[openstack-neutron/f21] no quota for allowed address pair, rhbz#1122428
Ihar Hrachyshka
ihrachyshka at fedoraproject.org
Wed Jul 23 09:01:16 UTC 2014
commit 69a81322e9baa5b9b9f33c17c194581f4270b74c
Author: Ihar Hrachyshka <ihrachys at redhat.com>
Date: Wed Jul 23 11:00:33 2014 +0200
no quota for allowed address pair, rhbz#1122428
Resolves: rhbz#1122428
0008-no-quota-for-allowed-address-pair.patch | 108 ++++++++++++++++++++++++++
openstack-neutron.spec | 7 ++-
2 files changed, 114 insertions(+), 1 deletions(-)
---
diff --git a/0008-no-quota-for-allowed-address-pair.patch b/0008-no-quota-for-allowed-address-pair.patch
new file mode 100644
index 0000000..3ba262a
--- /dev/null
+++ b/0008-no-quota-for-allowed-address-pair.patch
@@ -0,0 +1,108 @@
+From 58ba0412f729e6a6119a6fdbeafb14f9aaeb41d4 Mon Sep 17 00:00:00 2001
+From: Liping Mao <limao at cisco.com>
+Date: Tue, 15 Jul 2014 14:22:05 +0800
+Subject: [PATCH] no quota for allowed address pair
+
+There is no quota for allowed address pair. User can create unlimited
+allowed address pairs. I add quota for allowed address pairs.
+
+Change-Id: I7fec291a4838fba96b6d400ad56dbcdba9584d0f
+Closes-Bug: #1336207
+(cherry picked from commit I2efb0c0f527f1fb22c4d4b07f6d280863f565648)
+(cherry picked from commit 2c4828e28a5ff6e537be9db4da0e98eca33135d5)
+---
+ neutron/extensions/allowedaddresspairs.py | 18 +++++++++++++++
+ .../unit/test_extension_allowedaddresspairs.py | 27 +++++++++++++++++++++-
+ 2 files changed, 44 insertions(+), 1 deletion(-)
+
+diff --git a/neutron/extensions/allowedaddresspairs.py b/neutron/extensions/allowedaddresspairs.py
+index 96512f3..1283da4 100644
+--- a/neutron/extensions/allowedaddresspairs.py
++++ b/neutron/extensions/allowedaddresspairs.py
+@@ -16,6 +16,15 @@ import webob.exc
+
+ from neutron.api.v2 import attributes as attr
+ from neutron.common import exceptions as nexception
++from oslo.config import cfg
++
++allowed_address_pair_opts = [
++ #TODO(limao): use quota framework when it support quota for attributes
++ cfg.IntOpt('max_allowed_address_pair', default=10,
++ help=_("Maximum number of allowed address pairs")),
++]
++
++cfg.CONF.register_opts(allowed_address_pair_opts)
+
+
+ class AllowedAddressPairsMissingIP(nexception.InvalidInput):
+@@ -36,8 +45,17 @@ class AddressPairMatchesPortFixedIPAndMac(nexception.InvalidInput):
+ message = _("Port's Fixed IP and Mac Address match an address pair entry.")
+
+
++class AllowedAddressPairExhausted(nexception.BadRequest):
++ message = _("The number of allowed address pair "
++ "exceeds the maximum %(quota)s.")
++
++
+ def _validate_allowed_address_pairs(address_pairs, valid_values=None):
+ unique_check = {}
++ if len(address_pairs) > cfg.CONF.max_allowed_address_pair:
++ raise AllowedAddressPairExhausted(
++ quota=cfg.CONF.max_allowed_address_pair)
++
+ for address_pair in address_pairs:
+ # mac_address is optional, if not set we use the mac on the port
+ if 'mac_address' in address_pair:
+diff --git a/neutron/tests/unit/test_extension_allowedaddresspairs.py b/neutron/tests/unit/test_extension_allowedaddresspairs.py
+index 826768f..70eb1e3 100644
+--- a/neutron/tests/unit/test_extension_allowedaddresspairs.py
++++ b/neutron/tests/unit/test_extension_allowedaddresspairs.py
+@@ -22,6 +22,7 @@ from neutron.extensions import allowedaddresspairs as addr_pair
+ from neutron.extensions import portsecurity as psec
+ from neutron.manager import NeutronManager
+ from neutron.tests.unit import test_db_plugin
++from oslo.config import cfg
+
+ DB_PLUGIN_KLASS = ('neutron.tests.unit.test_extension_allowedaddresspairs.'
+ 'AllowedAddressPairTestPlugin')
+@@ -163,6 +164,28 @@ class TestAllowedAddressPairs(AllowedAddressPairDBTestCase):
+ 'ip_address': '10.0.0.1'}]
+ self._create_port_with_address_pairs(address_pairs, 400)
+
++ def test_more_than_max_allowed_address_pair(self):
++ cfg.CONF.set_default('max_allowed_address_pair', 3)
++ address_pairs = [{'mac_address': '00:00:00:00:00:01',
++ 'ip_address': '10.0.0.1'},
++ {'mac_address': '00:00:00:00:00:02',
++ 'ip_address': '10.0.0.2'},
++ {'mac_address': '00:00:00:00:00:03',
++ 'ip_address': '10.0.0.3'},
++ {'mac_address': '00:00:00:00:00:04',
++ 'ip_address': '10.0.0.4'}]
++ self._create_port_with_address_pairs(address_pairs, 400)
++
++ def test_equal_to_max_allowed_address_pair(self):
++ cfg.CONF.set_default('max_allowed_address_pair', 3)
++ address_pairs = [{'mac_address': '00:00:00:00:00:01',
++ 'ip_address': '10.0.0.1'},
++ {'mac_address': '00:00:00:00:00:02',
++ 'ip_address': '10.0.0.2'},
++ {'mac_address': '00:00:00:00:00:03',
++ 'ip_address': '10.0.0.3'}]
++ self._create_port_with_address_pairs(address_pairs, 201)
++
+ def test_create_port_extra_args(self):
+ address_pairs = [{'mac_address': '00:00:00:00:00:01',
+ 'ip_address': '10.0.0.1',
+@@ -174,8 +197,10 @@ class TestAllowedAddressPairs(AllowedAddressPairDBTestCase):
+ res = self._create_port(self.fmt, net['network']['id'],
+ arg_list=(addr_pair.ADDRESS_PAIRS,),
+ allowed_address_pairs=address_pairs)
+- self.deserialize(self.fmt, res)
++ port = self.deserialize(self.fmt, res)
+ self.assertEqual(res.status_int, ret_code)
++ if ret_code == 201:
++ self._delete('ports', port['port']['id'])
+
+ def test_update_add_address_pairs(self):
+ with self.network() as net:
diff --git a/openstack-neutron.spec b/openstack-neutron.spec
index 1152937..9c89229 100644
--- a/openstack-neutron.spec
+++ b/openstack-neutron.spec
@@ -2,7 +2,7 @@
Name: openstack-neutron
Version: 2014.1.1
-Release: 7%{?dist}
+Release: 8%{?dist}
Provides: openstack-quantum = %{version}-%{release}
Obsoletes: openstack-quantum < 2013.2-0.4.b3
Summary: OpenStack Networking Service
@@ -39,6 +39,7 @@ Patch0004: 0004-Remove-kernel-version-check-for-OVS-VXLAN.patch
Patch0005: 0005-Ensure-routing-key-is-specified-in-the-address-for-a.patch
Patch0006: 0006-Notify-systemd-when-starting-Neutron-server.patch
Patch0007: 0007-remove-token-from-notifier-middleware.patch
+Patch0008: 0008-no-quota-for-allowed-address-pair.patch
BuildArch: noarch
@@ -462,6 +463,7 @@ IPSec.
%patch0005 -p1
%patch0006 -p1
%patch0007 -p1
+%patch0008 -p1
find neutron -name \*.py -exec sed -i '/\/usr\/bin\/env python/{d;q}' {} +
@@ -994,6 +996,9 @@ fi
%changelog
+* Wed Jul 23 2014 Ihar Hrachyshka <ihrachys at redhat.com> 2014.1.1-8
+- no quota for allowed address pair, rhbz#1122428
+
* Wed Jul 16 2014 Miguel Ángel Ajo <majopela at redhat.com> 2014.1.1-7
- Moved all plugin sources to python-neutron to avoid breaking
hidden upstream dependencies from agents to plugins, etc.
More information about the scm-commits
mailing list