Example #1
0
 def _get_all_cloudpipes(self, context):
     """Get all cloudpipes."""
     instances = self.compute_api.get_all(context,
                                          search_opts={'deleted': False})
     return [instance for instance in instances
             if pipelib.is_vpn_image(instance['image_ref'])
             and instance['vm_state'] != vm_states.DELETED]
Example #2
0
    def setup_basic_filtering(self, instance, network_info):
        """Set up basic filtering (MAC, IP, and ARP spoofing protection)."""
        LOG.info(_('Called setup_basic_filtering in nwfilter'),
                 instance=instance)

        if self.handle_security_groups:
            # No point in setting up a filter set that we'll be overriding
            # anyway.
            return

        LOG.info(_('Ensuring static filters'), instance=instance)
        self._ensure_static_filters()

        allow_dhcp = False
        for (network, mapping) in network_info:
            if mapping['dhcp_server']:
                allow_dhcp = True
                break
        if pipelib.is_vpn_image(instance['image_ref']):
            base_filter = 'nova-vpn'
        elif allow_dhcp:
            base_filter = 'nova-base'
        else:
            base_filter = 'nova-nodhcp'

        for (network, mapping) in network_info:
            nic_id = mapping['mac'].replace(':', '')
            instance_filter_name = self._instance_filter_name(instance, nic_id)
            self._define_filter(
                self._filter_container(instance_filter_name, [base_filter]))
Example #3
0
    def setup_basic_filtering(self, instance, network_info):
        """Set up basic filtering (MAC, IP, and ARP spoofing protection)."""
        LOG.info(_('Called setup_basic_filtering in nwfilter'),
                 instance=instance)

        if self.handle_security_groups:
            # No point in setting up a filter set that we'll be overriding
            # anyway.
            return

        LOG.info(_('Ensuring static filters'), instance=instance)
        self._ensure_static_filters()

        allow_dhcp = False
        for (network, mapping) in network_info:
            if mapping['dhcp_server']:
                allow_dhcp = True
                break
        if pipelib.is_vpn_image(instance['image_ref']):
            base_filter = 'nova-vpn'
        elif allow_dhcp:
            base_filter = 'nova-base'
        else:
            base_filter = 'nova-nodhcp'

        for (network, mapping) in network_info:
            nic_id = mapping['mac'].replace(':', '')
            instance_filter_name = self._instance_filter_name(instance, nic_id)
            self._define_filter(self._filter_container(instance_filter_name,
                                                       [base_filter]))
Example #4
0
 def _get_all_cloudpipes(self, context):
     """Get all cloudpipes."""
     instances = self.compute_api.get_all(context, search_opts={"deleted": False}, want_objects=True)
     return [
         instance
         for instance in instances
         if pipelib.is_vpn_image(instance.image_ref) and instance.vm_state != vm_states.DELETED
     ]
Example #5
0
 def _get_all_cloudpipes(self, context):
     """Get all cloudpipes."""
     instances = self.compute_api.get_all(context,
                                          search_opts={'deleted': False},
                                          want_objects=True)
     return [instance for instance in instances
             if pipelib.is_vpn_image(instance.image_ref)
             and instance.vm_state != vm_states.DELETED]
Example #6
0
 def get_base_filter_list(self, instance, allow_dhcp):
     """Obtain a list of base filters to apply to an instance.
     The return value should be a list of strings, each
     specifying a filter name.  Subclasses can override this
     function to add additional filters as needed.  Additional
     filters added to the list must also be correctly defined
     within the subclass.
     """
     if pipelib.is_vpn_image(instance['image_ref']):
         base_filter = 'nova-vpn'
     elif allow_dhcp:
         base_filter = 'nova-base'
     else:
         base_filter = 'nova-nodhcp'
     return [base_filter]
Example #7
0
 def get_base_filter_list(self, instance, allow_dhcp):
     """Obtain a list of base filters to apply to an instance.
     The return value should be a list of strings, each
     specifying a filter name.  Subclasses can override this
     function to add additional filters as needed.  Additional
     filters added to the list must also be correctly defined
     within the subclass.
     """
     if pipelib.is_vpn_image(instance.image_ref):
         base_filter = 'nova-vpn'
     elif allow_dhcp:
         base_filter = 'nova-base'
     else:
         base_filter = 'nova-nodhcp'
     return [base_filter]
Example #8
0
    def _allocate_network(self, context, instance, requested_networks, macs,
                          security_groups):
        """Allocate networks for an instance and return the network info."""
        # NOTE(rohit): Changed the expected_task_state from None to scheduling

        self.conductor_api.instance_update(context,
                                    instance['uuid'],
                                    vm_state=vm_states.BUILDING,
                                    task_state=task_states.NETWORKING)

        is_vpn = pipelib.is_vpn_image(instance['image_ref'])
        try:
            # allocate and get network info
            network_info = self.network_api.allocate_for_instance(context,
                                        instance, vpn=is_vpn,
                                        requested_networks=requested_networks,
                                        macs=macs,
                                        conductor_api=self.conductor_api,
                                        security_groups=security_groups)
            return network_info
        except Exception:
            with excutils.save_and_reraise_exception():
                LOG.exception(_('Instance failed network setup'),
                    instance=instance)