allocate implicit pt port in the right subnet

When a PT is created with implicit port, try to allocate the port in each of the PTG's subnets until one address is available. Change-Id: I70647209346eb85401e45430c315669c38f0034c Closes-bug: 1481973 Closes-bug: 1418738
openstack-archive · Aug 13, 2015 · af792bc · af792bc
1 parent 067bb3f
commit af792bc
Show file tree

Hide file tree

Showing 2 changed files with 119 additions and 13 deletions.
diff --git a/gbpservice/neutron/services/grouppolicy/drivers/resource_mapping.py b/gbpservice/neutron/services/grouppolicy/drivers/resource_mapping.py
@@ -1348,19 +1348,27 @@ def _use_implicit_port(self, context):
         l2p = context._plugin.get_l2_policy(context._plugin_context, l2p_id)
         sg_id = self._get_default_security_group(
             context._plugin_context, ptg_id, context.current['tenant_id'])
-        attrs = {'tenant_id': context.current['tenant_id'],
-                 'name': 'pt_' + context.current['name'],
-                 'network_id': l2p['network_id'],
-                 'mac_address': attributes.ATTR_NOT_SPECIFIED,
-                 'fixed_ips': attributes.ATTR_NOT_SPECIFIED,
-                 'device_id': '',
-                 'device_owner': '',
-                 'security_groups': [sg_id] if sg_id else None,
-                 'admin_state_up': True}
-        port = self._create_port(context._plugin_context, attrs)
-        port_id = port['id']
-        self._mark_port_owned(context._plugin_context.session, port_id)
-        context.set_port_id(port_id)
+        for subnet in ptg['subnets']:
+            last = None
+            try:
+                attrs = {'tenant_id': context.current['tenant_id'],
+                         'name': 'pt_' + context.current['name'],
+                         'network_id': l2p['network_id'],
+                         'mac_address': attributes.ATTR_NOT_SPECIFIED,
+                         'fixed_ips': [{'subnet_id': subnet}],
+                         'device_id': '',
+                         'device_owner': '',
+                         'security_groups': [sg_id] if sg_id else None,
+                         'admin_state_up': True}
+                port = self._create_port(context._plugin_context, attrs)
+                port_id = port['id']
+                self._mark_port_owned(context._plugin_context.session, port_id)
+                context.set_port_id(port_id)
+                return
+            except n_exc.IpAddressGenerationFailure as ex:
+                LOG.warn(_("No more address available in subnet %s"), subnet)
+                last = ex
+        raise last
 
     def _cleanup_port(self, plugin_context, port_id):
         if self._port_is_owned(plugin_context.session, port_id):

diff --git a/gbpservice/neutron/tests/unit/services/grouppolicy/test_resource_mapping.py b/gbpservice/neutron/tests/unit/services/grouppolicy/test_resource_mapping.py
@@ -504,6 +504,104 @@ def test_ptg_update_rejected(self):
         self.assertEqual('PolicyTargetGroupUpdateOfPolicyTargetNotSupported',
                          data['NeutronError']['type'])
 
+    def test_ptg_same_l2p(self):
+        l2p = self.create_l2_policy()['l2_policy']
+        ptg1 = self.create_policy_target_group(
+            l2_policy_id=l2p['id'])['policy_target_group']
+        ptg2 = self.create_policy_target_group(
+            l2_policy_id=l2p['id'])['policy_target_group']
+
+        sub1 = self._get_object('subnets', ptg1['subnets'][0],
+                                self.api)['subnet']
+        sub2 = self._get_object('subnets', ptg2['subnets'][0],
+                                self.api)['subnet']
+
+        pt1 = self.create_policy_target(
+            policy_target_group_id=ptg1['id'])['policy_target']
+        pt2 = self.create_policy_target(
+            policy_target_group_id=ptg2['id'])['policy_target']
+
+        port1 = self._get_object('ports', pt1['port_id'], self.api)['port']
+        port2 = self._get_object('ports', pt2['port_id'], self.api)['port']
+
+        ip1 = port1['fixed_ips'][0]['ip_address']
+        cidr1 = sub1['cidr']
+        self.assertTrue(
+            netaddr.IPAddress(ip1) in netaddr.IPNetwork(cidr1),
+            "IP %s not in CIDR %s" % (ip1, cidr1))
+
+        ip2 = port2['fixed_ips'][0]['ip_address']
+        cidr2 = sub2['cidr']
+        self.assertTrue(
+            netaddr.IPAddress(ip2) in netaddr.IPNetwork(cidr2),
+            "IP %s not in CIDR %s" % (ip2, cidr2))
+
+    def test_ptg_multiple_subnets(self):
+        l3p = self.create_l3_policy(name="l3p1", ip_pool='10.0.0.0/8')
+        l3p_id = l3p['l3_policy']['id']
+
+        # Create L2 policy.
+        l2p = self.create_l2_policy(name="l2p1", l3_policy_id=l3p_id)
+        l2p_id = l2p['l2_policy']['id']
+        network_id = l2p['l2_policy']['network_id']
+        req = self.new_show_request('networks', network_id)
+        network = self.deserialize(self.fmt, req.get_response(self.api))
+
+        # Create policy_target group with explicit subnet.
+        with self.subnet(network=network, cidr='10.10.1.0/24') as subnet1:
+            with self.subnet(network=network, cidr='10.10.2.0/24') as subnet2:
+                ptg = self.create_policy_target_group(
+                    l2_policy_id=l2p_id,
+                    subnets=[subnet1['subnet']['id'],
+                             subnet2['subnet']['id']])['policy_target_group']
+                pt = self.create_policy_target(
+                    policy_target_group_id=ptg['id'])['policy_target']
+                port = self._get_object('ports', pt['port_id'],
+                                        self.api)['port']
+                self.assertEqual(1, len(port['fixed_ips']))
+                ip = port['fixed_ips'][0]['ip_address']
+                cidr1 = subnet1['subnet']['cidr']
+                cidr2 = subnet2['subnet']['cidr']
+                self.assertTrue(
+                    (netaddr.IPAddress(ip) in netaddr.IPNetwork(cidr1)) or
+                    (netaddr.IPAddress(ip) in netaddr.IPNetwork(cidr2)),
+                    "IP %s neither in CIDR %s nor in CIDR %s" % (ip, cidr1,
+                                                                 cidr2))
+
+    def test_ptg_multiple_subnets_fallback(self):
+        l3p = self.create_l3_policy(name="l3p1", ip_pool='10.0.0.0/8')
+        l3p_id = l3p['l3_policy']['id']
+
+        # Create L2 policy.
+        l2p = self.create_l2_policy(name="l2p1", l3_policy_id=l3p_id)
+        l2p_id = l2p['l2_policy']['id']
+        network_id = l2p['l2_policy']['network_id']
+        req = self.new_show_request('networks', network_id)
+        network = self.deserialize(self.fmt, req.get_response(self.api))
+
+        # Create policy_target group with explicit subnet.
+        with self.subnet(network=network, cidr='10.10.1.0/30') as subnet1:
+            with self.subnet(network=network, cidr='10.10.2.0/29') as subnet2:
+                ptg = self.create_policy_target_group(
+                    l2_policy_id=l2p_id,
+                    subnets=[subnet1['subnet']['id'],
+                             subnet2['subnet']['id']])['policy_target_group']
+                # Only 5 PTs can be created, and both in subnet2
+                # (subnet1 is full)
+                ports = []
+                for x in range(6):
+                    pt = self.create_policy_target(
+                        policy_target_group_id=ptg['id'],
+                        expected_res_status=201)['policy_target']
+                    port = self._get_object('ports', pt['port_id'],
+                                            self.api)['port']
+                    ports.append(port)
+                    self.assertEqual(1, len(port['fixed_ips']))
+                # sadly, we expect a 500 being a postcommit Neutron raised
+                # exception
+                self.create_policy_target(
+                    policy_target_group_id=ptg['id'], expected_res_status=500)
+
 
 class TestPolicyTargetGroupWithDNSConfiguration(ResourceMappingTestCase):