openstack
/
openstacksdk
Code Issues Proposed changes

Merge "Extend project cleanup"

This commit is contained in:
Zuul 2024-05-07 14:52:01 +00:00 committed by Gerrit Code Review
parent 9cb8d42f09 4b9a3e9136
commit ff2d0a5bd0
4 changed files with 271 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
openstack/compute/v2/_proxy.py
View File

@ -2536,7 +2536,9 @@ class Proxy(proxy.Proxy):
def _get_cleanup_dependencies(self):
return {
'compute': {'before': ['block_storage', 'network', 'identity']}
'compute': {
'before': ['block_storage', 'network', 'identity', 'image']
}
}
def _service_cleanup(
@ -2574,3 +2576,18 @@ class Proxy(proxy.Proxy):
# might be still holding ports on the subnet
for server in servers:
self.wait_for_delete(server)
for obj in self.server_groups():
# Do not delete server groups that still have members
if obj.member_ids:
continue
self._service_cleanup_del_res(
self.delete_server_group,
obj,
dry_run=dry_run,
client_status_queue=client_status_queue,
identified_resources=identified_resources,
filters=filters,
resource_evaluation_fn=resource_evaluation_fn,
)

29
openstack/image/v2/_proxy.py
View File

@ -1915,3 +1915,32 @@ class Proxy(proxy.Proxy):
to delete failed to occur in the specified seconds.
"""
return resource.wait_for_delete(self, res, interval, wait)
def _get_cleanup_dependencies(self):
return {'image': {'before': ['identity']}}
def _service_cleanup(
self,
dry_run=True,
client_status_queue=None,
identified_resources=None,
filters=None,
resource_evaluation_fn=None,
skip_resources=None,
):
if self.should_skip_resource_cleanup("image", skip_resources):
return
project_id = self.get_project_id()
# Note that images cannot be deleted when they are still being used
for obj in self.images(owner=project_id):
self._service_cleanup_del_res(
self.delete_image,
obj,
dry_run=dry_run,
client_status_queue=client_status_queue,
identified_resources=identified_resources,
filters=filters,
resource_evaluation_fn=resource_evaluation_fn,
)

73
openstack/network/v2/_proxy.py
View File

@ -6923,6 +6923,79 @@ class Proxy(proxy.Proxy):
):
project_id = self.get_project_id()
# check if the VPN service plugin is configured
vpn_plugin = list(self.service_providers(service_type="VPN"))
if vpn_plugin:
if not self.should_skip_resource_cleanup(
"vpn_ipsec_site_connection", skip_resources
):
for obj in self.vpn_ipsec_site_connections():
self._service_cleanup_del_res(
self.delete_vpn_ipsec_site_connection,
obj,
dry_run=dry_run,
client_status_queue=client_status_queue,
identified_resources=identified_resources,
filters=filters,
resource_evaluation_fn=resource_evaluation_fn,
)
if not self.should_skip_resource_cleanup(
"vpn_service", skip_resources
):
for obj in self.vpn_services():
self._service_cleanup_del_res(
self.delete_vpn_service,
obj,
dry_run=dry_run,
client_status_queue=client_status_queue,
identified_resources=identified_resources,
filters=filters,
resource_evaluation_fn=resource_evaluation_fn,
)
if not self.should_skip_resource_cleanup(
"vpn_endpoint_group", skip_resources
):
for obj in self.vpn_endpoint_groups():
self._service_cleanup_del_res(
self.delete_vpn_endpoint_group,
obj,
dry_run=dry_run,
client_status_queue=client_status_queue,
identified_resources=identified_resources,
filters=filters,
resource_evaluation_fn=resource_evaluation_fn,
)
if not self.should_skip_resource_cleanup(
"vpn_ike_policy", skip_resources
):
for obj in self.vpn_ike_policies():
self._service_cleanup_del_res(
self.delete_vpn_ike_policy,
obj,
dry_run=dry_run,
client_status_queue=client_status_queue,
identified_resources=identified_resources,
filters=filters,
resource_evaluation_fn=resource_evaluation_fn,
)
if not self.should_skip_resource_cleanup(
"vpn_ipsec_policy", skip_resources
):
for obj in self.vpn_ipsec_policies():
self._service_cleanup_del_res(
self.delete_vpn_ipsec_policy,
obj,
dry_run=dry_run,
client_status_queue=client_status_queue,
identified_resources=identified_resources,
filters=filters,
resource_evaluation_fn=resource_evaluation_fn,
)
if not self.should_skip_resource_cleanup(
"floating_ip", skip_resources
):

151
openstack/tests/functional/cloud/test_project_cleanup.py
View File

@ -256,3 +256,154 @@ class TestProjectCleanup(base.BaseFunctionalTest):
while not status_queue.empty():
objects.append(status_queue.get())
self.assertIsNone(self.conn.get_container('test_container'))
def test_cleanup_vpnaas(self):
if not list(self.conn.network.service_providers(service_type="VPN")):
self.skipTest("VPNaaS plugin is requred, but not available")
status_queue = queue.Queue()
# Find available external networks and use one
external_network = None
for network in self.conn.network.networks():
if network.is_router_external:
external_network = network
break
if not external_network:
self.skipTest("External network is required, but not available")
# Create left network resources
network_left = self.conn.network.create_network(name="network_left")
subnet_left = self.conn.network.create_subnet(
name="subnet_left",
network_id=network_left.id,
cidr="192.168.1.0/24",
ip_version=4,
)
router_left = self.conn.network.create_router(name="router_left")
self.conn.network.add_interface_to_router(
router=router_left.id, subnet_id=subnet_left.id
)
router_left = self.conn.network.update_router(
router_left,
external_gateway_info={"network_id": external_network.id},
)
# Create right network resources
network_right = self.conn.network.create_network(name="network_right")
subnet_right = self.conn.network.create_subnet(
name="subnet_right",
network_id=network_right.id,
cidr="192.168.2.0/24",
ip_version=4,
)
router_right = self.conn.network.create_router(name="router_right")
self.conn.network.add_interface_to_router(
router=router_right.id, subnet_id=subnet_right.id
)
router_right = self.conn.network.update_router(
router_right,
external_gateway_info={"network_id": external_network.id},
)
# Create VPNaaS resources
ike_policy = self.conn.network.create_vpn_ike_policy(name="ike_policy")
ipsec_policy = self.conn.network.create_vpn_ipsec_policy(
name="ipsec_policy"
)
vpn_service = self.conn.network.create_vpn_service(
name="vpn_service", router_id=router_left.id
)
ep_group_local = self.conn.network.create_vpn_endpoint_group(
name="endpoint_group_local",
type="subnet",
endpoints=[subnet_left.id],
)
ep_group_peer = self.conn.network.create_vpn_endpoint_group(
name="endpoint_group_peer",
type="cidr",
endpoints=[subnet_right.cidr],
)
router_right_ip = router_right.external_gateway_info[
'external_fixed_ips'
][0]['ip_address']
ipsec_site_conn = self.conn.network.create_vpn_ipsec_site_connection(
name="ipsec_site_connection",
vpnservice_id=vpn_service.id,
ikepolicy_id=ike_policy.id,
ipsecpolicy_id=ipsec_policy.id,
local_ep_group_id=ep_group_local.id,
peer_ep_group_id=ep_group_peer.id,
psk="test",
peer_address=router_right_ip,
peer_id=router_right_ip,
)
# First round - check no resources are old enough
self.conn.project_cleanup(
dry_run=True,
wait_timeout=120,
status_queue=status_queue,
filters={'created_at': '2000-01-01'},
)
self.assertTrue(status_queue.empty())
# Second round - resource evaluation function return false, ensure
# nothing identified
self.conn.project_cleanup(
dry_run=True,
wait_timeout=120,
status_queue=status_queue,
filters={'created_at': '2200-01-01'},
resource_evaluation_fn=lambda x, y, z: False,
)
self.assertTrue(status_queue.empty())
# Third round - filters set too low
self.conn.project_cleanup(
dry_run=True,
wait_timeout=120,
status_queue=status_queue,
filters={'created_at': '2200-01-01'},
)
objects = []
while not status_queue.empty():
objects.append(status_queue.get())
# VPN resources do not have a created_at property
# Check for the network instead
resource_ids = list(obj.id for obj in objects)
self.assertIn(network_left.id, resource_ids)
# Fourth round - dry run with no filters, ensure everything identified
self.conn.project_cleanup(
dry_run=True, wait_timeout=120, status_queue=status_queue
)
objects = []
while not status_queue.empty():
objects.append(status_queue.get())
resource_ids = list(obj.id for obj in objects)
self.assertIn(ipsec_site_conn.id, resource_ids)
# Ensure vpn resources still exist
site_conn_check = self.conn.network.get_vpn_ipsec_site_connection(
ipsec_site_conn.id
)
self.assertEqual(site_conn_check.name, ipsec_site_conn.name)
# Last round - do a real cleanup
self.conn.project_cleanup(
dry_run=False, wait_timeout=600, status_queue=status_queue
)
# Ensure no VPN resources remain
self.assertEqual(0, len(list(self.conn.network.vpn_ike_policies())))
self.assertEqual(0, len(list(self.conn.network.vpn_ipsec_policies())))
self.assertEqual(0, len(list(self.conn.network.vpn_services())))
self.assertEqual(0, len(list(self.conn.network.vpn_endpoint_groups())))
self.assertEqual(
0, len(list(self.conn.network.vpn_ipsec_site_connections()))
)