def _write_remote_group_journal(self,
context,
subport_data,
remove_key=False):
"""Writes the remote group journal for a trunk subport.
subport_data format:
{'allowed_address_pairs': [],
'port_id': '6bbf981c-68d4-4664-92b6-ec40eeeb5226',
'uplink_seg_id': 158,
'mac_address': u'fa:16:3e:a1:b7:c1',
'fixed_ips': [{'subnet_id': u'05cfd12c-9db8-4f55-a2b9-aca89f412932',
'ip_address': u'10.110.110.6'}],
'uplink_seg_type': u'vlan',
'security_groups': [u'8d55a44a-935d-4296-99ab-b0749b725df4'],
'segmentation_id': 101,
'port_security_enabled': True,
'segmentation_type': u'vlan',
'physnet': u'physnet'}
To remove a key from etcd, set remove_key=True
"""
LOG.debug(
"trunk_service: writing trunk sub-port remote-group "
"journal for sub-port %s", subport_data)
if remove_key:
data = None
else:
data = [item['ip_address'] for item in subport_data['fixed_ips']]
for remote_group_path in self._remote_group_paths(subport_data):
LOG.debug('Updating etcd with remote group trunk subport data %s',
data)
db.journal_write(context.session, remote_group_path, data)
def _process_floatingip(self, context, fip_dict, event_type):
port = self._core_plugin.get_port(context, fip_dict['port_id'])
external_network = self._core_plugin.get_network(
context, fip_dict['floating_network_id'])
internal_network = self._core_plugin.get_network(
context, port['network_id'])
if event_type == 'associate':
LOG.debug("Router: Associating floating ip: %s", fip_dict)
if internal_network[provider.NETWORK_TYPE] == 'vxlan':
internal_physnet = self.gpe_physnet
else:
internal_physnet = internal_network[
provider.PHYSICAL_NETWORK]
vpp_floatingip_dict = {
'external_physnet': external_network[
provider.PHYSICAL_NETWORK],
'external_net_type': external_network[provider.NETWORK_TYPE],
'external_segmentation_id':
external_network[provider.SEGMENTATION_ID],
'internal_physnet': internal_physnet,
'internal_net_type': internal_network[provider.NETWORK_TYPE],
'internal_segmentation_id':
internal_network[provider.SEGMENTATION_ID],
'fixed_ip_address': fip_dict.get('fixed_ip_address'),
'floating_ip_address': fip_dict.get('floating_ip_address')
}
else:
# Remove etcd key == disassociate floatingip
LOG.debug("Router: disassociating floating ip: %s", fip_dict)
vpp_floatingip_dict = None
for l3_host in self.l3_hosts:
db.journal_write(context.session,
self._floatingip_path(l3_host, fip_dict['id']),
vpp_floatingip_dict)
def _process_floatingip(self, context, fip_dict, event_type):
if event_type == 'associate':
port = self._core_plugin.get_port(context, fip_dict['port_id'])
external_network = self._core_plugin.get_network(
context, fip_dict['floating_network_id'])
internal_network = self._core_plugin.get_network(
context, port['network_id'])
LOG.debug("Router: Associating floating ip: %s", fip_dict)
if internal_network[provider.NETWORK_TYPE] == nvpp_const.TYPE_GPE:
internal_physnet = self.gpe_physnet
else:
internal_physnet = internal_network[
provider.PHYSICAL_NETWORK]
vpp_floatingip_dict = {
'external_physnet': external_network[
provider.PHYSICAL_NETWORK],
'external_net_type': external_network[provider.NETWORK_TYPE],
'external_segmentation_id':
external_network[provider.SEGMENTATION_ID],
'internal_physnet': internal_physnet,
'internal_net_type': internal_network[provider.NETWORK_TYPE],
'internal_segmentation_id':
internal_network[provider.SEGMENTATION_ID],
'fixed_ip_address': fip_dict.get('fixed_ip_address'),
'floating_ip_address': fip_dict.get('floating_ip_address')
}
else:
# Remove etcd key == disassociate floatingip
LOG.debug("Router: disassociating floating ip: %s", fip_dict)
vpp_floatingip_dict = None
for l3_host in self.l3_hosts:
db.journal_write(context.session,
self._floatingip_path(l3_host, fip_dict['id']),
vpp_floatingip_dict)
def bind(self, session, port, segment, host, binding_type):
# NB segmentation_id is not optional in the wireline protocol,
# we just pass 0 for unsegmented network types
data = {
'mac_address': port['mac_address'],
'mtu': 1500, # not this, but what?: port['mtu'],
'physnet': segment[api.PHYSICAL_NETWORK],
'network_type': segment[api.NETWORK_TYPE],
'segmentation_id': segment.get(api.SEGMENTATION_ID, 0),
'binding_type': binding_type,
'security_groups': port.get('security_groups', []),
'allowed_address_pairs': port.get('allowed_address_pairs', []),
'fixed_ips': port.get('fixed_ips', []),
'port_security_enabled': port.get('port_security_enabled', True)
}
LOG.debug(
"Queueing bind request for port:%s, "
"segment:%s, host:%s, type:%s", port, data['segmentation_id'],
host, data['binding_type'])
db.journal_write(session, self._port_path(host, port), data)
# For tracking ports in a remote_group, create a journal entry in
# the remote-group key-space.
# This will result in the creation of an etcd key with the port ID
# and it's security-group-id. The value is the list of IP addresses.
# For details on how the agent thread handles the remote-group
# watch events refer to the doc under RemoteGroupWatcher in the
# server module.
for remote_group_path in self._remote_group_paths(port):
db.journal_write(
session, remote_group_path,
[item['ip_address'] for item in data['fixed_ips']])
self.kick()
def send_secgroup_to_agents(self, session, secgroup):
"""Writes a secgroup to the etcd secgroup space
Does this via the journal as part of the commit, so
that the write is atomic with the DB commit to the
Neutron tables.
Arguments:
session -- the DB session with an open transaction
secgroup -- Named tuple representing a SecurityGroup
"""
secgroup_path = self._secgroup_path(secgroup.id)
# sg is a dict of of ingress and egress rule lists
sg = {}
ingress_rules = []
egress_rules = []
for ingress_rule in secgroup.ingress_rules:
ingress_rules.append(ingress_rule._asdict())
for egress_rule in secgroup.egress_rules:
egress_rules.append(egress_rule._asdict())
sg['ingress_rules'] = ingress_rules
sg['egress_rules'] = egress_rules
LOG.debug('ML2_VPP: Writing secgroup key-val: %s-%s to etcd' %
(secgroup_path, sg))
db.journal_write(session, secgroup_path, sg)
def _write_router_journal(self, context, router_id, router_dict):
etcd_dir = (server.LEADIN + '/nodes/' + self.l3_host + '/' +
server.ROUTER_DIR + router_id)
router_dict['vrf_id'] = db.get_router_vrf(context.session, router_id)
# Get the external network details
network = self._core_plugin.get_network(
context, router_dict['external_gateway_info']['network_id'])
# Grab the external network info
router_dict['external_physnet'] = network[provider.PHYSICAL_NETWORK]
router_dict['external_segment'] = network[provider.SEGMENTATION_ID]
router_dict['external_net_type'] = network[provider.NETWORK_TYPE]
# Grab all external subnets' gateway IPs
# This is added to the router dictionary in the format:
# [(Router's IP Address from the external network's subnet,
# External Subnet's prefix)]
fixed_ips = router_dict['external_gateway_info']['external_fixed_ips']
gateways = []
for fixed_ip in fixed_ips:
subnet = self._core_plugin.get_subnet(context,
fixed_ip['subnet_id'])
gateways.append(
(fixed_ip['ip_address'], ip_network(subnet['cidr']).prefixlen))
router_dict['gateways'] = gateways
db.journal_write(context.session, etcd_dir, router_dict)
self.communicator.kick()
def _write_interface_journal(self, context, router_id, router_dict):
LOG.info("router-service: writing router interface journal for "
"router_id:%s, router_dict:%s", router_id, router_dict)
for l3_host in self.l3_hosts:
router_intf_path = self._get_router_intf_path(
l3_host, router_id, router_dict['port_id'])
db.journal_write(context.session, router_intf_path, router_dict)
self.communicator.kick()
def _remove_interface_journal(self, context, router_id, port_id):
LOG.info("router-service: removing router interface journal for "
"router_id:%s, port_id:%s", router_id, port_id)
for l3_host in self.l3_hosts:
router_intf_path = self._get_router_intf_path(
l3_host, router_id, port_id)
db.journal_write(context.session, router_intf_path, None)
self.communicator.kick()
def _write_interface_journal(self, context, router_id, router_dict):
LOG.info("router-service: writing router interface journal for "
"router_id:%s, router_dict:%s", router_id, router_dict)
for l3_host in self.l3_hosts:
router_intf_path = self._get_router_intf_path(
l3_host, router_id, router_dict['port_id'])
db.journal_write(context.session, router_intf_path, router_dict)
self.communicator.kick()
def _remove_interface_journal(self, context, router_id, port_id):
LOG.info("router-service: removing router interface journal for "
"router_id:%s, port_id:%s", router_id, port_id)
for l3_host in self.l3_hosts:
router_intf_path = self._get_router_intf_path(
l3_host, router_id, port_id)
db.journal_write(context.session, router_intf_path, None)
self.communicator.kick()
def delete_secgroup_from_etcd(self, session, secgroup_id):
"""Deletes the secgroup key from etcd
Arguments:
secgroup_id -- The id of the security group that we want to delete
"""
secgroup_path = self._secgroup_path(secgroup_id)
db.journal_write(session, secgroup_path, None)
def unbind_port_from_remote_groups(self, session, original_port,
current_port):
"""Remove ports from remote groups when port security is updated."""
removed_sec_groups = set(original_port['security_groups']) - set(
current_port['security_groups'])
for secgroup_id in removed_sec_groups:
db.journal_write(
session,
self._remote_group_path(secgroup_id, current_port['id']), None)
self.kick()
def _write_router_external_gw_journal(self,
context,
router_id,
router_dict,
delete=False):
LOG.info("Writing router external gateway using router_dict: %s",
router_dict)
router_dict['vrf_id'] = db.get_router_vrf(context.session, router_id)
# Get the external network details
network = self._core_plugin.get_network(
context, router_dict['external_gateway_info']['network_id'])
LOG.debug("Router external gateway network data: %s", network)
# Grab the external network info
router_dict['external_physnet'] = network[provider.PHYSICAL_NETWORK]
router_dict['external_segmentation_id'] = network[
provider.SEGMENTATION_ID]
router_dict['external_net_type'] = network[provider.NETWORK_TYPE]
router_dict['mtu'] = network['mtu']
# The Neutron port created for the gateway
gateway_port = router_dict['gw_port_id']
# Get the mac-addr of the port to create the port
if not delete:
gw_port = self._core_plugin.get_port(context.elevated(),
gateway_port)
router_dict['loopback_mac'] = gw_port['mac_address']
# Grab all external subnets' gateway IPs
# This is added to the router dictionary using the key: gateways
# The value of gateways is a list of tuples:
# (gateway_ip, prefix_len, is_ipv6)
fixed_ips = router_dict['external_gateway_info']['external_fixed_ips']
gateways = []
# For each subnet/fixed-ip, write a key to create a gateway uplink
# on that subnet with the correct IP address
for fixed_ip in fixed_ips:
subnet_id = fixed_ip['subnet_id']
subnet = self._core_plugin.get_subnet(context.elevated(),
subnet_id)
address = ip_network(six.text_type(subnet['cidr']))
is_ipv6 = True if address.version == 6 else False
gateways.append(
(fixed_ip['ip_address'], address.prefixlen, is_ipv6))
# IP addresses to be set on VPP's external interface connecting
# to an external gateway
router_dict['gateways'] = gateways
# This the IP address of the external gateway that functions as
# the default gateway for the tenant's router
router_dict['external_gateway_ip'] = subnet['gateway_ip']
for l3_host in self.l3_hosts:
etcd_key = self._get_router_intf_path(l3_host, router_id,
gateway_port)
if delete:
db.journal_write(context.session, etcd_key, None)
else:
db.journal_write(context.session, etcd_key, router_dict)
self.communicator.kick()
def _write_router_external_gw_journal(self, context, router_id,
router_dict, delete=False):
LOG.info("Writing router external gateway using router_dict: %s",
router_dict)
router_dict['vrf_id'] = db.get_router_vrf(context.session, router_id)
# Get the external network details
network = self._core_plugin.get_network(
context, router_dict['external_gateway_info']['network_id'])
LOG.debug("Router external gateway network data: %s", network)
# Grab the external network info
router_dict['external_physnet'] = network[provider.PHYSICAL_NETWORK]
router_dict['external_segmentation_id'] = network[
provider.SEGMENTATION_ID]
router_dict['external_net_type'] = network[provider.NETWORK_TYPE]
router_dict['mtu'] = network['mtu']
# The Neutron port created for the gateway
gateway_port = router_dict['gw_port_id']
# Get the mac-addr of the port to create the port
if not delete:
gw_port = self._core_plugin.get_port(
context.elevated(), gateway_port)
router_dict['loopback_mac'] = gw_port['mac_address']
# Grab all external subnets' gateway IPs
# This is added to the router dictionary using the key: gateways
# The value of gateways is a list of tuples:
# (gateway_ip, prefix_len, is_ipv6)
fixed_ips = router_dict['external_gateway_info']['external_fixed_ips']
gateways = []
# For each subnet/fixed-ip, write a key to create a gateway uplink
# on that subnet with the correct IP address
for fixed_ip in fixed_ips:
subnet_id = fixed_ip['subnet_id']
subnet = self._core_plugin.get_subnet(
context.elevated(), subnet_id)
address = ip_network(six.text_type(subnet['cidr']))
is_ipv6 = True if address.version == 6 else False
gateways.append((fixed_ip['ip_address'],
address.prefixlen,
is_ipv6))
# IP addresses to be set on VPP's external interface connecting
# to an external gateway
router_dict['gateways'] = gateways
# This the IP address of the external gateway that functions as
# the default gateway for the tenant's router
router_dict['external_gateway_ip'] = subnet['gateway_ip']
for l3_host in self.l3_hosts:
etcd_key = self._get_router_intf_path(l3_host, router_id,
gateway_port)
if delete:
db.journal_write(context.session, etcd_key, None)
else:
db.journal_write(context.session, etcd_key, router_dict)
self.communicator.kick()
def _write_trunk_journal(self, context, trunk_path, trunk_data):
"""Write the trunk journal to etcd."""
LOG.info("trunk-service: writing trunk trunk interface journal for "
"trunk:%s", trunk_data)
# Remove extra keys from the trunk_data before writing to etcd
extra_keys = {'updated_at', 'id', 'port_id', 'revision_number'}
if isinstance(trunk_data, dict):
etcd_data = {k: trunk_data[k]
for k in set(trunk_data.keys()) - extra_keys}
else:
etcd_data = trunk_data
db.journal_write(context.session, trunk_path, etcd_data)
def delete_router(self, context, router_id):
router = self.get_router(context, router_id)
super(VppL3RouterPlugin, self).delete_router(context, router_id)
with db_context_writer.using(context):
# Delete the external gateway key from etcd
if router.get('external_gateway_info', False):
self._write_router_external_gw_journal(context, router_id,
router, delete=True)
# Delete the base <router_id> key from etcd, i.e.,
# /networking-vpp/nodes/<node_name>/routers/<router_id>
for l3_host in self.l3_hosts:
etcd_key = self._get_router_intf_path(l3_host, router_id, '')
db.journal_write(context.session, etcd_key, None)
db.delete_router_vrf(context.session, router_id)
self.communicator.kick()
def delete_router(self, context, router_id):
router = self.get_router(context, router_id)
super(VppL3RouterPlugin, self).delete_router(context, router_id)
with neutron_db_api.context_manager.writer.using(context):
# Delete the external gateway key from etcd
if router.get('external_gateway_info', False):
self._write_router_external_gw_journal(context, router_id,
router, delete=True)
# Delete the base <router_id> key from etcd, i.e.,
# /networking-vpp/nodes/<node_name>/routers/<router_id>
for l3_host in self.l3_hosts:
etcd_key = self._get_router_intf_path(l3_host, router_id, '')
db.journal_write(context.session, etcd_key, None)
db.delete_router_vrf(context.session, router_id)
self.communicator.kick()
def _write_trunk_journal(self, context, trunk_path, trunk_data):
"""Write the trunk journal to etcd."""
LOG.info(
"trunk-service: writing trunk trunk interface journal for "
"trunk:%s", trunk_data)
# Remove extra keys from the trunk_data before writing to etcd
extra_keys = {'updated_at', 'id', 'port_id', 'revision_number'}
if isinstance(trunk_data, dict):
etcd_data = {
k: trunk_data[k]
for k in set(trunk_data.keys()) - extra_keys
}
else:
etcd_data = trunk_data
db.journal_write(context.session, trunk_path, etcd_data)
def bind(self, session, port, segment, host, binding_type):
# NB segmentation_id is not optional in the wireline protocol,
# we just pass 0 for unsegmented network types
data = {
'mac_address': port['mac_address'],
'mtu': 1500, # not this, but what?: port['mtu'],
'physnet': segment[api.PHYSICAL_NETWORK],
'network_type': segment[api.NETWORK_TYPE],
'segmentation_id': segment.get(api.SEGMENTATION_ID, 0),
'binding_type': binding_type,
}
LOG.debug("ML2_VPP: Queueing bind request for port:%s, "
"segment:%s, host:%s, type:%s",
port, data['segmentation_id'],
host, data['binding_type'])
db.journal_write(session, self._port_path(host, port), data)
self.kick()
def bind(self, session, port, segment, host, binding_type):
# NB segmentation_id is not optional in the wireline protocol,
# we just pass 0 for unsegmented network types
data = {
'mac_address': port['mac_address'],
'mtu': 1500, # not this, but what?: port['mtu'],
'physnet': segment[api.PHYSICAL_NETWORK],
'network_type': segment[api.NETWORK_TYPE],
'segmentation_id': segment.get(api.SEGMENTATION_ID, 0),
'binding_type': binding_type,
}
LOG.debug(
"ML2_VPP: Queueing bind request for port:%s, "
"segment:%s, host:%s, type:%s", port, data['segmentation_id'],
host, data['binding_type'])
db.journal_write(session, self._port_path(host, port), data)
self.kick()
def unbind(self, session, port, host, segment):
# GPE requires segmentation ID for removing its etcd keys
segmentation_id = segment.get(api.SEGMENTATION_ID, 0)
LOG.debug("Queueing unbind request for port:%s, host:%s, segment:%s",
port, host, segmentation_id)
# When a port is unbound, this journal entry will delete the
# port key (and hence it's ip address value) from etcd. The behavior
# is like removing the port IP address(es) from the
# remote-group. The agent will receive a watch notification and
# update the ACL rules to remove the IP(s) from the rule.
# Other port IP addresses associated with the remote-group-id will
# remain in the rule (as it should be).
# A hypothetical alternate implementation - If we made the remote key
# of a secgroup, a list of IPs, we could refresh the content of
# every secgroup containing this port.
# It makes the sender's work harder, and receiver's work easier
# In the sender, we need keep track of IPs during port binds, unbinds,
# security-group associations and updates. However, algorithmically
# this alternate impl. won't be better what we have now i.e. O(n).
for remote_group_path in self._remote_group_paths(port):
db.journal_write(session, remote_group_path, None)
db.journal_write(session, self._port_path(host, port), None)
# Remove all GPE remote keys from etcd, for this port
for gpe_remote_path in self._gpe_remote_path(host, port,
segmentation_id):
db.journal_write(session, gpe_remote_path, None)
self.kick()
def _process_floatingip(self, context, fip_dict, event_type):
port = self._core_plugin.get_port(context, fip_dict['port_id'])
external_network = self._core_plugin.get_network(
context, fip_dict['floating_network_id'])
internal_network = self._core_plugin.get_network(
context, port['network_id'])
vpp_floatingip_dict = {
'external_physnet': external_network[provider.PHYSICAL_NETWORK],
'external_net_type': external_network[provider.NETWORK_TYPE],
'external_segmentation_id':
external_network[provider.SEGMENTATION_ID],
'internal_physnet': internal_network[provider.PHYSICAL_NETWORK],
'internal_net_type': internal_network[provider.NETWORK_TYPE],
'internal_segmentation_id':
internal_network[provider.SEGMENTATION_ID],
'fixed_ip_address': fip_dict.get('fixed_ip_address'),
'floating_ip_address': fip_dict.get('floating_ip_address'),
'event': event_type,
}
db.journal_write(context.session,
self._floatingip_path(fip_dict['id']),
vpp_floatingip_dict)
def unbind(self, session, port, host):
db.journal_write(session, self._port_path(host, port), None)
self.kick()
def unbind(self, session, port, host):
db.journal_write(session, self._port_path(host, port), None)
self.kick()
def etcd_write(cls, key, value):
if cls.__instance is not None:
db.journal_write(cls.__instance._session, key, value)
cls.__instance._communicator.kick()
def _write_interface_journal(self, context, router_id, router_dict):
etcd_dir = (server.LEADIN + '/nodes/' + self.l3_host + '/' +
server.ROUTER_INTF_DIR + router_id)
db.journal_write(context.session, etcd_dir, router_dict)
self.communicator.kick()
