def get_gateway_port_vlan(self, tenant_id, gw_intf_id): try: vlan = gw_helper.get_gateway_port_vlan(self.restproxy, gw_intf_id) # Get the perm if it exists perm = gw_helper.get_tenant_perm(self.restproxy, gw_intf_id) if perm: vlan['assignedTo'] = perm['permittedEntityName'] ret = gw_helper.make_gw_vlan_dict(vlan) return ret except Exception as e: if e.code == constants.RES_NOT_FOUND: return [] raise
def get_gateway_vports(self, context, tenant_id, netpart_id, filters): subnet_id = filters['subnet'][0] nuage_subnet_id = filters['nuage_subnet_id'][0] # Get the nuage l2domain/subnet corresponding to neutron subnet # nuage_subnet_id passed in filters by plugin subnet_mapping = nuagedb.get_subnet_l2dom_by_nuage_id( context.session, nuage_subnet_id) if not subnet_mapping: msg = _("Nuage subnet for neutron subnet %(subn)s not found " % {'subn': subnet_id}) # noqa H702 raise restproxy.RESTProxyError(msg) if subnet_mapping['nuage_l2dom_tmplt_id']: subnet_type = constants.L2DOMAIN else: subnet_type = constants.SUBNET if 'id' in filters: # This is to get vport by id vport = gw_helper.get_nuage_vport(self.restproxy, filters['id'][0]) # Return an empty list for neutronclient get_res_by_id_or_name() if not vport: return [] if vport['parentID'] != subnet_mapping['nuage_subnet_id']: return [] vport_list = [vport] elif 'name' in filters: # This is to get vport by name vport = gw_helper.get_nuage_vport_by_name( self.restproxy, subnet_mapping['nuage_subnet_id'], filters['name'][0], subnet_type) # Return an empty list for neutronclient get_res_by_id_or_name() if not vport: return [] if vport['parentID'] != subnet_mapping['nuage_subnet_id']: return [] vport_list = [vport] else: if subnet_type == constants.SUBNET: # Get all host/bridge vports vport_list = gw_helper.get_vports_for_subnet( self.restproxy, subnet_mapping['nuage_subnet_id']) else: # Get all host/bridge vports vport_list = gw_helper.get_vports_for_l2domain( self.restproxy, subnet_mapping['nuage_subnet_id']) resp_list = [] for vport in vport_list: vport_type = vport['type'] resp = dict() if vport_type in [ constants.HOST_VPORT_TYPE, constants.BRIDGE_VPORT_TYPE ]: resp['vport_id'] = vport['ID'] resp['vport_type'] = vport_type resp['vport_name'] = vport['name'] # Get the host/bridge interface nuage_interface = gw_helper.get_interface_by_vport( self.restproxy, vport['ID'], vport_type) resp['port_id'] = None if nuage_interface: resp['interface'] = nuage_interface['ID'] resp['port_id'] = strip_cms_id( nuage_interface['externalID']) if vport_type == constants.HOST_VPORT_TYPE: resp['subnet_id'] = subnet_id else: resp['subnet_id'] = subnet_id if not vport['VLANID']: # Skip this vport as it does not have any vlan. # This should never happen as if vport is created a vlan # is always associated with it continue # Get the gw interface nuage_vlan = gw_helper.get_gateway_port_vlan( self.restproxy, vport['VLANID']) resp['nuage_vlan_id'] = nuage_vlan['ID'] resp['gateway'] = nuage_vlan['gatewayID'] resp['gatewayport'] = nuage_vlan['parentID'] resp['value'] = nuage_vlan['value'] resp_list.append(resp) if tenant_id: updated_vport_list = [] for vport in resp_list: ent_perm = gw_helper.get_ent_permission_on_vlan( self.restproxy, vport['nuage_vlan_id']) if ent_perm: vlan_perm = self._check_tenant_perm( vport['nuage_vlan_id'], tenant_id, ent_perm['permittedEntityID']) if vlan_perm: updated_vport_list.append(vport) return updated_vport_list return resp_list
def _get_gateway_vport(self, context, tenant_id, netpart_id, nuage_vlan_id): # subnet is required to keep the o/p format consistent with # create_gateway_vport o/p ret = { 'subnet_id': None, 'interface': None, 'vport_id': None, 'vport_type': None, 'vport_name': None, 'port_id': None } # Get the gw interface try: nuage_vlan = gw_helper.get_gateway_port_vlan( self.restproxy, nuage_vlan_id) except Exception as e: if e.code == constants.RES_NOT_FOUND: return raise # Check for tenant permission # tenant_id is None in case of admin. We don't check permissions # for admin.netpart_id will be None when called from # delete_gateway_vport. We don't have to check permissions for # delete as client always calls get() before delete and we check # permissions during get() if tenant_id and netpart_id: ent_perm = gw_helper.get_ent_permission_on_vlan( self.restproxy, nuage_vlan['ID']) has_perm = self._check_tenant_perm(nuage_vlan_id, tenant_id, ent_perm['permittedEntityID']) if not has_perm: msg = _("Tenant %(ten)s does not have permission for vlan %(" "vlan)s" % { 'ten': tenant_id, # noqa H702 'vlan': nuage_vlan_id }) LOG.warn(msg) raise restproxy.RESTProxyError(msg) ret['gateway'] = nuage_vlan['gatewayID'] ret['gatewayport'] = nuage_vlan['parentID'] ret['value'] = nuage_vlan['value'] # Check if it is associated with a vport nuage_vport_id = nuage_vlan['vportID'] if not nuage_vport_id: msg = _("Nuage gateway interface %s is not associated with any " "vport" % nuage_vlan_id) # noqa H702 raise restproxy.RESTProxyError(msg) # Get the vport nuage_vport = gw_helper.get_nuage_vport(self.restproxy, nuage_vport_id) if nuage_vport: subnet_mapping = nuagedb.get_subnet_l2dom_by_nuage_id( context.session, nuage_vport['parentID']) ret['subnet_id'] = subnet_mapping["subnet_id"] ret['nuage_subnet_id'] = nuage_vport['parentID'] nuage_vport_type = nuage_vport['type'] if nuage_vport_type == constants.BRIDGE_VPORT_TYPE: # Get the bridge interface on the vport nuage_br_intf = gw_helper.get_interface_by_vport( self.restproxy, nuage_vport_id, nuage_vport_type) if nuage_br_intf: ret['interface'] = nuage_br_intf['ID'] elif nuage_vport_type == constants.HOST_VPORT_TYPE: # Get the host interface on the vport nuage_host_intf = gw_helper.get_interface_by_vport( self.restproxy, nuage_vport_id, nuage_vport_type) if nuage_host_intf: ret['interface'] = nuage_host_intf['ID'] ret['port_id'] = strip_cms_id( nuage_host_intf['externalID']) else: msg = _("Nuage vport associated with gateway interface %s is" " not connected to a bridge/host interface" % nuage_vlan_id) # noqa H702 raise restproxy.RESTProxyError(msg) ret['vport_id'] = nuage_vport_id ret['vport_type'] = nuage_vport_type ret['vport_name'] = nuage_vport['name'] return ret
def delete_nuage_gateway_vport(self, context, nuage_vport_id, def_netpart_id): # Get the gw interface and vport info tenant_id = context.tenant_id resp = self.get_gateway_vport(context, tenant_id, None, nuage_vport_id) if not resp: return subnet_id = resp['nuage_subnet_id'] # Get the neutron subnet-id associated with the vport subnet_mapping = nuagedb.get_subnet_l2dom_by_nuage_id( context.session, subnet_id) # Delete the interface and vport if resp['vport_type'] == constants.BRIDGE_VPORT_TYPE: # Bridge/Host vport will always have a vlan associated with it nuage_vlan = gw_helper.get_gateway_port_vlan( self.restproxy, resp['vlanid']) # Get the gateway associated with vlan nuage_gw = gw_helper.get_gateway(self.restproxy, nuage_vlan['gatewayID']) if resp['interface']: # Delete interface gw_helper.delete_nuage_interface(self.restproxy, resp['interface'], constants.BRIDGE_VPORT_TYPE) LOG.debug("Deleted bridge interface %s", resp['interface']) # do not attempt to delete policygroup on vsd managed subnets # as we do not create it in that case if not subnet_mapping["nuage_managed_subnet"]: if subnet_mapping['nuage_l2dom_tmplt_id']: subnet_type = constants.L2DOMAIN else: subnet_type = constants.SUBNET nuage_policygroup = gw_helper.get_policygroup_for_interface( self.restproxy, subnet_mapping["subnet_id"], nuage_gw['personality'], resp['vport_type'], subnet_type) if nuage_policygroup: # Check if policygroup has more than 1 vport associated self._delete_policygroup(resp['interface'], nuage_policygroup[0]) elif resp['vport_type'] == constants.HOST_VPORT_TYPE: if resp['interface']: # Delete the policygroup and interface gw_helper.delete_nuage_interface(self.restproxy, resp['interface'], constants.HOST_VPORT_TYPE) LOG.debug("Deleted host interface %s", resp['interface']) # do not attempt to delete policygroup on vsd managed subnets # as we do not create it in that case g if not subnet_mapping["nuage_managed_subnet"]: # Delete the policugroup policy_group_id = gw_helper.get_policygroup_for_host_vport( self.restproxy, resp['vport_id']) if policy_group_id: # Check if policygroup has more than 1 vport associated self._delete_policygroup(resp['interface'], policy_group_id) # Delete the vport # if 'vport_type' is not None, then 'vport_id' is not None gw_helper.delete_nuage_vport(self.restproxy, resp['vport_id']) LOG.debug("Deleted vport %s", resp['vport_id']) # Remove Ent/Tenant permissions netpart_id = None perms = self._get_ent_permissions(resp['vlanid']) if perms and perms['permittedEntityType'] == 'enterprise': netpart_id = perms['permittedEntityID'] else: netpart_id = def_netpart_id if netpart_id != def_netpart_id: perm = gw_helper.get_tenant_perm(self.restproxy, resp['vlanid']) if perm: num_grps = self.remove_tenant_perm(resp['vlanid'], perm['permittedEntityName'], netpart_id) if num_grps == 0: # Remove permissions for the enterprise if it exists self.remove_ent_perm(resp['vlanid']) LOG.debug("Deleted ent perissions on vlan %s", resp['vlanid']) else: LOG.debug("Preserving ent permissions on default netpartition")
def get_gateway_port_vlans(self, tenant_id, netpart_id, filters): if 'gateway' in filters and 'gatewayport' in filters: # We dont't need the gateway that is being passed in. # We should have verified that the gatewayport belongs # to this gateway in previous call. params = {'port_id': filters['gatewayport'][0]} vlan_list = self._get_gateway_port_vlans(tenant_id, params) elif 'gatewayport' in filters and 'name' in filters: params = {'port_id': filters['gatewayport'][0]} extra_params = {'vlan_value': filters['name'][0]} vlan_list = self._get_gateway_port_vlans(tenant_id, params, extra_params) elif 'gatewayport' in filters and 'id' in filters: params = {'port_id': filters['gatewayport'][0]} extra_params = {'vlan_value': filters['id'][0]} vlan_list = self._get_gateway_port_vlans(tenant_id, params, extra_params) elif 'name' in filters: try: vlan_list = [ gw_helper.get_gateway_port_vlan(self.restproxy, filters['name'][0]) ] except Exception as e: # If vlan does not exist return a empty list if e.code == constants.RES_NOT_FOUND: return [] raise elif 'id' in filters: vlan_list = [ gw_helper.get_gateway_port_vlan(self.restproxy, filters['id'][0]) ] elif 'gatewayport' in filters: params = {'port_id': filters['gatewayport'][0]} vlan_list = self._get_gateway_port_vlans(tenant_id, params) else: # This is when no --gateway and --gatewayport option is specified # in neutronclient vlan_list = self._get_vlans_for_tenant(tenant_id, netpart_id) if tenant_id: updated_vlan_list = [] for vlan in vlan_list: # Get permissions for each vlan ent_perm = gw_helper.get_ent_permission_on_vlan( self.restproxy, vlan['ID']) if ent_perm: vlan_perm = self._check_tenant_perm( vlan['ID'], tenant_id, ent_perm['permittedEntityID']) if vlan_perm: vlan['assignedTo'] = tenant_id updated_vlan_list.append(vlan) return updated_vlan_list else: # Now get the assigned tenant_id for each vlan and update vlan in # place for vlan in vlan_list: vlan_perm = gw_helper.get_tenant_perm(self.restproxy, vlan['ID']) if vlan_perm: vlan['assignedTo'] = vlan_perm['permittedEntityName'] return vlan_list