def deploy_networkipv4(network_id, user):
"""Loads template for creating Network IPv4 equipment configuration,
creates file and apply config.
:param network_id: NetworkIPv4 Id
Returns: List with status of equipments output
"""
try:
netv4_obj = get_networkipv4_by_id(network_id)
routers = netv4_obj.vlan.ambiente.routers
if not routers:
raise exceptions.NoEnvironmentRoutersFoundException()
if facade_eqpt.all_equipments_are_in_maintenance(routers):
raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException()
if user:
if not facade_eqpt.all_equipments_can_update_config(routers, user):
raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException(
'User does not have permission to update conf in eqpt. '
'Verify the permissions of user group with equipment group'
'.Network:{}'.format(netv4_obj.id))
except ObjectDoesNotExistException, e:
raise ObjectDoesNotExistException(e.detail)
def _validate_vip_to_apply(vip_request, update=False, user=None):
vip = get_vip_request_by_id(vip_request.get('id'))
# validate vip with same ipv4 ou ipv6
vip_with_ip = get_vip_request_by_ip(vip.ipv4, vip.ipv6, vip.environmentvip)
vip_with_ip = vip_with_ip.exclude(id=vip.id).exclude(
created=False).distinct()
if vip_with_ip.count() > 0:
raise exceptions.AlreadyVipRequestException()
if update and not vip.created:
raise exceptions.VipRequestNotCreated(vip.id)
if not update and vip.created:
raise exceptions.VipRequestAlreadyCreated(vip.id)
equips = facade_eqpt.get_eqpt_by_envvip(vip_request['environmentvip'])
conf = EnvironmentVip.objects.get(id=vip_request['environmentvip']).conf
if facade_eqpt.all_equipments_are_in_maintenance(equips):
raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException()
if user:
if not facade_eqpt.all_equipments_can_update_config(equips, user):
raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException(
'User does not have permission to update conf in eqpt. \
Verify the permissions of user group with equipment group. Vip:{}'
.format(vip_request['id']))
cluster_unit = vip.ipv4.networkipv4.cluster_unit if vip.ipv4 else vip.ipv6.networkipv6.cluster_unit
return equips, conf, cluster_unit
def _validate_pool_to_apply(pool, update=False, user=None):
server_pool = ServerPool.objects.get(id=pool['id'])
if not server_pool:
raise exceptions.PoolNotExist()
if update and not server_pool.pool_created:
raise exceptions.PoolNotCreated(server_pool.id)
equips = Equipamento.objects.filter(
maintenance=0,
equipamentoambiente__ambiente__id=server_pool.environment.id,
tipo_equipamento__tipo_equipamento=u'Balanceador').distinct()
if facade_eqpt.all_equipments_are_in_maintenance(equips):
raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException()
if user:
if not facade_eqpt.all_equipments_can_update_config(equips, user):
raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException(
'User does not have permission to update conf in eqpt. '
'Verify the permissions of user group with equipment '
'group. Pool:{}'.format(pool['id']))
return equips
def get_controller_by_envid(env_id):
""" Get all controllers from a given environment """
q_filter_environment = {
'equipmentcontrollerenvironment__environment': env_id,
'maintenance': 0
}
equips = Equipamento.objects.filter(Q(**q_filter_environment))
if facade_eqpt.all_equipments_are_in_maintenance(equips):
raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException()
return equips
def undeploy_networkipv4(network_id, user):
"""Loads template for removing Network IPv4 equipment configuration, creates file and
apply config.
:param network_id: NetworkIPv4 Id
Returns: List with status of equipments output
"""
netv4_obj = get_networkipv4_by_id(network_id)
routers = netv4_obj.vlan.ambiente.routers
if not routers:
raise exceptions.NoEnvironmentRoutersFoundException()
if facade_eqpt.all_equipments_are_in_maintenance(routers):
raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException()
if user:
if not facade_eqpt.all_equipments_can_update_config(routers, user):
raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException(
'User does not have permission to update conf in eqpt. '
'Verify the permissions of user group with equipment group. '
'Network:{}'.format(netv4_obj.id))
# lock network id to prevent multiple requests to same id
with distributedlock(LOCK_NETWORK_IPV4 % netv4_obj.id):
with distributedlock(LOCK_VLAN % netv4_obj.vlan.id):
if netv4_obj.active == 0:
return 'Network already not active. Nothing to do.'
# load dict with all equipment attributes
dict_ips = get_dict_v4_to_use_in_configuration_deploy(
user, netv4_obj, routers)
status_deploy = dict()
# TODO implement threads
for equipment in routers:
# generate config file
file_to_deploy = _generate_config_file(
dict_ips, equipment, TEMPLATE_NETWORKv4_DEACTIVATE)
lockvar = LOCK_EQUIPMENT_DEPLOY_CONFIG_NETWORK_SCRIPT % (
equipment.id)
# deploy config file in equipments
status_deploy[
equipment.id] = deploy_config_in_equipment_synchronous(
file_to_deploy, equipment, lockvar)
netv4_obj.deactivate_v3()
# transaction.commit()
if netv4_obj.vlan.ativada == 1:
# if there are no other networks active in vlan, remove int
# vlan
if not _has_active_network_in_vlan(netv4_obj.vlan):
# remove int vlan
for equipment in routers:
if equipment.maintenance is not True:
pass
# Delete SVI
status_deploy[equipment.id] += _remove_svi(
equipment, netv4_obj.vlan.num_vlan)
# Need verify this call
netv4_obj.vlan.deactivate_v3()
return status_deploy
def deploy_networkipv6(network_id, user):
"""Loads template for creating Network IPv6 equipment configuration, creates file and
apply config.
Args: NetworkIPv6 object
Equipamento objects list
Returns: List with status of equipments output
"""
netv6_obj = get_networkipv6_by_id(network_id)
routers = netv6_obj.vlan.ambiente.routers
if not routers:
raise exceptions.NoEnvironmentRoutersFoundException()
if facade_eqpt.all_equipments_are_in_maintenance(routers):
raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException()
if user:
if not facade_eqpt.all_equipments_can_update_config(routers, user):
raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException(
'User does not have permission to update conf in eqpt. '
'Verify the permissions of user group with equipment group. '
'Network:{}'.format(netv6_obj.id))
# lock network id to prevent multiple requests to same id
with distributedlock(LOCK_NETWORK_IPV6 % netv6_obj.id):
with distributedlock(LOCK_VLAN % netv6_obj.vlan.id):
if netv6_obj.active == 1:
return 'Network already active. Nothing to do.'
# load dict with all equipment attributes
dict_ips = get_dict_v6_to_use_in_configuration_deploy(
user, netv6_obj, routers)
status_deploy = dict()
# TODO implement threads
for equipment in routers:
# generate config file
file_to_deploy = _generate_config_file(
dict_ips, equipment, TEMPLATE_NETWORKv6_ACTIVATE)
# deploy config file in equipments
lockvar = LOCK_EQUIPMENT_DEPLOY_CONFIG_NETWORK_SCRIPT % (
equipment.id)
status_deploy[
equipment.id] = deploy_config_in_equipment_synchronous(
file_to_deploy, equipment, lockvar)
netv6_obj.activate_v3()
# transaction.commit()
if netv6_obj.vlan.ativada == 0:
netv6_obj.vlan.activate_v3()
return status_deploy
def prepare_apply(load_balance, vip, created=True, user=None):
vip_request = copy.deepcopy(vip)
id_vip = str(vip_request.get('id'))
equips, conf, cluster_unit = _validate_vip_to_apply(
vip_request, created, user)
cache_group = OptionVip.objects.get(
id=vip_request.get('options').get('cache_group'))
traffic_return = OptionVip.objects.get(
id=vip_request.get('options').get('traffic_return'))
timeout = OptionVip.objects.get(
id=vip_request.get('options').get('timeout'))
persistence = OptionVip.objects.get(
id=vip_request.get('options').get('persistence'))
if vip_request['ipv4']:
ipv4 = Ip.get_by_pk(
vip_request['ipv4']) if vip_request['ipv4'] else None
vip_request['ipv4'] = {'id': ipv4.id, 'ip_formated': ipv4.ip_formated}
if vip_request['ipv6']:
ipv6 = Ipv6.get_by_pk(
vip_request['ipv6']) if vip_request['ipv6'] else None
vip_request['ipv6'] = {'id': ipv6.id, 'ip_formated': ipv6.ip_formated}
if conf:
conf = json.loads(conf)
vip_request['options'] = dict()
vip_request['options']['cache_group'] = {
'id': cache_group.id,
'nome_opcao_txt': cache_group.nome_opcao_txt
}
vip_request['options']['traffic_return'] = {
'id': traffic_return.id,
'nome_opcao_txt': traffic_return.nome_opcao_txt
}
vip_request['options']['timeout'] = {
'id': timeout.id,
'nome_opcao_txt': timeout.nome_opcao_txt
}
vip_request['options']['persistence'] = {
'id': persistence.id,
'nome_opcao_txt': persistence.nome_opcao_txt
}
vip_request['options']['cluster_unit'] = cluster_unit
try:
vip_request['options']['dscp'] = VipRequestDSCP.objects.get(
vip_request=vip_request['id']).dscp
except:
vip_request['options']['dscp'] = None
pass
for idx, port in enumerate(vip_request['ports']):
for i, pl in enumerate(port['pools']):
pool = get_pool_by_id(pl['server_pool'])
pool_serializer = pool_slz.PoolV3Serializer(pool)
l7_rule = OptionVip.objects.get(id=pl['l7_rule']).nome_opcao_txt
healthcheck = pool_serializer.data['healthcheck']
healthcheck['identifier'] = reserve_name_healthcheck(
pool_serializer.data['identifier'])
healthcheck['new'] = True
vip_request['ports'][idx]['pools'][i]['server_pool'] = {
'id':
pool_serializer.data['id'],
'nome':
pool_serializer.data['identifier'],
'lb_method':
pool_serializer.data['lb_method'],
'healthcheck':
healthcheck,
'action':
pool_serializer.data['servicedownaction']['name'],
'pool_created':
pool_serializer.data['pool_created'],
'pools_members':
[{
'id':
pool_member['id'],
'identifier':
pool_member['identifier'],
'ip':
pool_member['ip']['ip_formated'] if pool_member['ip'] else
pool_member['ipv6']['ip_formated'],
'port':
pool_member['port_real'],
'member_status':
pool_member['member_status'],
'limit':
pool_member['limit'],
'priority':
pool_member['priority'],
'weight':
pool_member['weight']
}
for pool_member in pool_serializer.data['server_pool_members']
]
}
vip_request['ports'][idx]['pools'][i]['l7_rule'] = l7_rule
l7_protocol = OptionVip.objects.get(id=port['options']['l7_protocol'])
l4_protocol = OptionVip.objects.get(id=port['options']['l4_protocol'])
vip_request['ports'][idx]['options'] = dict()
vip_request['ports'][idx]['options']['l7_protocol'] = {
'id': l7_protocol.id,
'nome_opcao_txt': l7_protocol.nome_opcao_txt
}
vip_request['ports'][idx]['options']['l4_protocol'] = {
'id': l4_protocol.id,
'nome_opcao_txt': l4_protocol.nome_opcao_txt
}
vip_request['conf'] = conf
if conf:
for idx, layer in enumerate(conf['conf']['layers']):
requiments = layer.get('requiments')
if requiments:
# validate for port
for idx_port, port in enumerate(vip['ports']):
for requiment in requiments:
condicionals = requiment.get('condicionals')
for condicional in condicionals:
validated = True
validations = condicional.get('validations')
for validation in validations:
if validation.get('type') == 'optionvip':
validated &= valid_expression(
validation.get('operator'),
int(vip['options'][validation.get(
'variable')]),
int(validation.get('value')))
if validation.get('type') == 'portoptionvip':
validated &= valid_expression(
validation.get('operator'),
int(port['options'][validation.get(
'variable')]),
int(validation.get('value')))
if validation.get(
'type') == 'field' and validation.get(
'variable') == 'cluster_unit':
validated &= valid_expression(
validation.get('operator'),
cluster_unit, validation.get('value'))
if validated:
use = condicional.get('use')
for item in use:
definitions = item.get('definitions')
eqpts = item.get('eqpts')
if eqpts:
eqpts = Equipamento.objects.filter(
id__in=eqpts,
maintenance=0,
tipo_equipamento__tipo_equipamento=
u'Balanceador').distinct()
if facade_eqpt.all_equipments_are_in_maintenance(
equips):
raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException(
)
if user:
if not facade_eqpt.all_equipments_can_update_config(
equips, user):
raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException(
'User does not have permission to update conf in eqpt. \
Verify the permissions of user group with equipment group. Vip:{}'
.format(vip_request['id']))
for eqpt in eqpts:
eqpt_id = str(eqpt.id)
if not load_balance.get(eqpt_id):
equipment_access = EquipamentoAcesso.search(
equipamento=eqpt.id)
plugin = PluginFactory.factory(
eqpt)
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'vips': [],
'layers': {},
}
idx_layer = str(idx)
idx_port_str = str(port['port'])
if not load_balance[eqpt_id][
'layers'].get(id_vip):
load_balance[eqpt_id][
'layers'][id_vip] = dict()
if load_balance[eqpt_id]['layers'][
id_vip].get(idx_layer):
if load_balance[eqpt_id][
'layers'][id_vip].get(
idx_layer).get(
'definitions'
).get(
idx_port_str):
load_balance[eqpt_id][
'layers'][id_vip][
idx_layer][
'definitions'][
idx_port_str] += definitions
else:
load_balance[eqpt_id][
'layers'][id_vip][
idx_layer][
'definitions'][
idx_port_str] = definitions
else:
load_balance[eqpt_id][
'layers'][id_vip][
idx_layer] = {
'vip_request':
vip_request,
'definitions': {
idx_port_str:
definitions
}
}
# In first validated==True stops conditionals.
# Removing this break will add a wrong
# conditional.
break
for e in equips:
eqpt_id = str(e.id)
if not load_balance.get(eqpt_id):
equipment_access = EquipamentoAcesso.search(equipamento=e.id)
plugin = PluginFactory.factory(e)
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'vips': [],
'layers': {},
}
load_balance[eqpt_id]['vips'].append({'vip_request': vip_request})
return load_balance
