def _del_configure_fip_no_reserve(self, ri,floatingip,nat_server_name): nat_server_mapings = self._get_nat_server_mapping() fix_ip = '' flag = False for nat_server_maping in nat_server_mapings: if nat_server_maping['name'] == nat_server_name: fix_ip = nat_server_maping['inside_ip'] flag = self._delete_floating_ips(ri, floatingip, nat_server_name) if flag: nat_server_mapings.remove(nat_server_maping) #count the last fip with the same inside ip count = 0 for nat_server_maping in nat_server_mapings: if nat_server_maping['inside_ip'] == fix_ip: count = count + 1 if count != 1 : return for nat_server_maping in nat_server_mapings: if nat_server_maping['inside_ip'] == fix_ip and nat_server_maping['name'] != nat_server_name and count == 1: nat_server_name = nat_server_maping['name'] #del the old nat_server which with no_reverse body = ngfw_utils.get_nat_server_static_map_to_delete(nat_server_name) response = self.rest.rest_api('DELETE', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip) if response['status'] <= 300 and response['status'] >= 200: LOG.debug(_('_config__floating_ips_delete success (%s)'), nat_server_name) #then add the new nat_server without no_reverse body = ngfw_utils.get_nat_server_static_map(nat_server_name, nat_server_maping['global_ip'], fix_ip, no_reverse=False) response = self.rest.rest_api('POST', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip) if response['status'] <= 300 and response['status'] >= 200: LOG.debug(_('_config_configure_fip_delete_no_reserve body (%s) (%s)'), nat_server_name, body)
def _add_configure_fip_no_reserve(self, fixedIP): nat_server_mapings = self._get_nat_server_mapping() for nat_server_maping in nat_server_mapings: if nat_server_maping['inside_ip'] == fixedIP: nat_server_name = nat_server_maping['name'] #del the old nat_server which without no_reverse body = ngfw_utils.get_nat_server_static_map_to_delete(nat_server_name) response = self.rest.rest_api('DELETE', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip) if response['status'] <= 300 and response['status'] >= 200: LOG.debug(_('_delete_floating_ips success (%s)'), nat_server_name) #then add the new nat_server with no_reverse body = ngfw_utils.get_nat_server_static_map(nat_server_name, nat_server_maping['global_ip'], fixedIP, no_reverse=True) response = self.rest.rest_api('POST', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip) if response['status'] <= 300 and response['status'] >= 200: LOG.debug(_('_config_floating_ips body (%s) (%s)'), nat_server_name, body) return True return False
def _config_floating_ips(self, ri, floating_ips_backup): floatingip_list = {} for floatingip_id in floating_ips_backup: id_prefix = ngfw_utils.get_floatingip_name(floatingip_id) floatingip_list.update({id_prefix:floatingip_id}) floatingip_list_keys = floatingip_list.keys() prefix = ngfw_utils.get_dnat_rule_name(ri) floating_ips = self.get_ngfw_floating_ips(ri) (need_add, need_del, collect_fip, nat_fip) = self._compare_floatingip_list(ri) for del_floatingip in need_del: if del_floatingip in floatingip_list_keys: floatingip = del_floatingip else: floatingip = None #update the nat_server with no_reserve when its last self._del_configure_fip_no_reserve(ri,floatingip, nat_fip[del_floatingip]) #del port if _del_configure_fip_no_reserve dont del port succ self._delete_floating_ips(ri, floatingip, nat_fip[del_floatingip]) #del acl rules of the fip nat_server_name = '%s_%s' % (prefix, ngfw_utils.get_floatingip_name(del_floatingip)) self.del_acl_by_fip(nat_server_name) # add new dnat rules for fip in floating_ips: LOG.debug(_('_config_floating_ips_add: %s'), fip['id']) result = self.plugutil._check_ip_in_ip_pool(fip['floating_ip_address'], self.agent.fip_slb_ip_pool) if not result: continue if ngfw_utils.get_floatingip_name(fip['id']) in need_add: nat_server_name = '%s_%s' % (prefix, ngfw_utils.get_floatingip_name(fip['id'])) floatingIP = fip['floating_ip_address'] fixedIP = fip['fixed_ip_address'] #configure fip with no_reserve is_no_reserve = self._add_configure_fip_no_reserve(fixedIP) body = ngfw_utils.get_nat_server_static_map(nat_server_name, floatingIP, fixedIP, no_reverse=is_no_reserve) LOG.debug(_('_config_floating_ips_add body (%s) (%s)'), nat_server_name, body) response = self.rest.rest_api('POST', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip) #update fip status if it handle success if response['status'] >= 400: LOG.error(_('_config_floating_ips_add failed floatingIP is: (%s), fixedIP is :(%s),' '(%s) response status is: (%s) ,response body is: (%s)'), ri.router['id'], floatingIP, fixedIP, response['status'], response["body"]) fip_statuses = {fip['id']:l3_constants.FLOATINGIP_STATUS_ERROR} self.plugin_rpc.update_floatingip_statuses( self.context, ri.router_id, fip_statuses) LOG.debug(_('update_floatingip_statuses success router_id is:%s , ' 'fip_statuses is:%s'), ri.router_id, fip_statuses) return False else : fip_statuses = {fip['id']:l3_constants.FLOATINGIP_STATUS_ACTIVE} self.plugin_rpc.update_floatingip_statuses( self.context, ri.router_id, fip_statuses) LOG.debug(_('update_floatingip_statuses success router_id is:%s , ' 'fip_statuses is:%s'), ri.router_id, fip_statuses) # set acl rules for the fip self.set_acl_by_fip(nat_server_name, fixedIP, floatingIP) LOG.debug(_('_config_floating_ips success (%s) (%s) (%s)'), ri.router['id'], floatingIP, fixedIP) return True