Example #1
0
    def test_ip_association_and_allocation_of_other_project(self):
        """Makes sure that we cannot deallocaate or disassociate
        a public ip of other project"""

        context1 = context.RequestContext("user", "project1")
        context2 = context.RequestContext("user", "project2")

        address = "1.2.3.4"
        float_addr = db.floating_ip_create(context1.elevated(), {"address": address, "project_id": context1.project_id})

        instance = db.instance_create(context1, {"project_id": "project1"})

        fix_addr = db.fixed_ip_associate_pool(context1.elevated(), 1, instance["id"])

        # Associate the IP with non-admin user context
        self.assertRaises(exception.NotAuthorized, self.network.associate_floating_ip, context2, float_addr, fix_addr)

        # Deallocate address from other project
        self.assertRaises(exception.NotAuthorized, self.network.deallocate_floating_ip, context2, float_addr)

        # Now Associates the address to the actual project
        self.network.associate_floating_ip(context1, float_addr, fix_addr)

        # Now try dis-associating from other project
        self.assertRaises(exception.NotAuthorized, self.network.disassociate_floating_ip, context2, float_addr)

        # Clean up the ip addresses
        self.network.deallocate_floating_ip(context1, float_addr)
        self.network.deallocate_fixed_ip(context1, fix_addr)
        db.floating_ip_destroy(context1.elevated(), float_addr)
        db.fixed_ip_disassociate(context1.elevated(), fix_addr)
Example #2
0
    def deallocate_ips_by_vif(self, context, tenant_id, net_id, vif_ref):
        """Deallocate all fixed IPs associated with the specified
           virtual interface.
        """
        admin_context = context.elevated()
        fixed_ips = db.fixed_ips_by_virtual_interface(admin_context,
                                                         vif_ref['id'])
        # NOTE(s0mik): Sets fixed-ip to deallocated, but leaves the entry
        # associated with the instance-id.  This prevents us from handing it
        # out again immediately, as allocating it to a new instance before
        # a DHCP lease has timed-out is bad.  Instead, the fixed-ip will
        # be disassociated with the instance-id by a call to one of two
        # methods inherited from FlatManager:
        # - if DHCP is in use, a lease expiring in dnsmasq triggers
        #   a call to release_fixed_ip in the network manager, or it will
        #   be timed out periodically if the lease fails.
        # - otherwise, we release the ip immediately

        read_deleted_context = admin_context.elevated(read_deleted='yes')
        for fixed_ip in fixed_ips:
            fixed_id = fixed_ip['id']
            floating_ips = self.net_manager.db.floating_ip_get_by_fixed_ip_id(
                                admin_context,
                                fixed_id)
            # disassociate floating ips related to fixed_ip
            for floating_ip in floating_ips:
                address = floating_ip['address']
                manager.FloatingIP.disassociate_floating_ip(
                    self.net_manager,
                    read_deleted_context,
                    address,
                    affect_auto_assigned=True)
                # deallocate if auto_assigned
                if floating_ip['auto_assigned']:
                    manager.FloatingIP.deallocate_floating_ip(
                        read_deleted_context,
                        address,
                        affect_auto_assigned=True)
            db.fixed_ip_update(admin_context, fixed_ip['address'],
                               {'allocated': False,
                                'virtual_interface_id': None})
            if not self.net_manager.DHCP:
                db.fixed_ip_disassociate(admin_context, fixed_ip['address'])

        if len(fixed_ips) == 0:
            LOG.error(_('No fixed IPs to deallocate for vif %s'),
                      vif_ref['id'])
Example #3
0
    def deallocate_ips_by_vif(self, context, tenant_id, net_id, vif_ref):
        """Deallocate all fixed IPs associated with the specified
           virtual interface.
        """
        admin_context = context.elevated()
        fixed_ips = db.fixed_ips_by_virtual_interface(admin_context,
                                                      vif_ref['id'])
        # NOTE(s0mik): Sets fixed-ip to deallocated, but leaves the entry
        # associated with the instance-id.  This prevents us from handing it
        # out again immediately, as allocating it to a new instance before
        # a DHCP lease has timed-out is bad.  Instead, the fixed-ip will
        # be disassociated with the instance-id by a call to one of two
        # methods inherited from FlatManager:
        # - if DHCP is in use, a lease expiring in dnsmasq triggers
        #   a call to release_fixed_ip in the network manager, or it will
        #   be timed out periodically if the lease fails.
        # - otherwise, we release the ip immediately

        read_deleted_context = admin_context.elevated(read_deleted='yes')
        for fixed_ip in fixed_ips:
            fixed_id = fixed_ip['id']
            floating_ips = self.net_manager.db.floating_ip_get_by_fixed_ip_id(
                admin_context, fixed_id)
            # disassociate floating ips related to fixed_ip
            for floating_ip in floating_ips:
                address = floating_ip['address']
                manager.FloatingIP.disassociate_floating_ip(
                    self.net_manager,
                    read_deleted_context,
                    address,
                    affect_auto_assigned=True)
                # deallocate if auto_assigned
                if floating_ip['auto_assigned']:
                    manager.FloatingIP.deallocate_floating_ip(
                        read_deleted_context,
                        address,
                        affect_auto_assigned=True)
            db.fixed_ip_update(admin_context, fixed_ip['address'], {
                'allocated': False,
                'virtual_interface_id': None
            })
            if not self.net_manager.DHCP:
                db.fixed_ip_disassociate(admin_context, fixed_ip['address'])

        if len(fixed_ips) == 0:
            LOG.error(_('No fixed IPs to deallocate for vif %s'),
                      vif_ref['id'])
Example #4
0
    def test_ip_association_and_allocation_of_other_project(self):
        """Makes sure that we cannot deallocaate or disassociate
        a public ip of other project"""

        context1 = context.RequestContext('user', 'project1')
        context2 = context.RequestContext('user', 'project2')

        address = '1.2.3.4'
        float_addr = db.floating_ip_create(context1.elevated(),
                {'address': address,
                 'project_id': context1.project_id})

        instance = db.instance_create(context1,
                {'project_id': 'project1'})

        fix_addr = db.fixed_ip_associate_pool(context1.elevated(),
                1, instance['id'])

        # Associate the IP with non-admin user context
        self.assertRaises(exception.NotAuthorized,
                          self.network.associate_floating_ip,
                          context2,
                          float_addr,
                          fix_addr)

        # Deallocate address from other project
        self.assertRaises(exception.NotAuthorized,
                          self.network.deallocate_floating_ip,
                          context2,
                          float_addr)

        # Now Associates the address to the actual project
        self.network.associate_floating_ip(context1, float_addr, fix_addr)

        # Now try dis-associating from other project
        self.assertRaises(exception.NotAuthorized,
                          self.network.disassociate_floating_ip,
                          context2,
                          float_addr)

        # Clean up the ip addresses
        self.network.deallocate_floating_ip(context1, float_addr)
        self.network.deallocate_fixed_ip(context1, fix_addr)
        db.floating_ip_destroy(context1.elevated(), float_addr)
        db.fixed_ip_disassociate(context1.elevated(), fix_addr)
Example #5
0
 def disassociate(self, context):
     db.fixed_ip_disassociate(context, str(self.address))
     self.instance_uuid = None
     self.instance = None
     self.obj_reset_changes(['instance_uuid', 'instance'])
Example #6
0
 def disassociate_by_address(cls, context, address):
     db.fixed_ip_disassociate(context, address)