Merge lp:~citrix-openstack/nova/xenapi-netinject-prop into lp:~hudson-openstack/nova/trunk

Hi Andy!

Before going any further, please set this merge proposal status to Work In Progress and resolve the merge conflict in nova/virt/xenapi/vm_utils.py.

Lemme know if you're uncertain about the process of resolving merge conflicts.

Cheers,
jay

Hi,

Thanks Jay. It looks like lp:nova has moved on since I rebased this
branch. Is it sufficient to rebase to trunk again?

Cheers,

Andy S.

On 02/16/11 18:48, Jay Pipes wrote:
> Hi Andy!
>
> Before going any further, please set this merge proposal status to Work In Progress and resolve the merge conflict in nova/virt/xenapi/vm_utils.py.
>
> Lemme know if you're uncertain about the process of resolving merge conflicts.
>
> Cheers,
> jay
>

On Wed, Feb 16, 2011 at 2:01 PM, Andy Southgate
<email address hidden> wrote:
> Thanks Jay.  It looks like lp:nova has moved on since I rebased this
> branch.  Is it sufficient to rebase to trunk again?

It's good practice to have a local copy of the lp:nova trunk, and
then, when you are ready to bzr push your local topic branch to
Launchpad, simply do a bzr merge ../trunk and resolve any conflicts
that might pop up. After you resolve the conflicts in the files (if
any), do a bzr resolve --all and then bzr push your local topic branch
to Launchpad.

As far as "rebasing", not sure you need to do that. bzr has a rebase
plugin, but it's not what you need in this case.

So, in short, the recommended dev process is like so:

# Assume ~/repos/nova is where you have your bzr branches for nova...
cd ~/repos/nova
bzr branch lp:nova trunk
bzr branch trunk topic # Where "topic" is the name you give the branch
you work on (say, xs-netinject-prop)
cd topic
# do work in topic branch...
bzr commit -m "Some comment about your changes"
bzr push lp:~citrix-openstack/nova/topic
# On Launchpad, propose your branch for merging, as you did...
# If review come back as some changes are needed, set the merge
proposal status to Work In Progress
# then, in your local branch, do more work
bzr commit -m "More changes"
cd ../trunk
bzr pull # This pulls all changes merged into lp:nova trunk from the
rest of the Nova contributors into your local branch
cd ../topic
bzr merge ../trunk
# If any conflicts, resolve them and then do bzr resolve --all
bzr commit -m "Merge trunk"
bzr push
# The set your merge proposal back to "Needs Review"

All set :)

Don't worry, once you do it a couple times, it becomes second nature ;)

-jay

Thanks, that was a bit quicker than a rebase!

Andy

Salvatore (salvatore-orlando) is taking over this merge BTW as I'm moving on to other things, so please send question to him if you have them.

I have merged with trunk again. This branch is ready for review. I have requested a review from Trey Morris, since this branch is related to his xs-inject-networking work. An additional nova-core review would be appreciated.

Thanks!

Great tests!

I have some concerns, not the least of which is that you added new functions which write networking data to the xenstore param list and call them just before spawn writes to the xenstore param list. If written to the same location, spawn will blow away all of your changes. It doesn't appear that your function writes them to the same path though so we'd end up with some nasty config duplication. Your function also writes to different paths than spawn does. Those paths work with the agent. I'm not sure at this point what the agent would do with data at other paths (possibly ignore it).

Mounting the vdi also concerns me. We use VHDs and aren't going to be mounting them because we'll be building not only base images but also customer images where they could be using who knows which file systems or even encryption. So there will need to be some sort of branching put in place to determine if you do or do not want to mount the vdi.

There are functions in place such as "write_to_param_xenstore()" in vmops you should use instead of making the calls directly to follow convention set when Ed refactored.

Also in the next hour I'll be proposing merge for the 2nd half of my network_injection branch, it refactors what takes place in spawn and allows network reconfiguration/injection in post spawn situations. I think it makes sense to get this in and then place your branch on top of it and fix any conflicts instead of doing it twice.

Let me know if you want to discuss anything, I'm glad to help.

> Great tests!
>
> I have some concerns, not the least of which is that you added new functions
> which write networking data to the xenstore param list and call them just
> before spawn writes to the xenstore param list. If written to the same
> location, spawn will blow away all of your changes. It doesn't appear that
> your function writes them to the same path though so we'd end up with some
> nasty config duplication. Your function also writes to different paths than
> spawn does. Those paths work with the agent. I'm not sure at this point what
> the agent would do with data at other paths (possibly ignore it).
>

I'm not entirely sure whether this duplication is intended or just the result of some previous merge with trunk (I'm thinking of multi-nic-support). However, I agree the fact that they write at different path is a bit weird. I'll investigate this issue.

> Mounting the vdi also concerns me. We use VHDs and aren't going to be mounting
> them because we'll be building not only base images but also customer images
> where they could be using who knows which file systems or even encryption. So
> there will need to be some sort of branching put in place to determine if you
> do or do not want to mount the vdi.
>

Mounting the image for injecting data is a technique which has been used in nova since its early days. In the xenapi implementation, we first stream it into a VDI, and then attach the VDI to the VM in which nova-compute is running. Your point on VHDs and encrypted file systems is more than valid, though. For the same reason we believe the guest agent should be the 'preferred' way for getting network/key configuration into the instance. We are providing injection for 'compatibility' with the libvirt implementation.

Also the way in which is currently done will probably not work even in more trival cases, such as root partition not starting at byte 0 or /etc being mounted on a partition other than the first. As already stated, injection is intended only for 'basic' scenarios.

In the proposed implementation if _mounted_processing fails to mount the image into the vdi, an error message is logged but this does not cause the spawn process to fail. However, I agree we probably need a better mechanism for understanding whether injection should be performed or not. I don't think proposing changes either to the API or instance_types would be a good idea at all. Now that glance is in place we can probably use metadata to this purpose. For instance image_type==simple_machine would mean network injection should occur, whereas image_type==agent_machine would mean the xensore param list should be populated. But probably this is not the rigth place for this discussion!

> There are functions in place such as "write_to_param_xenstore()" in vmops you
> should use instead of making the calls directly to follow convention set when
> Ed refactored.
>

Good point. I will take care of this.

> Also in the next hour I'll be proposing merge for the 2nd half of my
> network_injection branch, it refactors what takes place in spawn and allows
> network reconfiguration/injection in post spawn situations. I think it makes
> sense to get this i...

> I'm not entirely sure whether this duplication is intended or just the result of some previous merge
> with trunk (I'm thinking of multi-nic-support). However, I agree the fact that they write at different
> path is a bit weird. I'll investigate this issue.

The paths I used are what the agent is expecting for instance the mac address being lowercase with no punctuation vs all uppercase and full of '_'. That's what I'm referring to. I'm not sure of a reason these should be changed, so I'm all ears if you've got one.

> (mounting the vdi)

First I'm glad it fails quietly. Second, I understand the reason for doing so. It's a great reason. It's something that for sure should be implemented; however, we will never use it in any circumstance, relying on the agent instead. For this reason, I suggest a configuration option. example: --mount-vdi=false. I don't see the point in having more metadata if it will always be true or always be false. Of course, if there are people who want to mount some vdi at spawn and twiddle with the file system, but not others, then that's a different story. I'm happy with either way as long as there is a way to disable it completely.

At this point I feel confident saying that injection of network configuration into the xenstore/xenstore-param-list and the agent call to reset networking is finished. Perhaps preconfigure_xenstore() isn't needed. I'm not nearly as knowledgeable of xenstore as you guys surely are so if I've forgotten something please let me know. I only chose my paths as such because of the agent.

There will be a lot of changes to these areas as i start working on multinic, especially in the inject_network_info() function. Perhaps we can agree to leave writing injection into the xenstore to me and you handle the rest (mounting of vdi's, configuration etc). This way I can proceed with multi-nic without worry that I'll just have to rewrite it.

Also, ff there is anything you'd like me to change about the way I've implemented network injection, please let me know. I've written it in a way that works perfectly for us. I'd like for it to work for you as well.

-tr3buchet

Acknowledging Trey's review and reverting status to work in progress to ease reviewer's work.

@Trey: I will reply to your latest comments shortly!

> > I'm not entirely sure whether this duplication is intended or just the
> result of some previous merge
> > with trunk (I'm thinking of multi-nic-support). However, I agree the fact
> that they write at different
> > path is a bit weird. I'll investigate this issue.
>
> The paths I used are what the agent is expecting for instance the mac address
> being lowercase with no punctuation vs all uppercase and full of '_'. That's
> what I'm referring to. I'm not sure of a reason these should be changed, so
> I'm all ears if you've got one.
>

I also don't see any reason for which we should use different paths. The only reason I see for the different paths is that these two branches have evolved independently even though the functionalities they implement are quite overlapping.

> > (mounting the vdi)
>
> First I'm glad it fails quietly. Second, I understand the reason for doing so.
> It's a great reason. It's something that for sure should be implemented;
> however, we will never use it in any circumstance, relying on the agent
> instead. For this reason, I suggest a configuration option. example: --mount-
> vdi=false. I don't see the point in having more metadata if it will always be
> true or always be false. Of course, if there are people who want to mount some
> vdi at spawn and twiddle with the file system, but not others, then that's a
> different story. I'm happy with either way as long as there is a way to
> disable it completely.
>

I was suggesting metadata assuming a scenario in which there might be images with and without agent. However, I agree this scenario does not make a lot of sense after all. As you said, either you use the agent or you don't. So the flag idea is maybe more effective, and easier to implement as well :-)

> At this point I feel confident saying that injection of network configuration
> into the xenstore/xenstore-param-list and the agent call to reset networking
> is finished. Perhaps preconfigure_xenstore() isn't needed. I'm not nearly as
> knowledgeable of xenstore as you guys surely are so if I've forgotten
> something please let me know. I only chose my paths as such because of the
> agent.

I tentatively agree with you that preconfigure_xenstore is not required anymore. I will however double-check the code before taking a decision in this direction.

> There will be a lot of changes to these areas as i start working on multinic,
> especially in the inject_network_info() function. Perhaps we can agree to
> leave writing injection into the xenstore to me and you handle the rest
> (mounting of vdi's, configuration etc). This way I can proceed with multi-nic
> without worry that I'll just have to rewrite it.
>

I see your branch has now been merged. I will update my branch accordingly.
I agree on your approach: maybe if there is anything in preconfigure_xenstore I can you ask you to add it to inject_network_info?

> Also, ff there is anything you'd like me to change about the way I've
> implemented network injection, please let me know. I've written it in a way
> that works perfectly for us. I'd like for it to work for you as well.
>
> -tr3buchet

 > I agree on your approach: maybe if there is anything in preconfigure_xenstore I can you ask you to add it to inject_network_info?

Absolutely! Just let me know. First thing I came across was not injecting broadcast address where you guys did. Come up with a list so I can implement them all at once.

-tr3buchet

State changed to work in progress due to conflicts with current trunk

Conflicts resolved.
Branch ready for review again.

Reverting to work in progress to resolve conflicts and integrate IPv6 injection into branch

Branch updated and again ready for review.

Nice work, Andy-- really digging the added tests here.

Overall this looks good, just have a few small suggestions that might improve
readability:

> 87 + def fake_network_get_all_by_instance(context, instance_id):
> 88 + l = []
> 89 + l.append(FakeModel(network_fields))
> 90 + return l
> 91 +

Pep8: "Never use the characters `l' (lowercase letter el)". Might be better
as:

    return [FakeModel(network_fields)]

> 153 +def fake_execute_get_log():
> 154 + global _fake_execute_log
> 155 + return _fake_execute_log

`global` isn't needed here since you're not mutating the value.

> +def fake_execute(*cmd, **kwargs):

Since `cmd` is a list, it might be clearer as `cmd_parts` (or something
similar)

> 185 + cmd_map = map(str, cmd)
> 186 + cmd_str = ' '.join(cmd_map)

Going forward, comprehensions are preferred to map/reduce/filter. So, might be
better as:

    cmd_str = ' '.join(str(part) for part in cmd_parts)

> 199 + if isinstance(reply_handler, types.StringTypes):

I think `basestring` is preferred to StringTypes:

    if isinstance(reply_handler, basestring):

> 213 + LOG.debug(_("Reply to faked command is stdout='%(0)s' stderr='%(1)s'") %
> 214 + {'0': reply[0], '1': reply[1]})

Rather than using a position-style, since a dict is being passed, might be
better to attach meaningful names. For example:

    stdout = reply[0]
    stderr = reply[1]
    LOG.debug(_("Reply to faked command is stdout='%(stdout)s'"
                "stderr='%(stderr)s'") % locals())

> 264 + #db_fakes.stub_out_db_network_api(self.stubs)

Vestigial code?

> 389 def _test_spawn(self, image_id, kernel_id, ramdisk_id,
> 394 + instance_type="m1.large", os_type="linux", check_injection=False):

Should probably be lined up with the paren, something like:

    def _test_spawn(self, image_id, kernel_id, ramdisk_id,
                    instance_type="m1.large", os_type="linux",
                    check_injection=False):

> 580 + def f_1(self, interval, now=True):
> 581 + self.f(*self.args, **self.kw)
> 582 + stubs.Set(utils.LoopingCall, 'start', f_1)

Could use a more descriptive name than `f_1`. Perhaps, `fake_start`.

> 640 + t = __import__('Cheetah.Template', globals(), locals(), ['Template'],
> 641 + -1)
> 642 + template = t.Template

Is there a reason you're using __import__ here--if so, it might benefit from a
NOTE(andy):

Otherwise, might be better to do:

    if not template:
        from Cheetah import Template
        template = Template

> 643 + #load template file if necessary

Not a super-useful comment (didn't add anything for me, at least)

> 808 + LOG.debug(_('Raising Failure'))

Not a particularly useful logging line, especially since we raise immediately
afterwards. I'd consider scrapping this.

> 804 + if (ref in _db_content[cls]):
> 805 + if (field in _db_content[cls][ref]):
> 806 + return _db_content[cls][ref][field]
> 807 + else:
> 808 + LOG.debug(_('Raising Failure'))
> 809 + raise Failure(['HANDLE_INVALID', cls, ref])

Might be c...

Hi Rick,

thanks for taking time for doing such a detailed review!
Your tips will be very useful to provide higher-quality code in the future.

I will update the branch in the few hours in order to give reviewers a full day before feature freeze to review it.

There are only a few bits which probably deserve some discussion:
>
> Is there a reason you're using __import__ here--if so, it might benefit from a
> NOTE(andy):
>
> Otherwise, might be better to do:
>
> if not template:
> from Cheetah import Template
> template = Template
>

I agrre the syntax you are proposing is much neater, but wouldn't this put a requirement on Cheetah for the whole nova project (e.g.: nova services, unit tests, etc. failing if Cheetah is not installed)?

> > 990 + LOG.debug("ENTERING WAIT FOR BOOT!")

This is vestigial code. I love to use them for debugging code, and I usually throw a pep8 violation in them in order to make sure I remove them before push. Unfortunately I forgot to do the pep8 violation for this one!

> wouldn't this put a requirement on Cheetah

Since you're importing Cheetah in function and not in the module namespace, we'll only end up importing Cheetah if it's actually needed. So, I think the "from x import y", in this case, works just as well as __import__, just a bit cleaner IMHO.

> and I usually throw a pep8 violation in them in order to make sure I remove them before push

Interesting. I've been meaning to add a SPIKE(author) tag that would cause Hudson to reject patches that include this. You could wrap extra debugs with a # SPIKE comment and be sure it never gets committed.

All Rick's comments, but one, have been addressed.

The one not addressed is the following:

> 804 + if (ref in _db_content[cls]):
> 805 + if (field in _db_content[cls][ref]):
> 806 + return _db_content[cls][ref][field]
> 807 + else:
> 808 + LOG.debug(_('Raising Failure'))
> 809 + raise Failure(['HANDLE_INVALID', cls, ref])

Might be clearer with a EAFP style, like:

    try:
        return _db_content[cls][ref][field]
    except KeyError:
        raise Failure(['HANDLE_INVALID', cls, ref])

In the fake xenapi driver we need to distinguish between the following cases:
- entity not found (ref not in _db_content[cls]), in which case we need to raise a HANDLE_INVALID falure
- entity found, but attribute not found, in which case we need to raised a NOT_IMPLEMENTED failure.

Nevertheless, Rick's suggestion is very valid and this calls for a wider refactoring of the fake xenapi driver, starting with the _getter routine. However, I think it would be better to do this after-cactus.

Getting XenAPIMigrateInstance (test_xenapi.py) asking for passwords during tests:

XenAPIMigrateInstance
    test_finish_resize [sudo] password for swalsh:
                                [sudo] password for swalsh:
OK

Otherwise, impressive branch ... nothing serious to say.

641 + # it the caller does not provide template object and data

"If the caller ..."

But largely I'm going to trust Trey on ensuring the approach is sound (as he's closer to the problem than I)

Once he approves, I will too.

> Getting XenAPIMigrateInstance (test_xenapi.py) asking for passwords during
> tests:
>
> XenAPIMigrateInstance
> test_finish_resize [sudo] password for swalsh:
> [sudo] password for swalsh:
> OK
>

Thanks for spotting this Sandy! Finish_resize calls _create_vm which in turn calls preconfigure_instance (which writes /etc/network/interfaces). We were not stubbing out utils.execute for the migrate test case.

I already pushed updated code, pleasee see if the tests run fine now.
Another way of doing this is disabling the flag xenapi_inject_image for the migrate use case. If you think that would make more sense, I'll do that.

> Otherwise, impressive branch ... nothing serious to say.
>
> 641 + # it the caller does not provide template object and data
>
> "If the caller ..."
>
> But largely I'm going to trust Trey on ensuring the approach is sound (as he's
> closer to the problem than I)
>

get_injectables is a routine 'shared' between libvirt and nova. In the libvirt backend Cheetah.Template is loaded with a dynamic import as a global variable, and the template file is read when the LibVirtConnection instance is initialized.

We don't do that in XenAPI and I'm a bit wary of using global variables, so I put the template class and the template file as optional variables and then dynamically set them if they are not set from the caller (xenapi backend in this case).
> Once he approves, I will too.

--- disk.py ----
get_injectables needs a docstring
why is get_injectables in disk? seems like an odd place..

get_injectables troubles me because one of my goals with multi-nic is to untether the network and virt layers by passing all of the data required for network configuration into the virt layer from compute so no network related db lookups are required at the virt layer. In the mean time (before nova-multi-nic), get_network_info() in vmops.py is performing this task. There will be a similar get_network_info() function for each libvirt/xenapi/hyperV. You can see the format of the data compute will pass to the virt layer spawn process by looking at get_network_info() in vmops.py. Is there something you need that this function isn't handling? I'm not sure I fully grasp the goal of get_injectables().

This should also apply to the fake calls for network info in tests/db/fakes.py. The xenapi/libvirt/hyperV tests shouldn't be using those (but this will surely have to figured out later).

--- vm_utils.py ---
_find_guest_agent needs a docstring

--- vmops.py ---
yay!!

--- xenapi_conn.py ---
1058 + ' network configuration if not injected into the image'
should probably be
1058 + ' network configuration is not injected into the image'
unless i misinterpreted.

The rest is great! I like the way you've implemented mounting vdi as a flaggable option and I also like how if a proper agent is present you preference using it over adding to the mounted filesystem.

Hi Trey,
see my comments inline

> --- disk.py ----
> get_injectables needs a docstring
> why is get_injectables in disk? seems like an odd place..
>
> get_injectables troubles me because one of my goals with multi-nic is to
> untether the network and virt layers by passing all of the data required for
> network configuration into the virt layer from compute so no network related
> db lookups are required at the virt layer. In the mean time (before nova-
> multi-nic), get_network_info() in vmops.py is performing this task. There will
> be a similar get_network_info() function for each libvirt/xenapi/hyperV. You
> can see the format of the data compute will pass to the virt layer spawn
> process by looking at get_network_info() in vmops.py. Is there something you
> need that this function isn't handling? I'm not sure I fully grasp the goal of
> get_injectables().
>
> This should also apply to the fake calls for network info in
> tests/db/fakes.py. The xenapi/libvirt/hyperV tests shouldn't be using those
> (but this will surely have to figured out later).

When I noted your network_info I realized there was some overlap between get_injectables and it.
get_injectables is in disk.py since it is used by both libvirt and xenapi (and possibly hyperv); it seemed the best place for it because it performs operations related to the disk image.

From what you said, every backend is going to have a _get_network_info, at least until multi_nic hits trunk. In this case I don't see anymore a reason for having that common bit of code, and I will therefore remove it. However, I should still use the interface.template file and populate it with Chetaah. To do so, the best thing I can do is to map the dict created by _get_network_info onto the dict required by the Cheetah template (the dict already contains all the info I need).

Another thing to note is that the Cheetah template does not support multiple IP addresses. For this reason I think it might be worth to use only the first element from the ip/ipv6 lists in the dict created by network_info.

> --- vm_utils.py ---
> _find_guest_agent needs a docstring
>

Will be done

> --- vmops.py ---
> yay!!
>
> --- xenapi_conn.py ---
> 1058 + ' network configuration if not injected into the
> image'
> should probably be
> 1058 + ' network configuration is not injected into the
> image'
> unless i misinterpreted.
>

Typo. Thanks for spotting this!

> The rest is great! I like the way you've implemented mounting vdi as a
> flaggable option and I also like how if a proper agent is present you
> preference using it over adding to the mounted filesystem.

Hi reviewers!

Updating the branch took a bit longer than expect as in the meanwhile another branch changing the way in which network injection is performed for libvirt landed in trunk!

I adapted my branch following Trey's comments. No more _get_injectables! Now I also use the value returned by _get_network_info. Unlike the libvirt impl, I decided to use the 'info' field in the tuple rather than network_ref. This way, if the db changes in the future we will have to update only _get_network_info accordingly.

Another tangential issue was the rescue feature. In the unit tests spawn_rescue was stubbed out with a nice 'pass', leading to a failure on a later operation on the xenapi fake driver (which has been improved to be less 'fake'). By the way, if spawn_rescue has been stubbed out, what's the point of having a unit test for rescue? Code coverage is not complete at all, and I think the unit test is quite unreliable.

Thanks again for spending so much time on this branch. I hope it is now ready to rest in trunk forever!

As with Sandy, I really can't speak to whether this is the right approach. I'll leave that to Trey.

But from a code-quality perspective, this looks really good. Thanks for the fix-ups!

One small nit (not a deal-breaker):

> 97 + l = []
> 98 + l.append(FakeModel(fixed_ip_fields))
> 99 + return l

Looks like one was missed. I'm okay letting this slide since we can get this later; better to get this merged sooner. That said, if you can slip in a fix here, that'd be great.

> As with Sandy, I really can't speak to whether this is the right approach.
> I'll leave that to Trey.
>
> But from a code-quality perspective, this looks really good. Thanks for the
> fix-ups!
>
> One small nit (not a deal-breaker):
>
> > 97 + l = []
> > 98 + l.append(FakeModel(fixed_ip_fields))
> > 99 + return l
>
> Looks like one was missed. I'm okay letting this slide since we can get this
> later; better to get this merged sooner. That said, if you can slip in a fix
> here, that'd be great.

As for the approach, I've think I've addresses Trey's concerns.
Thanks for spotting the missed fix! Updated branch pushed.

Requesting FF exception for this branch, as it has already 1 approve vote and all discussion points (major and minor) have been addressed according to reviewers' suggestions.

The branch only touches the part of the XenAPI backend for the compute service which deals with spawning VMs. It performs delicate operations such as mounting VDIs, but the routine we use for these operations are already widely used in the XenAPI backend.
Two unit tests, carefully prepared to reduce stubbing-out to a minimum, have been provided.

Benefits:
- this branch will enable support for IP injection in disk images for XenAPI, in the same way in which is already done in libvirt. It indeed uses the same template file. Altough XenAPI already supports agent-based injection, this way of doing injection can be very useful in situations where guest images do not have an agent.
- this branch slightly improves unit test infrastructure for xenapi backend, increasing code coverage.

Risk assessment:
- this branch has a quite difficult life. It was first proposed more than a month ago, but was pushed back due to overlaps with other network-related branches dealing with XenAPI backend. More problems arised when the interfaces.template file changed yesterday to reflect multiple interface. However, now the branch is completely in sync with the current trunk, and since we are in FF period we can expect minimum to no interferences with other branches.

Risk assessment:
- No risk for network manager, as its code has not been touched at all. The xenapi network driver will be used only by the compute node for setting up VLANs on xen hosts. This also means that there cannot be any impact on other capabilities of the Network Manager, such as VPN access or Floating IPs.
- Since this is a new feature, and the associated code is executed only when a compute node uses XenAPI and the VLan manager, there is no risk of breaking libvirt, hyperv, or mware installations, or XenAPI installations which use the flat manager

Heh, nearly had a heart attack when I saw the tests failing. Then I saw it was only 'suds' missing. Should have looked in pip-requires.

Nice work!we Hopefully this sneaks it in?

> Heh, nearly had a heart attack when I saw the tests failing. Then I saw it was
> only 'suds' missing. Should have looked in pip-requires.
>
> Nice work!we Hopefully this sneaks it in?

Hi Sandy,

Are you sure you're not talking about VMware-vSphere? I believe that was the branch with the test failing due to suds...
In this branch your tests were failing because I was not stubbing out utils.execute in the migrate test case (on my dev machines they were not failing because all the commands were in the sudoers file :-)
Anyway, that has been fixed!

This is a bit too wide for my taste but it seems very close to the goal. FFe granted, provided this gets merged very soon (before end of day Monday)

> Are you sure you're not talking about VMware-vSphere? I believe that was the
> branch with the test failing due to suds...

Could have been just part of the trunk merges. It was definitely this branch. All good now though.

great :)