def _create(self, tag_id_or_sel): if isinstance(tag_id_or_sel, SelectorExpression): _log.debug("Creating ipset for expression %s", tag_id_or_sel) sel = tag_id_or_sel self._label_index.on_expression_update(sel, sel) ipset_name = futils.uniquely_shorten(sel.unique_id, MAX_NAME_LENGTH) self._process_stopped_label_matches() self._process_started_label_matches() else: _log.debug("Creating ipset for tag %s", tag_id_or_sel) ipset_name = futils.uniquely_shorten(tag_id_or_sel, MAX_NAME_LENGTH) active_ipset = RefCountedIpsetActor( ipset_name, self.ip_type, max_elem=self._config.MAX_IPSET_SIZE) return active_ipset
def test_uniquely_shorten(self): for inp, length, exp in UNIQUE_SHORTEN_TESTS: output = futils.uniquely_shorten(inp, length) self.assertTrue(len(output) <= length) self.assertEqual(exp, output, "Input %r truncated to length %s " "should have given output " "%r but got %r" % (inp, length, exp, output))
def test_uniquely_shorten(self): for inp, length, exp in UNIQUE_SHORTEN_TESTS: output = futils.uniquely_shorten(inp, length) self.assertTrue(len(output) <= length) self.assertEqual( exp, output, "Input %r truncated to length %s " "should have given output " "%r but got %r" % (inp, length, exp, output))
def _create(self, tag_id_or_sel): if isinstance(tag_id_or_sel, SelectorExpression): _log.debug("Creating ipset for expression %s", tag_id_or_sel) sel = tag_id_or_sel self._label_index.on_expression_update(sel, sel) ipset_name = futils.uniquely_shorten(sel.unique_id, MAX_NAME_LENGTH) self._process_stopped_label_matches() self._process_started_label_matches() else: _log.debug("Creating ipset for tag %s", tag_id_or_sel) ipset_name = futils.uniquely_shorten(tag_id_or_sel, MAX_NAME_LENGTH) active_ipset = RefCountedIpsetActor( ipset_name, self.ip_type, max_elem=self._config.MAX_IPSET_SIZE ) return active_ipset
def profile_to_chain_name(inbound_or_outbound, profile_id): """ Returns the name of the chain to use for a given profile. The profile ID that we are supplied might be (far) too long for us to use, but truncating it is dangerous (for example, in OpenStack the profile is the ID of each security group in use, joined with underscores). Hence we make a unique string out of it and use that. """ profile_string = futils.uniquely_shorten(profile_id, 16) return CHAIN_PROFILE_PREFIX + "%s-%s" % (profile_string, inbound_or_outbound[:1])
def interface_to_chain_suffix(config, iface_name): """ Extracts the suffix from a given interface name, uniquely shortening it to 16 characters if necessary. :param iface_name: The interface name :returns string: the suffix (shortened if necessary) """ suffix = iface_name.replace(config.IFACE_PREFIX, "", 1) # The suffix is surely not very long, but make sure. suffix = futils.uniquely_shorten(suffix, 16) return suffix
def interface_to_suffix(config, iface_name): """ Extracts the suffix from a given interface name, uniquely shortening it to 16 characters if necessary. :param iface_name: The interface name :returns string: the suffix (shortened if necessary) """ suffix = iface_name.replace(config.IFACE_PREFIX, "", 1) # The suffix is surely not very long, but make sure. suffix = futils.uniquely_shorten(suffix, 16) return suffix
def interface_to_chain_suffix(config, iface_name): """ Extracts the suffix from a given interface name, uniquely shortening it to 16 characters if necessary. :param iface_name: The interface name :returns string: the suffix (shortened if necessary) """ for prefix in sorted(config.IFACE_PREFIX, reverse=True): if iface_name.startswith(prefix): iface_name = iface_name[len(prefix):] break iface_name = futils.uniquely_shorten(iface_name, 16) return iface_name
def _create(self, tag_id): # Create the ActiveIpset, and put a message on the queue that will # trigger it to update the ipset as soon as it starts. Note that we do # this now so that it is sure to be processed with the first batch even # if other messages are arriving. active_ipset = ActiveIpset(futils.uniquely_shorten(tag_id, 16), self.ip_type) members = set() for ep_id in self.endpoint_ids_by_tag.get(tag_id, set()): ep = self.endpoints_by_ep_id.get(ep_id, {}) nets = self.nets_key members.update(map(futils.net_to_ip, ep.get(nets, []))) active_ipset.replace_members(members, async=True) return active_ipset
def _profile_to_chain_name(self, inbound_or_outbound, profile_id): """ Returns the name of the chain to use for a given profile (and direction). The profile ID that we are supplied might be (far) too long for us to use, but truncating it is dangerous (for example, in OpenStack the profile is the ID of each security group in use, joined with underscores). Hence we make a unique string out of it and use that. :param inbound_or_outbound: Either "inbound" or "outbound". :param profile_id: The profile ID we want to know a name for. :returns string: The name of the chain """ profile_string = futils.uniquely_shorten(profile_id, 16) return CHAIN_PROFILE_PREFIX + "%s-%s" % (profile_string, inbound_or_outbound[:1])
def _create(self, tag_id): active_ipset = TagIpset(futils.uniquely_shorten(tag_id, 16), self.ip_type, max_elem=self._config.MAX_IPSET_SIZE) return active_ipset
def _create(self, tag_id): active_ipset = ActiveIpset(futils.uniquely_shorten(tag_id, 16), self.ip_type) return active_ipset
def interface_to_suffix(config, iface_name): suffix = iface_name.replace(config.IFACE_PREFIX, "", 1) # The suffix is surely not very long, but make sure. suffix = futils.uniquely_shorten(suffix, 16) return suffix
def _create(self, tag_id): active_ipset = TagIpset(futils.uniquely_shorten(tag_id, 16), self.ip_type) return active_ipset