Commit d9fa4668 authored by Ihar Hrachyshka's avatar Ihar Hrachyshka
Browse files

no quota for allowed address pair, rhbz#1121941

Resolves: rhbz#1121941
parent 25161c1e
From ff85634bb5ce63f647daa792aca60ef5f8ac1c1e Mon Sep 17 00:00:00 2001
From: Liping Mao <limao@cisco.com>
Date: Tue, 15 Jul 2014 14:20:15 +0800
Subject: [PATCH] no quota for allowed address pair
There is no quota for allowed address pair. User can create unlimited
allowed address pairs. I add quota for allowed address pairs.
Conflicts:
neutron/tests/unit/services/loadbalancer/test_agent_scheduler.py
Change-Id: Ie672373f770a4f9fe70d87a779cabc731413711a
Closes-Bug: #1336207
(cherry picked from commit I2efb0c0f527f1fb22c4d4b07f6d280863f565648)
(cherry picked from commit 526412ee6123534bdf41039a8c4d5fada87dcf3a)
---
neutron/extensions/allowedaddresspairs.py | 18 +++++++++++++++
.../services/loadbalancer/test_agent_scheduler.py | 3 +++
.../unit/test_extension_allowedaddresspairs.py | 27 +++++++++++++++++++++-
3 files changed, 47 insertions(+), 1 deletion(-)
diff --git a/neutron/extensions/allowedaddresspairs.py b/neutron/extensions/allowedaddresspairs.py
index ad4f310..2b1d5a6 100644
--- a/neutron/extensions/allowedaddresspairs.py
+++ b/neutron/extensions/allowedaddresspairs.py
@@ -20,6 +20,15 @@ import webob.exc
from neutron.api.v2 import attributes as attr
from neutron.common import exceptions as nexception
+from oslo.config import cfg
+
+allowed_address_pair_opts = [
+ #TODO(limao): use quota framework when it support quota for attributes
+ cfg.IntOpt('max_allowed_address_pair', default=10,
+ help=_("Maximum number of allowed address pairs")),
+]
+
+cfg.CONF.register_opts(allowed_address_pair_opts)
class AllowedAddressPairsMissingIP(nexception.InvalidInput):
@@ -40,8 +49,17 @@ class AddressPairMatchesPortFixedIPAndMac(nexception.InvalidInput):
message = _("Port's Fixed IP and Mac Address match an address pair entry.")
+class AllowedAddressPairExhausted(nexception.BadRequest):
+ message = _("The number of allowed address pair "
+ "exceeds the maximum %(quota)s.")
+
+
def _validate_allowed_address_pairs(address_pairs, valid_values=None):
unique_check = {}
+ if len(address_pairs) > cfg.CONF.max_allowed_address_pair:
+ raise AllowedAddressPairExhausted(
+ quota=cfg.CONF.max_allowed_address_pair)
+
for address_pair in address_pairs:
# mac_address is optional, if not set we use the mac on the port
if 'mac_address' in address_pair:
diff --git a/neutron/tests/unit/services/loadbalancer/test_agent_scheduler.py b/neutron/tests/unit/services/loadbalancer/test_agent_scheduler.py
index 330d4ef..bc4612c 100644
--- a/neutron/tests/unit/services/loadbalancer/test_agent_scheduler.py
+++ b/neutron/tests/unit/services/loadbalancer/test_agent_scheduler.py
@@ -209,3 +209,6 @@ class LBaaSAgentSchedulerTestCase(test_agent_ext_plugin.AgentDBTestMixIn,
class LBaaSAgentSchedulerTestCaseXML(LBaaSAgentSchedulerTestCase):
fmt = 'xml'
+
+ def test_schedule_pool_with_down_agent(self):
+ self.skipTest("Skipping test until #1344086 is fixed.")
diff --git a/neutron/tests/unit/test_extension_allowedaddresspairs.py b/neutron/tests/unit/test_extension_allowedaddresspairs.py
index 3e92835..6f17a4e 100644
--- a/neutron/tests/unit/test_extension_allowedaddresspairs.py
+++ b/neutron/tests/unit/test_extension_allowedaddresspairs.py
@@ -23,6 +23,7 @@ from neutron.extensions import allowedaddresspairs as addr_pair
from neutron.extensions import portsecurity as psec
from neutron.manager import NeutronManager
from neutron.tests.unit import test_db_plugin
+from oslo.config import cfg
DB_PLUGIN_KLASS = ('neutron.tests.unit.test_extension_allowedaddresspairs.'
'AllowedAddressPairTestPlugin')
@@ -171,6 +172,28 @@ class TestAllowedAddressPairs(AllowedAddressPairDBTestCase):
'ip_address': '10.0.0.1'}]
self._create_port_with_address_pairs(address_pairs, 400)
+ def test_more_than_max_allowed_address_pair(self):
+ cfg.CONF.set_default('max_allowed_address_pair', 3)
+ address_pairs = [{'mac_address': '00:00:00:00:00:01',
+ 'ip_address': '10.0.0.1'},
+ {'mac_address': '00:00:00:00:00:02',
+ 'ip_address': '10.0.0.2'},
+ {'mac_address': '00:00:00:00:00:03',
+ 'ip_address': '10.0.0.3'},
+ {'mac_address': '00:00:00:00:00:04',
+ 'ip_address': '10.0.0.4'}]
+ self._create_port_with_address_pairs(address_pairs, 400)
+
+ def test_equal_to_max_allowed_address_pair(self):
+ cfg.CONF.set_default('max_allowed_address_pair', 3)
+ address_pairs = [{'mac_address': '00:00:00:00:00:01',
+ 'ip_address': '10.0.0.1'},
+ {'mac_address': '00:00:00:00:00:02',
+ 'ip_address': '10.0.0.2'},
+ {'mac_address': '00:00:00:00:00:03',
+ 'ip_address': '10.0.0.3'}]
+ self._create_port_with_address_pairs(address_pairs, 201)
+
def test_create_port_extra_args(self):
address_pairs = [{'mac_address': '00:00:00:00:00:01',
'ip_address': '10.0.0.1',
@@ -182,8 +205,10 @@ class TestAllowedAddressPairs(AllowedAddressPairDBTestCase):
res = self._create_port(self.fmt, net['network']['id'],
arg_list=(addr_pair.ADDRESS_PAIRS,),
allowed_address_pairs=address_pairs)
- self.deserialize(self.fmt, res)
+ port = self.deserialize(self.fmt, res)
self.assertEqual(res.status_int, ret_code)
+ if ret_code == 201:
+ self._delete('ports', port['port']['id'])
def test_update_add_address_pairs(self):
with self.network() as net:
......@@ -2,7 +2,7 @@
Name: openstack-neutron
Version: 2013.2.3
Release: 10%{?dist}
Release: 11%{?dist}
Provides: openstack-quantum = %{version}-%{release}
Obsoletes: openstack-quantum < 2013.2-0.3.b3
......@@ -62,6 +62,7 @@ Patch0005: 0005-Validate-CIDR-given-as-ip-prefix-in-security-group-r.patch
Patch0006: 0006-netaddr-0.7.10-raises-ValueError-instead-of-AddrForm.patch
Patch0007: 0007-Ensure-routing-key-is-specified-in-the-address-for-a.patch
Patch0008: 0008-Install-SNAT-rules-for-ipv4-only.patch
Patch0009: 0009-no-quota-for-allowed-address-pair.patch
BuildArch: noarch
......@@ -435,6 +436,7 @@ IPSec.
%patch0006 -p1
%patch0007 -p1
%patch0008 -p1
%patch0009 -p1
find neutron -name \*.py -exec sed -i '/\/usr\/bin\/env python/{d;q}' {} +
......@@ -1007,6 +1009,9 @@ fi
%changelog
* Wed Jul 23 2014 Ihar Hrachyshka <ihrachys@redhat.com> 2013.2.3-11
- no quota for allowed address pair, rhbz#1121941
* Wed Jul 16 2014 Miguel Ángel Ajo <majopela@redhat.com> 2013.2.3-10
- Moved all plugin sources to python-neutron to avoid breaking
hidden upstream dependencies from agents to plugins, etc.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment