def delete_network_precommit(self, mech_context): """Delete Network from the plugin specific database table.""" LOG.debug("delete_network_precommit: called") network = mech_context.current network_id = network['id'] context = mech_context._plugin_context if fortinet_db.query_record(context, ext_db.ExternalNetwork, network_id=network_id): # return when the network is external network # TODO(samsu): may check external network # before delete namespace return tenant_id = network['tenant_id'] namespace = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=tenant_id) if not namespace: return # TODO(samsu): type driver support vlan only, # need to check later vlanid = network['provider:segmentation_id'] inf_name = const.PREFIX['inf'] + str(vlanid) try: utils.delete_vlanintf(self, context, name=inf_name, vdom=namespace.vdom) except Exception as e: resources.Exinfo(e) raise ml2_exc.MechanismDriverError( method=sys._getframe().f_code.co_name)
def delete_reservedip(obj, context, **kwargs): cls = fortinet_db.Fortinet_ML2_ReservedIP reserved_ip = fortinet_db.query_record(context, cls, **kwargs) if reserved_ip: db_reservedips = fortinet_db.query_records( context, cls, subnet_id=reserved_ip.subnet_id) db_reservedips.remove(reserved_ip) reserved_addresses = [] for rsrvdip in db_reservedips: reserved_addresses.append({ 'id': rsrvdip.edit_id, 'ip': rsrvdip.ip, 'mac': rsrvdip.mac }) db_subnet = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Subnet, subnet_id=reserved_ip.subnet_id) if db_subnet: op(obj, context, resources.DhcpServerRsvAddr.set, id=db_subnet.edit_id, vdom=reserved_ip.vdom, reserved_address=jsonutils.dumps(reserved_addresses)) fortinet_db.delete_record(context, cls, **kwargs)
def network_migration(context, mech_driver): """ # networks, ml2_network_segments network = { #'status': 'ACTIVE', #'subnets': [], 'name': u'test-net', #'provider: physical_network': u'physnet1', #'admin_state_up': True, 'tenant_id': u'11513667f4ee4a14acb0985659459988', 'provider: network_type': u'vlan', 'router:external': False, #'shared': False, 'id': 'ff0a1d64-ce30-4ed0-ba37-597eaf8976f0', #'provider: segmentation_id': 1200L } # ml2_network_segments segments = [{ 'segmentation_id': 1200L, 'physical_network': u'physnet1', 'id': u'e7dfa4fb-038a-4aad-b6fa-73afba788888', 'network_type': u'vlan' }] """ net = { 'name': '', 'tenant_id': '', 'provider: network_type': '', 'router:external': False, 'id': '', } segment = { 'segmentation_id': 0, 'physical_network': '', 'id': '', 'network_type': '' } records = fortinet_db.query_records(context, models_v2.Network) with Progress(len(records), 'network_migration') as p: for record in records: reset(net) reset(segment) db_seg = fortinet_db.query_record(context, ml2_db.NetworkSegment, network_id=record.id) cls2dict(record, net) db_extnet = fortinet_db.query_record(context, ExternalNetwork, network_id=record.id) if db_extnet: net['router:external'] = True cls2dict(db_seg, segment) net['provider: network_type'] = db_seg.network_type mech_context = Fake_mech_context(_plugin_context=context, current=net, network_segments=[segment]) mech_driver.create_network_postcommit(mech_context) p.update()
def _disassociate_floatingip(self, context, id): l3db_fip = self._get_floatingip(context, id) db_namespace = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=l3db_fip.tenant_id) db_fip = fortinet_db.query_record(context, fortinet_db.Fortinet_FloatingIP_Allocation, floating_ip_address=l3db_fip.floating_ip_address, allocated=True) int_intf, ext_intf = utils.get_vlink_intf(self, context, vdom=db_namespace.vdom) db_ip = fortinet_db.query_record(context, models_v2.IPAllocation, port_id=l3db_fip.fixed_port_id) vlan_inf = utils.get_intf(context, db_ip.network_id) mappedip = utils.get_ipaddr(db_fip.ip_subnet, 0) utils.delete_fwpolicy(self, context, vdom=db_namespace.vdom, srcintf=vlan_inf, srcaddr=l3db_fip.fixed_ip_address, dstintf=int_intf, poolname=mappedip) utils.delete_fwaddress(self, context, name=l3db_fip.fixed_ip_address, vdom=db_namespace.vdom) utils.delete_fwpolicy(self, context, vdom=db_namespace.vdom, dstaddr=db_fip.floating_ip_address) utils.delete_vip(self, context, vdom=db_namespace.vdom, name=db_fip.floating_ip_address)
def set_ext_gw(obj, context, port): """ :param context: :param port: example format port = { 'status': 'DOWN', 'binding:host_id': '', 'allowed_address_pairs': [], 'device_owner': 'network:router_gateway', 'binding:profile': {}, 'fixed_ips': [{ 'subnet_id': u'09855a84-edfd-474d-b641-38a2bc63466a', 'ip_address': u'10.160.37.111' }], 'id': '6e68efc0-c0ca-40a2-a502-c2bf19304317', 'security_groups': [], 'device_id': u'8312d7a2-cae5-4e87-9c04-782c4a34bb8c', 'name': '', 'admin_state_up': True, 'network_id': u'95eb736c-dd3b-4bf5-940a-8fa8e707a376', 'tenant_id': '', 'binding:vif_details': {}, 'binding:vnic_type': 'normal', 'binding:vif_type': 'unbound', 'mac_address': 'fa:16:3e:95:02:ab' } :return: """ router_db = fortinet_db.query_record(context, l3_db.Router, id=port['device_id']) tenant_id = router_db.get('tenant_id', None) if not tenant_id: raise ValueError namespace = add_vdom(obj, context, tenant_id=tenant_id) ## Uncomment the line add_vlink(obj, context, namespace.vdom) vlink_db = fortinet_db.query_record(context, fortinet_db.Fortinet_Vlink_Vlan_Allocation, vdom=namespace.vdom) ip_address = port['fixed_ips'][0]['ip_address'] add_fwippool(obj, context, vdom=const.EXT_VDOM, name=ip_address, startip=ip_address) add_fwpolicy(obj, context, vdom=const.EXT_VDOM, srcintf=vlink_db.inf_name_ext_vdom, dstintf=obj.fortigate.cfg['ext_interface'], poolname=ip_address) subnet_db = fortinet_db.query_record(context, models_v2.Subnet, id=port['fixed_ips'][0]['subnet_id']) if subnet_db: netmask = netaddr.IPNetwork(subnet_db.cidr).netmask add_interface_ip(obj, context, name=obj.fortigate.cfg['ext_interface'], vdom=const.EXT_VDOM, ip="%s %s" % (ip_address, netmask))
def delete_vlink(obj, context, tenant_id): if fortinet_db.query_count(context, l3_db.Router, tenant_id=tenant_id) or \ fortinet_db.query_count(context, l3_db.FloatingIP, tenant_id=tenant_id): db_routers = fortinet_db.query_records(context, l3_db.Router, tenant_id=tenant_id) db_fips = fortinet_db.query_records(context, l3_db.FloatingIP, tenant_id=tenant_id) LOG.debug( "Keeping vlink, because existing data " "db_routers: %(routers)s, db_fips: %(fips)s", { 'routers': db_routers, 'fips': db_fips }) return False vdom = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=tenant_id).vdom vlink_vlan = fortinet_db.query_record( context, fortinet_db.Fortinet_Vlink_Vlan_Allocation, vdom=vdom, allocated=True) if not vlink_vlan: return False vlink_ip = fortinet_db.query_record( context, fortinet_db.Fortinet_Vlink_IP_Allocation, vdom=vdom, vlink_id=vlink_vlan.id, allocated=True) if not vlink_ip: return False """ delete_fwpolicy(obj, context, vdom=const.EXT_VDOM, srcintf=vlink_vlan.inf_name_ext_vdom, dstintf=obj._fortigate['ext_interface'], nat='enable')""" gateway_ip = get_ipaddr(netaddr.IPNetwork(vlink_ip.vlink_ip_subnet), 1) delete_routerstatic(obj, context, vdom=vdom, dst=const.EXT_DEF_DST, device=vlink_vlan.inf_name_int_vdom, gateway=gateway_ip) delete_vlink_intf(obj, context, vlink_vlan) fortinet_db.delete_record(context, fortinet_db.Fortinet_Vlink_IP_Allocation, vdom=vdom, vlink_id=vlink_vlan.id) fortinet_db.delete_record(context, fortinet_db.Fortinet_Vlink_Vlan_Allocation, id=vlink_vlan.id) return True
def create_port_precommit(self, mech_context): """Create logical port on the fortigate (db update).""" LOG.debug("create_port_precommit: called") port = mech_context.current LOG.debug("create_port_precommit mech_context = %s", mech_context) context = mech_context._plugin_context namespace = fortinet_db.query_record( context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=port['tenant_id']) port_id = port['id'] subnet_id = port['fixed_ips'][0]['subnet_id'] ip_address = port['fixed_ips'][0]['ip_address'] mac = port['mac_address'] db_subnetv2 = fortinet_db.query_record(context, models_v2.Subnet, id=subnet_id) if port['device_owner'] in ['network:router_gateway']: if fortinet_db.query_record(context, ext_db.ExternalNetwork, network_id=port['network_id']): utils.set_ext_gw(self, context, port) elif port['device_owner'] in ['compute:nova', 'compute:None', '']: # add dhcp related functions # '': create port before associate the port with a vm utils.add_reservedip(self, context, port_id=port_id, subnet_id=subnet_id, mac=mac, ip=ip_address, vdom=namespace.vdom) elif port['device_owner'] in ['network:router_interface']: if db_subnetv2.cidr: cidr = netaddr.IPNetwork(db_subnetv2.cidr) subnet = ' '.join([str(cidr.network), str(cidr.netmask)]) utils.add_fwaddress(self, context, vdom=namespace.vdom, name=str(cidr.network), subnet=subnet) addrgrp_name = const.PREFIX['addrgrp'] + namespace.vdom utils.add_addrgrp(self, context, name=addrgrp_name, vdom=namespace.vdom, members=[str(cidr.network)]) utils.add_fwpolicy(self, context, vdom=namespace.vdom, srcintf='any', srcaddr=addrgrp_name, dstintf='any', dstaddr=addrgrp_name, nat='disable') return
def create_port_precommit(self, mech_context): """Create logical port on the fortigate (db update).""" LOG.debug("create_port_precommit: called") port = mech_context.current LOG.debug("create_port_precommit mech_context = %s", mech_context) context = mech_context._plugin_context namespace = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=port['tenant_id']) port_id = port['id'] subnet_id = port['fixed_ips'][0]['subnet_id'] ip_address = port['fixed_ips'][0]['ip_address'] mac = port['mac_address'] db_subnetv2 = fortinet_db.query_record(context, models_v2.Subnet, id=subnet_id) if port['device_owner'] in ['network:router_gateway']: if fortinet_db.query_record(context, ext_db.ExternalNetwork, network_id=port['network_id']): utils.set_ext_gw(self, context, port) elif port['device_owner'] in ['compute:nova', 'compute:None', '']: # add dhcp related functions # '': create port before associate the port with a vm utils.add_reservedip(self, context, port_id=port_id, subnet_id=subnet_id, mac=mac, ip=ip_address, vdom=namespace.vdom) elif port['device_owner'] in ['network:router_interface']: if db_subnetv2.cidr: cidr = netaddr.IPNetwork(db_subnetv2.cidr) subnet = ' '.join([str(cidr.network), str(cidr.netmask)]) utils.add_fwaddress(self, context, vdom=namespace.vdom, name=str(cidr.network), subnet=subnet) addrgrp_name = const.PREFIX['addrgrp'] + namespace.vdom utils.add_addrgrp(self, context, name=addrgrp_name, vdom=namespace.vdom, members=[str(cidr.network)]) utils.add_fwpolicy(self, context, vdom=namespace.vdom, srcintf='any', srcaddr=addrgrp_name, dstintf='any', dstaddr=addrgrp_name, nat='disable') return
def delete_vlink(obj, context, tenant_id): if fortinet_db.query_count(context, l3_db.Router, tenant_id=tenant_id) or \ fortinet_db.query_count(context, l3_db.FloatingIP, tenant_id=tenant_id): db_routers = fortinet_db.query_records(context, l3_db.Router, tenant_id=tenant_id) db_fips = fortinet_db.query_records(context, l3_db.FloatingIP, tenant_id=tenant_id) LOG.debug("Keeping vlink, because existing data " "db_routers: %(routers)s, db_fips: %(fips)s", {'routers': db_routers, 'fips': db_fips}) return False vdom = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=tenant_id).vdom vlink_vlan = fortinet_db.query_record(context, fortinet_db.Fortinet_Vlink_Vlan_Allocation, vdom=vdom, allocated=True) if not vlink_vlan: return False vlink_ip = fortinet_db.query_record(context, fortinet_db.Fortinet_Vlink_IP_Allocation, vdom=vdom, vlink_id=vlink_vlan.id, allocated=True) if not vlink_ip: return False """ delete_fwpolicy(obj, context, vdom=const.EXT_VDOM, srcintf=vlink_vlan.inf_name_ext_vdom, dstintf=obj._fortigate['ext_interface'], nat='enable')""" gateway_ip = get_ipaddr(netaddr.IPNetwork(vlink_ip.vlink_ip_subnet), 1) delete_routerstatic(obj, context, vdom=vdom, dst=const.EXT_DEF_DST, device=vlink_vlan.inf_name_int_vdom, gateway=gateway_ip) delete_vlink_intf(obj, context, vlink_vlan) fortinet_db.delete_record(context, fortinet_db.Fortinet_Vlink_IP_Allocation, vdom=vdom, vlink_id=vlink_vlan.id) fortinet_db.delete_record(context, fortinet_db.Fortinet_Vlink_Vlan_Allocation, id=vlink_vlan.id) return True
def delete_port_postcommit(self, mech_context): LOG.debug("delete_port_postcommit: called") port = mech_context.current context = mech_context._plugin_context try: port_id = port['id'] subnet_id = port['fixed_ips'][0]['subnet_id'] db_subnet = fortinet_db.query_record( context, fortinet_db.Fortinet_ML2_Subnet, subnet_id=subnet_id) db_subnetv2 = fortinet_db.query_record(context, models_v2.Subnet, id=subnet_id) if port['device_owner'] in ['network:router_gateway']: if fortinet_db.query_record(context, ext_db.ExternalNetwork, network_id=port['network_id']): #delete ippool and its related firewall policy utils.clr_ext_gw(self, context, port) elif port['device_owner'] in ['compute:nova', 'compute:None', '']: # delete dhcp related functions utils.delete_reservedip(self, context, port_id=port_id) elif port['device_owner'] in ['network:router_interface']: # add firewall address and address group name = const.PREFIX['addrgrp'] + db_subnet.vdom member = str(netaddr.IPNetwork(db_subnetv2.cidr).network) utils.delete_fwpolicy(self, context, vdom=db_subnet.vdom, srcintf='any', srcaddr=name, dstintf='any', dstaddr=name, nat='disable') utils.delete_addrgrp(self, context, name=name, vdom=db_subnet.vdom, members=member.split(' ')) utils.delete_fwaddress(self, context, vdom=db_subnet.vdom, name=member) except Exception as e: resources.Exinfo(e) raise ml2_exc.MechanismDriverError( method=sys._getframe().f_code.co_name)
def delete_vdom(obj, context, **kwargs): cls = fortinet_db.Fortinet_ML2_Namespace namespace = fortinet_db.query_record(context, cls, **kwargs) if namespace: tenant_id = namespace.tenant_id if not fortinet_db.query_count(context, l3_db.Router, tenant_id=tenant_id) and \ not fortinet_db.query_count(context, models_v2.Network, tenant_id=tenant_id) and \ not fortinet_db.query_count(context, l3_db.FloatingIP, tenant_id=tenant_id): try: op(obj, context, resources.Vdom.get, name=namespace.vdom) op(obj, context, resources.Vdom.delete, name=namespace.vdom) except Exception as e: resources.Exinfo(e) fortinet_db.delete_record(context, cls, **kwargs) else: db_routers = fortinet_db.query_records(context, l3_db.Router, tenant_id=tenant_id) db_networks = fortinet_db.query_records(context, models_v2.Network, tenant_id=tenant_id) db_fips = fortinet_db.query_records(context, l3_db.FloatingIP, tenant_id=tenant_id) LOG.debug( "Keeping vdom, because existing db_routers: %(routers)s," "db_networks: %(networks)s, db_fips: %(fips)s", { 'routers': db_routers, 'networks': db_networks, 'fips': db_fips }) return namespace
def get_vlink_intf(obj, context, **kwargs): vlink_vlan = fortinet_db.query_record(context, fortinet_db.Fortinet_Vlink_Vlan_Allocation, **kwargs) if not vlink_vlan and kwargs.get('vdom', None): return add_vlink(obj, context, kwargs['vdom']) return (vlink_vlan.inf_name_int_vdom, vlink_vlan.inf_name_ext_vdom)
def delete_vdom(obj, context, **kwargs): cls = fortinet_db.Fortinet_ML2_Namespace namespace = fortinet_db.query_record(context, cls, **kwargs) if namespace: tenant_id = namespace.tenant_id if not fortinet_db.query_count(context, l3_db.Router, tenant_id=tenant_id) and \ not fortinet_db.query_count(context, models_v2.Network, tenant_id=tenant_id) and \ not fortinet_db.query_count(context, l3_db.FloatingIP, tenant_id=tenant_id): try: op(obj, context, resources.Vdom.get, name=namespace.vdom) op(obj, context, resources.Vdom.delete, name=namespace.vdom) except Exception as e: resources.Exinfo(e) fortinet_db.delete_record(context, cls, **kwargs) else: db_routers = fortinet_db.query_records(context, l3_db.Router, tenant_id=tenant_id) db_networks = fortinet_db.query_records(context, models_v2.Network, tenant_id=tenant_id) db_fips = fortinet_db.query_records(context, l3_db.FloatingIP, tenant_id=tenant_id) LOG.debug("Keeping vdom, because existing db_routers: %(routers)s," "db_networks: %(networks)s, db_fips: %(fips)s", {'routers': db_routers, 'networks': db_networks, 'fips': db_fips}) return namespace
def add_addrgrp(obj, context, **kwargs): """ :param context: :param kwargs: { "name": "addrgrp_osvdm1", "vdom": "osvdm1", "members": ["192.168.33.0"] } :return: """ cls = fortinet_db.Fortinet_Firewall_Address records = fortinet_db.query_records(context, cls, group=kwargs['name']) for name in kwargs['members']: record = fortinet_db.query_record(context, cls, name=name, vdom=kwargs['vdom']) if not record.group: cls.update_record(context, record, group=kwargs['name']) # TODO(samsu): need to add a rollback action to taskmanager else: LOG.debug("The member %(record)s already joined a group", {"record": record}) for record in records: kwargs['members'].append(record.name) try: op(obj, context, resources.FirewallAddrgrp.get, name=kwargs['name'], vdom=kwargs['vdom']) # TODO(samsu): need to add a rollback action to taskmanager op(obj, context, resources.FirewallAddrgrp.set, **kwargs) except exception.ResourceNotFound: op(obj, context, resources.FirewallAddrgrp.add, **kwargs)
def remove_router_interface(self, context, router_id, interface_info): """Deletes vlink, default router from Fortinet device.""" LOG.debug("FortinetL3ServicePlugin.remove_router_interface called: " "router_id=%(router_id)s " "interface_info=%(interface_info)r", {'router_id': router_id, 'interface_info': interface_info}) with context.session.begin(subtransactions=True): # TODO(jerryz): move this out of transaction. setattr(context, 'GUARD_TRANSACTION', False) info = (super(FortinetL3ServicePlugin, self). remove_router_interface(context, router_id, interface_info)) try: subnet = self._core_plugin._get_subnet(context, info['subnet_id']) tenant_id = subnet['tenant_id'] network_id = subnet['network_id'] vlan_inf = utils.get_intf(context, network_id) db_namespace = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=tenant_id) utils.delete_fwpolicy(self, context, vdom=db_namespace.vdom, srcintf=vlan_inf) except Exception: with excutils.save_and_reraise_exception(): LOG.error(_LE("Fail remove of interface from Fortigate " "router interface. info=%(info)s, " "router_id=%(router_id)s"), {"info": info, "router_id": router_id}) return info
def add_interface_ip(obj, context, **kwargs): """ :param context: :param kwargs: example format as below { "ip": "10.160.37.20 255.255.255.0", "name": "port37", "vdom": "root" } :return: """ inf_db = fortinet_db.query_record(context, fortinet_db.Fortinet_Interface, name=kwargs.get('name')) if const.EXT_DEF_DST in getattr(inf_db, 'ip'): inf_db.update_record(context, inf_db, **kwargs) op(obj, context, resources.VlanInterface.set, **kwargs) else: records = fortinet_db.query_records(context, fortinet_db.Fortinet_Interface_subip, name=kwargs.get('name')) org_subips = [getattr(record, 'ip') for record in records] if kwargs.get('ip') in org_subips: return add_record(obj, context, fortinet_db.Fortinet_Interface_subip, **kwargs)
def delete_network_precommit(self, mech_context): """Delete Network from the plugin specific database table.""" LOG.debug("delete_network_precommit: called") context = mech_context._plugin_context network = mech_context.current if network["router:external"]: # return when the network is external network # TODO(samsu): may check external network # before delete namespace return tenant_id = network['tenant_id'] namespace = fortinet_db.query_record( context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=tenant_id) if not namespace: return records = fortinet_db.query_records(context, fortinet_db.Fortinet_Interface, network_id=network['id']) for record in records: try: utils.delete_vlanintf(self, context, name=record.name, vdom=namespace.vdom) except Exception as e: resources.Exinfo(e) raise ml2_exc.MechanismDriverError( method=sys._getframe().f_code.co_name)
def add_interface_ip(obj, context, **kwargs): """ :param context: :param kwargs: example format as below { "ip": "10.160.37.20 255.255.255.0", "name": "port37", "vdom": "root" } :return: """ inf_db = fortinet_db.query_record(context, fortinet_db.Fortinet_Interface, name=kwargs.get('name')) if const.EXT_DEF_DST in getattr(inf_db, 'ip'): inf_db.update_record(context, inf_db, **kwargs) op(obj, context, resources.VlanInterface.set, **kwargs) else: records = fortinet_db.query_records( context, fortinet_db.Fortinet_Interface_subip, name=kwargs.get('name')) org_subips = [getattr(record, 'ip') for record in records] if kwargs.get('ip') in org_subips: return add_record(obj, context, fortinet_db.Fortinet_Interface_subip, **kwargs)
def delete_floatingip(self, context, id): LOG.debug("delete_floatingip called() id=%s", id) fip = fortinet_db.query_record(context, l3_db.FloatingIP, id=id) if fip and getattr(fip, 'fixed_port_id', None): self._disassociate_floatingip(context, id) super(FortinetL3ServicePlugin, self).disassociate_floatingips(context, fip['fixed_port_id']) self._release_floatingip(context, id)
def delete_floatingip(self, context, id): LOG.debug("delete_floatingip called() id=%s", id) fip = fortinet_db.query_record(context, l3_db.FloatingIP, id=id) if fip and getattr(fip, 'fixed_port_id', None): self._disassociate_floatingip(context, id) super(FortinetL3ServicePlugin, self).disassociate_floatingips( context, fip['fixed_port_id']) self._release_floatingip(context, id)
def add_router_interface(self, context, router_id, interface_info): """creates vlnk on the fortinet device.""" LOG.debug("FortinetL3ServicePlugin.add_router_interface: " "router_id=%(router_id)s " "interface_info=%(interface_info)r", {'router_id': router_id, 'interface_info': interface_info}) with context.session.begin(subtransactions=True): info = super(FortinetL3ServicePlugin, self).add_router_interface( context, router_id, interface_info) port = db.get_port(context, info['port_id']) port['admin_state_up'] = True port['port'] = port LOG.debug("FortinetL3ServicePlugin: " "context=%(context)s" "port=%(port)s " "info=%(info)r", {'context': context, 'port': port, 'info': info}) interface_info = info subnet = self._core_plugin._get_subnet(context, interface_info['subnet_id']) network_id = subnet['network_id'] tenant_id = port['tenant_id'] port_filters = {'network_id': [network_id], 'device_owner': [DEVICE_OWNER_ROUTER_INTF]} port_count = self._core_plugin.get_ports_count(context, port_filters) # port count is checked against 2 since the current port is already # added to db if port_count == 2: # This subnet is already part of some router LOG.error(_LE("FortinetL3ServicePlugin: adding redundant " "router interface is not supported")) raise Exception(_("FortinetL3ServicePlugin:adding redundant " "router interface is not supported")) try: db_namespace = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=tenant_id) vlan_inf = utils.get_intf(context, network_id) int_intf, ext_intf = utils.get_vlink_intf(self, context, vdom=db_namespace.vdom) utils.add_fwpolicy(self, context, vdom=db_namespace.vdom, srcintf=vlan_inf, dstintf=int_intf, nat='enable') except Exception as e: LOG.error(_LE("Failed to create Fortinet resources to add " "router interface. info=%(info)s, " "router_id=%(router_id)s"), {"info": info, "router_id": router_id}) utils._rollback_on_err(self, context, e) with excutils.save_and_reraise_exception(): self.remove_router_interface(context, router_id, interface_info) utils.update_status(self, context, t_consts.TaskStatus.COMPLETED) return info
def set_by_keys(obj, context, cls, resource, *keys, **kwargs): params = _prepare_params(None, resource, *keys, **kwargs) record = fortinet_db.query_record(context, cls, **params) if record: record = cls.update_record(context, record, **kwargs) set_resource_with_keys(obj, context, record, resource, *keys, **kwargs) else: record = add_by_keys(obj, context, cls, resource, *keys, **kwargs) return record
def set_by_id(obj, context, cls, resource, **kwargs): params = _prepare_params(None, resource, 'vdom', 'id', **kwargs) record = fortinet_db.query_record(context, cls, **params) if record: cls.update_record(context, record, **kwargs) set_resource_with_id(obj, context, record, resource, **kwargs) return record else: return None
def update_firewall_for_delete_router(self, context, router_id): LOG.debug("fwaas delete_router() called, router_id: %(rtid)s", {'rtid': router_id}) cls = firewall_router_insertion_db.FirewallRouterAssociation db_fw_rt = fortinet_db.query_record(context, cls, router_id=router_id) if not db_fw_rt: return None firewall = {u'firewall': {'router_ids': []}} return self.update_firewall(context, db_fw_rt.fw_id, firewall)
def disassociate_floatingips(self, context, port_id, do_notify=True): fip = fortinet_db.query_record(context, l3_db.FloatingIP, fixed_port_id=port_id) if fip and getattr(fip, 'id', None): self._disassociate_floatingip(context, fip.id) return super(FortinetL3ServicePlugin, self).disassociate_floatingips(context, port_id, do_notify=do_notify)
def delete_port_postcommit(self, mech_context): LOG.debug("delete_port_postcommit: called") port = mech_context.current context = mech_context._plugin_context try: port_id = port['id'] subnet_id = port['fixed_ips'][0]['subnet_id'] db_subnet = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Subnet, subnet_id=subnet_id) db_subnetv2 = fortinet_db.query_record(context, models_v2.Subnet, id=subnet_id) if port['device_owner'] in ['network:router_gateway']: if fortinet_db.query_record(context, ext_db.ExternalNetwork, network_id=port['network_id']): #delete ippool and its related firewall policy utils.clr_ext_gw(self, context, port) elif port['device_owner'] in ['compute:nova', 'compute:None', '']: # delete dhcp related functions utils.delete_reservedip(self, context, port_id=port_id) elif port['device_owner'] in ['network:router_interface']: # add firewall address and address group name = const.PREFIX['addrgrp'] + db_subnet.vdom member = str(netaddr.IPNetwork(db_subnetv2.cidr).network) utils.delete_fwpolicy(self, context, vdom=db_subnet.vdom, srcintf='any', srcaddr=name, dstintf='any', dstaddr=name, nat='disable') utils.delete_addrgrp(self, context, name=name, vdom=db_subnet.vdom, members=member.split(' ')) utils.delete_fwaddress(self, context, vdom=db_subnet.vdom, name=member) except Exception as e: resources.Exinfo(e) raise ml2_exc.MechanismDriverError( method=sys._getframe().f_code.co_name)
def _get_fip_before_id(self, context, fwr_id): fwp_assed = fortinet_db.Fortinet_FW_Rule_Association.query_one( context, type=constants.TYPE_EXT, fwr_id=fwr_id) if not fwp_assed: fwp_assed = fortinet_db.Fortinet_FW_Rule_Association.query_one( context, type=constants.TYPE_INT, fwr_id=fwr_id) fwp = fortinet_db.query_record(context, fortinet_db.Fortinet_Firewall_Policy, id=fwp_assed.fortinet_pid) return getattr(fwp, 'edit_id', None)
def _disassociate_floatingip(self, context, id): l3db_fip = self._get_floatingip(context, id) db_namespace = fortinet_db.query_record( context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=l3db_fip.tenant_id) db_fip = fortinet_db.query_record( context, fortinet_db.Fortinet_FloatingIP_Allocation, floating_ip_address=l3db_fip.floating_ip_address, allocated=True) int_intf, ext_intf = utils.get_vlink_intf(self, context, vdom=db_namespace.vdom) db_ip = fortinet_db.query_record(context, models_v2.IPAllocation, port_id=l3db_fip.fixed_port_id) vlan_inf = utils.get_intf(context, db_ip.network_id) mappedip = utils.get_ipaddr(db_fip.ip_subnet, 0) utils.delete_fwpolicy(self, context, vdom=db_namespace.vdom, srcintf=vlan_inf, srcaddr=l3db_fip.fixed_ip_address, dstintf=int_intf, poolname=mappedip) utils.delete_fwaddress(self, context, name=l3db_fip.fixed_ip_address, vdom=db_namespace.vdom) utils.delete_fwpolicy(self, context, vdom=db_namespace.vdom, dstaddr=db_fip.floating_ip_address) utils.delete_vip(self, context, vdom=db_namespace.vdom, name=db_fip.floating_ip_address)
def add_router_interface(self, context, port): """creates vlnk on the fortinet device.""" db_namespace = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=port['tenant_id']) vlan_inf = utils.get_intf(context, port['network_id']) int_intf, ext_intf = utils.get_vlink_intf(self, context, vdom=db_namespace.vdom) utils.add_fwpolicy(self, context, vdom=db_namespace.vdom, srcintf=vlan_inf, dstintf=int_intf, nat='enable')
def delete_reservedip(obj, context, **kwargs): cls = fortinet_db.Fortinet_ML2_ReservedIP reserved_ip = fortinet_db.query_record(context, cls, **kwargs) if reserved_ip: db_reservedips = fortinet_db.query_records(context, cls, subnet_id=reserved_ip.subnet_id) db_reservedips.remove(reserved_ip) reserved_addresses = [] for rsrvdip in db_reservedips: reserved_addresses.append({'id': rsrvdip.edit_id, 'ip': rsrvdip.ip, 'mac': rsrvdip.mac}) db_subnet = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Subnet, subnet_id=reserved_ip.subnet_id) if db_subnet: op(obj, context, resources.DhcpServerRsvAddr.set, id=db_subnet.edit_id, vdom=reserved_ip.vdom, reserved_address=jsonutils.dumps(reserved_addresses)) fortinet_db.delete_record(context, cls, **kwargs)
def clr_ext_gw(obj, context, port): ip_address = port['fixed_ips'][0]['ip_address'] subnetv2_db = fortinet_db.query_record(context, models_v2.Subnet, id=port['fixed_ips'][0]['subnet_id']) netmask = netaddr.IPNetwork(subnetv2_db.cidr).netmask ip = "%s %s" % (ip_address, netmask) delete_interface_ip(obj, context, name=obj._fortigate['ext_interface'], vdom=const.EXT_VDOM, ip=ip) delete_fwpolicy(obj, context, vdom=const.EXT_VDOM, poolname=ip_address) delete_fwippool(obj, context, vdom=const.EXT_VDOM, name=ip_address)
def clr_ext_gw(obj, context, port): ip_address = port['fixed_ips'][0]['ip_address'] subnetv2_db = fortinet_db.query_record( context, models_v2.Subnet, id=port['fixed_ips'][0]['subnet_id']) netmask = netaddr.IPNetwork(subnetv2_db.cidr).netmask ip = "%s %s" % (ip_address, netmask) delete_interface_ip(obj, context, name=obj._fortigate['ext_interface'], vdom=const.EXT_VDOM, ip=ip) delete_fwpolicy(obj, context, vdom=const.EXT_VDOM, poolname=ip_address) delete_fwippool(obj, context, vdom=const.EXT_VDOM, name=ip_address)
def check(obj, context, vdom, resource=resources.VlanInterface): vlink_vlan = fortinet_db.query_record(context, fortinet_db.Fortinet_Vlink_Vlan_Allocation, vdom=vdom) if vlink_vlan: try: op(obj, context, resource.get, vdom=vdom, name=vlink_vlan.inf_name_int_vdom) op(obj, context, resource.get, vdom=const.EXT_VDOM, name=vlink_vlan.inf_name_ext_vdom) except exception.ResourceNotFound as e: import inspect caller = inspect.stack()[1][3] LOG.debug("## Check vlink interface failed on the %(func)s.", {'func': caller}) resources.Exinfo(e)
def add_router_interface(self, context, port): """creates vlnk on the fortinet device.""" db_namespace = fortinet_db.query_record( context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=port['tenant_id']) vlan_inf = utils.get_intf(context, port['network_id']) int_intf, ext_intf = utils.get_vlink_intf(self, context, vdom=db_namespace.vdom) utils.add_fwpolicy(self, context, vdom=db_namespace.vdom, srcintf=vlan_inf, dstintf=int_intf, nat='enable')
def delete_interface_ip(obj, context, **kwargs): """ :param context: :param kwargs: example format as below { "ip": "10.160.37.20 255.255.255.0", "name": "port37", "vdom": "root" } :return: """ records = fortinet_db.query_records(context, fortinet_db.Fortinet_Interface_subip, name=kwargs.get('name')) org_subips = [getattr(record, 'ip') for record in records] if kwargs.get('ip') in org_subips: org_subips.remove(kwargs["ip"]) #op(obj, context, resources.VlanInterface.set, # name=kwargs.get('name'), # vdom=kwargs.get('vdom'), # secondaryips=org_subips) fortinet_db.delete_record(context, fortinet_db.Fortinet_Interface_subip, **kwargs) else: inf_db = fortinet_db.query_record(context, fortinet_db.Fortinet_Interface, **kwargs) if not inf_db: return if org_subips: kwargs['ip'] = org_subips.pop() op(obj, context, resources.VlanInterface.set, name=kwargs.get('name'), vdom=kwargs.get('vdom'), secondaryips=org_subips) fortinet_db.delete_record(context, fortinet_db.Fortinet_Interface_subip, **kwargs) else: kwargs['ip'] = const.EXT_DEF_DST op(obj, context, resources.VlanInterface.set, **kwargs) inf_db.update_record(context, inf_db, ip=kwargs['ip'])
def ftnt_sync_routers(self, context, **kwargs): """Sync routers according to filters to a specific agent. @param context: contain user information @param kwargs: host, router_ids @return: a list of routers with their interfaces and floating_ips """ # import ipdb;ipdb.set_trace() host = kwargs.get('host') routers = kwargs.get('routers') or {} fortigate = fortinet_db.query_record( context, fortinet_db.Fortinet_Fortigate, host=host) for router in routers: rinfo = self._get_router_info(context, fortigate.id, router) rinfo.setdefault('fortigate', fortigate.make_dict()) router['fortigate'] = rinfo return routers
def subnet_migration(context, mech_driver): # table subnets subnet = { 'allocation_pools': [{ 'start': '172.20.21.2', 'end': '172.20.21.254' }], 'cidr': '172.20.21.0/24', 'id': 'ee1506dc-d1a9-45b3-840e-137bdaebce52', 'enable_dhcp': True, 'network_id': u'ad47f7b8-4bb7-4591-b8ed-f720237dd24f', 'tenant_id': u'11513667f4ee4a14acb0985659456f24', 'dns_nameservers': [], 'gateway_ip': u'172.20.21.1', 'shared': False } ipallocation_pool = { 'start': '172.20.21.2', 'end': '172.20.21.254' } records = fortinet_db.query_records(context, models_v2.Subnet) with Progress(len(records), 'subnet_migration') as p: for record in records: dns_nameservers = [] reset(subnet) reset(ipallocation_pool) db_ipallocation = fortinet_db.query_record(context, models_v2.IPAllocationPool, subnet_id=record.id) cls2dict(db_ipallocation, ipallocation_pool, first_ip='start', last_ip='end') db_dnssrvs = fortinet_db.query_records(context, models_v2.DNSNameServer, subnet_id=record.id) for dns in db_dnssrvs: dns_nameservers.append(dns.address) cls2dict(record, subnet) subnet['dns_nameservers'] = dns_nameservers subnet['allocation_pools'] = [ipallocation_pool] mech_context = Fake_mech_context(_plugin_context=context, current=subnet) mech_driver.create_subnet_postcommit(mech_context) p.update()
def add_reservedip(obj, context, **kwargs): cls = fortinet_db.Fortinet_ML2_ReservedIP add_record(obj, context, cls, **kwargs) db_reservedips = fortinet_db.query_records(context, cls, subnet_id=kwargs.get('subnet_id')) db_subnet = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Subnet, subnet_id=kwargs.get('subnet_id')) if db_subnet: reserved_addresses = [] for rsrvdip in db_reservedips: reserved_addresses.append({'id': rsrvdip.edit_id, 'ip': rsrvdip.ip, 'mac': rsrvdip.mac}) op(obj, context, resources.DhcpServerRsvAddr.set, id=db_subnet.edit_id, vdom=kwargs.get('vdom'), reserved_address=jsonutils.dumps(reserved_addresses))
def subnet_migration(context, mech_driver): # table subnets subnet = { 'allocation_pools': [{ 'start': '172.20.21.2', 'end': '172.20.21.254' }], 'cidr': '172.20.21.0/24', 'id': 'ee1506dc-d1a9-45b3-840e-137bdaebce52', 'enable_dhcp': True, 'network_id': u'ad47f7b8-4bb7-4591-b8ed-f720237dd24f', 'tenant_id': u'11513667f4ee4a14acb0985659456f24', 'dns_nameservers': [], 'gateway_ip': u'172.20.21.1', 'shared': False } ipallocation_pool = {'start': '172.20.21.2', 'end': '172.20.21.254'} records = fortinet_db.query_records(context, models_v2.Subnet) with Progress(len(records), 'subnet_migration') as p: for record in records: dns_nameservers = [] reset(subnet) reset(ipallocation_pool) db_ipallocation = fortinet_db.query_record( context, models_v2.IPAllocationPool, subnet_id=record.id) cls2dict(db_ipallocation, ipallocation_pool, first_ip='start', last_ip='end') db_dnssrvs = fortinet_db.query_records(context, models_v2.DNSNameServer, subnet_id=record.id) for dns in db_dnssrvs: dns_nameservers.append(dns.address) cls2dict(record, subnet) subnet['dns_nameservers'] = dns_nameservers subnet['allocation_pools'] = [ipallocation_pool] mech_context = Fake_mech_context(_plugin_context=context, current=subnet) mech_driver.create_subnet_postcommit(mech_context) p.update()
def delete_router(self, context, id): LOG.debug("delete_router: router id=%s", id) try: if self.enable_fwaas: fw_plugin = directory.get_plugin(service_consts.FIREWALL) fw_plugin.update_firewall_for_delete_router(context, id) with context.session.begin(subtransactions=True): router = fortinet_db.query_record(context, l3_db.Router, id=id) # TODO(jerryz): move this out of transaction. setattr(context, 'GUARD_TRANSACTION', False) super(FortinetL3ServicePlugin, self).delete_router(context, id) if getattr(router, 'tenant_id', None): utils.delete_vlink(self, context, router.tenant_id) utils.delete_vdom(self, context, tenant_id=router.tenant_id) except Exception as e: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to delete_router routerid=%(id)s"), {"id": id}) resources.Exinfo(e)
def check(obj, context, vdom, resource=resources.VlanInterface): vlink_vlan = fortinet_db.query_record( context, fortinet_db.Fortinet_Vlink_Vlan_Allocation, vdom=vdom) if vlink_vlan: try: op(obj, context, resource.get, vdom=vdom, name=vlink_vlan.inf_name_int_vdom) op(obj, context, resource.get, vdom=const.EXT_VDOM, name=vlink_vlan.inf_name_ext_vdom) except exception.ResourceNotFound as e: import inspect caller = inspect.stack()[1][3] LOG.debug("## Check vlink interface failed on the %(func)s.", {'func': caller}) resources.Exinfo(e)
def _get_router_info(self, context, fortigate_id, router): # Limit one router per tenant if not router.get('id', None): return rinfo = {} tenant_id = router.get('tenant_id', None) if not tenant_id: router_db = fortinet_db.query_record( context, l3_db.Router, id=router['id']) tenant_id = getattr(router_db, tenant_id, None) try: namespace = utils.allocate_vdom(self, context, tenant_id=tenant_id) rinfo['vdom'] = namespace.make_dict() if namespace else {} rinfo['vlink'] = utils.allocate_vlink(self, context, fortigate_id, namespace.vdom) except Exception as e: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create_router router=%(router)s"), {"router ": router}) utils.rollback_on_err(self, context, e) utils.update_status(self, context, t_consts.TaskStatus.COMPLETED) return rinfo
def remove_router_interface(self, context, router_id, interface_info): """Deletes vlink, default router from Fortinet device.""" LOG.debug( "FortinetL3ServicePlugin.remove_router_interface called: " "router_id=%(router_id)s " "interface_info=%(interface_info)r", { 'router_id': router_id, 'interface_info': interface_info }) with context.session.begin(subtransactions=True): # TODO(jerryz): move this out of transaction. setattr(context, 'GUARD_TRANSACTION', False) info = (super(FortinetL3ServicePlugin, self).remove_router_interface( context, router_id, interface_info)) try: subnet = self._core_plugin._get_subnet(context, info['subnet_id']) tenant_id = subnet['tenant_id'] network_id = subnet['network_id'] vlan_inf = utils.get_intf(context, network_id) db_namespace = fortinet_db.query_record( context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=tenant_id) utils.delete_fwpolicy(self, context, vdom=db_namespace.vdom, srcintf=vlan_inf) except Exception: with excutils.save_and_reraise_exception(): LOG.error( _LE("Fail remove of interface from Fortigate " "router interface. info=%(info)s, " "router_id=%(router_id)s"), { "info": info, "router_id": router_id }) return info
def add_reservedip(obj, context, **kwargs): cls = fortinet_db.Fortinet_ML2_ReservedIP add_record(obj, context, cls, **kwargs) db_reservedips = fortinet_db.query_records( context, cls, subnet_id=kwargs.get('subnet_id')) db_subnet = fortinet_db.query_record(context, fortinet_db.Fortinet_ML2_Subnet, subnet_id=kwargs.get('subnet_id')) if db_subnet: reserved_addresses = [] for rsrvdip in db_reservedips: reserved_addresses.append({ 'id': rsrvdip.edit_id, 'ip': rsrvdip.ip, 'mac': rsrvdip.mac }) op(obj, context, resources.DhcpServerRsvAddr.set, id=db_subnet.edit_id, vdom=kwargs.get('vdom'), reserved_address=jsonutils.dumps(reserved_addresses))
def delete_by_id(obj, context, cls, resource, **kwargs): record = fortinet_db.query_record(context, cls, **kwargs) delete_resource_with_id(obj, context, record, resource) return fortinet_db.delete_record(context, cls, **kwargs)
def port_migration(context, mech_driver, l3_driver): """ :param mech_driver: :param context: :return: # table ports port { 'status': 'DOWN', 'binding: host_id': '', 'allowed_address_pairs': [], 'device_owner': 'network: router_interface', 'binding: profile': { }, # table ipallocations 'fixed_ips': [{ 'subnet_id': u'f645b09c-a34a-42fb-9c14-b999e43a54c7', 'ip_address': u'172.20.21.1' }], 'id': 'fb66def6-bd5e-44a0-a3f7-7c0e8e08d9ff', 'security_groups': [], 'device_id': u'e4020c65-7003-468b-a34d-31af297397a0', 'name': '', 'admin_state_up': True, 'network_id': u'f8e34426-ccf7-429c-b726-3809d54cabdc', 'tenant_id': u'11513667f4ee4a14acb0985659456f24', 'binding: vif_details': { }, 'binding: vnic_type': 'normal', 'binding: vif_type': 'unbound', 'mac_address': u'00: 0c: 29: d9: 18: 3f' } """ port = { 'device_owner': 'network: router_interface', 'fixed_ips': [{ 'subnet_id': u'f645b09c-a34a-42fb-9c14-b999e43a54c7', 'ip_address': u'172.20.21.1' }], 'id': 'fb66def6-bd5e-44a0-a3f7-7c0e8e08d9ff', 'device_id': u'e4020c65-7003-468b-a34d-31af297397a0', 'admin_state_up': True, 'network_id': u'f8e34426-ccf7-429c-b726-3809d54cabdc', 'tenant_id': u'11513667f4ee4a14acb0985659456f24', 'mac_address': u'00: 0c: 29: d9: 18: 3f' } ipallocation = { 'subnet_id': u'f645b09c-a34a-42fb-9c14-b999e43a54c7', 'ip_address': u'172.20.21.1' } MAC = utils.get_mac(mech_driver, context) records = fortinet_db.query_records(context, models_v2.Port) with Progress(len(records), 'port_migration') as p: for record in records: reset(port) cls2dict(record, port) if port['fixed_ips']: fixed_ips = [] for fixed_ip in port['fixed_ips']: cls2dict(fixed_ip, ipallocation) fixed_ips.append(ipallocation) port['fixed_ips'] = fixed_ips if port['device_owner'] in [ROUTER_INTF, ROUTER_GW] and \ MAC not in port['mac_address']: port['mac_address'] = MAC if not fortinet_db.query_count(context, models_v2.Port, mac_address=MAC, network_id=record.network_id): fortinet_db.update_record(context, record, mac_address=MAC) mech_context = Fake_mech_context(_plugin_context=context, current=port) mech_driver.create_port_precommit(mech_context) mech_driver.create_port_postcommit(mech_context) db_routerport = fortinet_db.query_record(context, l3_db.RouterPort, port_id=record.id) if getattr(db_routerport, 'port_type', None) in [ROUTER_INTF]: l3_driver.add_router_interface(context, port) p.update()
def get_vlink_intf(obj, context, **kwargs): vlink_vlan = fortinet_db.query_record( context, fortinet_db.Fortinet_Vlink_Vlan_Allocation, **kwargs) if not vlink_vlan and kwargs.get('vdom', None): return add_vlink(obj, context, kwargs['vdom']) return (vlink_vlan.inf_name_int_vdom, vlink_vlan.inf_name_ext_vdom)
def create_subnet_postcommit(self, mech_context, update=False): if not update: # log the context for debugging LOG.debug("create_subnetwork_postcommit: called, context %(ctx)s", {'ctx': mech_context.current}) gateway = mech_context.current['gateway_ip'] network_id = mech_context.current['network_id'] subnet_id = mech_context.current['id'] tenant_id = mech_context.current['tenant_id'] context = mech_context._plugin_context dns_nameservers = mech_context.current.setdefault( 'dns_nameservers', []) if update: router_func = utils.set_routerstatic dhcp_func = utils.set_dhcpserver else: router_func = utils.add_routerstatic dhcp_func = utils.add_dhcpserver try: if fortinet_db.query_record(context, ext_db.ExternalNetwork, network_id=network_id): router_func(self, context, subnet_id=subnet_id, vdom=const.EXT_VDOM, dst=const.EXT_DEF_DST, device=self._fortigate['ext_interface'], gateway=gateway) else: namespace = fortinet_db.query_record( context, fortinet_db.Fortinet_ML2_Namespace, tenant_id=tenant_id) interface = utils.get_intf(context, mech_context.current['network_id']) netmask = str( netaddr.IPNetwork(mech_context.current['cidr']).netmask) start_ip = mech_context.current['allocation_pools'][0]['start'] end_ip = mech_context.current['allocation_pools'][0]['end'] dhcp_func(self, context, subnet_id=subnet_id, vdom=namespace.vdom, interface=interface, dns_nameservers=dns_nameservers, gateway=gateway, netmask=netmask, start_ip=start_ip, end_ip=end_ip) # TODO(samsu): need to add rollback for the update and set cls = fortinet_db.Fortinet_Interface record = fortinet_db.query_record(context, cls, name=interface, vdom=namespace.vdom) if gateway: cls.update_record(context, record, ip="%s %s" % (gateway, netmask)) utils.op(self, context, resources.VlanInterface.set, name=interface, vdom=namespace.vdom, ip="%s %s" % (gateway, netmask)) except Exception as e: utils._rollback_on_err(self, context, e) raise ml2_exc.MechanismDriverError( method=sys._getframe().f_code.co_name) if not update: utils.update_status(self, context, t_consts.TaskStatus.COMPLETED)
def _get_floatingip(self, context, id): return fortinet_db.query_record(context, l3_db.FloatingIP, id=id)