def create_policy_target_group(self,
token,
tenant_id,
name,
l2_policy_id=None):
""" Creates a GBP Policy Target Group
:param token: A scoped token
:param tenant_id: Tenant UUID
:param name: PTG name
:return: PTG dict
"""
policy_target_group_info = {
"policy_target_group": {
"tenant_id": tenant_id,
"name": name,
}
}
if l2_policy_id:
policy_target_group_info["policy_target_group"].update(
{"l2_policy_id": l2_policy_id})
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.create_policy_target_group(
body=policy_target_group_info)['policy_target_group']
except Exception as ex:
err = ("Failed to create policy target group. %s"
" Error :: %s" % (policy_target_group_info, ex))
LOG.error(err)
raise Exception(err)
def get_gbp_client_by_tenant(self, tenant):
self.logger.info('get gbpclient object for tenant - %s' % (tenant[1]))
gbpclient = gbpc.Client(username=self.ks_user,
password=self.ks_pass,
tenant_name=tenant,
auth_url=self.ks_auth_url)
return gbpclient
def create_policy_target(self, token, tenant_id,
policy_target_group_id, name, port_id=None):
""" Creates a GBP Policy Target
:param token: A scoped token
:param tenant_id: Tenant UUID
:param policy_target_group_id: PTG UUID
:param name: PT name
:return: PT dict
"""
policy_target_info = {
"policy_target": {
"policy_target_group_id": policy_target_group_id,
"tenant_id": tenant_id,
}
}
if name:
policy_target_info['policy_target'].update({'name': name})
if port_id:
policy_target_info["policy_target"]["port_id"] = port_id
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.create_policy_target(
body=policy_target_info)['policy_target']
except Exception as ex:
err = ("Failed to read policy target information from"
" Openstack Neutron service's response."
" KeyError :: %s" % (ex))
LOG.error(err)
raise Exception(err)
def gbpclient(request):
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
LOG.debug('gbpclient connection created using token "%s" and url "%s"'
% (request.user.token.id, base.url_for(request, 'network')))
LOG.debug('user_id=%(user)s, tenant_id=%(tenant)s' %
{'user': request.user.id, 'tenant': request.user.tenant_id})
c = gbp_client.Client(token=request.user.token.id,
auth_url=base.url_for(request, 'identity'),
endpoint_url=base.url_for(request, 'network'),
insecure=insecure, ca_cert=cacert)
return c
def create_l3_policy(self, token, l3_policy_info): # tenant_id, name):
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.create_l3_policy(body=l3_policy_info)['l3_policy']
except Exception as ex:
err = ("Failed to create l3 policy under tenant"
" %s. Error :: %s" %
(l3_policy_info['l3_policy']['tenant_id'], ex))
LOG.error(err)
raise Exception(err)
def get_policy_target(self, token, pt_id, filters=None):
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
filters = filters if filters is not None else {}
return gbp.show_policy_target(pt_id, **filters)['policy_target']
except Exception as ex:
err = ("Failed to read PT information"
". PT %s."
" Error :: %s" % (pt_id, ex))
LOG.error(err)
raise Exception(err)
def create_network_service_policy(self, token,
network_service_policy_info):
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.create_network_service_policy(
body=network_service_policy_info)['network_service_policy']
except Exception as ex:
err = ("Failed to create network service policy "
"Error :: %s" % (ex))
LOG.error(err)
raise Exception(err)
def _get_keystone_client(self):
LOG.debug("Getting keystone client")
auth = ksc_auth.load_from_conf_options(cfg.CONF, AUTH_GROUP)
LOG.debug("Got auth: %s", auth)
if not auth:
LOG.warning(_LW('No auth_plugin configured in %s'), AUTH_GROUP)
session = ksc_session.Session.load_from_conf_options(cfg.CONF,
AUTH_GROUP,
auth=auth)
LOG.debug("Got session: %s", session)
self.keystone = ksc_client.Client(session=session)
LOG.debug("Got keystone client: %s", self.keystone)
self.gbp = gbp_client.Client(session=session)
LOG.debug("Got gbp client: %s", self.gbp)
def delete_policy_target_group(self, token, policy_target_group_id):
""" Delete the GBP policy_target group
:param token: A scoped token
:param policy_target_id: PTG UUID
"""
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.delete_policy_target_group(policy_target_group_id)
except Exception as ex:
err = ("Failed to delete policy target group from"
" Openstack."
" Error :: %s" % (ex))
LOG.error(err)
raise Exception(err)
def delete_l2_policy(self, token, l2policy_id):
"""
:param token:
:param l2policy_id:
:return:
"""
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.delete_l2_policy(l2policy_id)
except Exception as ex:
err = ("Failed to delete l2 policy %s. Reason %s" %
(l2policy_id, ex))
LOG.error(err)
raise Exception(err)
def create_l2_policy(self, token, tenant_id, name, l3_policy_id=None):
l2_policy_info = {"l2_policy": {"tenant_id": tenant_id, "name": name}}
if l3_policy_id:
l2_policy_info["l2_policy"].update({'l3_policy_id': l3_policy_id})
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.create_l2_policy(body=l2_policy_info)['l2_policy']
except Exception as ex:
err = ("Failed to create l2 policy under tenant"
" %s. Error :: %s" % (tenant_id, ex))
LOG.error(err)
raise Exception(err)
def delete_policy_target(self, token, policy_target_id):
""" Delete the GBP policy_target
:param token: A scoped token
:param policy_target_id: PT UUID
"""
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.delete_policy_target(policy_target_id)
except Exception as ex:
err = ("Failed to delete policy target information from"
" Openstack Neutron service's response."
" KeyError :: %s" % (ex))
LOG.error(err)
raise Exception(err)
def update_policy_target_group(self, token, ptg_id,
policy_target_group_info):
""" Updates a GBP Policy Target Group
:param token: A scoped token
:param ptg_id: PTG UUID
:param policy_target_group_info: PTG info dict
:return: PTG dict
"""
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.update_policy_target_group(
ptg_id, body=policy_target_group_info)['policy_target_group']
except Exception as ex:
err = ("Failed to update policy target group. Error :: %s" % (ex))
LOG.error(err)
raise Exception(err)
def get_policy_target_group(self, token, ptg_id, filters=None):
"""
:param token: A scoped token
:param ptg_id: PTG
:param filters: Optional
:return:
"""
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
filters = filters if filters is not None else {}
return gbp.show_policy_target_group(
ptg_id, **filters)['policy_target_group']
except Exception as ex:
err = ("Failed to read PTG list from"
" Openstack Neutron service's response."
" KeyError :: %s" % (ex))
LOG.error(err)
raise Exception(err)
def _create(self):
con = self.context
endpoint_type = self._get_client_option('grouppolicy', 'endpoint_type')
endpoint = self.url_for(service_type='network',
endpoint_type=endpoint_type)
args = {
'auth_url': con.auth_url,
'service_type': 'network',
'token': self.auth_token,
'endpoint_url': endpoint,
'endpoint_type': endpoint_type,
'ca_cert': self._get_client_option('grouppolicy', 'ca_file'),
'insecure': self._get_client_option('grouppolicy', 'insecure')
}
return gbpc.Client(**args)
def get_policy_targets(self, token, filters=None):
""" List Policy Targets
:param token: A scoped_token
:param filters: Parameters for list filter
example for filter: {}
:return: PT List
"""
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
filters = filters if filters is not None else {}
return gbp.list_policy_targets(**filters)['policy_targets']
except Exception as ex:
err = ("Failed to read PT list." " Error :: %s" % (ex))
LOG.error(err)
raise Exception(err)
def get_l3_policies(self, token, filters=None):
""" List L3 policies
:param token: A scoped_token
:param filters: Parameters for list filter
example for filter: {}
:return: L2 policies List
"""
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
filters = filters if filters is not None else {}
return gbp.list_l3_policies(**filters)['l3_policies']
except Exception as ex:
err = ("Failed to list l3 policies. Reason %s" % ex)
LOG.error(err)
raise Exception(err)
def update_policy_target(self, token, policy_target_id, updated_pt):
""" Update the Policy Target
:param token: A scoped token
:param policy_target_id: PT UUID
:param updated_pt: New PT dict
{\"policy_target\": {\"description\": \"test123\"}}
"""
policy_target_info = {"policy_target": updated_pt}
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.update_policy_target(
policy_target_id, body=policy_target_info)['policy_target']
except Exception as ex:
err = ("Failed to read updated PT information"
". PT %s."
" KeyError :: %s" % (policy_target_id, ex))
LOG.error(err)
raise Exception(err)
def get_l3_policy(self, token, policy_id, filters=None):
""" List L3 policies
:param token: A scoped_token
:param filters: Parameters for list filter
example for filter: {}
:return: L3 policies List
"""
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
filters = filters if filters is not None else {}
return gbp.show_l3_policy(policy_id, **filters)['l3_policy']
except Exception as ex:
err = ("Failed to read l3 policy list from"
" Openstack Neutron service's response."
" KeyError :: %s" % (ex))
LOG.error(err)
raise Exception(err)
def _get_keystone_client(self):
# REVISIT: It seems load_from_conf_options() and
# keystoneclient auth plugins have been deprecated, and we
# should use keystoneauth instead.
LOG.debug("Getting keystone client")
auth = ksc_auth.load_from_conf_options(cfg.CONF, AUTH_GROUP)
LOG.debug("Got auth: %s", auth)
if not auth:
LOG.warning('No auth_plugin configured in %s',
AUTH_GROUP)
session = ksc_session.Session.load_from_conf_options(
cfg.CONF, AUTH_GROUP, auth=auth)
LOG.debug("Got session: %s", session)
self.keystone = ksc_client.Client(session=session)
LOG.debug("Got keystone client: %s", self.keystone)
endpoint_type = 'publicURL'
if self.enable_neutronclient_internal_ep_interface:
endpoint_type = 'internalURL'
self.gbp = gbp_client.Client(session=session,
endpoint_type=endpoint_type)
LOG.debug("Got gbp client: %s", self.gbp)
def get_policy_target_groups(self, token, filters=None):
""" List Policy Target Groups
:param token: A scoped_token
:param filters: Parameters for list filter
example for filter: ?tenant_id=%s&id=%s
:return: PTG List
"""
try:
gbp = gbp_client.Client(token=token,
endpoint_url=self.network_service)
return gbp.list_policy_target_groups(
**filters)['policy_target_groups']
except Exception as ex:
err = ("Failed to read PTG list from"
" Openstack Neutron service's response."
" KeyError :: %s" % (ex))
LOG.error(err)
raise Exception(err)
def get_service_profile(self, token, service_profile_id):
gbp = gbp_client.Client(token=token, endpoint_url=self.network_service)
return gbp.show_service_profile(service_profile_id)['service_profile']
def setUp(self, plurals=None):
super(CLITestV20Base, self).setUp()
self.client = gbpclient.Client(token=TOKEN, endpoint_url=self.endurl)
def grouppolicy(self):
from gbpclient.v2_0 import client as gbpclient
return gbpclient.Client(username=self.endpoint.username,
password=self.endpoint.password,
tenant_name=self.endpoint.tenant_name,
auth_url=self.endpoint.auth_url)
def get_servicechain_node(self, token, node_id):
gbp = gbp_client.Client(token=token, endpoint_url=self.network_service)
return gbp.show_servicechain_node(node_id)['servicechain_node']
def get_servicechain_instance(self, token, instance_id):
gbp = gbp_client.Client(token=token, endpoint_url=self.network_service)
return gbp.show_servicechain_instance(
instance_id)['servicechain_instance']
