def _create_iip(self, pod_task_id, vn_obj, vmi, custom_ipam=None):
vn = VirtualNetworkMM.find_by_name_or_uuid(vn_obj.get_uuid())
if not vn:
# It is possible our cache may not have the VN yet. Locate it.
vn = VirtualNetworkMM.locate(vn_obj.get_uuid())
if custom_ipam is None:
ipam_fq_name = vnc_mesos_config.pod_task_ipam_fq_name()
else:
ipam_fq_name = custom_ipam.split(':')
pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(ipam_fq_name)
# Create instance-ip.
iip_uuid = str(uuid.uuid1())
iip_obj = InstanceIp(name=pod_task_id,
subnet_uuid=pod_ipam_subnet_uuid)
iip_obj.uuid = iip_uuid
iip_obj.add_virtual_network(vn_obj)
# Creation of iip requires the vmi vnc object.
vmi_obj = self._vnc_lib.virtual_machine_interface_read(
fq_name=vmi.fq_name)
iip_obj.add_virtual_machine_interface(vmi_obj)
InstanceIpMM.add_annotations(self, iip_obj, pod_task_id)
self._logger.debug("%s: Create IIP from ipam_fq_name [%s]"
" pod_ipam_subnet_uuid [%s]"
" vn [%s] vmi_fq_name [%s]" %\
(self._name, ipam_fq_name, pod_ipam_subnet_uuid,
vn.name, vmi.fq_name))
try:
self._vnc_lib.instance_ip_create(iip_obj)
except RefsExistError:
self._vnc_lib.instance_ip_update(iip_obj)
InstanceIpMM.locate(iip_obj.uuid)
return iip_obj
def _create_iip(self, pod_task_id, vn_obj, vmi, custom_ipam=None):
vn = VirtualNetworkMM.find_by_name_or_uuid(vn_obj.get_uuid())
if not vn:
# It is possible our cache may not have the VN yet. Locate it.
vn = VirtualNetworkMM.locate(vn_obj.get_uuid())
if custom_ipam is None:
ipam_fq_name = vnc_mesos_config.pod_task_ipam_fq_name()
else:
ipam_fq_name = custom_ipam.split(':')
pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(ipam_fq_name)
# Create instance-ip.
iip_uuid = str(uuid.uuid1())
iip_obj = InstanceIp(name=pod_task_id, subnet_uuid=pod_ipam_subnet_uuid)
iip_obj.uuid = iip_uuid
iip_obj.add_virtual_network(vn_obj)
# Creation of iip requires the vmi vnc object.
vmi_obj = self._vnc_lib.virtual_machine_interface_read(
fq_name=vmi.fq_name)
iip_obj.add_virtual_machine_interface(vmi_obj)
InstanceIpMM.add_annotations(self, iip_obj, pod_task_id)
self._logger.debug("%s: Create IIP from ipam_fq_name [%s]"
" pod_ipam_subnet_uuid [%s]"
" vn [%s] vmi_fq_name [%s]" %\
(self._name, ipam_fq_name, pod_ipam_subnet_uuid,
vn.name, vmi.fq_name))
try:
self._vnc_lib.instance_ip_create(iip_obj)
except RefsExistError:
self._vnc_lib.instance_ip_update(iip_obj)
InstanceIpMM.locate(iip_obj.uuid)
return iip_obj
def _create_iip(self, pod_name, pod_namespace, vn_obj, vmi):
# Instance-ip for pods are ALWAYS allocated from pod ipam on this
# VN. Get the subnet uuid of the pod ipam on this VN, so we can request
# an IP from it.
vn = VirtualNetworkKM.find_by_name_or_uuid(vn_obj.get_uuid())
if not vn:
# It is possible our cache may not have the VN yet. Locate it.
vn = VirtualNetworkKM.locate(vn_obj.get_uuid())
pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(
vnc_kube_config.pod_ipam_fq_name())
# Create instance-ip.
display_name = VncCommon.make_display_name(pod_namespace, pod_name)
iip_uuid = str(uuid.uuid1())
iip_name = VncCommon.make_name(pod_name, iip_uuid)
iip_obj = InstanceIp(name=iip_name, subnet_uuid=pod_ipam_subnet_uuid,
display_name=display_name)
iip_obj.uuid = iip_uuid
iip_obj.add_virtual_network(vn_obj)
# Creation of iip requires the vmi vnc object.
vmi_obj = self._vnc_lib.virtual_machine_interface_read(
fq_name=vmi.fq_name)
iip_obj.add_virtual_machine_interface(vmi_obj)
InstanceIpKM.add_annotations(self, iip_obj, pod_namespace, pod_name)
try:
self._vnc_lib.instance_ip_create(iip_obj)
except RefsExistError:
self._vnc_lib.instance_ip_update(iip_obj)
InstanceIpKM.locate(iip_obj.uuid)
return iip_obj
def _create_iip(self, pod_name, pod_namespace, vn_obj, vmi):
# Instance-ip for pods are ALWAYS allocated from pod ipam on this
# VN. Get the subnet uuid of the pod ipam on this VN, so we can request
# an IP from it.
vn = VirtualNetworkKM.find_by_name_or_uuid(vn_obj.get_uuid())
if not vn:
# It is possible our cache may not have the VN yet. Locate it.
vn = VirtualNetworkKM.locate(vn_obj.get_uuid())
pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(
vnc_kube_config.pod_ipam_fq_name())
# Create instance-ip.
display_name = VncCommon.make_display_name(pod_namespace, pod_name)
iip_uuid = str(uuid.uuid1())
iip_name = VncCommon.make_name(pod_name, iip_uuid)
iip_obj = InstanceIp(name=iip_name,
subnet_uuid=pod_ipam_subnet_uuid,
display_name=display_name)
iip_obj.uuid = iip_uuid
iip_obj.add_virtual_network(vn_obj)
# Creation of iip requires the vmi vnc object.
vmi_obj = self._vnc_lib.virtual_machine_interface_read(
fq_name=vmi.fq_name)
iip_obj.add_virtual_machine_interface(vmi_obj)
InstanceIpKM.add_annotations(self, iip_obj, pod_namespace, pod_name)
try:
self._vnc_lib.instance_ip_create(iip_obj)
except RefsExistError:
self._vnc_lib.instance_ip_update(iip_obj)
InstanceIpKM.locate(iip_obj.uuid)
return iip_obj
def _create_iip(self, pod_name, pod_namespace, proj_uuid, vn_obj, vmi):
# Instance-ip for pods are ALWAYS allocated from pod ipam on this
# VN. Get the subnet uuid of the pod ipam on this VN, so we can request
# an IP from it.
vn = VirtualNetworkKM.find_by_name_or_uuid(vn_obj.get_uuid())
if not vn:
# It is possible our cache may not have the VN yet. Locate it.
vn = VirtualNetworkKM.locate(vn_obj.get_uuid())
if self._is_pod_network_isolated(pod_namespace):
vn_namespace = pod_namespace
else:
vn_namespace = 'default'
if self._is_ip_fabric_forwarding_enabled(vn_namespace):
ipam_fq_name = vnc_kube_config.ip_fabric_ipam_fq_name()
else:
ipam_fq_name = vnc_kube_config.pod_ipam_fq_name()
pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(ipam_fq_name)
# Create instance-ip.
iip_uuid = str(uuid.uuid1())
iip_name = VncCommon.make_name(pod_name, iip_uuid)
perms2 = PermType2()
perms2.owner = proj_uuid
perms2.owner_access = PERMS_RWX
iip_obj = InstanceIp(name=iip_name, subnet_uuid=pod_ipam_subnet_uuid,
display_name=iip_name, perms2=perms2)
iip_obj.uuid = iip_uuid
iip_obj.add_virtual_network(vn_obj)
# Creation of iip requires the vmi vnc object.
vmi_obj = self._vnc_lib.virtual_machine_interface_read(
fq_name=vmi.fq_name)
iip_obj.add_virtual_machine_interface(vmi_obj)
InstanceIpKM.add_annotations(self, iip_obj, pod_namespace, pod_name)
self._logger.debug("%s: Create IIP from ipam_fq_name [%s]"
" pod_ipam_subnet_uuid [%s]"
" vn [%s] vmi_fq_name [%s]" %\
(self._name, ipam_fq_name, pod_ipam_subnet_uuid,
vn.name, vmi.fq_name))
try:
self._vnc_lib.instance_ip_create(iip_obj)
except RefsExistError:
self._vnc_lib.instance_ip_update(iip_obj)
InstanceIpKM.locate(iip_obj.uuid)
return iip_obj
def _create_iip(self, pod_name, pod_namespace, vn_obj, vmi):
# Instance-ip for pods are ALWAYS allocated from pod ipam on this
# VN. Get the subnet uuid of the pod ipam on this VN, so we can request
# an IP from it.
vn = VirtualNetworkKM.find_by_name_or_uuid(vn_obj.get_uuid())
if not vn:
# It is possible our cache may not have the VN yet. Locate it.
vn = VirtualNetworkKM.locate(vn_obj.get_uuid())
if self._is_pod_network_isolated(pod_namespace):
vn_namespace = pod_namespace
else:
vn_namespace = 'default'
if self._is_ip_fabric_forwarding_enabled(vn_namespace):
ipam_fq_name = vnc_kube_config.ip_fabric_ipam_fq_name()
else:
ipam_fq_name = vnc_kube_config.pod_ipam_fq_name()
pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(ipam_fq_name)
# Create instance-ip.
iip_uuid = str(uuid.uuid1())
iip_name = VncCommon.make_name(pod_name, iip_uuid)
iip_obj = InstanceIp(name=iip_name, subnet_uuid=pod_ipam_subnet_uuid,
display_name=iip_name)
iip_obj.uuid = iip_uuid
iip_obj.add_virtual_network(vn_obj)
# Creation of iip requires the vmi vnc object.
vmi_obj = self._vnc_lib.virtual_machine_interface_read(
fq_name=vmi.fq_name)
iip_obj.add_virtual_machine_interface(vmi_obj)
InstanceIpKM.add_annotations(self, iip_obj, pod_namespace, pod_name)
self._logger.debug("%s: Create IIP from ipam_fq_name [%s]"
" pod_ipam_subnet_uuid [%s]"
" vn [%s] vmi_fq_name [%s]" %\
(self._name, ipam_fq_name, pod_ipam_subnet_uuid,
vn.name, vmi.fq_name))
try:
self._vnc_lib.instance_ip_create(iip_obj)
except RefsExistError:
self._vnc_lib.instance_ip_update(iip_obj)
InstanceIpKM.locate(iip_obj.uuid)
return iip_obj
def test_rbac_on_back_ref(self):
admin_iip_count = 10
iip_uuids = set()
user_api = self._get_api_client(
'user-%s' % self.id(),
'password',
'project-%s' % self.id(),
'member')
user_project = self.admin_api.project_read(id=user_api.project_id)
user_vn = VirtualNetwork(
'user-vn-%s' % self.id(), parent_obj=user_project)
user_ni = NetworkIpam('ni-%s' % self.id(), parent_obj=user_project)
user_api.network_ipam_create(user_ni)
user_vn.add_network_ipam(
user_ni,
VnSubnetsType(
[IpamSubnetType(SubnetType('1.1.1.0', 28))]))
user_api.virtual_network_create(user_vn)
user_vmi_view = VirtualMachineInterface(
'user-vmi-%s' % self.id(), parent_obj=user_project)
user_vmi_view.add_virtual_network(user_vn)
user_api.virtual_machine_interface_create(user_vmi_view)
user_iip = InstanceIp('user-iip-%s' % self.id())
user_iip.add_virtual_network(user_vn)
user_iip.add_virtual_machine_interface(user_vmi_view)
user_api.instance_ip_create(user_iip)
iip_uuids.add(user_iip.uuid)
for i in range(admin_iip_count):
admin_iip = InstanceIp('admin-iip-%d-%s' % (i, self.id()))
admin_iip.add_virtual_network(user_vn)
admin_iip.add_virtual_machine_interface(user_vmi_view)
self.admin_api.instance_ip_create(admin_iip)
iip_uuids.add(admin_iip.uuid)
user_iips = user_vmi_view.get_instance_ip_back_refs()
self.assertEqual(len(user_iips), 1)
self.assertEqual(user_iips[0]['uuid'], user_iip.uuid)
admin_vmi_view = self.admin_api.virtual_machine_interface_read(
id=user_vmi_view.uuid)
admin_iips = admin_vmi_view.get_instance_ip_back_refs()
self.assertEqual(len(admin_iips), admin_iip_count + 1)
self.assertEqual({iip['uuid'] for iip in admin_iips}, iip_uuids)
except RefsExistError as ref:
print >> sys.stderr, "Not creating VMI, already exists: ", str(ref)
vmi_obj = api.virtual_machine_interface_read(fq_name=proj_fq_name + [vmi_name])
vmi_uuid = vmi_obj.uuid
## LINK VM TO VROUTER
vrouter_obj = api.virtual_router_read(id=vr_uuid)
ref_response = api.ref_update('virtual-router', vrouter_obj.uuid,
'virtual-machine', vm_obj.uuid, None, 'ADD')
print >> sys.stderr, "Linked VM to vRouter:", ref_response
## CREATE INTERFACE IP
iip_uuid = str(uuid.uuid1())
perms2 = PermType2()
perms2.owner = proj_uuid
perms2.owner_access = PERMS_RWX
iip_obj = InstanceIp(name=iip_name, subnet_uuid=subnet_uuid,
display_name=iip_name, perms2=perms2)
iip_obj.uuid = iip_uuid
iip_obj.add_virtual_network(vn_obj)
iip_obj.add_virtual_machine_interface(vmi_obj)
try:
api.instance_ip_create(iip_obj)
except RefsExistError as ref:
print >> sys.stderr, "Not creating VMI IP, already exists: ", str(ref)
print json.dumps({"vmiUuid": vmi_uuid, "vmUuid": vm_uuid, "vnUuid": vn_uuid})
