def _provision_cluster(self):
# Pre creating default project before namespace add event.
proj_obj = self._create_project('default')
# Create application policy set for the cluster project.
VncSecurityPolicy.create_application_policy_set(
vnc_kube_config.application_policy_set_name())
# Allocate fabric snat port translation pools.
self._allocate_fabric_snat_port_translation_pools()
ip_fabric_fq_name = vnc_kube_config.cluster_ip_fabric_network_fq_name()
ip_fabric_vn_obj = self.vnc_lib. \
virtual_network_read(fq_name=ip_fabric_fq_name)
cluster_vn_obj = None
if DBBaseKM.is_nested():
try:
cluster_vn_obj = self.vnc_lib.virtual_network_read(
fq_name=vnc_kube_config.cluster_default_network_fq_name())
except NoIdError:
pass
# Pre creating kube-system project before namespace add event.
self._create_project('kube-system')
# Create ip-fabric IPAM.
ipam_name = vnc_kube_config.cluster_name() + '-ip-fabric-ipam'
ip_fabric_ipam_update, ip_fabric_ipam_obj, ip_fabric_ipam_subnets = \
self._create_ipam(ipam_name, self.args.ip_fabric_subnets, proj_obj)
self._cluster_ip_fabric_ipam_fq_name = ip_fabric_ipam_obj.get_fq_name()
# Create Pod IPAM.
ipam_name = vnc_kube_config.cluster_name() + '-pod-ipam'
pod_ipam_update, pod_ipam_obj, pod_ipam_subnets = \
self._create_ipam(ipam_name, self.args.pod_subnets, proj_obj)
# Cache cluster pod ipam name.
# This will be referenced by ALL pods that are spawned in the cluster.
self._cluster_pod_ipam_fq_name = pod_ipam_obj.get_fq_name()
# Create a cluster-pod-network.
if self.args.ip_fabric_forwarding:
cluster_pod_vn_obj = self._create_network(
vnc_kube_config.cluster_default_pod_network_name(),
'pod-network', proj_obj, ip_fabric_ipam_obj,
ip_fabric_ipam_update, ip_fabric_vn_obj)
else:
cluster_pod_vn_obj = self._create_network(
vnc_kube_config.cluster_default_pod_network_name(),
'pod-network', proj_obj, pod_ipam_obj, pod_ipam_update,
ip_fabric_vn_obj)
# Create Service IPAM.
ipam_name = vnc_kube_config.cluster_name() + '-service-ipam'
service_ipam_update, service_ipam_obj, service_ipam_subnets = \
self._create_ipam(ipam_name, self.args.service_subnets, proj_obj)
self._cluster_service_ipam_fq_name = service_ipam_obj.get_fq_name()
# Create a cluster-service-network.
cluster_service_vn_obj = self._create_network(
vnc_kube_config.cluster_default_service_network_name(),
'service-network', proj_obj, service_ipam_obj, service_ipam_update)
self._create_attach_policy(proj_obj, ip_fabric_vn_obj,
cluster_pod_vn_obj, cluster_service_vn_obj,
cluster_vn_obj)
def _get_host_vm(host_ip):
iip = InstanceIpKM.get_object(
host_ip, vnc_kube_config.cluster_default_network_fq_name())
if iip:
for vmi_id in iip.virtual_machine_interfaces:
vm_vmi = VirtualMachineInterfaceKM.get(vmi_id)
if vm_vmi and vm_vmi.virtual_machine:
return vm_vmi.virtual_machine
return None
def _get_host_vm(host_ip):
iip = InstanceIpKM.get_object(
host_ip, vnc_kube_config.cluster_default_network_fq_name())
if iip:
for vmi_id in iip.virtual_machine_interfaces:
vm_vmi = VirtualMachineInterfaceKM.get(vmi_id)
if vm_vmi and vm_vmi.virtual_machine:
return vm_vmi.virtual_machine
return None
def _get_host_vmi(self, pod_name):
host_ip = self._get_host_ip(pod_name)
if host_ip:
net_fq_name = vnc_kube_config.cluster_default_network_fq_name()
iip = InstanceIpKM.get_object(host_ip, net_fq_name)
if iip:
for vmi_id in iip.virtual_machine_interfaces:
vm_vmi = VirtualMachineInterfaceKM.get(vmi_id)
if vm_vmi and vm_vmi.host_id:
return vm_vmi
return None
def _get_host_vmi(self, pod_name):
host_ip = self._get_host_ip(pod_name)
if host_ip:
net_fq_name = vnc_kube_config.cluster_default_network_fq_name()
iip = InstanceIpKM.get_object(host_ip, net_fq_name)
if iip:
for vmi_id in iip.virtual_machine_interfaces:
vm_vmi = VirtualMachineInterfaceKM.get(vmi_id)
if vm_vmi and vm_vmi.host_id:
return vm_vmi
return None
def _get_network(self, pod_id, pod_name, pod_namespace):
"""
Get virtual network to be associated with the pod.
The heuristics to determine which virtual network to use for the pod
is as follows:
if (virtual network is annotated in the pod config):
Use virtual network configured on the pod.
else if (virtual network if annotated in the pod's namespace):
Use virtual network configured on the namespace.
else if (pod is in a isolated namespace):
Use the virtual network associated with isolated namespace.
else:
Use the pod virtual network associated with kubernetes cluster.
"""
# Check for virtual-network configured on the pod.
pod = PodKM.find_by_name_or_uuid(pod_id)
if not pod:
self._logger.notice("%s - Pod %s:%s:%s Not Found"
"(Might Got Delete Event From K8s)"
%(self._name, pod_namespace, pod_name, pod_id))
return
vn_fq_name = pod.get_vn_fq_name()
ns = self._get_namespace(pod_namespace)
# FIXME: Check if ns is not None
# Check of virtual network configured on the namespace.
if not vn_fq_name:
vn_fq_name = ns.get_annotated_network_fq_name()
# If the pod's namespace is isolated, use the isolated virtual
# network.
if not vn_fq_name:
if self._is_pod_network_isolated(pod_namespace):
vn_fq_name = ns.get_isolated_network_fq_name()
# Finally, if no network was found, default to the cluster
# pod network.
if not vn_fq_name:
vn_fq_name = vnc_kube_config.cluster_default_network_fq_name()
vn_obj = self._vnc_lib.virtual_network_read(fq_name=vn_fq_name)
return vn_obj
def _get_network(self, pod_id, pod_name, pod_namespace):
"""
Get virtual network to be associated with the pod.
The heuristics to determine which virtual network to use for the pod
is as follows:
if (virtual network is annotated in the pod config):
Use virtual network configured on the pod.
else if (virtual network if annotated in the pod's namespace):
Use virtual network configured on the namespace.
else if (pod is in a isolated namespace):
Use the virtual network associated with isolated namespace.
else:
Use the pod virtual network associated with kubernetes cluster.
"""
# Check for virtual-network configured on the pod.
pod = PodKM.find_by_name_or_uuid(pod_id)
if not pod:
self._logger.notice("%s - Pod %s:%s:%s Not Found"
"(Might Got Delete Event From K8s)" %
(self._name, pod_namespace, pod_name, pod_id))
return
vn_fq_name = pod.get_vn_fq_name()
ns = self._get_namespace(pod_namespace)
# FIXME: Check if ns is not None
# Check of virtual network configured on the namespace.
if not vn_fq_name:
vn_fq_name = ns.get_annotated_network_fq_name()
# If the pod's namespace is isolated, use the isolated virtual
# network.
if not vn_fq_name:
if self._is_pod_network_isolated(pod_namespace):
vn_fq_name = ns.get_isolated_network_fq_name()
# Finally, if no network was found, default to the cluster
# pod network.
if not vn_fq_name:
vn_fq_name = vnc_kube_config.cluster_default_network_fq_name()
vn_obj = self._vnc_lib.virtual_network_read(fq_name=vn_fq_name)
return vn_obj
def setUp(self, *args, **kwargs):
super(VncEndpointsNestedTest, self).setUp(*args, **kwargs)
self.default_vn = self._vnc_lib.virtual_network_read(
fq_name=VncKubernetesConfig.cluster_default_network_fq_name())
def setUp(self, *args, **kwargs):
super(VncEndpointsNestedTest, self).setUp(*args, **kwargs)
self.default_vn = self._vnc_lib.virtual_network_read(
fq_name=VncKubernetesConfig.cluster_default_network_fq_name())
