def _add_routes(self, route_info):
LOG.info(_LI("Configuring routes with configuration "
"data : %(route_data)s ") %
{'route_data': route_info['resource_data']})
source_cidrs = route_info['resource_data']['source_cidrs']
gateway_ip = route_info['resource_data']['gateway_ip']
default_route_commands = []
for cidr in source_cidrs:
source_interface = self._get_if_name_by_cidr(cidr)
try:
interface_number_string = source_interface.split("eth", 1)[1]
except IndexError:
LOG.error(_LE("Retrieved wrong interface %(interface)s for "
"configuring routes") %
{'interface': source_interface})
routing_table_number = 20 + int(interface_number_string)
ip_rule_command = "ip rule add from %s table %s" % (
cidr, routing_table_number)
out1 = subprocess.Popen(ip_rule_command, shell=True,
stdout=subprocess.PIPE).stdout.read()
ip_rule_command = "ip rule add to %s table main" % (cidr)
out2 = subprocess.Popen(ip_rule_command, shell=True,
stdout=subprocess.PIPE).stdout.read()
ip_route_command = "ip route add table %s default via %s" % (
routing_table_number, gateway_ip)
default_route_commands.append(ip_route_command)
output = "%s\n%s" % (out1, out2)
LOG.info(_LI("Static route configuration result: %(output)s") %
{'output': output})
for command in default_route_commands:
out = subprocess.Popen(command, shell=True,
stdout=subprocess.PIPE).stdout.read()
LOG.info(_LI("Static route configuration result: %(output)s") %
{'output': out})
def proc_msg(self, msg):
retVal = False
if msg["operation"] == 'register':
payload = {'id': msg["port_id"], 'owner': RegData.service_name}
try:
resp = post(self._make_url(self.base_url, 'ports'), json=payload)
if resp.status_code == 201:
LOG.info(_LI("RegThread: port added gluon"))
retVal = True
elif resp.status_code == 409:
LOG.info(_LI("RegThread: port already in gluon"))
retVal = True
else:
LOG.info(_LI("RegThread: unexpected response code: %d" % resp.status_code))
except:
pass
elif msg["operation"] == 'deregister':
try:
url = self._make_url(self.base_url, 'ports')
url = self._make_url(url, msg["port_id"])
resp = delete(url)
if resp.status_code == 201 or resp.status_code == 200 or resp.status_code == 404:
LOG.info(_LI("RegThread: port removed from gluon"))
retVal = True
else:
LOG.info(_LI("RegThread: unexpected response code: %d" % resp.status_code))
except:
pass
else:
LOG.error(_LE("Unknown reg message"))
retVal = True
return retVal
def main():
service.prepare_service(sys.argv)
app = api_app.setup_app()
# Create the WSGI server and start it
host, port = cfg.CONF.api.host, cfg.CONF.api.port
srv = simple_server.make_server(host, port, app)
LOG.info(_LI('Starting server in PID %s') % os.getpid())
LOG.debug("Configuration:")
cfg.CONF.log_opt_values(LOG, logging.DEBUG)
if host == '0.0.0.0':
LOG.info(
_LI('serving on 0.0.0.0:%(port)s, '
'view at http://127.0.0.1:%(port)s') % dict(port=port))
else:
LOG.info(
_LI('serving on http://%(host)s:%(port)s') %
dict(host=host, port=port))
register_with_gluon(service_name=cfg.CONF.api.service_name,
service_type=cfg.CONF.api.service_type,
host=cfg.CONF.api.host,
port=cfg.CONF.api.port,
gluon_host=cfg.CONF.api.gluon_host,
gluon_port=cfg.CONF.api.gluon_port)
start_sync_thread(service_name=cfg.CONF.api.service_name,
etcd_host=cfg.CONF.api.etcd_host,
etcd_port=cfg.CONF.api.etcd_port)
srv.serve_forever()
def main():
service.prepare_service(sys.argv)
app = api_app.setup_app()
# Create the WSGI server and start it
host, port = cfg.CONF.api.host, cfg.CONF.api.port
srv = simple_server.make_server(host, port, app)
LOG.info(_LI('Starting server in PID %s') % os.getpid())
LOG.debug("Configuration:")
cfg.CONF.log_opt_values(LOG, logging.DEBUG)
if host == '0.0.0.0':
LOG.info(_LI('serving on 0.0.0.0:%(port)s, '
'view at http://127.0.0.1:%(port)s') %
dict(port=port))
else:
LOG.info(_LI('serving on http://%(host)s:%(port)s') %
dict(host=host, port=port))
register_with_gluon(service_name=cfg.CONF.api.service_name,
service_type=cfg.CONF.api.service_type,
host=cfg.CONF.api.host,
port=cfg.CONF.api.port,
gluon_host=cfg.CONF.api.gluon_host,
gluon_port=cfg.CONF.api.gluon_port)
start_sync_thread(service_name=cfg.CONF.api.service_name,
etcd_host=cfg.CONF.api.etcd_host,
etcd_port=cfg.CONF.api.etcd_port)
srv.serve_forever()
def __init__(self, json_blob):
ps = Popen(["sysctl", "net.ipv4.ip_forward"], stdout=PIPE)
output = ps.communicate()[0]
if "0" in output:
LOG.info(_LI("Enabling IP forwarding ..."))
call(["sysctl", "-w", "net.ipv4.ip_forward=1"])
else:
LOG.info(_LI("IP forwarding already enabled"))
try:
self.rules_json = jsonutils.loads(json_blob)
except ValueError:
sys.exit('Given json_blob is not a valid json')
def update_chain(self):
ps = Popen(["iptables", "-L"], stdout=PIPE)
output = ps.communicate()[0]
# check if chain is present if not create new chain
if "testchain" not in output:
LOG.info(_LI("Creating new chain ..."))
call(["iptables", "-F"])
call(["iptables", "-N", "testchain"])
call(
["iptables", "-t", "filter",
"-A", "FORWARD", "-j", "testchain"])
call(["iptables", "-A", "FORWARD", "-j", "DROP"])
# flush chain of existing rules
call(["iptables", "-F", "testchain"])
# return
# Update chain with new rules
LOG.info(_LI("Updating chain with new rules ..."))
count = 0
for rule in self.rules_json.get('rules'):
LOG.info(_LI("adding rule %(count)d") % {'count': count})
try:
action_values = ["LOG", "ACCEPT"]
action = rule['action'].upper()
if action not in action_values:
sys.exit(
"Action %s is not valid action! Please enter "
"valid action (LOG or ACCEPT)" % (action))
service = rule['service'].split('/')
except KeyError as e:
sys.exit('KeyError: Rule does not have key %s' % (e))
if len(service) > 1:
ps = Popen(["iptables", "-A", "testchain", "-p", service[
0], "--dport", service[1], "-j", action],
stdout=PIPE)
else:
ps = Popen(
["iptables", "-A", "testchain", "-p", service[0],
"-j", action], stdout=PIPE)
output = ps.communicate()[0]
if output:
LOG.error(_LE("Unable to add rule to chain due to: %(output)s")
% {'output': output})
count = count + 1
ps = Popen(["iptables", "-A", "testchain", "-m", "state", "--state",
"ESTABLISHED,RELATED", "-j", "ACCEPT"], stdout=PIPE)
output = ps.communicate()[0]
if output:
LOG.error(_LE("Unable to add rule to chain due to: %(output)s")
% {'output': output})
def update_chain(self):
ps = Popen(["iptables", "-L"], stdout=PIPE)
output = ps.communicate()[0]
# check if chain is present if not create new chain
if "testchain" not in output:
LOG.info(_LI("Creating new chain ..."))
call(["iptables", "-F"])
call(["iptables", "-N", "testchain"])
call(
["iptables", "-t", "filter",
"-A", "FORWARD", "-j", "testchain"])
call(["iptables", "-A", "FORWARD", "-j", "DROP"])
# flush chain of existing rules
call(["iptables", "-F", "testchain"])
# return
# Update chain with new rules
LOG.info(_LI("Updating chain with new rules ..."))
count = 0
for rule in self.rules_json.get('rules'):
LOG.info(_LI("adding rule %(count)d"), {'count': count})
try:
action_values = ["LOG", "ACCEPT"]
action = rule['action'].upper()
if action not in action_values:
sys.exit(
"Action %s is not valid action! Please enter "
"valid action (LOG or ACCEPT)" % (action))
service = rule['service'].split('/')
except KeyError as e:
sys.exit('KeyError: Rule does not have key %s' % (e))
if len(service) > 1:
ps = Popen(["iptables", "-A", "testchain", "-p", service[
0], "--dport", service[1], "-j", action],
stdout=PIPE)
else:
ps = Popen(
["iptables", "-A", "testchain", "-p", service[0],
"-j", action], stdout=PIPE)
output = ps.communicate()[0]
if output:
LOG.error(_LE("Unable to add rule to chain due to: %(msg)s"),
{'msg': output})
count = count + 1
ps = Popen(["iptables", "-A", "testchain", "-m", "state", "--state",
"ESTABLISHED,RELATED", "-j", "ACCEPT"], stdout=PIPE)
output = ps.communicate()[0]
if output:
LOG.error(_LE("Unable to add rule to chain due to: %(output)s"),
{'output': output})
def __init__(self, json_blob):
ps = Popen(["sysctl", "net.ipv4.ip_forward"], stdout=PIPE)
output = ps.communicate()[0]
if "0" in output:
LOG.info(_LI("Enabling IP forwarding ..."))
call(["sysctl", "-w", "net.ipv4.ip_forward=1"])
else:
LOG.info(_LI("IP forwarding already enabled"))
try:
self.rules_json = jsonutils.loads(json_blob)
except ValueError:
sys.exit('Given json_blob is not a valid json')
def run(self):
while 1:
try:
msg = self.input_q.get(True, 3.0)
LOG.info(_LI("RegThread: received message %s ") % msg)
self.proc_reg_msg(msg)
except Queue.Empty:
LOG.debug("RegThread: Queue timeout")
self.proc_timeout()
except ValueError:
LOG.error(_LE("Error processing reg message"))
break
LOG.info(_LI("RegThread exiting"))
RegData.thread_running = False
def run(self):
while 1:
try:
msg = self.input_q.get(True, 3.0)
LOG.info(_LI("RegThread: received message %s ") % msg)
self.proc_reg_msg(msg)
except Queue.Empty:
LOG.debug("RegThread: Queue timeout")
self.proc_timeout()
except ValueError:
LOG.error(_LE("Error processing reg message"))
break
LOG.info(_LI("RegThread exiting"))
RegData.thread_running = False
def create(self):
"""Create a Object in the DB.
"""
values = self.obj_get_changes()
LOG.info(_LI('Dumping CREATE port datastructure %s') % str(values))
db_object = self.db_instance.create(self.db_model, values)
self.from_dict_object(self, db_object)
def proc_timeout(self):
if not RegData.registered:
payload = {'name': self.service_name,
'service_type': self.service_type,
'url': self.my_url}
try:
resp = post(self._make_url(self.base_url, 'backends'), json=payload)
if resp.status_code == 201:
LOG.info(_LI("RegThread: registered with gluon"))
RegData.registered = True
elif resp.status_code == 409:
LOG.info(_LI("RegThread: already registered with gluon"))
RegData.registered = True
else:
LOG.info(_LI("RegThread: unexpected response code: %d" % resp.status_code))
except:
pass
if RegData.registered:
self.proc_msg_q()
def create(self):
"""Create a Port in the DB.
"""
if self.obj_attr_is_set('id'):
raise exception.ObjectActionError(action='create',
reason='already created')
values = self.obj_get_changes()
LOG.info(_LI('Dumping CREATE port datastructure %s') % str(values))
db = self.dbapi.create_port(values)
self._from_db_object(self, db)
def _add_routes(self, route_info):
LOG.info(
_LI("Configuring routes with configuration "
"data : %(route_data)s ") %
{'route_data': route_info['resource_data']})
source_cidrs = route_info['resource_data']['source_cidrs']
gateway_ip = route_info['resource_data']['gateway_ip']
default_route_commands = []
for cidr in source_cidrs:
source_interface = self._get_if_name_by_cidr(cidr)
try:
interface_number_string = source_interface.split("eth", 1)[1]
except IndexError:
LOG.error(
_LE("Retrieved wrong interface %(interface)s for "
"configuring routes") %
{'interface': source_interface})
routing_table_number = 20 + int(interface_number_string)
ip_rule_command = "ip rule add from %s table %s" % (
cidr, routing_table_number)
out1 = subprocess.Popen(ip_rule_command,
shell=True,
stdout=subprocess.PIPE).stdout.read()
ip_rule_command = "ip rule add to %s table main" % (cidr)
out2 = subprocess.Popen(ip_rule_command,
shell=True,
stdout=subprocess.PIPE).stdout.read()
ip_route_command = "ip route add table %s default via %s" % (
routing_table_number, gateway_ip)
default_route_commands.append(ip_route_command)
output = "%s\n%s" % (out1, out2)
LOG.info(
_LI("Static route configuration result: %(output)s") %
{'output': output})
for command in default_route_commands:
out = subprocess.Popen(command, shell=True,
stdout=subprocess.PIPE).stdout.read()
LOG.info(
_LI("Static route configuration result: %(output)s") %
{'output': out})
def run(self):
while 1:
try:
msg = self.input_q.get(True, 10.0)
LOG.info(_LI("SyncThread: received message %s ") % msg)
self.proc_sync_msg(msg)
except Queue.Empty:
LOG.debug("SyncThread: Queue timeout")
except ValueError:
LOG.error(_LE("Error processing sync message"))
break
LOG.error(_LE("SyncThread exiting"))
SyncData.sync_thread_running = False
def proc_msg(self, msg):
retVal = False
if msg["operation"] == 'register':
payload = {'id': msg["port_id"], 'owner': RegData.service_name}
try:
resp = post(self._make_url(self.base_url, 'ports'),
json=payload)
if resp.status_code == 201:
LOG.info(_LI("RegThread: port added gluon"))
retVal = True
elif resp.status_code == 409:
LOG.info(_LI("RegThread: port already in gluon"))
retVal = True
else:
LOG.info(
_LI("RegThread: unexpected response code: %d" %
resp.status_code))
except:
pass
elif msg["operation"] == 'deregister':
try:
url = self._make_url(self.base_url, 'ports')
url = self._make_url(url, msg["port_id"])
resp = delete(url)
if resp.status_code == 201 or resp.status_code == 200 or resp.status_code == 404:
LOG.info(_LI("RegThread: port removed from gluon"))
retVal = True
else:
LOG.info(
_LI("RegThread: unexpected response code: %d" %
resp.status_code))
except:
pass
else:
LOG.error(_LE("Unknown reg message"))
retVal = True
return retVal
def proc_timeout(self):
if not RegData.registered:
payload = {
'name': self.service_name,
'service_type': self.service_type,
'url': self.my_url
}
try:
resp = post(self._make_url(self.base_url, 'backends'),
json=payload)
if resp.status_code == 201:
LOG.info(_LI("RegThread: registered with gluon"))
RegData.registered = True
elif resp.status_code == 409:
LOG.info(_LI("RegThread: already registered with gluon"))
RegData.registered = True
else:
LOG.info(
_LI("RegThread: unexpected response code: %d" %
resp.status_code))
except:
pass
if RegData.registered:
self.proc_msg_q()
def _apply_user_config(self, config_data):
LOG.info(
_LI("Applying user config with configuration "
"type : %(config_type)s and "
"configuration data : %(config_data)s ") % {
'config_type': config_data['resource'],
'config_data': config_data['resource_data']
})
service_config = config_data['resource_data']['config_string']
service_config = str(service_config)
if config_data['resource'] == 'ansible':
config_str = service_config.lstrip('ansible:')
rules = config_str
elif config_data['resource'] == 'heat':
config_str = service_config.lstrip('heat_config:')
rules = self._get_rules_from_config(config_str)
elif config_data['resource'] == 'custom_json':
config_str = service_config.lstrip('custom_json:')
rules = config_str
fw_rule_file = FW_SCRIPT_PATH
command = ("sudo python " + fw_rule_file + " '" + rules + "'")
subprocess.check_output(command, stderr=subprocess.STDOUT, shell=True)
def _apply_user_config(self, config_data):
LOG.info(_LI("Applying user config with configuration "
"type : %(config_type)s and "
"configuration data : %(config_data)s ") %
{'config_type': config_data['resource'],
'config_data': config_data['resource_data']})
service_config = config_data['resource_data'][
'config_string']
service_config = str(service_config)
if config_data['resource'] == 'ansible':
config_str = service_config.lstrip('ansible:')
rules = config_str
elif config_data['resource'] == 'heat':
config_str = service_config.lstrip('heat_config:')
rules = self._get_rules_from_config(config_str)
elif config_data['resource'] == 'custom_json':
config_str = service_config.lstrip('custom_json:')
rules = config_str
fw_rule_file = FW_SCRIPT_PATH
command = ("sudo python " + fw_rule_file + " '" +
rules + "'")
subprocess.check_output(command, stderr=subprocess.STDOUT,
shell=True)
def _configure_interfaces(self, config_data):
LOG.info(_LI("Configures interfaces with configuration "
"data : %(interface_data)s ") %
{'interface_data': config_data})
def _configure_healthmonitor(self, config_data):
LOG.info(_LI("Configures healthmonitor with configuration "
"data : %(healthmonitor_data)s ") %
{'healthmonitor_data': config_data})
def _configure_healthmonitor(self, config_data):
LOG.info(
_LI("Configures healthmonitor with configuration "
"data : %(healthmonitor_data)s ") %
{'healthmonitor_data': config_data})
def _configure_interfaces(self, config_data):
LOG.info(
_LI("Configures interfaces with configuration "
"data : %(interface_data)s ") %
{'interface_data': config_data})
