def handle_delete(self, request, user, *args, **kwargs):
"""Trata uma requisição DELETE para excluir uma informação de acesso a equipamento
URL: /equipamentoacesso/id_equipamento/id_tipo_acesso/
"""
# Verifica acesso e obtém dados do request
try:
# Obtém argumentos passados na URL
id_equipamento = kwargs.get('id_equipamento')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_equipamento):
self.log.error(
u'The id_equipamento parameter is not a valid value: %s.',
id_equipamento)
raise InvalidValueError(None, 'id_equipamento', id_equipamento)
id_tipo_acesso = kwargs.get('id_tipo_acesso')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_tipo_acesso):
self.log.error(
u'The id_tipo_acesso parameter is not a valid value: %s.',
id_tipo_acesso)
raise InvalidValueError(None, 'id_tipo_acesso', id_tipo_acesso)
Equipamento.get_by_pk(id_equipamento)
TipoAcesso.get_by_pk(id_tipo_acesso)
# Após obtenção do id_equipamento podemos verificar a permissão
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION, None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
with distributedlock(LOCK_EQUIPMENT_ACCESS % id_tipo_acesso):
# Remove a informação de acesso a equipamento
EquipamentoAcesso.remove(user, id_equipamento, id_tipo_acesso)
# Retorna response vazio em caso de sucesso
return self.response(dumps_networkapi({}))
except InvalidValueError as e:
return self.response_error(269, e.param, e.value)
except EquipamentoNotFoundError:
return self.response_error(117, id_equipamento)
except AccessTypeNotFoundError:
return self.response_error(171, id_tipo_acesso)
except EquipamentoAcesso.DoesNotExist:
return self.response_error(209, id_equipamento, id_tipo_acesso)
except (EquipamentoError, GrupoError):
return self.response_error(1)
def handle_delete(self, request, user, *args, **kwargs):
"""Trata uma requisição DELETE para excluir uma informação de acesso a equipamento
URL: /equipamentoacesso/id_equipamento/id_tipo_acesso/
"""
# Verifica acesso e obtém dados do request
try:
# Obtém argumentos passados na URL
id_equipamento = kwargs.get('id_equipamento')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_equipamento):
self.log.error(
u'The id_equipamento parameter is not a valid value: %s.', id_equipamento)
raise InvalidValueError(None, 'id_equipamento', id_equipamento)
id_tipo_acesso = kwargs.get('id_tipo_acesso')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_tipo_acesso):
self.log.error(
u'The id_tipo_acesso parameter is not a valid value: %s.', id_tipo_acesso)
raise InvalidValueError(None, 'id_tipo_acesso', id_tipo_acesso)
Equipamento.get_by_pk(id_equipamento)
TipoAcesso.get_by_pk(id_tipo_acesso)
# Após obtenção do id_equipamento podemos verificar a permissão
if not has_perm(user,
AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION,
None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
with distributedlock(LOCK_EQUIPMENT_ACCESS % id_tipo_acesso):
# Remove a informação de acesso a equipamento
EquipamentoAcesso.remove(user, id_equipamento, id_tipo_acesso)
# Retorna response vazio em caso de sucesso
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def test_alter_valid(self):
mock = self.mock_valid_alter()
response = self.client_autenticado().postXML(
self.URL_ALTER, {self.XML_KEY: mock})
valid_response(response)
tpa = EquipamentoAcesso.get_by_pk(self.ID_ALTER_VALID)
self.valid_attr(mock, model_to_dict(tpa))
def handle_get(self, request, user, *args, **kwargs):
"""Trata as requisições GET para consulta de Informações de Acesso a Equipamentos.
Permite a consulta de Informações de Acesso a Equipamentos existentes.
URL: /equipamentoacesso/
"""
try:
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.READ_OPERATION):
return self.not_authorized()
# Efetua a consulta de todos os tipos de acesso
results = EquipamentoAcesso.search(user.grupos.all())
if results.count() > 0:
# Monta lista com dados retornados
map_list = []
for item in results:
item_map = self.get_equipamento_acesso_map(item)
if item_map not in map_list:
map_list.append(item_map)
# Gera response (XML) com resultados
return self.response(
dumps_networkapi({'equipamento_acesso': map_list}))
else:
# Gera response (XML) para resultado vazio
return self.response(dumps_networkapi({}))
except (EquipamentoError, GrupoError):
return self.response_error(1)
def handle_get(self, request, user, *args, **kwargs):
"""Trata as requisições GET para consulta de Informações de Acesso a Equipamentos.
Permite a consulta de Informações de Acesso a Equipamentos existentes.
URL: /equipamentoacesso/
"""
try:
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.READ_OPERATION):
return self.not_authorized()
# Efetua a consulta de todos os tipos de acesso
results = EquipamentoAcesso.search(user.grupos.all())
if results.count() > 0:
# Monta lista com dados retornados
map_list = []
for item in results:
item_map = self.get_equipamento_acesso_map(item)
if item_map not in map_list:
map_list.append(item_map)
# Gera response (XML) com resultados
return self.response(dumps_networkapi({'equipamento_acesso': map_list}))
else:
# Gera response (XML) para resultado vazio
return self.response(dumps_networkapi({}))
except (EquipamentoError, GrupoError):
return self.response_error(1)
def connect(self):
'''Connects to equipment via ssh using paramiko.SSHClient and
sets channel variable with invoked shell object
Raises:
IOError: if cannot connect to host
Exception: for other unhandled exceptions
'''
if self.equipment_access==None:
try:
self.equipment_access = EquipamentoAcesso.search(None, self.equipment, "ssh").uniqueResult()
except e:
log.error("Access type %s not found for equipment %s." % ("ssh", self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
device = self.equipment_access.fqdn
username = self.equipment_access.user
password = self.equipment_access.password
self.remote_conn=paramiko.SSHClient()
self.remote_conn.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
self.remote_conn.connect(device, port=self.connect_port, username=username, password=password)
self.channel = self.remote_conn.invoke_shell()
except IOError, e:
log.error("Could not connect to host %s: %s" % (device, e))
raise exceptions.ConnectionException(device)
def _get_equipment_access(self, protocol):
try:
return EquipamentoAcesso.search(
None, self.equipment, protocol).uniqueResult()
except Exception:
log.error('Access type %s not found for equipment %s.' %
('http', self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
def _get_equipment_access(self):
try:
self.equipment_access = EquipamentoAcesso.search(
None, self.equipment, 'https').uniqueResult()
except Exception, e:
log.error('Access type %s not found for equipment %s.' %
('https', self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
def _get_equipment_access(self):
""" Tries to get the equipment access """
try:
access = None
try:
access = EquipamentoAcesso.search(None, self.equipment,
'https').uniqueResult()
except ObjectDoesNotExist:
access = EquipamentoAcesso.search(None, self.equipment,
'http').uniqueResult()
return access
except Exception:
log.error('Access type %s not found for equipment %s.' %
('https', self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
def _get_equipment_access(self):
""" Tries to get the equipment access """
try:
access = None
try:
access = EquipamentoAcesso.search(
None, self.equipment, 'https').uniqueResult()
except ObjectDoesNotExist:
access = EquipamentoAcesso.search(
None, self.equipment, 'http').uniqueResult()
return access
except Exception:
log.error('Access type %s not found for equipment %s.' %
('https', self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
def _prepare_apply_state(pools, user=None):
load_balance = dict()
keys = list()
for pool in pools:
server_pool = ServerPool.objects.get(id=pool['id'])
server_pool_members = server_pool.serverpoolmember_set.all()
if pool['server_pool_members']:
equips = _validate_pool_members_to_apply(pool, user)
keys.append(sorted([str(eqpt.id) for eqpt in equips]))
for e in equips:
eqpt_id = str(e.id)
equipment_access = EquipamentoAcesso.search(equipamento=e.id)
plugin = PluginFactory.factory(e)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'pools': [],
}
mbs = pool['server_pool_members']
idx_mbs = [mb['id'] for mb in mbs]
load_balance[eqpt_id]['pools'].append({
'id':
server_pool.id,
'nome':
server_pool.identifier,
'pools_members': [{
'id':
pool_member.id,
'ip':
pool_member.ip.ip_formated
if pool_member.ip else pool_member.ipv6.ip_formated,
'port':
pool_member.port_real,
'member_status':
mbs[idx_mbs.index(pool_member.id)]['member_status']
} for pool_member in server_pool_members
if pool_member.id in idx_mbs]
})
# pools are in differents load balancers
keys = [','.join(key) for key in keys]
if len(list(set(keys))) > 1:
raise Exception('Pools are in differents load balancers')
return load_balance
def _prepare_apply_state(pools, user=None):
load_balance = dict()
keys = list()
for pool in pools:
server_pool = ServerPool.objects.get(id=pool['id'])
server_pool_members = server_pool.serverpoolmember_set.all()
if pool['server_pool_members']:
equips = _validate_pool_members_to_apply(pool, user)
keys.append(sorted([str(eqpt.id) for eqpt in equips]))
for e in equips:
eqpt_id = str(e.id)
equipment_access = EquipamentoAcesso.search(
equipamento=e.id
)
plugin = PluginFactory.factory(e)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'pools': [],
}
mbs = pool['server_pool_members']
idx_mbs = [mb['id'] for mb in mbs]
load_balance[eqpt_id]['pools'].append({
'id': server_pool.id,
'nome': server_pool.identifier,
'pools_members': [{
'id': pool_member.id,
'ip': pool_member.ip.ip_formated
if pool_member.ip else pool_member.ipv6.ip_formated,
'port': pool_member.port_real,
'member_status': mbs
[idx_mbs.index(pool_member.id)]['member_status']
} for pool_member in server_pool_members
if pool_member.id in idx_mbs]
})
# pools are in differents load balancers
keys = [','.join(key) for key in keys]
if len(list(set(keys))) > 1:
raise Exception('Pools are in differents load balancers')
return load_balance
class MockPluginNetwork(object):
_status = True
equipment_access = EquipamentoAcesso()
@classmethod
def status(cls, status=True):
cls._status = status
@classmethod
def remove_svi(cls, svi_number):
if cls._status:
log.info('Mock Remove Network')
else:
raise Exception('Error')
@classmethod
def create_svi(cls, svi_number, svi_description='no description'):
if cls._status:
log.info('Mock Create Network')
else:
raise Exception('Error')
@classmethod
def connect(cls):
if cls._status:
log.info('Mock Connecting')
else:
raise Exception('Error')
@classmethod
def close(cls):
if cls._status:
log.info('Mock Closing')
else:
raise Exception('Error')
@classmethod
def ensure_privilege_level(cls):
if cls._status:
log.info('Mock Ensuring Privilege Level')
else:
raise Exception('Error')
@classmethod
def copyScriptFileToConfig(cls, filename, use_vrf=None, destination='running-config'):
if cls._status:
log.info('Mock Copying script file to config')
else:
raise Exception('Error')
def connect(self):
'''Connects to equipment via ssh using paramiko.SSHClient and
sets channel variable with invoked shell object
Raises:
IOError: if cannot connect to host
Exception: for other unhandled exceptions
'''
if self.equipment_access == None:
try:
self.equipment_access = EquipamentoAcesso.search(None, self.equipment, "ssh").uniqueResult()
except Exception, e:
log.error("Access type %s not found for equipment %s." % ("ssh", self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
def connect(self):
"""Connects to equipment via ssh using paramiko.SSHClient and
sets channel variable with invoked shell object.
Raises:
IOError: if cannot connect to host
Exception: for other unhandled exceptions
"""
if self.equipment_access is None:
try:
self.equipment_access = EquipamentoAcesso.search(
None, self.equipment, 'ssh').uniqueResult()
except Exception:
log.error('Access type %s not found for equipment %s.' %
('ssh', self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
device = self.equipment_access.fqdn
username = self.equipment_access.user
password = self.equipment_access.password
self.remote_conn = paramiko.SSHClient()
self.remote_conn.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
retries = 0
connected = 0
while not connected and (retries < self.connect_max_retries):
try:
self.remote_conn.connect(device,
port=self.connect_port,
username=username,
password=password)
self.channel = self.remote_conn.invoke_shell()
connected = 1
except Exception, e:
retries += 1
# not capable of connecting after max retries
if retries is self.connect_max_retries:
raise Exception(e)
log.error('Try %s/%s - Error connecting to host %s: %s' %
(retries, self.connect_max_retries, device, e))
sleep(random.randint(1, 15))
except IOError, e:
log.error('Could not connect to host %s: %s' % (device, e))
raise exceptions.ConnectionException(device)
def connect(self):
"""Connects to equipment via ssh using paramiko.SSHClient and
sets channel variable with invoked shell object
Raises:
IOError: if cannot connect to host
Exception: for other unhandled exceptions
"""
if self.equipment_access is None:
try:
self.equipment_access = EquipamentoAcesso.search(
None, self.equipment, 'ssh').uniqueResult()
except Exception, e:
log.error('Access type %s not found for equipment %s.' %
('ssh', self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
def _get_info(self):
"""Get info from database to access the device"""
if self.equipment_access is None:
try:
self.equipment_access = EquipamentoAcesso.search(
None, self.equipment, 'https').uniqueResult()
except Exception:
log.error('Access type %s not found for equipment %s.' %
('https', self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
self.device = self.equipment_access.fqdn
username = self.equipment_access.user
password = self.equipment_access.password
self.HTTP.add_credentials(username, password)
def connect(self):
"""
Connects to equipment via ssh using PyEz
and create connection with invoked shell object.
:returns:
True on success or raise an exception on any
fail (will NOT return a false result, due project decision).
"""
if self.equipment_access is None:
try:
# Collect the credentials (user and password) for equipment
self.equipment_access = EquipamentoAcesso.search(None,
self.equipment,
'ssh').uniqueResult()
except Exception as e:
message = "Unknown error while accessing equipment {} in database.".format(
self.equipment.nome)
log.error("{}: {}".format(message, e))
raise exceptions.APIException(message)
log.info("Trying to connect on host {} ... ".format(self.equipment_access.fqdn))
try:
self.remote_conn = Device(
host=self.equipment_access.fqdn,
user=self.equipment_access.user,
passwd=self.equipment_access.password,
port=self.connect_port)
self.remote_conn.open()
self.configuration = Config(self.remote_conn)
if self.remote_conn.connected:
log.info("The connection on host {} was opened successfully!".format(self.equipment_access.fqdn))
return True
except ConnectError as e:
message = "Authentication failed trying to connect host {}.".format(self.equipment_access.fqdn)
log.error("{}: {}".format(message, e))
raise exceptions.ConnectionException(message)
except Exception as e:
message = "Unknown error while connecting to host {}.".format(self.equipment_access.fqdn)
log.error("{}: {}".format(message, e))
raise exceptions.APIException(message)
def connect(self):
"""Connects to equipment via ssh using paramiko.SSHClient and
sets channel variable with invoked shell object.
Raises:
IOError: if cannot connect to host
Exception: for other unhandled exceptions
"""
if self.equipment_access is None:
try:
self.equipment_access = EquipamentoAcesso.search(
None, self.equipment, 'ssh').uniqueResult()
except Exception:
log.error('Access type %s not found for equipment %s.' %
('ssh', self.equipment.nome))
raise exceptions.InvalidEquipmentAccessException()
device = self.equipment_access.fqdn
username = self.equipment_access.user
password = self.equipment_access.password
self.remote_conn = paramiko.SSHClient()
self.remote_conn.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
retries = 0
connected = 0
while not connected and (retries < self.connect_max_retries):
try:
self.remote_conn.connect(
device, port=self.connect_port, username=username, password=password)
self.channel = self.remote_conn.invoke_shell()
connected = 1
except Exception, e:
retries += 1
# not capable of connecting after max retries
if retries is self.connect_max_retries:
raise Exception(e)
log.error('Try %s/%s - Error connecting to host %s: %s' %
(retries, self.connect_max_retries, device, e))
sleep(random.randint(1, 15))
except IOError, e:
log.error('Could not connect to host %s: %s' % (device, e))
raise exceptions.ConnectionException(device)
def handle_get(self, request, user, *args, **kwargs):
"""Handles GET requests to list all equip access by access identifier.
URLs: equipamentoacesso/id/<id_acesso>/
"""
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
# Valid id access
id_access = kwargs.get('id_acesso')
if not is_valid_int_greater_zero_param(id_access):
self.log.error(u'Parameter id_acesso is invalid. Value: %s.',
id_access)
raise InvalidValueError(None, 'id_acesso', id_access)
# Business Rules
access = EquipamentoAcesso.get_by_pk(id_access)
equip_access_map = dict()
equip_access_map['equipamento_acesso'] = model_to_dict(access)
# Return XML
return self.response(dumps_networkapi(equip_access_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs):
"""Handles GET requests to list all equip access by access identifier.
URLs: equipamentoacesso/id/<id_acesso>/
"""
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
# Valid id access
id_access = kwargs.get('id_acesso')
if not is_valid_int_greater_zero_param(id_access):
self.log.error(
u'Parameter id_acesso is invalid. Value: %s.', id_access)
raise InvalidValueError(None, 'id_acesso', id_access)
# Business Rules
access = EquipamentoAcesso.get_by_pk(id_access)
equip_access_map = dict()
equip_access_map['equipamento_acesso'] = model_to_dict(access)
# Return XML
return self.response(dumps_networkapi(equip_access_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Trata uma requisição PUT para alterar informações de acesso a equipamentos.
URL: /equipamentoacesso/id_equipamento/id_tipo_acesso/
"""
# Obtém dados do request e verifica acesso
try:
# Obtém argumentos passados na URL
id_equipamento = kwargs.get('id_equipamento')
if id_equipamento is None:
return self.response_error(147)
id_tipo_acesso = kwargs.get('id_tipo_acesso')
if id_tipo_acesso is None:
return self.response_error(208)
# Após obtenção do id_equipamento podemos verificar a permissão
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION, None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
# Obtém dados do XML
xml_map, attrs_map = loads(request.raw_post_data)
# Obtém o mapa correspondente ao root node do mapa do XML
# (networkapi)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'Não existe valor para a tag networkapi do XML de requisição.'
)
# Verifica a existência do node "equipamento_acesso"
equipamento_acesso_map = networkapi_map.get('equipamento_acesso')
if equipamento_acesso_map is None:
return self.response_error(
3,
u'Não existe valor para a tag equipamento_acesso do XML de requisição.'
)
# Verifica a existência do valor "fqdn"
fqdn = equipamento_acesso_map.get('fqdn')
if fqdn is None:
return self.response_error(205)
# Verifica a existência do valor "user"
username = equipamento_acesso_map.get('user')
if username is None:
return self.response_error(206)
# Verifica a existência do valor "pass"
password = equipamento_acesso_map.get('pass')
if password is None:
return self.response_error(207)
# Obtém o valor de "enable_pass"
enable_pass = equipamento_acesso_map.get('enable_pass')
with distributedlock(LOCK_EQUIPMENT_ACCESS % id_tipo_acesso):
# Altera a informação de acesso ao equipamentoconforme dados
# recebidos no XML
EquipamentoAcesso.update(user,
id_equipamento,
id_tipo_acesso,
fqdn=fqdn,
user=username,
password=password,
enable_pass=enable_pass)
# Retorna response vazio em caso de sucesso
return self.response(dumps_networkapi({}))
except XMLError, x:
self.log.error(u'Erro ao ler o XML da requisição.')
return self.response_error(3, x)
def update_real_pool(request):
"""
- update real pool in eqpt
- update data pool in db
"""
pools = request.DATA.get("pools", [])
load_balance = {}
# valid data for save in DB and apply in eqpt
ps, sp = valid_to_save_reals_v2(pools)
for pool in pools:
ids = [p['id'] for p in pool['server_pool_members'] if p['id']]
db_members = ServerPoolMember.objects.filter(id__in=ids)
db_members_remove = ServerPoolMember.objects.filter(server_pool__id=pool['server_pool']['id']).exclude(id__in=ids)
db_members_id = [str(s.id) for s in db_members]
pools_members = list()
for pool_member in pool['server_pool_members']:
if not pool_member['ipv6']:
ip = pool_member['ip']['ip_formated']
else:
ip = pool_member['ipv6']['ip_formated']
if pool_member['id']:
member = db_members[db_members_id.index(str(pool_member['id']))]
if not member.ipv6:
ip_db = member.ip.ip_formated
else:
ip_db = member.ipv6.ip_formated
if member.port_real == pool_member['port_real'] and ip_db == ip:
pools_members.append({
'id': pool_member['id'],
'ip': ip,
'port': pool_member['port_real'],
'limit': pool_member['limit'],
'priority': pool_member['priority'],
'weight': pool_member['weight'],
})
else:
pools_members.append({
'id': None,
'ip': ip_db,
'port': member.port_real,
'remove': 1
})
pools_members.append({
'id': pool_member['id'],
'ip': ip,
'port': pool_member['port_real'],
'limit': pool_member['limit'],
'priority': pool_member['priority'],
'weight': pool_member['weight'],
'new': 1
})
else:
pools_members.append({
'id': None,
'ip': ip,
'port': pool_member['port_real'],
'limit': pool_member['limit'],
'priority': pool_member['priority'],
'weight': pool_member['weight'],
'new': 1
})
# members to remove
for member in db_members_remove:
if not member.ipv6:
ip_db = member.ip.ip_formated
else:
ip_db = member.ipv6.ip_formated
pools_members.append({
'id': member.id,
'ip': ip_db,
'port': member.port_real,
'remove': 1
})
# get eqpts associate with pool
equips = EquipamentoAmbiente.objects.filter(
ambiente__id=pool['server_pool']['environment']['id'],
equipamento__tipo_equipamento__tipo_equipamento=u'Balanceador')
equipment_list = [e.equipamento for e in equips]
if all_equipments_are_in_maintenance(equipment_list):
raise AllEquipmentsAreInMaintenanceException()
for e in equips:
eqpt_id = str(e.equipamento.id)
equipment_access = EquipamentoAcesso.search(
equipamento=e.equipamento.id,
protocolo="https"
).uniqueResult()
equipment = Equipamento.get_by_pk(e.equipamento.id)
plugin = PluginFactory.factory(equipment)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'fqdn': equipment_access.fqdn,
'user': equipment_access.user,
'password': equipment_access.password,
'pools': [],
}
load_balance[eqpt_id]['pools'].append({
'id': pool['server_pool']['id'],
'nome': pool['server_pool']['identifier'],
'lb_method': pool['server_pool']['lb_method'],
'healthcheck': pool['server_pool']['healthcheck'],
'action': pool['server_pool']['servicedownaction']['name'],
'pools_members': pools_members
})
# get ids from pools created
names = [sp[p].id for idx, p in enumerate(ps) if sp[p].pool_created]
environments = [sp[p].id for idx, p in enumerate(ps) if sp[p].pool_created]
# call plugin to change in load balance
for lb in load_balance:
lbe = [l for l in load_balance[lb]['pools'] if l['id'] in names if l['id'] in environments]
if len(lbe) > 0:
json = load_balance[lb]
json['pools'] = lbe
json['plugin'].updatePool(json)
# save pool in DB
for idx in sp:
idx = str(idx)
sp[idx].identifier = ps[idx]['server_pool']['identifier']
sp[idx].environment = Ambiente.objects.get(
id=ps[idx]['server_pool']['environment']['id'])
sp[idx].default_limit = ps[idx]['server_pool']['default_limit']
sp[idx].default_port = ps[idx]['server_pool']['default_port']
sp[idx].lb_method = ps[idx]['server_pool']['lb_method']
sp[idx].servicedownaction = OptionPool.objects.get(
id=ps[idx]['server_pool']['servicedownaction']['id'])
is_healthcheck_valid(ps[idx]['server_pool']['healthcheck'])
ps[idx]['server_pool']['healthcheck'] = ps[idx]['server_pool']['healthcheck']
sp[idx].healthcheck = get_or_create_healthcheck(
request.user,
ps[idx]['server_pool']['healthcheck']['healthcheck_expect'],
ps[idx]['server_pool']['healthcheck']['healthcheck_type'],
ps[idx]['server_pool']['healthcheck']['healthcheck_request'],
ps[idx]['server_pool']['healthcheck']['destination'],
ps[idx]['server_pool']['healthcheck']['identifier'])
sp[idx].save()
members_id = [p['id'] for p in pool['server_pool_members'] for pool in pools if p['id']]
pms = ServerPoolMember.objects.filter(id__in=members_id)
pms_delete = ServerPoolMember.objects.exclude(id__in=members_id).filter(server_pool__id__in=[pool['server_pool']['id'] for pool in pools])
members = dict()
for pool in pools:
for member in pool['server_pool_members']:
if member['id']:
members[str(member['id'])] = member
# update pool members
log.info(pools)
for pm in pms:
if members.get(str(pm.id)):
pm.port_real = members.get(str(pm.id))['port_real']
pm.priority = members.get(str(pm.id))['priority']
pm.weight = members.get(str(pm.id))['weight']
pm.limit = members.get(str(pm.id))['limit']
pm.save()
# delete pool members
for pm in pms_delete:
pm.delete()
# create new pool members
members = [p for p in pool['server_pool_members'] for pool in pools if not p['id']]
for member in members:
pm = ServerPoolMember()
pm.server_pool_id = member['server_pool']['id']
pm.limit = member['limit']
if member['ip']:
pm.ip_id = member['ip']['id']
if member['ipv6']:
pm.ipv6_id = member['ipv6']['id']
pm.identifier = member['identifier']
pm.weight = member['weight']
pm.priority = member['priority']
pm.port_real = member['port_real']
pm.save()
# Save reals
# save_server_pool_member(request.user, sp, list_server_pool_member)
return {}
def delete_real_pool(request):
"""
delete real pool in eqpt
"""
pools = request.DATA.get("pools", [])
load_balance = {}
for pool in pools:
pools_members = []
for pool_member in pool['server_pool_members']:
if pool_member['ipv6'] is None:
ip = pool_member['ip']['ip_formated']
else:
ip = pool_member['ipv6']['ip_formated']
pools_members.append({
'id': pool_member['id'],
'ip': ip,
'port': pool_member['port_real'],
'member_status': pool_member['member_status'],
'limit': pool_member['limit'],
'priority': pool_member['priority'],
'weight': pool_member['weight']
})
equips = EquipamentoAmbiente.objects.filter(
ambiente__id=pool['server_pool']['environment']['id'],
equipamento__tipo_equipamento__tipo_equipamento=u'Balanceador')
equipment_list = [e.equipamento for e in equips]
if all_equipments_are_in_maintenance(equipment_list):
raise AllEquipmentsAreInMaintenanceException()
for e in equips:
eqpt_id = str(e.equipamento.id)
equipment_access = EquipamentoAcesso.search(
equipamento=e.equipamento.id,
protocolo="https"
).uniqueResult()
equipment = Equipamento.get_by_pk(e.equipamento.id)
plugin = PluginFactory.factory(equipment)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'fqdn': equipment_access.fqdn,
'user': equipment_access.user,
'password': equipment_access.password,
'pools': [],
}
load_balance[eqpt_id]['pools'].append({
'id': pool['server_pool']['id'],
'nome': pool['server_pool']['identifier'],
'lb_method': pool['server_pool']['lb_method'],
'healthcheck': pool['server_pool']['healthcheck'],
'action': pool['server_pool']['servicedownaction']['name'],
'pools_members': pools_members
})
for lb in load_balance:
load_balance[lb]['plugin'].deletePool(load_balance[lb])
ids = [pool['server_pool']['id'] for pool in pools]
ServerPool.objects.filter(id__in=ids).update(pool_created=False)
return {}
def handle_post(self, request, auth, *args, **kwargs):
"""Handles POST requests to update Equipment Access by id.
URLs: /equipmentaccess/edit/
"""
self.log.info('Update EquipmentAccess by id')
try:
# Commons Validations
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
msg = u'There is no value to the networkapi tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
equipmentaccess_map = networkapi_map.get('equipamento_acesso')
if equipmentaccess_map is None:
msg = u'There is no value to the equipamento_acesso tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
# Get XML data
user = equipmentaccess_map.get('user')
password = equipmentaccess_map.get('pass')
fqdn = equipmentaccess_map.get('fqdn')
enable_pass = equipmentaccess_map.get('enable_pass')
type_access = equipmentaccess_map.get('id_tipo_acesso')
equip_access = equipmentaccess_map.get('id_equip_acesso')
# Password must NOT be none and 20 is the maxsize and 3 is the
# minsize
if not is_valid_string_maxsize(
password, 150) or not is_valid_string_minsize(password, 3):
self.log.error(u'Parameter pass is invalid.')
raise InvalidValueError(None, 'pass', '****')
# Enable Pass must NOT be none and 20 is the maxsize and 3 is the
# minsize
if not is_valid_string_maxsize(enable_pass,
150) or not is_valid_string_minsize(
enable_pass, 3):
self.log.error(u'Parameter enable_pass is invalid.')
raise InvalidValueError(None, 'enable_pass', '****')
# User must NOT be none and 20 is the maxsize and 3 is the minsize
if not is_valid_string_maxsize(
user, 20) or not is_valid_string_minsize(user, 3):
self.log.error(u'Parameter user is invalid. Value: %s.', user)
raise InvalidValueError(None, 'user', user)
# Host must NOT be none and 100 is the maxsize and 4 is the minsize
if not is_valid_string_maxsize(
fqdn, 100) or not is_valid_string_minsize(fqdn, 4):
self.log.error(u'Parameter fqdn is invalid. Value: %s.', fqdn)
raise InvalidValueError(None, 'fqdn', fqdn)
# Type Access
# Valid type access ID
if not is_valid_int_greater_zero_param(type_access):
self.log.error(
u'Parameter type_access_id is invalid. Value: %s.',
type_access)
raise InvalidValueError(None, 'type_access_id', type_access)
type_access = TipoAcesso.get_by_pk(type_access)
# Business Rules
equip_access = EquipamentoAcesso.get_by_pk(equip_access)
# User permission
if not has_perm(auth, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION, None,
equip_access.equipamento.id,
AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
with distributedlock(LOCK_EQUIPMENT_ACCESS % type_access.id):
# valid duplicate association
if not (int(type_access.id) == int(
equip_access.tipo_acesso.id)):
if EquipamentoAcesso.objects.filter(
equipamento=equip_access.equipamento,
tipo_acesso=type_access).count() > 0:
raise EquipamentoAccessDuplicatedError(
None,
u'Já existe esta associação de equipamento e tipo de acesso cadastrada.'
)
equip_access.__dict__.update(fqdn=fqdn,
user=user,
password=password,
enable_pass=enable_pass)
equip_access.tipo_acesso = type_access
equip_access.save(auth)
# update
equipmentaccess_map = dict()
equipmentaccess_map['equipamento_acesso'] = model_to_dict(
equip_access)
# Return XML
return self.response(dumps_networkapi(equipmentaccess_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
"""Trata as requisições de POST para criar Informações de Acesso a Equipamentos.
URL: /equipamentoacesso
"""
# Obtém dados do request e verifica acesso
try:
# Obtém os dados do xml do request
xml_map, attrs_map = loads(request.raw_post_data)
# Obtém o mapa correspondente ao root node do mapa do XML
# (networkapi)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'Não existe valor para a tag networkapi do XML de requisição.')
# Verifica a existência do node "equipamento_acesso"
equipamento_acesso_map = networkapi_map.get('equipamento_acesso')
if equipamento_acesso_map is None:
return self.response_error(3, u'Não existe valor para a tag equipamento_acesso do XML de requisição.')
# Verifica a existência do valor "id_equipamento"
id_equipamento = equipamento_acesso_map.get('id_equipamento')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_equipamento):
self.log.error(
u'The id_equipamento parameter is not a valid value: %s.', id_equipamento)
raise InvalidValueError(None, 'id_equipamento', id_equipamento)
try:
id_equipamento = int(id_equipamento)
except (TypeError, ValueError):
self.log.error(
u'Valor do id_equipamento inválido: %s.', id_equipamento)
return self.response_error(117, id_equipamento)
# Após obtenção do id_equipamento podemos verificar a permissão
if not has_perm(user,
AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION,
None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
# Verifica a existência do valor "fqdn"
fqdn = equipamento_acesso_map.get('fqdn')
# Valid fqdn
if not is_valid_string_maxsize(fqdn, 100) or not is_valid_string_minsize(fqdn, 4):
self.log.error(u'Parameter fqdn is invalid. Value: %s', fqdn)
raise InvalidValueError(None, 'fqdn', fqdn)
# Verifica a existência do valor "user"
username = equipamento_acesso_map.get('user')
# Valid username
if not is_valid_string_maxsize(username, 20) or not is_valid_string_minsize(username, 3):
self.log.error(
u'Parameter username is invalid. Value: %s', username)
raise InvalidValueError(None, 'username', username)
# Verifica a existência do valor "pass"
password = equipamento_acesso_map.get('pass')
# Valid password
if not is_valid_string_maxsize(password, 150) or not is_valid_string_minsize(password, 3):
self.log.error(u'Parameter password is invalid.')
raise InvalidValueError(None, 'password', '****')
# Verifica a existência do valor "id_tipo_acesso"
id_tipo_acesso = equipamento_acesso_map.get('id_tipo_acesso')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_tipo_acesso):
self.log.error(
u'The id_tipo_acesso parameter is not a valid value: %s.', id_tipo_acesso)
raise InvalidValueError(None, 'id_tipo_acesso', id_tipo_acesso)
try:
id_tipo_acesso = int(id_tipo_acesso)
except (TypeError, ValueError):
self.log.error(
u'Valor do id_tipo_acesso inválido: %s.', id_tipo_acesso)
return self.response_error(171, id_tipo_acesso)
# Obtém o valor de "enable_pass"
enable_pass = equipamento_acesso_map.get('enable_pass')
# Valid enable_pass
if not is_valid_string_maxsize(enable_pass, 150) or not is_valid_string_minsize(enable_pass, 3):
self.log.error(u'Parameter enable_pass is invalid.')
raise InvalidValueError(None, 'enable_pass', '****')
# Cria acesso ao equipamento conforme dados recebidos no XML
equipamento_acesso = EquipamentoAcesso(
equipamento=Equipamento(id=id_equipamento),
fqdn=fqdn,
user=username,
password=password,
tipo_acesso=TipoAcesso(id=id_tipo_acesso),
enable_pass=enable_pass
)
equipamento_acesso.create(user)
# Monta dict para response
networkapi_map = dict()
equipamento_acesso_map = dict()
equipamento_acesso_map['id'] = equipamento_acesso.id
networkapi_map['equipamento_acesso'] = equipamento_acesso_map
return self.response(dumps_networkapi(networkapi_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def update_real_pool(pools, user):
"""Update real pool in Load Balancer and DB."""
load_balance = dict()
keys = list()
for pool in pools:
pool_obj = facade_v3.get_pool_by_id(pool['id'])
healthcheck_old = serializers.HealthcheckV3Serializer(
pool_obj.healthcheck).data
db_members = pool_obj.serverpoolmember_set.all()
member_ids = [
spm['id'] for spm in pool['server_pool_members'] if spm['id']
]
db_members_remove = list(db_members.exclude(id__in=member_ids))
db_members_id = [str(s.id) for s in db_members]
pool_obj.update_v3(pool, user, permit_created=True)
pools_members = list()
for pool_member in pool['server_pool_members']:
ip = pool_member['ip']['ip_formated'] if pool_member[
'ip'] else pool_member['ipv6']['ip_formated']
if pool_member.get('id', None) is not None:
member = db_members[db_members_id.index(str(
pool_member['id']))]
ip_db = member.ip.ip_formated \
if member.ip else member.ipv6.ip_formated
if member.port_real == pool_member['port_real'] \
and ip_db == ip:
# update info of member
pools_members.append({
'id':
pool_member['id'],
'identifier':
member.identifier,
'ip':
ip,
'port':
pool_member['port_real'],
'limit':
pool_member['limit'],
'priority':
pool_member['priority'],
'member_status':
pool_member['member_status'],
'weight':
pool_member['weight'],
})
else:
# delete member with old port and old ip
pools_members.append({
'id': None,
'identifier': member.identifier,
'ip': ip_db,
'port': member.port_real,
'remove': 1
})
# create member with new port and new ip
pools_members.append({
'id':
pool_member['id'],
'identifier':
ip,
'ip':
ip,
'port':
pool_member['port_real'],
'limit':
pool_member['limit'],
'priority':
pool_member['priority'],
'weight':
pool_member['weight'],
'member_status':
pool_member['member_status'],
'new':
1
})
else:
# create member
pools_members.append({
'id':
None,
'identifier':
ip,
'ip':
ip,
'port':
pool_member['port_real'],
'limit':
pool_member['limit'],
'priority':
pool_member['priority'],
'weight':
pool_member['weight'],
'member_status':
pool_member['member_status'],
'new':
1
})
# delete members
for member in db_members_remove:
pools_members.append({
'id':
member.id,
'identifier':
member.identifier,
'ip':
member.ip.ip_formated
if member.ip else member.ipv6.ip_formated,
'port':
member.port_real,
'remove':
1
})
# get eqpts associate with pool
equips = _validate_pool_to_apply(pool, update=True, user=user)
keys.append(sorted([str(eqpt.id) for eqpt in equips]))
healthcheck = copy.deepcopy(pool['healthcheck'])
healthcheck['new'] = False
if json_delta.diff(healthcheck_old, pool['healthcheck']):
healthcheck['identifier'] = facade_v3.reserve_name_healthcheck(
pool['identifier'])
healthcheck['new'] = True
for e in equips:
eqpt_id = str(e.id)
equipment_access = EquipamentoAcesso.search(equipamento=e.id)
plugin = PluginFactory.factory(e)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'pools': [],
}
vips_requests = ServerPool().get_vips_related(pool['id'])
serializer_vips = serializers_vip.VipRequestV3Serializer(
vips_requests,
many=True,
include=(
'ipv4__details',
'ipv6__details',
'ports__identifier',
'ports__pools__server_pool__basic__lb_method',
))
vips = serializer_vips.data
load_balance[eqpt_id]['pools'].append({
'id':
pool['id'],
'nome':
pool['identifier'],
'lb_method':
pool['lb_method'],
'healthcheck':
healthcheck,
'action':
pool['servicedownaction']['name'],
'vips':
vips,
'pools_members':
pools_members
})
# pools are in differents load balancers
keys = [','.join(key) for key in keys]
if len(list(set(keys))) > 1:
raise Exception('Pools are in differents load balancers')
for lb in load_balance:
load_balance[lb]['plugin'].update_pool(load_balance[lb])
return {}
def handle_post(self, request, auth, *args, **kwargs):
"""Handles POST requests to update Equipment Access by id.
URLs: /equipmentaccess/edit/
"""
self.log.info('Update EquipmentAccess by id')
try:
# Commons Validations
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
msg = u'There is no value to the networkapi tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
equipmentaccess_map = networkapi_map.get('equipamento_acesso')
if equipmentaccess_map is None:
msg = u'There is no value to the equipamento_acesso tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
# Get XML data
user = equipmentaccess_map.get('user')
password = equipmentaccess_map.get('pass')
fqdn = equipmentaccess_map.get('fqdn')
enable_pass = equipmentaccess_map.get('enable_pass')
type_access = equipmentaccess_map.get('id_tipo_acesso')
equip_access = equipmentaccess_map.get('id_equip_acesso')
# Password must NOT be none and 20 is the maxsize and 3 is the
# minsize
if not is_valid_string_maxsize(password, 150) or not is_valid_string_minsize(password, 3):
self.log.error(u'Parameter pass is invalid.')
raise InvalidValueError(None, 'pass', '****')
# Enable Pass must NOT be none and 20 is the maxsize and 3 is the
# minsize
if not is_valid_string_maxsize(enable_pass, 150) or not is_valid_string_minsize(enable_pass, 3):
self.log.error(u'Parameter enable_pass is invalid.')
raise InvalidValueError(None, 'enable_pass', '****')
# User must NOT be none and 20 is the maxsize and 3 is the minsize
if not is_valid_string_maxsize(user, 20) or not is_valid_string_minsize(user, 3):
self.log.error(u'Parameter user is invalid. Value: %s.', user)
raise InvalidValueError(None, 'user', user)
# Host must NOT be none and 100 is the maxsize and 4 is the minsize
if not is_valid_string_maxsize(fqdn, 100) or not is_valid_string_minsize(fqdn, 4):
self.log.error(u'Parameter fqdn is invalid. Value: %s.', fqdn)
raise InvalidValueError(None, 'fqdn', fqdn)
# Type Access
# Valid type access ID
if not is_valid_int_greater_zero_param(type_access):
self.log.error(
u'Parameter type_access_id is invalid. Value: %s.', type_access)
raise InvalidValueError(None, 'type_access_id', type_access)
type_access = TipoAcesso.get_by_pk(type_access)
# Business Rules
equip_access = EquipamentoAcesso.get_by_pk(equip_access)
# User permission
if not has_perm(auth, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip_access.equipamento.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
with distributedlock(LOCK_EQUIPMENT_ACCESS % type_access.id):
# valid duplicate association
if not (int(type_access.id) == int(equip_access.tipo_acesso.id)):
if EquipamentoAcesso.objects.filter(equipamento=equip_access.equipamento, tipo_acesso=type_access).count() > 0:
raise EquipamentoAccessDuplicatedError(
None, u'Já existe esta associação de equipamento e tipo de acesso cadastrada.')
equip_access.__dict__.update(
fqdn=fqdn, user=user, password=password, enable_pass=enable_pass)
equip_access.tipo_acesso = type_access
equip_access.save(auth)
# update
equipmentaccess_map = dict()
equipmentaccess_map[
'equipamento_acesso'] = model_to_dict(equip_access)
# Return XML
return self.response(dumps_networkapi(equipmentaccess_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def prepare_apply(load_balance, vip, created=True, user=None):
vip_request = copy.deepcopy(vip)
id_vip = str(vip_request.get('id'))
equips, conf, cluster_unit = _validate_vip_to_apply(
vip_request, created, user)
cache_group = OptionVip.objects.get(
id=vip_request.get('options').get('cache_group'))
traffic_return = OptionVip.objects.get(
id=vip_request.get('options').get('traffic_return'))
timeout = OptionVip.objects.get(
id=vip_request.get('options').get('timeout'))
persistence = OptionVip.objects.get(
id=vip_request.get('options').get('persistence'))
if vip_request['ipv4']:
ipv4 = Ip.get_by_pk(
vip_request['ipv4']) if vip_request['ipv4'] else None
vip_request['ipv4'] = {'id': ipv4.id, 'ip_formated': ipv4.ip_formated}
if vip_request['ipv6']:
ipv6 = Ipv6.get_by_pk(
vip_request['ipv6']) if vip_request['ipv6'] else None
vip_request['ipv6'] = {'id': ipv6.id, 'ip_formated': ipv6.ip_formated}
if conf:
conf = json.loads(conf)
vip_request['options'] = dict()
vip_request['options']['cache_group'] = {
'id': cache_group.id,
'nome_opcao_txt': cache_group.nome_opcao_txt
}
vip_request['options']['traffic_return'] = {
'id': traffic_return.id,
'nome_opcao_txt': traffic_return.nome_opcao_txt
}
vip_request['options']['timeout'] = {
'id': timeout.id,
'nome_opcao_txt': timeout.nome_opcao_txt
}
vip_request['options']['persistence'] = {
'id': persistence.id,
'nome_opcao_txt': persistence.nome_opcao_txt
}
vip_request['options']['cluster_unit'] = cluster_unit
try:
vip_request['options']['dscp'] = VipRequestDSCP.objects.get(
vip_request=vip_request['id']).dscp
except:
vip_request['options']['dscp'] = None
pass
for idx, port in enumerate(vip_request['ports']):
for i, pl in enumerate(port['pools']):
pool = get_pool_by_id(pl['server_pool'])
pool_serializer = pool_slz.PoolV3Serializer(pool)
l7_rule = OptionVip.objects.get(id=pl['l7_rule']).nome_opcao_txt
healthcheck = pool_serializer.data['healthcheck']
healthcheck['identifier'] = reserve_name_healthcheck(
pool_serializer.data['identifier'])
healthcheck['new'] = True
vip_request['ports'][idx]['pools'][i]['server_pool'] = {
'id':
pool_serializer.data['id'],
'nome':
pool_serializer.data['identifier'],
'lb_method':
pool_serializer.data['lb_method'],
'healthcheck':
healthcheck,
'action':
pool_serializer.data['servicedownaction']['name'],
'pool_created':
pool_serializer.data['pool_created'],
'pools_members':
[{
'id':
pool_member['id'],
'identifier':
pool_member['identifier'],
'ip':
pool_member['ip']['ip_formated'] if pool_member['ip'] else
pool_member['ipv6']['ip_formated'],
'port':
pool_member['port_real'],
'member_status':
pool_member['member_status'],
'limit':
pool_member['limit'],
'priority':
pool_member['priority'],
'weight':
pool_member['weight']
}
for pool_member in pool_serializer.data['server_pool_members']
]
}
vip_request['ports'][idx]['pools'][i]['l7_rule'] = l7_rule
l7_protocol = OptionVip.objects.get(id=port['options']['l7_protocol'])
l4_protocol = OptionVip.objects.get(id=port['options']['l4_protocol'])
vip_request['ports'][idx]['options'] = dict()
vip_request['ports'][idx]['options']['l7_protocol'] = {
'id': l7_protocol.id,
'nome_opcao_txt': l7_protocol.nome_opcao_txt
}
vip_request['ports'][idx]['options']['l4_protocol'] = {
'id': l4_protocol.id,
'nome_opcao_txt': l4_protocol.nome_opcao_txt
}
vip_request['conf'] = conf
if conf:
for idx, layer in enumerate(conf['conf']['layers']):
requiments = layer.get('requiments')
if requiments:
# validate for port
for idx_port, port in enumerate(vip['ports']):
for requiment in requiments:
condicionals = requiment.get('condicionals')
for condicional in condicionals:
validated = True
validations = condicional.get('validations')
for validation in validations:
if validation.get('type') == 'optionvip':
validated &= valid_expression(
validation.get('operator'),
int(vip['options'][validation.get(
'variable')]),
int(validation.get('value')))
if validation.get('type') == 'portoptionvip':
validated &= valid_expression(
validation.get('operator'),
int(port['options'][validation.get(
'variable')]),
int(validation.get('value')))
if validation.get(
'type') == 'field' and validation.get(
'variable') == 'cluster_unit':
validated &= valid_expression(
validation.get('operator'),
cluster_unit, validation.get('value'))
if validated:
use = condicional.get('use')
for item in use:
definitions = item.get('definitions')
eqpts = item.get('eqpts')
if eqpts:
eqpts = Equipamento.objects.filter(
id__in=eqpts,
maintenance=0,
tipo_equipamento__tipo_equipamento=
u'Balanceador').distinct()
if facade_eqpt.all_equipments_are_in_maintenance(
equips):
raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException(
)
if user:
if not facade_eqpt.all_equipments_can_update_config(
equips, user):
raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException(
'User does not have permission to update conf in eqpt. \
Verify the permissions of user group with equipment group. Vip:{}'
.format(vip_request['id']))
for eqpt in eqpts:
eqpt_id = str(eqpt.id)
if not load_balance.get(eqpt_id):
equipment_access = EquipamentoAcesso.search(
equipamento=eqpt.id)
plugin = PluginFactory.factory(
eqpt)
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'vips': [],
'layers': {},
}
idx_layer = str(idx)
idx_port_str = str(port['port'])
if not load_balance[eqpt_id][
'layers'].get(id_vip):
load_balance[eqpt_id][
'layers'][id_vip] = dict()
if load_balance[eqpt_id]['layers'][
id_vip].get(idx_layer):
if load_balance[eqpt_id][
'layers'][id_vip].get(
idx_layer).get(
'definitions'
).get(
idx_port_str):
load_balance[eqpt_id][
'layers'][id_vip][
idx_layer][
'definitions'][
idx_port_str] += definitions
else:
load_balance[eqpt_id][
'layers'][id_vip][
idx_layer][
'definitions'][
idx_port_str] = definitions
else:
load_balance[eqpt_id][
'layers'][id_vip][
idx_layer] = {
'vip_request':
vip_request,
'definitions': {
idx_port_str:
definitions
}
}
# In first validated==True stops conditionals.
# Removing this break will add a wrong
# conditional.
break
for e in equips:
eqpt_id = str(e.id)
if not load_balance.get(eqpt_id):
equipment_access = EquipamentoAcesso.search(equipamento=e.id)
plugin = PluginFactory.factory(e)
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'vips': [],
'layers': {},
}
load_balance[eqpt_id]['vips'].append({'vip_request': vip_request})
return load_balance
def _prepare_apply(pools, created=False, user=None):
load_balance = dict()
keys = list()
for pool in pools:
equips = _validate_pool_members_to_apply(pool, user)
keys.append(sorted([str(eqpt.id) for eqpt in equips]))
healthcheck = pool['healthcheck']
healthcheck['identifier'] = facade_v3.\
reserve_name_healthcheck(pool['identifier'])
healthcheck['new'] = True
for e in equips:
eqpt_id = str(e.id)
equipment_access = EquipamentoAcesso.search(
equipamento=e.id
)
plugin = PluginFactory.factory(e)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'pools': [],
}
vips_requests = ServerPool().get_vips_related(pool['id'])
serializer_vips = serializers_vip.VipRequestV3Serializer(
vips_requests,
many=True,
include=(
'ipv4__details',
'ipv6__details',
'ports__identifier',
'ports__pools__server_pool__basic__lb_method',
)
)
vips = serializer_vips.data
load_balance[eqpt_id]['pools'].append({
'id': pool['id'],
'nome': pool['identifier'],
'lb_method': pool['lb_method'],
'healthcheck': healthcheck,
'action': pool['servicedownaction']['name'],
'vips': vips,
'pools_members': [{
'id': pool_member['id'],
'identifier': pool_member['identifier'],
'ip': pool_member['ip']['ip_formated']
if pool_member['ip'] else
pool_member['ipv6']['ip_formated'],
'port': pool_member['port_real'],
'member_status': pool_member['member_status'],
'limit': pool_member['limit'],
'priority': pool_member['priority'],
'weight': pool_member['weight']
} for pool_member in pool['server_pool_members']]
})
# pools are in differents load balancers
keys = [','.join(key) for key in keys]
if len(list(set(keys))) > 1:
raise Exception('Pools are in differents load balancers')
return load_balance
def handle_post(self, request, user, *args, **kwargs):
"""Trata as requisições de POST para criar Informações de Acesso a Equipamentos.
URL: /equipamentoacesso
"""
# Obtém dados do request e verifica acesso
try:
# Obtém os dados do xml do request
xml_map, attrs_map = loads(request.raw_post_data)
# Obtém o mapa correspondente ao root node do mapa do XML
# (networkapi)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'Não existe valor para a tag networkapi do XML de requisição.'
)
# Verifica a existência do node "equipamento_acesso"
equipamento_acesso_map = networkapi_map.get('equipamento_acesso')
if equipamento_acesso_map is None:
return self.response_error(
3,
u'Não existe valor para a tag equipamento_acesso do XML de requisição.'
)
# Verifica a existência do valor "id_equipamento"
id_equipamento = equipamento_acesso_map.get('id_equipamento')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_equipamento):
self.log.error(
u'The id_equipamento parameter is not a valid value: %s.',
id_equipamento)
raise InvalidValueError(None, 'id_equipamento', id_equipamento)
try:
id_equipamento = int(id_equipamento)
except (TypeError, ValueError):
self.log.error(u'Valor do id_equipamento inválido: %s.',
id_equipamento)
return self.response_error(117, id_equipamento)
# Após obtenção do id_equipamento podemos verificar a permissão
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION, None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
# Verifica a existência do valor "fqdn"
fqdn = equipamento_acesso_map.get('fqdn')
# Valid fqdn
if not is_valid_string_maxsize(
fqdn, 100) or not is_valid_string_minsize(fqdn, 4):
self.log.error(u'Parameter fqdn is invalid. Value: %s', fqdn)
raise InvalidValueError(None, 'fqdn', fqdn)
# Verifica a existência do valor "user"
username = equipamento_acesso_map.get('user')
# Valid username
if not is_valid_string_maxsize(
username, 20) or not is_valid_string_minsize(username, 3):
self.log.error(u'Parameter username is invalid. Value: %s',
username)
raise InvalidValueError(None, 'username', username)
# Verifica a existência do valor "pass"
password = equipamento_acesso_map.get('pass')
# Valid password
if not is_valid_string_maxsize(
password, 150) or not is_valid_string_minsize(password, 3):
self.log.error(u'Parameter password is invalid.')
raise InvalidValueError(None, 'password', '****')
# Verifica a existência do valor "id_tipo_acesso"
id_tipo_acesso = equipamento_acesso_map.get('id_tipo_acesso')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_tipo_acesso):
self.log.error(
u'The id_tipo_acesso parameter is not a valid value: %s.',
id_tipo_acesso)
raise InvalidValueError(None, 'id_tipo_acesso', id_tipo_acesso)
try:
id_tipo_acesso = int(id_tipo_acesso)
except (TypeError, ValueError):
self.log.error(u'Valor do id_tipo_acesso inválido: %s.',
id_tipo_acesso)
return self.response_error(171, id_tipo_acesso)
# Obtém o valor de "enable_pass"
enable_pass = equipamento_acesso_map.get('enable_pass')
# Valid enable_pass
if not is_valid_string_maxsize(enable_pass,
150) or not is_valid_string_minsize(
enable_pass, 3):
self.log.error(u'Parameter enable_pass is invalid.')
raise InvalidValueError(None, 'enable_pass', '****')
# Cria acesso ao equipamento conforme dados recebidos no XML
equipamento_acesso = EquipamentoAcesso(
equipamento=Equipamento(id=id_equipamento),
fqdn=fqdn,
user=username,
password=password,
tipo_acesso=TipoAcesso(id=id_tipo_acesso),
enable_pass=enable_pass)
equipamento_acesso.create(user)
# Monta dict para response
networkapi_map = dict()
equipamento_acesso_map = dict()
equipamento_acesso_map['id'] = equipamento_acesso.id
networkapi_map['equipamento_acesso'] = equipamento_acesso_map
return self.response(dumps_networkapi(networkapi_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Trata uma requisição PUT para alterar informações de acesso a equipamentos.
URL: /equipamentoacesso/id_equipamento/id_tipo_acesso/
"""
# Obtém dados do request e verifica acesso
try:
# Obtém argumentos passados na URL
id_equipamento = kwargs.get('id_equipamento')
if id_equipamento is None:
return self.response_error(147)
id_tipo_acesso = kwargs.get('id_tipo_acesso')
if id_tipo_acesso is None:
return self.response_error(208)
# Após obtenção do id_equipamento podemos verificar a permissão
if not has_perm(user,
AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION,
None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
# Obtém dados do XML
xml_map, attrs_map = loads(request.raw_post_data)
# Obtém o mapa correspondente ao root node do mapa do XML
# (networkapi)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'Não existe valor para a tag networkapi do XML de requisição.')
# Verifica a existência do node "equipamento_acesso"
equipamento_acesso_map = networkapi_map.get('equipamento_acesso')
if equipamento_acesso_map is None:
return self.response_error(3, u'Não existe valor para a tag equipamento_acesso do XML de requisição.')
# Verifica a existência do valor "fqdn"
fqdn = equipamento_acesso_map.get('fqdn')
if fqdn is None:
return self.response_error(205)
# Verifica a existência do valor "user"
username = equipamento_acesso_map.get('user')
if username is None:
return self.response_error(206)
# Verifica a existência do valor "pass"
password = equipamento_acesso_map.get('pass')
if password is None:
return self.response_error(207)
# Obtém o valor de "enable_pass"
enable_pass = equipamento_acesso_map.get('enable_pass')
with distributedlock(LOCK_EQUIPMENT_ACCESS % id_tipo_acesso):
# Altera a informação de acesso ao equipamentoconforme dados
# recebidos no XML
EquipamentoAcesso.update(user,
id_equipamento,
id_tipo_acesso,
fqdn=fqdn,
user=username,
password=password,
enable_pass=enable_pass
)
# Retorna response vazio em caso de sucesso
return self.response(dumps_networkapi({}))
except XMLError, x:
self.log.error(u'Erro ao ler o XML da requisição.')
return self.response_error(3, x)
def prepare_apply(load_balance, vip, created=True, user=None):
vip_request = copy.deepcopy(vip)
id_vip = str(vip_request.get('id'))
equips, conf, cluster_unit = _validate_vip_to_apply(
vip_request, created, user)
cache_group = OptionVip.objects.get(
id=vip_request.get('options').get('cache_group'))
traffic_return = OptionVip.objects.get(
id=vip_request.get('options').get('traffic_return'))
timeout = OptionVip.objects.get(
id=vip_request.get('options').get('timeout'))
persistence = OptionVip.objects.get(
id=vip_request.get('options').get('persistence'))
if vip_request['ipv4']:
ipv4 = Ip.get_by_pk(vip_request['ipv4']) if vip_request[
'ipv4'] else None
vip_request['ipv4'] = {
'id': ipv4.id,
'ip_formated': ipv4.ip_formated
}
if vip_request['ipv6']:
ipv6 = Ipv6.get_by_pk(vip_request['ipv6']) if vip_request[
'ipv6'] else None
vip_request['ipv6'] = {
'id': ipv6.id,
'ip_formated': ipv6.ip_formated
}
if conf:
conf = json.loads(conf)
vip_request['options'] = dict()
vip_request['options']['cache_group'] = {
'id': cache_group.id,
'nome_opcao_txt': cache_group.nome_opcao_txt
}
vip_request['options']['traffic_return'] = {
'id': traffic_return.id,
'nome_opcao_txt': traffic_return.nome_opcao_txt
}
vip_request['options']['timeout'] = {
'id': timeout.id,
'nome_opcao_txt': timeout.nome_opcao_txt
}
vip_request['options']['persistence'] = {
'id': persistence.id,
'nome_opcao_txt': persistence.nome_opcao_txt
}
vip_request['options']['cluster_unit'] = cluster_unit
try:
vip_request['options']['dscp'] = VipRequestDSCP.objects.get(
vip_request=vip_request['id']
).dscp
except:
vip_request['options']['dscp'] = None
pass
for idx, port in enumerate(vip_request['ports']):
for i, pl in enumerate(port['pools']):
pool = get_pool_by_id(pl['server_pool'])
pool_serializer = pool_slz.PoolV3Serializer(pool)
l7_rule = OptionVip.objects.get(
id=pl['l7_rule']).nome_opcao_txt
healthcheck = pool_serializer.data['healthcheck']
healthcheck['identifier'] = reserve_name_healthcheck(
pool_serializer.data['identifier'])
healthcheck['new'] = True
vip_request['ports'][idx]['pools'][i]['server_pool'] = {
'id': pool_serializer.data['id'],
'nome': pool_serializer.data['identifier'],
'lb_method': pool_serializer.data['lb_method'],
'healthcheck': healthcheck,
'action': pool_serializer.data['servicedownaction']['name'],
'pool_created': pool_serializer.data['pool_created'],
'pools_members': [{
'id': pool_member['id'],
'identifier': pool_member['identifier'],
'ip': pool_member['ip']['ip_formated'] if pool_member['ip'] else pool_member['ipv6']['ip_formated'],
'port': pool_member['port_real'],
'member_status': pool_member['member_status'],
'limit': pool_member['limit'],
'priority': pool_member['priority'],
'weight': pool_member['weight']
} for pool_member in pool_serializer.data['server_pool_members']]
}
vip_request['ports'][idx]['pools'][i]['l7_rule'] = l7_rule
l7_protocol = OptionVip.objects.get(
id=port['options']['l7_protocol'])
l4_protocol = OptionVip.objects.get(
id=port['options']['l4_protocol'])
vip_request['ports'][idx]['options'] = dict()
vip_request['ports'][idx]['options']['l7_protocol'] = {
'id': l7_protocol.id,
'nome_opcao_txt': l7_protocol.nome_opcao_txt
}
vip_request['ports'][idx]['options']['l4_protocol'] = {
'id': l4_protocol.id,
'nome_opcao_txt': l4_protocol.nome_opcao_txt
}
vip_request['conf'] = conf
if conf:
for idx, layer in enumerate(conf['conf']['layers']):
requiments = layer.get('requiments')
if requiments:
# validate for port
for idx_port, port in enumerate(vip['ports']):
for requiment in requiments:
condicionals = requiment.get('condicionals')
for condicional in condicionals:
validated = True
validations = condicional.get('validations')
for validation in validations:
if validation.get('type') == 'optionvip':
validated &= valid_expression(
validation.get('operator'),
int(vip['options'][
validation.get('variable')]),
int(validation.get('value'))
)
if validation.get('type') == 'portoptionvip':
validated &= valid_expression(
validation.get('operator'),
int(port['options'][
validation.get('variable')]),
int(validation.get('value'))
)
if validation.get('type') == 'field' and validation.get('variable') == 'cluster_unit':
validated &= valid_expression(
validation.get('operator'),
cluster_unit,
validation.get('value')
)
if validated:
use = condicional.get('use')
for item in use:
definitions = item.get('definitions')
eqpts = item.get('eqpts')
if eqpts:
eqpts = Equipamento.objects.filter(
id__in=eqpts,
maintenance=0,
tipo_equipamento__tipo_equipamento=u'Balanceador').distinct()
if facade_eqpt.all_equipments_are_in_maintenance(equips):
raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException()
if user:
if not facade_eqpt.all_equipments_can_update_config(equips, user):
raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException(
'User does not have permission to update conf in eqpt. \
Verify the permissions of user group with equipment group. Vip:{}'.format(
vip_request['id']))
for eqpt in eqpts:
eqpt_id = str(eqpt.id)
if not load_balance.get(eqpt_id):
equipment_access = EquipamentoAcesso.search(
equipamento=eqpt.id
)
plugin = PluginFactory.factory(
eqpt)
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'vips': [],
'layers': {},
}
idx_layer = str(idx)
idx_port_str = str(port['port'])
if not load_balance[eqpt_id]['layers'].get(id_vip):
load_balance[eqpt_id][
'layers'][id_vip] = dict()
if load_balance[eqpt_id]['layers'][id_vip].get(idx_layer):
if load_balance[eqpt_id]['layers'][id_vip].get(idx_layer).get('definitions').get(idx_port_str):
load_balance[eqpt_id]['layers'][id_vip][idx_layer][
'definitions'][idx_port_str] += definitions
else:
load_balance[eqpt_id]['layers'][id_vip][idx_layer][
'definitions'][idx_port_str] = definitions
else:
load_balance[eqpt_id]['layers'][id_vip][idx_layer] = {
'vip_request': vip_request,
'definitions': {
idx_port_str: definitions
}
}
# In first validated==True stops conditionals.
# Removing this break will add a wrong
# conditional.
break
for e in equips:
eqpt_id = str(e.id)
if not load_balance.get(eqpt_id):
equipment_access = EquipamentoAcesso.search(
equipamento=e.id
)
plugin = PluginFactory.factory(e)
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'vips': [],
'layers': {},
}
load_balance[eqpt_id]['vips'].append({'vip_request': vip_request})
return load_balance
def _prepare_apply(pools, created=False, user=None):
load_balance = dict()
keys = list()
for pool in pools:
equips = _validate_pool_members_to_apply(pool, user)
keys.append(sorted([str(eqpt.id) for eqpt in equips]))
healthcheck = pool['healthcheck']
healthcheck['identifier'] = facade_v3.\
reserve_name_healthcheck(pool['identifier'])
healthcheck['new'] = True
for e in equips:
eqpt_id = str(e.id)
equipment_access = EquipamentoAcesso.search(equipamento=e.id)
plugin = PluginFactory.factory(e)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'pools': [],
}
vips_requests = ServerPool().get_vips_related(pool['id'])
serializer_vips = serializers_vip.VipRequestV3Serializer(
vips_requests,
many=True,
include=(
'ipv4__details',
'ipv6__details',
'ports__identifier',
'ports__pools__server_pool__basic__lb_method',
))
vips = serializer_vips.data
load_balance[eqpt_id]['pools'].append({
'id':
pool['id'],
'nome':
pool['identifier'],
'lb_method':
pool['lb_method'],
'healthcheck':
healthcheck,
'action':
pool['servicedownaction']['name'],
'vips':
vips,
'pools_members': [{
'id':
pool_member['id'],
'identifier':
pool_member['identifier'],
'ip':
pool_member['ip']['ip_formated'] if pool_member['ip'] else
pool_member['ipv6']['ip_formated'],
'port':
pool_member['port_real'],
'member_status':
pool_member['member_status'],
'limit':
pool_member['limit'],
'priority':
pool_member['priority'],
'weight':
pool_member['weight']
} for pool_member in pool['server_pool_members']]
})
# pools are in differents load balancers
keys = [','.join(key) for key in keys]
if len(list(set(keys))) > 1:
raise Exception('Pools are in differents load balancers')
return load_balance
def set_poolmember_state(pools):
"""
Set Pool Members state
"""
try:
load_balance = {}
for pool in pools:
pools_members = []
q_filters = []
for pool_member in pool['server_pool_members']:
port_real = pool_member['port_real']
if pool_member['ipv6'] is None:
ip = pool_member['ip']['ip_formated']
ip_ft = '.'.join(str(x) for x in [
pool_member['ip']['oct1'],
pool_member['ip']['oct2'],
pool_member['ip']['oct3'],
pool_member['ip']['oct4']])
if ip != ip_ft:
raise exceptions.InvalidIpNotExist()
q_filters.append({
'ip__oct1': pool_member['ip']['oct1'],
'ip__oct2': pool_member['ip']['oct2'],
'ip__oct3': pool_member['ip']['oct3'],
'ip__oct4': pool_member['ip']['oct4'],
'port_real': port_real
})
else:
ip = pool_member['ipv6']['ip_formated']
ip_ft = '.'.join(str(x) for x in [
pool_member['ipv6']['block1'],
pool_member['ipv6']['block2'],
pool_member['ipv6']['block3'],
pool_member['ipv6']['block4'],
pool_member['ipv6']['block5'],
pool_member['ipv6']['block6'],
pool_member['ipv6']['block7'],
pool_member['ipv6']['block8']])
if ip != ip_ft:
raise exceptions.InvalidIpNotExist()
q_filters.append({
'ipv6__block1': pool_member['ipv6']['block1'],
'ipv6__block2': pool_member['ipv6']['block2'],
'ipv6__block3': pool_member['ipv6']['block3'],
'ipv6__block4': pool_member['ipv6']['block4'],
'ipv6__block5': pool_member['ipv6']['block5'],
'ipv6__block6': pool_member['ipv6']['block6'],
'ipv6__block7': pool_member['ipv6']['block7'],
'ipv6__block8': pool_member['ipv6']['block8'],
'port_real': port_real
})
pools_members.append({
'id': pool_member['id'],
'ip': ip,
'port': port_real,
'member_status': pool_member['member_status']
})
server_pool_members = ServerPoolMember.objects.filter(
reduce(lambda x, y: x | y, [Q(**q_filter) for q_filter in q_filters]), server_pool=pool['server_pool']['id'])
if len(server_pool_members) != len(pools_members):
raise exceptions.PoolmemberNotExist()
pool_name = pool['server_pool']['identifier']
server_pools = ServerPool.objects.filter(identifier=pool_name)
if not server_pools:
raise exceptions.PoolNotExist()
equips = EquipamentoAmbiente.objects.filter(
ambiente__id=pool['server_pool']['environment']['id'],
equipamento__tipo_equipamento__tipo_equipamento=u'Balanceador')
equipment_list = [e.equipamento for e in equips]
if all_equipments_are_in_maintenance(equipment_list):
raise AllEquipmentsAreInMaintenanceException()
for e in equips:
eqpt_id = str(e.equipamento.id)
equipment_access = EquipamentoAcesso.search(
equipamento=e.equipamento.id,
protocolo="https"
).uniqueResult()
equipment = Equipamento.get_by_pk(e.equipamento.id)
plugin = PluginFactory.factory(equipment)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'fqdn': equipment_access.fqdn,
'user': equipment_access.user,
'password': equipment_access.password,
'pools': [],
}
load_balance[eqpt_id]['pools'].append({
'id': pool['server_pool']['id'],
'nome': pool_name,
'pools_members': pools_members
})
for lb in load_balance:
load_balance[lb]['plugin'].setStateMember(load_balance[lb])
return {}
except Exception, exception:
log.error(exception)
raise exception
def update_real_pool(pools, user):
"""Update real pool in Load Balancer and DB."""
load_balance = dict()
keys = list()
for pool in pools:
pool_obj = facade_v3.get_pool_by_id(pool['id'])
healthcheck_old = serializers.HealthcheckV3Serializer(
pool_obj.healthcheck).data
db_members = pool_obj.serverpoolmember_set.all()
member_ids = [spm['id'] for spm in pool['server_pool_members']
if spm['id']]
db_members_remove = list(db_members.exclude(id__in=member_ids))
db_members_id = [str(s.id) for s in db_members]
pool_obj.update_v3(pool, user, permit_created=True)
pools_members = list()
for pool_member in pool['server_pool_members']:
ip = pool_member['ip']['ip_formated'] if pool_member[
'ip'] else pool_member['ipv6']['ip_formated']
if pool_member.get('id', None) is not None:
member = db_members[
db_members_id.index(str(pool_member['id']))]
ip_db = member.ip.ip_formated \
if member.ip else member.ipv6.ip_formated
if member.port_real == pool_member['port_real'] \
and ip_db == ip:
# update info of member
pools_members.append({
'id': pool_member['id'],
'identifier': member.identifier,
'ip': ip,
'port': pool_member['port_real'],
'limit': pool_member['limit'],
'priority': pool_member['priority'],
'member_status': pool_member['member_status'],
'weight': pool_member['weight'],
})
else:
# delete member with old port and old ip
pools_members.append({
'id': None,
'identifier': member.identifier,
'ip': ip_db,
'port': member.port_real,
'remove': 1
})
# create member with new port and new ip
pools_members.append({
'id': pool_member['id'],
'identifier': ip,
'ip': ip,
'port': pool_member['port_real'],
'limit': pool_member['limit'],
'priority': pool_member['priority'],
'weight': pool_member['weight'],
'member_status': pool_member['member_status'],
'new': 1
})
else:
# create member
pools_members.append({
'id': None,
'identifier': ip,
'ip': ip,
'port': pool_member['port_real'],
'limit': pool_member['limit'],
'priority': pool_member['priority'],
'weight': pool_member['weight'],
'member_status': pool_member['member_status'],
'new': 1
})
# delete members
for member in db_members_remove:
pools_members.append({
'id': member.id,
'identifier': member.identifier,
'ip': member.ip.ip_formated
if member.ip else member.ipv6.ip_formated,
'port': member.port_real,
'remove': 1
})
# get eqpts associate with pool
equips = _validate_pool_to_apply(pool, update=True, user=user)
keys.append(sorted([str(eqpt.id) for eqpt in equips]))
healthcheck = copy.deepcopy(pool['healthcheck'])
healthcheck['new'] = False
if json_delta.diff(healthcheck_old, pool['healthcheck']):
healthcheck['identifier'] = facade_v3.reserve_name_healthcheck(
pool['identifier'])
healthcheck['new'] = True
for e in equips:
eqpt_id = str(e.id)
equipment_access = EquipamentoAcesso.search(
equipamento=e.id
)
plugin = PluginFactory.factory(e)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'access': equipment_access,
'pools': [],
}
vips_requests = ServerPool().get_vips_related(pool['id'])
serializer_vips = serializers_vip.VipRequestV3Serializer(
vips_requests,
many=True,
include=(
'ipv4__details',
'ipv6__details',
'ports__identifier',
'ports__pools__server_pool__basic__lb_method',
)
)
vips = serializer_vips.data
load_balance[eqpt_id]['pools'].append({
'id': pool['id'],
'nome': pool['identifier'],
'lb_method': pool['lb_method'],
'healthcheck': healthcheck,
'action': pool['servicedownaction']['name'],
'vips': vips,
'pools_members': pools_members
})
# pools are in differents load balancers
keys = [','.join(key) for key in keys]
if len(list(set(keys))) > 1:
raise Exception('Pools are in differents load balancers')
for lb in load_balance:
load_balance[lb]['plugin'].update_pool(load_balance[lb])
return {}
def get_poolmember_state(servers_pools):
"""
Return Pool Members State
"""
load_balance = {}
for server_pool in servers_pools:
pools_members = []
server_pool_members = ServerPoolMember.objects.filter(
server_pool=server_pool)
for pool_member in server_pool_members:
if pool_member.ipv6 is None:
ip = pool_member.ip.ip_formated
else:
ip = pool_member.ipv6.ip_formated
pools_members.append({
'id': pool_member.id,
'ip': ip,
'port': pool_member.port_real,
'member_status': pool_member.member_status
})
if pools_members:
# pool_name = server_pool.identifier
pool_id = server_pool.id
equips = EquipamentoAmbiente.objects.filter(
ambiente__id=server_pool.environment.id,
equipamento__tipo_equipamento__tipo_equipamento=u'Balanceador')
equipment_list = [e.equipamento for e in equips]
if all_equipments_are_in_maintenance(equipment_list):
raise AllEquipmentsAreInMaintenanceException()
for e in equips:
eqpt_id = str(e.equipamento.id)
equipment_access = EquipamentoAcesso.search(
equipamento=e.equipamento.id,
protocolo="https"
).uniqueResult()
equipment = Equipamento.get_by_pk(e.equipamento.id)
plugin = PluginFactory.factory(equipment)
if not load_balance.get(eqpt_id):
load_balance[eqpt_id] = {
'plugin': plugin,
'fqdn': equipment_access.fqdn,
'user': equipment_access.user,
'password': equipment_access.password,
'pools': [],
}
load_balance[eqpt_id]['pools'].append({
'id': server_pool.id,
'nome': server_pool.identifier,
'pools_members': pools_members
})
for lb in load_balance:
ps = {}
status = {}
# call plugin to get state member
states = load_balance[lb]['plugin'].getStateMember(load_balance[lb])
for idx, state in enumerate(states):
pool_id = load_balance[lb]['pools'][idx]['id']
if not ps.get(pool_id):
ps[pool_id] = {}
status[pool_id] = {}
# populate variable for to verify diff states
for idx_m, st in enumerate(state):
member_id = load_balance[lb]['pools'][idx]['pools_members'][idx_m]['id']
if not ps[pool_id].get(member_id):
ps[pool_id][member_id] = []
ps[pool_id][member_id].append(st)
status[pool_id][member_id] = st
# Verify diff state of pool member in eqpts
for idx in ps:
for idx_m in ps[idx]:
if len(set(ps[idx][idx_m])) > 1:
msg = 'There are states differents in equipments.'
log.error(msg)
raise exceptions.DiffStatesEquipament(msg)
return status
