def create_router(self, host, username, password, rbridge_id, router_id):
"""create vrf and associate vrf."""
router_id = router_id[0:11]
vrf_name = template.OS_VRF_NAME.format(id=router_id)
rd = router_id + ":" + router_id
try:
mgr = self.connect(host, username, password)
self.create_vrf(mgr, rbridge_id, vrf_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
try:
# For Nos5.0.0
self.configure_rd_for_vrf(mgr, rbridge_id, vrf_name, rd)
self.configure_address_family_for_vrf(mgr, rbridge_id, vrf_name)
except Exception:
with excutils.save_and_reraise_exception() as ctxt:
try:
# This is done because on 4.0.0 rd doesnt accept alpha
# character nor hyphen
rd = "".join(i for i in router_id if i in "0123456789")
rd = rd[:4] + ":" + rd[:4]
self.configure_rd_for_vrf(mgr, rbridge_id, vrf_name, rd)
self.configure_address_family_for_vrf_v1(
mgr, rbridge_id, vrf_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
ctxt.reraise = False
def create_router(self, rbridge_id, router_id):
"""create vrf NOS"""
if not utils.is_vrf_required():
LOG.warning(
_LW("not requested to created vrf there will"
"no L5 traffic isolation and no overlapping IP"
"supported"))
return
vrf_name = template.OS_VRF_NAME.format(id=router_id)
vrf_name = vrf_name[:32]
# This is done because on 4.0.0 rd doesnt accept
# alpha character nor hyphen
rd = "".join(i for i in router_id if i in "0123456789")
rd = rd[:4] + ":" + rd[:4]
try:
self.create_vrf(rbridge_id, vrf_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
try:
self.configure_rd_for_vrf(rbridge_id, vrf_name, rd)
self.configure_address_family_for_vrf(rbridge_id, vrf_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def create_network_postcommit(self, mech_context):
"""Create VLAN on the switch.
:param:mech_context: Details about the network to be created
:raise: Exception
"""
LOG.debug("create_network_postcommit: called")
network = mech_context.current
network_id = network['id']
tenant_id = network['tenant_id']
segments = mech_context.network_segments
network_type = segments[0]['network_type']
vlan_id = segments[0]['segmentation_id']
physical_network = segments[0]['physical_network']
if physical_network not in self._physical_networks:
LOG.info(_LI("BrocadeFiNiMechanism: Ignoring request to create "
"network. Network cannot be created in the "
"configured physical network %(physnet)s"),
{'physnet': physical_network})
return
if network_type != 'vlan':
LOG.info(_LI("BrocadeFiNiMechanism: Ignoring request to create "
"network for network type %(nw_type)s. Only type "
"vlan is supported"), {'nw_type': network_type})
return
try:
devices = self._physical_networks.get(physical_network)
for device in devices:
device_info = self._devices.get(device)
address = device_info.get('address')
driver = None
try:
driver = self._get_driver(device)
except Exception as e:
LOG.exception(_LE("BrocadeFiNiMechanism: create_network"
"_postcommit failed while configuring "
"device %(host)s exception=%(error)s"),
{'host': address,
'error': e.args})
raise ml2_exc.MechanismDriverError(method='create_network_'
'postcommit')
# Proceed only if the driver is not None
if driver is not None:
driver.create_network(
vlan_id,
device_info.get("ports").split(","))
except Exception as e:
LOG.exception(
_LE("Brocade FI/NI driver: create_network_postcommit failed"
"Error = %(error)s"), {'error': e.args})
raise ml2_exc.MechanismDriverError(method='create_network_postcomm'
'it')
LOG.info(_LI("BrocadeFiNiMechanism:created_network_postcommit: "
"%(network_id)s of network type = %(network_type)s with "
"vlan = %(vlan_id)s for tenant %(tenant_id)s"),
{'network_id': network_id,
'network_type': network_type,
'vlan_id': vlan_id,
'tenant_id': tenant_id})
def create_router(self, host, username, password, rbridge_id, router_id):
"""create vrf and associate vrf."""
router_id = router_id[0:11]
vrf_name = template.OS_VRF_NAME.format(id=router_id)
rd = "".join(i for i in router_id if i in "0123456789")
rd = rd[:4] + ":" + rd[:4]
try:
mgr = self.connect(host, username, password)
self.create_vrf(mgr, rbridge_id, vrf_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
try:
# For Nos5.0.0
self.configure_rd_for_vrf(mgr, rbridge_id, vrf_name, rd)
self.configure_address_family_for_vrf(mgr, rbridge_id, vrf_name)
except Exception:
with excutils.save_and_reraise_exception() as ctxt:
try:
# This is done because on 4.0.0 rd doesnt accept alpha
# character nor hyphen
rd = "".join(i for i in router_id if i in "0123456789")
rd = rd[:4] + ":" + rd[:4]
self.configure_rd_for_vrf(mgr, rbridge_id, vrf_name, rd)
self.configure_address_family_for_vrf_v1(mgr,
rbridge_id,
vrf_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
ctxt.reraise = False
def update_router(self, rbridge_id, router_id, added, removed):
"""update router"""
LOG.info(_LI("Inside update_router before sending to switch"))
if added is None:
LOG.info(_LI("Added is None"))
if removed is None:
LOG.info(_LI("Removed is None"))
if not utils.is_vrf_required():
""" Configure the static route at the rbridge mode"""
try:
if added is not None:
LOG.info(_LI("Adding new route"))
for route in added:
self.configure_static_route(rbridge_id,
route['destination'],
route['nexthop'])
if removed is not None:
LOG.info(_LI("Deleting new route"))
for route in removed:
self.delete_static_route(rbridge_id,
route['destination'],
route['nexthop'])
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.exception(
_LE("Failed to create static route %s"), str(e))
else:
""" config the static route in for the VRF"""
vrf_name = template.OS_VRF_NAME.format(id=router_id)
vrf_name = vrf_name[:32]
try:
if added is not None:
LOG.info(_LI("Adding new route with VRF %s"), vrf_name)
for route in added:
self.configure_vrf_static_route(rbridge_id,
vrf_name,
route['destination'],
route['nexthop'])
if removed is not None:
LOG.info(_LI("Deleting new route from vrf %s"), vrf_name)
for route in removed:
self.delete_vrf_static_route(rbridge_id,
vrf_name,
route['destination'],
route['nexthop'])
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.exception(
_LE("Failed to create static route %s"), str(e))
def update_router(self, rbridge_id, router_id, added, removed):
"""update router"""
LOG.info(_LI("Inside update_router before sending to switch"))
if added is None:
LOG.info(_LI("Added is None"))
if removed is None:
LOG.info(_LI("Removed is None"))
if not utils.is_vrf_required():
""" Configure the static route at the rbridge mode"""
try:
if added is not None:
LOG.info(_LI("Adding new route"))
for route in added:
self.configure_static_route(rbridge_id,
route['destination'],
route['nexthop'])
if removed is not None:
LOG.info(_LI("Deleting new route"))
for route in removed:
self.delete_static_route(rbridge_id,
route['destination'],
route['nexthop'])
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("Failed to create static route %s"),
str(e))
else:
""" config the static route in for the VRF"""
vrf_name = template.OS_VRF_NAME.format(id=router_id)
vrf_name = vrf_name[:32]
try:
if added is not None:
LOG.info(_LI("Adding new route with VRF %s"), vrf_name)
for route in added:
self.configure_vrf_static_route(
rbridge_id, vrf_name, route['destination'],
route['nexthop'])
if removed is not None:
LOG.info(_LI("Deleting new route from vrf %s"), vrf_name)
for route in removed:
self.delete_vrf_static_route(rbridge_id, vrf_name,
route['destination'],
route['nexthop'])
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("Failed to create static route %s"),
str(e))
def _invoke_driver_for_plugin_api(self, context, fw, func_name):
"""Invoke driver method for plugin API and provide status back."""
LOG.debug("%(func_name)s from agent for fw: %(fwid)s", {
'func_name': func_name,
'fwid': fw['id']
})
try:
routers = self._get_routers(context)
router_info_list = self._get_router_info_list_for_tenant(
routers, fw['tenant_id'])
if not router_info_list and func_name != 'delete_firewall':
LOG.debug('No Routers on tenant: %s', fw['tenant_id'])
# fw was created before any routers were added, and if a
# delete is sent then we need to ack so that plugin can
# cleanup.
return
elif not self._is_interface_present_added_to_routers(
router_info_list) and func_name != 'delete_firewall':
LOG.debug('No Router interface')
return
LOG.debug("Apply fw on Router List: '%s'",
[ri.router['id'] for ri in router_info_list])
# call into the driver
try:
self._fwaas_driver.__getattribute__(func_name)(
router_info_list, fw)
if func_name != "delete_firewall":
self.endpoints[0].set_firewall_status(
context, fw['id'], const.ACTIVE)
except Exception as e:
LOG.error(_LE("Exception %s"), e)
LOG.error(
_LE("Firewall Driver Error for %(func_name)s "
"for fw: %(fwid)s"), {
'func_name': func_name,
'fwid': fw['id']
})
raise e
except Exception as e:
LOG.exception(
_LE("FWaaS RPC failure in %(func_name)s for fw: %(fwid)s"), {
'func_name': func_name,
'fwid': fw['id']
})
raise e
return
def remove_policy_on_interface(self, rbridge_id, vlan_id, name, direction):
"""provision Acl Policy on VE"""
try:
self.remove_acl_on_svi(rbridge_id, vlan_id, name, direction)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def delete_policy(self, rbridge_id, policy_name):
"""Remove Acl Policy From VDX"""
try:
self.delete_acl(rbridge_id, policy_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def create_acl_rule(self, acl):
"""Remove Acl Policy From VDX"""
try:
self.create_rule(acl)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def create_policy(self, policy_name):
"""Remove Acl Policy From VDX"""
try:
self.create_acl(policy_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def configure_vrrp_group(self, rbridge_id, vlan_id, vrid, version):
"""config vrrp virtual ip on svi"""
try:
self.create_vrrp_group(rbridge_id, vlan_id, vrid, version)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def configure_protocol_vrrp(self, rbridge_id):
"""enable protocol vrrp """
try:
self.enable_protocol_vrrp(rbridge_id)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def connect(self):
"""
Connect to the device
"""
try:
self.connector = paramiko.SSHClient()
self.connector.set_missing_host_key_policy(
paramiko.AutoAddPolicy())
self.connector.connect(hostname=self.host,
username=self.username,
password=self.password)
self.channel = self.connector.invoke_shell()
self.channel.settimeout(TIMEOUT)
self.channel_data = str()
self._enter_prompt(False)
except Exception as e:
LOG.exception(
_LE("Connect failed to switch %(host)s with error"
" %(error)s"), {
'host': self.host,
'error': e.args
})
raise Exception(_("Connection Failed"))
def _get_driver(self, device):
"""
Gets the driver based on the firmware version of the device.
:param:device: Contains device name
:raises: Exception
"""
driver = self._driver_map.get(device)
if driver is None:
driver_factory = importutils.import_object(DRIVER_FACTORY)
device_info = self._devices.get(device)
address = device_info.get('address')
os_type = device_info.get('ostype')
try:
driver = driver_factory.get_driver(device_info)
if driver is not None and os_type in ROUTER_DEVICE_TYPE:
self._driver_map.update({device: driver})
except Exception as e:
LOG.exception(
_LE("BrocadeRouterPlugin:"
"_filter_router_devices: Error while getting"
" driver : device - %(host)s: %(error)s"), {
'host': address,
'error': e.args
})
raise Exception(
_("BrocadeRouterPlugin:"
"_filter_router_devices failed for "
"device %(host)s"), {'host': address})
return driver
def delete_network(self, net_id):
"""Deletes a virtual network."""
try:
self.delete_vlan_interface(net_id)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def create_network(self, topology, physical_network, net_id):
"""Creates a new virtual network."""
try:
self.create_vlan_interface(net_id)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def _aggregate_nics_to_support_lacp(topology, bond_info):
device_dict = {}
lacp_ports = {}
if not bond_info:
po_lo, po_hi = get_port_channel_lo_hi()
for host_physnet in topology.keys():
if len(topology[host_physnet]) >= 1:
for item in topology[host_physnet]:
if ((not bond_info) and (po_hi >= po_lo)):
lacp_ports.setdefault(po_lo, []).append(item)
LOG.debug("po lo %d po_hi %d", po_lo, po_hi)
elif bond_info:
# only one port-channel
po_lo = bond_info[host_physnet][0]
lacp_ports.setdefault(po_lo, []).append(item)
else:
LOG.error(_LE("exhausted all port-channels increase"
"port-channel range or bond mappings"
" not provided"))
sys.exit(0)
device_dict.setdefault(host_physnet, []).append(("port-channel",
str(po_lo)))
if not bond_info:
po_lo = po_lo + 1
LOG.debug("device_dict %s lacp_ports %s", device_dict, lacp_ports)
return device_dict, lacp_ports
def bind_port(self, context):
port = context.current
vnic_type = port['binding:vnic_type']
LOG.debug("Brcd:Attempting to bind port %(port)s with vnic_type "
"%(vnic_type)s on network %(network)s",
{'port': port['id'], 'vnic_type': vnic_type,
'network': context.network.current['id']})
if baremetal_util.is_baremetal_deploy(port):
segments = context.segments_to_bind
LOG.info(_LI("Segments:%s"), segments)
params = baremetal_util.validate_physical_net_params(context)
try:
# TODO(rmadapur): Handle local_link_info portgroups
for i in params["local_link_information"]:
speed, name = i['port_id']
vlan_id = segments[0][api.SEGMENTATION_ID]
self._driver.configure_native_vlan_on_interface(
speed,
name, vlan_id)
except Exception:
LOG.exception(_LE("Brocade NOS driver:failed to trunk"
" bare metal vlan"))
raise Exception(_("Brocade switch exception:"
" bind_port failed for baremetal"))
context.set_binding(segments[0][api.ID],
portbindings.VIF_TYPE_OTHER, {},
status=n_const.PORT_STATUS_ACTIVE)
def handle_router_interface_add(self, context, svi, tenant_id):
fw_list = self.get_firewalls(context)
for fw in fw_list:
fw = self._make_firewall_dict(fw)
policy_name = utils.get_firewall_object_prefix(fw)
if fw['tenant_id'] == tenant_id and\
fw['status'] == const.ACTIVE:
try:
if not self._fwaas_driver._is_policy_exists(policy_name):
fw_with_rules = (self._make_firewall_dict_with_rules(
context, fw['id']))
self._invoke_driver_for_plugin_api(
context, fw_with_rules, 'update_firewall')
else:
self._fwaas_driver._apply_policy_on_interface(
policy_name, svi)
except Exception as e:
LOG.error(
_LE("Error adding Firewall rule to"
"interface %s "), e)
elif fw['tenant_id'] == tenant_id and\
fw['status'] == const.PENDING_CREATE:
fw_with_rules = (self._make_firewall_dict_with_rules(
context, fw['id']))
self._invoke_driver_for_plugin_api(context, fw_with_rules,
'update_firewall')
self.endpoints[0].set_firewall_status(context, fw['id'],
const.ACTIVE)
def create_network_postcommit(self, mech_context):
"""Create Network on the switch."""
LOG.debug("create_network_postcommit: called")
if self.is_flat_network(mech_context.network_segments[0]):
return
network = mech_context.current
# use network_id to get the network attributes
# ONLY depend on our db for getting back network attributes
# this is so we can replay postcommit from db
context = mech_context._plugin_context
network_id = network['id']
network = brocade_db.get_network(context, network_id)
network['network_type']
network['tenant_id']
vlan_id = network['vlan']
segments = mech_context.network_segments
# currently supports only one segment per network
segment = segments[0]
physical_network = segment['physical_network']
try:
self._driver.create_network(self._device_dict, physical_network,
vlan_id)
except Exception:
LOG.exception(_LE("Brocade NOS driver: failed in create network"))
brocade_db.delete_network(context, network_id)
raise Exception(
_("Brocade Mechanism: create_network_postcommmit failed"))
def handle_router_interface_add(self, context, svi, tenant_id):
fw_list = self.get_firewalls(context)
for fw in fw_list:
fw = self._make_firewall_dict(fw)
policy_name = utils.get_firewall_object_prefix(fw)
if fw['tenant_id'] == tenant_id and\
fw['status'] == const.ACTIVE:
try:
if not self._fwaas_driver._is_policy_exists(policy_name):
fw_with_rules = (
self._make_firewall_dict_with_rules(context,
fw['id']))
self._invoke_driver_for_plugin_api(context,
fw_with_rules,
'update_firewall')
else:
self._fwaas_driver._apply_policy_on_interface(
policy_name, svi)
except Exception as e:
LOG.error(_LE("Error adding Firewall rule to"
"interface %s "), e)
elif fw['tenant_id'] == tenant_id and\
fw['status'] == const.PENDING_CREATE:
fw_with_rules = (
self._make_firewall_dict_with_rules(context, fw['id']))
self._invoke_driver_for_plugin_api(context, fw_with_rules,
'update_firewall')
self.endpoints[0].set_firewall_status(context, fw['id'],
const.ACTIVE)
def delete_network(self, net_id):
"""Deletes a virtual network."""
try:
self.delete_vlan_interface(net_id)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def create_acl_rule(self, acl):
"""Remove Acl Policy From VDX"""
try:
self.create_rule(acl)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def _aggregate_nics_to_support_lacp(topology, bond_info):
device_dict = {}
lacp_ports = {}
if not bond_info:
po_lo, po_hi = get_port_channel_lo_hi()
for host_physnet in topology.keys():
if len(topology[host_physnet]) >= 1:
for item in topology[host_physnet]:
if ((not bond_info) and (po_hi >= po_lo)):
lacp_ports.setdefault(po_lo, []).append(item)
LOG.debug("po lo %d po_hi %d", po_lo, po_hi)
elif bond_info:
# only one port-channel
po_lo = bond_info[host_physnet][0]
lacp_ports.setdefault(po_lo, []).append(item)
else:
LOG.error(_LE("exhausted all port-channels increase"
"port-channel range or bond mappings"
" not provided"))
sys.exit(0)
device_dict.setdefault(host_physnet, []).append(("port-channel",
str(po_lo)))
if not bond_info:
po_lo = po_lo + 1
LOG.debug("device_dict %s lacp_ports %s", device_dict, lacp_ports)
return device_dict, lacp_ports
def _setup_policy(self, apply_list, fw):
# create zones no matter if they exist. Interfaces are added by router
policy_name = utils.get_firewall_object_prefix(fw)
num_seq_id = len(fw['firewall_rule_list']) + len(self._pre_acls) +\
len(self._post_acls)
seq_ids = self.seq_id_bm.get_seq_ids(policy_name, num_seq_id)
index = 0
try:
if not self._driver.is_ip_acl_exists(policy_name):
index = self._config_replay_acls_file(policy_name,
self._pre_acls,
seq_ids, index)
for rule in fw['firewall_rule_list']:
if not rule['enabled']:
continue
if rule['ip_version'] == 4:
self._config_replay_acls(policy_name, rule,
str(seq_ids[index]))
index = index + 1
else:
LOG.warning(_LW("Unsupported IP version rule."))
index = self._config_replay_acls_file(policy_name,
self._post_acls,
seq_ids, index)
self.merge_and_replay_acls(policy_name)
for ri in apply_list:
for svi in ri.router['svis']:
self._apply_policy_on_interface(policy_name, svi)
except Exception as e:
LOG.error(_LE("Error creating ACL policy :Error: %s"), e)
self._clear_policy(apply_list, fw)
raise e
def _get_driver(self, device):
"""
Gets the driver based on the firmware version of the device.
:param:device: Contains device name
:raises: Exception
"""
driver = self._driver_map.get(device)
if driver is None:
driver_factory = importutils.import_object(DRIVER_FACTORY)
device_info = self._devices.get(device)
address = device_info.get('address')
os_type = device_info.get('ostype')
try:
driver = driver_factory.get_driver(device_info)
if driver is not None and os_type in ROUTER_DEVICE_TYPE:
self._driver_map.update({device: driver})
except Exception as e:
LOG.exception(_LE("BrocadeRouterPlugin:"
"_filter_router_devices: Error while getting"
" driver : device - %(host)s: %(error)s"),
{'host': address, 'error': e.args})
raise Exception(_("BrocadeRouterPlugin:"
"_filter_router_devices failed for "
"device %(host)s"), {'host': address})
return driver
def delete_policy(self, rbridge_id, policy_name):
"""Remove Acl Policy From VDX"""
try:
self.delete_acl(rbridge_id, policy_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def create_port_precommit(self, mech_context):
"""Create logical port on the switch (db update)."""
LOG.debug("create_port_precommit: called")
port = mech_context.current
port_id = port['id']
network_id = port['network_id']
tenant_id = port['tenant_id']
admin_state_up = port['admin_state_up']
context = mech_context._plugin_context
network = brocade_db.get_network(context, network_id)
vlan_id = network['vlan']
try:
brocade_db.create_port(context, port_id, network_id,
None,
vlan_id, tenant_id, admin_state_up)
except Exception:
LOG.exception(_LE("Brocade Mechanism: failed to create port"
" in db"))
raise Exception(
_("Brocade Mechanism: create_port_precommit failed"))
def create_network(self, host, username, password, net_id):
"""Creates a new virtual network."""
domain_name = "default"
name = template.OS_PORT_PROFILE_NAME.format(id=net_id)
try:
mgr = self.connect(host, username, password)
self.create_vlan_interface(mgr, net_id)
self.create_port_profile(mgr, name)
if self._pp_domains_supported and self._virtual_fabric_enabled:
self.configure_port_profile_in_domain(mgr, domain_name, name)
self.create_vlan_profile_for_port_profile(mgr, name)
if self._pp_domains_supported:
self.configure_l2_mode_for_vlan_profile_with_domains(mgr, name)
else:
self.configure_l2_mode_for_vlan_profile(mgr, name)
self.configure_trunk_mode_for_vlan_profile(mgr, name)
self.configure_allowed_vlans_for_vlan_profile(mgr, name, net_id)
self.activate_port_profile(mgr, name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
def connect(self, host, username, password):
"""Connect via SSH and initialize the NETCONF session."""
# Use the persisted NETCONF connection
if self.mgr and self.mgr.connected:
return self.mgr
# check if someone forgot to edit the conf file with real values
if host == '':
raise Exception(_("Brocade Switch IP address is not set, "
"check config ml2_conf_brocade.ini file"))
# Open new NETCONF connection
try:
self.mgr = manager.connect(host=host, port=SSH_PORT,
username=username, password=password,
unknown_host_cb=nos_unknown_host_cb)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("Connect failed to switch"))
LOG.debug("Connect success to host %(host)s:%(ssh_port)d",
dict(host=host, ssh_port=SSH_PORT))
return self.mgr
def delete_network_precommit(self, mech_context):
"""Delete Network from the plugin specific database table."""
LOG.debug("delete_network_precommit: called")
network = mech_context.current
network_id = network['id']
vlan_id = network['provider:segmentation_id']
tenant_id = network['tenant_id']
context = mech_context._plugin_context
try:
brocade_db.delete_network(context, network_id)
except Exception:
LOG.exception(
_LE("Brocade Mechanism: failed to delete network in db"))
raise Exception(
_("Brocade Mechanism: delete_network_precommit failed"))
LOG.info(
_LI("delete network (precommit): %(network_id)s"
" with vlan = %(vlan_id)s"
" for tenant %(tenant_id)s"), {
'network_id': network_id,
'vlan_id': vlan_id,
'tenant_id': tenant_id
})
def create_network(self, host, username, password, net_id):
"""Creates a new virtual network."""
domain_name = "default"
name = template.OS_PORT_PROFILE_NAME.format(id=net_id)
try:
mgr = self.connect(host, username, password)
self.create_vlan_interface(mgr, net_id)
self.create_port_profile(mgr, name)
if self._pp_domains_supported and self._virtual_fabric_enabled:
self.configure_port_profile_in_domain(mgr, domain_name, name)
self.create_vlan_profile_for_port_profile(mgr, name)
if self._pp_domains_supported:
self.configure_l2_mode_for_vlan_profile_with_domains(mgr, name)
else:
self.configure_l2_mode_for_vlan_profile(mgr, name)
self.configure_trunk_mode_for_vlan_profile(mgr, name)
self.configure_allowed_vlans_for_vlan_profile(mgr, name, net_id)
self.activate_port_profile(mgr, name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
def connect(self, host, username, password):
"""Connect via SSH and initialize the NETCONF session."""
# Use the persisted NETCONF connection
if self.mgr and self.mgr.connected:
return self.mgr
# check if someone forgot to edit the conf file with real values
if host == '':
raise Exception(
_("Brocade Switch IP address is not set, "
"check config ml2_conf_brocade.ini file"))
# Open new NETCONF connection
try:
self.mgr = manager.connect(host=host,
port=SSH_PORT,
username=username,
password=password,
unknown_host_cb=nos_unknown_host_cb,
hostkey_verify=False,
look_for_keys=False)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("Connect failed to switch"))
LOG.debug("Connect success to host %(host)s:%(ssh_port)d",
dict(host=host, ssh_port=SSH_PORT))
return self.mgr
def create_port_precommit(self, mech_context):
"""Create logical port on the switch (db update)."""
LOG.debug("create_port_precommit: called")
port = mech_context.current
port_id = port['id']
network_id = port['network_id']
tenant_id = port['tenant_id']
admin_state_up = port['admin_state_up']
context = mech_context._plugin_context
network = brocade_db.get_network(context, network_id)
vlan_id = network['vlan']
try:
brocade_db.create_port(context, port_id, network_id, None, vlan_id,
tenant_id, admin_state_up)
except Exception:
LOG.exception(
_LE("Brocade Mechanism: failed to create port"
" in db"))
raise Exception(
_("Brocade Mechanism: create_port_precommit failed"))
def configure_protocol_vrrp(self, rbridge_id):
"""enable protocol vrrp """
try:
self.enable_protocol_vrrp(rbridge_id)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def create_policy(self, policy_name):
"""Remove Acl Policy From VDX"""
try:
self.create_acl(policy_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def delete_network_postcommit(self, mech_context):
"""Delete network.
This translates to removng portprofile
from the switch.
"""
LOG.debug("delete_network_postcommit: called")
network = mech_context.current
network_id = network['id']
vlan_id = network['provider:segmentation_id']
tenant_id = network['tenant_id']
try:
self._driver.delete_network(self._switch['address'],
self._switch['username'],
self._switch['password'], vlan_id)
except Exception:
LOG.exception(_LE("Brocade NOS driver: failed to delete network"))
raise Exception(
_("Brocade switch exception, "
"delete_network_postcommit failed"))
LOG.info(
_LI("delete network (postcommit): %(network_id)s"
" with vlan = %(vlan_id)s"
" for tenant %(tenant_id)s"), {
'network_id': network_id,
'vlan_id': vlan_id,
'tenant_id': tenant_id
})
def delete_network_precommit(self, mech_context):
"""Delete Network from the plugin specific database table."""
LOG.debug("delete_network_precommit: called")
network = mech_context.current
network_id = network['id']
vlan_id = network['provider:segmentation_id']
tenant_id = network['tenant_id']
context = mech_context._plugin_context
try:
brocade_db.delete_network(context, network_id)
except Exception:
LOG.exception(
_LE("Brocade Mechanism: failed to delete network in db"))
raise Exception(
_("Brocade Mechanism: delete_network_precommit failed"))
LOG.info(_LI("delete network (precommit): %(network_id)s"
" with vlan = %(vlan_id)s"
" for tenant %(tenant_id)s"),
{'network_id': network_id,
'vlan_id': vlan_id,
'tenant_id': tenant_id})
def _setup_policy(self, apply_list, fw):
# create zones no matter if they exist. Interfaces are added by router
policy_name = utils.get_firewall_object_prefix(fw)
num_seq_id = len(fw['firewall_rule_list']) + len(self._pre_acls) +\
len(self._post_acls)
seq_ids = self.seq_id_bm.get_seq_ids(policy_name, num_seq_id)
index = 0
try:
if not self._driver.is_ip_acl_exists(policy_name):
index = self._config_replay_acls_file(policy_name,
self._pre_acls, seq_ids,
index)
for rule in fw['firewall_rule_list']:
if not rule['enabled']:
continue
if rule['ip_version'] == 4:
self._config_replay_acls(policy_name, rule,
str(seq_ids[index]))
index = index + 1
else:
LOG.warning(_LW("Unsupported IP version rule."))
index = self._config_replay_acls_file(policy_name,
self._post_acls, seq_ids,
index)
self.merge_and_replay_acls(policy_name)
for ri in apply_list:
for svi in ri.router['svis']:
self._apply_policy_on_interface(policy_name, svi)
except Exception as e:
LOG.error(_LE("Error creating ACL policy :Error: %s"), e)
self._clear_policy(apply_list, fw)
raise e
def delete_network_postcommit(self, mech_context):
"""Delete network.
This translates to removng portprofile
from the switch.
"""
LOG.debug("delete_network_postcommit: called")
network = mech_context.current
network_id = network['id']
vlan_id = network['provider:segmentation_id']
tenant_id = network['tenant_id']
try:
self._driver.delete_network(self._switch['address'],
self._switch['username'],
self._switch['password'],
vlan_id)
except Exception:
LOG.exception(_LE("Brocade NOS driver: failed to delete network"))
raise Exception(
_("Brocade switch exception, "
"delete_network_postcommit failed"))
LOG.info(_LI("delete network (postcommit): %(network_id)s"
" with vlan = %(vlan_id)s"
" for tenant %(tenant_id)s"),
{'network_id': network_id,
'vlan_id': vlan_id,
'tenant_id': tenant_id})
def create_network_precommit(self, mech_context):
"""Create Network in the mechanism specific database table."""
if self.is_flat_network(mech_context.network_segments[0]):
return
network = mech_context.current
context = mech_context._plugin_context
tenant_id = network['tenant_id']
network_id = network['id']
segments = mech_context.network_segments
# currently supports only one segment per network
segment = segments[0]
network_type = segment['network_type']
vlan_id = segment['segmentation_id']
segment_id = segment['id']
if network_type not in [p_const.TYPE_VLAN]:
raise Exception(
_("Brocade Mechanism: failed to create network, "
"only network type vlan is supported"))
try:
brocade_db.create_network(context, network_id, vlan_id,
segment_id, network_type, tenant_id)
except Exception:
LOG.exception(
_LE("Brocade Mechanism: failed to create network in db"))
raise Exception(
_("Brocade Mechanism: create_network_precommit failed"))
def _delete_nos_port(self, context, port, segment):
hostname, vlan_id, physical_network =\
self._get_port_info(port, segment)
if not hostname or not vlan_id:
LOG.info(_LI("hostname or vlan id is empty"))
return
for (speed, name) in self._device_dict[(hostname, physical_network)]:
try:
if brocade_db.is_last_vm_on_host(context,
hostname,
physical_network, vlan_id)\
and not self._is_dhcp_port(port):
address, user, password = self._get_switch_address(hostname)
self._driver.deconfigure_trunk_vlan_on_interface(
address,
user,
password,
vlan_id,
name,
speed)
else:
LOG.info(_LI("more vm exist for network on host hence vlan"
" is not removed from port"))
except Exception:
LOG.exception(
_LE("Brocade NOS driver: failed to remove vlan from port"))
raise Exception(
_("Brocade switch exception: delete_port_postcommit"
"failed"))
def _create_nos_port(self, context, port, segment):
hostname, vlan_id, physical_network = self._get_port_info(
port, segment)
if not hostname or not vlan_id:
LOG.info(_LI("hostname or vlan id is empty"))
return
for (speed, name) in self._device_dict[(hostname, physical_network)]:
LOG.debug("_create_nos_port:port %s %s vlan %s",
speed, name, str(vlan_id))
try:
if not brocade_db.is_vm_exists_on_host(context,
hostname,
physical_network,
vlan_id):
address, user, password = self._get_switch_address(hostname)
self._driver.configure_trunk_vlan_on_interface(
address,
user,
password,
vlan_id,
name,
speed)
else:
LOG.debug("_create_nos_port:port is already trunked")
except Exception:
self._delete_brocade_port(context, port)
LOG.exception(_LE("Brocade NOS driver:failed to trunk vlan"))
raise Exception(_("Brocade switch exception:"
" create_port_postcommit failed"))
def delete_svi(self, rbridge_id, vlan_id, gw_ip, router_id):
"""delete svi from configured rbridge-id"""
try:
if self.is_svi_exists(rbridge_id, vlan_id):
self.remove_svi(rbridge_id, vlan_id)
except Exception as ex:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error: %s"), ex)
def create_network(self, topology,
physical_network, net_id):
"""Creates a new virtual network."""
try:
self.create_vlan_interface(net_id)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def remove_policy_on_interface(self,
rbridge_id, vlan_id, name, direction):
"""provision Acl Policy on VE"""
try:
self.remove_acl_on_svi(rbridge_id, vlan_id, name, direction)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def configure_vrrp_group(self, rbridge_id,
vlan_id, vrid, version):
"""config vrrp virtual ip on svi"""
try:
self.create_vrrp_group(rbridge_id, vlan_id, vrid, version)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
def is_virtual_fabric_enabled(self, host, username, password):
"""Show version of NOS."""
try:
mgr = self.connect(host, username, password)
return (self.virtual_fabric_info(mgr) == "enabled")
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
def get_nos_version(self, host, username, password):
"""Show version of NOS."""
try:
mgr = self.connect(host, username, password)
return self.nos_version_request(mgr)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
def delete_svi(self, rbridge_id, vlan_id,
gw_ip, router_id):
"""delete svi from configured rbridge-id"""
try:
if self.is_svi_exists(rbridge_id, vlan_id):
self.remove_svi(rbridge_id, vlan_id)
except Exception as ex:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error: %s"), ex)
def get_nos_version(self, host, username, password):
"""Show version of NOS."""
try:
mgr = self.connect(host, username, password)
return self.nos_version_request(mgr)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
def _invoke_driver_for_plugin_api(self, context, fw, func_name):
"""Invoke driver method for plugin API and provide status back."""
LOG.debug("%(func_name)s from agent for fw: %(fwid)s",
{'func_name': func_name, 'fwid': fw['id']})
try:
routers = self._get_routers(context)
router_info_list = self._get_router_info_list_for_tenant(
routers,
fw['tenant_id'])
if not router_info_list and func_name != 'delete_firewall':
LOG.debug('No Routers on tenant: %s', fw['tenant_id'])
# fw was created before any routers were added, and if a
# delete is sent then we need to ack so that plugin can
# cleanup.
return
elif not self._is_interface_present_added_to_routers(
router_info_list) and func_name != 'delete_firewall':
LOG.debug('No Router interface')
return
LOG.debug("Apply fw on Router List: '%s'",
[ri.router['id'] for ri in router_info_list])
# call into the driver
try:
self._fwaas_driver.__getattribute__(func_name)(
router_info_list,
fw)
if func_name != "delete_firewall":
self.endpoints[0].set_firewall_status(context, fw['id'],
const.ACTIVE)
except Exception as e:
LOG.error(_LE("Exception %s"), e)
LOG.error(_LE("Firewall Driver Error for %(func_name)s "
"for fw: %(fwid)s"),
{'func_name': func_name, 'fwid': fw['id']})
raise e
except Exception as e:
LOG.exception(
_LE("FWaaS RPC failure in %(func_name)s for fw: %(fwid)s"),
{'func_name': func_name, 'fwid': fw['id']})
raise e
return
def _is_l3_agent_running(self, context):
l3plugin = manager.NeutronManager.get_service_plugins()[
plugin_constants.L3_ROUTER_NAT]
if not l3plugin:
LOG.error(_LE('No plugin for L3 routing registered! Will reply '
'no l3 agents!! '))
return False
l3_agents = l3plugin.get_l3_agents(context, True)
LOG.info(_LI("List of L3 agents _is_l3_agent_running %s"), l3_agents)
return ((l3_agents) and (len(l3_agents) > 0))
def _update_firewall(self, apply_list, firewall):
LOG.debug("Updating firewall (%s)", firewall['id'])
self._clear_policy(apply_list, firewall)
try:
self._setup_policy(apply_list, firewall)
except Exception as e:
LOG.error(_LE("_update_firewall::Error creating ACL policy :"
"Error: %s"), e)
raise e
return True
def _config_replay_acls(self, policy_name, rule, seq_id):
try:
req = self._make_policy(policy_name, rule, seq_id)
self.req.append(req)
if len(self.req) >= ACL_BATCH_SIZE:
self.merge_and_replay_acls(policy_name)
except Exception as e:
LOG.error(_LE("error creating rule %s"), e)
raise e
return
def delete_svi(self, host, username, password,
rbridge_id, vlan_id, gw_ip, router_id):
"""delete svi from configured rbridge-id."""
try:
mgr = self.connect(host, username, password)
self.remove_svi(mgr, rbridge_id, vlan_id)
except Exception as ex:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error: %s"), ex)
self.close_session()
def delete_router(self, host, username, password, rbridge_id, router_id):
"""delete router and associated vrf."""
router_id = router_id[0:11]
vrf_name = template.OS_VRF_NAME.format(id=router_id)
try:
mgr = self.connect(host, username, password)
self.delete_vrf(mgr, rbridge_id, vrf_name)
except Exception:
with excutils.save_and_reraise_exception():
LOG.exception(_LE("NETCONF error"))
self.close_session()
