[openstack-neutron/f21] no quota for allowed address pair, rhbz#1122428

Ihar Hrachyshka ihrachyshka at fedoraproject.org
Wed Jul 23 09:01:16 UTC 2014 

commit 69a81322e9baa5b9b9f33c17c194581f4270b74c
Author: Ihar Hrachyshka <ihrachys at redhat.com>
Date:   Wed Jul 23 11:00:33 2014 +0200

    no quota for allowed address pair, rhbz#1122428
    
    Resolves: rhbz#1122428

 0008-no-quota-for-allowed-address-pair.patch |  108 ++++++++++++++++++++++++++
 openstack-neutron.spec                       |    7 ++-
 2 files changed, 114 insertions(+), 1 deletions(-)
---
diff --git a/0008-no-quota-for-allowed-address-pair.patch b/0008-no-quota-for-allowed-address-pair.patch
new file mode 100644
index 0000000..3ba262a
--- /dev/null
+++ b/0008-no-quota-for-allowed-address-pair.patch
@@ -0,0 +1,108 @@
+From 58ba0412f729e6a6119a6fdbeafb14f9aaeb41d4 Mon Sep 17 00:00:00 2001
+From: Liping Mao <limao at cisco.com>
+Date: Tue, 15 Jul 2014 14:22:05 +0800
+Subject: [PATCH] no quota for allowed address pair
+
+There is no quota for allowed address pair. User can create unlimited
+allowed address pairs. I add quota for allowed address pairs.
+
+Change-Id: I7fec291a4838fba96b6d400ad56dbcdba9584d0f
+Closes-Bug: #1336207
+(cherry picked from commit I2efb0c0f527f1fb22c4d4b07f6d280863f565648)
+(cherry picked from commit 2c4828e28a5ff6e537be9db4da0e98eca33135d5)
+---
+ neutron/extensions/allowedaddresspairs.py          | 18 +++++++++++++++
+ .../unit/test_extension_allowedaddresspairs.py     | 27 +++++++++++++++++++++-
+ 2 files changed, 44 insertions(+), 1 deletion(-)
+
+diff --git a/neutron/extensions/allowedaddresspairs.py b/neutron/extensions/allowedaddresspairs.py
+index 96512f3..1283da4 100644
+--- a/neutron/extensions/allowedaddresspairs.py
++++ b/neutron/extensions/allowedaddresspairs.py
+@@ -16,6 +16,15 @@ import webob.exc
+ 
+ from neutron.api.v2 import attributes as attr
+ from neutron.common import exceptions as nexception
++from oslo.config import cfg
++
++allowed_address_pair_opts = [
++    #TODO(limao): use quota framework when it support quota for attributes
++    cfg.IntOpt('max_allowed_address_pair', default=10,
++               help=_("Maximum number of allowed address pairs")),
++]
++
++cfg.CONF.register_opts(allowed_address_pair_opts)
+ 
+ 
+ class AllowedAddressPairsMissingIP(nexception.InvalidInput):
+@@ -36,8 +45,17 @@ class AddressPairMatchesPortFixedIPAndMac(nexception.InvalidInput):
+     message = _("Port's Fixed IP and Mac Address match an address pair entry.")
+ 
+ 
++class AllowedAddressPairExhausted(nexception.BadRequest):
++    message = _("The number of allowed address pair "
++                "exceeds the maximum %(quota)s.")
++
++
+ def _validate_allowed_address_pairs(address_pairs, valid_values=None):
+     unique_check = {}
++    if len(address_pairs) > cfg.CONF.max_allowed_address_pair:
++        raise AllowedAddressPairExhausted(
++            quota=cfg.CONF.max_allowed_address_pair)
++
+     for address_pair in address_pairs:
+         # mac_address is optional, if not set we use the mac on the port
+         if 'mac_address' in address_pair:
+diff --git a/neutron/tests/unit/test_extension_allowedaddresspairs.py b/neutron/tests/unit/test_extension_allowedaddresspairs.py
+index 826768f..70eb1e3 100644
+--- a/neutron/tests/unit/test_extension_allowedaddresspairs.py
++++ b/neutron/tests/unit/test_extension_allowedaddresspairs.py
+@@ -22,6 +22,7 @@ from neutron.extensions import allowedaddresspairs as addr_pair
+ from neutron.extensions import portsecurity as psec
+ from neutron.manager import NeutronManager
+ from neutron.tests.unit import test_db_plugin
++from oslo.config import cfg
+ 
+ DB_PLUGIN_KLASS = ('neutron.tests.unit.test_extension_allowedaddresspairs.'
+                    'AllowedAddressPairTestPlugin')
+@@ -163,6 +164,28 @@ class TestAllowedAddressPairs(AllowedAddressPairDBTestCase):
+                           'ip_address': '10.0.0.1'}]
+         self._create_port_with_address_pairs(address_pairs, 400)
+ 
++    def test_more_than_max_allowed_address_pair(self):
++        cfg.CONF.set_default('max_allowed_address_pair', 3)
++        address_pairs = [{'mac_address': '00:00:00:00:00:01',
++                          'ip_address': '10.0.0.1'},
++                         {'mac_address': '00:00:00:00:00:02',
++                          'ip_address': '10.0.0.2'},
++                         {'mac_address': '00:00:00:00:00:03',
++                          'ip_address': '10.0.0.3'},
++                         {'mac_address': '00:00:00:00:00:04',
++                          'ip_address': '10.0.0.4'}]
++        self._create_port_with_address_pairs(address_pairs, 400)
++
++    def test_equal_to_max_allowed_address_pair(self):
++        cfg.CONF.set_default('max_allowed_address_pair', 3)
++        address_pairs = [{'mac_address': '00:00:00:00:00:01',
++                          'ip_address': '10.0.0.1'},
++                         {'mac_address': '00:00:00:00:00:02',
++                          'ip_address': '10.0.0.2'},
++                         {'mac_address': '00:00:00:00:00:03',
++                          'ip_address': '10.0.0.3'}]
++        self._create_port_with_address_pairs(address_pairs, 201)
++
+     def test_create_port_extra_args(self):
+         address_pairs = [{'mac_address': '00:00:00:00:00:01',
+                           'ip_address': '10.0.0.1',
+@@ -174,8 +197,10 @@ class TestAllowedAddressPairs(AllowedAddressPairDBTestCase):
+             res = self._create_port(self.fmt, net['network']['id'],
+                                     arg_list=(addr_pair.ADDRESS_PAIRS,),
+                                     allowed_address_pairs=address_pairs)
+-            self.deserialize(self.fmt, res)
++            port = self.deserialize(self.fmt, res)
+             self.assertEqual(res.status_int, ret_code)
++            if ret_code == 201:
++                self._delete('ports', port['port']['id'])
+ 
+     def test_update_add_address_pairs(self):
+         with self.network() as net:
diff --git a/openstack-neutron.spec b/openstack-neutron.spec
index 1152937..9c89229 100644
--- a/openstack-neutron.spec
+++ b/openstack-neutron.spec
@@ -2,7 +2,7 @@
 
 Name:		openstack-neutron
 Version:	2014.1.1
-Release:	7%{?dist}
+Release:	8%{?dist}
 Provides:	openstack-quantum = %{version}-%{release}
 Obsoletes:	openstack-quantum < 2013.2-0.4.b3
 Summary:	OpenStack Networking Service
@@ -39,6 +39,7 @@ Patch0004: 0004-Remove-kernel-version-check-for-OVS-VXLAN.patch
 Patch0005: 0005-Ensure-routing-key-is-specified-in-the-address-for-a.patch
 Patch0006: 0006-Notify-systemd-when-starting-Neutron-server.patch
 Patch0007: 0007-remove-token-from-notifier-middleware.patch
+Patch0008: 0008-no-quota-for-allowed-address-pair.patch
 
 BuildArch:	noarch
 
@@ -462,6 +463,7 @@ IPSec.
 %patch0005 -p1
 %patch0006 -p1
 %patch0007 -p1
+%patch0008 -p1
 
 find neutron -name \*.py -exec sed -i '/\/usr\/bin\/env python/{d;q}' {} +
 
@@ -994,6 +996,9 @@ fi
 
 
 %changelog
+* Wed Jul 23 2014 Ihar Hrachyshka <ihrachys at redhat.com> 2014.1.1-8
+- no quota for allowed address pair, rhbz#1122428
+
 * Wed Jul 16 2014 Miguel Ángel Ajo <majopela at redhat.com> 2014.1.1-7
 - Moved all plugin sources to python-neutron to avoid breaking
   hidden upstream dependencies from agents to plugins, etc.

More information about the scm-commits mailing list