Exemple #1
0
def ip_policy_create(context, **ip_policy_dict):
    new_policy = models.IPPolicy()
    exclude_set = ip_policy_dict.pop("exclude")
    for ip_cidr in exclude_set.iter_cidrs():
        new_policy["exclude"].append(models.IPPolicyRule(
            address=int(ip_cidr.ip),
            prefix=ip_cidr.prefixlen))

    new_policy.update(ip_policy_dict)
    context.session.add(new_policy)
    return new_policy
Exemple #2
0
def ip_policy_create(context, **ip_policy_dict):
    new_policy = models.IPPolicy()
    exclude = ip_policy_dict.pop("exclude")
    ip_set = netaddr.IPSet()
    for excluded_cidr in exclude:
        cidr_net = netaddr.IPNetwork(excluded_cidr).ipv6()
        new_policy["exclude"].append(
            models.IPPolicyCIDR(cidr=excluded_cidr,
                                first_ip=cidr_net.first,
                                last_ip=cidr_net.last))
        ip_set.add(excluded_cidr)
    ip_policy_dict["size"] = ip_set.size
    new_policy.update(ip_policy_dict)
    new_policy["tenant_id"] = context.tenant_id
    context.session.add(new_policy)
    return new_policy
Exemple #3
0
    def migrate_policies(self):
        """
        Migrate policies

        We exclude the default policies.  These are octets that are 0 or
        ip ranges that have offset 0 and length 1.

        This is another time-consuming function, but optimization will not
        yeild as much fruit as optimizing associate_ips_with_ports()

        There is a minute or two of lag while this spins up, may be a way
        to negate this.
        """
        octets = self.melange_session.query(melange.IpOctets).all()
        offsets = self.melange_session.query(melange.IpRanges).all()
        for policy, policy_block_ids in self.policy_ids.items():
            policy_octets = [o.octet for o in octets if o.policy_id == policy]
            policy_rules = [(off.offset, off.length) for off in offsets
                            if off.policy_id == policy]
            policy_rules = make_offset_lengths(policy_octets, policy_rules)
            a = [o.created_at for o in octets if o.policy_id == policy]
            b = [off.created_at for off in offsets if off.policy_id == policy]

            try:
                oct_created_at = min(a)
            except Exception:
                oct_created_at = dt.utcnow()
            try:
                ran_created_at = min(b)
            except Exception:
                ran_created_at = dt.utcnow()
            min_created_at = min([oct_created_at, ran_created_at])
            try:
                policy_description = self.melange_session.query(
                    melange.Policies.description).\
                    filter(melange.Policies.id == policy).first()[0]
            except Exception:
                policy_description = None
            for block_id in policy_block_ids.keys():
                policy_uuid = str(uuid4())
                init_id(self.json_data, 'policies', policy_uuid)
                q_network = self.neutron_session.query(quarkmodels.Network).\
                    filter(quarkmodels.Network.id ==
                           policy_block_ids[block_id]).first()
                q_ip_policy = quarkmodels.IPPolicy(
                    id=policy_uuid,
                    tenant_id=q_network.tenant_id,
                    description=policy_description,
                    created_at=min_created_at)
                q_ip_policy.networks.append(q_network)
                q_subnet = self.neutron_session.query(quarkmodels.Subnet).\
                    filter(quarkmodels.Subnet.id == block_id).first()
                q_ip_policy.subnets.append(q_subnet)
                self.add_to_session(q_ip_policy, 'policies', policy_uuid)
                for rule in policy_rules:
                    offset_uuid = str(uuid4())
                    init_id(self.json_data, 'policy_rules', offset_uuid)
                    q_ip_policy_rule = quarkmodels.\
                        IPPolicyRange(id=offset_uuid,
                                      offset=rule[0],
                                      length=rule[1],
                                      ip_policy_id=policy_uuid,
                                      created_at=min_created_at)
                    self.add_to_session(q_ip_policy_rule, 'policy_rules',
                                        offset_uuid)