def _del_configure_fip_no_reserve(self, ri,floatingip,nat_server_name):
nat_server_mapings = self._get_nat_server_mapping()
fix_ip = ''
flag = False
for nat_server_maping in nat_server_mapings:
if nat_server_maping['name'] == nat_server_name:
fix_ip = nat_server_maping['inside_ip']
flag = self._delete_floating_ips(ri, floatingip, nat_server_name)
if flag:
nat_server_mapings.remove(nat_server_maping)
#count the last fip with the same inside ip
count = 0
for nat_server_maping in nat_server_mapings:
if nat_server_maping['inside_ip'] == fix_ip:
count = count + 1
if count != 1 :
return
for nat_server_maping in nat_server_mapings:
if nat_server_maping['inside_ip'] == fix_ip and nat_server_maping['name'] != nat_server_name and count == 1:
nat_server_name = nat_server_maping['name']
#del the old nat_server which with no_reverse
body = ngfw_utils.get_nat_server_static_map_to_delete(nat_server_name)
response = self.rest.rest_api('DELETE', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip)
if response['status'] <= 300 and response['status'] >= 200:
LOG.debug(_('_config__floating_ips_delete success (%s)'), nat_server_name)
#then add the new nat_server without no_reverse
body = ngfw_utils.get_nat_server_static_map(nat_server_name, nat_server_maping['global_ip'], fix_ip, no_reverse=False)
response = self.rest.rest_api('POST', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip)
if response['status'] <= 300 and response['status'] >= 200:
LOG.debug(_('_config_configure_fip_delete_no_reserve body (%s) (%s)'), nat_server_name, body)
def _add_configure_fip_no_reserve(self, fixedIP):
nat_server_mapings = self._get_nat_server_mapping()
for nat_server_maping in nat_server_mapings:
if nat_server_maping['inside_ip'] == fixedIP:
nat_server_name = nat_server_maping['name']
#del the old nat_server which without no_reverse
body = ngfw_utils.get_nat_server_static_map_to_delete(nat_server_name)
response = self.rest.rest_api('DELETE', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip)
if response['status'] <= 300 and response['status'] >= 200:
LOG.debug(_('_delete_floating_ips success (%s)'), nat_server_name)
#then add the new nat_server with no_reverse
body = ngfw_utils.get_nat_server_static_map(nat_server_name, nat_server_maping['global_ip'], fixedIP, no_reverse=True)
response = self.rest.rest_api('POST', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip)
if response['status'] <= 300 and response['status'] >= 200:
LOG.debug(_('_config_floating_ips body (%s) (%s)'), nat_server_name, body)
return True
return False
def _config_floating_ips(self, ri, floating_ips_backup):
floatingip_list = {}
for floatingip_id in floating_ips_backup:
id_prefix = ngfw_utils.get_floatingip_name(floatingip_id)
floatingip_list.update({id_prefix:floatingip_id})
floatingip_list_keys = floatingip_list.keys()
prefix = ngfw_utils.get_dnat_rule_name(ri)
floating_ips = self.get_ngfw_floating_ips(ri)
(need_add, need_del, collect_fip, nat_fip) = self._compare_floatingip_list(ri)
for del_floatingip in need_del:
if del_floatingip in floatingip_list_keys:
floatingip = del_floatingip
else:
floatingip = None
#update the nat_server with no_reserve when its last
self._del_configure_fip_no_reserve(ri,floatingip, nat_fip[del_floatingip])
#del port if _del_configure_fip_no_reserve dont del port succ
self._delete_floating_ips(ri, floatingip, nat_fip[del_floatingip])
#del acl rules of the fip
nat_server_name = '%s_%s' % (prefix, ngfw_utils.get_floatingip_name(del_floatingip))
self.del_acl_by_fip(nat_server_name)
# add new dnat rules
for fip in floating_ips:
LOG.debug(_('_config_floating_ips_add: %s'), fip['id'])
result = self.plugutil._check_ip_in_ip_pool(fip['floating_ip_address'], self.agent.fip_slb_ip_pool)
if not result:
continue
if ngfw_utils.get_floatingip_name(fip['id']) in need_add:
nat_server_name = '%s_%s' % (prefix, ngfw_utils.get_floatingip_name(fip['id']))
floatingIP = fip['floating_ip_address']
fixedIP = fip['fixed_ip_address']
#configure fip with no_reserve
is_no_reserve = self._add_configure_fip_no_reserve(fixedIP)
body = ngfw_utils.get_nat_server_static_map(nat_server_name, floatingIP, fixedIP, no_reverse=is_no_reserve)
LOG.debug(_('_config_floating_ips_add body (%s) (%s)'), nat_server_name, body)
response = self.rest.rest_api('POST', ngfw_utils.NGFW_URL_NAT_SERVER, body, device_ip=self.director_for_fip)
#update fip status if it handle success
if response['status'] >= 400:
LOG.error(_('_config_floating_ips_add failed floatingIP is: (%s), fixedIP is :(%s),'
'(%s) response status is: (%s) ,response body is: (%s)'),
ri.router['id'], floatingIP, fixedIP, response['status'], response["body"])
fip_statuses = {fip['id']:l3_constants.FLOATINGIP_STATUS_ERROR}
self.plugin_rpc.update_floatingip_statuses(
self.context, ri.router_id, fip_statuses)
LOG.debug(_('update_floatingip_statuses success router_id is:%s , '
'fip_statuses is:%s'), ri.router_id, fip_statuses)
return False
else :
fip_statuses = {fip['id']:l3_constants.FLOATINGIP_STATUS_ACTIVE}
self.plugin_rpc.update_floatingip_statuses(
self.context, ri.router_id, fip_statuses)
LOG.debug(_('update_floatingip_statuses success router_id is:%s , '
'fip_statuses is:%s'), ri.router_id, fip_statuses)
# set acl rules for the fip
self.set_acl_by_fip(nat_server_name, fixedIP, floatingIP)
LOG.debug(_('_config_floating_ips success (%s) (%s) (%s)'),
ri.router['id'], floatingIP, fixedIP)
return True
