class DefaultPolicyDriver(object): """ Implements default network policy for a generic CNI plugin. """ def __init__(self, network_name): self._client = DatastoreClient() """ DatastoreClient for access to the Calico datastore. """ self.profile_name = network_name """ Name of profile for attach to endpoint. """ # Validate the given network name to make sure it is compatible with # Calico policy. if not validate_characters(network_name): raise ValueError("Invalid characters detected in the given network " "name, %s. Only letters a-z, numbers 0-9, and " "symbols _.- are supported.", network_name) def apply_profile(self, endpoint): """Sets a profile for the networked container on the given endpoint. Create a profile if it is not yet created. :param endpoint: :return: None """ assert self.profile_name, "No profile name set." if not self._client.profile_exists(self.profile_name): # If the profile doesn't exist, create it. _log.info("Creating new profile '%s'", self.profile_name) rules = self.generate_rules() self._client.create_profile(self.profile_name, rules) # Apply any additonal tags. tags = self.generate_tags() if tags: _log.debug("Applying additional tags: %s", tags) profile = self._client.get_profile(self.profile_name) profile.tags.update(tags) self._client.profile_update_tags(profile) # Check if the profile has already been applied. if self.profile_name in endpoint.profile_ids: _log.warning("Endpoint already in profile %s", self.profile_name) return # Append profile to Calico endpoint. _log.info("Appending profile '%s' to endpoint %s", self.profile_name, endpoint.endpoint_id) try: self._client.append_profiles_to_endpoint( profile_names=[self.profile_name], endpoint_id=endpoint.endpoint_id ) except (KeyError, MultipleEndpointsMatch), e: _log.exception("Failed to apply profile to endpoint %s: %s", endpoint.name, e.message) raise ApplyProfileError(e.message)
class DefaultPolicyDriver(object): """ Implements default network policy for a generic CNI plugin. """ def __init__(self, network_name): self._client = DatastoreClient() """ DatastoreClient for access to the Calico datastore. """ self.profile_name = network_name """ Name of profile for attach to endpoint. """ # Validate the given network name to make sure it is compatible with # Calico policy. if not validate_characters(network_name): raise ValueError( "Invalid characters detected in the given network " "name, %s. Only letters a-z, numbers 0-9, and " "symbols _.- are supported.", network_name) def apply_profile(self, endpoint): """Sets a profile for the networked container on the given endpoint. Create a profile if it is not yet created. :param endpoint: :return: None """ assert self.profile_name, "No profile name set." if not self._client.profile_exists(self.profile_name): # If the profile doesn't exist, create it. _log.info("Creating new profile '%s'", self.profile_name) rules = self.generate_rules() self._client.create_profile(self.profile_name, rules) # Apply any additonal tags. tags = self.generate_tags() if tags: _log.debug("Applying additional tags: %s", tags) profile = self._client.get_profile(self.profile_name) profile.tags.update(tags) self._client.profile_update_tags(profile) # Check if the profile has already been applied. if self.profile_name in endpoint.profile_ids: _log.warning("Endpoint already in profile %s", self.profile_name) return # Append profile to Calico endpoint. _log.info("Appending profile '%s' to endpoint %s", self.profile_name, endpoint.endpoint_id) try: self._client.append_profiles_to_endpoint( profile_names=[self.profile_name], endpoint_id=endpoint.endpoint_id) except (KeyError, MultipleEndpointsMatch), e: _log.exception("Failed to apply profile to endpoint %s: %s", endpoint.name, e.message) raise ApplyProfileError(e.message)