Allow to disable DVR api extension loading

A lot of clouds using the router service plugin don't configure for DVR, but the service plugin still loads the extension, and exposes it via API. Which will break if api consumers (admins with default policy.json) attempt to create new style routers based on the information passed through /extensions/ api. This change introduces a new config option that allows to avoid loading the extension. For complatibility sake, it requires an opt-in from ops side to disable it, otherwise the extension is still loaded as before. This is helpful for automation matters. It may also be useful when preparing tempest.conf api_extensions=, when you could actually pass the result of /extensions/ request into tempest and expect the test suite to pass without yanking dvr off the list for non-dvr setups. We could go further and try to check if the controller is configured properly. That is complicated by the fact that f.e. such validation may require talking to ml2 drivers, or even agents, which is not feasible during api startup. Change-Id: I84be9be93862fe71a2d5b5322d7ebd476c784163 Related-Bug: #1450067
2017-04-06 14:03:15 +00:00 · 2017-04-06 14:03:15 +00:00 · da8d5b4770
commit da8d5b4770
parent 143a6e8546
6 changed files with 81 additions and 4 deletions
--- a/neutron/db/l3_dvr_db.py
+++ b/neutron/db/l3_dvr_db.py
@ -49,6 +49,10 @@ router_distributed_opts = [
                default=False,
                help=_("System-wide flag to determine the type of router "
                       "that tenants can create. Only admin can override.")),
+    cfg.BoolOpt('enable_dvr',
+                default=True,
+                help=_("Determine if setup is configured for DVR. If False, "
+                       "DVR API extension will be disabled.")),
 ]
 cfg.CONF.register_opts(router_distributed_opts)

--- a/neutron/services/l3_router/l3_router_plugin.py
+++ b/neutron/services/l3_router/l3_router_plugin.py
@ -17,8 +17,10 @@ from neutron_lib import constants as n_const
 from neutron_lib.services import base as service_base
 from oslo_config import cfg
 from oslo_log import helpers as log_helpers
+from oslo_log import log as logging
 from oslo_utils import importutils

+from neutron._i18n import _LI
 from neutron.api.rpc.agentnotifiers import l3_rpc_agent_api
 from neutron.api.rpc.handlers import l3_rpc
 from neutron.common import rpc as n_rpc
@ -39,6 +41,16 @@ from neutron import service
 from neutron.services.l3_router.service_providers import driver_controller


+LOG = logging.getLogger(__name__)
+
+
+def disable_dvr_extension_by_config(aliases):
+    if not cfg.CONF.enable_dvr:
+        LOG.info(_LI('Disabled DVR extension.'))
+        if 'dvr' in aliases:
+            aliases.remove('dvr')
+
+
 class L3RouterPlugin(service_base.ServicePluginBase,
                     common_db_mixin.CommonDbMixin,
                     extraroute_db.ExtraRoute_db_mixin,
@ -56,10 +68,10 @@ class L3RouterPlugin(service_base.ServicePluginBase,
    l3_db.L3_NAT_db_mixin, l3_hamode_db.L3_HA_NAT_db_mixin,
    l3_dvr_db.L3_NAT_with_dvr_db_mixin, and extraroute_db.ExtraRoute_db_mixin.
    """
-    supported_extension_aliases = ["dvr", "router", "ext-gw-mode",
-                                   "extraroute", "l3_agent_scheduler",
-                                   "l3-ha", "router_availability_zone",
-                                   "l3-flavors"]
+    _supported_extension_aliases = ["dvr", "router", "ext-gw-mode",
+                                    "extraroute", "l3_agent_scheduler",
+                                    "l3-ha", "router_availability_zone",
+                                    "l3-flavors"]

    __native_pagination_support = True
    __native_sorting_support = True
@ -83,6 +95,14 @@ class L3RouterPlugin(service_base.ServicePluginBase,
        self.add_worker(rpc_worker)
        self.l3_driver_controller = driver_controller.DriverController(self)

+    @property
+    def supported_extension_aliases(self):
+        if not hasattr(self, '_aliases'):
+            aliases = self._supported_extension_aliases[:]
+            disable_dvr_extension_by_config(aliases)
+            self._aliases = aliases
+        return self._aliases
+
    @log_helpers.log_method_call
    def start_rpc_listeners(self):
        # RPC support
--- a/neutron/tests/contrib/gate_hook.sh
+++ b/neutron/tests/contrib/gate_hook.sh
@ -85,6 +85,7 @@ case $VENV in
    ;;

 "api"|"api-pecan"|"full-ovsfw"|"full-pecan"|"dsvm-scenario-ovs"|"dsvm-scenario-linuxbridge")
+    # TODO(ihrachys) consider feeding result of ext-list into tempest.conf
    load_rc_hook api_all_extensions
    if [ "${FLAVOR}" = "dvrskip" ]; then
        load_rc_hook disable_dvr_tests
@ -108,6 +109,9 @@ case $VENV in
    if [[ "$VENV" =~ "ovs" ]]; then
        load_conf_hook ovsfw
    fi
+    if [[ "$FLAVOR" = "dvrskip" ]]; then
+        load_conf_hook disable_dvr
+    fi

    export DEVSTACK_LOCALCONF=$(cat $LOCAL_CONF)
    $BASE/new/devstack-gate/devstack-vm-gate.sh
--- a/neutron/tests/contrib/hooks/disable_dvr
+++ b/neutron/tests/contrib/hooks/disable_dvr
@ -0,0 +1,4 @@
+[[post-config|/$NEUTRON_CONF]]
+
+[DEFAULT]
+enable_dvr=False
--- a/neutron/tests/unit/services/l3_router/test_l3_router_plugin.py
+++ b/neutron/tests/unit/services/l3_router/test_l3_router_plugin.py
@ -0,0 +1,33 @@
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from oslo_config import cfg
+
+from neutron.services.l3_router import l3_router_plugin as lrp
+from neutron.tests import base
+
+
+class TestL3PluginDvrConditional(base.BaseTestCase):
+
+    def _test_dvr_alias_exposed(self, enabled):
+        cfg.CONF.set_override('enable_dvr', enabled)
+        plugin = lrp.L3RouterPlugin()
+        exposed = 'dvr' in plugin.supported_extension_aliases
+        self.assertEqual(enabled, exposed)
+
+    def test_dvr_alias_exposed_enabled(self):
+        self._test_dvr_alias_exposed(enabled=True)
+
+    def test_dvr_alias_exposed_disabled(self):
+        self._test_dvr_alias_exposed(enabled=False)
--- a/releasenotes/notes/add-enable-dvr-knob-636268f775bb4569.yaml
+++ b/releasenotes/notes/add-enable-dvr-knob-636268f775bb4569.yaml
@ -0,0 +1,12 @@
+---
+features:
+  - |
+    Allow to configure ``router`` service plugin without ``dvr`` API extension
+    loaded and exposed. To achieve that, set the new ``enable_dvr`` option to
+    ``False`` in ``neutron.conf`` file.
+upgrade:
+  - |
+    Consider setting ``enable_dvr`` to ``False`` in ``neutron.conf`` file if
+    your setup doesn't support DVR. This will make Neutron stop advertising
+    support for the ``dvr`` API extension via its ``/v2.0/extensions`` API
+    endpoint.