def _assure_l7policies_created(self, service):
if 'l7policies' not in service:
return
listener_policy_map = dict()
bigips = self.driver.get_config_bigips()
lbaas_service = LbaasServiceObject(service)
service['irules'] = dict()
l7policies = service['l7policies']
LOG.debug("L7 debug: processing policies: %s", l7policies)
for l7policy in l7policies:
LOG.debug("L7 debug: assuring policy: %s", l7policy)
name = l7policy.get('name', None)
if not self.esd.is_esd(name):
listener_id = l7policy.get('listener_id', None)
if not listener_id or listener_id in listener_policy_map:
LOG.debug("L7 debug: listener policies already added: %s",
listener_id)
continue
listener_policy_map[listener_id] = \
self.l7service.build_policy(l7policy, lbaas_service)
for listener_id, policy in listener_policy_map.items():
error = False
if policy['f5_policy'].get('rules', list()):
error = self.l7service.create_l7policy(policy['f5_policy'],
bigips)
if policy.get('iRules'):
error = self.l7service.create_irule(policy['iRules'], bigips)
for p in service['l7policies']:
if error:
self._set_status_as_error(p)
loadbalancer = service.get('loadbalancer', {})
if not error:
listener = lbaas_service.get_listener(listener_id)
if listener:
listener['f5_policy'] = policy['f5_policy']
service['irules'][listener_id] = policy.get('iRules')
else:
loadbalancer['provisioning_status'] = \
constants_v2.F5_ERROR
def _assure_l7policies_created(self, service):
if 'l7policies' not in service:
return
listener_policy_map = dict()
bigips = self.driver.get_config_bigips()
lbaas_service = LbaasServiceObject(service)
l7policies = service['l7policies']
LOG.debug("L7 debug: processing policies: %s", l7policies)
for l7policy in l7policies:
LOG.debug("L7 debug: assuring policy: %s", l7policy)
name = l7policy.get('name', None)
if not self.esd.is_esd(name):
listener_id = l7policy.get('listener_id', None)
if not listener_id or listener_id in listener_policy_map:
LOG.debug(
"L7 debug: listener policies already added: %s",
listener_id)
continue
listener_policy_map[listener_id] = \
self.l7service.build_policy(l7policy, lbaas_service)
for listener_id, policy in listener_policy_map.items():
error = False
if policy['f5_policy'].get('rules', list()):
error = self.l7service.create_l7policy(
policy['f5_policy'], bigips)
for p in service['l7policies']:
if self._is_not_pending_delete(p):
if not error:
self._set_status_as_active(p, force=True)
else:
self._set_status_as_error(p)
loadbalancer = service.get('loadbalancer', {})
if not error:
listener = lbaas_service.get_listener(listener_id)
if listener:
listener['f5_policy'] = policy['f5_policy']
else:
loadbalancer['provisioning_status'] = \
constants_v2.F5_ERROR
def create_l7policy(self, l7policy, service_object, bigips):
LOG.debug("L7PolicyService: create_l7policy")
stack = []
event = 'CREATE_L7POLICY'
lbaas_service = LbaasServiceObject(service_object)
if l7policy['listener_id']:
# add L7 policy to virtual server
listener = lbaas_service.get_listener(l7policy['listener_id'])
listener_adapter = ListenerAdapter(self.conf)
f5_vs = listener_adapter.translate(lbaas_service,
listener,
l7policy=l7policy)
stack.append(VirtualServerBuilder(event, f5_vs))
# create L7 policy
try:
l7policy_adapter = L7PolicyServiceAdapter(self.conf)
policies = self.build_policy(l7policy, lbaas_service)
if policies['l7policies']:
f5_l7policy = l7policy_adapter.translate(policies)
stack.append(L7PolicyBuilder(event, f5_l7policy))
else:
# empty policy -- delete wrapper policy on BIG-IPs
self.delete_l7policy(l7policy, service_object, bigips)
return
except PolicyHasNoRules as exc:
# For OpenStack, creating policies and rules are independent
# commands, so this exception is valid. Delete policy because
# it has no rules.
LOG.debug(exc.message)
self.delete_l7policy(l7policy, service_object, bigips)
return
except Exception:
import traceback
LOG.error(traceback.format_exc())
raise
self._process_stack(stack, bigips)
def delete_l7policy(self, l7policy, service_object, bigips):
LOG.debug("L7PolicyService:delete_l7policy")
stack = []
event = 'DELETE_L7POLICY'
lbaas_service = LbaasServiceObject(service_object)
# only need name/partition for delete
l7policy_adapter = L7PolicyServiceAdapter(self.conf)
f5_l7policy = l7policy_adapter.translate_name(l7policy)
stack.append(L7PolicyBuilder(event, f5_l7policy))
if l7policy['listener_id']:
# remove L7 policy from virtual server
listener = lbaas_service.get_listener(l7policy['listener_id'])
listener_adapter = ListenerAdapter(self.conf)
f5_vs = listener_adapter.translate(
lbaas_service, listener, l7policy=l7policy)
stack.append(VirtualServerBuilder(event, f5_vs))
self._process_stack(stack, bigips)
def create_l7policy(self, l7policy, service_object, bigips):
LOG.debug("L7PolicyService: create_l7policy")
stack = []
event = 'CREATE_L7POLICY'
lbaas_service = LbaasServiceObject(service_object)
if l7policy['listener_id']:
# add L7 policy to virtual server
listener = lbaas_service.get_listener(l7policy['listener_id'])
listener_adapter = ListenerAdapter(self.conf)
f5_vs = listener_adapter.translate(
lbaas_service, listener, l7policy=l7policy)
stack.append(VirtualServerBuilder(event, f5_vs))
# create L7 policy
try:
l7policy_adapter = L7PolicyServiceAdapter(self.conf)
policies = self.build_policy(l7policy, lbaas_service)
if policies['l7policies']:
f5_l7policy = l7policy_adapter.translate(policies)
stack.append(L7PolicyBuilder(event, f5_l7policy))
else:
# empty policy -- delete wrapper policy on BIG-IPs
self.delete_l7policy(l7policy, service_object, bigips)
return
except PolicyHasNoRules as exc:
# For OpenStack, creating policies and rules are independent
# commands, so this exception is valid. Delete policy because
# it has no rules.
LOG.debug(exc.message)
self.delete_l7policy(l7policy, service_object, bigips)
return
except Exception:
import traceback
LOG.error(traceback.format_exc())
raise
self._process_stack(stack, bigips)
def delete_l7policy(self, l7policy, service_object, bigips):
LOG.debug("L7PolicyService:delete_l7policy")
stack = []
event = 'DELETE_L7POLICY'
lbaas_service = LbaasServiceObject(service_object)
# only need name/partition for delete
l7policy_adapter = L7PolicyServiceAdapter(self.conf)
f5_l7policy = l7policy_adapter.translate_name(l7policy)
stack.append(L7PolicyBuilder(event, f5_l7policy))
if l7policy['listener_id']:
# remove L7 policy from virtual server
listener = lbaas_service.get_listener(l7policy['listener_id'])
listener_adapter = ListenerAdapter(self.conf)
f5_vs = listener_adapter.translate(lbaas_service,
listener,
l7policy=l7policy)
stack.append(VirtualServerBuilder(event, f5_vs))
self._process_stack(stack, bigips)