def update_router(self, context, id, router): with context.session.begin(subtransactions=True): # REVISIT(yamamoto): Updating external_gateway_info causes # create_port/delete_port. This should not call them inside of # a transaction. setattr(context, 'GUARD_TRANSACTION', False) r = super(MidonetL3ServicePlugin, self).update_router(context, id, router) self._validate_router_gw_network(context, r) self.client.update_router_precommit(context, id, r) try: self.client.update_router_postcommit(id, r) if r['status'] != m_const.ROUTER_STATUS_ACTIVE: data = {'router': {'status': m_const.ROUTER_STATUS_ACTIVE}} r = super(MidonetL3ServicePlugin, self).update_router(context, id, data) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to update a router %(r_id)s in MidoNet: " "%(err)s"), { "r_id": id, "err": ex }) try: data = {'router': {'status': m_const.ROUTER_STATUS_ERROR}} super(MidonetL3ServicePlugin, self).update_router(context, id, data) except Exception: LOG.exception( _LE("Failed to update a router " "status %s"), id) return r
def create_router(self, context, router): with context.session.begin(subtransactions=True): # REVISIT(yamamoto): This should not call create_port inside # of a transaction. setattr(context, 'GUARD_TRANSACTION', False) r = super(MidonetL3ServicePlugin, self).create_router(context, router) self._validate_router_gw_network(context, r) self.client.create_router_precommit(context, r) try: self.client.create_router_postcommit(r) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to create a router %(r_id)s in Midonet:" "%(err)s"), { "r_id": r["id"], "err": ex }) try: self.delete_router(context, r['id']) except Exception: LOG.exception(_LE("Failed to delete a router %s"), r["id"]) return r
def update_gateway_device(self, context, id, gateway_device): backup = self.get_gateway_device(context, id) del backup['id'] del backup['remote_mac_entries'] backup_body = {'gateway_device': backup} with context.session.begin(subtransactions=True): gw = super(MidonetGwDeviceServicePlugin, self).update_gateway_device(context, id, gateway_device) self.client.update_gateway_device_precommit(context, id, gw) try: self.client.update_gateway_device_postcommit(id, gw) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to update a gateway " "device %(gw_id)s in Midonet:" "%(err)s"), {"gw_id": gw["id"], "err": ex}) try: super(MidonetGwDeviceServicePlugin, self).update_gateway_device( context, gw['id'], backup_body) except Exception: LOG.exception(_LE("Failed to update a gateway " "device for rollback %s"), gw["id"]) return gw
def update_router(self, context, id, router): with context.session.begin(subtransactions=True): r = super(MidonetL3ServicePlugin, self).update_router(context, id, router) self._validate_router_gw_network(context, r) self.client.update_router_precommit(context, id, r) try: self.client.update_router_postcommit(id, r) if r['status'] != m_const.ROUTER_STATUS_ACTIVE: data = {'router': {'status': m_const.ROUTER_STATUS_ACTIVE}} r = super(MidonetL3ServicePlugin, self).update_router(context, id, data) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to update a router %(r_id)s in MidoNet: " "%(err)s"), {"r_id": id, "err": ex}) try: data = {'router': {'status': m_const.ROUTER_STATUS_ERROR}} super(MidonetL3ServicePlugin, self).update_router(context, id, data) except Exception: LOG.exception(_LE("Failed to update a router " "status %s"), id) return r
def create_gateway_device_remote_mac_entry(self, context, remote_mac_entry, gateway_device_id): gw_device = self._get_gateway_device(context, gateway_device_id) if gw_device.type == gateway_device.NETWORK_VLAN_TYPE: raise gateway_device.OperationRemoteMacEntryNotSupported( type=gateway_device.NETWORK_VLAN_TYPE) with context.session.begin(subtransactions=True): rme = super(MidonetGwDeviceServicePlugin, self).create_gateway_device_remote_mac_entry( context, gateway_device_id, remote_mac_entry) self.client.create_gateway_device_remote_mac_entry_precommit( context, rme) try: self.client.create_gateway_device_remote_mac_entry_postcommit(rme) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a remote mac entry " "%(rme_id)s for %(gw_id)s in Midonet:%(err)s"), {"rme_id": rme["id"], "gw_id": gateway_device_id, "err": ex}) try: super(MidonetGwDeviceServicePlugin, self).delete_gateway_device_remote_mac_entry( context, rme["id"], gateway_device_id) except Exception: LOG.exception(_LE("Failed to delete a " "remote mac entry %s"), rme["id"]) return rme
def update_floatingip(self, context, id, floatingip): with context.session.begin(subtransactions=True): fip = super(MidonetL3ServicePlugin, self).update_floatingip(context, id, floatingip) self.client.update_floatingip_precommit(context, id, fip) # Update status based on association if fip.get('port_id') is None: fip['status'] = n_const.FLOATINGIP_STATUS_DOWN else: fip['status'] = n_const.FLOATINGIP_STATUS_ACTIVE self.update_floatingip_status(context, id, fip['status']) try: self.client.update_floatingip_postcommit(id, fip) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to update a floating ip " "%(fip_id)s in MidoNet: " "%(err)s"), { "fip_id": id, "err": ex }) try: self.update_floatingip_status( context, id, n_const.FLOATINGIP_STATUS_ERROR) except Exception: LOG.exception( _LE("Failed to update floating ip " "status %s"), id) return fip
def create_agent_membership(self, context, agent_membership): LOG.debug("MidonetPluginV2.create_agent_membership called: " " %(agent_membership)r", {'agent_membership': agent_membership}) with context.session.begin(subtransactions=True): am = super(MidonetPluginV2, self).create_agent_membership( context, agent_membership) self.client.create_agent_membership_precommit(context, am) try: self.client.create_agent_membership_postcommit(am) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create agent membership. am: %(am)r, " "error: %(err)s"), {'am': am, 'err': ex}) try: self.delete_agent_membership(context, am['id']) except Exception: LOG.exception(_LE("Failed to delete " "an agent membership %s"), am['id']) LOG.debug("MidonetPluginV2.create_agent_membership exiting: " "%(agent_membership)r", {'agent_membership': am}) return am
def create_network(self, context, network): LOG.debug('MidonetMixin.create_network called: network=%r', network) net_data = network['network'] tenant_id = net_data['tenant_id'] net_data['tenant_id'] = tenant_id self._ensure_default_security_group(context, tenant_id) with context.session.begin(subtransactions=True): net = super(MidonetMixin, self).create_network(context, network) net_data['id'] = net['id'] self._process_l3_create(context, net, net_data) self.client.create_network_precommit(context, net) try: self.client.create_network_postcommit(net) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a network %(net_id)s " "in Midonet: %(err)s"), {"net_id": net["id"], "err": ex}) try: self.delete_network(context, net['id']) except Exception: LOG.exception(_LE("Failed to delete network %s"), net['id']) LOG.debug("MidonetMixin.create_network exiting: net=%r", net) return net
def _validate_vip_subnet(self, context, vip): subnet = self.core_plugin._get_subnet(context, vip["subnet_id"]) pool = self.plugin.get_pool(context, vip["pool_id"]) # VIP and pool must not be on the same subnet if pool is associated # with a health monitor. Health monitor would not work in that case. if pool["health_monitors"] and pool["subnet_id"] == subnet["id"]: msg = _LE("The VIP and pool cannot be on the same subnet if " "health monitor is associated") raise n_exc.BadRequest(resource="vip", msg=msg) if not self._is_subnet_external(context, subnet): return # ensure that if the vip subnet is public, the router has its # gateway set. router_id = self._get_router_from_pool(context, pool) # router_id should never be None because it was already validated # when we created the pool assert router_id is not None l3plugin = manager.NeutronManager.get_service_plugins().get(service_constants.L3_ROUTER_NAT) router = l3plugin._get_router(context, router_id) if router.get("gw_port_id") is None: msg = _LE("The router must have its gateway set if the " "VIP subnet is external") raise n_exc.BadRequest(resource="vip", msg=msg)
def create_subnet(self, context, subnet): LOG.debug("MidonetPluginV2.create_subnet called: subnet=%r", subnet) with context.session.begin(subtransactions=True): s = super(MidonetPluginV2, self).create_subnet(context, subnet) self.extension_manager.process_create_subnet( context, subnet['subnet'], s) self.client.create_subnet_precommit(context, s) try: self.client.create_subnet_postcommit(s) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to create a subnet %(s_id)s in Midonet:" "%(err)s"), { "s_id": s["id"], "err": ex }) try: self.delete_subnet(context, s['id']) except Exception: LOG.exception(_LE("Failed to delete subnet %s"), s['id']) LOG.debug("MidonetPluginV2.create_subnet exiting: subnet=%r", s) return s
def create_agent_membership(self, context, agent_membership): LOG.debug( "MidonetPluginV2.create_agent_membership called: " " %(agent_membership)r", {'agent_membership': agent_membership}) with context.session.begin(subtransactions=True): am = super(MidonetPluginV2, self).create_agent_membership(context, agent_membership) self.client.create_agent_membership_precommit(context, am) try: self.client.create_agent_membership_postcommit(am) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to create agent membership. am: %(am)r, " "error: %(err)s"), { 'am': am, 'err': ex }) try: self.delete_agent_membership(context, am['id']) except Exception: LOG.exception( _LE("Failed to delete " "an agent membership %s"), am['id']) LOG.debug( "MidonetPluginV2.create_agent_membership exiting: " "%(agent_membership)r", {'agent_membership': am}) return am
def create_security_group_rule(self, context, security_group_rule): LOG.debug( "MidonetPluginV2.create_security_group_rule called: " "security_group_rule=%(security_group_rule)r", {'security_group_rule': security_group_rule}) with context.session.begin(subtransactions=True): rule = super(MidonetPluginV2, self).create_security_group_rule( context, security_group_rule) self.client.create_security_group_rule_precommit(context, rule) try: self.client.create_security_group_rule_postcommit(rule) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error( _LE('Failed to create security group rule %(sg)s,' 'error: %(err)s'), { 'sg': rule, 'err': ex }) try: self.delete_security_group_rule(context, rule['id']) except Exception: LOG.exception( _LE("Failed to delete " "a security group rule %s"), rule['id']) LOG.debug( "MidonetPluginV2.create_security_group_rule exiting: " "rule=%r", rule) return rule
def create_security_group_rule(self, context, security_group_rule): LOG.debug("MidonetMixin.create_security_group_rule called: " "security_group_rule=%(security_group_rule)r", {'security_group_rule': security_group_rule}) with context.session.begin(subtransactions=True): rule = super(MidonetMixin, self).create_security_group_rule( context, security_group_rule) self.client.create_security_group_rule_precommit(context, rule) try: self.client.create_security_group_rule_postcommit(rule) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE('Failed to create security group rule %(sg)s,' 'error: %(err)s'), {'sg': rule, 'err': ex}) try: self.delete_security_group_rule(context, rule['id']) except Exception: LOG.exception(_LE("Failed to delete " "a security group rule %s"), rule['id']) LOG.debug("MidonetMixin.create_security_group_rule exiting: rule=%r", rule) return rule
def update_vip(self, context, old_vip, new_vip): LOG.debug("MidonetLoadbalancerDriver.update_vip called: " "old_vip=%(old_vip)r, new_vip=%(new_vip)r", {'old_vip': old_vip, 'new_vip': new_vip}) try: self._validate_vip_subnet(context, new_vip) except n_exc.NeutronException as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to update a vip %(vip_id)s in Midonet: " "%(err)s"), {"vip_id": old_vip["id"], "err": ex}) try: self.plugin.update_status(context, ldb.Vip, old_vip["id"], constants.ERROR) except Exception: LOG.exception(_LE("Failed to update vip status %s"), old_vip['id']) self.client.update_vip(context, old_vip['id'], new_vip) self.plugin.update_status(context, ldb.Vip, old_vip["id"], constants.ACTIVE) LOG.debug("MidonetLoadbalancerDriver.update_vip exiting: " "old_vip=%(old_vip)r, new_vip=%(new_vip)r", {'old_vip': old_vip, 'new_vip': new_vip})
def create_pool_health_monitor(self, context, health_monitor, pool_id): LOG.debug("MidonetLoadbalancerDriver.create_pool_health_monitor " "called: hm=%(health_monitor)r, pool_id=%(pool_id)r", {'health_monitor': health_monitor, 'pool_id': pool_id}) try: self._validate_pool_hm_assoc(context, pool_id, health_monitor['id']) except n_exc.NeutronException as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a pool-hm association " "in Midonet: pool=%(pool_id)s, hm=%(hm_id)s, " "%(err)s"), {"pool_id": pool_id, "hm_id": health_monitor['id'], "err": ex}) try: self.plugin._delete_db_pool_health_monitor( context, health_monitor['id'], pool_id) except Exception: LOG.exception(_LE("Failed to delete pool-hm association:" "pool_id=%(pool_id)s, hm_id=%(hm_id)s"), {"pool_id": pool_id, "hm_id": health_monitor['id']}) self.client.create_health_monitor(context, health_monitor) self.plugin.update_pool_health_monitor(context, health_monitor['id'], pool_id, constants.ACTIVE, "") LOG.debug("MidonetLoadbalancerDriver.create_pool_health_monitor " "exiting: %(health_monitor)r, %(pool_id)r", {'health_monitor': health_monitor, 'pool_id': pool_id})
def create_security_group(self, context, security_group, default_sg=False): LOG.debug("MidonetMixin.create_security_group called: " "security_group=%(security_group)s " "default_sg=%(default_sg)s ", {'security_group': security_group, 'default_sg': default_sg}) sg = security_group.get('security_group') tenant_id = sg['tenant_id'] if not default_sg: self._ensure_default_security_group(context, tenant_id) # Create the Neutron sg first with context.session.begin(subtransactions=True): sg = super(MidonetMixin, self).create_security_group( context, security_group, default_sg) self.client.create_security_group_precommit(context, sg) try: self.client.create_security_group_postcommit(sg) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create MidoNet resources for " "sg %(sg)r, error=%(err)r"), {"sg": sg, "err": ex}) try: self.delete_security_group(context, sg['id']) except Exception: LOG.exception(_LE("Failed to delete a security group %s"), sg['id']) LOG.debug("MidonetMixin.create_security_group exiting: sg=%r", sg) return sg
def create_l2_gateway_connection(self, context, l2_gateway_connection): l2_gw_conn = (l2gw_db.MidonetL2GatewayMixin. create_l2_gateway_connection(self, context, l2_gateway_connection)) # Copy over the ID so that the MidoNet driver knows about it. ID is # necessary for MidoNet to process its translation. gw_connection = l2_gateway_connection[self.connection_resource] gw_connection["id"] = l2_gw_conn["id"] try: self._get_driver_for_provider(mido_const.MIDONET_L2GW_PROVIDER ).create_l2_gateway_connection( context, l2_gateway_connection) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a l2 gateway connection " "%(gw_conn_id)s in Midonet:%(err)s"), {"gw_conn_id": l2_gw_conn["id"], "err": ex}) try: l2gw_db.MidonetL2GatewayMixin.delete_l2_gateway_connection( self, context, l2_gw_conn["id"]) except Exception: LOG.exception(_LE("Failed to delete a l2 gateway conn %s"), l2_gw_conn["id"]) return l2_gw_conn
def create_port(self, context, port): LOG.debug("MidonetMixin.create_port called: port=%r", port) port_data = port['port'] # REVISIT(yamamoto): this nested transaction is a workaround # for bug #1490917. with db_api.autonested_transaction(context.session): # Create a Neutron port new_port = super(MidonetMixin, self).create_port(context, port) # Do not create a gateway port if it has no IP address assigned as # MidoNet does not yet handle this case. if (new_port.get('device_owner') == n_const.DEVICE_OWNER_ROUTER_GW and not new_port['fixed_ips']): msg = (_("No IPs assigned to the gateway port for" " router %s") % port_data['device_id']) raise n_exc.BadRequest(resource='router', msg=msg) dhcp_opts = port['port'].get(edo_ext.EXTRADHCPOPTS, []) # Make sure that the port created is valid if "id" not in new_port: raise n_exc.BadRequest(resource='port', msg="Invalid port created") # Update fields port_data.update(new_port) # Bind security groups to the port self._ensure_default_security_group_on_port(context, port) sg_ids = self._get_security_groups_on_port(context, port) self._process_port_create_security_group(context, new_port, sg_ids) # Process port bindings self._process_portbindings_create_and_update(context, port_data, new_port) self._process_port_create_extra_dhcp_opts(context, new_port, dhcp_opts) self.client.create_port_precommit(context, new_port) try: self.client.create_port_postcommit(new_port) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a port %(new_port)s: %(err)s"), {"new_port": new_port, "err": ex}) try: self.delete_port(context, new_port['id'], l3_port_check=False) except Exception: LOG.exception(_LE("Failed to delete port %s"), new_port['id']) LOG.debug("MidonetMixin.create_port exiting: port=%r", new_port) return new_port
def create_security_group(self, resource, event, trigger, **kwargs): sg = kwargs.get('security_group') try: self.client.create_security_group_postcommit(sg) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a security group %(sg_id)s " "in Midonet: %(err)s"), {"sg_id": sg["id"], "err": ex}) try: self.client.delete_security_group_postcommit(sg["id"]) except Exception: LOG.exception(_LE("Failed to delete security group %s"), sg['id'])
def _check_and_get_router_id_for_pool(self, context, subnet_id): subnet = self.core_plugin._get_subnet(context, subnet_id) # Check whether the network is external if self._is_subnet_external(context, subnet): msg = _LE("pool subnet must not be public") raise n_exc.BadRequest(resource="pool", msg=msg) router_id = self._get_router_from_subnet(context, subnet) if not router_id: msg = _LE("pool subnet must be associated with router") raise n_exc.BadRequest(resource="pool", msg=msg) return router_id
def _validate_pool_hm_assoc(self, context, pool_id, hm_id): pool = self.plugin.get_pool(context, pool_id) assoc = next((x for x in pool["health_monitors"] if x != hm_id), None) # There is an association with a different health monitor if assoc: msg = _LE("The pool is already associated with a different " "health monitor") raise n_exc.BadRequest(resource="pool_monitor_association", msg=msg) # When associating health monitor, the subnet of VIP and Pool must not # match if pool["vip_id"]: vip = self.plugin.get_vip(context, pool["vip_id"]) if vip["subnet_id"] == pool["subnet_id"]: msg = _LE("The VIP and pool cannot be on the same subnet if " "health monitor is associated") raise n_exc.BadRequest(resource="pool_monitor_association", msg=msg)
def update_vpnservice(self, context, old_vpnservice, vpnservice): try: self.client.update_vpn_service(context, vpnservice['id'], vpnservice) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to update a vpn_service %(service_id)s " "in MidoNet: %(err)s"), {"service_id": vpnservice["id"], "err": ex}) try: self.update_vpn_service_status( context, vpnservice['id'], const.ERROR) except Exception: LOG.exception(_LE("Failed to update vpn_service status " "%s"), vpnservice['id'])
def delete_ipsec_site_connection(self, context, ipsec_site_connection): try: self.client.delete_ipsec_site_conn( context, ipsec_site_connection['id']) except Exception: LOG.error(_LE("Failed to delete ipsec_site_connection %s"), ipsec_site_connection['id'])
def add_router_interface(self, context, router_id, interface_info): by_port = bool(interface_info.get('port_id')) with context.session.begin(subtransactions=True): # REVISIT(yamamoto): This should not call create_port/update_port # inside of a transaction. setattr(context, 'GUARD_TRANSACTION', False) info = super(MidonetL3ServicePlugin, self).add_router_interface(context, router_id, interface_info) self._validate_network_type(context, info['network_id']) self.client.add_router_interface_precommit(context, router_id, info) try: self.client.add_router_interface_postcommit(router_id, info) except Exception as ex: LOG.error( _LE("Failed to create MidoNet resources to add router " "interface. info=%(info)s, router_id=%(router_id)s, " "error=%(err)r"), { "info": info, "router_id": router_id, "err": ex }) with excutils.save_and_reraise_exception(): if not by_port: self.remove_router_interface(context, router_id, info) return info
def add_router_interface(self, context, router_id, interface_info): LOG.debug("MidonetMixin.add_router_interface called: " "router_id=%(router_id)s, interface_info=%(interface_info)r", {'router_id': router_id, 'interface_info': interface_info}) by_port = bool(interface_info.get('port_id')) with context.session.begin(subtransactions=True): info = super(MidonetMixin, self).add_router_interface( context, router_id, interface_info) self.client.add_router_interface_precommit(context, router_id, info) try: self.client.add_router_interface_postcommit(router_id, info) except Exception as ex: LOG.error(_LE("Failed to create MidoNet resources to add router " "interface. info=%(info)s, router_id=%(router_id)s, " "error=%(err)r"), {"info": info, "router_id": router_id, "err": ex}) with excutils.save_and_reraise_exception(): if not by_port: self.remove_router_interface(context, router_id, info) LOG.debug("MidonetMixin.add_router_interface exiting: info=%r", info) return info
def create_security_group_rule_bulk(self, context, security_group_rules): LOG.debug( "MidonetPluginV2.create_security_group_rule_bulk called: " "security_group_rules=%(security_group_rules)r", {'security_group_rules': security_group_rules}) with context.session.begin(subtransactions=True): rules = super(MidonetPluginV2, self).create_security_group_rule_bulk_native( context, security_group_rules) self.client.create_security_group_rule_bulk_precommit( context, rules) try: self.client.create_security_group_rule_bulk_postcommit(rules) except Exception as ex: LOG.error( _LE("Failed to create bulk security group rules %(sg)s, " "error: %(err)s"), { "sg": rules, "err": ex }) with excutils.save_and_reraise_exception(): for rule in rules: self.delete_security_group_rule(context, rule['id']) LOG.debug( "MidonetPluginV2.create_security_group_rule_bulk exiting: " "rules=%r", rules) return rules
def create_router(self, context, router): with context.session.begin(subtransactions=True): r = super(MidonetL3ServicePlugin, self).create_router(context, router) self.client.create_router_precommit(context, r) try: self.client.create_router_postcommit(r) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a router %(r_id)s in Midonet:" "%(err)s"), {"r_id": r["id"], "err": ex}) try: self.delete_router(context, r['id']) except Exception: LOG.exception(_LE("Failed to delete a router %s"), r["id"]) return r
def delete_firewall(self, context, firewall): # This method is called outside of DB transaction try: self.client.delete_firewall(context, firewall) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to delete a firewall %(fw_id)s " "in Midonet: %(err)s"), {"fw_id": firewall["id"], "err": ex}) try: self.callbacks.set_firewall_status(context, firewall['id'], const.ERROR) except Exception: LOG.exception(_LE("Failed to update firewall status %s"), firewall['id']) self.callbacks.firewall_deleted(context, firewall['id'])
def create_firewall(self, context, firewall): # This method is called outside of DB transaction try: self.client.create_firewall(context, firewall) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a firewall %(fw_id)s " "in Midonet: %(err)s"), {"fw_id": firewall["id"], "err": ex}) try: self.plugin.delete_db_firewall_object(context, firewall['id']) except Exception: LOG.exception(_LE("Failed to delete firewall %s"), firewall['id']) self._set_firewall_status_noerror(context, firewall)
def delete_security_group(self, resource, event, trigger, **kwargs): sg_id = kwargs.get('security_group_id') try: self.client.delete_security_group_postcommit(sg_id) except Exception as ex: LOG.error(_LE("Failed to a delete security group %(sg_id)s " "in Midonet: %(err)s"), {"sg_id": sg_id, "err": ex})
def delete_security_group_rule(self, resource, event, trigger, **kwargs): sgr_id = kwargs.get('security_group_rule_id') try: self.client.delete_security_group_rule_postcommit(sgr_id) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to delete a security group %(sgr_id)s " "in Midonet: %(err)s"), {"sgr_id": sgr_id, "err": ex})
def create_floatingip(self, context, floatingip): with context.session.begin(subtransactions=True): fip = super(MidonetL3ServicePlugin, self).create_floatingip( context, floatingip) self.client.create_floatingip_precommit(context, fip) try: self.client.create_floatingip_postcommit(fip) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create floating ip %(fip)s: %(err)s"), {"fip": fip, "err": ex}) try: self.delete_floatingip(context, fip['id']) except Exception: LOG.exception(_LE("Failed to delete a floating ip %s"), fip['id']) return fip
def delete_l2_gateway_connection(self, context, l2_gateway_connection): try: self.client.delete_l2_gateway_connection(context, l2_gateway_connection) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to delete a l2 Gateway Connection" "%(l2_gw_conn_id)s in Midonet: %(err)s"), {"l2_gw_conn_id": l2_gateway_connection, "err": ex})
def load_client(conf): try: client = importutils.import_object(conf.client, conf) LOG.debug("Loaded midonet client '%(client)s'", {'client': client}) return client except ImportError: with excutils.save_and_reraise_exception(): LOG.exception(_LE("Error loading midonet client '%(client)s'"), {'client': conf.client})
def create_network(self, context, network): LOG.debug('MidonetPluginV2.create_network called: network=%r', network) net_data = network['network'] tenant_id = net_data['tenant_id'] net_data['tenant_id'] = tenant_id self._ensure_default_security_group(context, tenant_id) with context.session.begin(subtransactions=True): net_db = self.create_network_db(context, network) net = self._make_network_dict(net_db, process_extensions=False, context=context) self.extension_manager.process_create_network( context, net_data, net) net_data['id'] = net['id'] self._process_l3_create(context, net, net_data) self._create_provider_network(context, net_data) self._extend_provider_network_dict(context, net) if psec.PORTSECURITY in net_data: self._process_network_port_security_create( context, net_data, net) self.client.create_network_precommit(context, net) try: self.client.create_network_postcommit(net) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to create a network %(net_id)s " "in Midonet: %(err)s"), { "net_id": net["id"], "err": ex }) try: self.delete_network(context, net['id']) except Exception: LOG.exception(_LE("Failed to delete network %s"), net['id']) self._apply_dict_extend_functions('networks', net, net_db) LOG.debug("MidonetPluginV2.create_network exiting: net=%r", net) return net
def create_vpnservice(self, context, vpnservice_dict): super(MidonetIPsecVPNDriver, self).create_vpnservice( context, vpnservice_dict) try: self.client.create_vpn_service(context, vpnservice_dict) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a vpn_service %(service_id)s " "in MidoNet: %(err)s"), {"service_id": vpnservice_dict["id"], "err": ex}) try: self.plugin.delete_vpnservice( context, vpnservice_dict['id']) except Exception: LOG.exception(_LE("Failed to delete vpn_service %s"), vpnservice_dict['id']) self.update_vpn_service_status(context, vpnservice_dict['id'], const.ACTIVE)
def unplug(self, device_name, bridge=None, namespace=None, prefix=None): # the port will be deleted by the dhcp agent that will call the plugin device = ip_lib.IPDevice(device_name, namespace=namespace) try: device.link.delete() except RuntimeError: LOG.error(_LE("Failed unplugging interface '%s'"), device_name) LOG.debug("Unplugged interface '%s'", device_name) ip_lib.IPWrapper(namespace=namespace).garbage_collect_namespace()
def update_floatingip(self, context, id, floatingip): with context.session.begin(subtransactions=True): fip = super(MidonetL3ServicePlugin, self).update_floatingip( context, id, floatingip) port_id = fip['port_id'] if port_id is not None: port = self._core_plugin.get_port(context, port_id) owner = port['device_owner'] # REVISIT(yamamoto): Empty owner is allowed for tempest and # unit tests. # NOTE(yamamoto): VIP is allowed for non MidoNet LB providers if (owner and not owner.startswith(n_const.DEVICE_OWNER_COMPUTE_PREFIX) and owner != n_const.DEVICE_OWNER_LOADBALANCER): raise n_exc.UnsupportedPortDeviceOwner( op='floatingip association', port_id=port_id, device_owner=owner) self.client.update_floatingip_precommit(context, id, fip) # Update status based on association if fip.get('port_id') is None: fip['status'] = n_const.FLOATINGIP_STATUS_DOWN else: fip['status'] = n_const.FLOATINGIP_STATUS_ACTIVE self.update_floatingip_status(context, id, fip['status']) try: self.client.update_floatingip_postcommit(id, fip) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to update a floating ip " "%(fip_id)s in MidoNet: " "%(err)s"), {"fip_id": id, "err": ex}) try: self.update_floatingip_status( context, id, n_const.FLOATINGIP_STATUS_ERROR) except Exception: LOG.exception(_LE("Failed to update floating ip " "status %s"), id) return fip
def create_subnet(self, context, subnet): LOG.debug("MidonetMixin.create_subnet called: subnet=%r", subnet) with context.session.begin(subtransactions=True): s = super(MidonetMixin, self).create_subnet(context, subnet) self.client.create_subnet_precommit(context, s) try: self.client.create_subnet_postcommit(s) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a subnet %(s_id)s in Midonet:" "%(err)s"), {"s_id": s["id"], "err": ex}) try: self.delete_subnet(context, s['id']) except Exception: LOG.exception(_LE("Failed to delete subnet %s"), s['id']) LOG.debug("MidonetMixin.create_subnet exiting: subnet=%r", s) return s
def _call_on_dict_driver(self, method_name, session, base_model, result): for driver in self.ordered_ext_drivers: try: getattr(driver.obj, method_name)(session, base_model, result) except Exception: LOG.error( _LE("Extension driver '%(name)s' failed in " "%(method)s"), { 'name': driver.name, 'method': method_name }) raise ml2_exc.ExtensionDriverError(driver=driver.name)
def create_security_group(self, context, security_group, default_sg=False): LOG.debug( "MidonetPluginV2.create_security_group called: " "security_group=%(security_group)s " "default_sg=%(default_sg)s ", { 'security_group': security_group, 'default_sg': default_sg }) sg = security_group.get('security_group') tenant_id = sg['tenant_id'] if not default_sg: self._ensure_default_security_group(context, tenant_id) # Create the Neutron sg first with context.session.begin(subtransactions=True): sg = super(MidonetPluginV2, self).create_security_group(context, security_group, default_sg) self.client.create_security_group_precommit(context, sg) try: self.client.create_security_group_postcommit(sg) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to create MidoNet resources for " "sg %(sg)r, error=%(err)r"), { "sg": sg, "err": ex }) try: self.delete_security_group(context, sg['id']) except Exception: LOG.exception(_LE("Failed to delete a security group %s"), sg['id']) LOG.debug("MidonetPluginV2.create_security_group exiting: sg=%r", sg) return sg
def create_floatingip(self, context, floatingip): with context.session.begin(subtransactions=True): # REVISIT(yamamoto): This should not call create_port inside # of a transaction. setattr(context, 'GUARD_TRANSACTION', False) fip = super(MidonetL3ServicePlugin, self).create_floatingip(context, floatingip) self.client.create_floatingip_precommit(context, fip) try: self.client.create_floatingip_postcommit(fip) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create floating ip %(fip)s: %(err)s"), { "fip": fip, "err": ex }) try: self.delete_floatingip(context, fip['id']) except Exception: LOG.exception(_LE("Failed to delete a floating ip %s"), fip['id']) return fip
def update_port(self, context, id, port): LOG.debug( "MidonetPluginV2.update_port called: id=%(id)s " "port=%(port)r", { 'id': id, 'port': port }) with context.session.begin(subtransactions=True): # update the port DB original_port = super(MidonetPluginV2, self).get_port(context, id) p = super(MidonetPluginV2, self).update_port(context, id, port) c_utils.check_update_port(original_port, p) self.extension_manager.process_update_port(context, port['port'], p) has_sg = self._check_update_has_security_groups(port) delete_sg = self._check_update_deletes_security_groups(port) if delete_sg or has_sg: # delete the port binding and read it with the new rules. self._delete_port_security_group_bindings(context, id) sg_ids = self._get_security_groups_on_port(context, port) self._process_port_create_security_group(context, p, sg_ids) self._update_extra_dhcp_opts_on_port(context, id, port, p) self._process_portbindings_create_and_update( context, port['port'], p) self._process_mido_portbindings_create_and_update( context, port['port'], p) self.update_address_pairs_on_port(context, id, port, original_port, p) self._process_port_port_security_update(context, port['port'], p) port_psec = p.get(psec.PORTSECURITY) if port_psec is False: if p.get(ext_sg.SECURITYGROUPS): raise psec.PortSecurityPortHasSecurityGroup() if p.get(addr_pair.ADDRESS_PAIRS): raise addr_pair.AddressPairAndPortSecurityRequired() # NOTE(yamamoto): Retrieve the db object to get the correct # revision context.session.flush() context.session.expire_all() p = self.get_port(context, id) self.client.update_port_precommit(context, id, p) # Set status along admin_state_up to update. if p['admin_state_up']: update_status = n_const.PORT_STATUS_ACTIVE else: update_status = n_const.PORT_STATUS_DOWN try: self.client.update_port_postcommit(id, p) data = {'port': {'status': update_status}} new_port = super(MidonetPluginV2, self).update_port(context, id, data) # prevent binding:profile information from lacking p['status'] = new_port['status'] if 'revision_number' in new_port: p['revision_number'] = new_port['revision_number'] except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error( _LE("Failed to update a port %(port_id)s in " "MidoNet: %(err)s"), { "port_id": id, "err": ex }) try: data = {'port': {'status': n_const.PORT_STATUS_ERROR}} super(MidonetPluginV2, self).update_port(context, id, data) except Exception: LOG.exception(_LE("Failed to update port status %s"), id) LOG.debug("MidonetPluginV2.update_port exiting: p=%r", p) return p
def create_port(self, context, port): LOG.debug("MidonetPluginV2.create_port called: port=%r", port) port_data = port['port'] # REVISIT(yamamoto): this nested transaction is a workaround # for bug #1490917. with db_api.autonested_transaction(context.session): # Set status along admin_state_up if the parameter is specified. if port['port'].get('admin_state_up') is not None: if not port['port']['admin_state_up']: port['port']['status'] = n_const.PORT_STATUS_DOWN # Create a Neutron port port_db = self.create_port_db(context, port) new_port = self._make_port_dict(port_db, process_extensions=False) self.extension_manager.process_create_port(context, port_data, new_port) # Do not create a gateway port if it has no IP address assigned as # MidoNet does not yet handle this case. if (new_port.get('device_owner') == n_const.DEVICE_OWNER_ROUTER_GW and not new_port['fixed_ips']): msg = (_("No IPs assigned to the gateway port for" " router %s") % port_data['device_id']) raise n_exc.BadRequest(resource='router', msg=msg) dhcp_opts = port['port'].get(edo_ext.EXTRADHCPOPTS, []) # Make sure that the port created is valid if "id" not in new_port: raise n_exc.BadRequest(resource='port', msg="Invalid port created") # Update fields port_data.update(new_port) port_psec, has_ip = self._determine_port_security_and_has_ip( context, port['port']) port['port'][psec.PORTSECURITY] = port_psec self._process_port_port_security_create(context, port['port'], new_port) if port_psec is False: if self._check_update_has_security_groups(port): raise psec.PortSecurityAndIPRequiredForSecurityGroups() if self._check_update_has_allowed_address_pairs(port): raise addr_pair.AddressPairAndPortSecurityRequired() else: # Bind security groups to the port self._ensure_default_security_group_on_port(context, port) sg_ids = self._get_security_groups_on_port(context, port) self._process_port_create_security_group(context, new_port, sg_ids) # Process port bindings self._process_portbindings_create_and_update( context, port_data, new_port) self._process_mido_portbindings_create_and_update( context, port_data, new_port) self._process_port_create_extra_dhcp_opts(context, new_port, dhcp_opts) new_port[addr_pair.ADDRESS_PAIRS] = ( self._process_create_allowed_address_pairs( context, new_port, port_data.get(addr_pair.ADDRESS_PAIRS))) self.client.create_port_precommit(context, new_port) try: self.client.create_port_postcommit(new_port) except Exception as ex: with excutils.save_and_reraise_exception(): LOG.error(_LE("Failed to create a port %(new_port)s: %(err)s"), { "new_port": new_port, "err": ex }) try: self.delete_port(context, new_port['id'], l3_port_check=False) except Exception: LOG.exception(_LE("Failed to delete port %s"), new_port['id']) self._apply_dict_extend_functions('ports', new_port, port_db) LOG.debug("MidonetPluginV2.create_port exiting: port=%r", new_port) return new_port