def _set_vmi_security_groups(self, vmi_obj, sec_group_list): vmi_obj.set_security_group_list([]) # When there is no-security-group for a port,the internal # no_rule group should be used. if not sec_group_list: sg_obj = res_handler.SGHandler( self._vnc_lib).get_no_rule_security_group() vmi_obj.add_security_group(sg_obj) for sg_id in sec_group_list or []: # TODO() optimize to not read sg (only uuid/fqn needed) sg_obj = self._vnc_lib.security_group_read(id=sg_id) vmi_obj.add_security_group(sg_obj)
def resource_list(self, context, filters=None, fields=None): ret_list = [] contrail_extensions_enabled = self._kwargs.get( 'contrail_extensions_enabled', False) # collect phase self._ensure_default_security_group_exists(context['tenant']) all_sgs = [] # all sgs in all projects if context and not context['is_admin']: project_sgs = self.resource_list_by_project( self._project_id_neutron_to_vnc(context['tenant']), filters=filters) all_sgs.append(project_sgs) else: # admin context if filters and 'tenant_id' in filters: project_ids = self._validate_project_ids( context, filters['tenant_id']) for p_id in project_ids: project_sgs = self.resource_list_by_project( p_id, filters=filters) all_sgs.append(project_sgs) else: # no tenant id filter all_sgs.append( self.resource_list_by_project(None, filters=filters)) # prune phase no_rule = res_handler.SGHandler( self._vnc_lib).get_no_rule_security_group(create=False) for project_sgs in all_sgs: for sg_obj in project_sgs: if no_rule and sg_obj.uuid == no_rule.uuid: continue if not self._filters_is_present( filters, 'name', sg_obj.get_display_name() or sg_obj.name): continue if not self._filters_is_present( filters, 'description', sg_obj.get_id_perms().get_description()): continue sg_info = self._security_group_vnc_to_neutron( sg_obj, contrail_extensions_enabled, fields=fields) ret_list.append(sg_info) return ret_list
def _vmi_to_neutron_port(self, vmi_obj, port_req_memo=None, extensions_enabled=False, fields=None): port_q_dict = {} if not getattr(vmi_obj, 'display_name'): # for ports created directly via vnc_api port_q_dict['name'] = vmi_obj.get_fq_name()[-1] else: port_q_dict['name'] = vmi_obj.display_name port_q_dict['id'] = vmi_obj.uuid net_id = self.get_vmi_net_id(vmi_obj) if not net_id: # TODO() hack to force network_id on default port # as neutron needs it net_id = self._vnc_lib.obj_to_id(vnc_api.VirtualNetwork()) if port_req_memo is None: # create a memo only for this port's conversion in this method port_req_memo = {} if 'networks' not in port_req_memo: port_req_memo['networks'] = {} if 'subnets' not in port_req_memo: port_req_memo['subnets'] = {} if 'virtual-machines' not in port_req_memo: port_req_memo['virtual-machines'] = {} try: vn_obj = port_req_memo['networks'][net_id] except KeyError: vn_obj = self._vnc_lib.virtual_network_read(id=net_id) port_req_memo['networks'][net_id] = vn_obj subnets_info = ( subnet_handler.SubnetHandler.get_vn_subnets(vn_obj)) port_req_memo['subnets'][net_id] = subnets_info if vmi_obj.parent_type != "project": proj_id = self._project_id_vnc_to_neutron(vn_obj.parent_uuid) else: proj_id = self._project_id_vnc_to_neutron(vmi_obj.parent_uuid) port_q_dict['tenant_id'] = proj_id port_q_dict['network_id'] = net_id # TODO() RHS below may need fixing port_q_dict['mac_address'] = '' mac_refs = vmi_obj.get_virtual_machine_interface_mac_addresses() if mac_refs: port_q_dict['mac_address'] = mac_refs.mac_address[0] extra_dhcp_opts = self._get_extra_dhcp_opts(vmi_obj) if extra_dhcp_opts: port_q_dict['extra_dhcp_opts'] = extra_dhcp_opts address_pairs = self._get_allowed_adress_pairs(vmi_obj) if address_pairs: port_q_dict['allowed_address_pairs'] = address_pairs port_q_dict['fixed_ips'] = self.get_vmi_ip_dict(vmi_obj, vn_obj, port_req_memo) port_q_dict['security_groups'] = [] sg_refs = vmi_obj.get_security_group_refs() # read the no rule sg no_rule_sg = res_handler.SGHandler( self._vnc_lib).get_no_rule_security_group() for sg_ref in sg_refs or []: if no_rule_sg and sg_ref['uuid'] == no_rule_sg.uuid: # hide the internal sg continue port_q_dict['security_groups'].append(sg_ref['uuid']) port_q_dict['admin_state_up'] = vmi_obj.get_id_perms().enable device_id, device_owner = self._get_vmi_device_id_owner(vmi_obj, port_req_memo) port_q_dict['device_id'] = device_id if device_owner is not None: port_q_dict['device_owner'] = device_owner else: port_q_dict['device_owner'] = ( vmi_obj.get_virtual_machine_interface_device_owner() or '') if port_q_dict['device_id']: port_q_dict['status'] = constants.PORT_STATUS_ACTIVE else: port_q_dict['status'] = constants.PORT_STATUS_DOWN if extensions_enabled: extra_dict = {'contrail:fq_name': vmi_obj.get_fq_name()} port_q_dict.update(extra_dict) bindings_dict = self._get_port_bindings(vmi_obj) for k,v in bindings_dict.items(): port_q_dict[k] = v if fields: port_q_dict = self._filter_res_dict(port_q_dict, fields) return port_q_dict