def handle_delete(self, request, user, *args, **kwargs): """Trata uma requisição DELETE para excluir uma informação de acesso a equipamento URL: /equipamentoacesso/id_equipamento/id_tipo_acesso/ """ # Verifica acesso e obtém dados do request try: # Obtém argumentos passados na URL id_equipamento = kwargs.get('id_equipamento') # Valid ID Equipment if not is_valid_int_greater_zero_param(id_equipamento): self.log.error( u'The id_equipamento parameter is not a valid value: %s.', id_equipamento) raise InvalidValueError(None, 'id_equipamento', id_equipamento) id_tipo_acesso = kwargs.get('id_tipo_acesso') # Valid ID Equipment if not is_valid_int_greater_zero_param(id_tipo_acesso): self.log.error( u'The id_tipo_acesso parameter is not a valid value: %s.', id_tipo_acesso) raise InvalidValueError(None, 'id_tipo_acesso', id_tipo_acesso) Equipamento.get_by_pk(id_equipamento) TipoAcesso.get_by_pk(id_tipo_acesso) # Após obtenção do id_equipamento podemos verificar a permissão if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() with distributedlock(LOCK_EQUIPMENT_ACCESS % id_tipo_acesso): # Remove a informação de acesso a equipamento EquipamentoAcesso.remove(user, id_equipamento, id_tipo_acesso) # Retorna response vazio em caso de sucesso return self.response(dumps_networkapi({})) except InvalidValueError as e: return self.response_error(269, e.param, e.value) except EquipamentoNotFoundError: return self.response_error(117, id_equipamento) except AccessTypeNotFoundError: return self.response_error(171, id_tipo_acesso) except EquipamentoAcesso.DoesNotExist: return self.response_error(209, id_equipamento, id_tipo_acesso) except (EquipamentoError, GrupoError): return self.response_error(1)
def handle_delete(self, request, user, *args, **kwargs): """Trata uma requisição DELETE para excluir uma informação de acesso a equipamento URL: /equipamentoacesso/id_equipamento/id_tipo_acesso/ """ # Verifica acesso e obtém dados do request try: # Obtém argumentos passados na URL id_equipamento = kwargs.get('id_equipamento') # Valid ID Equipment if not is_valid_int_greater_zero_param(id_equipamento): self.log.error( u'The id_equipamento parameter is not a valid value: %s.', id_equipamento) raise InvalidValueError(None, 'id_equipamento', id_equipamento) id_tipo_acesso = kwargs.get('id_tipo_acesso') # Valid ID Equipment if not is_valid_int_greater_zero_param(id_tipo_acesso): self.log.error( u'The id_tipo_acesso parameter is not a valid value: %s.', id_tipo_acesso) raise InvalidValueError(None, 'id_tipo_acesso', id_tipo_acesso) Equipamento.get_by_pk(id_equipamento) TipoAcesso.get_by_pk(id_tipo_acesso) # Após obtenção do id_equipamento podemos verificar a permissão if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() with distributedlock(LOCK_EQUIPMENT_ACCESS % id_tipo_acesso): # Remove a informação de acesso a equipamento EquipamentoAcesso.remove(user, id_equipamento, id_tipo_acesso) # Retorna response vazio em caso de sucesso return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def test_alter_valid(self): mock = self.mock_valid_alter() response = self.client_autenticado().postXML( self.URL_ALTER, {self.XML_KEY: mock}) valid_response(response) tpa = EquipamentoAcesso.get_by_pk(self.ID_ALTER_VALID) self.valid_attr(mock, model_to_dict(tpa))
def handle_get(self, request, user, *args, **kwargs): """Trata as requisições GET para consulta de Informações de Acesso a Equipamentos. Permite a consulta de Informações de Acesso a Equipamentos existentes. URL: /equipamentoacesso/ """ try: if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.READ_OPERATION): return self.not_authorized() # Efetua a consulta de todos os tipos de acesso results = EquipamentoAcesso.search(user.grupos.all()) if results.count() > 0: # Monta lista com dados retornados map_list = [] for item in results: item_map = self.get_equipamento_acesso_map(item) if item_map not in map_list: map_list.append(item_map) # Gera response (XML) com resultados return self.response( dumps_networkapi({'equipamento_acesso': map_list})) else: # Gera response (XML) para resultado vazio return self.response(dumps_networkapi({})) except (EquipamentoError, GrupoError): return self.response_error(1)
def handle_get(self, request, user, *args, **kwargs): """Trata as requisições GET para consulta de Informações de Acesso a Equipamentos. Permite a consulta de Informações de Acesso a Equipamentos existentes. URL: /equipamentoacesso/ """ try: if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.READ_OPERATION): return self.not_authorized() # Efetua a consulta de todos os tipos de acesso results = EquipamentoAcesso.search(user.grupos.all()) if results.count() > 0: # Monta lista com dados retornados map_list = [] for item in results: item_map = self.get_equipamento_acesso_map(item) if item_map not in map_list: map_list.append(item_map) # Gera response (XML) com resultados return self.response(dumps_networkapi({'equipamento_acesso': map_list})) else: # Gera response (XML) para resultado vazio return self.response(dumps_networkapi({})) except (EquipamentoError, GrupoError): return self.response_error(1)
def connect(self): '''Connects to equipment via ssh using paramiko.SSHClient and sets channel variable with invoked shell object Raises: IOError: if cannot connect to host Exception: for other unhandled exceptions ''' if self.equipment_access==None: try: self.equipment_access = EquipamentoAcesso.search(None, self.equipment, "ssh").uniqueResult() except e: log.error("Access type %s not found for equipment %s." % ("ssh", self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException() device = self.equipment_access.fqdn username = self.equipment_access.user password = self.equipment_access.password self.remote_conn=paramiko.SSHClient() self.remote_conn.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: self.remote_conn.connect(device, port=self.connect_port, username=username, password=password) self.channel = self.remote_conn.invoke_shell() except IOError, e: log.error("Could not connect to host %s: %s" % (device, e)) raise exceptions.ConnectionException(device)
def _get_equipment_access(self, protocol): try: return EquipamentoAcesso.search( None, self.equipment, protocol).uniqueResult() except Exception: log.error('Access type %s not found for equipment %s.' % ('http', self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException()
def _get_equipment_access(self): try: self.equipment_access = EquipamentoAcesso.search( None, self.equipment, 'https').uniqueResult() except Exception, e: log.error('Access type %s not found for equipment %s.' % ('https', self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException()
def _get_equipment_access(self): """ Tries to get the equipment access """ try: access = None try: access = EquipamentoAcesso.search(None, self.equipment, 'https').uniqueResult() except ObjectDoesNotExist: access = EquipamentoAcesso.search(None, self.equipment, 'http').uniqueResult() return access except Exception: log.error('Access type %s not found for equipment %s.' % ('https', self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException()
def _get_equipment_access(self): """ Tries to get the equipment access """ try: access = None try: access = EquipamentoAcesso.search( None, self.equipment, 'https').uniqueResult() except ObjectDoesNotExist: access = EquipamentoAcesso.search( None, self.equipment, 'http').uniqueResult() return access except Exception: log.error('Access type %s not found for equipment %s.' % ('https', self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException()
def _prepare_apply_state(pools, user=None): load_balance = dict() keys = list() for pool in pools: server_pool = ServerPool.objects.get(id=pool['id']) server_pool_members = server_pool.serverpoolmember_set.all() if pool['server_pool_members']: equips = _validate_pool_members_to_apply(pool, user) keys.append(sorted([str(eqpt.id) for eqpt in equips])) for e in equips: eqpt_id = str(e.id) equipment_access = EquipamentoAcesso.search(equipamento=e.id) plugin = PluginFactory.factory(e) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'pools': [], } mbs = pool['server_pool_members'] idx_mbs = [mb['id'] for mb in mbs] load_balance[eqpt_id]['pools'].append({ 'id': server_pool.id, 'nome': server_pool.identifier, 'pools_members': [{ 'id': pool_member.id, 'ip': pool_member.ip.ip_formated if pool_member.ip else pool_member.ipv6.ip_formated, 'port': pool_member.port_real, 'member_status': mbs[idx_mbs.index(pool_member.id)]['member_status'] } for pool_member in server_pool_members if pool_member.id in idx_mbs] }) # pools are in differents load balancers keys = [','.join(key) for key in keys] if len(list(set(keys))) > 1: raise Exception('Pools are in differents load balancers') return load_balance
def _prepare_apply_state(pools, user=None): load_balance = dict() keys = list() for pool in pools: server_pool = ServerPool.objects.get(id=pool['id']) server_pool_members = server_pool.serverpoolmember_set.all() if pool['server_pool_members']: equips = _validate_pool_members_to_apply(pool, user) keys.append(sorted([str(eqpt.id) for eqpt in equips])) for e in equips: eqpt_id = str(e.id) equipment_access = EquipamentoAcesso.search( equipamento=e.id ) plugin = PluginFactory.factory(e) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'pools': [], } mbs = pool['server_pool_members'] idx_mbs = [mb['id'] for mb in mbs] load_balance[eqpt_id]['pools'].append({ 'id': server_pool.id, 'nome': server_pool.identifier, 'pools_members': [{ 'id': pool_member.id, 'ip': pool_member.ip.ip_formated if pool_member.ip else pool_member.ipv6.ip_formated, 'port': pool_member.port_real, 'member_status': mbs [idx_mbs.index(pool_member.id)]['member_status'] } for pool_member in server_pool_members if pool_member.id in idx_mbs] }) # pools are in differents load balancers keys = [','.join(key) for key in keys] if len(list(set(keys))) > 1: raise Exception('Pools are in differents load balancers') return load_balance
class MockPluginNetwork(object): _status = True equipment_access = EquipamentoAcesso() @classmethod def status(cls, status=True): cls._status = status @classmethod def remove_svi(cls, svi_number): if cls._status: log.info('Mock Remove Network') else: raise Exception('Error') @classmethod def create_svi(cls, svi_number, svi_description='no description'): if cls._status: log.info('Mock Create Network') else: raise Exception('Error') @classmethod def connect(cls): if cls._status: log.info('Mock Connecting') else: raise Exception('Error') @classmethod def close(cls): if cls._status: log.info('Mock Closing') else: raise Exception('Error') @classmethod def ensure_privilege_level(cls): if cls._status: log.info('Mock Ensuring Privilege Level') else: raise Exception('Error') @classmethod def copyScriptFileToConfig(cls, filename, use_vrf=None, destination='running-config'): if cls._status: log.info('Mock Copying script file to config') else: raise Exception('Error')
def connect(self): '''Connects to equipment via ssh using paramiko.SSHClient and sets channel variable with invoked shell object Raises: IOError: if cannot connect to host Exception: for other unhandled exceptions ''' if self.equipment_access == None: try: self.equipment_access = EquipamentoAcesso.search(None, self.equipment, "ssh").uniqueResult() except Exception, e: log.error("Access type %s not found for equipment %s." % ("ssh", self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException()
def connect(self): """Connects to equipment via ssh using paramiko.SSHClient and sets channel variable with invoked shell object. Raises: IOError: if cannot connect to host Exception: for other unhandled exceptions """ if self.equipment_access is None: try: self.equipment_access = EquipamentoAcesso.search( None, self.equipment, 'ssh').uniqueResult() except Exception: log.error('Access type %s not found for equipment %s.' % ('ssh', self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException() device = self.equipment_access.fqdn username = self.equipment_access.user password = self.equipment_access.password self.remote_conn = paramiko.SSHClient() self.remote_conn.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: retries = 0 connected = 0 while not connected and (retries < self.connect_max_retries): try: self.remote_conn.connect(device, port=self.connect_port, username=username, password=password) self.channel = self.remote_conn.invoke_shell() connected = 1 except Exception, e: retries += 1 # not capable of connecting after max retries if retries is self.connect_max_retries: raise Exception(e) log.error('Try %s/%s - Error connecting to host %s: %s' % (retries, self.connect_max_retries, device, e)) sleep(random.randint(1, 15)) except IOError, e: log.error('Could not connect to host %s: %s' % (device, e)) raise exceptions.ConnectionException(device)
def connect(self): """Connects to equipment via ssh using paramiko.SSHClient and sets channel variable with invoked shell object Raises: IOError: if cannot connect to host Exception: for other unhandled exceptions """ if self.equipment_access is None: try: self.equipment_access = EquipamentoAcesso.search( None, self.equipment, 'ssh').uniqueResult() except Exception, e: log.error('Access type %s not found for equipment %s.' % ('ssh', self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException()
def _get_info(self): """Get info from database to access the device""" if self.equipment_access is None: try: self.equipment_access = EquipamentoAcesso.search( None, self.equipment, 'https').uniqueResult() except Exception: log.error('Access type %s not found for equipment %s.' % ('https', self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException() self.device = self.equipment_access.fqdn username = self.equipment_access.user password = self.equipment_access.password self.HTTP.add_credentials(username, password)
def connect(self): """ Connects to equipment via ssh using PyEz and create connection with invoked shell object. :returns: True on success or raise an exception on any fail (will NOT return a false result, due project decision). """ if self.equipment_access is None: try: # Collect the credentials (user and password) for equipment self.equipment_access = EquipamentoAcesso.search(None, self.equipment, 'ssh').uniqueResult() except Exception as e: message = "Unknown error while accessing equipment {} in database.".format( self.equipment.nome) log.error("{}: {}".format(message, e)) raise exceptions.APIException(message) log.info("Trying to connect on host {} ... ".format(self.equipment_access.fqdn)) try: self.remote_conn = Device( host=self.equipment_access.fqdn, user=self.equipment_access.user, passwd=self.equipment_access.password, port=self.connect_port) self.remote_conn.open() self.configuration = Config(self.remote_conn) if self.remote_conn.connected: log.info("The connection on host {} was opened successfully!".format(self.equipment_access.fqdn)) return True except ConnectError as e: message = "Authentication failed trying to connect host {}.".format(self.equipment_access.fqdn) log.error("{}: {}".format(message, e)) raise exceptions.ConnectionException(message) except Exception as e: message = "Unknown error while connecting to host {}.".format(self.equipment_access.fqdn) log.error("{}: {}".format(message, e)) raise exceptions.APIException(message)
def connect(self): """Connects to equipment via ssh using paramiko.SSHClient and sets channel variable with invoked shell object. Raises: IOError: if cannot connect to host Exception: for other unhandled exceptions """ if self.equipment_access is None: try: self.equipment_access = EquipamentoAcesso.search( None, self.equipment, 'ssh').uniqueResult() except Exception: log.error('Access type %s not found for equipment %s.' % ('ssh', self.equipment.nome)) raise exceptions.InvalidEquipmentAccessException() device = self.equipment_access.fqdn username = self.equipment_access.user password = self.equipment_access.password self.remote_conn = paramiko.SSHClient() self.remote_conn.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: retries = 0 connected = 0 while not connected and (retries < self.connect_max_retries): try: self.remote_conn.connect( device, port=self.connect_port, username=username, password=password) self.channel = self.remote_conn.invoke_shell() connected = 1 except Exception, e: retries += 1 # not capable of connecting after max retries if retries is self.connect_max_retries: raise Exception(e) log.error('Try %s/%s - Error connecting to host %s: %s' % (retries, self.connect_max_retries, device, e)) sleep(random.randint(1, 15)) except IOError, e: log.error('Could not connect to host %s: %s' % (device, e)) raise exceptions.ConnectionException(device)
def handle_get(self, request, user, *args, **kwargs): """Handles GET requests to list all equip access by access identifier. URLs: equipamentoacesso/id/<id_acesso>/ """ try: # Commons Validations # User permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.READ_OPERATION): self.log.error( u'User does not have permission to perform the operation.') return self.not_authorized() # Business Validations # Valid id access id_access = kwargs.get('id_acesso') if not is_valid_int_greater_zero_param(id_access): self.log.error(u'Parameter id_acesso is invalid. Value: %s.', id_access) raise InvalidValueError(None, 'id_acesso', id_access) # Business Rules access = EquipamentoAcesso.get_by_pk(id_access) equip_access_map = dict() equip_access_map['equipamento_acesso'] = model_to_dict(access) # Return XML return self.response(dumps_networkapi(equip_access_map)) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs): """Handles GET requests to list all equip access by access identifier. URLs: equipamentoacesso/id/<id_acesso>/ """ try: # Commons Validations # User permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.READ_OPERATION): self.log.error( u'User does not have permission to perform the operation.') return self.not_authorized() # Business Validations # Valid id access id_access = kwargs.get('id_acesso') if not is_valid_int_greater_zero_param(id_access): self.log.error( u'Parameter id_acesso is invalid. Value: %s.', id_access) raise InvalidValueError(None, 'id_acesso', id_access) # Business Rules access = EquipamentoAcesso.get_by_pk(id_access) equip_access_map = dict() equip_access_map['equipamento_acesso'] = model_to_dict(access) # Return XML return self.response(dumps_networkapi(equip_access_map)) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs): """Trata uma requisição PUT para alterar informações de acesso a equipamentos. URL: /equipamentoacesso/id_equipamento/id_tipo_acesso/ """ # Obtém dados do request e verifica acesso try: # Obtém argumentos passados na URL id_equipamento = kwargs.get('id_equipamento') if id_equipamento is None: return self.response_error(147) id_tipo_acesso = kwargs.get('id_tipo_acesso') if id_tipo_acesso is None: return self.response_error(208) # Após obtenção do id_equipamento podemos verificar a permissão if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() # Obtém dados do XML xml_map, attrs_map = loads(request.raw_post_data) # Obtém o mapa correspondente ao root node do mapa do XML # (networkapi) networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'Não existe valor para a tag networkapi do XML de requisição.' ) # Verifica a existência do node "equipamento_acesso" equipamento_acesso_map = networkapi_map.get('equipamento_acesso') if equipamento_acesso_map is None: return self.response_error( 3, u'Não existe valor para a tag equipamento_acesso do XML de requisição.' ) # Verifica a existência do valor "fqdn" fqdn = equipamento_acesso_map.get('fqdn') if fqdn is None: return self.response_error(205) # Verifica a existência do valor "user" username = equipamento_acesso_map.get('user') if username is None: return self.response_error(206) # Verifica a existência do valor "pass" password = equipamento_acesso_map.get('pass') if password is None: return self.response_error(207) # Obtém o valor de "enable_pass" enable_pass = equipamento_acesso_map.get('enable_pass') with distributedlock(LOCK_EQUIPMENT_ACCESS % id_tipo_acesso): # Altera a informação de acesso ao equipamentoconforme dados # recebidos no XML EquipamentoAcesso.update(user, id_equipamento, id_tipo_acesso, fqdn=fqdn, user=username, password=password, enable_pass=enable_pass) # Retorna response vazio em caso de sucesso return self.response(dumps_networkapi({})) except XMLError, x: self.log.error(u'Erro ao ler o XML da requisição.') return self.response_error(3, x)
def update_real_pool(request): """ - update real pool in eqpt - update data pool in db """ pools = request.DATA.get("pools", []) load_balance = {} # valid data for save in DB and apply in eqpt ps, sp = valid_to_save_reals_v2(pools) for pool in pools: ids = [p['id'] for p in pool['server_pool_members'] if p['id']] db_members = ServerPoolMember.objects.filter(id__in=ids) db_members_remove = ServerPoolMember.objects.filter(server_pool__id=pool['server_pool']['id']).exclude(id__in=ids) db_members_id = [str(s.id) for s in db_members] pools_members = list() for pool_member in pool['server_pool_members']: if not pool_member['ipv6']: ip = pool_member['ip']['ip_formated'] else: ip = pool_member['ipv6']['ip_formated'] if pool_member['id']: member = db_members[db_members_id.index(str(pool_member['id']))] if not member.ipv6: ip_db = member.ip.ip_formated else: ip_db = member.ipv6.ip_formated if member.port_real == pool_member['port_real'] and ip_db == ip: pools_members.append({ 'id': pool_member['id'], 'ip': ip, 'port': pool_member['port_real'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'], }) else: pools_members.append({ 'id': None, 'ip': ip_db, 'port': member.port_real, 'remove': 1 }) pools_members.append({ 'id': pool_member['id'], 'ip': ip, 'port': pool_member['port_real'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'], 'new': 1 }) else: pools_members.append({ 'id': None, 'ip': ip, 'port': pool_member['port_real'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'], 'new': 1 }) # members to remove for member in db_members_remove: if not member.ipv6: ip_db = member.ip.ip_formated else: ip_db = member.ipv6.ip_formated pools_members.append({ 'id': member.id, 'ip': ip_db, 'port': member.port_real, 'remove': 1 }) # get eqpts associate with pool equips = EquipamentoAmbiente.objects.filter( ambiente__id=pool['server_pool']['environment']['id'], equipamento__tipo_equipamento__tipo_equipamento=u'Balanceador') equipment_list = [e.equipamento for e in equips] if all_equipments_are_in_maintenance(equipment_list): raise AllEquipmentsAreInMaintenanceException() for e in equips: eqpt_id = str(e.equipamento.id) equipment_access = EquipamentoAcesso.search( equipamento=e.equipamento.id, protocolo="https" ).uniqueResult() equipment = Equipamento.get_by_pk(e.equipamento.id) plugin = PluginFactory.factory(equipment) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'fqdn': equipment_access.fqdn, 'user': equipment_access.user, 'password': equipment_access.password, 'pools': [], } load_balance[eqpt_id]['pools'].append({ 'id': pool['server_pool']['id'], 'nome': pool['server_pool']['identifier'], 'lb_method': pool['server_pool']['lb_method'], 'healthcheck': pool['server_pool']['healthcheck'], 'action': pool['server_pool']['servicedownaction']['name'], 'pools_members': pools_members }) # get ids from pools created names = [sp[p].id for idx, p in enumerate(ps) if sp[p].pool_created] environments = [sp[p].id for idx, p in enumerate(ps) if sp[p].pool_created] # call plugin to change in load balance for lb in load_balance: lbe = [l for l in load_balance[lb]['pools'] if l['id'] in names if l['id'] in environments] if len(lbe) > 0: json = load_balance[lb] json['pools'] = lbe json['plugin'].updatePool(json) # save pool in DB for idx in sp: idx = str(idx) sp[idx].identifier = ps[idx]['server_pool']['identifier'] sp[idx].environment = Ambiente.objects.get( id=ps[idx]['server_pool']['environment']['id']) sp[idx].default_limit = ps[idx]['server_pool']['default_limit'] sp[idx].default_port = ps[idx]['server_pool']['default_port'] sp[idx].lb_method = ps[idx]['server_pool']['lb_method'] sp[idx].servicedownaction = OptionPool.objects.get( id=ps[idx]['server_pool']['servicedownaction']['id']) is_healthcheck_valid(ps[idx]['server_pool']['healthcheck']) ps[idx]['server_pool']['healthcheck'] = ps[idx]['server_pool']['healthcheck'] sp[idx].healthcheck = get_or_create_healthcheck( request.user, ps[idx]['server_pool']['healthcheck']['healthcheck_expect'], ps[idx]['server_pool']['healthcheck']['healthcheck_type'], ps[idx]['server_pool']['healthcheck']['healthcheck_request'], ps[idx]['server_pool']['healthcheck']['destination'], ps[idx]['server_pool']['healthcheck']['identifier']) sp[idx].save() members_id = [p['id'] for p in pool['server_pool_members'] for pool in pools if p['id']] pms = ServerPoolMember.objects.filter(id__in=members_id) pms_delete = ServerPoolMember.objects.exclude(id__in=members_id).filter(server_pool__id__in=[pool['server_pool']['id'] for pool in pools]) members = dict() for pool in pools: for member in pool['server_pool_members']: if member['id']: members[str(member['id'])] = member # update pool members log.info(pools) for pm in pms: if members.get(str(pm.id)): pm.port_real = members.get(str(pm.id))['port_real'] pm.priority = members.get(str(pm.id))['priority'] pm.weight = members.get(str(pm.id))['weight'] pm.limit = members.get(str(pm.id))['limit'] pm.save() # delete pool members for pm in pms_delete: pm.delete() # create new pool members members = [p for p in pool['server_pool_members'] for pool in pools if not p['id']] for member in members: pm = ServerPoolMember() pm.server_pool_id = member['server_pool']['id'] pm.limit = member['limit'] if member['ip']: pm.ip_id = member['ip']['id'] if member['ipv6']: pm.ipv6_id = member['ipv6']['id'] pm.identifier = member['identifier'] pm.weight = member['weight'] pm.priority = member['priority'] pm.port_real = member['port_real'] pm.save() # Save reals # save_server_pool_member(request.user, sp, list_server_pool_member) return {}
def delete_real_pool(request): """ delete real pool in eqpt """ pools = request.DATA.get("pools", []) load_balance = {} for pool in pools: pools_members = [] for pool_member in pool['server_pool_members']: if pool_member['ipv6'] is None: ip = pool_member['ip']['ip_formated'] else: ip = pool_member['ipv6']['ip_formated'] pools_members.append({ 'id': pool_member['id'], 'ip': ip, 'port': pool_member['port_real'], 'member_status': pool_member['member_status'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'] }) equips = EquipamentoAmbiente.objects.filter( ambiente__id=pool['server_pool']['environment']['id'], equipamento__tipo_equipamento__tipo_equipamento=u'Balanceador') equipment_list = [e.equipamento for e in equips] if all_equipments_are_in_maintenance(equipment_list): raise AllEquipmentsAreInMaintenanceException() for e in equips: eqpt_id = str(e.equipamento.id) equipment_access = EquipamentoAcesso.search( equipamento=e.equipamento.id, protocolo="https" ).uniqueResult() equipment = Equipamento.get_by_pk(e.equipamento.id) plugin = PluginFactory.factory(equipment) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'fqdn': equipment_access.fqdn, 'user': equipment_access.user, 'password': equipment_access.password, 'pools': [], } load_balance[eqpt_id]['pools'].append({ 'id': pool['server_pool']['id'], 'nome': pool['server_pool']['identifier'], 'lb_method': pool['server_pool']['lb_method'], 'healthcheck': pool['server_pool']['healthcheck'], 'action': pool['server_pool']['servicedownaction']['name'], 'pools_members': pools_members }) for lb in load_balance: load_balance[lb]['plugin'].deletePool(load_balance[lb]) ids = [pool['server_pool']['id'] for pool in pools] ServerPool.objects.filter(id__in=ids).update(pool_created=False) return {}
def handle_post(self, request, auth, *args, **kwargs): """Handles POST requests to update Equipment Access by id. URLs: /equipmentaccess/edit/ """ self.log.info('Update EquipmentAccess by id') try: # Commons Validations # Business Validations # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: msg = u'There is no value to the networkapi tag of XML request.' self.log.error(msg) return self.response_error(3, msg) equipmentaccess_map = networkapi_map.get('equipamento_acesso') if equipmentaccess_map is None: msg = u'There is no value to the equipamento_acesso tag of XML request.' self.log.error(msg) return self.response_error(3, msg) # Get XML data user = equipmentaccess_map.get('user') password = equipmentaccess_map.get('pass') fqdn = equipmentaccess_map.get('fqdn') enable_pass = equipmentaccess_map.get('enable_pass') type_access = equipmentaccess_map.get('id_tipo_acesso') equip_access = equipmentaccess_map.get('id_equip_acesso') # Password must NOT be none and 20 is the maxsize and 3 is the # minsize if not is_valid_string_maxsize( password, 150) or not is_valid_string_minsize(password, 3): self.log.error(u'Parameter pass is invalid.') raise InvalidValueError(None, 'pass', '****') # Enable Pass must NOT be none and 20 is the maxsize and 3 is the # minsize if not is_valid_string_maxsize(enable_pass, 150) or not is_valid_string_minsize( enable_pass, 3): self.log.error(u'Parameter enable_pass is invalid.') raise InvalidValueError(None, 'enable_pass', '****') # User must NOT be none and 20 is the maxsize and 3 is the minsize if not is_valid_string_maxsize( user, 20) or not is_valid_string_minsize(user, 3): self.log.error(u'Parameter user is invalid. Value: %s.', user) raise InvalidValueError(None, 'user', user) # Host must NOT be none and 100 is the maxsize and 4 is the minsize if not is_valid_string_maxsize( fqdn, 100) or not is_valid_string_minsize(fqdn, 4): self.log.error(u'Parameter fqdn is invalid. Value: %s.', fqdn) raise InvalidValueError(None, 'fqdn', fqdn) # Type Access # Valid type access ID if not is_valid_int_greater_zero_param(type_access): self.log.error( u'Parameter type_access_id is invalid. Value: %s.', type_access) raise InvalidValueError(None, 'type_access_id', type_access) type_access = TipoAcesso.get_by_pk(type_access) # Business Rules equip_access = EquipamentoAcesso.get_by_pk(equip_access) # User permission if not has_perm(auth, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip_access.equipamento.id, AdminPermission.EQUIP_WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') return self.not_authorized() with distributedlock(LOCK_EQUIPMENT_ACCESS % type_access.id): # valid duplicate association if not (int(type_access.id) == int( equip_access.tipo_acesso.id)): if EquipamentoAcesso.objects.filter( equipamento=equip_access.equipamento, tipo_acesso=type_access).count() > 0: raise EquipamentoAccessDuplicatedError( None, u'Já existe esta associação de equipamento e tipo de acesso cadastrada.' ) equip_access.__dict__.update(fqdn=fqdn, user=user, password=password, enable_pass=enable_pass) equip_access.tipo_acesso = type_access equip_access.save(auth) # update equipmentaccess_map = dict() equipmentaccess_map['equipamento_acesso'] = model_to_dict( equip_access) # Return XML return self.response(dumps_networkapi(equipmentaccess_map)) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs): """Trata as requisições de POST para criar Informações de Acesso a Equipamentos. URL: /equipamentoacesso """ # Obtém dados do request e verifica acesso try: # Obtém os dados do xml do request xml_map, attrs_map = loads(request.raw_post_data) # Obtém o mapa correspondente ao root node do mapa do XML # (networkapi) networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'Não existe valor para a tag networkapi do XML de requisição.') # Verifica a existência do node "equipamento_acesso" equipamento_acesso_map = networkapi_map.get('equipamento_acesso') if equipamento_acesso_map is None: return self.response_error(3, u'Não existe valor para a tag equipamento_acesso do XML de requisição.') # Verifica a existência do valor "id_equipamento" id_equipamento = equipamento_acesso_map.get('id_equipamento') # Valid ID Equipment if not is_valid_int_greater_zero_param(id_equipamento): self.log.error( u'The id_equipamento parameter is not a valid value: %s.', id_equipamento) raise InvalidValueError(None, 'id_equipamento', id_equipamento) try: id_equipamento = int(id_equipamento) except (TypeError, ValueError): self.log.error( u'Valor do id_equipamento inválido: %s.', id_equipamento) return self.response_error(117, id_equipamento) # Após obtenção do id_equipamento podemos verificar a permissão if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() # Verifica a existência do valor "fqdn" fqdn = equipamento_acesso_map.get('fqdn') # Valid fqdn if not is_valid_string_maxsize(fqdn, 100) or not is_valid_string_minsize(fqdn, 4): self.log.error(u'Parameter fqdn is invalid. Value: %s', fqdn) raise InvalidValueError(None, 'fqdn', fqdn) # Verifica a existência do valor "user" username = equipamento_acesso_map.get('user') # Valid username if not is_valid_string_maxsize(username, 20) or not is_valid_string_minsize(username, 3): self.log.error( u'Parameter username is invalid. Value: %s', username) raise InvalidValueError(None, 'username', username) # Verifica a existência do valor "pass" password = equipamento_acesso_map.get('pass') # Valid password if not is_valid_string_maxsize(password, 150) or not is_valid_string_minsize(password, 3): self.log.error(u'Parameter password is invalid.') raise InvalidValueError(None, 'password', '****') # Verifica a existência do valor "id_tipo_acesso" id_tipo_acesso = equipamento_acesso_map.get('id_tipo_acesso') # Valid ID Equipment if not is_valid_int_greater_zero_param(id_tipo_acesso): self.log.error( u'The id_tipo_acesso parameter is not a valid value: %s.', id_tipo_acesso) raise InvalidValueError(None, 'id_tipo_acesso', id_tipo_acesso) try: id_tipo_acesso = int(id_tipo_acesso) except (TypeError, ValueError): self.log.error( u'Valor do id_tipo_acesso inválido: %s.', id_tipo_acesso) return self.response_error(171, id_tipo_acesso) # Obtém o valor de "enable_pass" enable_pass = equipamento_acesso_map.get('enable_pass') # Valid enable_pass if not is_valid_string_maxsize(enable_pass, 150) or not is_valid_string_minsize(enable_pass, 3): self.log.error(u'Parameter enable_pass is invalid.') raise InvalidValueError(None, 'enable_pass', '****') # Cria acesso ao equipamento conforme dados recebidos no XML equipamento_acesso = EquipamentoAcesso( equipamento=Equipamento(id=id_equipamento), fqdn=fqdn, user=username, password=password, tipo_acesso=TipoAcesso(id=id_tipo_acesso), enable_pass=enable_pass ) equipamento_acesso.create(user) # Monta dict para response networkapi_map = dict() equipamento_acesso_map = dict() equipamento_acesso_map['id'] = equipamento_acesso.id networkapi_map['equipamento_acesso'] = equipamento_acesso_map return self.response(dumps_networkapi(networkapi_map)) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def update_real_pool(pools, user): """Update real pool in Load Balancer and DB.""" load_balance = dict() keys = list() for pool in pools: pool_obj = facade_v3.get_pool_by_id(pool['id']) healthcheck_old = serializers.HealthcheckV3Serializer( pool_obj.healthcheck).data db_members = pool_obj.serverpoolmember_set.all() member_ids = [ spm['id'] for spm in pool['server_pool_members'] if spm['id'] ] db_members_remove = list(db_members.exclude(id__in=member_ids)) db_members_id = [str(s.id) for s in db_members] pool_obj.update_v3(pool, user, permit_created=True) pools_members = list() for pool_member in pool['server_pool_members']: ip = pool_member['ip']['ip_formated'] if pool_member[ 'ip'] else pool_member['ipv6']['ip_formated'] if pool_member.get('id', None) is not None: member = db_members[db_members_id.index(str( pool_member['id']))] ip_db = member.ip.ip_formated \ if member.ip else member.ipv6.ip_formated if member.port_real == pool_member['port_real'] \ and ip_db == ip: # update info of member pools_members.append({ 'id': pool_member['id'], 'identifier': member.identifier, 'ip': ip, 'port': pool_member['port_real'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'member_status': pool_member['member_status'], 'weight': pool_member['weight'], }) else: # delete member with old port and old ip pools_members.append({ 'id': None, 'identifier': member.identifier, 'ip': ip_db, 'port': member.port_real, 'remove': 1 }) # create member with new port and new ip pools_members.append({ 'id': pool_member['id'], 'identifier': ip, 'ip': ip, 'port': pool_member['port_real'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'], 'member_status': pool_member['member_status'], 'new': 1 }) else: # create member pools_members.append({ 'id': None, 'identifier': ip, 'ip': ip, 'port': pool_member['port_real'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'], 'member_status': pool_member['member_status'], 'new': 1 }) # delete members for member in db_members_remove: pools_members.append({ 'id': member.id, 'identifier': member.identifier, 'ip': member.ip.ip_formated if member.ip else member.ipv6.ip_formated, 'port': member.port_real, 'remove': 1 }) # get eqpts associate with pool equips = _validate_pool_to_apply(pool, update=True, user=user) keys.append(sorted([str(eqpt.id) for eqpt in equips])) healthcheck = copy.deepcopy(pool['healthcheck']) healthcheck['new'] = False if json_delta.diff(healthcheck_old, pool['healthcheck']): healthcheck['identifier'] = facade_v3.reserve_name_healthcheck( pool['identifier']) healthcheck['new'] = True for e in equips: eqpt_id = str(e.id) equipment_access = EquipamentoAcesso.search(equipamento=e.id) plugin = PluginFactory.factory(e) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'pools': [], } vips_requests = ServerPool().get_vips_related(pool['id']) serializer_vips = serializers_vip.VipRequestV3Serializer( vips_requests, many=True, include=( 'ipv4__details', 'ipv6__details', 'ports__identifier', 'ports__pools__server_pool__basic__lb_method', )) vips = serializer_vips.data load_balance[eqpt_id]['pools'].append({ 'id': pool['id'], 'nome': pool['identifier'], 'lb_method': pool['lb_method'], 'healthcheck': healthcheck, 'action': pool['servicedownaction']['name'], 'vips': vips, 'pools_members': pools_members }) # pools are in differents load balancers keys = [','.join(key) for key in keys] if len(list(set(keys))) > 1: raise Exception('Pools are in differents load balancers') for lb in load_balance: load_balance[lb]['plugin'].update_pool(load_balance[lb]) return {}
def handle_post(self, request, auth, *args, **kwargs): """Handles POST requests to update Equipment Access by id. URLs: /equipmentaccess/edit/ """ self.log.info('Update EquipmentAccess by id') try: # Commons Validations # Business Validations # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: msg = u'There is no value to the networkapi tag of XML request.' self.log.error(msg) return self.response_error(3, msg) equipmentaccess_map = networkapi_map.get('equipamento_acesso') if equipmentaccess_map is None: msg = u'There is no value to the equipamento_acesso tag of XML request.' self.log.error(msg) return self.response_error(3, msg) # Get XML data user = equipmentaccess_map.get('user') password = equipmentaccess_map.get('pass') fqdn = equipmentaccess_map.get('fqdn') enable_pass = equipmentaccess_map.get('enable_pass') type_access = equipmentaccess_map.get('id_tipo_acesso') equip_access = equipmentaccess_map.get('id_equip_acesso') # Password must NOT be none and 20 is the maxsize and 3 is the # minsize if not is_valid_string_maxsize(password, 150) or not is_valid_string_minsize(password, 3): self.log.error(u'Parameter pass is invalid.') raise InvalidValueError(None, 'pass', '****') # Enable Pass must NOT be none and 20 is the maxsize and 3 is the # minsize if not is_valid_string_maxsize(enable_pass, 150) or not is_valid_string_minsize(enable_pass, 3): self.log.error(u'Parameter enable_pass is invalid.') raise InvalidValueError(None, 'enable_pass', '****') # User must NOT be none and 20 is the maxsize and 3 is the minsize if not is_valid_string_maxsize(user, 20) or not is_valid_string_minsize(user, 3): self.log.error(u'Parameter user is invalid. Value: %s.', user) raise InvalidValueError(None, 'user', user) # Host must NOT be none and 100 is the maxsize and 4 is the minsize if not is_valid_string_maxsize(fqdn, 100) or not is_valid_string_minsize(fqdn, 4): self.log.error(u'Parameter fqdn is invalid. Value: %s.', fqdn) raise InvalidValueError(None, 'fqdn', fqdn) # Type Access # Valid type access ID if not is_valid_int_greater_zero_param(type_access): self.log.error( u'Parameter type_access_id is invalid. Value: %s.', type_access) raise InvalidValueError(None, 'type_access_id', type_access) type_access = TipoAcesso.get_by_pk(type_access) # Business Rules equip_access = EquipamentoAcesso.get_by_pk(equip_access) # User permission if not has_perm(auth, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip_access.equipamento.id, AdminPermission.EQUIP_WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') return self.not_authorized() with distributedlock(LOCK_EQUIPMENT_ACCESS % type_access.id): # valid duplicate association if not (int(type_access.id) == int(equip_access.tipo_acesso.id)): if EquipamentoAcesso.objects.filter(equipamento=equip_access.equipamento, tipo_acesso=type_access).count() > 0: raise EquipamentoAccessDuplicatedError( None, u'Já existe esta associação de equipamento e tipo de acesso cadastrada.') equip_access.__dict__.update( fqdn=fqdn, user=user, password=password, enable_pass=enable_pass) equip_access.tipo_acesso = type_access equip_access.save(auth) # update equipmentaccess_map = dict() equipmentaccess_map[ 'equipamento_acesso'] = model_to_dict(equip_access) # Return XML return self.response(dumps_networkapi(equipmentaccess_map)) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def prepare_apply(load_balance, vip, created=True, user=None): vip_request = copy.deepcopy(vip) id_vip = str(vip_request.get('id')) equips, conf, cluster_unit = _validate_vip_to_apply( vip_request, created, user) cache_group = OptionVip.objects.get( id=vip_request.get('options').get('cache_group')) traffic_return = OptionVip.objects.get( id=vip_request.get('options').get('traffic_return')) timeout = OptionVip.objects.get( id=vip_request.get('options').get('timeout')) persistence = OptionVip.objects.get( id=vip_request.get('options').get('persistence')) if vip_request['ipv4']: ipv4 = Ip.get_by_pk( vip_request['ipv4']) if vip_request['ipv4'] else None vip_request['ipv4'] = {'id': ipv4.id, 'ip_formated': ipv4.ip_formated} if vip_request['ipv6']: ipv6 = Ipv6.get_by_pk( vip_request['ipv6']) if vip_request['ipv6'] else None vip_request['ipv6'] = {'id': ipv6.id, 'ip_formated': ipv6.ip_formated} if conf: conf = json.loads(conf) vip_request['options'] = dict() vip_request['options']['cache_group'] = { 'id': cache_group.id, 'nome_opcao_txt': cache_group.nome_opcao_txt } vip_request['options']['traffic_return'] = { 'id': traffic_return.id, 'nome_opcao_txt': traffic_return.nome_opcao_txt } vip_request['options']['timeout'] = { 'id': timeout.id, 'nome_opcao_txt': timeout.nome_opcao_txt } vip_request['options']['persistence'] = { 'id': persistence.id, 'nome_opcao_txt': persistence.nome_opcao_txt } vip_request['options']['cluster_unit'] = cluster_unit try: vip_request['options']['dscp'] = VipRequestDSCP.objects.get( vip_request=vip_request['id']).dscp except: vip_request['options']['dscp'] = None pass for idx, port in enumerate(vip_request['ports']): for i, pl in enumerate(port['pools']): pool = get_pool_by_id(pl['server_pool']) pool_serializer = pool_slz.PoolV3Serializer(pool) l7_rule = OptionVip.objects.get(id=pl['l7_rule']).nome_opcao_txt healthcheck = pool_serializer.data['healthcheck'] healthcheck['identifier'] = reserve_name_healthcheck( pool_serializer.data['identifier']) healthcheck['new'] = True vip_request['ports'][idx]['pools'][i]['server_pool'] = { 'id': pool_serializer.data['id'], 'nome': pool_serializer.data['identifier'], 'lb_method': pool_serializer.data['lb_method'], 'healthcheck': healthcheck, 'action': pool_serializer.data['servicedownaction']['name'], 'pool_created': pool_serializer.data['pool_created'], 'pools_members': [{ 'id': pool_member['id'], 'identifier': pool_member['identifier'], 'ip': pool_member['ip']['ip_formated'] if pool_member['ip'] else pool_member['ipv6']['ip_formated'], 'port': pool_member['port_real'], 'member_status': pool_member['member_status'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'] } for pool_member in pool_serializer.data['server_pool_members'] ] } vip_request['ports'][idx]['pools'][i]['l7_rule'] = l7_rule l7_protocol = OptionVip.objects.get(id=port['options']['l7_protocol']) l4_protocol = OptionVip.objects.get(id=port['options']['l4_protocol']) vip_request['ports'][idx]['options'] = dict() vip_request['ports'][idx]['options']['l7_protocol'] = { 'id': l7_protocol.id, 'nome_opcao_txt': l7_protocol.nome_opcao_txt } vip_request['ports'][idx]['options']['l4_protocol'] = { 'id': l4_protocol.id, 'nome_opcao_txt': l4_protocol.nome_opcao_txt } vip_request['conf'] = conf if conf: for idx, layer in enumerate(conf['conf']['layers']): requiments = layer.get('requiments') if requiments: # validate for port for idx_port, port in enumerate(vip['ports']): for requiment in requiments: condicionals = requiment.get('condicionals') for condicional in condicionals: validated = True validations = condicional.get('validations') for validation in validations: if validation.get('type') == 'optionvip': validated &= valid_expression( validation.get('operator'), int(vip['options'][validation.get( 'variable')]), int(validation.get('value'))) if validation.get('type') == 'portoptionvip': validated &= valid_expression( validation.get('operator'), int(port['options'][validation.get( 'variable')]), int(validation.get('value'))) if validation.get( 'type') == 'field' and validation.get( 'variable') == 'cluster_unit': validated &= valid_expression( validation.get('operator'), cluster_unit, validation.get('value')) if validated: use = condicional.get('use') for item in use: definitions = item.get('definitions') eqpts = item.get('eqpts') if eqpts: eqpts = Equipamento.objects.filter( id__in=eqpts, maintenance=0, tipo_equipamento__tipo_equipamento= u'Balanceador').distinct() if facade_eqpt.all_equipments_are_in_maintenance( equips): raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException( ) if user: if not facade_eqpt.all_equipments_can_update_config( equips, user): raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException( 'User does not have permission to update conf in eqpt. \ Verify the permissions of user group with equipment group. Vip:{}' .format(vip_request['id'])) for eqpt in eqpts: eqpt_id = str(eqpt.id) if not load_balance.get(eqpt_id): equipment_access = EquipamentoAcesso.search( equipamento=eqpt.id) plugin = PluginFactory.factory( eqpt) load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'vips': [], 'layers': {}, } idx_layer = str(idx) idx_port_str = str(port['port']) if not load_balance[eqpt_id][ 'layers'].get(id_vip): load_balance[eqpt_id][ 'layers'][id_vip] = dict() if load_balance[eqpt_id]['layers'][ id_vip].get(idx_layer): if load_balance[eqpt_id][ 'layers'][id_vip].get( idx_layer).get( 'definitions' ).get( idx_port_str): load_balance[eqpt_id][ 'layers'][id_vip][ idx_layer][ 'definitions'][ idx_port_str] += definitions else: load_balance[eqpt_id][ 'layers'][id_vip][ idx_layer][ 'definitions'][ idx_port_str] = definitions else: load_balance[eqpt_id][ 'layers'][id_vip][ idx_layer] = { 'vip_request': vip_request, 'definitions': { idx_port_str: definitions } } # In first validated==True stops conditionals. # Removing this break will add a wrong # conditional. break for e in equips: eqpt_id = str(e.id) if not load_balance.get(eqpt_id): equipment_access = EquipamentoAcesso.search(equipamento=e.id) plugin = PluginFactory.factory(e) load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'vips': [], 'layers': {}, } load_balance[eqpt_id]['vips'].append({'vip_request': vip_request}) return load_balance
def _prepare_apply(pools, created=False, user=None): load_balance = dict() keys = list() for pool in pools: equips = _validate_pool_members_to_apply(pool, user) keys.append(sorted([str(eqpt.id) for eqpt in equips])) healthcheck = pool['healthcheck'] healthcheck['identifier'] = facade_v3.\ reserve_name_healthcheck(pool['identifier']) healthcheck['new'] = True for e in equips: eqpt_id = str(e.id) equipment_access = EquipamentoAcesso.search( equipamento=e.id ) plugin = PluginFactory.factory(e) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'pools': [], } vips_requests = ServerPool().get_vips_related(pool['id']) serializer_vips = serializers_vip.VipRequestV3Serializer( vips_requests, many=True, include=( 'ipv4__details', 'ipv6__details', 'ports__identifier', 'ports__pools__server_pool__basic__lb_method', ) ) vips = serializer_vips.data load_balance[eqpt_id]['pools'].append({ 'id': pool['id'], 'nome': pool['identifier'], 'lb_method': pool['lb_method'], 'healthcheck': healthcheck, 'action': pool['servicedownaction']['name'], 'vips': vips, 'pools_members': [{ 'id': pool_member['id'], 'identifier': pool_member['identifier'], 'ip': pool_member['ip']['ip_formated'] if pool_member['ip'] else pool_member['ipv6']['ip_formated'], 'port': pool_member['port_real'], 'member_status': pool_member['member_status'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'] } for pool_member in pool['server_pool_members']] }) # pools are in differents load balancers keys = [','.join(key) for key in keys] if len(list(set(keys))) > 1: raise Exception('Pools are in differents load balancers') return load_balance
def handle_post(self, request, user, *args, **kwargs): """Trata as requisições de POST para criar Informações de Acesso a Equipamentos. URL: /equipamentoacesso """ # Obtém dados do request e verifica acesso try: # Obtém os dados do xml do request xml_map, attrs_map = loads(request.raw_post_data) # Obtém o mapa correspondente ao root node do mapa do XML # (networkapi) networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'Não existe valor para a tag networkapi do XML de requisição.' ) # Verifica a existência do node "equipamento_acesso" equipamento_acesso_map = networkapi_map.get('equipamento_acesso') if equipamento_acesso_map is None: return self.response_error( 3, u'Não existe valor para a tag equipamento_acesso do XML de requisição.' ) # Verifica a existência do valor "id_equipamento" id_equipamento = equipamento_acesso_map.get('id_equipamento') # Valid ID Equipment if not is_valid_int_greater_zero_param(id_equipamento): self.log.error( u'The id_equipamento parameter is not a valid value: %s.', id_equipamento) raise InvalidValueError(None, 'id_equipamento', id_equipamento) try: id_equipamento = int(id_equipamento) except (TypeError, ValueError): self.log.error(u'Valor do id_equipamento inválido: %s.', id_equipamento) return self.response_error(117, id_equipamento) # Após obtenção do id_equipamento podemos verificar a permissão if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() # Verifica a existência do valor "fqdn" fqdn = equipamento_acesso_map.get('fqdn') # Valid fqdn if not is_valid_string_maxsize( fqdn, 100) or not is_valid_string_minsize(fqdn, 4): self.log.error(u'Parameter fqdn is invalid. Value: %s', fqdn) raise InvalidValueError(None, 'fqdn', fqdn) # Verifica a existência do valor "user" username = equipamento_acesso_map.get('user') # Valid username if not is_valid_string_maxsize( username, 20) or not is_valid_string_minsize(username, 3): self.log.error(u'Parameter username is invalid. Value: %s', username) raise InvalidValueError(None, 'username', username) # Verifica a existência do valor "pass" password = equipamento_acesso_map.get('pass') # Valid password if not is_valid_string_maxsize( password, 150) or not is_valid_string_minsize(password, 3): self.log.error(u'Parameter password is invalid.') raise InvalidValueError(None, 'password', '****') # Verifica a existência do valor "id_tipo_acesso" id_tipo_acesso = equipamento_acesso_map.get('id_tipo_acesso') # Valid ID Equipment if not is_valid_int_greater_zero_param(id_tipo_acesso): self.log.error( u'The id_tipo_acesso parameter is not a valid value: %s.', id_tipo_acesso) raise InvalidValueError(None, 'id_tipo_acesso', id_tipo_acesso) try: id_tipo_acesso = int(id_tipo_acesso) except (TypeError, ValueError): self.log.error(u'Valor do id_tipo_acesso inválido: %s.', id_tipo_acesso) return self.response_error(171, id_tipo_acesso) # Obtém o valor de "enable_pass" enable_pass = equipamento_acesso_map.get('enable_pass') # Valid enable_pass if not is_valid_string_maxsize(enable_pass, 150) or not is_valid_string_minsize( enable_pass, 3): self.log.error(u'Parameter enable_pass is invalid.') raise InvalidValueError(None, 'enable_pass', '****') # Cria acesso ao equipamento conforme dados recebidos no XML equipamento_acesso = EquipamentoAcesso( equipamento=Equipamento(id=id_equipamento), fqdn=fqdn, user=username, password=password, tipo_acesso=TipoAcesso(id=id_tipo_acesso), enable_pass=enable_pass) equipamento_acesso.create(user) # Monta dict para response networkapi_map = dict() equipamento_acesso_map = dict() equipamento_acesso_map['id'] = equipamento_acesso.id networkapi_map['equipamento_acesso'] = equipamento_acesso_map return self.response(dumps_networkapi(networkapi_map)) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs): """Trata uma requisição PUT para alterar informações de acesso a equipamentos. URL: /equipamentoacesso/id_equipamento/id_tipo_acesso/ """ # Obtém dados do request e verifica acesso try: # Obtém argumentos passados na URL id_equipamento = kwargs.get('id_equipamento') if id_equipamento is None: return self.response_error(147) id_tipo_acesso = kwargs.get('id_tipo_acesso') if id_tipo_acesso is None: return self.response_error(208) # Após obtenção do id_equipamento podemos verificar a permissão if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() # Obtém dados do XML xml_map, attrs_map = loads(request.raw_post_data) # Obtém o mapa correspondente ao root node do mapa do XML # (networkapi) networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'Não existe valor para a tag networkapi do XML de requisição.') # Verifica a existência do node "equipamento_acesso" equipamento_acesso_map = networkapi_map.get('equipamento_acesso') if equipamento_acesso_map is None: return self.response_error(3, u'Não existe valor para a tag equipamento_acesso do XML de requisição.') # Verifica a existência do valor "fqdn" fqdn = equipamento_acesso_map.get('fqdn') if fqdn is None: return self.response_error(205) # Verifica a existência do valor "user" username = equipamento_acesso_map.get('user') if username is None: return self.response_error(206) # Verifica a existência do valor "pass" password = equipamento_acesso_map.get('pass') if password is None: return self.response_error(207) # Obtém o valor de "enable_pass" enable_pass = equipamento_acesso_map.get('enable_pass') with distributedlock(LOCK_EQUIPMENT_ACCESS % id_tipo_acesso): # Altera a informação de acesso ao equipamentoconforme dados # recebidos no XML EquipamentoAcesso.update(user, id_equipamento, id_tipo_acesso, fqdn=fqdn, user=username, password=password, enable_pass=enable_pass ) # Retorna response vazio em caso de sucesso return self.response(dumps_networkapi({})) except XMLError, x: self.log.error(u'Erro ao ler o XML da requisição.') return self.response_error(3, x)
def prepare_apply(load_balance, vip, created=True, user=None): vip_request = copy.deepcopy(vip) id_vip = str(vip_request.get('id')) equips, conf, cluster_unit = _validate_vip_to_apply( vip_request, created, user) cache_group = OptionVip.objects.get( id=vip_request.get('options').get('cache_group')) traffic_return = OptionVip.objects.get( id=vip_request.get('options').get('traffic_return')) timeout = OptionVip.objects.get( id=vip_request.get('options').get('timeout')) persistence = OptionVip.objects.get( id=vip_request.get('options').get('persistence')) if vip_request['ipv4']: ipv4 = Ip.get_by_pk(vip_request['ipv4']) if vip_request[ 'ipv4'] else None vip_request['ipv4'] = { 'id': ipv4.id, 'ip_formated': ipv4.ip_formated } if vip_request['ipv6']: ipv6 = Ipv6.get_by_pk(vip_request['ipv6']) if vip_request[ 'ipv6'] else None vip_request['ipv6'] = { 'id': ipv6.id, 'ip_formated': ipv6.ip_formated } if conf: conf = json.loads(conf) vip_request['options'] = dict() vip_request['options']['cache_group'] = { 'id': cache_group.id, 'nome_opcao_txt': cache_group.nome_opcao_txt } vip_request['options']['traffic_return'] = { 'id': traffic_return.id, 'nome_opcao_txt': traffic_return.nome_opcao_txt } vip_request['options']['timeout'] = { 'id': timeout.id, 'nome_opcao_txt': timeout.nome_opcao_txt } vip_request['options']['persistence'] = { 'id': persistence.id, 'nome_opcao_txt': persistence.nome_opcao_txt } vip_request['options']['cluster_unit'] = cluster_unit try: vip_request['options']['dscp'] = VipRequestDSCP.objects.get( vip_request=vip_request['id'] ).dscp except: vip_request['options']['dscp'] = None pass for idx, port in enumerate(vip_request['ports']): for i, pl in enumerate(port['pools']): pool = get_pool_by_id(pl['server_pool']) pool_serializer = pool_slz.PoolV3Serializer(pool) l7_rule = OptionVip.objects.get( id=pl['l7_rule']).nome_opcao_txt healthcheck = pool_serializer.data['healthcheck'] healthcheck['identifier'] = reserve_name_healthcheck( pool_serializer.data['identifier']) healthcheck['new'] = True vip_request['ports'][idx]['pools'][i]['server_pool'] = { 'id': pool_serializer.data['id'], 'nome': pool_serializer.data['identifier'], 'lb_method': pool_serializer.data['lb_method'], 'healthcheck': healthcheck, 'action': pool_serializer.data['servicedownaction']['name'], 'pool_created': pool_serializer.data['pool_created'], 'pools_members': [{ 'id': pool_member['id'], 'identifier': pool_member['identifier'], 'ip': pool_member['ip']['ip_formated'] if pool_member['ip'] else pool_member['ipv6']['ip_formated'], 'port': pool_member['port_real'], 'member_status': pool_member['member_status'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'] } for pool_member in pool_serializer.data['server_pool_members']] } vip_request['ports'][idx]['pools'][i]['l7_rule'] = l7_rule l7_protocol = OptionVip.objects.get( id=port['options']['l7_protocol']) l4_protocol = OptionVip.objects.get( id=port['options']['l4_protocol']) vip_request['ports'][idx]['options'] = dict() vip_request['ports'][idx]['options']['l7_protocol'] = { 'id': l7_protocol.id, 'nome_opcao_txt': l7_protocol.nome_opcao_txt } vip_request['ports'][idx]['options']['l4_protocol'] = { 'id': l4_protocol.id, 'nome_opcao_txt': l4_protocol.nome_opcao_txt } vip_request['conf'] = conf if conf: for idx, layer in enumerate(conf['conf']['layers']): requiments = layer.get('requiments') if requiments: # validate for port for idx_port, port in enumerate(vip['ports']): for requiment in requiments: condicionals = requiment.get('condicionals') for condicional in condicionals: validated = True validations = condicional.get('validations') for validation in validations: if validation.get('type') == 'optionvip': validated &= valid_expression( validation.get('operator'), int(vip['options'][ validation.get('variable')]), int(validation.get('value')) ) if validation.get('type') == 'portoptionvip': validated &= valid_expression( validation.get('operator'), int(port['options'][ validation.get('variable')]), int(validation.get('value')) ) if validation.get('type') == 'field' and validation.get('variable') == 'cluster_unit': validated &= valid_expression( validation.get('operator'), cluster_unit, validation.get('value') ) if validated: use = condicional.get('use') for item in use: definitions = item.get('definitions') eqpts = item.get('eqpts') if eqpts: eqpts = Equipamento.objects.filter( id__in=eqpts, maintenance=0, tipo_equipamento__tipo_equipamento=u'Balanceador').distinct() if facade_eqpt.all_equipments_are_in_maintenance(equips): raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException() if user: if not facade_eqpt.all_equipments_can_update_config(equips, user): raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException( 'User does not have permission to update conf in eqpt. \ Verify the permissions of user group with equipment group. Vip:{}'.format( vip_request['id'])) for eqpt in eqpts: eqpt_id = str(eqpt.id) if not load_balance.get(eqpt_id): equipment_access = EquipamentoAcesso.search( equipamento=eqpt.id ) plugin = PluginFactory.factory( eqpt) load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'vips': [], 'layers': {}, } idx_layer = str(idx) idx_port_str = str(port['port']) if not load_balance[eqpt_id]['layers'].get(id_vip): load_balance[eqpt_id][ 'layers'][id_vip] = dict() if load_balance[eqpt_id]['layers'][id_vip].get(idx_layer): if load_balance[eqpt_id]['layers'][id_vip].get(idx_layer).get('definitions').get(idx_port_str): load_balance[eqpt_id]['layers'][id_vip][idx_layer][ 'definitions'][idx_port_str] += definitions else: load_balance[eqpt_id]['layers'][id_vip][idx_layer][ 'definitions'][idx_port_str] = definitions else: load_balance[eqpt_id]['layers'][id_vip][idx_layer] = { 'vip_request': vip_request, 'definitions': { idx_port_str: definitions } } # In first validated==True stops conditionals. # Removing this break will add a wrong # conditional. break for e in equips: eqpt_id = str(e.id) if not load_balance.get(eqpt_id): equipment_access = EquipamentoAcesso.search( equipamento=e.id ) plugin = PluginFactory.factory(e) load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'vips': [], 'layers': {}, } load_balance[eqpt_id]['vips'].append({'vip_request': vip_request}) return load_balance
def _prepare_apply(pools, created=False, user=None): load_balance = dict() keys = list() for pool in pools: equips = _validate_pool_members_to_apply(pool, user) keys.append(sorted([str(eqpt.id) for eqpt in equips])) healthcheck = pool['healthcheck'] healthcheck['identifier'] = facade_v3.\ reserve_name_healthcheck(pool['identifier']) healthcheck['new'] = True for e in equips: eqpt_id = str(e.id) equipment_access = EquipamentoAcesso.search(equipamento=e.id) plugin = PluginFactory.factory(e) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'pools': [], } vips_requests = ServerPool().get_vips_related(pool['id']) serializer_vips = serializers_vip.VipRequestV3Serializer( vips_requests, many=True, include=( 'ipv4__details', 'ipv6__details', 'ports__identifier', 'ports__pools__server_pool__basic__lb_method', )) vips = serializer_vips.data load_balance[eqpt_id]['pools'].append({ 'id': pool['id'], 'nome': pool['identifier'], 'lb_method': pool['lb_method'], 'healthcheck': healthcheck, 'action': pool['servicedownaction']['name'], 'vips': vips, 'pools_members': [{ 'id': pool_member['id'], 'identifier': pool_member['identifier'], 'ip': pool_member['ip']['ip_formated'] if pool_member['ip'] else pool_member['ipv6']['ip_formated'], 'port': pool_member['port_real'], 'member_status': pool_member['member_status'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'] } for pool_member in pool['server_pool_members']] }) # pools are in differents load balancers keys = [','.join(key) for key in keys] if len(list(set(keys))) > 1: raise Exception('Pools are in differents load balancers') return load_balance
def set_poolmember_state(pools): """ Set Pool Members state """ try: load_balance = {} for pool in pools: pools_members = [] q_filters = [] for pool_member in pool['server_pool_members']: port_real = pool_member['port_real'] if pool_member['ipv6'] is None: ip = pool_member['ip']['ip_formated'] ip_ft = '.'.join(str(x) for x in [ pool_member['ip']['oct1'], pool_member['ip']['oct2'], pool_member['ip']['oct3'], pool_member['ip']['oct4']]) if ip != ip_ft: raise exceptions.InvalidIpNotExist() q_filters.append({ 'ip__oct1': pool_member['ip']['oct1'], 'ip__oct2': pool_member['ip']['oct2'], 'ip__oct3': pool_member['ip']['oct3'], 'ip__oct4': pool_member['ip']['oct4'], 'port_real': port_real }) else: ip = pool_member['ipv6']['ip_formated'] ip_ft = '.'.join(str(x) for x in [ pool_member['ipv6']['block1'], pool_member['ipv6']['block2'], pool_member['ipv6']['block3'], pool_member['ipv6']['block4'], pool_member['ipv6']['block5'], pool_member['ipv6']['block6'], pool_member['ipv6']['block7'], pool_member['ipv6']['block8']]) if ip != ip_ft: raise exceptions.InvalidIpNotExist() q_filters.append({ 'ipv6__block1': pool_member['ipv6']['block1'], 'ipv6__block2': pool_member['ipv6']['block2'], 'ipv6__block3': pool_member['ipv6']['block3'], 'ipv6__block4': pool_member['ipv6']['block4'], 'ipv6__block5': pool_member['ipv6']['block5'], 'ipv6__block6': pool_member['ipv6']['block6'], 'ipv6__block7': pool_member['ipv6']['block7'], 'ipv6__block8': pool_member['ipv6']['block8'], 'port_real': port_real }) pools_members.append({ 'id': pool_member['id'], 'ip': ip, 'port': port_real, 'member_status': pool_member['member_status'] }) server_pool_members = ServerPoolMember.objects.filter( reduce(lambda x, y: x | y, [Q(**q_filter) for q_filter in q_filters]), server_pool=pool['server_pool']['id']) if len(server_pool_members) != len(pools_members): raise exceptions.PoolmemberNotExist() pool_name = pool['server_pool']['identifier'] server_pools = ServerPool.objects.filter(identifier=pool_name) if not server_pools: raise exceptions.PoolNotExist() equips = EquipamentoAmbiente.objects.filter( ambiente__id=pool['server_pool']['environment']['id'], equipamento__tipo_equipamento__tipo_equipamento=u'Balanceador') equipment_list = [e.equipamento for e in equips] if all_equipments_are_in_maintenance(equipment_list): raise AllEquipmentsAreInMaintenanceException() for e in equips: eqpt_id = str(e.equipamento.id) equipment_access = EquipamentoAcesso.search( equipamento=e.equipamento.id, protocolo="https" ).uniqueResult() equipment = Equipamento.get_by_pk(e.equipamento.id) plugin = PluginFactory.factory(equipment) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'fqdn': equipment_access.fqdn, 'user': equipment_access.user, 'password': equipment_access.password, 'pools': [], } load_balance[eqpt_id]['pools'].append({ 'id': pool['server_pool']['id'], 'nome': pool_name, 'pools_members': pools_members }) for lb in load_balance: load_balance[lb]['plugin'].setStateMember(load_balance[lb]) return {} except Exception, exception: log.error(exception) raise exception
def update_real_pool(pools, user): """Update real pool in Load Balancer and DB.""" load_balance = dict() keys = list() for pool in pools: pool_obj = facade_v3.get_pool_by_id(pool['id']) healthcheck_old = serializers.HealthcheckV3Serializer( pool_obj.healthcheck).data db_members = pool_obj.serverpoolmember_set.all() member_ids = [spm['id'] for spm in pool['server_pool_members'] if spm['id']] db_members_remove = list(db_members.exclude(id__in=member_ids)) db_members_id = [str(s.id) for s in db_members] pool_obj.update_v3(pool, user, permit_created=True) pools_members = list() for pool_member in pool['server_pool_members']: ip = pool_member['ip']['ip_formated'] if pool_member[ 'ip'] else pool_member['ipv6']['ip_formated'] if pool_member.get('id', None) is not None: member = db_members[ db_members_id.index(str(pool_member['id']))] ip_db = member.ip.ip_formated \ if member.ip else member.ipv6.ip_formated if member.port_real == pool_member['port_real'] \ and ip_db == ip: # update info of member pools_members.append({ 'id': pool_member['id'], 'identifier': member.identifier, 'ip': ip, 'port': pool_member['port_real'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'member_status': pool_member['member_status'], 'weight': pool_member['weight'], }) else: # delete member with old port and old ip pools_members.append({ 'id': None, 'identifier': member.identifier, 'ip': ip_db, 'port': member.port_real, 'remove': 1 }) # create member with new port and new ip pools_members.append({ 'id': pool_member['id'], 'identifier': ip, 'ip': ip, 'port': pool_member['port_real'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'], 'member_status': pool_member['member_status'], 'new': 1 }) else: # create member pools_members.append({ 'id': None, 'identifier': ip, 'ip': ip, 'port': pool_member['port_real'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'], 'member_status': pool_member['member_status'], 'new': 1 }) # delete members for member in db_members_remove: pools_members.append({ 'id': member.id, 'identifier': member.identifier, 'ip': member.ip.ip_formated if member.ip else member.ipv6.ip_formated, 'port': member.port_real, 'remove': 1 }) # get eqpts associate with pool equips = _validate_pool_to_apply(pool, update=True, user=user) keys.append(sorted([str(eqpt.id) for eqpt in equips])) healthcheck = copy.deepcopy(pool['healthcheck']) healthcheck['new'] = False if json_delta.diff(healthcheck_old, pool['healthcheck']): healthcheck['identifier'] = facade_v3.reserve_name_healthcheck( pool['identifier']) healthcheck['new'] = True for e in equips: eqpt_id = str(e.id) equipment_access = EquipamentoAcesso.search( equipamento=e.id ) plugin = PluginFactory.factory(e) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'pools': [], } vips_requests = ServerPool().get_vips_related(pool['id']) serializer_vips = serializers_vip.VipRequestV3Serializer( vips_requests, many=True, include=( 'ipv4__details', 'ipv6__details', 'ports__identifier', 'ports__pools__server_pool__basic__lb_method', ) ) vips = serializer_vips.data load_balance[eqpt_id]['pools'].append({ 'id': pool['id'], 'nome': pool['identifier'], 'lb_method': pool['lb_method'], 'healthcheck': healthcheck, 'action': pool['servicedownaction']['name'], 'vips': vips, 'pools_members': pools_members }) # pools are in differents load balancers keys = [','.join(key) for key in keys] if len(list(set(keys))) > 1: raise Exception('Pools are in differents load balancers') for lb in load_balance: load_balance[lb]['plugin'].update_pool(load_balance[lb]) return {}
def get_poolmember_state(servers_pools): """ Return Pool Members State """ load_balance = {} for server_pool in servers_pools: pools_members = [] server_pool_members = ServerPoolMember.objects.filter( server_pool=server_pool) for pool_member in server_pool_members: if pool_member.ipv6 is None: ip = pool_member.ip.ip_formated else: ip = pool_member.ipv6.ip_formated pools_members.append({ 'id': pool_member.id, 'ip': ip, 'port': pool_member.port_real, 'member_status': pool_member.member_status }) if pools_members: # pool_name = server_pool.identifier pool_id = server_pool.id equips = EquipamentoAmbiente.objects.filter( ambiente__id=server_pool.environment.id, equipamento__tipo_equipamento__tipo_equipamento=u'Balanceador') equipment_list = [e.equipamento for e in equips] if all_equipments_are_in_maintenance(equipment_list): raise AllEquipmentsAreInMaintenanceException() for e in equips: eqpt_id = str(e.equipamento.id) equipment_access = EquipamentoAcesso.search( equipamento=e.equipamento.id, protocolo="https" ).uniqueResult() equipment = Equipamento.get_by_pk(e.equipamento.id) plugin = PluginFactory.factory(equipment) if not load_balance.get(eqpt_id): load_balance[eqpt_id] = { 'plugin': plugin, 'fqdn': equipment_access.fqdn, 'user': equipment_access.user, 'password': equipment_access.password, 'pools': [], } load_balance[eqpt_id]['pools'].append({ 'id': server_pool.id, 'nome': server_pool.identifier, 'pools_members': pools_members }) for lb in load_balance: ps = {} status = {} # call plugin to get state member states = load_balance[lb]['plugin'].getStateMember(load_balance[lb]) for idx, state in enumerate(states): pool_id = load_balance[lb]['pools'][idx]['id'] if not ps.get(pool_id): ps[pool_id] = {} status[pool_id] = {} # populate variable for to verify diff states for idx_m, st in enumerate(state): member_id = load_balance[lb]['pools'][idx]['pools_members'][idx_m]['id'] if not ps[pool_id].get(member_id): ps[pool_id][member_id] = [] ps[pool_id][member_id].append(st) status[pool_id][member_id] = st # Verify diff state of pool member in eqpts for idx in ps: for idx_m in ps[idx]: if len(set(ps[idx][idx_m])) > 1: msg = 'There are states differents in equipments.' log.error(msg) raise exceptions.DiffStatesEquipament(msg) return status