def _create_vmi_obj(self, port_q, vn_obj): project_id = self._project_id_neutron_to_vnc(port_q['tenant_id']) try: proj_obj = self._project_read(proj_id=project_id) except vnc_exc.NoIdError: self._raise_contrail_exception( 'ProjectNotFound', projec_id=project_id, resource='port') id_perms = vnc_api.IdPermsType(enable=True) vmi_uuid = str(uuid.uuid4()) if port_q.get('name'): vmi_name = port_q['name'] else: vmi_name = vmi_uuid vmi_obj = vnc_api.VirtualMachineInterface(vmi_name, proj_obj, id_perms=id_perms) vmi_obj.uuid = vmi_uuid vmi_obj.set_virtual_network(vn_obj) vmi_obj.set_security_group_list([]) if ('security_groups' not in port_q or port_q['security_groups'].__class__ is object): sg_obj = vnc_api.SecurityGroup("default", proj_obj) uid = sg_handler.SecurityGroupHandler( self._vnc_lib)._ensure_default_security_group_exists( proj_obj.uuid) sg_obj.uuid = uid vmi_obj.add_security_group(sg_obj) return vmi_obj
def _create_router(self, router_q): project_id = self._project_id_neutron_to_vnc(router_q['tenant_id']) project_obj = self._project_read(proj_id=project_id) id_perms = vnc_api.IdPermsType(enable=True) return vnc_api.LogicalRouter(router_q.get('name'), project_obj, id_perms=id_perms)
def create_vn_obj(self, network_q): if 'tenant_id' not in network_q: self._raise_contrail_exception( 'BadRequest', resource='network', msg="'tenant_id' is mandatory") net_name = network_q.get('name', None) project_id = self._project_id_neutron_to_vnc(network_q['tenant_id']) try: proj_obj = self._project_read(proj_id=project_id) except vnc_exc.NoIdError: self._raise_contrail_exception( 'ProjectNotFound', project_id=project_id, resource='network') id_perms = vnc_api.IdPermsType(enable=True) vn_obj = vnc_api.VirtualNetwork(net_name, proj_obj, id_perms=id_perms) external_attr = network_q.get('router:external') if external_attr is not None: vn_obj.router_external = external_attr else: vn_obj.router_external = False is_shared = network_q.get('shared') if is_shared is not None: vn_obj.is_shared = is_shared else: vn_obj.is_shared = False return vn_obj
def vnf_instance_ip(vnc_vmi): ip_name = 'vnf-instance-ip-name' ip_uuid = 'vnf-instance-ip-uuid' ip = vnc_api.InstanceIp(name=ip_uuid, display_name=ip_name, id_perms=vnc_api.IdPermsType( creator='not-vcenter-manager', enable=True)) ip.set_instance_ip_address('0.255.255.239') ip.set_uuid(ip_uuid) ip.set_virtual_machine_interface(vnc_vmi) return ip
def __init__(self, vnName, displayName=None): super(OpenContrailVN, self).__init__() if displayName: self.vnName = displayName self.networkId = vnName idPerm = vnc_api.IdPermsType(description=vnName) self.obj = vnc_api.VirtualNetwork(name=displayName, parent_obj=self.tenant, id_perms=idPerm) else: self.vnName = vnName self.obj = vnc_api.VirtualNetwork(name=vnName, parent_obj=self.tenant)
def _create_security_group(self, sg_q): project_id = self._project_id_neutron_to_vnc(sg_q['tenant_id']) try: project_obj = self._project_read(proj_id=project_id) except vnc_exc.NoIdError: raise self._raise_contrail_exception('ProjectNotFound', project_id=project_id, resource='security_group') id_perms = vnc_api.IdPermsType(enable=True, description=sg_q.get('description')) sg_vnc = vnc_api.SecurityGroup(name=sg_q['name'], parent_obj=project_obj, id_perms=id_perms) return sg_vnc
def _create_no_rule_sg(self): domain_obj = vnc_api.Domain(SG_NO_RULE_FQ_NAME[0]) proj_obj = vnc_api.Project(SG_NO_RULE_FQ_NAME[1], domain_obj) sg_rules = vnc_api.PolicyEntriesType() id_perms = vnc_api.IdPermsType( enable=True, description="Security group with no rules", user_visible=False) sg_obj = vnc_api.SecurityGroup(name=SG_NO_RULE_NAME, parent_obj=proj_obj, security_group_entries=sg_rules, id_perms=id_perms) self._resource_create(sg_obj) return sg_obj
def create_bgpvpn(self, context, bgpvpn): LOG.debug("create_bgpvpn called with: %s" % bgpvpn) # Does not support to set route distinguisher if 'route_distinguishers' in bgpvpn and bgpvpn['route_distinguishers']: raise bgpvpn_ext.BGPVPNRDNotSupported( driver=CONTRAIL_BGPVPN_DRIVER_NAME) project_obj = self._project_read(bgpvpn['tenant_id']) id_perms_obj = vnc_api.IdPermsType(enable=True) bgpvpn_obj = self._neutron_dict_to_bgpvpn( vnc_api.Bgpvpn(bgpvpn['name'], project_obj, id_perms=id_perms_obj), bgpvpn) self._resource_create('bgpvpn', bgpvpn_obj) return self._bgpvpn_to_neutron_dict(bgpvpn_obj)
def __init__(self, vnc_cfg): vnc_cfg['api_server_host'] = vnc_cfg['api_server_host'].split(',') random.shuffle(vnc_cfg['api_server_host']) vnc_cfg['auth_host'] = vnc_cfg['auth_host'].split(',') random.shuffle(vnc_cfg['auth_host']) self.vnc_lib = vnc_api.VncApi( username=vnc_cfg.get('username'), password=vnc_cfg.get('password'), tenant_name=vnc_cfg.get('tenant_name'), api_server_host=vnc_cfg.get('api_server_host'), api_server_port=vnc_cfg.get('api_server_port'), auth_host=vnc_cfg.get('auth_host'), auth_port=vnc_cfg.get('auth_port') ) self.id_perms = vnc_api.IdPermsType() self.id_perms.set_creator('vcenter-manager') self.id_perms.set_enable(True)
def _create_default_security_group(self, proj_obj): def _get_rule(ingress, sg, prefix, ethertype): sgr_uuid = str(uuid.uuid4()) if sg: addr = vnc_api.AddressType( security_group=proj_obj.get_fq_name_str() + ':' + sg) elif prefix: addr = vnc_api.AddressType( subnet=vnc_api.SubnetType(prefix, 0)) local_addr = vnc_api.AddressType(security_group='local') if ingress: src_addr = addr dst_addr = local_addr else: src_addr = local_addr dst_addr = addr rule = vnc_api.PolicyRuleType( rule_uuid=sgr_uuid, direction='>', protocol='any', src_addresses=[src_addr], src_ports=[vnc_api.PortType(0, 65535)], dst_addresses=[dst_addr], dst_ports=[vnc_api.PortType(0, 65535)], ethertype=ethertype) return rule rules = [ _get_rule(True, 'default', None, 'IPv4'), _get_rule(True, 'default', None, 'IPv6'), _get_rule(False, None, '0.0.0.0', 'IPv4'), _get_rule(False, None, '::', 'IPv6') ] sg_rules = vnc_api.PolicyEntriesType(rules) # create security group id_perms = vnc_api.IdPermsType(enable=True, description='Default security group') sg_obj = vnc_api.SecurityGroup(name='default', parent_obj=proj_obj, id_perms=id_perms, security_group_entries=sg_rules) self._vnc_lib.security_group_create(sg_obj) return sg_obj.uuid
class VncApiClient(object): DEFAULT_GLOBAL_CONF = "default-global-system-config" ID_PERMS = vnc_api.IdPermsType(creator="networking-opencontrail", enable=True) class vnc_connect(object): """Connect to VNC API on first use method that needs connection""" def __init__(self, func): functools.update_wrapper(self, func) self._func = func def __call__(self, obj, *args, **kwargs): if not obj.vnc_lib: obj.vnc_lib = vnc_api.VncApi( api_server_host=cfg.CONF.APISERVER.api_server_ip, api_server_port=cfg.CONF.APISERVER.api_server_port, api_server_use_ssl=cfg.CONF.APISERVER.use_ssl, apicertfile=cfg.CONF.APISERVER.certfile, apikeyfile=cfg.CONF.APISERVER.keyfile, apicafile=cfg.CONF.APISERVER.cafile, apiinsecure=cfg.CONF.APISERVER.insecure, auth_type=cfg.CONF.auth_strategy, auth_host=cfg.CONF.keystone_authtoken.auth_host, auth_port=cfg.CONF.keystone_authtoken.auth_port, auth_protocol=cfg.CONF.keystone_authtoken.auth_protocol, tenant_name=cfg.CONF.keystone_authtoken.admin_tenant_name, kscertfile=cfg.CONF.keystone_authtoken.certfile, kskeyfile=cfg.CONF.keystone_authtoken.keyfile, ksinsecure=cfg.CONF.keystone_authtoken.insecure) return self._func(obj, *args, **kwargs) def __get__(self, instance, instancetype): return functools.partial(self.__call__, instance) def __init__(self): self.vnc_lib = None def read_pi_from_switch(self, switch_name, pi_name): pi_fq_name = [self.DEFAULT_GLOBAL_CONF, switch_name, pi_name] return self.get_physical_interface(fq_name=pi_fq_name) def read_fabric_name_from_switch(self, switch_name): pr_fq_name = [self.DEFAULT_GLOBAL_CONF, switch_name] pr = self.get_physical_router(fq_name=pr_fq_name) if not pr: return None fabric_refs = pr.get_fabric_refs() if not fabric_refs: return None return fabric_refs[0]['to'][-1] def read_node_by_hostname(self, host_id): node_fq_name = [self.DEFAULT_GLOBAL_CONF, host_id] return self.get_node(fq_name=node_fq_name) def get_project(self, uuid=None, fq_name=None): return self._get_object("project", uuid=uuid, fq_name=fq_name) def get_port(self, uuid=None, fq_name=None): return self._get_object("port", uuid=uuid, fq_name=fq_name) def get_node(self, uuid=None, fq_name=None): return self._get_object("node", uuid=uuid, fq_name=fq_name) def get_physical_interface(self, uuid=None, fq_name=None): return self._get_object("physical_interface", uuid=uuid, fq_name=fq_name) def get_physical_router(self, uuid=None, fq_name=None): return self._get_object("physical_router", uuid=uuid, fq_name=fq_name) def get_virtual_network(self, uuid=None, fq_name=None): return self._get_object("virtual_network", uuid=uuid, fq_name=fq_name) def get_virtual_machine_interface(self, uuid=None, fq_name=None): return self._get_object("virtual_machine_interface", uuid=uuid, fq_name=fq_name) def get_virtual_port_group(self, uuid=None, fq_name=None): return self._get_object("virtual_port_group", uuid=uuid, fq_name=fq_name) def get_virtual_router(self, uuid=None, fq_name=None): return self._get_object("virtual_router", uuid=uuid, fq_name=fq_name) @vnc_connect def create_virtual_machine_interface(self, vmi): try: self.vnc_lib.virtual_machine_interface_create(vmi) except vnc_api.RefsExistError: LOG.debug("VMI %s already exists in VNC", vmi.name) @vnc_connect def delete_virtual_machine_interface(self, fq_name): try: self.vnc_lib.virtual_machine_interface_delete(fq_name=fq_name) except vnc_api.NoIdError: LOG.warning("Cannot delete VMI %s: not exists" % fq_name) @vnc_connect def update_virtual_port_group(self, vpg): try: self.vnc_lib.virtual_port_group_update(vpg) except vnc_api.NoIdError: LOG.warning("Cannot update VPG %s: not exists" % vpg.name) @vnc_connect def _get_object(self, obj_name, uuid=None, fq_name=None): func_name = "%s_read" % obj_name read_obj = getattr(self.vnc_lib, func_name) try: return read_obj(id=uuid, fq_name=fq_name) except vnc_api.NoIdError: return None @classmethod def make_virtual_machine_interface(cls, name, network, properties, bindings, project): vmi = vnc_api.VirtualMachineInterface(name=name, parent_obj=project) vmi.set_id_perms(cls.ID_PERMS) vmi.add_virtual_network(network) vmi.set_virtual_machine_interface_properties(properties) vmi.set_virtual_machine_interface_bindings(bindings) return vmi @staticmethod def make_vmi_properties_with_vlan_tag(vlan_tag): vmi_properties = vnc_api.VirtualMachineInterfacePropertiesType( sub_interface_vlan_tag=vlan_tag) return vmi_properties @staticmethod def make_key_value_pairs(pairs): kv_list = [vnc_api.KeyValuePair(key=k, value=v) for k, v in pairs] return vnc_api.KeyValuePairs(kv_list)
def __call__(self, obj): if not obj: raise ValueError("Create called with null object") uuid = getattr(obj, 'uuid', None) obj._server_conn = self._server_conn if not uuid: uuid = obj.uuid = str(UUID.uuid4()) else: if self._check_if_uuid_in_use(uuid): raise vnc_exc.RefsExistError('') if hasattr(obj, 'parent_type'): if obj.parent_type == 'project': parent = self._server_conn.project_read( fq_name=obj.fq_name[:-1]) else: rc = MockVnc.ReadCallables( obj.parent_type, self._resource_collection[obj.parent_type.replace( "-", "_")], self._resource_collection, self._server_conn) parent = rc(fq_name=obj.fq_name[:-1]) obj.parent_uuid = parent.uuid fq_name_str = getattr(obj, 'fq_name_str', None) if not fq_name_str: fq_name_str = ":".join(obj.get_fq_name()) self._resource[uuid] = obj for field in obj._pending_field_updates: if field.endswith("_refs"): for r in getattr(obj, field): setattr(obj, "processed_" + field, list(getattr(obj, field))) self.update_back_ref(field, getattr(obj, field), self._resource_type, obj) self._pending_ref_updates = self._pending_field_updates = set([]) if fq_name_str and fq_name_str != uuid: if fq_name_str in self._resource: fq_name_str += ("-" + uuid) obj.get_fq_name()[-1] += ('-' + uuid) self._resource[fq_name_str] = obj if self._resource_type == 'virtual-machine-interface': # generate a dummy mac address def random_mac(): import random mac = [0x00, 0x00, 0x00] for i in range(3, 6): mac.append(random.randint(0x00, 0x7f)) return ":".join(map(lambda x: "%02x" % x, mac)) if not obj.get_virtual_machine_interface_mac_addresses(): obj.set_virtual_machine_interface_mac_addresses( vnc_api.MacAddressesType([random_mac()])) elif self._resource_type == "instance-ip": vn = obj.get_virtual_network_refs()[0]['uuid'] vn_obj = self._resource_collection['virtual_network'][vn] if not obj.get_instance_ip_address(): subnet = None if not obj.subnet_uuid: subnet = vn_obj.get_network_ipam_refs( )[0]['attr'].get_ipam_subnets()[0] obj.subnet_uuid = subnet.subnet_uuid else: for ipams in vn_obj.get_network_ipam_refs(): for subnet in ipams['attr'].get_ipam_subnets(): if subnet.subnet_uuid == obj.subnet_uuid: break if subnet: subnet_cidr = '%s/%s' % (subnet.subnet.ip_prefix, subnet.subnet.ip_prefix_len) cidr_obj = netaddr.IPNetwork(subnet_cidr) if not hasattr(subnet.subnet, 'ip_prefixed'): setattr(subnet.subnet, "ip_prefixed", 0) if (netaddr.IPAddress( subnet.default_gateway).words[-1] == ( subnet.subnet.ip_prefixed + 1)): subnet.subnet.ip_prefixed += 2 else: subnet.subnet.ip_prefixed += 1 ip_address = str( netaddr.IPAddress(subnet.subnet.ip_prefix) + subnet.subnet.ip_prefixed) if ip_address not in cidr_obj: rc = MockVnc.DeleteCallables( self._resource_type, self._resource, self._resource_collection, self._server_conn) rc(id=uuid) raise vnc_exc.HttpError(status_code=409, content='') obj.set_instance_ip_address(ip_address) else: for ipams in vn_obj.get_network_ipam_refs(): for subnet in ipams['attr'].get_ipam_subnets(): if subnet.subnet_uuid == obj.subnet_uuid: break subnet_cidr = '%s/%s' % (subnet.subnet.ip_prefix, subnet.subnet.ip_prefix_len) if (netaddr.IPAddress(obj.get_instance_ip_address()) not in netaddr.IPNetwork(subnet_cidr)): rc = MockVnc.DeleteCallables(self._resource_type, self._resource, self._resource_collection, self._server_conn) rc(id=uuid) raise vnc_exc.HttpError(status_code=400, content="") elif self._resource_type == 'security-group': if not obj.get_id_perms(): obj.set_id_perms(vnc_api.IdPermsType(enable=True)) proj_obj = self._resource_collection['project'][ obj.parent_uuid] sgs = getattr(proj_obj, 'security_groups', None) sg_ref = {'to': obj.get_fq_name(), 'uuid': obj.uuid} if not sgs: setattr(proj_obj, 'security_groups', [sg_ref]) else: sgs.append(sg_ref) elif self._resource_type == 'virtual-network': self._mock_add_network_ipam(obj) return uuid