def _create_vm(self, pod_namespace, pod_id, pod_name, labels, proj_uuid):
cluster_name = vnc_kube_config.cluster_name()
vm_name = VncCommon.make_name(cluster_name, pod_namespace, pod_name)
display_name = vm_name
self._check_pod_uuid_change(pod_id, vm_name)
perms2 = PermType2()
perms2.owner = proj_uuid
perms2.owner_access = cfgm_common.PERMS_RWX
vm_obj = VirtualMachine(name=vm_name,
perms2=perms2,
display_name=display_name)
vm_obj.uuid = pod_id
vm_obj.set_server_type("container")
VirtualMachineKM.add_annotations(self,
vm_obj,
pod_namespace,
pod_name,
k8s_uuid=str(pod_id),
labels=json.dumps(labels))
try:
self._vnc_lib.virtual_machine_create(vm_obj)
except RefsExistError:
vm_obj = self._vnc_lib.virtual_machine_read(id=pod_id)
VirtualMachineKM.locate(vm_obj.uuid)
return vm_obj
def vnc_pod_add(self, pod_id, pod_name, pod_namespace, pod_node, node_ip,
labels, vm_vmi):
vm = VirtualMachineKM.get(pod_id)
if vm:
vm.pod_namespace = pod_namespace
if not vm.virtual_router:
self._link_vm_to_node(vm, pod_node, node_ip)
self._set_label_to_pod_cache(labels, vm)
# Update tags.
self._set_tags_on_pod_vmi(pod_id)
return vm
else:
self._check_pod_uuid_change(pod_id, pod_name)
vn_obj = self._get_default_network(pod_id, pod_name, pod_namespace)
if not vn_obj:
return
pod = PodKM.find_by_name_or_uuid(pod_id)
total_interface_count = len(pod.networks) + 1
# network_status: Dict of network name to vmi_uuid
network_status = {}
vm_obj = self._create_vm(pod_namespace, pod_id, pod_name, labels)
index = str(0) + "/" + str(total_interface_count)
vmi_uuid = self.vnc_pod_vmi_create(pod_id, pod_name, pod_namespace,\
pod_node, node_ip, vm_obj, vn_obj, vm_vmi,\
index, nw_name='default')
network_status['cluster-wide-default'] = vmi_uuid
for idx, network_name in enumerate(pod.networks, start=1):
net_namespace = pod_namespace
net_name = network_name
# Check if network is in a different namespace than the pod's
# namespace (ex: <namespace/<network>)
if '/' in network_name:
net_namespace, net_name = network_name.split('/')
vn_obj = self._get_user_defined_network(net_name, net_namespace)
index = str(idx) + "/" + str(total_interface_count)
vmi_uuid = self.vnc_pod_vmi_create(pod_id, pod_name, net_namespace,\
pod_node, node_ip, vm_obj, vn_obj, vm_vmi,\
index, nw_name=net_name)
network_status[net_name] = vmi_uuid
if not self._is_pod_nested():
self._link_vm_to_node(vm_obj, pod_node, node_ip)
vm = VirtualMachineKM.locate(pod_id)
if vm:
vm.pod_namespace = pod_namespace
vm.pod_node = pod_node
vm.node_ip = node_ip
self._set_label_to_pod_cache(labels, vm)
self._set_tags_on_pod_vmi(pod_id)
# Update network-status in pod description
self._update_network_status(pod_name, pod_namespace, network_status)
return vm
def vnc_pod_add(self, pod_id, pod_name, pod_namespace, pod_node, node_ip,
labels, vm_vmi):
vm = VirtualMachineKM.get(pod_id)
if vm:
vm.pod_namespace = pod_namespace
if not vm.virtual_router:
self._link_vm_to_node(vm, pod_node, node_ip)
self._set_label_to_pod_cache(labels, vm)
return vm
else:
self._check_pod_uuid_change(pod_id, pod_name)
vn_obj = self._get_network(pod_id, pod_name, pod_namespace)
if not vn_obj:
return
vm_obj = self._create_vm(pod_namespace, pod_id, pod_name, labels)
vmi_uuid = self._create_vmi(pod_name, pod_namespace, vm_obj, vn_obj,
vm_vmi)
vmi = VirtualMachineInterfaceKM.get(vmi_uuid)
if self._is_pod_nested() and vm_vmi:
# Pod is nested.
# Link the pod VMI to the VMI of the underlay VM.
self._vnc_lib.ref_update('virtual-machine-interface', vm_vmi.uuid,
'virtual-machine-interface', vmi_uuid,
None, 'ADD')
self._vnc_lib.ref_update('virtual-machine-interface', vmi_uuid,
'virtual-machine-interface', vm_vmi.uuid,
None, 'ADD')
# get host id for vm vmi
vr_uuid = None
for vr in VirtualRouterKM.values():
if vr.name == vm_vmi.host_id:
vr_uuid = vr.uuid
break
if not vr_uuid:
self._logger.error(
"No virtual-router object found for host: " +
vm_vmi.host_id + ". Unable to add VM reference to a" +
" valid virtual-router")
return
self._vnc_lib.ref_update('virtual-router', vr_uuid,
'virtual-machine', vm_obj.uuid, None,
'ADD')
self._create_iip(pod_name, pod_namespace, vn_obj, vmi)
if not self._is_pod_nested():
self._link_vm_to_node(vm_obj, pod_node, node_ip)
vm = VirtualMachineKM.locate(pod_id)
if vm:
vm.pod_namespace = pod_namespace
vm.pod_node = pod_node
vm.node_ip = node_ip
self._set_label_to_pod_cache(labels, vm)
return vm
def _create_vm(self, pod_namespace, pod_id, pod_name, labels):
vm_name = VncCommon.make_name(pod_name, pod_id)
display_name = VncCommon.make_display_name(pod_namespace, pod_name)
vm_obj = VirtualMachine(name=vm_name, display_name=display_name)
vm_obj.uuid = pod_id
VirtualMachineKM.add_annotations(self, vm_obj, pod_namespace, pod_name,
k8s_uuid=str(pod_id),
labels=json.dumps(labels))
try:
self._vnc_lib.virtual_machine_create(vm_obj)
except RefsExistError:
vm_obj = self._vnc_lib.virtual_machine_read(id=pod_id)
VirtualMachineKM.locate(vm_obj.uuid)
return vm_obj
def _create_vm(self, pod_namespace, pod_id, pod_name, labels):
vm_name = VncCommon.make_name(pod_name, pod_id)
display_name = VncCommon.make_display_name(pod_namespace, pod_name)
vm_obj = VirtualMachine(name=vm_name, display_name=display_name)
vm_obj.uuid = pod_id
VirtualMachineKM.add_annotations(self, vm_obj, pod_namespace, pod_name,
k8s_uuid=str(pod_id),
labels=json.dumps(labels))
try:
self._vnc_lib.virtual_machine_create(vm_obj)
except RefsExistError:
vm_obj = self._vnc_lib.virtual_machine_read(id=pod_id)
VirtualMachineKM.locate(vm_obj.uuid)
return vm_obj
def _link_vm_to_node(self, vm_obj, pod_node, node_ip):
if node_ip is None:
return
vm = VirtualMachineKM.locate(vm_obj.uuid)
if vm:
vm.node_ip = node_ip
vr_uuid = VirtualRouterKM.get_ip_addr_to_uuid(node_ip)
if vr_uuid is None:
self._logger.debug("%s - Vrouter %s Not Found for Pod %s"
%(self._name, node_ip, vm_obj.uuid))
return
try:
vrouter_obj = self._vnc_lib.virtual_router_read(id=vr_uuid)
except Exception as e:
self._logger.debug("%s - Vrouter %s Not Found for Pod %s"
%(self._name, node_ip, vm_obj.uuid))
string_buf = StringIO()
cgitb_hook(file=string_buf, format="text")
err_msg = string_buf.getvalue()
self._logger.error("_link_vm_to_node: %s - %s" %(self._name, err_msg))
return
self._vnc_lib.ref_update('virtual-router', vrouter_obj.uuid,
'virtual-machine', vm_obj.uuid, None, 'ADD')
if vm:
vm.virtual_router = vr_obj.uuid
def vnc_pod_delete(self, pod_id):
vm = VirtualMachineKM.get(pod_id)
if not vm:
return
# If this VM's vrouter info is not available in our config db,
# then it is a case of race between delete and ref updates.
# So explicitly update this entry in config db.
if not vm.virtual_router:
try:
vm.update()
except NoIdError:
pass
self._clear_label_to_pod_cache(vm)
if vm.virtual_router:
self._vnc_lib.ref_update('virtual-router', vm.virtual_router,
'virtual-machine', vm.uuid, None,
'DELETE')
for vmi_id in list(vm.virtual_machine_interfaces):
self.vnc_port_delete(vmi_id)
try:
self._vnc_lib.virtual_machine_delete(id=pod_id)
except NoIdError:
pass
def _add_pod_to_service(self, service_id, pod_id, port=None):
lb = LoadbalancerKM.get(service_id)
if not lb:
return
vm = VirtualMachineKM.get(pod_id)
if not vm:
return
for lb_listener_id in lb.loadbalancer_listeners:
pool = self._get_loadbalancer_pool(lb_listener_id, port)
if not pool:
continue
for vmi_id in vm.virtual_machine_interfaces:
vmi = VirtualMachineInterfaceKM.get(vmi_id)
if not vmi:
continue
for member_id in pool.members:
member = LoadbalancerMemberKM.get(member_id)
if member and member.vmi == vmi_id:
break
else:
self.logger.debug(
"Creating LB member for Pod/VM: %s in LB: %s with "
"target-port: %d"
% (vm.fq_name, lb.name, port['port']))
member_obj = self._vnc_create_member(
pool, pod_id, vmi_id, port['port'])
LoadbalancerMemberKM.locate(member_obj.uuid)
def _add_pod_to_service(self, service_id, pod_id, port=None):
lb = LoadbalancerKM.get(service_id)
if not lb:
return
vm = VirtualMachineKM.get(pod_id)
if not vm:
return
for lb_listener_id in lb.loadbalancer_listeners:
pool = self._get_loadbalancer_pool(lb_listener_id, port)
if not pool:
continue
for vmi_id in vm.virtual_machine_interfaces:
vmi = VirtualMachineInterfaceKM.get(vmi_id)
if not vmi:
continue
for member_id in pool.members:
member = LoadbalancerMemberKM.get(member_id)
if member and member.vmi == vmi_id:
break
else:
self.logger.debug(
"Creating LB member for Pod/VM: %s in LB: %s with "
"target-port: %d" %
(vm.fq_name, lb.name, port['port']))
member_obj = self._vnc_create_member(
pool, pod_id, vmi_id, port['port'])
LoadbalancerMemberKM.locate(member_obj.uuid)
def _sync_pod_vm(self):
vm_uuid_set = set(VirtualMachineKM.keys())
pod_uuid_set = set(PodKM.keys())
deleted_pod_set = vm_uuid_set - pod_uuid_set
for pod_uuid in deleted_pod_set:
vm = VirtualMachineKM.get(pod_uuid)
if not vm or vm.owner != 'k8s':
continue
self._create_pod_event('delete', pod_uuid, vm)
for uuid in pod_uuid_set:
vm = VirtualMachineKM.get(uuid)
if not vm or vm.owner != 'k8s':
continue
if not vm.virtual_router and vm.pod_node and vm.node_ip:
self._link_vm_to_node(vm, vm.pod_node, vm.node_ip)
return
def _sync_pod_vm(self):
vm_uuid_set = set(VirtualMachineKM.keys())
pod_uuid_set = set(PodKM.keys())
deleted_pod_set = vm_uuid_set - pod_uuid_set
for pod_uuid in deleted_pod_set:
vm = VirtualMachineKM.get(pod_uuid)
if not vm or vm.owner != 'k8s':
continue
self._create_pod_event('delete', pod_uuid, vm)
for uuid in pod_uuid_set:
vm = VirtualMachineKM.get(uuid)
if not vm or vm.owner != 'k8s':
continue
if not vm.virtual_router and vm.pod_node and vm.node_ip:
self._link_vm_to_node(vm, vm.pod_node, vm.node_ip)
return
def vnc_pod_delete(self, pod_id):
vm = VirtualMachineKM.get(pod_id)
if not vm:
return
# If this VM's vrouter info is not available in our config db,
# then it is a case of race between delete and ref updates.
# So explicitly update this entry in config db.
if not vm.virtual_router:
try:
vm.update()
except NoIdError:
pass
self._clear_label_to_pod_cache(vm)
vm_obj = self._vnc_lib.virtual_machine_read(id=vm.uuid)
if vm.virtual_router:
self._vnc_lib.ref_update('virtual-router', vm.virtual_router,
'virtual-machine', vm.uuid, None,
'DELETE')
for vmi_id in list(vm.virtual_machine_interfaces):
self.vnc_port_delete(vmi_id, pod_id)
try:
self._vnc_lib.virtual_machine_delete(id=pod_id)
except NoIdError:
pass
def _link_vm_to_node(self, vm_obj, pod_node, node_ip):
if node_ip is None:
return
vm = VirtualMachineKM.locate(vm_obj.uuid)
if vm:
vm.node_ip = node_ip
vr_uuid = VirtualRouterKM.get_ip_addr_to_uuid(node_ip)
if vr_uuid is None:
for vr in VirtualRouterKM.values():
if vr.name == pod_node:
vr_uuid = vr.uuid
if vr_uuid is None:
self._logger.debug("%s - Vrouter %s Not Found for Pod %s"
%(self._name, node_ip, vm_obj.uuid))
return
try:
vrouter_obj = self._vnc_lib.virtual_router_read(id=vr_uuid)
except Exception as e:
self._logger.debug("%s - Vrouter %s Not Found for Pod %s"
%(self._name, node_ip, vm_obj.uuid))
string_buf = StringIO()
cgitb_hook(file=string_buf, format="text")
err_msg = string_buf.getvalue()
self._logger.error("_link_vm_to_node: %s - %s" %(self._name, err_msg))
return
self._vnc_lib.ref_update('virtual-router', vrouter_obj.uuid,
'virtual-machine', vm_obj.uuid, None, 'ADD')
if vm:
vm.virtual_router = vrouter_obj.uuid
def _add_pod_to_service(self, service_id, pod_id, port=None, address=None):
lb = LoadbalancerKM.get(service_id)
if not lb:
return
vm = VirtualMachineKM.get(pod_id)
host_vmi = None
if not vm:
if not self._args.host_network_service:
return
host_vmi = self._get_vmi_from_ip(address)
if host_vmi == None:
return
else:
vm = VirtualMachine(name="host", display_name="host")
vm.virtual_machine_interfaces = [host_vmi]
for lb_listener_id in lb.loadbalancer_listeners:
pool = self._get_loadbalancer_pool(lb_listener_id, port)
if not pool:
continue
for vmi_id in vm.virtual_machine_interfaces:
if host_vmi == None:
vmi = VirtualMachineInterfaceKM.get(vmi_id)
else:
vmi = self._vnc_lib.virtual_machine_interface_read(
id=vmi_id)
if not vmi:
continue
for member_id in pool.members:
member = LoadbalancerMemberKM.get(member_id)
if member and member.vmi == vmi_id:
break
else:
self.logger.debug(
"Creating LB member for Pod/VM: %s in LB: %s with "
"target-port: %d" %
(vm.fq_name, lb.name, port['port']))
member_obj = self._vnc_create_member(
pool, pod_id, vmi_id, port['port'])
try:
vmi_obj = self._vnc_lib.virtual_machine_interface_read(
id=vmi_id)
except:
raise
# Attach the service label to underlying pod vmi.
self._labels.append(
vmi_id,
self._labels.get_service_label(lb.service_name))
# Set tags on the vmi.
self._vnc_lib.set_tags(
vmi_obj, self._labels.get_labels_dict(vmi_id))
LoadbalancerMemberKM.locate(member_obj.uuid)
def create_virtual_machine(self, name, vn, ipaddress):
vm = VirtualMachine(name)
self._vnc_lib.virtual_machine_create(vm)
VirtualMachineKM.locate(vm.uuid)
vmi = VirtualMachineInterface(
parent_type='virtual-machine', fq_name=[name, '0'])
vmi.set_virtual_machine(vm)
vmi.set_virtual_network(vn)
self._vnc_lib.virtual_machine_interface_create(vmi)
VirtualMachineInterfaceKM.locate(vmi.uuid)
ip = InstanceIp(vm.name + '.0')
ip.set_virtual_machine_interface(vmi)
ip.set_virtual_network(vn)
ip.set_instance_ip_address(ipaddress)
self._vnc_lib.instance_ip_create(ip)
InstanceIpKM.locate(ip.uuid)
return vm, vmi, ip
def create_virtual_machine(self, name, vn, ipaddress):
vm = VirtualMachine(name)
self._vnc_lib.virtual_machine_create(vm)
VirtualMachineKM.locate(vm.uuid)
vmi = VirtualMachineInterface(
parent_type='virtual-machine', fq_name=[name, '0'])
vmi.set_virtual_machine(vm)
vmi.set_virtual_network(vn)
self._vnc_lib.virtual_machine_interface_create(vmi)
VirtualMachineInterfaceKM.locate(vmi.uuid)
ip = InstanceIp(vm.name + '.0')
ip.set_virtual_machine_interface(vmi)
ip.set_virtual_network(vn)
ip.set_instance_ip_address(ipaddress)
self._vnc_lib.instance_ip_create(ip)
InstanceIpKM.locate(ip.uuid)
return vm, vmi, ip
def vnc_pod_update(self, pod_id, pod_name, pod_namespace, pod_node, labels,
vm_vmi):
vm = VirtualMachineKM.get(pod_id)
if not vm:
# If the vm is not created yet, do so now.
vm = self.vnc_pod_add(pod_id, pod_name, pod_namespace, pod_node,
labels, vm_vmi)
if not vm:
return
vm.pod_namespace = pod_namespace
self._update_label_to_pod_cache(labels, vm)
return vm
def _set_tags_on_pod_vmi(self, pod_id, vmi_obj=None):
vmi_obj_list = []
if not vmi_obj:
vm = VirtualMachineKM.get(pod_id)
if vm:
for vmi_id in list(vm.virtual_machine_interfaces):
vmi_obj_list.append(
self._vnc_lib.virtual_machine_interface_read(id=vmi_id))
else:
vmi_obj_list.append(vmi_obj)
for vmi_obj in vmi_obj_list:
self._vnc_lib.set_tags(vmi_obj, self._labels.get_labels_dict(pod_id))
def _set_tags_on_pod_vmi(self, pod_id, vmi_obj=None):
vmi_obj_list = []
if not vmi_obj:
vm = VirtualMachineKM.get(pod_id)
if vm:
for vmi_id in list(vm.virtual_machine_interfaces):
vmi_obj_list.append(
self._vnc_lib.virtual_machine_interface_read(id=vmi_id))
else:
vmi_obj_list.append(vmi_obj)
for vmi_obj in vmi_obj_list:
self._vnc_lib.set_tags(vmi_obj, self._labels.get_labels_dict(pod_id))
def _sync_pod_vm(self):
vm_uuid_set = set(VirtualMachineKM.keys())
pod_uuid_set = set(PodKM.keys())
deleted_pod_set = vm_uuid_set - pod_uuid_set
for pod_uuid in deleted_pod_set:
vm = VirtualMachineKM.get(pod_uuid)
if not vm or\
vm.owner != 'k8s' or\
vm.cluster != vnc_kube_config.cluster_name():
continue
self._create_pod_event('delete', pod_uuid, vm)
for uuid_ in pod_uuid_set:
vm = VirtualMachineKM.get(uuid_)
if not vm or\
vm.owner != 'k8s' or\
vm.cluster != vnc_kube_config.cluster_name():
continue
if not vm.virtual_router:
pod = PodKM.get(uuid_)
if not pod:
continue
self._link_vm_to_node(vm, pod.nodename, pod.host_ip)
return
def create_virtual_machine(self, name, vn, ipaddress):
vm = VirtualMachine(name)
self._vnc_lib.virtual_machine_create(vm)
VirtualMachineKM.locate(vm.uuid)
vmi = VirtualMachineInterface(parent_type='virtual-machine',
fq_name=[name, '0'])
vmi.set_virtual_machine(vm)
vmi.set_virtual_network(vn)
if DBBaseKM.is_nested():
vmi.set_virtual_machine_interface_bindings(
KeyValuePairs([KeyValuePair('host_id', 'WHATEVER')]))
self._vnc_lib.virtual_machine_interface_create(vmi)
VirtualMachineInterfaceKM.locate(vmi.uuid)
ip = InstanceIp(vm.name + '.0')
ip.set_virtual_machine_interface(vmi)
ip.set_virtual_network(vn)
ip.set_instance_ip_address(ipaddress)
self._vnc_lib.instance_ip_create(ip)
InstanceIpKM.locate(ip.uuid)
return vm, vmi, ip
def vnc_pod_update(self, pod_id, pod_name, pod_namespace, pod_node, node_ip, labels,
vm_vmi):
vm = VirtualMachineKM.get(pod_id)
if not vm:
# If the vm is not created yet, do so now.
vm = self.vnc_pod_add(pod_id, pod_name, pod_namespace,
pod_node, node_ip, labels, vm_vmi)
if not vm:
return
vm.pod_namespace = pod_namespace
if not vm.virtual_router:
self._link_vm_to_node(vm, pod_node, node_ip)
self._update_label_to_pod_cache(labels, vm)
return vm
def create_virtual_machine(self, name, vn, ipaddress):
vm = VirtualMachine(name)
self._vnc_lib.virtual_machine_create(vm)
VirtualMachineKM.locate(vm.uuid)
vmi = VirtualMachineInterface(
parent_type='virtual-machine', fq_name=[name, '0'])
vmi.set_virtual_machine(vm)
vmi.set_virtual_network(vn)
if DBBaseKM.is_nested():
vmi.set_virtual_machine_interface_bindings(
KeyValuePairs([KeyValuePair('host_id', 'WHATEVER')]))
self._vnc_lib.virtual_machine_interface_create(vmi)
VirtualMachineInterfaceKM.locate(vmi.uuid)
ip = InstanceIp(vm.name + '.0')
ip.set_virtual_machine_interface(vmi)
ip.set_virtual_network(vn)
ip.set_instance_ip_address(ipaddress)
self._vnc_lib.instance_ip_create(ip)
InstanceIpKM.locate(ip.uuid)
return vm, vmi, ip
def vnc_pod_update(self, pod_id, pod_name, pod_namespace, pod_node,
node_ip, labels, vm_vmi):
vm = VirtualMachineKM.get(pod_id)
if not vm:
# If the vm is not created yet, do so now.
vm = self.vnc_pod_add(pod_id, pod_name, pod_namespace, pod_node,
node_ip, labels, vm_vmi)
if not vm:
return
vm.pod_namespace = pod_namespace
if not vm.virtual_router:
self._link_vm_to_node(vm, pod_node, node_ip)
self._update_label_to_pod_cache(labels, vm)
self._set_tags_on_pod_vmi(pod_id)
return vm
def _unset_tags_on_pod_vmi(self, pod_id, vmi_id=None, labels={}):
vmi_obj_list = []
if not vmi_id:
vm = VirtualMachineKM.get(pod_id)
if vm:
for vmi_id in list(vm.virtual_machine_interfaces):
vmi_obj_list.append(self._vnc_lib.virtual_machine_interface_read(id=vmi_id))
else:
vmi_obj = self._vnc_lib.virtual_machine_interface_read(id=vmi_id)
vmi_obj_list.append(vmi_obj)
for vmi_obj in vmi_obj_list:
if not labels:
for k,v in self._labels.get_labels_dict(pod_id).iteritems():
self._vnc_lib.unset_tag(vmi_obj, k)
else:
for k,v in labels.iteritems():
self._vnc_lib.unset_tag(vmi_obj, k)
def _unset_tags_on_pod_vmi(self, pod_id, vmi_id=None, labels={}):
vmi_obj_list = []
if not vmi_id:
vm = VirtualMachineKM.get(pod_id)
if vm:
for vmi_id in list(vm.virtual_machine_interfaces):
vmi_obj_list.append(self._vnc_lib.virtual_machine_interface_read(id=vmi_id))
else:
vmi_obj = self._vnc_lib.virtual_machine_interface_read(id=vmi_id)
vmi_obj_list.append(vmi_obj)
for vmi_obj in vmi_obj_list:
if not labels:
for k,v in self._labels.get_labels_dict(pod_id).iteritems():
self._vnc_lib.unset_tag(vmi_obj, k)
else:
for k,v in labels.iteritems():
self._vnc_lib.unset_tag(vmi_obj, k)
def _update_sg_pod_link(self,
namespace,
pod_id,
sg_id,
oper,
validate_vm=True,
validate_sg=False):
vm = VirtualMachineKM.get(pod_id)
if not vm or vm.owner != 'k8s':
return
if validate_vm and vm.pod_namespace != namespace:
return
if validate_sg:
sg = SecurityGroupKM.get(sg_id)
if not sg or sg.namespace != namespace:
return
match_found = False
sg_labels = sg.np_pod_selector.copy()
sg_labels.update(sg.ingress_pod_selector)
if set(sg_labels.items()).issubset(set(vm.pod_labels.items())):
match_found = True
if oper == 'ADD' and not match_found:
return
elif oper == 'DELETE' and match_found:
return
for vmi_id in vm.virtual_machine_interfaces:
vmi = VirtualMachineInterfaceKM.get(vmi_id)
if not vmi:
return
try:
self._logger.debug("%s - %s SG-%s Ref for Pod-%s" %
(self._name, oper, sg_id, pod_id))
self._vnc_lib.ref_update('virtual-machine-interface', vmi_id,
'security-group', sg_id, None, oper)
except RefsExistError:
self._logger.error("%s - SG-%s Ref Exists for pod-%s" %
(self._name, sg_id, pod_id))
except Exception:
self._logger.error("%s - Failed to %s SG-%s Ref for pod-%s" %
(self._name, oper, sg_id, pod_id))
def _link_vm_to_node(self, vm_obj, pod_node):
vrouter_fq_name = ['default-global-system-config', pod_node]
try:
vr_obj = self._vnc_lib.virtual_router_read(fq_name=vrouter_fq_name)
except NoIdError:
self._logger.debug("%s - Vrouter %s Not Found for Pod %s" %
(self._name, vrouter_fq_name, pod_node))
return
except Exception:
string_buf = StringIO()
cgitb_hook(file=string_buf, format="text")
err_msg = string_buf.getvalue()
self.logger.error("%s - failed to read Vrouter for Pod %s. %s" %
(self._name, pod_node, err_msg))
self._vnc_lib.ref_update('virtual-router', vr_obj.uuid,
'virtual-machine', vm_obj.uuid, None, 'ADD')
vm = VirtualMachineKM.get(vm_obj.uuid)
if vm:
vm.virtual_router = vr_obj.uuid
def update_pod_np(self, pod_namespace, pod_id, labels):
vm = VirtualMachineKM.get(pod_id)
if not vm or vm.owner != 'k8s':
return
namespace_label = self._label_cache._get_namespace_label(pod_namespace)
labels.update(namespace_label)
np_sg_uuid_set = self._find_sg(self._np_pod_label_cache, labels)
ingress_sg_uuid_set = self._find_sg(self._ingress_pod_label_cache,
labels)
new_sg_uuid_set = np_sg_uuid_set | ingress_sg_uuid_set
vmi_sg_uuid_set = set()
for vmi_id in vm.virtual_machine_interfaces:
vmi = VirtualMachineInterfaceKM.get(vmi_id)
if not vmi:
continue
vmi_sg_uuid_set = vmi.security_groups
default_ns_sgs = set()
for sg_name in list(
self._default_ns_sgs[pod_namespace].keys()) or []:
sg_uuid = self._default_ns_sgs[pod_namespace][sg_name]
default_ns_sgs.add(sg_uuid)
vmi_sg_uuid_set = vmi_sg_uuid_set - default_ns_sgs
old_sg_uuid_set = vmi_sg_uuid_set
removed_sg_uuid_set = old_sg_uuid_set
for sg_uuid in removed_sg_uuid_set or []:
self._update_sg_pod_link(pod_namespace,
pod_id,
sg_uuid,
'DELETE',
validate_sg=True)
added_sg_uuid_set = new_sg_uuid_set - old_sg_uuid_set
for sg_uuid in added_sg_uuid_set or []:
self._update_sg_pod_link(pod_namespace,
pod_id,
sg_uuid,
'ADD',
validate_sg=True)
def _assert_virtual_machine(self, pod_uuid, cluster_project,
proj_obj, vn_obj_uuid):
vm = self._vnc_lib.virtual_machine_read(id=pod_uuid)
self.assertIsNotNone(vm)
vm = VirtualMachineKM.locate(vm.uuid)
self.assertIsNotNone(vm)
self.assertTrue(len(vm.virtual_machine_interfaces) > 0)
for vmi_id in list(vm.virtual_machine_interfaces):
vmi = self._vnc_lib.virtual_machine_interface_read(id=vmi_id)
self.assertIsNotNone(vmi)
self.assertEqual(vmi.parent_name, cluster_project)
self.assertEqual(vmi.parent_uuid, proj_obj.uuid)
vmi = VirtualMachineInterfaceKM.locate(vmi_id)
# self.assertTrue(len(vmi.security_groups) > 1)
# for sg_uuid in list(vmi.security_groups):
# sg = self._vnc_lib.security_group_read(id=sg_uuid)
# self.assertIsNotNone(sg)
self.assertTrue(len(vmi.instance_ips) == 1)
iip_uuid = list(vmi.instance_ips)[0]
iip = self._vnc_lib.instance_ip_read(id=iip_uuid)
self.assertIsNotNone(iip)
self._assert_pod_ip_is_from_vn_ipam(iip, vn_obj_uuid)
def _assert_virtual_machine(self, pod_uuid, cluster_project, proj_obj,
vn_obj_uuid):
vm = self._vnc_lib.virtual_machine_read(id=pod_uuid)
self.assertIsNotNone(vm)
vm = VirtualMachineKM.locate(vm.uuid)
self.assertIsNotNone(vm)
self.assertTrue(len(vm.virtual_machine_interfaces) > 0)
for vmi_id in list(vm.virtual_machine_interfaces):
vmi = self._vnc_lib.virtual_machine_interface_read(id=vmi_id)
self.assertIsNotNone(vmi)
self.assertEqual(vmi.parent_name, cluster_project)
self.assertEqual(vmi.parent_uuid, proj_obj.uuid)
vmi = VirtualMachineInterfaceKM.locate(vmi_id)
self.assertTrue(len(vmi.security_groups) > 1)
for sg_uuid in list(vmi.security_groups):
sg = self._vnc_lib.security_group_read(id=sg_uuid)
self.assertIsNotNone(sg)
self.assertTrue(len(vmi.instance_ips) == 1)
iip_uuid = list(vmi.instance_ips)[0]
iip = self._vnc_lib.instance_ip_read(id=iip_uuid)
self.assertIsNotNone(iip)
self._assert_pod_ip_is_from_vn_ipam(iip, vn_obj_uuid)
def _check_pod_uuid_change(self, pod_uuid, pod_name):
vm_fq_name = [pod_name]
vm_uuid = VirtualMachineKM.get_fq_name_to_uuid(vm_fq_name)
if vm_uuid != pod_uuid:
self.vnc_pod_delete(vm_uuid)
def _add_pod_to_service(self, service_id, pod_id, port=None, address=None):
lb = LoadbalancerKM.get(service_id)
if not lb:
return
vm = VirtualMachineKM.get(pod_id)
host_vmi = None
if not vm:
if not self._args.host_network_service:
return
host_vmi = self._get_vmi_from_ip(address)
if host_vmi == None:
return
else:
vm = VirtualMachine(name="host", display_name="host")
vm.virtual_machine_interfaces = [host_vmi]
for lb_listener_id in lb.loadbalancer_listeners:
pool = self._get_loadbalancer_pool(lb_listener_id, port)
if not pool:
continue
for vmi_id in vm.virtual_machine_interfaces:
if host_vmi == None:
vmi = VirtualMachineInterfaceKM.get(vmi_id)
else:
vmi = self._vnc_lib.virtual_machine_interface_read(id=vmi_id)
if not vmi:
continue
# Add VMI only if it matches the default address for endpoint,
# ignore other interfaces for pod
ip_found = False
for iip_uuid in vmi.instance_ips:
iip = InstanceIpKM.get(iip_uuid)
if iip and iip.address == address:
ip_found = True
break
if ip_found == False:
continue
for member_id in pool.members:
member = LoadbalancerMemberKM.get(member_id)
if member and member.vmi == vmi_id:
break
else:
self.logger.debug(
"Creating LB member for Pod/VM: %s in LB: %s with "
"target-port: %d"
% (vm.fq_name, lb.name, port['port']))
member_obj = self._vnc_create_member(
pool, pod_id, vmi_id, port['port'])
try:
vmi_obj = self._vnc_lib.virtual_machine_interface_read(
id = vmi_id)
except:
raise
# Attach the service label to underlying pod vmi.
self._labels.append(vmi_id,
self._labels.get_service_label(lb.service_name))
# Set tags on the vmi.
self._vnc_lib.set_tags(vmi_obj,
self._labels.get_labels_dict(vmi_id))
LoadbalancerMemberKM.locate(member_obj.uuid)
def vnc_pod_add(self, pod_id, pod_name, pod_namespace, pod_node, node_ip,
labels, vm_vmi):
vm = VirtualMachineKM.get(pod_id)
if vm:
vm.pod_namespace = pod_namespace
if not vm.virtual_router:
self._link_vm_to_node(vm, pod_node, node_ip)
self._set_label_to_pod_cache(labels, vm)
return vm
else:
self._check_pod_uuid_change(pod_id, pod_name)
vn_obj = self._get_network(pod_id, pod_name, pod_namespace)
if not vn_obj:
return
vm_obj = self._create_vm(pod_namespace, pod_id, pod_name, labels)
vmi_uuid = self._create_vmi(pod_name, pod_namespace, vm_obj, vn_obj,
vm_vmi)
vmi = VirtualMachineInterfaceKM.get(vmi_uuid)
if self._is_pod_nested() and vm_vmi:
# Pod is nested.
# Link the pod VMI to the VMI of the underlay VM.
self._vnc_lib.ref_update('virtual-machine-interface', vm_vmi.uuid,
'virtual-machine-interface', vmi_uuid,
None, 'ADD')
self._vnc_lib.ref_update('virtual-machine-interface', vmi_uuid,
'virtual-machine-interface', vm_vmi.uuid,
None, 'ADD')
# get host id for vm vmi
vr_uuid = None
for vr in VirtualRouterKM.values():
if vr.name == vm_vmi.host_id:
vr_uuid = vr.uuid
break
if not vr_uuid:
self._logger.error("No virtual-router object found for host: "
+ vm_vmi.host_id
+ ". Unable to add VM reference to a"
+ " valid virtual-router")
return
self._vnc_lib.ref_update('virtual-router', vr_uuid,
'virtual-machine', vm_obj.uuid, None,
'ADD')
self._create_iip(pod_name, pod_namespace, vn_obj, vmi)
if self._is_pod_network_isolated(pod_namespace):
self._create_cluster_service_fip(pod_name, pod_namespace, vmi_uuid)
if not self._is_pod_nested():
self._link_vm_to_node(vm_obj, pod_node, node_ip)
vm = VirtualMachineKM.locate(pod_id)
if vm:
vm.pod_namespace = pod_namespace
vm.pod_node = pod_node
vm.node_ip = node_ip
self._set_label_to_pod_cache(labels, vm)
return vm
def _add_pod_to_service(self, service_id, pod_id, port=None, address=None):
lb = LoadbalancerKM.get(service_id)
if not lb:
return
vm = VirtualMachineKM.get(pod_id)
host_vmi = None
if not vm:
if not self._args.host_network_service:
return
host_vmi = self._get_vmi_from_ip(address)
if host_vmi is None:
return
else:
vm = VirtualMachine(name="host", display_name="host")
vm.virtual_machine_interfaces = [host_vmi]
for lb_listener_id in lb.loadbalancer_listeners:
pool = self._get_loadbalancer_pool(lb_listener_id, port)
if not pool:
continue
for vmi_id in vm.virtual_machine_interfaces:
vmi = VirtualMachineInterfaceKM.get(vmi_id)
if not vmi:
continue
if host_vmi is None:
# Add VMI only if it matches the default address for endpoint,
# ignore other interfaces for pod
ip_found = False
for iip_uuid in vmi.instance_ips:
iip = InstanceIpKM.get(iip_uuid)
if iip and iip.address == address:
ip_found = True
break
if not ip_found:
continue
for member_id in pool.members:
member = LoadbalancerMemberKM.get(member_id)
if member and member.vmi == vmi_id:
break
else:
self.logger.debug(
"Creating LB member for Pod/VM: %s in LB: %s with "
"target-port: %d" %
(vm.fq_name, lb.name, port['port']))
member_obj = self._vnc_create_member(
pool, pod_id, vmi_id, port['port'])
vmi_obj = self._vnc_lib.virtual_machine_interface_read(
id=vmi_id)
# Attach the service label to underlying pod vmi.
self._labels.append(
vmi_id,
self._labels.get_service_label(lb.service_name))
# Set tags on the vmi.
self._vnc_lib.set_tags(
vmi_obj, self._labels.get_labels_dict(vmi_id))
LoadbalancerMemberKM.locate(member_obj.uuid)
def vnc_pod_add(self, pod_id, pod_name, pod_namespace, pod_node, node_ip,
labels, vm_vmi):
vm = VirtualMachineKM.get(pod_id)
if vm:
vm.pod_namespace = pod_namespace
if not vm.virtual_router:
self._link_vm_to_node(vm, pod_node, node_ip)
self._set_label_to_pod_cache(labels, vm)
# Update tags.
self._set_tags_on_pod_vmi(pod_id)
return vm
vn_obj = self._get_default_network(pod_id, pod_name, pod_namespace)
if not vn_obj:
return
pod = PodKM.find_by_name_or_uuid(pod_id)
total_interface_count = len(pod.networks) + 1
# network_status: Dict of network name to vmi_uuid
network_status = {}
proj_fq_name = vnc_kube_config.cluster_project_fq_name(pod_namespace)
proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name)
vm_obj = self._create_vm(pod_namespace, pod_id, pod_name, labels,
proj_obj.uuid)
index = str(0) + "/" + str(total_interface_count)
default_network = {'network': 'default'}
vmi_uuid = self.vnc_pod_vmi_create(pod_id, pod_name, pod_namespace,
pod_node, node_ip, vm_obj, vn_obj,
proj_obj, vm_vmi, index,
default_network)
network_status['cluster-wide-default'] = vmi_uuid
for idx, network in enumerate(pod.networks, start=1):
net_namespace = pod_namespace
net_name = network['network']
if 'namespace' in network:
net_namespace = network['namespace']
vn_obj = self._get_user_defined_network(net_name, net_namespace)
index = str(idx) + "/" + str(total_interface_count)
vmi_uuid = self.vnc_pod_vmi_create(pod_id, pod_name, pod_namespace,
pod_node, node_ip, vm_obj,
vn_obj, proj_obj, vm_vmi, index,
network)
network_status[net_name] = vmi_uuid
if not self._is_pod_nested():
self._link_vm_to_node(vm_obj, pod_node, node_ip)
vm = VirtualMachineKM.locate(pod_id)
if vm:
vm.pod_namespace = pod_namespace
vm.pod_node = pod_node
vm.node_ip = node_ip
self._set_label_to_pod_cache(labels, vm)
self._set_tags_on_pod_vmi(pod_id)
# Update network-status in pod description
self._update_network_status(pod_name, pod_namespace,
network_status)
return vm
def vnc_pod_add(self, pod_id, pod_name, pod_namespace, pod_node, node_ip,
labels, vm_vmi):
vm = VirtualMachineKM.get(pod_id)
if vm:
vm.pod_namespace = pod_namespace
if not vm.virtual_router:
self._link_vm_to_node(vm, pod_node, node_ip)
self._set_label_to_pod_cache(labels, vm)
# Update tags.
self._set_tags_on_pod_vmi(pod_id)
return vm
else:
self._check_pod_uuid_change(pod_id, pod_name)
vn_obj = self._get_network(pod_id, pod_name, pod_namespace)
if not vn_obj:
return
vm_obj = self._create_vm(pod_namespace, pod_id, pod_name, labels)
vmi_uuid = self._create_vmi(pod_name, pod_namespace, pod_id, vm_obj,
vn_obj, vm_vmi)
vmi = VirtualMachineInterfaceKM.get(vmi_uuid)
if self._is_pod_nested() and vm_vmi:
# Pod is nested.
# Link the pod VMI to the VMI of the underlay VM.
self._vnc_lib.ref_update('virtual-machine-interface', vm_vmi.uuid,
'virtual-machine-interface', vmi_uuid,
None, 'ADD')
self._vnc_lib.ref_update('virtual-machine-interface', vmi_uuid,
'virtual-machine-interface', vm_vmi.uuid,
None, 'ADD')
# get host id for vm vmi
vr_uuid = None
for vr in VirtualRouterKM.values():
if vr.name == vm_vmi.host_id:
vr_uuid = vr.uuid
break
if not vr_uuid:
# Unable to determine VRouter for the parent VM.
#
# HACK ALERT
#
# It is possible that this is a case of FQDN mismatch between
# the host name associated with the VM and the host name
# associated with the corresponding vrouter. So try to look for
# vrouter again with a non-FQDN name.
#
# This needs to be removed when provisioning can guarantee that
# FQDN will be uniform across all config objects.
#
if '.' in vm_vmi.host_id:
# Host name on VM is a FQNAME. Ignore domain name.
host_id_prefix = vm_vmi.host_id.split('.')[0]
for vr in VirtualRouterKM.values():
if vr.name == host_id_prefix:
vr_uuid = vr.uuid
break
if not vr_uuid:
self._logger.error(
"No virtual-router object found for host: " +
vm_vmi.host_id + ". Unable to add VM reference to a" +
" valid virtual-router")
return
self._vnc_lib.ref_update('virtual-router', vr_uuid,
'virtual-machine', vm_obj.uuid, None,
'ADD')
self._create_iip(pod_name, pod_namespace, vn_obj, vmi)
if not self._is_pod_nested():
self._link_vm_to_node(vm_obj, pod_node, node_ip)
vm = VirtualMachineKM.locate(pod_id)
if vm:
vm.pod_namespace = pod_namespace
vm.pod_node = pod_node
vm.node_ip = node_ip
self._set_label_to_pod_cache(labels, vm)
self._set_tags_on_pod_vmi(pod_id)
return vm
