def create_filter(self, tc_dict): if tc_dict['protocol'] == 'vxlan': self._create_vxlan_filter(tc_dict) return raise exceptions.BadRequest(msg='Protocol not supported')
def _add_interface_by_subnet(self, context, router, subnet_id, owner): LOG.debug( "_add_interface_by_subnet(): router=%(router)s, " "subnet_id=%(subnet_id)s, owner=%(owner)s", { 'router': router, 'subnet_id': subnet_id, 'owner': owner }) subnet = self._core_plugin._get_subnet(context, subnet_id) if not subnet['gateway_ip']: msg = _('Subnet for router interface must have a gateway IP') raise n_exc.BadRequest(resource='router', msg=msg) self._check_for_dup_router_subnets(context, router, subnet['network_id'], [subnet]) fixed_ip = { 'ip_address': subnet['gateway_ip'], 'subnet_id': subnet['id'] } # TODO(jerryz): move this out of transaction. setattr(context, 'GUARD_TRANSACTION', False) return (self._core_plugin.create_port( context, { 'port': { 'tenant_id': subnet['tenant_id'], 'network_id': subnet['network_id'], 'fixed_ips': [fixed_ip], 'mac_address': utils.get_mac(self, context), 'admin_state_up': True, 'device_id': router.id, 'device_owner': owner, 'name': '' } }), [subnet], True)
def delete(self, context, lb): service_client = self.core_plugin.nsxlib.load_balancer.service lb_binding = nsx_db.get_nsx_lbaas_loadbalancer_binding( context.session, lb.id) if lb_binding: lb_service_id = lb_binding['lb_service_id'] lb_service = service_client.get(lb_service_id) vs_list = lb_service.get('virtual_server_ids') if not vs_list: try: service_client.delete(lb_service_id) except nsxlib_exc.ManagerError: self.lbv2_driver.pool.failed_completion(context, lb, delete=True) msg = (_('Failed to delete lb service %(lbs)s from nsx') % { 'lbs': lb_service_id }) raise n_exc.BadRequest(resource='lbaas-lb', msg=msg) nsx_db.delete_nsx_lbaas_loadbalancer_binding( context.session, lb.id) self.lbv2_driver.load_balancer.successful_completion(context, lb, delete=True)
def get_auto_allocated_topology(self, context, tenant_id, fields=None): """Return tenant's network associated to auto-allocated topology. The topology will be provisioned upon return, if network is missing. """ fields = fields or [] tenant_id = self._validate(context, tenant_id) if CHECK_REQUIREMENTS in fields: # for dry-run requests, simply validates that subsequent # requests can be fulfilled based on a set of requirements # such as existence of default networks, pools, etc. return self._check_requirements(context, tenant_id) elif fields: raise n_exc.BadRequest(resource='auto_allocate', msg=_("Unrecognized field")) # Check for an existent topology network_id = self._get_auto_allocated_network(context, tenant_id) if network_id: return self._response(network_id, tenant_id, fields=fields) # See if we indeed have an external network to connect to, otherwise # we will fail fast default_external_network = self._get_default_external_network(context) # If we reach this point, then we got some work to do! network_id = self._build_topology(context, tenant_id, default_external_network) return self._response(network_id, tenant_id, fields=fields)
def _get_vpp_router(self, context, router_id): try: router = self._get_by_id(context, Router, router_id) except Exception: raise n_exc.BadRequest("L3 Router not found for router_id: %s", router_id) return router
def get_vsd_subnets(self, context, filters=None, fields=None): if 'vsd_zone_id' not in filters: msg = _('vsd_zone_id is a required filter parameter for this API.') raise n_exc.BadRequest(resource='vsd-subnets', msg=msg) l3subs = self.vsdclient.get_domain_subnet_by_zone_id( filters['vsd_zone_id'][0]) vsd_to_os = { 'ID': 'id', 'name': 'name', self._calc_cidr: 'cidr', self._calc_ipv6_cidr: 'ipv6_cidr', 'gateway': 'gateway', 'IPv6Gateway': 'ipv6_gateway', 'IPType': 'ip_version', functools.partial(self._return_val, filters['vsd_zone_id'][0]): 'vsd_zone_id' } return self._trans_vsd_to_os(l3subs, vsd_to_os, filters, fields)
def _add_csnat_router_interface_port( self, context, router, network_id, subnet_id, do_pop=True): """Add SNAT interface to the specified router and subnet.""" port_data = {'tenant_id': '', 'network_id': network_id, 'fixed_ips': [{'subnet_id': subnet_id}], 'device_id': router.id, 'device_owner': const.DEVICE_OWNER_ROUTER_SNAT, 'admin_state_up': True, 'name': ''} snat_port = p_utils.create_port(self._core_plugin, context, {'port': port_data}) if not snat_port: msg = _("Unable to create the SNAT Interface Port") raise n_exc.BadRequest(resource='router', msg=msg) with p_utils.delete_port_on_error( self.l3plugin._core_plugin, context.elevated(), snat_port['id']): l3_obj.RouterPort( context, port_id=snat_port['id'], router_id=router.id, port_type=const.DEVICE_OWNER_ROUTER_SNAT ).create() if do_pop: return self.l3plugin._populate_mtu_and_subnets_for_ports( context, [snat_port]) return snat_port
def delete(self, context, policy): vs_client = self.core_plugin.nsxlib.load_balancer.virtual_server rule_client = self.core_plugin.nsxlib.load_balancer.rule binding = nsx_db.get_nsx_lbaas_l7policy_binding( context.session, policy.id) if binding: vs_id = binding['lb_vs_id'] rule_id = binding['lb_rule_id'] try: # Update virtual server to remove lb rule vs_client.remove_rule(vs_id, rule_id) rule_client.delete(rule_id) except nsxlib_exc.ResourceNotFound: LOG.warning('LB rule %(rule)s is not found on NSX', {'rule': rule_id}) except nsxlib_exc.ManagerError: self.lbv2_driver.l7policy.failed_completion(context, policy) msg = (_('Failed to delete lb rule: %(rule)s') % { 'rule': rule_id }) raise n_exc.BadRequest(resource='lbaas-l7policy-delete', msg=msg) nsx_db.delete_nsx_lbaas_l7policy_binding(context.session, policy.id) self.lbv2_driver.l7policy.successful_completion(context, policy, delete=True)
def update(self, context, old_policy, new_policy): rule_client = self.core_plugin.nsxlib.load_balancer.rule binding = nsx_db.get_nsx_lbaas_l7policy_binding( context.session, old_policy.id) if not binding: self.lbv2_driver.l7rule.failed_completion(context, new_policy) msg = _('Cannot find nsx lbaas binding for policy ' '%(policy_id)s') % { 'policy_id': old_policy.id } raise n_exc.BadRequest(resource='lbaas-l7policy-update', msg=msg) vs_id = binding['lb_vs_id'] lb_rule_id = binding['lb_rule_id'] rule_body = lb_utils.convert_l7policy_to_lb_rule(context, new_policy) try: rule_client.update(lb_rule_id, **rule_body) if new_policy.position != old_policy.position: self._update_policy_position(vs_id, lb_rule_id, new_policy.position) except Exception as e: with excutils.save_and_reraise_exception(): self.lbv2_driver.l7policy.failed_completion( context, new_policy) LOG.error('Failed to update L7policy %(policy)s: ' '%(err)s', { 'policy': old_policy.id, 'err': e }) self.lbv2_driver.l7policy.successful_completion(context, new_policy)
def create(self, context, lb): edge_id = lb_common.get_lbaas_edge_id(context, self.core_plugin, lb.id, lb.vip_address, lb.vip_subnet_id, lb.tenant_id) if not edge_id: msg = _('Failed to allocate Edge on subnet %(sub)s for ' 'loadbalancer %(lb)s') % { 'sub': lb.vip_subnet_id, 'lb': lb.id } raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) try: lb_common.enable_edge_acceleration(self.vcns, edge_id) edge_fw_rule_id = lb_common.add_vip_fw_rule( self.vcns, edge_id, lb.id, lb.vip_address) # set LB default rule lb_common.set_lb_firewall_default_rule(self.vcns, edge_id, 'accept') nsxv_db.add_nsxv_lbaas_loadbalancer_binding( context.session, lb.id, edge_id, edge_fw_rule_id, lb.vip_address) self.lbv2_driver.load_balancer.successful_completion(context, lb) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.load_balancer.failed_completion(context, lb) LOG.error('Failed to create pool %s', lb.id)
def create(self, context, lb): edge_id = lb_common.get_lbaas_edge_id_for_subnet( context, self.core_plugin, lb.vip_subnet_id, lb.tenant_id) if not edge_id: msg = _('No suitable Edge found for subnet %s') % lb.vip_subnet_id raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) try: if not nsxv_db.get_nsxv_lbaas_loadbalancer_binding_by_edge( context.session, edge_id): lb_common.enable_edge_acceleration(self.vcns, edge_id) lb_common.add_vip_as_secondary_ip(self.vcns, edge_id, lb.vip_address) edge_fw_rule_id = lb_common.add_vip_fw_rule( self.vcns, edge_id, lb.id, lb.vip_address) nsxv_db.add_nsxv_lbaas_loadbalancer_binding( context.session, lb.id, edge_id, edge_fw_rule_id, lb.vip_address) self.lbv2_driver.load_balancer.successful_completion(context, lb) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.load_balancer.failed_completion(context, lb) LOG.error(_LE('Failed to create pool %s'), lb.id)
def stats(self, context, lb): stats = { 'bytes_in': 0, 'bytes_out': 0, 'active_connections': 0, 'total_connections': 0 } binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb.id) try: lb_stats = self.vcns.get_loadbalancer_statistics( binding['edge_id']) except nsxv_exc.VcnsApiException: msg = (_('Failed to read load balancer statistics, edge: %s') % binding['edge_id']) raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) pools_stats = lb_stats[1].get('pool', []) for pool_stats in pools_stats: stats['bytes_in'] += pool_stats.get('bytesIn', 0) stats['bytes_out'] += pool_stats.get('bytesOut', 0) stats['active_connections'] += pool_stats.get('curSessions', 0) stats['total_connections'] += pool_stats.get('totalSessions', 0) return stats
def delete_network_segment_range(self, context, id): """Check segment reference on network segment range deletion.""" with db_api.CONTEXT_WRITER.using(context): network_segment_range = self._get_network_segment_range( context, id) range_data = network_segment_range.to_dict() if range_data['default']: # TODO(kailun): To use # range_exc.NetworkSegmentRangeDefaultReadOnly when the # neutron-lib patch https://review.openstack.org/640777 is # merged and released. message = _("Network Segment Range %s is a " "default segment range which could not be " "updated or deleted.") % id raise lib_exc.BadRequest(resource=range_def.RESOURCE_NAME, msg=message) if self._is_network_segment_range_referenced(context, range_data): # TODO(kailun): To use # range_exc.NetworkSegmentRangeReferencedByProject when the # neutron-lib patch https://review.openstack.org/640777 is # merged and released. message = _("Network Segment Range %s is referenced by " "one or more tenant networks.") % id raise lib_exc.InUse(resource=range_def.RESOURCE_NAME, msg=message) network_segment_range.delete() self.type_manager.update_network_segment_range_allocations( network_segment_range['network_type'])
def create_agent(self, context, agent): """Create agent. This operation is not allow in REST API. @raise exceptions.BadRequest: """ raise exceptions.BadRequest()
def _prepare_netpartitions(self): # prepare shared netpartition shared_netpart_name = constants.SHARED_INFRASTRUCTURE self._validate_create_net_partition(n_ctx.get_admin_context(), shared_netpart_name) # prepare default netpartition default_netpart_name = cfg.CONF.RESTPROXY.default_net_partition_name l3template = cfg.CONF.RESTPROXY.default_l3domain_template l2template = cfg.CONF.RESTPROXY.default_l2domain_template l3isolated = cfg.CONF.RESTPROXY.default_isolated_zone l3shared = cfg.CONF.RESTPROXY.default_shared_zone # if templates are not provided, create default templates if l2template or l3template or l3isolated or l3shared: if (not l2template or not l3template or not l3isolated or not l3shared): msg = 'Configuration of default net-partition not complete' raise n_exc.BadRequest(resource='net_partition', msg=msg) '''NetPartition and templates already created. Just sync the neutron DB. They must all be in VSD. If not, its an error ''' self._link_default_netpartition(default_netpart_name, l2template, l3template, l3isolated, l3shared) else: default_netpart = self._validate_create_net_partition( n_ctx.get_admin_context(), default_netpart_name) self._default_np_id = default_netpart['id']
def update(self, context, old_pool, new_pool): pool_client = self.core_plugin.nsxlib.load_balancer.pool pool_name = None tags = None lb_algorithm = None if new_pool.name != old_pool.name: pool_name = utils.get_name_and_uuid(new_pool.name or 'pool', new_pool.id) tags = self._get_pool_tags(context, new_pool) if new_pool.lb_algorithm != old_pool.lb_algorithm: lb_algorithm = lb_const.LB_POOL_ALGORITHM_MAP.get( new_pool.lb_algorithm) binding = nsx_db.get_nsx_lbaas_pool_binding(context.session, old_pool.loadbalancer_id, old_pool.id) if not binding: msg = (_('Cannot find pool %(pool)s binding on NSX db ' 'mapping'), { 'pool': old_pool.id }) raise n_exc.BadRequest(resource='lbaas-pool', msg=msg) try: lb_pool_id = binding['lb_pool_id'] kwargs = self._get_pool_kwargs(pool_name, tags, lb_algorithm) pool_client.update(lb_pool_id, **kwargs) self.lbv2_driver.pool.successful_completion(context, new_pool) except Exception as e: with excutils.save_and_reraise_exception(): self.lbv2_driver.pool.failed_completion(context, new_pool) LOG.error( 'Failed to update pool %(pool)s with ' 'error %(error)s', { 'pool': old_pool.id, 'error': e })
def _validate_delete_net_partition(self, context, id, net_partition_name): if net_partition_name == constants.SHARED_INFRASTRUCTURE: msg = _("Can't delete net_partition {}").format(net_partition_name) raise n_exc.BadRequest(resource='net_partition', msg=msg) ent_rtr_mapping = nuagedb.get_ent_rtr_mapping_by_entid( context.session, id) ent_l2dom_mapping = nuagedb.get_ent_l2dom_mapping_by_entid( context.session, id) if ent_rtr_mapping: msg = (_("One or more router still attached to " "net_partition %s.") % net_partition_name) raise n_exc.BadRequest(resource='net_partition', msg=msg) if ent_l2dom_mapping: msg = (_("One or more L2 Domain Subnet present in the " "net_partition %s.") % net_partition_name) raise n_exc.BadRequest(resource='net_partition', msg=msg)
def create_nuage_redirect_target(self, context, nuage_redirect_target): redirect_target = nuage_redirect_target['nuage_redirect_target'] has_subnet_id = is_attr_set(redirect_target.get('subnet_id')) has_router_id = is_attr_set(redirect_target.get('router_id')) if not has_subnet_id and not has_router_id: msg = _('subnet_id or router_id should be specified') raise n_exc.BadRequest(resource='subnets', msg=msg) subnet_mapping = nuagedb.get_subnet_l2dom_by_id( context.session, redirect_target.get('subnet_id')) or {} router_mapping = nuagedb.get_ent_rtr_mapping_by_rtrid( context.session, redirect_target.get('router_id')) or {} if not subnet_mapping and not router_mapping: raise ext_rtarget.RedirectTargetNoDomainOrL2Domain() if has_subnet_id: subnet = self.core_plugin.get_subnet(context, redirect_target['subnet_id']) if subnet: redirect_target['external_id'] = \ cms_id_helper.get_vsd_external_id(subnet['network_id']) try: nuage_redirect_target = self.vsdclient\ .create_nuage_redirect_target( redirect_target, l2dom_id=subnet_mapping.get('nuage_subnet_id'), domain_id=router_mapping.get('nuage_router_id')) except Exception as e: if getattr(e, "vsd_code", None) == '7016': msg = _("A Nuage redirect target with name '%s' already " "exists") % redirect_target['name'] raise nuage_exc.NuageBadRequest(msg=msg) raise return self._make_redirect_target_dict(nuage_redirect_target, context=context)
def get_vsd_zones(self, context, filters=None, fields=None): if 'vsd_domain_id' not in filters: msg = _('vsd_domain_id is a required filter parameter for this ' 'API.') raise n_exc.BadRequest(resource='vsd-zones', msg=msg) try: vsd_zones = self.vsdclient.get_zone_by_domainid( filters['vsd_domain_id'][0]) except RESTProxyError as e: if e.code == 404: return [] else: raise e vsd_zones = [ self._update_dict(zone, 'vsd_domain_id', filters['vsd_domain_id'][0]) for zone in vsd_zones ] vsd_to_os = { 'zone_id': 'id', 'zone_name': 'name', 'vsd_domain_id': 'vsd_domain_id' } return self._trans_vsd_to_os(vsd_zones, vsd_to_os, filters, fields)
def _check_router_match(self, context, fip_obj, router_id, pf_dict): internal_port_id = pf_dict['internal_port_id'] if fip_obj.router_id and fip_obj.router_id != router_id: objs = pf.PortForwarding.get_objects( context, floatingip_id=fip_obj.id, internal_ip_address=pf_dict['internal_ip_address'], internal_port=pf_dict['internal_port']) if objs: message = _("Floating IP %(floatingip_id)s with params: " "internal_ip_address: %(internal_ip_address)s, " "internal_port: %(internal_port)s " "already exists") % { 'floatingip_id': fip_obj.id, 'internal_ip_address': pf_dict['internal_ip_address'], 'internal_port': pf_dict['internal_port'] } else: message = _("The Floating IP %(floatingip_id)s had been set " "on router %(router_id)s, the internal Neutron " "port %(internal_port_id)s can not reach it") % { 'floatingip_id': fip_obj.id, 'router_id': fip_obj.router_id, 'internal_port_id': internal_port_id } raise lib_exc.BadRequest(resource=apidef.RESOURCE_NAME, msg=message)
def _validate_router_migration(self, context, router_db, router_res): """Allow transition only when admin_state_up=False""" original_distributed_state = router_db.extra_attributes.distributed requested_distributed_state = router_res.get('distributed', None) distributed_changed = ( requested_distributed_state is not None and requested_distributed_state != original_distributed_state) if not distributed_changed: return False if router_db.admin_state_up: msg = _("Cannot change the 'distributed' attribute of active " "routers. Please set router admin_state_up to False " "prior to upgrade") raise n_exc.BadRequest(resource='router', msg=msg) # Notify advanced services of the imminent state transition # for the router. try: kwargs = {'context': context, 'router': router_db} registry.notify( resources.ROUTER, events.BEFORE_UPDATE, self, **kwargs) except exceptions.CallbackFailure as e: # NOTE(armax): preserve old check's behavior if len(e.errors) == 1: raise e.errors[0].error raise l3_exc.RouterInUse(router_id=router_db['id'], reason=e) return True
def _link_default_netpartition(self, netpart_name, l2template, l3template, l3isolated, l3shared): params = { 'name': netpart_name, 'l3template': l3template, 'l2template': l2template } (np_id, l3dom_tid, l2dom_tid) = self.vsdclient.link_default_netpartition(params) # verify that the provided zones have been created already shared_match, isolated_match = self.vsdclient.validate_zone_create( l3dom_tid, l3isolated, l3shared) if not shared_match or not isolated_match: msg = ('Default zone names must be provided for ' 'default net-partiton') raise n_exc.BadRequest(resource='net_partition', msg=msg) # basic verifications passed. add default netpartition to the DB session = lib_db_api.get_writer_session() netpartition = nuagedb.get_net_partition_by_name(session, netpart_name) with session.begin(): if netpartition: nuagedb.delete_net_partition(session, netpartition) nuagedb.add_net_partition(session, np_id, l3dom_tid, l2dom_tid, netpart_name, l3isolated, l3shared) self._default_np_id = np_id
def create_wan_tc_class(self, context, wtc_class): wtc_class_db = models.WanTcClass( id=uuidutils.generate_uuid(), direction=wtc_class['direction'], class_ext_id=self.get_last_class_ext_id(context)) if 'parent' in wtc_class and wtc_class['parent'] != '': parent = wtc_class['parent'] parent_class = self.get_class_by_id(context, parent) if not parent_class: raise exceptions.BadRequest(msg='invalid parent id') wtc_class_db.parent = parent wtc_class_db.parent_class_ext_id = parent_class['class_ext_id'] else: wtc_class_db.parent = 'root' wtc_class_db.parent_class_ext_id = 1 with context.session.begin(subtransactions=True): if 'min' in wtc_class: wtc_class_db.min = wtc_class['min'] if 'max' in wtc_class: wtc_class_db.max = wtc_class['max'] context.session.add(wtc_class_db) class_dict = self._class_to_dict(wtc_class_db) class_dict['parent_class_ext_id'] = wtc_class_db.parent_class_ext_id return class_dict
def create(self, context, hm, completor): lb_id = hm['pool']['loadbalancer_id'] pool_id = hm['pool']['id'] pool_client = self.core_plugin.nsxlib.load_balancer.pool monitor_client = self.core_plugin.nsxlib.load_balancer.monitor monitor_name = utils.get_name_and_uuid(hm['name'] or 'monitor', hm['id']) tags = lb_utils.get_tags(self.core_plugin, hm['id'], lb_const.LB_HM_TYPE, hm['tenant_id'], context.project_name) monitor_body = self._build_monitor_args(hm) try: lb_monitor = monitor_client.create(display_name=monitor_name, tags=tags, **monitor_body) except nsxlib_exc.ManagerError: with excutils.save_and_reraise_exception(): completor(success=False) binding = nsx_db.get_nsx_lbaas_pool_binding(context.session, lb_id, pool_id) if binding: lb_pool_id = binding['lb_pool_id'] try: pool_client.add_monitor_to_pool(lb_pool_id, lb_monitor['id']) except nsxlib_exc.ManagerError: completor(success=False) msg = _('Failed to attach monitor %(monitor)s to pool ' '%(pool)s') % { 'monitor': lb_monitor['id'], 'pool': lb_pool_id } raise n_exc.BadRequest(resource='lbaas-hm', msg=msg) nsx_db.add_nsx_lbaas_monitor_binding(context.session, lb_id, pool_id, hm['id'], lb_monitor['id'], lb_pool_id) else: completor(success=False) msg = _('Failed to attach monitor %(monitor)s to pool ' '%(pool)s: NSX pool was not found on the DB') % { 'monitor': hm['id'], 'pool': pool_id } raise n_exc.BadRequest(resource='lbaas-hm', msg=msg) completor(success=True)
def create_nuage_external_security_group(self, context, nuage_external_security_group): external_sg = nuage_external_security_group[ 'nuage_external_security_group'] subnet_id = external_sg.get('subnet_id') router_id = external_sg.get('router_id') if not subnet_id and not router_id: msg = _("Either router_id or subnet_id must be specified") raise n_exc.BadRequest(resource='nuage_external_security_group', msg=msg) l2dom_id = None l3dom_id = None external_id = None if subnet_id: subnet_mapping = nuagedb.get_subnet_l2dom_by_id( context.session, subnet_id) if subnet_mapping and self._is_l2(subnet_mapping): l2dom_id = subnet_mapping['nuage_subnet_id'] external_id = subnet_id if not l2dom_id: msg = _("VSD L2Domain not found for subnet %s") % subnet_id raise n_exc.BadRequest( resource='nuage_external_security_group', msg=msg) elif router_id: nuage_router = self.vsdclient.get_router_by_external(router_id) if nuage_router: l3dom_id = nuage_router['ID'] external_id = router_id if not l3dom_id: msg = _("VSD domain not found for router %s") % router_id raise n_exc.BadRequest( resource='nuage_external_security_group', msg=msg) params = { 'l2dom_id': l2dom_id, 'l3dom_id': l3dom_id, 'name': external_sg.get('name'), 'description': external_sg.get('description'), 'extended_community': external_sg.get('extended_community_id'), 'externalID': external_id } ext_sg_resp = ( self.vsdclient.create_nuage_external_security_group(params)) return self._make_external_security_group_dict(ext_sg_resp[0], context=context)
def delete(self, context, rule): lb_id = rule.policy.listener.loadbalancer_id vs_client = self.core_plugin.nsxlib.load_balancer.virtual_server rule_client = self.core_plugin.nsxlib.load_balancer.rule binding = nsx_db.get_nsx_lbaas_l7rule_binding( context.session, lb_id, rule.l7policy_id, rule.id) if binding: vs_id = binding['lb_vs_id'] rule_id = binding['lb_rule_id'] try: rule_client.delete(rule_id) except nsx_exc.NsxResourceNotFound: msg = (_("LB rule cannot be found on nsx: %(rule)s") % {'rule': rule_id}) raise n_exc.BadRequest(resource='lbaas-l7rule-delete', msg=msg) except nsxlib_exc.ManagerError: self.lbv2_driver.l7rule.failed_completion(context, rule) msg = (_('Failed to delete lb rule: %(rule)s') % {'rule': rule.id}) raise n_exc.BadRequest(resource='lbaas-l7rule-delete', msg=msg) try: lb_vs = vs_client.get(vs_id) if 'rule_ids' in lb_vs and rule_id in lb_vs['rule_ids']: lb_vs['rule_ids'].remove(rule_id) vs_client.update(vs_id, lb_vs) except nsx_exc.NsxResourceNotFound: msg = (_("virtual server cannot be found on nsx: %(vs)s") % {'vs': vs_id}) raise n_exc.BadRequest(resource='lbaas-l7rule-delete', msg=msg) except nsxlib_exc.ManagerError: self.lbv2_driver.l7rule.failed_completion(context, rule) msg = (_('Failed to update rule %(rule)s on virtual server ' '%(vs)s') % {'rule': rule_id, 'vs': vs_id}) raise n_exc.BadRequest(resource='lbaas-l7rule-delete', msg=msg) nsx_db.delete_nsx_lbaas_l7rule_binding( context.session, lb_id, rule.l7policy_id, rule.id) self.lbv2_driver.l7rule.successful_completion(context, rule, delete=True)
def get_vsd_domains(self, context, filters=None, fields=None): l3domains = [] l2domains = [] if 'vsd_organisation_id' in filters: # get domains by enterprise id l3domains.extend( self.vsdclient.get_routers_by_netpart( filters['vsd_organisation_id'][0])) l2domains.extend( self.vsdclient.get_subnet_by_netpart( filters['vsd_organisation_id'][0])) elif 'os_router_ids' in filters: # get domain by Openstack router id for os_id in filters['os_router_ids']: l3_domain = self.vsdclient.get_l3domain_by_external_id(os_id) if l3_domain: l3domains.append(l3_domain) else: msg = _('vsd_organisation_id or os_router_ids is a required filter' ' parameter for this API') raise n_exc.BadRequest(resource='vsd-domains', msg=msg) # add type to the domains (used by horizon linkedselect) for domain in l3domains: domain.update({'type': 'L3'}) for domain in l2domains: domain.update({'type': 'L2'}) vsd_to_os = { 'ID': 'id', 'name': 'name', 'type': 'type', # L2 'net_partition_id': 'net_partition_id', 'dhcp_managed': 'dhcp_managed', 'IPType': 'ip_version', 'ipv4_cidr': 'cidr', 'IPv6Address': 'ipv6_cidr', 'ipv4_gateway': 'gateway', 'IPv6Gateway': 'ipv6_gateway', 'enableDHCPv4': 'enable_dhcpv4', 'enableDHCPv6': 'enable_dhcpv6', # L3 'parentID': 'net_partition_id', 'routeDistinguisher': 'rd', 'routeTarget': 'rt', 'backHaulVNID': 'backhaul_vnid', 'backHaulRouteDistinguisher': 'backhaul_rd', 'backHaulRouteTarget': 'backhaul_rt', 'templateID': 'router_template_id', 'tunnelType': 'tunnel_type', 'ECMPCount': 'ecmp_count' } return self._trans_vsd_to_os(l3domains + l2domains, vsd_to_os, filters, fields)
def create(self, context, hm, completor): lb_id = hm['pool']['loadbalancer_id'] lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) edge_id = lb_binding['edge_id'] pool_id = hm['pool']['id'] pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding( context.session, lb_id, pool_id) if not pool_binding: completor(success=False) msg = _('Failed to create health monitor on edge: %s. ' 'Binding not found') % edge_id LOG.error(msg) raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_pool_id = pool_binding['edge_pool_id'] hm_binding = nsxv_db.get_nsxv_lbaas_monitor_binding( context.session, lb_id, pool_id, hm['id'], edge_id) edge_mon_id = None if hm_binding: edge_mon_id = hm_binding['edge_mon_id'] else: edge_monitor = self._convert_lbaas_monitor(hm) try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_health_monitor(edge_id, edge_monitor)[0] edge_mon_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_monitor_binding(context.session, lb_id, pool_id, hm['id'], edge_id, edge_mon_id) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): completor(success=False) LOG.error('Failed to create health monitor on edge: %s', edge_id) try: # Associate monitor with Edge pool with locking.LockManager.get_lock(edge_id): edge_pool = self.vcns.get_pool(edge_id, edge_pool_id)[1] if edge_pool.get('monitorId'): edge_pool['monitorId'].append(edge_mon_id) else: edge_pool['monitorId'] = [edge_mon_id] self.vcns.update_pool(edge_id, edge_pool_id, edge_pool) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): completor(success=False) LOG.error('Failed to create health monitor on edge: %s', edge_id) completor(success=True)
def create(self, context, member, completor): lb_id = self._get_pool_lb_id(member) lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) edge_id = lb_binding['edge_id'] pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding( context.session, lb_id, member['pool_id']) if not pool_binding: completor(success=False) msg = _('Failed to create member on edge: %s. ' 'Binding not found') % edge_id LOG.error(msg) raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_pool_id = pool_binding['edge_pool_id'] old_lb = lb_common.is_lb_on_router_edge(context, self.core_plugin, edge_id) with locking.LockManager.get_lock(edge_id): if not cfg.CONF.nsxv.use_routers_as_lbaas_platform and not old_lb: # Verify that Edge appliance is connected to the member's # subnet (only if this is a dedicated loadbalancer edge) if not lb_common.get_lb_interface(context, self.core_plugin, lb_id, member['subnet_id']): lb_common.create_lb_interface(context, self.core_plugin, lb_id, member['subnet_id'], member['tenant_id']) edge_pool = self.vcns.get_pool(edge_id, edge_pool_id)[1] edge_member = { 'ipAddress': member['address'], 'weight': member['weight'], 'port': member['protocol_port'], 'monitorPort': member['protocol_port'], 'name': lb_common.get_member_id(member['id']), 'condition': 'enabled' if member['admin_state_up'] else 'disabled' } if edge_pool.get('member'): edge_pool['member'].append(edge_member) else: edge_pool['member'] = [edge_member] try: self.vcns.update_pool(edge_id, edge_pool_id, edge_pool) completor(success=True) if old_lb: member_ips = self._get_pool_member_ips( member['pool'], 'add', member['address']) lb_common.update_pool_fw_rule( self.vcns, member['pool_id'], edge_id, self._get_lbaas_fw_section_id(), member_ips) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): completor(success=False) LOG.error('Failed to create member on edge: %s', edge_id)
def policy_to_edge_and_rule_id(context, policy_id): # get the nsx application rule id and edge id binding = nsxv_db.get_nsxv_lbaas_l7policy_binding(context.session, policy_id) if not binding: msg = _('No suitable Edge found for policy %s') % policy_id raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) return binding['edge_id'], binding['edge_app_rule_id']