def attach_vpn_gateway(context, vpc_id, vpn_gateway_id):
vpn_gateway = ec2utils.get_db_item(context, vpn_gateway_id)
vpc = ec2utils.get_db_item(context, vpc_id)
if vpn_gateway["vpc_id"] and vpn_gateway["vpc_id"] != vpc["id"]:
raise exception.VpnGatewayAttachmentLimitExceeded()
attached_vgw = ec2utils.get_attached_gateway(context, vpc["id"], "vgw")
if attached_vgw and attached_vgw["id"] != vpn_gateway["id"]:
raise exception.InvalidVpcState(vpc_id=vpc["id"], vgw_id=attached_vgw["id"])
subnets = [subnet for subnet in db_api.get_items(context, "subnet") if subnet["vpc_id"] == vpc["id"]]
if not vpn_gateway["vpc_id"]:
external_network_id = None
if not ec2utils.get_attached_gateway(context, vpc["id"], "igw"):
external_network_id = ec2utils.get_os_public_network(context)["id"]
neutron = clients.neutron(context)
with common.OnCrashCleaner() as cleaner:
_attach_vpn_gateway_item(context, vpn_gateway, vpc["id"])
cleaner.addCleanup(_detach_vpn_gateway_item, context, vpn_gateway)
if external_network_id:
neutron.add_gateway_router(vpc["os_id"], {"network_id": external_network_id})
cleaner.addCleanup(neutron.remove_gateway_router, vpc["os_id"])
for subnet in subnets:
_create_subnet_vpnservice(context, neutron, cleaner, subnet, vpc)
vpn_connection_api._reset_vpn_connections(context, neutron, cleaner, vpn_gateway, subnets=subnets)
return {"attachment": _format_attachment(vpn_gateway)}
def attach_internet_gateway(context, internet_gateway_id, vpc_id):
igw = ec2utils.get_db_item(context, internet_gateway_id)
if igw.get('vpc_id'):
msg_params = {'igw_id': igw['id'], 'vpc_id': igw['vpc_id']}
msg = _('resource %(igw_id)s is already attached to '
'network %(vpc_id)s') % msg_params
raise exception.ResourceAlreadyAssociated(msg)
vpc = ec2utils.get_db_item(context, vpc_id)
if ec2utils.get_attached_gateway(context, vpc['id'], 'igw'):
msg = _('Network %(vpc_id)s already has an internet gateway '
'attached') % {
'vpc_id': vpc['id']
}
raise exception.InvalidParameterValue(msg)
external_network_id = None
if not ec2utils.get_attached_gateway(context, vpc['id'], 'vgw'):
external_network_id = ec2utils.get_os_public_network(context)['id']
neutron = clients.neutron(context)
# TODO(ft): set attaching state into db
with common.OnCrashCleaner() as cleaner:
_attach_internet_gateway_item(context, igw, vpc['id'])
cleaner.addCleanup(_detach_internet_gateway_item, context, igw)
if external_network_id:
neutron.add_gateway_router(vpc['os_id'],
{'network_id': external_network_id})
return True
def attach_vpn_gateway(context, vpc_id, vpn_gateway_id):
vpn_gateway = ec2utils.get_db_item(context, vpn_gateway_id)
vpc = ec2utils.get_db_item(context, vpc_id)
if vpn_gateway['vpc_id'] and vpn_gateway['vpc_id'] != vpc['id']:
raise exception.VpnGatewayAttachmentLimitExceeded()
attached_vgw = ec2utils.get_attached_gateway(context, vpc['id'], 'vgw')
if attached_vgw and attached_vgw['id'] != vpn_gateway['id']:
raise exception.InvalidVpcState(vpc_id=vpc['id'],
vgw_id=attached_vgw['id'])
subnets = [subnet for subnet in db_api.get_items(context, 'subnet')
if subnet['vpc_id'] == vpc['id']]
if not vpn_gateway['vpc_id']:
external_network_id = None
if not ec2utils.get_attached_gateway(context, vpc['id'], 'igw'):
external_network_id = ec2utils.get_os_public_network(context)['id']
neutron = clients.neutron(context)
with common.OnCrashCleaner() as cleaner:
_attach_vpn_gateway_item(context, vpn_gateway, vpc['id'])
cleaner.addCleanup(_detach_vpn_gateway_item, context, vpn_gateway)
if external_network_id:
neutron.add_gateway_router(vpc['os_id'],
{'network_id': external_network_id})
cleaner.addCleanup(neutron.remove_gateway_router, vpc['os_id'])
for subnet in subnets:
_create_subnet_vpnservice(context, neutron, cleaner,
subnet, vpc)
vpn_connection_api._reset_vpn_connections(
context, neutron, cleaner, vpn_gateway, subnets=subnets)
return {'attachment': _format_attachment(vpn_gateway)}
def attach_internet_gateway(context, internet_gateway_id, vpc_id):
igw = ec2utils.get_db_item(context, internet_gateway_id)
if igw.get('vpc_id'):
msg_params = {'igw_id': igw['id'],
'vpc_id': igw['vpc_id']}
msg = _('resource %(igw_id)s is already attached to '
'network %(vpc_id)s') % msg_params
raise exception.ResourceAlreadyAssociated(msg)
vpc = ec2utils.get_db_item(context, vpc_id)
if ec2utils.get_attached_gateway(context, vpc['id'], 'igw'):
msg = _('Network %(vpc_id)s already has an internet gateway '
'attached') % {'vpc_id': vpc['id']}
raise exception.InvalidParameterValue(msg)
external_network_id = None
if not ec2utils.get_attached_gateway(context, vpc['id'], 'vgw'):
external_network_id = ec2utils.get_os_public_network(context)['id']
neutron = clients.neutron(context)
# TODO(ft): set attaching state into db
with common.OnCrashCleaner() as cleaner:
_attach_internet_gateway_item(context, igw, vpc['id'])
cleaner.addCleanup(_detach_internet_gateway_item, context, igw)
if external_network_id:
neutron.add_gateway_router(vpc['os_id'],
{'network_id': external_network_id})
return True
def _update_vpn_routes(context, neutron, cleaner, route_table, subnets):
vpn_gateway = ec2utils.get_attached_gateway(
context, route_table['vpc_id'], 'vgw')
if not vpn_gateway:
return
_reset_vpn_connections(context, neutron, cleaner, vpn_gateway,
route_tables=[route_table], subnets=subnets)
def detach_vpn_gateway(context, vpc_id, vpn_gateway_id):
vpn_gateway = ec2utils.get_db_item(context, vpn_gateway_id)
if vpn_gateway['vpc_id'] != vpc_id:
raise exception.InvalidVpnGatewayAttachmentNotFound(
vgw_id=vpn_gateway_id, vpc_id=vpc_id)
vpc = db_api.get_item_by_id(context, vpc_id)
neutron = clients.neutron(context)
remove_os_gateway_router = (
ec2utils.get_attached_gateway(context, vpc_id, 'igw') is None)
subnets = [subnet for subnet in db_api.get_items(context, 'subnet')
if subnet['vpc_id'] == vpc['id']]
with common.OnCrashCleaner() as cleaner:
_detach_vpn_gateway_item(context, vpn_gateway)
cleaner.addCleanup(_attach_vpn_gateway_item, context, vpn_gateway,
vpc_id)
vpn_connection_api._stop_gateway_vpn_connections(
context, neutron, cleaner, vpn_gateway)
for subnet in subnets:
_delete_subnet_vpnservice(context, neutron, cleaner, subnet)
if remove_os_gateway_router:
try:
neutron.remove_gateway_router(vpc['os_id'])
except neutron_exception.NotFound:
pass
return True
def detach_internet_gateway(context, internet_gateway_id, vpc_id):
igw = ec2utils.get_db_item(context, internet_gateway_id)
vpc = ec2utils.get_db_item(context, vpc_id)
LOG.info('Detaching %(igw)s internet-gateway from %(vpc)s.',
{'igw': str(igw), 'vpc': str(vpc)})
if igw.get('vpc_id') != vpc['id']:
raise exception.GatewayNotAttached(gw_id=igw['id'],
vpc_id=vpc['id'])
remove_os_gateway_router = (
ec2utils.get_attached_gateway(context, vpc_id, 'vgw') is None)
neutron = clients.neutron(context)
# TODO(ft): set detaching state into db
with common.OnCrashCleaner() as cleaner:
_detach_internet_gateway_item(context, igw)
cleaner.addCleanup(_attach_internet_gateway_item,
context, igw, vpc['id'])
if remove_os_gateway_router:
try:
neutron.remove_gateway_router(vpc['os_id'])
except neutron_exception.NotFound:
pass
except Exception as ex:
floatingips=neutron.list_floatingips(tenant_id=context.project_id)['floatingips']
LOG.info('Existing floating ips: %(floatingips)s. Exception: %(ex)s.',
{'floatingips': floatingips, 'ex': ex})
return True
def _start_vpn_in_subnet(context, neutron, cleaner, subnet, vpc, route_table):
vpn_gateway = ec2utils.get_attached_gateway(context, vpc["id"], "vgw")
if not vpn_gateway:
return
_create_subnet_vpnservice(context, neutron, cleaner, subnet, vpc)
vpn_connection_api._reset_vpn_connections(
context, neutron, cleaner, vpn_gateway, subnets=[subnet], route_tables=[route_table]
)
def _start_vpn_in_subnet(context, neutron, cleaner, subnet, vpc, route_table):
vpn_gateway = ec2utils.get_attached_gateway(context, vpc['id'], 'vgw')
if not vpn_gateway:
return
_create_subnet_vpnservice(context, neutron, cleaner, subnet, vpc)
vpn_connection_api._reset_vpn_connections(context, neutron, cleaner,
vpn_gateway, subnets=[subnet],
route_tables=[route_table])
def _update_vpn_routes(context, neutron, cleaner, route_table, subnets):
vpn_gateway = ec2utils.get_attached_gateway(context, route_table['vpc_id'],
'vgw')
if not vpn_gateway:
return
_reset_vpn_connections(context,
neutron,
cleaner,
vpn_gateway,
route_tables=[route_table],
subnets=subnets)
def attach_internet_gateway(context, internet_gateway_id, vpc_id):
igw = ec2utils.get_db_item(context, internet_gateway_id)
if igw.get("vpc_id"):
msg_params = {"igw_id": igw["id"], "vpc_id": igw["vpc_id"]}
msg = _("resource %(igw_id)s is already attached to " "network %(vpc_id)s") % msg_params
raise exception.ResourceAlreadyAssociated(msg)
vpc = ec2utils.get_db_item(context, vpc_id)
if ec2utils.get_attached_gateway(context, vpc["id"], "igw"):
msg = _("Network %(vpc_id)s already has an internet gateway " "attached") % {"vpc_id": vpc["id"]}
raise exception.InvalidParameterValue(msg)
external_network_id = None
if not ec2utils.get_attached_gateway(context, vpc["id"], "vgw"):
external_network_id = ec2utils.get_os_public_network(context)["id"]
neutron = clients.neutron(context)
# TODO(ft): set attaching state into db
with common.OnCrashCleaner() as cleaner:
_attach_internet_gateway_item(context, igw, vpc["id"])
cleaner.addCleanup(_detach_internet_gateway_item, context, igw)
if external_network_id:
neutron.add_gateway_router(vpc["os_id"], {"network_id": external_network_id})
return True
def detach_internet_gateway(context, internet_gateway_id, vpc_id):
igw = ec2utils.get_db_item(context, internet_gateway_id)
vpc = ec2utils.get_db_item(context, vpc_id)
if igw.get("vpc_id") != vpc["id"]:
raise exception.GatewayNotAttached(gw_id=igw["id"], vpc_id=vpc["id"])
remove_os_gateway_router = ec2utils.get_attached_gateway(context, vpc_id, "vgw") is None
neutron = clients.neutron(context)
# TODO(ft): set detaching state into db
with common.OnCrashCleaner() as cleaner:
_detach_internet_gateway_item(context, igw)
cleaner.addCleanup(_attach_internet_gateway_item, context, igw, vpc["id"])
if remove_os_gateway_router:
try:
neutron.remove_gateway_router(vpc["os_id"])
except neutron_exception.NotFound:
pass
return True
def detach_internet_gateway(context, internet_gateway_id, vpc_id):
igw = ec2utils.get_db_item(context, internet_gateway_id)
vpc = ec2utils.get_db_item(context, vpc_id)
if igw.get('vpc_id') != vpc['id']:
raise exception.GatewayNotAttached(gw_id=igw['id'], vpc_id=vpc['id'])
remove_os_gateway_router = (ec2utils.get_attached_gateway(
context, vpc_id, 'vgw') is None)
neutron = clients.neutron(context)
# TODO(ft): set detaching state into db
with common.OnCrashCleaner() as cleaner:
_detach_internet_gateway_item(context, igw)
cleaner.addCleanup(_attach_internet_gateway_item, context, igw,
vpc['id'])
if remove_os_gateway_router:
try:
neutron.remove_gateway_router(vpc['os_id'])
except neutron_exception.NotFound:
pass
return True