugin_rpc, root_helper): - self.context = context - self.plugin_rpc = plugin_rpc - self.root_helper = root_helper - self.init_firewall() - - class RestProxyAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin): target = messaging.Target(version='1.1') @@ -87,9 +79,9 @@ class RestProxyAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin): super(RestProxyAgent, self).__init__() self.polling_interval = polling_interval self._setup_rpc() - self.sg_agent = SecurityGroupAgent(self.context, - self.sg_plugin_rpc, - root_helper) + self.sg_agent = sg_rpc.SecurityGroupAgentRpc(self.context, + self.sg_plugin_rpc, + root_helper) if vs == 'ivs': self.int_br = IVSBridge(integ_br, root_helper) else: diff --git a/neutron/plugins/hyperv/agent/hyperv_neutron_agent.py b/neutron/plugins/hyperv/agent/hyperv_neutron_agent.py index 79c9f9368..feb36be2d 100644 --- a/neutron/plugins/hyperv/agent/hyperv_neutron_agent.py +++ b/neutron/plugins/hyperv/agent/hyperv_neutron_agent.py @@ -78,15 +78,12 @@ CONF.register_opts(agent_opts, "AGENT") config.register_agent_state_opts_helper(cfg.CONF) -class HyperVSecurityAgent(sg_rpc.SecurityGroupAgentRpcMixin): - - def __init__(self, context, plugin_rpc): - super(HyperVSecurityAgent, self).__init__() - self.context = context - self.plugin_rpc = plugin_rpc +class HyperVSecurityAgent(sg_rpc.SecurityGroupAgentRpc): + def __init__(self, context, plugin_rpc, root_helper): + super(HyperVSecurityAgent, self).__init__(context, plugin_rpc, + root_helper) if sg_rpc.is_firewall_enabled(): - self.init_firewall() self._setup_rpc() def _setup_rpc(self): @@ -112,7 +109,7 @@ class HyperVNeutronAgent(object): # Set RPC API version to 1.1 by default. target = messaging.Target(version='1.1') - def __init__(self): + def __init__(self, root_helper): super(HyperVNeutronAgent, self).__init__() self._utils = utilsfactory.get_hypervutils() self._polling_interval = CONF.AGENT.polling_interval @@ -120,7 +117,7 @@ class HyperVNeutronAgent(object): self._network_vswitch_map = {} self._port_metric_retries = {} self._set_agent_state() - self._setup_rpc() + self._setup_rpc(root_helper) def _set_agent_state(self): self.agent_state = { @@ -140,7 +137,7 @@ class HyperVNeutronAgent(object): except Exception: LOG.exception(_LE("Failed reporting state!")) - def _setup_rpc(self): + def _setup_rpc(self, root_helper): self.agent_id = 'hyperv_%s' % platform.node() self.topic = topics.AGENT self.plugin_rpc = agent_rpc.PluginApi(topics.PLUGIN) @@ -162,7 +159,7 @@ class HyperVNeutronAgent(object): consumers) self.sec_groups_agent = HyperVSecurityAgent( - self.context, self.sg_plugin_rpc) + self.context, self.sg_plugin_rpc, root_helper) report_interval = CONF.AGENT.report_interval if report_interval: heartbeat = loopingcall.FixedIntervalLoopingCall( @@ -457,7 +454,8 @@ def main(): common_config.init(sys.argv[1:]) common_config.setup_logging() - plugin = HyperVNeutronAgent() + root_helper = cfg.CONF.AGENT.root_helper + plugin = HyperVNeutronAgent(root_helper) # Start everything. LOG.info(_LI("Agent initialized successfully, now running... ")) diff --git a/neutron/plugins/linuxbridge/agent/linuxbridge_neutron_agent.py b/neutron/plugins/linuxbridge/agent/linuxbridge_neutron_agent.py index 7c72ed960..66cea96bd 100755 --- a/neutron/plugins/linuxbridge/agent/linuxbridge_neutron_agent.py +++ b/neutron/plugins/linuxbridge/agent/linuxbridge_neutron_agent.py @@ -742,14 +742,6 @@ class LinuxBridgeRpcCallbacks(sg_rpc.SecurityGroupAgentRpcCallbackMixin, getattr(self, method)(context, values) -class LinuxBridgeSecurityGroupAgent(sg_rpc.SecurityGroupAgentRpcMixin): - def __init__(self, context, plugin_rpc, root_helper): - self.context = context - self.plugin_rpc = plugin_rpc - self.root_helper = root_helper - self.init_firewall() - - class LinuxBridgeNeutronAgentRPC(object): def __init__(self, interface_mappings, polling_interval, @@ -775,7 +767,7 @@ class LinuxBridgeNeutronAgentRPC(object): self.context = context.get_admin_context_without_session() self.plugin_rpc = agent_rpc.PluginApi(topics.PLUGIN) self.sg_plugin_rpc = sg_rpc.SecurityGroupServerRpcApi(topics.PLUGIN) - self.sg_agent = LinuxBridgeSecurityGroupAgent(self.context, + self.sg_agent = sg_rpc.SecurityGroupAgentRpc(self.context, self.sg_plugin_rpc, self.root_helper) self.setup_rpc(interface_mappings.values()) diff --git a/neutron/plugins/mlnx/agent/eswitch_neutron_agent.py b/neutron/plugins/mlnx/agent/eswitch_neutron_agent.py index 0d02d9180..7c8e981f1 100644 --- a/neutron/plugins/mlnx/agent/eswitch_neutron_agent.py +++ b/neutron/plugins/mlnx/agent/eswitch_neutron_agent.py @@ -174,14 +174,6 @@ class MlnxEswitchRpcCallbacks(sg_rpc.SecurityGroupAgentRpcCallbackMixin): port['mac_address']) -class MlnxEswitchSecurityGroupAgent(sg_rpc.SecurityGroupAgentRpcMixin): - def __init__(self, context, plugin_rpc, root_helper): - self.context = context - self.plugin_rpc = plugin_rpc - self.root_helper = root_helper - self.init_firewall() - - class MlnxEswitchNeutronAgent(object): def __init__(self, interface_mapping, root_helper): @@ -200,7 +192,7 @@ class MlnxEswitchNeutronAgent(object): self.context = context.get_admin_context_without_session() self.plugin_rpc = agent_rpc.PluginApi(topics.PLUGIN) self.sg_plugin_rpc = sg_rpc.SecurityGroupServerRpcApi(topics.PLUGIN) - self.sg_agent = MlnxEswitchSecurityGroupAgent(self.context, + self.sg_agent = sg_rpc.SecurityGroupAgentRpc(self.context, self.sg_plugin_rpc, root_helper) self._setup_rpc() diff --git a/neutron/plugins/nec/agent/nec_neutron_agent.py b/neutron/plugins/nec/agent/nec_neutron_agent.py index 4dd3876ca..90fa800c5 100755 --- a/neutron/plugins/nec/agent/nec_neutron_agent.py +++ b/neutron/plugins/nec/agent/nec_neutron_agent.py @@ -92,14 +92,6 @@ class SecurityGroupAgentRpcCallback(sg_rpc.SecurityGroupAgentRpcCallbackMixin): self.sg_agent = sg_agent -class SecurityGroupAgentRpc(sg_rpc.SecurityGroupAgentRpcMixin): - - def __init__(self, context): - self.context = context - self.plugin_rpc = sg_rpc.SecurityGroupServerRpcApi(topics.PLUGIN) - self.init_firewall() - - class NECNeutronAgent(object): def __init__(self, integ_br, root_helper, polling_interval): @@ -124,9 +116,9 @@ class NECNeutronAgent(object): 'agent_type': q_const.AGENT_TYPE_NEC, 'start_flag': True} - self.setup_rpc() + self.setup_rpc(root_helper) - def setup_rpc(self): + def setup_rpc(self, root_helper): self.host = socket.gethostname() self.agent_id = 'nec-q-agent.%s' % self.host LOG.info(_LI("RPC agent_id: %s"), self.agent_id) @@ -136,7 +128,9 @@ class NECNeutronAgent(object): self.plugin_rpc = NECPluginApi(topics.PLUGIN) self.state_rpc = agent_rpc.PluginReportStateAPI(topics.PLUGIN) - self.sg_agent = SecurityGroupAgentRpc(self.context) + self.sg_plugin_rpc = sg_rpc.SecurityGroupServerRpcApi(topics.PLUGIN) + self.sg_agent = sg_rpc.SecurityGroupAgentRpc(self.context, + self.sg_plugin_rpc, root_helper) # RPC network init # Handle updates from service diff --git a/neutron/plugins/ofagent/agent/ofa_neutron_agent.py b/neutron/plugins/ofagent/agent/ofa_neutron_agent.py index 693d4f835..dc1a5256f 100644 --- a/neutron/plugins/ofagent/agent/ofa_neutron_agent.py +++ b/neutron/plugins/ofagent/agent/ofa_neutron_agent.py @@ -123,14 +123,6 @@ class Bridge(flows.OFAgentIntegrationBridge, ovs_lib.OVSBridge): self.get_datapath(retry_max) -class OFASecurityGroupAgent(sg_rpc.SecurityGroupAgentRpcMixin): - def __init__(self, context, plugin_rpc, root_helper): - self.context = context - self.plugin_rpc = plugin_rpc - self.root_helper = root_helper - self.init_firewall(defer_refresh_firewall=True) - - class OFANeutronAgentRyuApp(app_manager.RyuApp): OFP_VERSIONS = [ryu_ofp13.OFP_VERSION] @@ -253,9 +245,9 @@ class OFANeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin, self.dont_fragment = cfg.CONF.AGENT.dont_fragment # Security group agent support - self.sg_agent = OFASecurityGroupAgent(self.context, - self.sg_plugin_rpc, - self.root_helper) + self.sg_agent = sg_rpc.SecurityGroupAgentRpc(self.context, + self.sg_plugin_rpc, self.root_helper, + defer_refresh_firewall=True) # Initialize iteration counter self.iter_num = 0 diff --git a/neutron/plugins/oneconvergence/agent/nvsd_neutron_agent.py b/neutron/plugins/oneconvergence/agent/nvsd_neutron_agent.py index a616e45e9..128f0eb15 100644 --- a/neutron/plugins/oneconvergence/agent/nvsd_neutron_agent.py +++ b/neutron/plugins/oneconvergence/agent/nvsd_neutron_agent.py @@ -69,16 +69,6 @@ class SecurityGroupAgentRpcCallback(sg_rpc.SecurityGroupAgentRpcCallbackMixin): self.sg_agent = sg_agent -class SecurityGroupAgentRpc(sg_rpc.SecurityGroupAgentRpcMixin): - - def __init__(self, context, root_helper): - self.context = context - - self.plugin_rpc = sg_rpc.SecurityGroupServerRpcApi(topics.PLUGIN) - self.root_helper = root_helper - self.init_firewall() - - class NVSDNeutronAgent(object): # history # 1.0 Initial version @@ -101,8 +91,10 @@ class NVSDNeutronAgent(object): self.topic = topics.AGENT self.context = n_context.get_admin_context_without_session() - self.sg_agent = SecurityGroupAgentRpc(self.context, - self.root_helper) + self.sg_plugin_rpc = sg_rpc.SecurityGroupServerRpcApi(topics.PLUGIN) + self.sg_agent = sg_rpc.SecurityGroupAgentRpc(self.context, + self.sg_plugin_rpc, + self.root_helper) # RPC network init # Handle updates from service diff --git a/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py b/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py index a00100d61..4f63b2559 100644 --- a/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py +++ b/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py @@ -86,14 +86,6 @@ class OVSPluginApi(agent_rpc.PluginApi, dvr_rpc.DVRServerRpcApiMixin): pass -class OVSSecurityGroupAgent(sg_rpc.SecurityGroupAgentRpcMixin): - def __init__(self, context, plugin_rpc, root_helper): - self.context = context - self.plugin_rpc = plugin_rpc - self.root_helper = root_helper - self.init_firewall(defer_refresh_firewall=True) - - class OVSNeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin, l2population_rpc.L2populationRpcCallBackTunnelMixin, dvr_rpc.DVRAgentRpcCallbackMixin): @@ -250,9 +242,9 @@ class OVSNeutronAgent(sg_rpc.SecurityGroupAgentRpcCallbackMixin, self.ancillary_brs = self.setup_ancillary_bridges(integ_br, tun_br) # Security group agent support - self.sg_agent = OVSSecurityGroupAgent(self.context, - self.sg_plugin_rpc, - root_helper) + self.sg_agent = sg_rpc.SecurityGroupAgentRpc(self.context, + self.sg_plugin_rpc, root_helper, defer_refresh_firewall=True) + # Initialize iteration counter self.iter_num = 0 self.run_daemon_loop = True diff --git a/neutron/plugins/sriovnicagent/sriov_nic_agent.py b/neutron/plugins/sriovnicagent/sriov_nic_agent.py index 12374297f..e9b42c064 100644 --- a/neutron/plugins/sriovnicagent/sriov_nic_agent.py +++ b/neutron/plugins/sriovnicagent/sriov_nic_agent.py @@ -66,14 +66,6 @@ class SriovNicSwitchRpcCallbacks(sg_rpc.SecurityGroupAgentRpcCallbackMixin): LOG.debug("port_update RPC received for port: %s", port['id']) -class SriovNicSwitchSecurityGroupAgent(sg_rpc.SecurityGroupAgentRpcMixin): - def __init__(self, context, plugin_rpc, root_helper): - self.context = context - self.plugin_rpc = plugin_rpc - self.root_helper = root_helper - self.init_firewall() - - class SriovNicSwitchAgent(object): def __init__(self, physical_devices_mappings, exclude_devices, polling_interval, root_helper): @@ -97,7 +89,7 @@ class SriovNicSwitchAgent(object): self.context = context.get_admin_context_without_session() self.plugin_rpc = agent_rpc.PluginApi(topics.PLUGIN) self.sg_plugin_rpc = sg_rpc.SecurityGroupServerRpcApi(topics.PLUGIN) - self.sg_agent = SriovNicSwitchSecurityGroupAgent(self.context, + self.sg_agent = sg_rpc.SecurityGroupAgentRpc(self.context, self.sg_plugin_rpc, self.root_helper) self._setup_rpc() # Initialize iteration counter diff --git a/neutron/tests/unit/bigswitch/test_restproxy_agent.py b/neutron/tests/unit/bigswitch/test_restproxy_agent.py index 95632fae1..383ad6faf 100644 --- a/neutron/tests/unit/bigswitch/test_restproxy_agent.py +++ b/neutron/tests/unit/bigswitch/test_restproxy_agent.py @@ -25,7 +25,7 @@ PLUGINAPI = 'neutron.agent.rpc.PluginApi' CONTEXT = 'neutron.context' CONSUMERCREATE = 'neutron.agent.rpc.create_consumers' SGRPC = 'neutron.agent.securitygroups_rpc' -SGAGENT = 'neutron.plugins.bigswitch.agent.restproxy_agent.SecurityGroupAgent' +SGAGENT = 'neutron.agent.securitygroups_rpc.SecurityGroupAgentRpc' AGENTMOD = 'neutron.plugins.bigswitch.agent.restproxy_agent' NEUTRONCFG = 'neutron.common.config' PLCONFIG = 'neutron.plugins.bigswitch.config' @@ -45,8 +45,8 @@ class TestRestProxyAgentOVS(BaseAgentTestCase): self.ovsbridge = mock.patch(OVSBRIDGE).start() self.context = mock.patch(CONTEXT).start() self.rpc = mock.patch(CONSUMERCREATE).start() - self.sg_rpc = mock.patch(SGRPC).start() self.sg_agent = mock.patch(SGAGENT).start() + self.sg_rpc = mock.patch(SGRPC).start() def mock_agent(self): mock_context = mock.Mock(return_value='abc') diff --git a/neutron/tests/unit/hyperv/test_hyperv_neutron_agent.py b/neutron/tests/unit/hyperv/test_hyperv_neutron_agent.py index 1de90d12f..5d06c035f 100644 --- a/neutron/tests/unit/hyperv/test_hyperv_neutron_agent.py +++ b/neutron/tests/unit/hyperv/test_hyperv_neutron_agent.py @@ -53,7 +53,7 @@ class TestHyperVNeutronAgent(base.BaseTestCase): cfg.CONF.set_default('firewall_driver', 'neutron.agent.firewall.NoopFirewallDriver', group='SECURITYGROUP') - self.agent = hyperv_neutron_agent.HyperVNeutronAgent() + self.agent = hyperv_neutron_agent.HyperVNeutronAgent(None) self.agent.plugin_rpc = mock.Mock() self.agent.sec_groups_agent = mock.MagicMock() self.agent.context = mock.Mock() diff --git a/neutron/tests/unit/oneconvergence/test_nvsd_agent.py b/neutron/tests/unit/oneconvergence/test_nvsd_agent.py index 193f1b429..fe238c721 100644 --- a/neutron/tests/unit/oneconvergence/test_nvsd_agent.py +++ b/neutron/tests/unit/oneconvergence/test_nvsd_agent.py @@ -20,6 +20,8 @@ from oslo.config import cfg import testtools from neutron.agent.linux import ovs_lib +from neutron.agent import securitygroups_rpc as sg_rpc +from neutron.common import topics from neutron.extensions import securitygroup as ext_sg from neutron.plugins.oneconvergence.agent import nvsd_neutron_agent from neutron.tests import base @@ -43,8 +45,9 @@ class TestOneConvergenceAgentBase(base.BaseTestCase): 'polling_interval': 5} context = mock.Mock() self.agent = nvsd_neutron_agent.NVSDNeutronAgent(**kwargs) - self.sg_agent = nvsd_neutron_agent.SecurityGroupAgentRpc( - context, 'dummy_wrapper') + sg_plugin_rpc = sg_rpc.SecurityGroupServerRpcApi(topics.PLUGIN) + self.sg_agent = sg_rpc.SecurityGroupAgentRpc(context, + sg_plugin_rpc, 'dummy_wrapper') self.callback_nvsd = nvsd_neutron_agent.NVSDAgentRpcCallback( context, self.agent, self.sg_agent) self.loopingcall = loopingcall diff --git a/neutron/tests/unit/test_security_groups_rpc.py b/neutron/tests/unit/test_security_groups_rpc.py index e31fa2f44..457b467d7 100644 --- a/neutron/tests/unit/test_security_groups_rpc.py +++ b/neutron/tests/unit/test_security_groups_rpc.py @@ -1112,10 +1112,8 @@ class SGAgentRpcCallBackMixinTestCase(base.BaseTestCase): class SecurityGroupAgentRpcTestCaseForNoneDriver(base.BaseTestCase): def test_init_firewall_with_none_driver(self): set_enable_security_groups(False) - agent = sg_rpc.SecurityGroupAgentRpcMixin() - agent.plugin_rpc = mock.Mock() - agent.context = None - agent.init_firewall() + agent = sg_rpc.SecurityGroupAgentRpc( + context=None, plugin_rpc=mock.Mock(), root_helper=None) self.assertEqual(agent.firewall.__class__.__name__, 'NoopFirewallDriver') @@ -1124,12 +1122,10 @@ class BaseSecurityGroupAgentRpcTestCase(base.BaseTestCase): def setUp(self, defer_refresh_firewall=False): super(BaseSecurityGroupAgentRpcTestCase, self).setUp() set_firewall_driver(FIREWALL_NOOP_DRIVER) - self.agent = sg_rpc.SecurityGroupAgentRpcMixin() - self.agent.context = None + self.agent = sg_rpc.SecurityGroupAgentRpc( + context=None, plugin_rpc=mock.Mock(), root_helper='sudo', + defer_refresh_firewall=defer_refresh_firewall) mock.patch('neutron.agent.linux.iptables_manager').start() - self.agent.root_helper = 'sudo' - self.agent.plugin_rpc = mock.Mock() - self.agent.init_firewall(defer_refresh_firewall=defer_refresh_firewall) self.default_firewall = self.agent.firewall self.firewall = mock.Mock() firewall_object = firewall_base.FirewallDriver() @@ -2513,20 +2509,16 @@ class TestSecurityGroupAgentWithIptables(base.BaseTestCase): cfg.CONF.set_override('enable_ipset', False, group='SECURITYGROUP') cfg.CONF.set_override('comment_iptables_rules', False, group='AGENT') - self.agent = sg_rpc.SecurityGroupAgentRpcMixin() - self.agent.context = None - - self.root_helper = 'sudo' - self.agent.root_helper = 'sudo' self.rpc = mock.Mock() - self.agent.plugin_rpc = self.rpc + self.agent = sg_rpc.SecurityGroupAgentRpc( + context=None, plugin_rpc=self.rpc, root_helper='sudo', + defer_refresh_firewall=defer_refresh_firewall) + self.root_helper = 'sudo' if test_rpc_v1_1: self.rpc.security_group_info_for_devices.side_effect = ( messaging.UnsupportedVersion('1.2')) - self.agent.init_firewall( - defer_refresh_firewall=defer_refresh_firewall) self.iptables = self.agent.firewall.iptables # TODO(jlibosva) Get rid of mocking iptables execute and mock out # firewall instead