def delete_subnet_precommit(self, context):
subnet = context.current
db_context = context._plugin_context
context.nuage_mapping = nuagedb.get_subnet_l2dom_by_id(
db_context.session, subnet['id'])
context.dual_stack_subnet = self.get_dual_stack_subnet(
db_context, subnet)
def get_nuage_redirect_target_rules(self, context, filters=None,
fields=None):
params = {}
resource_id = None
if filters.get('subnet'):
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, filters['subnet'][0])
if subnet_mapping:
if self._is_l3(subnet_mapping):
message = ("Subnet %s doesn't have mapping l2domain on "
"VSD " % filters['subnet'][0])
raise nuage_exc.NuageBadRequest(msg=message)
params['subnet'] = filters.get('subnet')[0]
params['subnet_mapping'] = subnet_mapping
else:
message = ("Subnet %s doesn't have mapping l2domain on "
"VSD " % filters['subnet'][0])
raise nuage_exc.NuageBadRequest(msg=message)
elif filters.get('router'):
params['router'] = filters.get('router')[0]
elif filters.get('id'):
params['id'] = filters.get('id')[0]
resource_id = params['id']
try:
rtarget_rules = self.vsdclient.get_nuage_redirect_target_rules(
params)
except Exception:
raise nuage_exc.NuageNotFound(
resource='nuage-redirect-target-rule',
resource_id=resource_id)
return [self._make_redirect_target_rule_dict(
rtarget_rule, context, fields) for rtarget_rule in rtarget_rules]
def process_port_security(self, context, port):
subnet_id = port['fixed_ips'][0]['subnet_id']
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, subnet_id)
vport = self._get_nuage_vport(port, subnet_mapping, required=False)
if not vport:
return
if port.get(portsecurity.PORTSECURITY):
self.client.update_vport_policygroups(vport['ID'], [])
return
l2dom_id, l3dom_id = get_l2_and_l3_sub_id(subnet_mapping)
rtr_id = None
if l3dom_id:
rtr_id = (self.client.get_nuage_domain_id_from_subnet(l3dom_id))
params = {
'l2dom_id': l2dom_id,
'l3dom_id': l3dom_id,
'rtr_id': rtr_id,
'type': '',
'sg_type': constants.HARDWARE
}
policygroup_id = self.client.create_nuage_sec_grp_for_no_port_sec(
params)
self.client.update_vport_policygroups(vport['ID'], [policygroup_id])
def _update_port_dhcp_opts(self, resource, event, trigger, **kwargs):
request_port = kwargs.get('request_port')
original_port = kwargs.get('original_port')
updated_port = kwargs.get('updated_port')
vport = kwargs.get('vport')
context = kwargs.get('context')
if not request_port or not original_port or \
'extra_dhcp_opts' not in request_port:
return
subnet_id = updated_port['fixed_ips'][0]['subnet_id']
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(context.session,
subnet_id)
old_dhcp_options = original_port.get('extra_dhcp_opts', [])
request_dhcp_options = copy.deepcopy(
request_port.get('extra_dhcp_opts', []))
for dhcp_opt in request_dhcp_options:
self._translate_dhcp_option(dhcp_opt)
categorised_dhcp_opts = self._categorise_dhcp_options_for_update(
copy.deepcopy(old_dhcp_options),
request_dhcp_options)
self._update_extra_dhcp_options(categorised_dhcp_opts,
subnet_mapping,
original_port.get('id'),
original_port['device_owner'],
old_dhcp_options, vport)
def _validate_security_groups(self, context):
port = context.current
db_context = context._plugin_context
subnet_id = port['fixed_ips'][0]['subnet_id']
sg_ids = port[ext_sg.SECURITYGROUPS]
if not sg_ids:
return
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(db_context.session,
subnet_id)
if self._is_vsd_mgd(subnet_mapping):
return
normal_ports = nuagedb.get_port_bindings_for_sg(
db_context.session,
sg_ids,
[portbindings.VNIC_NORMAL],
bound_only=True)
if len(normal_ports) > 0:
msg = ("Security Groups for baremetal and normal ports "
"are mutualy exclusive")
raise exceptions.NuageBadRequest(msg=msg)
sg_rules = self.core_plugin.get_security_group_rules(
db_context,
{'security_group_id': sg_ids})
bad_rule = next((rule for rule in sg_rules if rule['remote_group_id']),
None)
if bad_rule:
msg = ("Security Groups for baremetal ports can't have "
"rules with remote-group-id")
raise exceptions.NuageBadRequest(msg=msg)
def create_subnet(self, context):
db_context = context._plugin_context
subnet = context.current
network_qos_policy_id = self._get_network_qos_policy_id(
context._plugin_context, subnet['network_id'])
vsd_qos_options = self._get_vsd_qos_options(db_context,
network_qos_policy_id)
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(db_context.session,
subnet['id'])
if vsd_qos_options['bandwidth_options']:
self._vsdclient.create_update_qos(
parent_type=self._get_parent_type(subnet_mapping),
parent_id=subnet_mapping['nuage_subnet_id'],
qos_policy_id=network_qos_policy_id,
qos_policy_options=vsd_qos_options['bandwidth_options'])
if vsd_qos_options['dscp_options']:
vsd_subnet = self._mech_driver._find_vsd_subnet(db_context,
subnet_mapping)
domain_type, domain_id = (
self._mech_driver._get_domain_type_id_from_vsd_subnet(
self._vsdclient, vsd_subnet))
self._vsdclient.create_update_dscp_marking_subnet(
domain_type=domain_type,
domain_id=domain_id,
vsd_subnet=vsd_subnet,
domain_adv_fwd_mapping=collections.defaultdict(dict),
qos_policy_id=network_qos_policy_id,
dscp_mark=vsd_qos_options['dscp_options'].get('dscp_mark'),
original_qos_policy_id=None)
def _find_vsd_subnet(self, context, subnet_mapping):
try:
vsd_subnet = self.vsdclient.get_nuage_subnet_by_mapping(
subnet_mapping, required=True)
return vsd_subnet
except restproxy.ResourceNotFoundException:
neutron_subnet = self._get_subnet_from_neutron(
context, subnet_mapping['subnet_id'])
if not neutron_subnet:
LOG.info("Subnet %s has been deleted concurrently",
subnet_mapping['subnet_id'])
return
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, neutron_subnet['id'])
if self._is_os_mgd(subnet_mapping):
LOG.debug("Retrying to get the subnet from vsd.")
# Here is for the case that router attach/detach has happened
# but neutron DB is not updated. Then we use externalID and
# cidr to get that subnet in vsd.
if self._is_l2(subnet_mapping):
return self.vsdclient.get_domain_subnet_by_ext_id_and_cidr(
neutron_subnet)
else:
return self.vsdclient.get_l2domain_by_ext_id_and_cidr(
neutron_subnet)
else:
raise
def get_nuage_gateway_vports(self, context, filters=None, fields=None):
user_tenant = filters.get('tenant')
fetch_tenant = self._check_for_permissions(context, user_tenant)
def_netpart = cfg.CONF.RESTPROXY.default_net_partition_name
netpart = nuagedb.get_default_net_partition(context, def_netpart)
subnet_id = filters['subnet'][0]
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, subnet_id)
if subnet_mapping:
filters['nuage_subnet_id'] = [subnet_mapping['nuage_subnet_id']]
else:
msg = 'No neutron subnet to nuage subnet mapping found'
raise nuage_exc.NuageBadRequest(msg=msg)
resp = self.nuageclient.get_gateway_vports(fetch_tenant, netpart['id'],
filters)
if resp:
return [
self._make_vport_dict(vport, fields=fields, context=context)
for vport in resp
]
else:
return []
def create_nuage_gateway_vport(self, context, nuage_gateway_vport):
vport = nuage_gateway_vport['nuage_gateway_vport']
subnet_id = vport.get('subnet')
port_id = vport.get('port')
params = {
'gatewayinterface': vport['gatewayvlan'],
'tenant': vport.get('tenant')
}
if subnet_id:
params['subnet'] = self.core_plugin.get_subnet(context, subnet_id)
if port_id:
p = self.core_plugin.get_port(context, port_id)
if p.get('fixed_ips'):
subnet_id = p['fixed_ips'][0]['subnet_id']
subnet = self.core_plugin.get_subnet(context, subnet_id)
params['enable_dhcp'] = subnet.get('enable_dhcp')
params['port'] = p
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, subnet_id)
if subnet_mapping:
params['np_id'] = subnet_mapping['net_partition_id']
params['nuage_managed_subnet'] = (
subnet_mapping['nuage_managed_subnet'])
else:
msg = 'No neutron subnet to nuage subnet mapping found'
raise nuage_exc.NuageBadRequest(msg=msg)
try:
vsd_subnet = self.vsdclient.get_nuage_subnet_by_id(subnet_mapping)
params['vsd_subnet'] = vsd_subnet
resp = self.vsdclient.create_gateway_vport(context.tenant_id,
params)
vport = resp['vport']
except Exception as ex:
if hasattr(ex, 'code'):
if ex.code == constants.RES_CONFLICT:
# gridinv - do not map resource in conflict to 500
raise nuage_exc.NuageBadRequest(msg=ex.message)
raise
if port_id and not subnet_mapping['nuage_managed_subnet']:
port = params['port']
self.l3_plugin._check_floatingip_update(
context,
port,
vport_type=constants.HOST_VPORT,
vport_id=vport['ID'])
resp_dict = {
'vport_id': resp['vport']['ID'],
'vport_type': resp['vport']['type'],
'vport_name': resp['vport']['name'],
'interface': resp['interface']['ID'],
'vport_gw_type': resp['vport_gw_type'],
'subnet_id': subnet_id
}
if port_id:
resp_dict['port_id'] = port_id
return self._make_vport_dict(resp_dict, context=context)
def get_nuage_external_security_group_rules(self, context, filters=None,
fields=None):
params = {}
resource_id = None
if filters.get('subnet'):
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, filters['subnet'][0])
if subnet_mapping:
if self._is_l3(subnet_mapping):
message = ("Subnet %s doesn't have mapping l2domain on "
"VSD " % filters['subnet'][0])
raise nuage_exc.NuageBadRequest(msg=message)
params['subnet'] = filters.get('subnet')[0]
else:
message = ("Subnet %s doesn't have mapping l2domain on "
"VSD " % filters['subnet'][0])
raise nuage_exc.NuageBadRequest(msg=message)
elif filters.get('router'):
params['router'] = filters.get('router')[0]
elif filters.get('external_group'):
params['external_group'] = filters.get('external_group')[0]
resource_id = params['external_group']
try:
ext_rules = self.vsdclient.get_nuage_external_sg_rules(
params)
except Exception:
raise nuage_exc.NuageNotFound(
resource='nuage-external-security-group-rule',
resource_id=resource_id)
return [self._make_external_security_group_rule_dict(ext_rule, context,
fields) for
ext_rule in ext_rules]
def _validate_port(self, db_context, port):
if 'fixed_ips' not in port or len(port.get('fixed_ips', [])) == 0:
return False
subnet_id = port['fixed_ips'][0]['subnet_id']
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(db_context.session,
subnet_id)
return subnet_mapping
def create_nuage_redirect_target(self, context, nuage_redirect_target):
redirect_target = nuage_redirect_target['nuage_redirect_target']
has_subnet_id = is_attr_set(redirect_target.get('subnet_id'))
has_router_id = is_attr_set(redirect_target.get('router_id'))
if not has_subnet_id and not has_router_id:
msg = _('subnet_id or router_id should be specified')
raise n_exc.BadRequest(resource='subnets', msg=msg)
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, redirect_target.get('subnet_id')) or {}
router_mapping = nuagedb.get_ent_rtr_mapping_by_rtrid(
context.session, redirect_target.get('router_id')) or {}
if not subnet_mapping and not router_mapping:
raise ext_rtarget.RedirectTargetNoDomainOrL2Domain()
if has_subnet_id:
subnet = self.core_plugin.get_subnet(context,
redirect_target['subnet_id'])
if subnet:
redirect_target['external_id'] = \
cms_id_helper.get_vsd_external_id(subnet['network_id'])
try:
nuage_redirect_target = self.vsdclient\
.create_nuage_redirect_target(
redirect_target,
l2dom_id=subnet_mapping.get('nuage_subnet_id'),
domain_id=router_mapping.get('nuage_router_id'))
except Exception as e:
if getattr(e, "vsd_code", None) == '7016':
msg = _("A Nuage redirect target with name '%s' already "
"exists") % redirect_target['name']
raise nuage_exc.NuageBadRequest(msg=msg)
raise
return self._make_redirect_target_dict(nuage_redirect_target,
context=context)
def process_port_redirect_target(self, context, port, rtargets,
n_rtargets_ids):
if not is_attr_set(rtargets):
port[ext_rtarget.REDIRECTTARGETS] = []
return
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, port['fixed_ips'][0]['subnet_id'])
for n_rtarget_id in n_rtargets_ids:
l2dom_id = subnet_mapping['nuage_subnet_id']
l3dom_id = subnet_mapping['nuage_subnet_id']
try:
params = {'neutron_port_id': port['id']}
l2_id, l3_id = get_l2_and_l3_sub_id(subnet_mapping)
params['l2dom_id'] = l2_id
params['l3dom_id'] = l3_id
nuage_port = self.vsdclient.get_nuage_vport_by_neutron_id(
params)
nuage_port['l2dom_id'] = l2dom_id
nuage_port['l3dom_id'] = l3dom_id
if nuage_port and nuage_port.get('ID'):
self.vsdclient.update_nuage_vport_redirect_target(
n_rtarget_id, nuage_port.get('ID'))
except Exception:
raise
port[ext_rtarget.REDIRECTTARGETS] = (list(n_rtargets_ids)
if n_rtargets_ids else [])
def get_vsd_managed_dual_subnet(self, context, subnet, nuage_subnet_id):
dual_stack_subnets = self.get_dual_stack_subnet(context,
subnet,
vsd_managed=True)
for dual_stack_subnet in dual_stack_subnets:
dual_subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, dual_stack_subnet['id'])
if dual_subnet_mapping['nuage_subnet_id'] == nuage_subnet_id:
return dual_stack_subnet
return None
def get_subnet_available_nuage_policy_groups(self, context, filters=None):
subnet_id = filters.pop('for_subnet')[0]
vsd_mapping = nuagedb.get_subnet_l2dom_by_id(context.session,
subnet_id)
if not vsd_mapping:
raise exceptions.SubnetMappingNotFound(resource='subnet',
id=subnet_id)
vsd_filters = self.osfilters_to_vsdfilters(filters)
return self._get_available_nuage_policy_groups(vsd_mapping,
vsd_filters)
def _validate_port(self, db_context, port):
if 'fixed_ips' not in port or len(port.get('fixed_ips', [])) == 0:
return False
for fixed_ip in port.get('fixed_ips', []):
if netaddr.IPAddress(fixed_ip['ip_address']).version == 4:
subnet_id = port['fixed_ips'][0]['subnet_id']
break
else:
return False
return nuagedb.get_subnet_l2dom_by_id(db_context.session, subnet_id)
def _process_allowed_address_pairs(self, context, port, vport,
create=False, delete_addr_pairs=None):
subnet_id = port['fixed_ips'][0]['subnet_id']
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(context.session,
subnet_id)
if subnet_mapping:
if vport:
if create:
self._create_vips(context, subnet_mapping, port, vport)
else:
self._update_vips(context, subnet_mapping,
port, vport, delete_addr_pairs)
def get_nuage_redirect_targets(self, context, filters=None, fields=None):
rtargets = []
if filters.get('subnet'):
params = {}
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, filters['subnet'][0])
if not subnet_mapping:
return []
if self._is_vsd_mgd(subnet_mapping) or self._is_l3(subnet_mapping):
domain_id = self.vsdclient.get_router_by_domain_subnet_id(
subnet_mapping['nuage_subnet_id'])
if domain_id:
params['parentID'] = domain_id
elif self._is_vsd_mgd(subnet_mapping):
params['parentID'] = subnet_mapping['nuage_subnet_id']
else:
return []
else:
params['parentID'] = subnet_mapping['nuage_subnet_id']
rtargets = self.vsdclient.get_nuage_redirect_targets(params)
elif filters.get('router'):
router_mapping = nuagedb.get_ent_rtr_mapping_by_rtrid(
context.session, filters['router'][0])
if not router_mapping:
msg = (_("No router mapping found for router %s") %
filters['router'][0])
raise nuage_exc.NuageBadRequest(msg=msg)
rtargets = self.vsdclient.get_nuage_redirect_targets(
{'parentID': router_mapping['nuage_router_id']})
elif filters.get('id'):
rtargets = self.vsdclient.get_nuage_redirect_targets(
{'ID': filters.get('id')[0]})
elif filters.get('name'):
rtargets = self.vsdclient.get_nuage_redirect_targets(
{'name': filters.get('name')[0]})
elif filters.get('ports'):
rtargets = (rtarget for port_id in filters['ports']
for rtarget in self.get_nuage_redirect_targets_by_port(
port_id, context))
return [
self._make_redirect_target_dict(rtarget, context, fields)
for rtarget in rtargets
]
def get_nuage_external_security_groups(self,
context,
filters=None,
fields=None):
# get all redirect targets
domain_type = None
domain_id = None
vsd_filters = {'external': 'true'}
if filters.get('subnet'):
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, filters['subnet'][0])
if subnet_mapping:
if self._is_l3(subnet_mapping):
message = ("Subnet %s doesn't have mapping l2domain on "
"VSD " % filters['subnet'][0])
raise nuage_exc.NuageBadRequest(msg=message)
domain_type = vsd_constants.L2DOMAIN
domain_id = subnet_mapping['nuage_subnet_id']
else:
message = ("Subnet %s doesn't have mapping l2domain on "
"VSD " % filters['subnet'][0])
raise nuage_exc.NuageBadRequest(msg=message)
elif filters.get('router'):
router_id = filters.get('router')[0]
nuage_router = self.vsdclient.get_l3domain_by_external_id(
router_id)
if nuage_router:
domain_type = vsd_constants.DOMAIN
domain_id = nuage_router['ID']
else:
msg = _("VSD domain not found for router %s") % router_id
raise n_exc.BadRequest(
resource='nuage_external_security_group', msg=msg)
elif filters.get('id'):
return self.get_nuage_external_security_group(
context,
filters.get('id')[0])
elif filters.get('name'):
vsd_filters['name'] = filters.get('name')[0]
try:
ext_sgs = self.vsdclient.get_policygroups(parent_type=domain_type,
parent_id=domain_id,
**vsd_filters)
except Exception:
raise nuage_exc.NuageNotFound(
resource='nuage-external-security-group')
return [
self._make_external_security_group_dict(sg, context, fields)
for sg in ext_sgs
]
def extend_subnet_dict(self, session, db_data, result):
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(session, result['id'])
if subnet_mapping:
result['net_partition'] = subnet_mapping['net_partition_id']
result['vsd_managed'] = subnet_mapping['nuage_managed_subnet']
if result['vsd_managed']:
result['nuagenet'] = subnet_mapping['nuage_subnet_id']
else:
result['vsd_managed'] = False
result['nuage_l2bridge'] = nuagedb.get_nuage_l2bridge_id_for_network(
session, result['network_id'])
if self._is_network_external(session, db_data['network_id']):
# Add nuage underlay parameter and set the nuage_uplink for
# subnets in external network.
# Normally external subnet is always l3, but in process of updating
# internal to external network, update network postcommit process
# is looping over current subnets and at that time these are still
# l2 in VSD; hence checking for l3 (if not, skip this block).
if subnet_mapping and self._is_l3(subnet_mapping):
nuage_underlay_db = nuagedb.get_subnet_parameter(
session, result['id'], nuage_constants.NUAGE_UNDERLAY)
nuage_subnet = self.vsdclient.get_nuage_subnet_by_id(
subnet_mapping['nuage_subnet_id'],
subnet_type=nuage_constants.SUBNET)
result['underlay'] = bool(nuage_underlay_db)
if nuage_subnet:
result['nuage_uplink'] = nuage_subnet['parentID']
else:
# Add nuage_underlay parameter
update = self.val_by_id.pop(
(result['id'], nuage_constants.NUAGE_UNDERLAY),
constants.ATTR_NOT_SPECIFIED)
nuage_underlay_db = nuagedb.get_subnet_parameter(
session, result['id'], nuage_constants.NUAGE_UNDERLAY)
if (update is constants.ATTR_NOT_SPECIFIED and
not result['vsd_managed'] and
not self._is_ipv6(result) and
subnet_mapping and
self._is_l3(subnet_mapping)):
# No update, db value
result['nuage_underlay'] = (
nuage_underlay_db['parameter_value']
if nuage_underlay_db else
nuage_constants.NUAGE_UNDERLAY_INHERITED)
elif (update is not constants.ATTR_NOT_SPECIFIED and
update != nuage_underlay_db):
# update + change
result['nuage_underlay'] = update
return result
def create_nuage_gateway_vport(self, context, nuage_gateway_vport):
vport = nuage_gateway_vport['nuage_gateway_vport']
subnet_id = vport.get('subnet')
port_id = vport.get('port')
params = {
'gatewayinterface': vport['gatewayvlan'],
'tenant': vport.get('tenant')
}
if subnet_id:
params['subnet'] = self.get_subnet(context, subnet_id)
if port_id:
p = self.get_port(context, port_id)
if p.get('fixed_ips'):
subnet_id = p['fixed_ips'][0]['subnet_id']
subnet = self.get_subnet(context, subnet_id)
params['enable_dhcp'] = subnet.get('enable_dhcp')
params['port'] = p
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, subnet_id)
if subnet_mapping:
params['nuage_subnet_id'] = subnet_mapping['nuage_subnet_id']
params['np_id'] = subnet_mapping['net_partition_id']
params['nuage_managed_subnet'] = (
subnet_mapping['nuage_managed_subnet'])
else:
msg = 'No neutron subnet to nuage subnet mapping found'
raise nuage_exc.NuageBadRequest(msg=msg)
try:
resp = self.nuageclient.create_gateway_vport(
context.tenant_id, params)
except Exception as ex:
if ex.code == constants.RES_CONFLICT:
# gridinv - do not map resource in conflict to 500
raise nuage_exc.NuageBadRequest(msg=ex.message)
raise
if port_id and not subnet_mapping['nuage_managed_subnet']:
port = params['port']
if resp['vport_gw_type'] == constants.SOFTWARE:
self._delete_port_security_group_bindings(context, port['id'])
self._process_port_create_security_group(
context, port, port[ext_sg.SECURITYGROUPS])
LOG.debug("Created security group for port %s", port['id'])
self._check_floatingip_update(context,
port,
vport_type=constants.HOST_VPORT,
vport_id=resp['vport_id'])
return self._make_vport_dict(resp, context=context)
def create_nuage_external_security_group(self, context,
nuage_external_security_group):
external_sg = nuage_external_security_group[
'nuage_external_security_group']
subnet_id = external_sg.get('subnet_id')
router_id = external_sg.get('router_id')
if not subnet_id and not router_id:
msg = _("Either router_id or subnet_id must be specified")
raise n_exc.BadRequest(resource='nuage_external_security_group',
msg=msg)
domain_type = None
domain_id = None
external_id = None
if subnet_id:
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, subnet_id)
if subnet_mapping and self._is_l2(subnet_mapping):
domain_type = vsd_constants.L2DOMAIN
domain_id = subnet_mapping['nuage_subnet_id']
external_id = subnet_id
else:
msg = _("VSD L2Domain not found for subnet %s") % subnet_id
raise n_exc.BadRequest(
resource='nuage_external_security_group', msg=msg)
elif router_id:
nuage_router = self.vsdclient.get_l3domain_by_external_id(
router_id)
if nuage_router:
domain_type = vsd_constants.DOMAIN
domain_id = nuage_router['ID']
external_id = router_id
else:
msg = _("VSD domain not found for router %s") % router_id
raise n_exc.BadRequest(
resource='nuage_external_security_group', msg=msg)
pg_data = {
'name': external_sg.get('name'),
'description': external_sg.get('description'),
'EVPNCommunityTag': external_sg.get('extended_community_id'),
'externalID': cms_id_helper.get_vsd_external_id(external_id),
'type': constants.SOFTWARE,
'external': 'true'
}
ext_pg = self.vsdclient.create_policygroup(domain_type, domain_id,
pg_data)
return self._make_external_security_group_dict(ext_pg, context=context)
def _delete_port_redirect_target_bindings(self, context, port_id):
port = self.core_plugin.get_port(context, port_id)
subnet_id = port['fixed_ips'][0]['subnet_id']
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, subnet_id)
if subnet_mapping:
l2dom_id, l3dom_id = get_l2_and_l3_sub_id(subnet_mapping)
params = {
'neutron_port_id': port_id,
'l2dom_id': l2dom_id,
'l3dom_id': l3dom_id
}
self.vsdclient.delete_port_redirect_target_bindings(params)
def _validate_vmports_same_netpartition(self, core_plugin, db_context,
current_port, np_id):
filters = {'device_id': [current_port['device_id']]}
ports = core_plugin.get_ports(db_context, filters)
for port in ports:
if port['id'] == current_port['id']:
continue
subnet_id = port['fixed_ips'][0]['subnet_id']
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(db_context.session,
subnet_id)
if subnet_mapping and subnet_mapping['net_partition_id'] != np_id:
msg = ("VM with ports belonging to subnets across "
"enterprises is not allowed in VSP")
raise NuageBadRequest(msg=msg)
def create_nuage_redirect_target_vip(self, context,
nuage_redirect_target_vip):
redirect_target = nuage_redirect_target_vip[
'nuage_redirect_target_vip']
nuage_redirect_target = self.get_nuage_redirect_target(
context, redirect_target['redirect_target_id'])
subnet_id = redirect_target.get('subnet_id')
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, subnet_id)
vip = redirect_target.get('virtual_ip_address')
self._validate_create_redirect_target_vip(context,
nuage_redirect_target,
subnet_mapping, vip)
with context.session.begin(subtransactions=True):
# Port has no 'tenant-id', as it is hidden from user
subnet = self.core_plugin.get_subnet(context, subnet_id)
network_id = subnet['network_id']
fixed_ips = {'ip_address': vip}
vip_port = self.core_plugin.create_port(
context, {
'port': {
'tenant_id': redirect_target['tenant_id'],
'network_id': network_id,
'mac_address': attributes.ATTR_NOT_SPECIFIED,
'fixed_ips': [fixed_ips],
'device_id': '',
'device_owner': constants.DEVICE_OWNER_VIP_NUAGE,
'admin_state_up': True,
'name': ''
}
})
if not vip_port['fixed_ips']:
self.core_plugin.delete_port(context, vip_port['id'])
msg = ('No IPs available for VIP %s') % network_id
raise n_exc.BadRequest(resource='nuage-redirect-target',
msg=msg)
vip_resp = self.nuageclient.create_virtual_ip(
redirect_target['redirect_target_id'],
redirect_target['virtual_ip_address'])
self.core_plugin.update_port(
context, vip_port['id'],
{'port': {
'device_id': redirect_target['redirect_target_id']
}})
return self._make_redirect_target_vip_dict(vip_resp[3][0],
context=context)
def post_port_delete(self, resource, event, trigger, **kwargs):
port = kwargs['port']
if (port.get(portbindings.VNIC_TYPE, "")
not in self._supported_vnic_types()):
return
context = kwargs['context']
subnet_id = port['fixed_ips'][0]['subnet_id']
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, subnet_id)
if self._is_vsd_mgd(subnet_mapping):
return
securitygroups = port.get(ext_sg.SECURITYGROUPS, [])
self.client.check_unused_policygroups(securitygroups,
sg_type=constants.HARDWARE)
def update_network(self, db_context, original, updated):
if original.get('qos_policy_id') == updated.get('qos_policy_id'):
# No update needed
return
if not self._network_supports_qos(updated):
return
subnets = self._mech_driver.core_plugin.get_subnets(
db_context,
filters={'network_id': [updated['id']]})
vsd_qos_options = self._get_vsd_qos_options(
db_context, updated['qos_policy_id'])
# Do not process ipv4, ipv6 subnets for same vsd subnet twice
vsd_subnets = []
domain_adv_fwd_mapping = collections.defaultdict(dict)
for subnet in subnets:
# Call mech driver to update qos at l2domain/l3subnet
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(db_context.session,
subnet['id'])
if (not subnet_mapping or
subnet_mapping['nuage_subnet_id'] in vsd_subnets):
pass
self._vsdclient.create_update_qos(
parent_type=self._get_parent_type(subnet_mapping),
parent_id=subnet_mapping['nuage_subnet_id'],
qos_policy_id=updated['qos_policy_id'],
qos_policy_options=vsd_qos_options['bandwidth_options'],
original_qos_policy_id=original['qos_policy_id'])
# DSCP marking
vsd_subnet = self._mech_driver._find_vsd_subnet(db_context,
subnet_mapping)
domain_type, domain_id = (
self._mech_driver._get_domain_type_id_from_vsd_subnet(
self._vsdclient, vsd_subnet))
self._vsdclient.create_update_dscp_marking_subnet(
domain_type=domain_type,
domain_id=domain_id,
vsd_subnet=vsd_subnet,
domain_adv_fwd_mapping=domain_adv_fwd_mapping,
qos_policy_id=updated['qos_policy_id'],
dscp_mark=vsd_qos_options['dscp_options'].get('dscp_mark'),
original_qos_policy_id=original['qos_policy_id'])
vsd_subnets.append(subnet_mapping['nuage_subnet_id'])
def create_nuage_external_security_group(self, context,
nuage_external_security_group):
external_sg = nuage_external_security_group[
'nuage_external_security_group']
subnet_id = external_sg.get('subnet_id')
router_id = external_sg.get('router_id')
if not subnet_id and not router_id:
msg = _("Either router_id or subnet_id must be specified")
raise n_exc.BadRequest(resource='nuage_external_security_group',
msg=msg)
l2dom_id = None
l3dom_id = None
external_id = None
if subnet_id:
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, subnet_id)
if subnet_mapping and self._is_l2(subnet_mapping):
l2dom_id = subnet_mapping['nuage_subnet_id']
external_id = subnet_id
if not l2dom_id:
msg = _("VSD L2Domain not found for subnet %s") % subnet_id
raise n_exc.BadRequest(
resource='nuage_external_security_group', msg=msg)
elif router_id:
nuage_router = self.vsdclient.get_router_by_external(router_id)
if nuage_router:
l3dom_id = nuage_router['ID']
external_id = router_id
if not l3dom_id:
msg = _("VSD domain not found for router %s") % router_id
raise n_exc.BadRequest(
resource='nuage_external_security_group', msg=msg)
params = {
'l2dom_id': l2dom_id,
'l3dom_id': l3dom_id,
'name': external_sg.get('name'),
'description': external_sg.get('description'),
'extended_community': external_sg.get('extended_community_id'),
'externalID': external_id
}
ext_sg_resp = (
self.vsdclient.create_nuage_external_security_group(params))
return self._make_external_security_group_dict(ext_sg_resp[0],
context=context)
def _process_allowed_address_pairs(self, context, port, vport,
create=False, delete_addr_pairs=None):
subnet_id = port['fixed_ips'][0]['subnet_id']
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(context.session,
subnet_id)
# Sanitize out single ip CIDR VIPS (eg. /32)
# copy port to not influence original object
port = copy.deepcopy(port)
self._sanitize_single_ip_cidr(port.get(addr_pair.ADDRESS_PAIRS))
self._sanitize_single_ip_cidr(delete_addr_pairs)
if subnet_mapping:
if vport:
if create:
self._create_vips(context, subnet_mapping, port, vport)
else:
self._update_vips(context, subnet_mapping,
port, vport, delete_addr_pairs)
def get_logical_port_subnet_mapping(self, context, port_info):
l2dom_id = None
l3domain_id = None
l3subnet_id = None
subnet_mapping = nuagedb.get_subnet_l2dom_by_id(
context.session, port_info['fixed_ips'][0]['subnet_id'])
if subnet_mapping:
if self._is_l2(subnet_mapping):
l2dom_id = subnet_mapping['nuage_subnet_id']
else:
l3subnet_id = subnet_mapping['nuage_subnet_id']
l3domain_id = self.vsdclient.get_nuage_domain_id_from_subnet(
l3subnet_id)
else:
msg = ('Cannot find subnet mapping for'
' the port-id %s ' % port_info['id'])
raise nuage_exc.NuageBadRequest(msg=msg)
return l2dom_id, l3domain_id, l3subnet_id
