Example #1
0
 def allowed(self, request):
     try:
         return api.is_extension_supported(request, 'extraroute')
     except Exception:
         LOG.info(_("Failed to check if Neutron extraroute extension is "
                    "supported"))
         return False
def _firewall_list(request, expand_policy, expand_router, **kwargs):
    firewalls = neutronclient(request).list_firewalls(
        **kwargs).get('firewalls')

    if expand_policy and firewalls:
        policies = _policy_list(request, expand_rule=False)
        policy_dict = OrderedDict((p.id, p) for p in policies)
        for fw in firewalls:
            fw['policy'] = policy_dict.get(fw['firewall_policy_id'])

    if expand_router and firewalls:
        if neutron.is_extension_supported(request, 'fwaasrouterinsertion'):
            filter_params = {}
            if 'tenant_id' in kwargs:
                filter_params['tenant_id'] = kwargs['tenant_id']
            routers = neutron.router_list(request, **filter_params)
            router_dict = dict((r.id, r) for r in routers)

            def _get_router(router_id):
                try:
                    return router_dict[router_id]
                except KeyError:
                    return neutron.Router({'id': router_id, 'name': ''})

            for fw in firewalls:
                fw['routers'] = [
                    _get_router(router_id) for router_id in fw['router_ids']
                ]
        else:
            for fw in firewalls:
                fw['routers'] = fw['router_ids']

    return [Firewall(f) for f in firewalls]
Example #3
0
 def allowed(self, request):
     try:
         return api.is_extension_supported(request, 'extraroute')
     except Exception as e:
         LOG.info("Failed to check if Neutron extraroute extension is "
                  "supported: %s", e)
         return False
Example #4
0
 def allowed(self, request):
     try:
         return (base.is_service_enabled(request, 'network') and
                 neutron.is_extension_supported(request, 'agent'))
     except Exception:
         exceptions.handle(request, _('Unable to get network agents info.'))
         return False
Example #5
0
 def allowed(self, request):
     try:
         return (base.is_service_enabled(request, 'network')
                 and neutron.is_extension_supported(request, 'agent'))
     except Exception:
         exceptions.handle(request, _('Unable to get network agents info.'))
         return False
Example #6
0
def _firewall_get(request,
                  firewall_id,
                  expand_policy=True,
                  expand_router=True):
    firewall = neutronclient(request).show_firewall(firewall_id).get(
        'firewall')
    if expand_policy:
        policy_id = firewall['firewall_policy_id']
        if policy_id:
            firewall['policy'] = _policy_get(request,
                                             policy_id,
                                             expand_rule=False)
        else:
            firewall['policy'] = None
    if expand_router:
        if neutron.is_extension_supported(request, 'fwaasrouterinsertion'):
            router_ids = firewall['router_ids']
            if router_ids:
                firewall['routers'] = neutron.router_list(request,
                                                          id=router_ids)
            else:
                firewall['routers'] = []
        else:
            firewall['routers'] = []
    return Firewall(firewall)
Example #7
0
def get_disabled_quotas(request):
    disabled_quotas = []

    # Cinder
    if not base.is_service_enabled(request, 'volume'):
        disabled_quotas.extend(CINDER_QUOTA_FIELDS)

    # Neutron
    if not base.is_service_enabled(request, 'network'):
        disabled_quotas.extend(NEUTRON_QUOTA_FIELDS)
    else:
        # Remove the nova network quotas
        disabled_quotas.extend(['floating_ips', 'fixed_ips'])

        if neutron.is_extension_supported(request, 'security-group'):
            # If Neutron security group is supported, disable Nova quotas
            disabled_quotas.extend(['security_groups', 'security_group_rules'])
        else:
            # If Nova security group is used, disable Neutron quotas
            disabled_quotas.extend(['security_group', 'security_group_rule'])

        try:
            if not neutron.is_quotas_extension_supported(request):
                disabled_quotas.extend(NEUTRON_QUOTA_FIELDS)
        except Exception:
            LOG.exception("There was an error checking if the Neutron "
                          "quotas extension is enabled.")

    return disabled_quotas
Example #8
0
def get_disabled_quotas(request):
    # We no longer supports nova network, so we always disable
    # network related nova quota fields.
    disabled_quotas = set()

    # Cinder
    if not cinder.is_volume_service_enabled(request):
        disabled_quotas.update(CINDER_QUOTA_FIELDS)

    # Neutron
    if not base.is_service_enabled(request, 'network'):
        disabled_quotas.update(NEUTRON_QUOTA_FIELDS)
    else:
        if not neutron.is_extension_supported(request, 'security-group'):
            disabled_quotas.update(['security_group', 'security_group_rule'])

        if not neutron.is_router_enabled(request):
            disabled_quotas.update(['router', 'floatingip'])

        try:
            if not neutron.is_quotas_extension_supported(request):
                disabled_quotas.update(NEUTRON_QUOTA_FIELDS)
        except Exception:
            LOG.exception("There was an error checking if the Neutron "
                          "quotas extension is enabled.")

    # Nova
    if not (base.is_service_enabled(request, 'compute') and
            nova.can_set_quotas()):
        disabled_quotas.update(NOVA_QUOTA_FIELDS)

    # There appear to be no glance quota fields currently
    return disabled_quotas
Example #9
0
def get_disabled_quotas(request):
    # We no longer supports nova network, so we always disable
    # network related nova quota fields.
    disabled_quotas = set()

    # Cinder
    if not cinder.is_volume_service_enabled(request):
        disabled_quotas.update(CINDER_QUOTA_FIELDS)

    # Neutron
    if not base.is_service_enabled(request, 'network'):
        disabled_quotas.update(NEUTRON_QUOTA_FIELDS)
    else:
        if not neutron.is_extension_supported(request, 'security-group'):
            disabled_quotas.update(['security_group', 'security_group_rule'])

        if not neutron.is_router_enabled(request):
            disabled_quotas.update(['router', 'floatingip'])

        try:
            if not neutron.is_quotas_extension_supported(request):
                disabled_quotas.update(NEUTRON_QUOTA_FIELDS)
        except Exception:
            LOG.exception("There was an error checking if the Neutron "
                          "quotas extension is enabled.")

    # Nova
    if not (base.is_service_enabled(request, 'compute')
            and nova.can_set_quotas()):
        disabled_quotas.update(NOVA_QUOTA_FIELDS)

    # There appear to be no glance quota fields currently
    return disabled_quotas
Example #10
0
 def allowed(self, context):
     request = context['request']
     try:
         return (super().allowed(context)
                 and request.user.has_perms(self.permissions)
                 and neutron.is_extension_supported(
                     request, extension_alias='trunk'))
     except Exception:
         LOG.error("Call to list enabled services failed. This is likely "
                   "due to a problem communicating with the Neutron "
                   "endpoint. Trunks panel will not be displayed.")
         return False
Example #11
0
 def allowed(self, context):
     request = context['request']
     network_config = settings.OPENSTACK_NEUTRON_NETWORK
     try:
         return (network_config['enable_rbac_policy']
                 and neutron.is_extension_supported(
                     request, extension_alias='rbac-policies'))
     except Exception:
         LOG.error("Call to list enabled services failed. This is likely "
                   "due to a problem communicating with the Neutron "
                   "endpoint. RBAC Policies panel will not be displayed.")
         return False
Example #12
0
 def allowed(self, context):
     request = context['request']
     try:
         return (
             super(NetworkQoS, self).allowed(context) and
             request.user.has_perms(self.permissions) and
             neutron.is_extension_supported(request, extension_alias='qos')
         )
     except Exception:
         LOG.error("Call to list enabled services failed. This is likely "
                   "due to a problem communicating with the Neutron "
                   "endpoint. Neutron QoS panel will not be displayed.")
         return False
Example #13
0
def check_ext_raise_exc(request):
    """Check if bsn-service-extension for bsn_service_plugin is enabled.

    If not, raise an exception with appropriate message to enabled the
    bsn_service_plugin

    :param request:
    :return: None
    """
    if not neutron.is_extension_supported(request, "bsn-service-extension"):
        raise Exception("bsn_service_plugin extension is not enabled in "
                        "neutron.conf service_plugins. Please update and "
                        "restart neutron server.")
Example #14
0
    def __init__(self, request):
        neutron_enabled = base.is_service_enabled(request, 'network')

        if neutron_enabled:
            self.floating_ips = neutron.FloatingIpManager(request)
        else:
            self.floating_ips = nova.FloatingIpManager(request)

        if (neutron_enabled and
                neutron.is_extension_supported(request, 'security-group')):
            self.secgroups = neutron.SecurityGroupManager(request)
        else:
            self.secgroups = nova.SecurityGroupManager(request)
Example #15
0
    def __init__(self, request):
        neutron_enabled = base.is_service_enabled(request, 'network')

        if neutron_enabled:
            self.floating_ips = neutron.FloatingIpManager(request)
        else:
            self.floating_ips = nova.FloatingIpManager(request)

        if (neutron_enabled and
                neutron.is_extension_supported(request, 'security-group')):
            self.secgroups = neutron.SecurityGroupManager(request)
        else:
            self.secgroups = nova.SecurityGroupManager(request)
Example #16
0
    def test_firewall_get(self):
        exp_firewall = self.firewalls.first()
        ret_dict = {'firewall': self.api_firewalls.first()}
        policy_dict = {'firewall_policy': self.api_fw_policies.first()}

        neutronclient.show_firewall(exp_firewall.id).AndReturn(ret_dict)
        neutronclient.show_firewall_policy(
            exp_firewall.firewall_policy_id).AndReturn(policy_dict)
        api_neutron.is_extension_supported(mox.IsA(
            http.HttpRequest), 'fwaasrouterinsertion').AndReturn(True)
        api_neutron.router_list(mox.IsA(http.HttpRequest),
                                id=exp_firewall.router_ids).AndReturn(
                                    exp_firewall.routers)
        self.mox.ReplayAll()

        ret_val = api_fwaas.firewall_get(self.request, exp_firewall.id)
        self._assert_firewall_return_value(ret_val, exp_firewall)
        self.assertEqual(exp_firewall.router_ids, ret_val.router_ids)
        self.assertEqual(exp_firewall.router_ids,
                         [r.id for r in ret_val.routers])
        self.assertEqual([r.name for r in exp_firewall.routers],
                         [r.name for r in ret_val.routers])
Example #17
0
def get_disabled_quotas(request, targets=None):
    if targets:
        if set(targets) - QUOTA_FIELDS:
            raise ValueError('Unknown quota field names are included: %s' %
                             set(targets) - QUOTA_FIELDS)
        candidates = set(targets)
    else:
        candidates = QUOTA_FIELDS

    # We no longer supports nova network, so we always disable
    # network related nova quota fields.
    disabled_quotas = set()

    # Cinder
    if candidates & CINDER_QUOTA_FIELDS:
        if not cinder.is_volume_service_enabled(request):
            disabled_quotas.update(CINDER_QUOTA_FIELDS)

    # Neutron
    if not (candidates & NEUTRON_QUOTA_FIELDS):
        pass
    elif not base.is_service_enabled(request, 'network'):
        disabled_quotas.update(NEUTRON_QUOTA_FIELDS)
    else:
        if ({'security_group', 'security_group_rule'} & candidates and
                not neutron.is_extension_supported(request, 'security-group')):
            disabled_quotas.update(['security_group', 'security_group_rule'])

        if ({'router', 'floatingip'} & candidates
                and not neutron.is_router_enabled(request)):
            disabled_quotas.update(['router', 'floatingip'])

        try:
            if not neutron.is_quotas_extension_supported(request):
                disabled_quotas.update(NEUTRON_QUOTA_FIELDS)
        except Exception:
            LOG.exception("There was an error checking if the Neutron "
                          "quotas extension is enabled.")

    # Nova
    if candidates & NOVA_QUOTA_FIELDS:
        if not (base.is_service_enabled(request, 'compute')
                and nova.can_set_quotas()):
            disabled_quotas.update(NOVA_QUOTA_FIELDS)

    enabled_quotas = candidates - disabled_quotas
    disabled_quotas = set(QUOTA_FIELDS) - enabled_quotas

    # There appear to be no glance quota fields currently
    return disabled_quotas
Example #18
0
 def allowed(self, context):
     request = context['request']
     network_config = getattr(settings, 'OPENSTACK_NEUTRON_NETWORK', {})
     try:
         return (
             network_config.get('enable_rbac_policy', True) and
             neutron.is_extension_supported(request,
                                            extension_alias='rbac-policies')
         )
     except Exception:
         LOG.error("Call to list enabled services failed. This is likely "
                   "due to a problem communicating with the Neutron "
                   "endpoint. RBAC Policies panel will not be displayed.")
         return False
Example #19
0
    def __init__(self, request):
        # TODO(amotoki): neutron check needs to be dropped.
        # The network API wrapper can depend on neutron.
        neutron_enabled = base.is_service_enabled(request, 'network')

        if neutron_enabled:
            self.floating_ips = neutron.FloatingIpManager(request)
        else:
            self.floating_ips = None

        if (neutron_enabled
                and neutron.is_extension_supported(request, 'security-group')):
            self.secgroups = neutron.SecurityGroupManager(request)
        else:
            self.secgroups = None
Example #20
0
 def _get_agents_data(self, network):
     agents = []
     data = _("Unknown")
     try:
         if neutron.is_extension_supported(self.request,
                                           'dhcp_agent_scheduler'):
             # This method is called for each network. If agent-list cannot
             # be retrieved, we will see many pop-ups. So the error message
             # will be popup-ed in get_data() below.
             agents = neutron.list_dhcp_agent_hosting_networks(
                 self.request, network)
             data = len(agents)
     except Exception:
         self.exception = True
     return data
Example #21
0
 def allowed(self, context):
     request = context['request']
     if not request.user.has_perms(self.permissions):
         return False
     try:
         if not neutron.is_extension_supported(request, 'vpnaas'):
             return False
     except Exception:
         LOG.error("Call to list enabled services failed. This is likely "
                   "due to a problem communicating with the Neutron "
                   "endpoint. VPN panel will not be displayed.")
         return False
     if not super(VPN, self).allowed(context):
         return False
     return True
Example #22
0
 def allowed(self, context):
     request = context['request']
     if not request.user.has_perms(self.permissions):
         return False
     try:
         if not neutron.is_extension_supported(request, 'fwaas'):
             return False
     except Exception:
         LOG.error("Call to list enabled services failed. This is likely "
                   "due to a problem communicating with the Neutron "
                   "endpoint. Firewalls panel will not be displayed.")
         return False
     if not super(Firewall, self).allowed(context):
         return False
     return True
Example #23
0
def _get_tenant_network_usages(request, usages, disabled_quotas, tenant_id):
    enabled_quotas = NEUTRON_QUOTA_FIELDS - disabled_quotas
    if not enabled_quotas:
        return

    if neutron.is_extension_supported(request, 'quota_details'):
        details = neutron.tenant_quota_detail_get(request, tenant_id)
        for quota_name in NEUTRON_QUOTA_FIELDS:
            if quota_name in disabled_quotas:
                continue
            detail = details[quota_name]
            usages.add_quota(base.Quota(quota_name, detail['limit']))
            usages.tally(quota_name, detail['used'] + detail['reserved'])
    else:
        _get_tenant_network_usages_legacy(request, usages, disabled_quotas,
                                          tenant_id)
Example #24
0
def _get_tenant_network_usages(request, usages, disabled_quotas, tenant_id):
    enabled_quotas = NEUTRON_QUOTA_FIELDS - disabled_quotas
    if not enabled_quotas:
        return

    if neutron.is_extension_supported(request, 'quota_details'):
        details = neutron.tenant_quota_detail_get(request, tenant_id)
        for quota_name in NEUTRON_QUOTA_FIELDS:
            if quota_name in disabled_quotas:
                continue
            detail = details[quota_name]
            usages.add_quota(base.Quota(quota_name, detail['limit']))
            usages.tally(quota_name, detail['used'] + detail['reserved'])
    else:
        _get_tenant_network_usages_legacy(
            request, usages, disabled_quotas, tenant_id)
Example #25
0
def get_disabled_quotas(request):
    disabled_quotas = set([])

    # Cinder
    if not cinder.is_volume_service_enabled(request):
        disabled_quotas.update(CINDER_QUOTA_FIELDS)

    # Neutron
    if not base.is_service_enabled(request, 'network'):
        disabled_quotas.update(NEUTRON_QUOTA_FIELDS)
    else:
        # Remove the nova network quotas
        disabled_quotas.update(['floating_ips', 'fixed_ips'])

        if neutron.is_extension_supported(request, 'security-group'):
            # If Neutron security group is supported, disable Nova quotas
            disabled_quotas.update(['security_groups', 'security_group_rules'])
        else:
            # If Nova security group is used, disable Neutron quotas
            disabled_quotas.update(['security_group', 'security_group_rule'])

        if not neutron.is_router_enabled(request):
            disabled_quotas.update(['router', 'floatingip'])

        try:
            if not neutron.is_quotas_extension_supported(request):
                disabled_quotas.update(NEUTRON_QUOTA_FIELDS)
        except Exception:
            LOG.exception("There was an error checking if the Neutron "
                          "quotas extension is enabled.")

    # Nova
    if not (base.is_service_enabled(request, 'compute') and
            nova.can_set_quotas()):
        disabled_quotas.update(NOVA_QUOTA_FIELDS)
        # The 'missing' quota fields are all nova (this is hardcoded in
        # dashboards.admin.defaults.workflows)
        disabled_quotas.update(MISSING_QUOTA_FIELDS)

    # There appear to be no glance quota fields currently
    return disabled_quotas
Example #26
0
 def allowed(self, request):
     try:
         return base.is_service_enabled(request, "network") and neutron.is_extension_supported(request, "agent")
     except Exception:
         exceptions.handle(request, _("Unable to get network agents info."))
         return False