def task_create_ibm_ike_policy(self, task_id, cloud_id, region, ike_policy_id):
"""Create and configure ike policy"""
ibm_ike_policy = doosradb.session.query(IBMIKEPolicy).filter_by(id=ike_policy_id).first()
if not ibm_ike_policy:
return
self.resource_type = "ike_policies"
self.resource = ibm_ike_policy
self.report_utils.update_reporting(
task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING,
status=IN_PROGRESS
)
configured_ike_policy = self.ibm_manager.rias_ops.fetch_ops.get_all_ike_policies(name=ibm_ike_policy.name)
configured_ike_policy = configured_ike_policy[0] if configured_ike_policy else None
if not configured_ike_policy:
ibm_ike_policy.status = CREATING
doosradb.session.commit()
configured_ike_policy = configure_and_save_obj_confs(self.ibm_manager, ibm_ike_policy)
ibm_ike_policy.status = CREATED
ibm_ike_policy.resource_id = configured_ike_policy.resource_id
doosradb.session.commit()
LOGGER.info(
"IBM IKE Policy with name '{}' created successfully".format(ibm_ike_policy.name)
)
log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_ike_policy)
self.report_utils.update_reporting(
task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING,
status=SUCCESS
)
def task_create_ibm_vpn(self, task_id, cloud_id, region, vpn_id):
"""Create and configure VPN and Connections """
ibm_vpn_gateway = doosradb.session.query(IBMVpnGateway).filter_by(id=vpn_id).first()
if not ibm_vpn_gateway:
return
ibm_vpn_gateway.status = CREATING
doosradb.session.commit()
self.resource = ibm_vpn_gateway
self.resource_type = "vpn_gateways"
self.report_utils.update_reporting(
task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING,
status=IN_PROGRESS
)
configured_vpn_gateway = configure_and_save_obj_confs(self.ibm_manager, ibm_vpn_gateway)
ibm_vpn_gateway.status = CREATED
ibm_vpn_gateway.resource_id = configured_vpn_gateway.resource_id
ibm_vpn_gateway.gateway_status = configured_vpn_gateway.gateway_status
ibm_vpn_gateway.public_ip = configured_vpn_gateway.public_ip
doosradb.session.commit()
LOGGER.info("IBM VPN with name '{}' created successfully".format(ibm_vpn_gateway.name))
log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_vpn_gateway)
self.report_utils.update_reporting(
task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING,
status=SUCCESS
)
def task_configure_ibm_vpn_connection(self, task_id, cloud_id, region, vpn_connection_id, resource_group=None):
"""Configure vpn connection"""
ibm_vpn_connection = doosradb.session.query(IBMVpnConnection).filter_by(id=vpn_connection_id).first()
if not ibm_vpn_connection:
return
if resource_group:
ibm_resource_group = IBMResourceGroup(name=resource_group, cloud_id=cloud_id)
ibm_resource_group = ibm_resource_group.get_existing_from_db() or ibm_resource_group
ibm_vpn_connection.ibm_resource_group = ibm_resource_group
doosradb.session.commit()
self.resource = ibm_vpn_connection
self.resource_type = "vpn_connections"
self.report_utils.update_reporting(
task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING,
status=IN_PROGRESS
)
configured_vpn_connection = configure_and_save_obj_confs(self.ibm_manager, ibm_vpn_connection)
ibm_vpn_connection = configured_vpn_connection.make_copy().add_update_db(ibm_vpn_connection.ibm_vpn_gateway)
LOGGER.info("IBM VPN Connection with name '{}' created successfully".format(ibm_vpn_connection.name))
log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_vpn_connection)
self.report_utils.update_reporting(
task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING,
status=SUCCESS
)
def task_create_ibm_route(self, task_id, cloud_id, region, route_id):
"""Create IBMRoute and configures on ibm cloud"""
ibm_route = doosradb.session.query(IBMVpcRoute).filter_by(
id=route_id).first()
if not ibm_route:
return
ibm_route.status = CREATING
doosradb.session.commit()
self.resource = ibm_route
self.resource_type = "routes"
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=IN_PROGRESS)
configured_route = configure_and_save_obj_confs(self.ibm_manager,
ibm_route)
ibm_route = configured_route.make_copy().add_update_db(
ibm_route.ibm_vpc_network)
ibm_route.status = CREATED
doosradb.session.commit()
LOGGER.info("IBM Route with name '{route}' created successfully".format(
route=ibm_route.name))
log_resource_billing(self.cloud.project.user_id, self.cloud.project.id,
ibm_route)
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=SUCCESS)
def task_create_ibm_floating_ip(self, task_id, cloud_id, region,
floating_ip_id):
"""Create and configure floating ip"""
ibm_floating_ip = doosradb.session.query(IBMFloatingIP).filter_by(
id=floating_ip_id).first()
self.resource = ibm_floating_ip
self.resource_type = "floating_ips"
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=IN_PROGRESS)
configured_floating_ip = configure_and_save_obj_confs(
self.ibm_manager, ibm_floating_ip)
ibm_floating_ip.status = CREATED
ibm_floating_ip.resource_id = configured_floating_ip.resource_id
ibm_floating_ip = configured_floating_ip.make_copy().add_update_db()
LOGGER.info(
"IBM Floating IP with name '{name}' created successfully".format(
name=ibm_floating_ip.name))
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=SUCCESS)
def create_ibm_k8s_workerpool(ibm_manager, k8s_workerpool_id):
"""
This request Creates a K8s Workerpool for given Cluster for IBM cloud
:return:
"""
LOGGER.info(
"Task ibm k8s creation for Workerpool ID: {k8s_workerpool} initiated".
format(k8s_workerpool=k8s_workerpool_id))
configured_k8s_workerpool = None
k8s_workerpool = doosradb.session.query(
KubernetesClusterWorkerPool).filter_by(id=k8s_workerpool_id).first()
if not k8s_workerpool:
LOGGER.info(
"No KubernetesCluster found for ID: {}".format(k8s_workerpool_id))
return
try:
configured_k8s_workerpool = configure_and_save_obj_confs(
ibm_manager, k8s_workerpool)
except (IBMAuthError, IBMConnectError, IBMExecuteError,
IBMInvalidRequestError, Exception) as ex:
LOGGER.info(
f"K8s CLUSTER WORKERPOOL ID {k8s_workerpool_id} GOT EXCEPTION:")
LOGGER.info(ex)
doosradb.session.delete(k8s_workerpool)
doosradb.session.commit()
else:
k8s_workerpool.resource_id = configured_k8s_workerpool.resource_id
LOGGER.info(
f"K8s CLUSTER WORKERPOOL NAME {k8s_workerpool.name} CREATED")
doosradb.session.commit()
return configured_k8s_workerpool
def task_create_ibm_load_balancer(self, task_id, cloud_id, region,
load_balancer_id):
"""Create and configure load balancer"""
ibm_load_balancer = doosradb.session.query(IBMLoadBalancer).filter_by(
id=load_balancer_id, status=CREATION_PENDING).first()
if not ibm_load_balancer:
LOGGER.info(
"No IBMLoadBalancer found for ID: {}".format(load_balancer_id))
return
ibm_load_balancer.status = CREATING
doosradb.session.commit()
self.resource = ibm_load_balancer
self.resource_type = "load_balancers"
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=IN_PROGRESS)
configured_lb = configure_and_save_obj_confs(self.ibm_manager,
ibm_load_balancer)
ibm_load_balancer.status = CREATED
ibm_load_balancer.resource_id = configured_lb.resource_id
ibm_load_balancer.provisioning_status = configured_lb.provisioning_status
doosradb.session.commit()
LOGGER.info("IBM Load Balancer with name '{}' created successfully".format(
ibm_load_balancer.name))
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=SUCCESS)
def task_add_ibm_security_group(self, task_id, cloud_id, region, security_group_id):
"""Create and configure Security Group"""
ibm_security_group = doosradb.session.query(IBMSecurityGroup).filter_by(id=security_group_id).first()
if not ibm_security_group:
return
ibm_security_group.status = CREATING
doosradb.session.commit()
self.resource = ibm_security_group
self.resource_type = "security_groups"
self.report_utils.update_reporting(
task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING,
status=IN_PROGRESS
)
configured_security_group = configure_and_save_obj_confs(self.ibm_manager, ibm_security_group)
ibm_security_group = configured_security_group.make_copy().add_update_db(ibm_security_group.ibm_vpc_network)
LOGGER.info(
"IBM Security Group with name '{}' created successfully".format(ibm_security_group.name))
log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_security_group)
self.report_utils.update_reporting(
task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING,
status=SUCCESS
)
def task_add_ibm_address_prefix(self, task_id, cloud_id, region,
addr_prefix_id):
"""Create and configure address prefixes"""
ibm_address_prefix = doosradb.session.query(IBMAddressPrefix).filter_by(
id=addr_prefix_id).first()
if not ibm_address_prefix:
return
ibm_address_prefix.status = CREATING
doosradb.session.commit()
self.resource = ibm_address_prefix
self.resource_type = "address_prefixes"
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=IN_PROGRESS)
configured_address_prefix = configure_and_save_obj_confs(
self.ibm_manager, ibm_address_prefix)
ibm_address_prefix.status = CREATED
ibm_address_prefix.resource_id = configured_address_prefix.resource_id
doosradb.session.commit()
LOGGER.info(
"IBM Address Prefix with name '{}' created successfully".format(
ibm_address_prefix.name))
log_resource_billing(self.cloud.project.user_id, self.cloud.project.id,
ibm_address_prefix)
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=SUCCESS)
def task_create_ibm_ssh_key(self,
task_id,
cloud_id,
region,
ssh_key_id,
resource_group=None):
"""Create and configure ssh key"""
ibm_ssh_key = doosradb.session.query(IBMSshKey).filter_by(
id=ssh_key_id).first()
if not ibm_ssh_key:
return
self.resource = ibm_ssh_key
self.resource_type = "ssh_keys"
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=IN_PROGRESS)
configured_ssh_key = self.ibm_manager.rias_ops.fetch_ops.get_all_ssh_keys(
name=ibm_ssh_key.name, public_key=ibm_ssh_key.public_key)
configured_ssh_key = configured_ssh_key[0] if configured_ssh_key else None
if not configured_ssh_key:
ibm_ssh_key.status = CREATING
if resource_group:
ibm_resource_group = IBMResourceGroup(name=resource_group,
cloud_id=cloud_id)
ibm_resource_group = ibm_resource_group.get_existing_from_db(
) or ibm_resource_group
ibm_ssh_key.ibm_resource_group = ibm_resource_group
doosradb.session.commit()
self.resource = ibm_ssh_key
configured_ssh_key = configure_and_save_obj_confs(
self.ibm_manager, ibm_ssh_key)
ibm_ssh_key.status = CREATED
ibm_ssh_key.resource_id = configured_ssh_key.resource_id
doosradb.session.commit()
LOGGER.info("IBM SSH Key with name '{}' created successfully".format(
ibm_ssh_key.name))
log_resource_billing(self.cloud.project.user_id, self.cloud.project.id,
ibm_ssh_key)
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=SUCCESS)
def task_create_ibm_public_gateway(self,
task_id,
cloud_id,
region,
public_gateway_id,
resource_group=None):
"""Create and configure public gateway"""
ibm_public_gateway = doosradb.session.query(IBMPublicGateway).filter_by(
id=public_gateway_id).first()
if not ibm_public_gateway:
return
ibm_public_gateway.status = CREATING
if resource_group:
ibm_resource_group = IBMResourceGroup(name=resource_group,
cloud_id=cloud_id)
ibm_resource_group = ibm_resource_group.get_existing_from_db(
) or ibm_resource_group
ibm_public_gateway.ibm_resource_group = ibm_resource_group
doosradb.session.commit()
self.resource = ibm_public_gateway
self.resource_type = "public_gateways"
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=IN_PROGRESS)
configured_public_gateway = configure_and_save_obj_confs(
self.ibm_manager, ibm_public_gateway)
ibm_public_gateway = configured_public_gateway.make_copy().add_update_db(
ibm_public_gateway.ibm_vpc_network)
LOGGER.info(
"IBM Public Gateway with name '{}' created successfully".format(
ibm_public_gateway.name))
log_resource_billing(self.cloud.project.user_id, self.cloud.project.id,
ibm_public_gateway)
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=SUCCESS)
def create_ibm_k8s_cluster(ibm_manager, k8s_cluster_id):
"""
This request Creates a K8s Cluster for IBM cloud and handles the exceptions
:return:
"""
LOGGER.info(
"Task ibm k8s creation for cluster: {k8s_cluster} initiated".format(
k8s_cluster=k8s_cluster_id))
k8s_cluster = doosradb.session.query(KubernetesCluster).filter_by(
id=k8s_cluster_id).first()
if not k8s_cluster:
LOGGER.info(
"No KubernetesCluster found for ID: {}".format(k8s_cluster_id))
return
configured_k8s_cluster = dict()
try:
k8s_cluster.status = CREATING
k8s_cluster.state = CLUSTER_DEPLOYING
configured_k8s_cluster = configure_and_save_obj_confs(
ibm_manager, k8s_cluster)
except (IBMAuthError, IBMConnectError, IBMExecuteError,
IBMInvalidRequestError, Exception) as ex:
LOGGER.info(f"K8s CLUSTER with ID {k8s_cluster_id} GOT EXCEPTION")
LOGGER.info(ex)
traceback.print_exc()
if k8s_cluster:
k8s_cluster.status = ERROR_CREATING
k8s_cluster.state = FAILURE
doosradb.session.commit()
else:
k8s_cluster.status = CREATED
k8s_cluster.state = CLUSTER_NORMAL
k8s_cluster.pod_subnet = configured_k8s_cluster.pod_subnet
k8s_cluster.service_subnet = configured_k8s_cluster.service_subnet
k8s_cluster.kube_version = configured_k8s_cluster.kube_version
LOGGER.info(f"k8s CLUSTER NAME {configured_k8s_cluster.name} CREATED")
doosradb.session.commit()
return configured_k8s_cluster
def task_create_ibm_acl(self,
task_id,
cloud_id,
region,
acl_id,
resource_group=None):
"""Create and configure ACL"""
ibm_acl = doosradb.session.query(IBMNetworkAcl).filter_by(
id=acl_id).first()
if not ibm_acl:
return
ibm_acl.status = CREATING
if resource_group:
ibm_resource_group = IBMResourceGroup(name=resource_group,
cloud_id=cloud_id)
ibm_resource_group = ibm_resource_group.get_existing_from_db(
) or ibm_resource_group
ibm_acl.ibm_resource_group = ibm_resource_group
doosradb.session.commit()
self.resource = ibm_acl
self.resource_type = "acls"
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=IN_PROGRESS)
configured_acl = configure_and_save_obj_confs(self.ibm_manager, ibm_acl)
ibm_acl.status = CREATED
ibm_acl.resource_id = configured_acl.resource_id
doosradb.session.commit()
LOGGER.info("IBM ACL with name '{acl}' created successfully".format(
acl=ibm_acl.name))
log_resource_billing(self.cloud.project.user_id, self.cloud.project.id,
ibm_acl)
self.report_utils.update_reporting(task_id=task_id,
resource_name=self.resource.name,
resource_type=self.resource_type,
stage=PROVISIONING,
status=SUCCESS)
def configure_ibm_instance(name, vpc_id, data):
from doosra.ibm.common.utils import configure_and_save_obj_confs
"""
This request provisions a new instance from an instance template. The instance template object is
structured in the same way as a retrieved instance, and contains the information necessary to provision
the new instance. The instance is automatically started.
:return:
"""
ibm_instance, objs_to_configure = None, list()
ibm_vpc_network = IBMVpcNetwork.query.get(vpc_id)
if not ibm_vpc_network:
current_app.logger.debug(
"IBM VPC Network with ID {} not found".format(vpc_id))
return
current_app.logger.info(
"Deploying IBM Instance '{name}' on IBM Cloud".format(name=name))
try:
ibm_manager = IBMManager(ibm_vpc_network.ibm_cloud,
ibm_vpc_network.region)
existing_resource_group = ibm_manager.resource_ops.fetch_ops.get_resource_groups(
data['resource_group'])
if not existing_resource_group:
raise IBMInvalidRequestError(
"Resource Group with name '{}' not configured".format(
data['resource_group']))
existing_resource_group = existing_resource_group[0]
existing_instance = ibm_manager.rias_ops.fetch_ops.get_all_instances(
name)
if existing_instance:
raise IBMInvalidRequestError(
"IBM VSI with name '{}' already configured".format(name))
existing_vpc = ibm_manager.rias_ops.fetch_ops.get_all_vpcs(
ibm_vpc_network.name)
if not existing_vpc:
raise IBMInvalidRequestError(
"IBM VPC Network with name '{}' not found".format(
ibm_vpc_network.name))
existing_instance_profile = ibm_manager.rias_ops.fetch_ops.get_all_instance_profiles(
data['instance_profile'])
if not existing_instance_profile:
raise IBMInvalidRequestError(
"IBM Instance Profile '{}' not found".format(
data['instance_profile']))
existing_instance_profile = existing_instance_profile[0]
existing_image = ibm_manager.rias_ops.fetch_ops.get_all_images(
data['image'])
if not existing_image:
raise IBMInvalidRequestError(
"IBM Image with name '{}' not found".format(data['image']))
existing_image = existing_image[0]
ssh_keys = list()
if data.get('ssh_keys'):
for ssh_key in data['ssh_keys']:
existing_ssh_key = ibm_manager.rias_ops.fetch_ops.get_all_ssh_keys(
public_key=ssh_key)
if existing_ssh_key:
ibm_ssh_key = existing_ssh_key[0]
else:
ssh_key_name = ibm_manager.rias_ops.fetch_ops.get_available_ssh_key_name(
)
ibm_ssh_key = IBMSshKey(
ssh_key_name,
"rsa",
ssh_key,
ibm_vpc_network.region,
cloud_id=ibm_vpc_network.ibm_cloud.id)
objs_to_configure.append(ibm_ssh_key)
ssh_keys.append(ibm_ssh_key)
volume_attachments = list()
if data.get('volume_attachments'):
for volume_attachment in data['volume_attachments']:
ibm_boot_volume_attachment = IBMVolumeAttachment(
volume_attachment['name'],
type_="data",
is_delete=volume_attachment['auto_delete'])
volume_profile = ibm_manager.rias_ops.fetch_ops.get_all_volume_profiles(
volume_attachment['volume_profile_name'])
if volume_profile:
volume_profile = volume_profile[0]
ibm_volume = IBMVolume(name=volume_attachment['name'],
capacity=volume_attachment['capacity'],
zone=data['zone'],
encryption="provider_managed",
cloud_id=ibm_vpc_network.ibm_cloud.id,
region=ibm_vpc_network.region)
ibm_volume.volume_profile = volume_profile
ibm_boot_volume_attachment.volume = ibm_volume
volume_attachments.append(ibm_boot_volume_attachment)
volume_profile = ibm_manager.rias_ops.fetch_ops.get_all_volume_profiles(
name="general-purpose")
if volume_profile:
volume_profile = volume_profile[0]
ibm_volume = IBMVolume(name=VOLUME_NAME.format(name),
capacity=100,
zone=data['zone'],
iops=3000,
encryption="provider_managed",
cloud_id=ibm_vpc_network.ibm_cloud.id,
region=ibm_vpc_network.region)
ibm_boot_volume_attachment = IBMVolumeAttachment(
VOLUME_ATTACHMENT_NAME.format(name), type_="boot", is_delete=True)
ibm_volume.volume_profile = volume_profile
ibm_boot_volume_attachment.volume = ibm_volume
volume_attachments.append(ibm_boot_volume_attachment)
network_interfaces_to_add = list()
if data.get('network_interfaces'):
interface_count = 0
for interface in data['network_interfaces']:
ibm_network_interface = IBMNetworkInterface(
NETWORK_INTERFACE_NAME.format(name, interface_count),
is_primary=interface['is_primary'])
interface_count = interface_count + 1
subnet = doosradb.session.query(IBMSubnet).filter_by(
id=interface['subnet_id']).first()
existing_subnet = ibm_manager.rias_ops.fetch_ops.get_all_subnets(
name=subnet.name,
zone=subnet.zone,
vpc=subnet.ibm_vpc_network.name)
if not existing_subnet:
raise IBMInvalidRequestError(
"IBM Subnet with name '{}' not found".format(
subnet.name))
security_groups = list(
map(
lambda security_group_: doosradb.session.query(
IBMSecurityGroup).filter_by(id=security_group_).
first().make_copy(), interface['security_groups']))
for security_group in security_groups:
existing_security_group = ibm_manager.rias_ops.fetch_ops.get_all_security_groups(
security_group.name, ibm_vpc_network.name)
if not existing_security_group:
raise IBMInvalidRequestError(
"IBM Security Group with name '{}' not found".
format(security_group.name))
ibm_network_interface.ibm_subnet = subnet.make_copy()
ibm_network_interface.security_groups.extend(security_groups)
if interface.get('reserve_floating_ip'):
floating_ip_name = ibm_manager.rias_ops.fetch_ops.get_available_floating_ip_name(
)
ibm_floating_ip = IBMFloatingIP(
name=floating_ip_name,
zone=data["zone"],
cloud_id=ibm_vpc_network.ibm_cloud.id,
region=ibm_vpc_network.region)
ibm_network_interface.floating_ip = ibm_floating_ip
network_interfaces_to_add.append(ibm_network_interface)
ibm_instance = IBMInstance(name=name,
zone=data['zone'],
user_data=data.get('user_data'),
cloud_id=ibm_vpc_network.ibm_cloud.id,
region=ibm_vpc_network.region)
ibm_instance.ibm_image = existing_image
ibm_instance.ibm_resource_group = existing_resource_group
ibm_instance.ibm_instance_profile = existing_instance_profile
ibm_instance.network_interfaces = network_interfaces_to_add
ibm_instance.volume_attachments = volume_attachments
ibm_instance.ssh_keys = ssh_keys
ibm_instance = ibm_instance.make_copy().add_update_db(ibm_vpc_network)
objs_to_configure.append(ibm_instance)
for ibm_network_interface in ibm_instance.network_interfaces.all():
if ibm_network_interface.floating_ip:
objs_to_configure.append(ibm_network_interface.floating_ip)
for obj in objs_to_configure:
configure_and_save_obj_confs(ibm_manager, obj, ibm_vpc_network)
except (IBMAuthError, IBMConnectError, IBMExecuteError,
IBMInvalidRequestError) as ex:
current_app.logger.info(ex)
if isinstance(ex, IBMAuthError):
ibm_vpc_network.ibm_cloud.status = INVALID
for obj in objs_to_configure:
if not obj.status == CREATED:
obj.status = ERROR_CREATING
if ibm_instance:
ibm_instance.status = ERROR_CREATING
doosradb.session.commit()
else:
ibm_instance.status = CREATED
doosradb.session.commit()
return ibm_instance
def configure_ibm_vpc(cloud_id, name, region, data):
"""
Configure VPC on IBM cloud. A VPC is a virtual network that belongs to an account and
provides logical isolation from other networks. A VPC is made up of resources in one
or more zones. VPCs are global, and each can contain resources in zones from any region.
:return:
"""
ibm_vpc_network, objs_to_configure = None, list()
cloud = IBMCloud.query.get(cloud_id)
if not cloud:
current_app.logger.debug(
"IBM Cloud with ID '{}' not found".format(cloud_id))
return
current_app.logger.info(
"Deploying VPC '{name}' in region '{region} 'on IBM Cloud".format(
name=name, region=region))
try:
ibm_manager = IBMManager(cloud, region)
existing_resource_group = ibm_manager.resource_ops.fetch_ops.get_resource_groups(
data['resource_group'])
if not existing_resource_group:
raise IBMInvalidRequestError(
"Resource Group with name '{}' not configured".format(
data['resource_group']))
existing_vpc = ibm_manager.rias_ops.fetch_ops.get_all_vpcs(name=name)
if existing_vpc:
raise IBMInvalidRequestError(
"VPC with name '{}' already configured in region '{}'".format(
name, region))
ibm_vpc_network = IBMVpcNetwork(
name=name,
region=region,
classic_access=data.get('classic_access'),
cloud_id=cloud_id,
address_prefix_management=data.get('address_prefix_management'))
ibm_vpc_network.ibm_resource_group = existing_resource_group[0]
objs_to_configure.append(ibm_vpc_network)
if data.get('address_prefixes'):
for addr_prefix in data['address_prefixes']:
ibm_address_prefix = IBMAddressPrefix(
addr_prefix.get('name'),
addr_prefix['zone'],
addr_prefix['address'],
is_default=addr_prefix.get('is_default'))
if not ibm_address_prefix.is_default:
objs_to_configure.append(ibm_address_prefix)
ibm_vpc_network.address_prefixes.append(ibm_address_prefix)
if data.get('public_gateways'):
for public_gateway in data['public_gateways']:
ibm_public_gateway = IBMPublicGateway(
name=public_gateway['name'],
zone=public_gateway['zone'],
region=ibm_vpc_network.region)
ibm_vpc_network.public_gateways.append(ibm_public_gateway)
objs_to_configure.append(ibm_public_gateway)
if data.get('network_acls'):
for acl in data['network_acls']:
ibm_acl = IBMNetworkAcl(acl['name'], region)
for rule in acl['rules']:
ibm_rule = IBMNetworkAclRule(rule['name'], rule['action'],
rule.get('destination'),
rule['direction'],
rule.get('source'),
rule['protocol'],
rule.get('port_max'),
rule.get('port_min'),
rule.get('source_port_max'),
rule.get('source_port_min'),
rule.get('code'),
rule.get('type'))
ibm_acl.rules.append(ibm_rule)
objs_to_configure.append(ibm_acl)
if data.get('ssh_keys'):
for ssh_key in data['ssh_keys']:
ibm_ssh_key = IBMSshKey(ssh_key['name'],
"rsa",
ssh_key['public_key'],
ibm_vpc_network.region,
cloud_id=cloud_id)
objs_to_configure.append(ibm_ssh_key)
if data.get('subnets'):
for subnet in data['subnets']:
ibm_subnet = IBMSubnet(subnet['name'],
subnet['zone'],
subnet['ip_cidr_block'],
cloud_id=cloud_id,
region=ibm_vpc_network.region)
ibm_subnet.ibm_address_prefix = [
address_prefix for address_prefix in
ibm_vpc_network.address_prefixes.all()
if address_prefix.name == subnet['address_prefix']
][0]
if subnet.get('network_acl'):
ibm_subnet.network_acl = \
[obj for obj in objs_to_configure if obj.name == subnet['network_acl']['name'] and
get_obj_type(obj) == IBMNetworkAcl.__name__][0]
if subnet.get('public_gateway'):
ibm_subnet.ibm_public_gateway = [
public_gateway for public_gateway in
ibm_vpc_network.public_gateways.all()
if public_gateway.name == subnet['public_gateway']
][0]
ibm_vpc_network.subnets.append(ibm_subnet)
objs_to_configure.append(ibm_subnet)
if data.get('security_groups'):
for security_group in data['security_groups']:
ibm_security_group = IBMSecurityGroup(
name=security_group['name'], region=ibm_vpc_network.region)
for rule in security_group['rules']:
ibm_security_group_rule = IBMSecurityGroupRule(
rule['direction'], rule['protocol'], rule.get('code'),
rule.get('type'), rule.get('port_min'),
rule.get('port_max'), rule.get('address'),
rule.get('cidr_block'))
if rule.get('security_group'):
ibm_security_group_rule.rule_type = "security-group"
ibm_security_group.rules.append(ibm_security_group_rule)
ibm_security_group.ibm_vpc_network = ibm_vpc_network
ibm_security_group.ibm_resource_group = existing_resource_group[
0]
ssh_keys_to_configure = list()
if data.get('instances'):
for instance in data['instances']:
existing_instance = ibm_manager.rias_ops.fetch_ops.get_all_instances(
instance['name'])
if existing_instance:
raise IBMInvalidRequestError(
"IBM VSI with name '{}' already configured".format(
instance['name']))
instance_profile = ibm_manager.rias_ops.fetch_ops.get_all_instance_profiles(
instance['instance_profile'])
if not instance_profile:
raise IBMInvalidRequestError(
"IBM Instance Profile '{}' not found".format(
instance['instance_profile']))
existing_image = ibm_manager.rias_ops.fetch_ops.get_all_images(
instance['image'])
if not existing_image:
raise IBMInvalidRequestError(
"IBM Image with name '{}' not found".format(
instance['image']))
ibm_instance = IBMInstance(name=instance['name'],
zone=instance['zone'],
user_data=instance.get('user_data'),
cloud_id=cloud_id,
region=region)
ssh_keys = list()
if instance.get('ssh_keys'):
ibm_ssh_key = None
for ssh_key in instance['ssh_keys']:
for ssh_key_ in ssh_keys_to_configure:
if ssh_key_.public_key == ssh_key['public_key']:
ibm_ssh_key = ssh_key_
break
if not ibm_ssh_key:
existing_ssh_key = ibm_manager.rias_ops.fetch_ops.get_all_ssh_keys(
public_key=ssh_key['public_key'])
if existing_ssh_key:
ibm_ssh_key = existing_ssh_key[0]
else:
ssh_key_name = ibm_manager.rias_ops.fetch_ops.get_available_ssh_key_name(
)
ibm_ssh_key = IBMSshKey(ssh_key_name,
"rsa",
ssh_key['public_key'],
ibm_vpc_network.region,
cloud_id=cloud_id)
objs_to_configure.append(ibm_ssh_key)
ssh_keys_to_configure.append(ibm_ssh_key)
ibm_instance.ssh_keys.append(ibm_ssh_key)
ssh_keys.append(ibm_ssh_key)
ibm_instance.ssh_keys = ssh_keys
floating_ips_to_add = list()
network_interfaces_to_add = list()
if instance.get('network_interfaces'):
interface_count = 0
is_primary = True
for interface in instance['network_interfaces']:
ibm_network_interface = IBMNetworkInterface(
NETWORK_INTERFACE_NAME.format(
name, interface_count), is_primary)
interface_count = interface_count + 1
is_primary = False
ibm_network_interface.ibm_subnet = [
subnet_
for subnet_ in ibm_vpc_network.subnets.all()
if subnet_.name == interface['subnet']
][0].make_copy()
if interface.get('security_groups'):
for sec_group in interface['security_groups']:
ibm_network_interface.security_group = [
sec_group_ for sec_group_ in
ibm_vpc_network.security_groups.all()
if sec_group_.name == sec_group
][0].make_copy()
if interface.get('reserve_floating_ip'):
floating_ip_name = ibm_manager.rias_ops.fetch_ops.get_available_floating_ip_name(
)
ibm_floating_ip = IBMFloatingIP(
floating_ip_name,
ibm_vpc_network.region,
ibm_instance.zone,
cloud_id=cloud_id)
ibm_network_interface.floating_ip = ibm_floating_ip
floating_ips_to_add.append(ibm_floating_ip)
network_interfaces_to_add.append(ibm_network_interface)
volume_attachments = list()
if instance.get('volume_attachments'):
for volume_attachment in instance['volume_attachments']:
ibm_boot_volume_attachment = IBMVolumeAttachment(
volume_attachment['name'],
type_="data",
is_delete=volume_attachment['auto_delete'])
volume_profile = ibm_manager.rias_ops.fetch_ops.get_all_volume_profiles(
volume_attachment['volume_profile_name'])
ibm_volume = IBMVolume(
name=volume_attachment['name'],
capacity=volume_attachment['capacity'],
zone=instance['zone'],
encryption="provider_managed",
cloud_id=cloud_id,
region=region)
ibm_volume.volume_profile = volume_profile[0]
ibm_boot_volume_attachment.volume = ibm_volume
volume_attachments.append(ibm_boot_volume_attachment)
volume_profile = ibm_manager.rias_ops.fetch_ops.get_all_volume_profiles(
name="general-purpose")
ibm_volume = IBMVolume(name=VOLUME_NAME.format(
instance['name']),
capacity=100,
zone=instance['zone'],
iops=3000,
encryption="provider_managed",
region=region,
cloud_id=cloud_id)
ibm_boot_volume_attachment = IBMVolumeAttachment(
VOLUME_ATTACHMENT_NAME.format(instance['name']),
type_="boot",
is_delete=True)
ibm_volume.volume_profile = volume_profile[0]
ibm_boot_volume_attachment.volume = ibm_volume
volume_attachments.append(ibm_boot_volume_attachment)
ibm_instance.ibm_image = existing_image[0]
ibm_instance.ibm_resource_group = ibm_vpc_network.ibm_resource_group
ibm_instance.ibm_instance_profile = instance_profile[0]
ibm_instance.network_interfaces = network_interfaces_to_add
ibm_instance.volume_attachments = volume_attachments
ibm_instance.ssh_keys = ssh_keys
ibm_instance.ibm_vpc_network = ibm_vpc_network
objs_to_configure.append(ibm_instance)
objs_to_configure.extend(floating_ips_to_add)
if data.get('load_balancers'):
for load_balancer in data['load_balancers']:
existing_load_balancer = ibm_manager.rias_ops.fetch_ops.get_all_load_balancers(
name=load_balancer["name"])
if existing_load_balancer:
raise IBMInvalidRequestError(
"IBM Load Balancer with name '{}' already configured".
format(load_balancer["name"]))
ibm_load_balancer = IBMLoadBalancer(load_balancer['name'],
load_balancer['is_public'],
data['region'],
cloud_id=cloud_id)
subnets_list = list()
for subnet in load_balancer['subnets']:
ibm_subnet = [
subnet_ for subnet_ in ibm_vpc_network.subnets.all()
if subnet_.name == subnet
][0]
subnets_list.append(ibm_subnet)
pools_list = list()
if data.get('pools'):
for pool in load_balancer['pools']:
ibm_pool = IBMPool(pool['name'], pool['algorithm'],
pool['protocol'],
pool.get('session_persistence'))
if pool.get('health_monitor'):
health_check = pool['health_monitor']
ibm_health_check = IBMHealthCheck(
health_check.get('delay'),
health_check.get('max_retries'),
health_check.get('timeout'),
health_check.get('protocol'),
health_check.get('url_path'),
health_check.get('port'))
ibm_pool.health_check = ibm_health_check
if pool.get('members'):
for member in pool['members']:
ibm_pool_member = IBMPoolMember(
member.get('port'), member.get('weight'))
ibm_pool_member.instance = \
[instance_ for instance_ in ibm_vpc_network.instances.all() if
instance_.name == member['instance']][0]
ibm_pool.pool_members.append(ibm_pool_member)
pools_list.append(ibm_pool)
listeners_list = list()
if data.get('listeners'):
for listener in load_balancer['listeners']:
ibm_listener = IBMListener(
listener['port'], listener['protocol'],
listener.get('connection_limit'))
if listener.get('default_pool'):
for pool in pools_list:
if pool.name == listener['default_pool']:
ibm_listener.ibm_pool = pool
break
listeners_list.append(ibm_listener)
ibm_load_balancer.subnets = subnets_list
ibm_load_balancer.pools = pools_list
ibm_load_balancer.listeners = listeners_list
ibm_load_balancer.ibm_resource_group = ibm_vpc_network.ibm_resource_group
ibm_vpc_network.load_balancers.append(ibm_load_balancer)
objs_to_configure.append(ibm_load_balancer)
ike_policies_to_configure, ipsec_policies_to_configure = list(), list()
if data.get('ike_policies'):
for ike_policy in data['ike_policies']:
ibm_ike_policy = IBMIKEPolicy(
ike_policy['name'],
data['region'],
ike_policy['key_lifetime'],
authentication_algorithm=ike_policy[
'authentication_algorithm'],
encryption_algorithm=ike_policy['encryption_algorithm'],
ike_version=ike_policy['ike_version'],
dh_group=ike_policy['dh_group'])
ike_policies_to_configure.append(ibm_ike_policy)
if data.get('ipsec_policies'):
for ipsec_policy in data['ipsec_policies']:
ibm_ipsec_policy = IBMIPSecPolicy(
ipsec_policy['name'],
data['region'],
data['key_lifetime'],
authentication_algorithm=data['authentication_algorithm'],
encryption_algorithm=data['encryption_algorithm'],
pfs_dh_group=data['pfs'])
ipsec_policies_to_configure.append(ibm_ipsec_policy)
if data.get('vpns'):
for vpn in data['vpns']:
ibm_vpn_gateway = IBMVpnGateway(vpn['name'],
region=data['region'],
cloud_id=cloud_id)
for connection in vpn['connections']:
ibm_vpn_connection = IBMVpnConnection(
connection['name'],
connection['peer_address'],
connection['pre_shared_secret'],
json.dumps(connection['local_cidrs']),
json.dumps(connection['peer_cidrs']),
connection['dead_peer_detection'].get('interval'),
connection['dead_peer_detection'].get('timeout'),
dpd_action=connection['dead_peer_detection'].get(
'action'))
if connection.get('ike_policy'):
ibm_ike_policy = [
ike_policy
for ike_policy in ike_policies_to_configure
if ike_policy.name == connection['ike_policy']
][0]
ibm_vpn_connection.ibm_ike_policy = ibm_ike_policy
if connection.get('ipsec_policy'):
ibm_ipsec_policy = [
ipsec_policy
for ipsec_policy in ipsec_policies_to_configure
if ipsec_policy.name == connection['ipsec_policy']
][0]
ibm_vpn_connection.ibm_ipsec_policy = ibm_ipsec_policy
ibm_vpn_gateway.vpn_connections.append(ibm_vpn_connection)
ibm_vpn_gateway.ibm_vpc_network = ibm_vpc_network
ibm_vpn_gateway.ibm_subnet = \
[subnet for subnet in ibm_vpc_network.subnets.all() if subnet.name == vpn['subnet']][0]
ibm_vpn_gateway.ibm_resource_group = existing_resource_group[0]
ibm_vpc_network.add_update_db()
for obj in objs_to_configure:
configure_and_save_obj_confs(ibm_manager, obj)
except (IBMAuthError, IBMConnectError, IBMExecuteError,
IBMInvalidRequestError) as ex:
current_app.logger.info(ex)
if isinstance(ex, IBMAuthError):
cloud.status = INVALID
for obj in objs_to_configure:
if obj.status == CREATING:
obj.status = ERROR_CREATING
doosradb.session.commit()
else:
ibm_vpc_network.status = CREATED
doosradb.session.commit()
return ibm_vpc_network
