def create_gateway_port_vlan(self, vlan_dict): gw_id = vlan_dict.get('gateway') gw_port_id = vlan_dict['gatewayport'] vlan_value = vlan_dict['value'] # Confirm that the gatewayport belongs to the gateway gw_port = gw_helper.get_gateway_port(self.restproxy, gw_port_id, gw_id) if not gw_port: msg = (_("Port %(port)s not found on gateway %(gw)s") % { 'port': gw_port_id, 'gw': gw_id }) raise restproxy.RESTProxyError(msg) if not gw_id: gw_id = gw_port['parentID'] gw = gw_helper.get_gateway(self.restproxy, gw_id) req_params = {'port_id': gw_port_id, 'personality': gw['personality']} nuage_gw_vlan = nuagelib.NuageVlanBase.factory( create_params=req_params, extra_params=None, redundant=gw['redundant']) response = self.restproxy.rest_call( 'POST', nuage_gw_vlan.post_vlan(), nuage_gw_vlan.post_vlan_data(vlan_value)) if not nuage_gw_vlan.validate(response): raise restproxy.RESTProxyError(nuage_gw_vlan.error_msg) return nuage_gw_vlan.get_response_objlist(response)
def _get_gateway_port_vlans(self, tenant_id, req_params, extra_params=None): if not req_params.get('personality'): gw_port = gw_helper.get_gateway_port(self.restproxy, req_params['port_id']) gw = gw_helper.get_gateway(self.restproxy, gw_port['parentID']) req_params['personality'] = gw['personality'] redundant = 'redundantGatewayStatus' in gw else: redundant = req_params['redundant'] nuage_gw_vlan = nuagelib.NuageVlanBase.factory( create_params=req_params, extra_params=extra_params, redundant=redundant) resource_url = nuage_gw_vlan.get_resource_by_port() extra_headers = dict() if extra_params and 'vlan_value' in extra_params: vlan_val = extra_params['vlan_value'] if not helper.is_vlan_valid(vlan_val): return [] extra_headers = nuage_gw_vlan.extra_headers_by_value() response = self.restproxy.rest_call('GET', resource_url, '', extra_headers=extra_headers) if not nuage_gw_vlan.validate(response): raise restproxy.RESTProxyError(nuage_gw_vlan.error_msg) return nuage_gw_vlan.get_response_objlist(response)
def _check_ent_permission(self, gw_id, gw_port_id, netpart_id): gw = gw_helper.get_gateway(self.restproxy, gw_id) gw_perm = gw_helper.get_ent_permission_on_gateway( self.restproxy, gw_id, gw['redundant']) if gw_perm and gw_perm['permittedEntityID'] != netpart_id: msg = (_("Non default enterprise %(ent)s has permission for " "gateway %(gw)s, so cannot create/delete vlan") % { 'ent': gw_perm['permittedEntityID'], 'gw': gw_id }) raise restproxy.RESTProxyError(msg) else: gw_port_perm = gw_helper.get_ent_permission_on_port( self.restproxy, gw_port_id, (gw['redundant'] and gw['personality'] == constants.GW_TYPE['VSG'])) if gw_port_perm and (gw_port_perm['permittedEntityID'] != netpart_id): msg = (_("Non default enterprise %(ent)s has permission for " "gateway port %(port)s, so cannot create/delete " "vlan") % { 'ent': gw_port_perm['permittedEntityID'], 'port': gw_port_id }) raise restproxy.RESTProxyError(msg)
def create_gateway_port_vlan(self, vlan_dict): gw_id = vlan_dict.get('gateway') gw_port_id = vlan_dict['gatewayport'] vlan_value = vlan_dict['value'] # Confirm that the gatewayport belongs to the gateway gw_port = gw_helper.get_gateway_port(self.restproxy, gw_port_id, gw_id) if not gw_port: if gw_id: msg = (_("Port %(port)s not found on gateway %(gw)s") % { 'port': gw_port_id, 'gw': gw_id }) else: msg = (_("Port %(port)s not found") % {'port': gw_port_id}) raise restproxy.ResourceNotFoundException(msg) if not gw_id: gw_id = gw_port['parentID'] gw = gw_helper.get_gateway(self.restproxy, gw_id) req_params = {'port_id': gw_port_id, 'personality': gw['personality']} nuage_gw_vlan = nuagelib.NuageVlanBase.factory( create_params=req_params, extra_params=None, redundant=gw['redundant']) return self.restproxy.post(nuage_gw_vlan.post_vlan(), nuage_gw_vlan.post_vlan_data(vlan_value))
def _get_gateway_ports(self, req_params, extra_params=None): extra_headers = dict() if not req_params.get('personality'): gw = gw_helper.get_gateway(self.restproxy, req_params['gw_id']) req_params['personality'] = gw['personality'] redundant = 'redundantGatewayStatus' in gw else: redundant = req_params['redundant'] nuage_gw_port = nuagelib.NuageGatewayPortBase.factory( create_params=req_params, extra_params=extra_params, redundant=redundant) if extra_params: if 'gw_port_name' in extra_params: extra_headers = nuage_gw_port.extra_headers_by_name() response = self.restproxy.rest_call( 'GET', nuage_gw_port.get_resource_by_gateway(), '', extra_headers=extra_headers) if not nuage_gw_port.validate(response): raise restproxy.RESTProxyError(nuage_gw_port.error_msg) return nuage_gw_port.get_response_objlist(response)
def _get_gateway_port_vlans(self, tenant_id, req_params, extra_params=None): if not req_params.get('personality'): gw_port = gw_helper.get_gateway_port(self.restproxy, req_params['port_id']) gw = gw_helper.get_gateway(self.restproxy, gw_port['parentID']) req_params['personality'] = gw['personality'] redundant = 'redundantGatewayStatus' in gw else: redundant = req_params['redundant'] nuage_gw_vlan = nuagelib.NuageVlanBase.factory( create_params=req_params, extra_params=extra_params, redundant=redundant) resource_url = nuage_gw_vlan.get_resource_by_port() extra_headers = dict() if extra_params and 'vlan_value' in extra_params: vlan_val = extra_params['vlan_value'] if not helper.is_vlan_valid(vlan_val): return [] extra_headers = nuage_gw_vlan.extra_headers_by_value() gw_vlans = self.restproxy.get(resource_url, extra_headers=extra_headers, required=True) return gw_vlans if gw_vlans else []
def get_gateway(self, tenant_id, gw_id): try: resp = gw_helper.get_gateway(self.restproxy, gw_id) return gw_helper.make_gateway_dict(resp) except Exception as e: if e.code == constants.RES_NOT_FOUND: return [] raise
def _get_gateway_ports(self, req_params, extra_params=None): extra_headers = dict() if not req_params.get('personality'): gw = gw_helper.get_gateway(self.restproxy, req_params['gw_id']) req_params['personality'] = gw['personality'] redundant = 'redundantGatewayStatus' in gw else: redundant = req_params['redundant'] nuage_gw_port = nuagelib.NuageGatewayPortBase.factory( create_params=req_params, extra_params=extra_params, redundant=redundant) if extra_params: if 'gw_port_name' in extra_params: extra_headers = nuage_gw_port.extra_headers_by_name() return self.restproxy.get(nuage_gw_port.get_resource_by_gateway(), extra_headers=extra_headers, required=True)
def _check_ent_permission(self, gw_id, gw_port_id, netpart_id): gw = gw_helper.get_gateway(self.restproxy, gw_id) gw_perm = gw_helper.get_ent_permission_on_gateway( self.restproxy, gw_id, gw['redundant']) if gw_perm and gw_perm['permittedEntityID'] != netpart_id: msg = (_("Non default enterprise %(ent)s has permission for " "gateway %(gw)s, so cannot create/delete vlan") % { 'ent': gw_perm['permittedEntityID'], 'gw': gw_id }) raise restproxy.ResourceConflictException(msg) else: gw_port_perm = gw_helper.get_ent_permission_on_port( self.restproxy, gw_port_id, self.is_hw_gateway(gw) and gw['redundant']) if gw_port_perm and (gw_port_perm['permittedEntityID'] != netpart_id): msg = (_("Non default enterprise %(ent)s has permission for " "gateway port %(port)s, so cannot create/delete " "vlan") % { 'ent': gw_port_perm['permittedEntityID'], 'port': gw_port_id }) raise restproxy.ResourceConflictException(msg)
def delete_nuage_gateway_vport(self, context, nuage_vport_id, def_netpart_id): # Get the gw interface and vport info tenant_id = context.tenant_id resp = self.get_gateway_vport(context, tenant_id, None, nuage_vport_id) if not resp: return subnet_id = resp['nuage_subnet_id'] # Get the neutron subnet-id associated with the vport subnet_mapping = nuagedb.get_subnet_l2dom_by_nuage_id( context.session, subnet_id) # Delete the interface and vport if resp['vport_type'] == constants.BRIDGE_VPORT_TYPE: # Bridge/Host vport will always have a vlan associated with it nuage_vlan = gw_helper.get_gateway_port_vlan( self.restproxy, resp['vlanid']) # Get the gateway associated with vlan nuage_gw = gw_helper.get_gateway(self.restproxy, nuage_vlan['gatewayID']) if resp['interface']: # Delete interface gw_helper.delete_nuage_interface(self.restproxy, resp['interface'], constants.BRIDGE_VPORT_TYPE) LOG.debug("Deleted bridge interface %s", resp['interface']) # do not attempt to delete policygroup on vsd managed subnets # as we do not create it in that case if not subnet_mapping["nuage_managed_subnet"]: if subnet_mapping['nuage_l2dom_tmplt_id']: subnet_type = constants.L2DOMAIN else: subnet_type = constants.SUBNET nuage_policygroup = gw_helper.get_policygroup_for_interface( self.restproxy, subnet_mapping["subnet_id"], nuage_gw['personality'], resp['vport_type'], subnet_type) if nuage_policygroup: # Check if policygroup has more than 1 vport associated self._delete_policygroup(resp['interface'], nuage_policygroup[0]) elif resp['vport_type'] == constants.HOST_VPORT_TYPE: if resp['interface']: # Delete the policygroup and interface gw_helper.delete_nuage_interface(self.restproxy, resp['interface'], constants.HOST_VPORT_TYPE) LOG.debug("Deleted host interface %s", resp['interface']) # do not attempt to delete policygroup on vsd managed subnets # as we do not create it in that case g if not subnet_mapping["nuage_managed_subnet"]: # Delete the policugroup policy_group_id = gw_helper.get_policygroup_for_host_vport( self.restproxy, resp['vport_id']) if policy_group_id: # Check if policygroup has more than 1 vport associated self._delete_policygroup(resp['interface'], policy_group_id) # Delete the vport # if 'vport_type' is not None, then 'vport_id' is not None gw_helper.delete_nuage_vport(self.restproxy, resp['vport_id']) LOG.debug("Deleted vport %s", resp['vport_id']) # Remove Ent/Tenant permissions netpart_id = None perms = self._get_ent_permissions(resp['vlanid']) if perms and perms['permittedEntityType'] == 'enterprise': netpart_id = perms['permittedEntityID'] else: netpart_id = def_netpart_id if netpart_id != def_netpart_id: perm = gw_helper.get_tenant_perm(self.restproxy, resp['vlanid']) if perm: num_grps = self.remove_tenant_perm(resp['vlanid'], perm['permittedEntityName'], netpart_id) if num_grps == 0: # Remove permissions for the enterprise if it exists self.remove_ent_perm(resp['vlanid']) LOG.debug("Deleted ent perissions on vlan %s", resp['vlanid']) else: LOG.debug("Preserving ent permissions on default netpartition")
def _check_parent_permissions(self, tenant_id, vlan_id, netpart_id): req_params = {'vlan_id': vlan_id} nuage_vlan = nuagelib.NuageVlan(create_params=req_params) response = self.restproxy.rest_call('GET', nuage_vlan.get_resource(), '') if not nuage_vlan.get_validate(response): raise restproxy.RESTProxyError(nuage_vlan.error_msg) # Get ent permissions on port gw_port_id = nuage_vlan.get_response_parentid(response) gw_port = gw_helper.get_gateway_port(self.restproxy, gw_port_id) gw = gw_helper.get_gateway(self.restproxy, gw_port['parentID']) req_params['port_id'] = gw_port_id nuage_ent_perm = nuagelib.NuageEntPermission(create_params=req_params) response = self.restproxy.rest_call( 'GET', nuage_ent_perm.get_resource_by_port(gw['redundant']), '') if not nuage_ent_perm.validate(response): raise restproxy.RESTProxyError(nuage_ent_perm.error_msg) ent_perm = nuage_ent_perm.get_response_obj(response) if ent_perm: ent_id = nuage_ent_perm.get_permitted_entity_id(response) if ent_id != netpart_id: ent_type = nuage_ent_perm.get_permitted_entity_type(response) LOG.debug( "Port %(port)s already assigned to %(ent)s with id" " %(ent_id)s", { 'port': vlan_id, 'ent': ent_type, 'ent_id': ent_id }) return False else: LOG.debug("Port %(port)s is assigned to enterprise %(ent)s", { 'port': gw_port_id, 'ent': ent_id }) return True # Get ent permissions on gateway gw_port = gw_helper.get_gateway_port(self.restproxy, gw_port_id) if not gw_port: msg = (_("Port %s not found on gateway ", gw_port_id)) # noqa H702 raise restproxy.RESTProxyError(msg) gw_id = gw_port['parentID'] req_params['gw_id'] = gw_id nuage_ent_perm = nuagelib.NuageEntPermission(create_params=req_params) response = self.restproxy.rest_call( 'GET', nuage_ent_perm.get_resource_by_gw(), '') if not nuage_ent_perm.validate(response): raise restproxy.RESTProxyError(nuage_ent_perm.error_msg) ent_perm = nuage_ent_perm.get_response_obj(response) if ent_perm: ent_id = nuage_ent_perm.get_permitted_entity_id(response) if ent_id != netpart_id: ent_type = nuage_ent_perm.get_permitted_entity_type(response) LOG.debug( "Gateway %(gw)s already assigned to %(ent)s with " "id %(ent_id)s", { 'gw': gw_id, 'ent': ent_type, 'ent_id': ent_id }) return False else: LOG.debug("Gateway %(gw)s is assigned to enterprise %(ent)s", { 'gw': gw_id, 'ent': ent_id }) return True
def _check_parent_permissions(self, tenant_id, vlan_id, netpart_id): req_params = {'vlan_id': vlan_id} nuage_vlan = nuagelib.NuageVlan(create_params=req_params) vlans = self.restproxy.get(nuage_vlan.get_resource(), required=True) # Get ent permissions on port gw_port_id = vlans[0]['parentID'] gw_port = gw_helper.get_gateway_port(self.restproxy, gw_port_id) gw = gw_helper.get_gateway(self.restproxy, gw_port['parentID']) req_params['port_id'] = gw_port_id nuage_ent_perm = nuagelib.NuageEntPermission(create_params=req_params) permissions = self.restproxy.get(nuage_ent_perm.get_resource_by_port( gw['redundant']), required=True) ent_perm = permissions[0] if permissions else None if ent_perm: ent_id = ent_perm['permittedEntityID'] if ent_id != netpart_id: ent_type = ent_perm['permittedEntityType'] LOG.debug( "Port %(port)s already assigned to %(ent)s with id" " %(ent_id)s", { 'port': vlan_id, 'ent': ent_type, 'ent_id': ent_id }) return False else: LOG.debug("Port %(port)s is assigned to enterprise %(ent)s", { 'port': gw_port_id, 'ent': ent_id }) return True # Get ent permissions on gateway gw_port = gw_helper.get_gateway_port(self.restproxy, gw_port_id, gw_port['parentID']) if not gw_port: msg = (_("Port %s not found on gateway ", gw_port_id)) # noqa H702 raise restproxy.ResourceNotFoundException(msg) gw_id = gw_port['parentID'] req_params['gw_id'] = gw_id nuage_ent_perm = nuagelib.NuageEntPermission(create_params=req_params) permissions = self.restproxy.get(nuage_ent_perm.get_resource_by_gw(), required=True) ent_perm = permissions[0] if permissions else None if ent_perm: ent_id = ent_perm['permittedEntityID'] if ent_id != netpart_id: ent_type = ent_perm['permittedEntityType'] LOG.debug( "Gateway %(gw)s already assigned to %(ent)s with " "id %(ent_id)s", { 'gw': gw_id, 'ent': ent_type, 'ent_id': ent_id }) return False else: LOG.debug("Gateway %(gw)s is assigned to enterprise %(ent)s", { 'gw': gw_id, 'ent': ent_id }) return True return False