def create_public_ipv4_port(user_id, network=None, address=None, category="user"): """Create a port in a public IPv4 network. Create a port in a public IPv4 network (that may also have an IPv6 subnet). If the category is 'user' or 'default' this will try to use one of the users floating IPs. If the category is 'admin' will create a port to the public network (without floating IPs or quotas). """ if category in ["user", "default"]: if address is None: ipaddress = ips.get_free_floating_ip(user_id, network) else: ipaddress = util.get_floating_ip_by_address(user_id, address, for_update=True) elif category == "admin": if network is None: ipaddress = ips.allocate_public_ip(user_id) else: ipaddress = ips.allocate_ip(network, user_id) else: raise ValueError("Unknown category: %s" % category) if network is None: network = ipaddress.network return _create_port(user_id, network, use_ipaddress=ipaddress)
def create_port(credentials, network_id, machine_id=None, address=None, name="", security_groups=None, device_owner=None): user_id = credentials.userid vm = None if machine_id is not None: vm = util.get_vm(machine_id, credentials, for_update=True, non_deleted=True, non_suspended=True) if vm.nics.count() == settings.GANETI_MAX_NICS_PER_INSTANCE: raise faults.BadRequest("Maximum ports per server limit reached") network = util.get_network(network_id, credentials, non_deleted=True, for_update=True) ipaddress = None if network.public: # Creating a port to a public network is only allowed if the user has # already a floating IP address in this network which is specified # as the fixed IP address of the port if address is None: msg = ("'fixed_ips' attribute must contain a floating IP address" " in order to connect to a public network.") raise faults.BadRequest(msg) ipaddress = util.get_floating_ip_by_address(credentials, address, for_update=True) port = _create_port(user_id, network, machine=vm, use_ipaddress=ipaddress, name=name, security_groups=security_groups, device_owner=device_owner) log.info("User %s created port %s, network: %s, machine: %s, ip: %s", user_id, port.id, network, vm, ipaddress) return port
def remove_floating_ip(request, vm, args): address = args.get("address") if address is None: raise faults.BadRequest("Missing 'address' attribute") floating_ip = util.get_floating_ip_by_address(vm.userid, address, for_update=True) if floating_ip.nic is None: raise faults.BadRequest("Floating IP %s not attached to instance" % address) servers.delete_port(floating_ip.nic) return HttpResponse(status=202)
def add_floating_ip(request, vm, args): address = args.get("address") if address is None: raise faults.BadRequest("Missing 'address' attribute") userid = vm.userid floating_ip = util.get_floating_ip_by_address(userid, address, for_update=True) servers.create_port(userid, floating_ip.network, machine=vm, user_ipaddress=floating_ip) return HttpResponse(status=202)
def add_floating_ip(server_id, address, credentials): vm = util.get_vm(server_id, credentials, for_update=True, non_deleted=True, non_suspended=True) floating_ip = util.get_floating_ip_by_address( credentials, address, for_update=True) userid = vm.userid _create_port(userid, floating_ip.network, machine=vm, use_ipaddress=floating_ip) log.info("User %s attached floating IP %s to VM %s, address: %s," " network %s", credentials.userid, floating_ip.id, vm.id, floating_ip.address, floating_ip.network_id)
def remove_floating_ip(request, vm, args): address = args.get("address") if address is None: raise faults.BadRequest("Missing 'address' attribute") floating_ip = util.get_floating_ip_by_address(vm.userid, request.user_projects, address, for_update=True) if floating_ip.nic is None: raise faults.BadRequest("Floating IP %s not attached to instance" % address) servers.delete_port(floating_ip.nic) log.info("User %s detached floating IP %s from VM %s", request.user_uniq, floating_ip.id, vm.id) return HttpResponse(status=202)
def add_floating_ip(request, vm, args): address = args.get("address") if address is None: raise faults.BadRequest("Missing 'address' attribute") userid = vm.userid floating_ip = util.get_floating_ip_by_address(userid, request.user_projects, address, for_update=True) servers.create_port(userid, floating_ip.network, machine=vm, user_ipaddress=floating_ip) log.info("User %s attached floating IP %s to VM %s, address: %s," " network %s", request.user_uniq, floating_ip.id, vm.id, floating_ip.address, floating_ip.network_id) return HttpResponse(status=202)
def add_floating_ip(server_id, address, credentials): vm = util.get_vm(server_id, credentials, for_update=True, non_deleted=True, non_suspended=True) floating_ip = util.get_floating_ip_by_address(credentials, address, for_update=True) userid = vm.userid _create_port(userid, floating_ip.network, machine=vm, use_ipaddress=floating_ip) log.info( "User %s attached floating IP %s to VM %s, address: %s," " network %s", credentials.userid, floating_ip.id, vm.id, floating_ip.address, floating_ip.network_id)
def remove_floating_ip(server_id, address, credentials): vm = util.get_vm(server_id, credentials, for_update=True, non_deleted=True, non_suspended=True) # This must be replaced by proper permission handling # This is currently needed to allow the user to remove a shared IP from a # VM that does not belong to the user, nor it is shared to a common # project. ip_credentials = api.Credentials(vm.userid, credentials.user_projects) floating_ip = util.get_floating_ip_by_address( ip_credentials, address, for_update=True) if floating_ip.nic is None: raise faults.BadRequest("Floating IP %s not attached to instance" % address) _delete_port(floating_ip.nic) log.info("User %s detached floating IP %s from VM %s", credentials.userid, floating_ip.id, vm.id)
def remove_floating_ip(server_id, address, credentials): vm = util.get_vm(server_id, credentials, for_update=True, non_deleted=True, non_suspended=True) # This must be replaced by proper permission handling # This is currently needed to allow the user to remove a shared IP from a # VM that does not belong to the user, nor it is shared to a common # project. ip_credentials = api.Credentials(vm.userid, credentials.user_projects) floating_ip = util.get_floating_ip_by_address(ip_credentials, address, for_update=True) if floating_ip.nic is None: raise faults.BadRequest("Floating IP %s not attached to instance" % address) _delete_port(floating_ip.nic) log.info("User %s detached floating IP %s from VM %s", credentials.userid, floating_ip.id, vm.id)
def create_port(request): user_id = request.user_uniq req = api.utils.get_json_body(request) log.debug("User: %s, Action: create_port, Request: %s", user_id, req) port_dict = api.utils.get_attribute(req, "port", attr_type=dict) net_id = api.utils.get_attribute(port_dict, "network_id", attr_type=(basestring, int)) device_id = api.utils.get_attribute(port_dict, "device_id", required=False, attr_type=(basestring, int)) vm = None if device_id is not None: vm = util.get_vm(device_id, user_id, request.user_projects, for_update=True, non_deleted=True, non_suspended=True) # Check if the request contains a valid IPv4 address fixed_ips = api.utils.get_attribute(port_dict, "fixed_ips", required=False, attr_type=list) if fixed_ips is not None and len(fixed_ips) > 0: if len(fixed_ips) > 1: msg = "'fixed_ips' attribute must contain only one fixed IP." raise faults.BadRequest(msg) fixed_ip = fixed_ips[0] if not isinstance(fixed_ip, dict): raise faults.BadRequest("Invalid 'fixed_ips' field.") fixed_ip_address = fixed_ip.get("ip_address") if fixed_ip_address is not None: try: ip = ipaddr.IPAddress(fixed_ip_address) if ip.version == 6: msg = "'ip_address' can be only an IPv4 address'" raise faults.BadRequest(msg) except ValueError: msg = "%s is not a valid IPv4 Address" % fixed_ip_address raise faults.BadRequest(msg) else: fixed_ip_address = None network = util.get_network(net_id, user_id, request.user_projects, non_deleted=True, for_update=True) ipaddress = None if network.public: # Creating a port to a public network is only allowed if the user has # already a floating IP address in this network which is specified # as the fixed IP address of the port if fixed_ip_address is None: msg = ("'fixed_ips' attribute must contain a floating IP address" " in order to connect to a public network.") raise faults.BadRequest(msg) ipaddress = util.get_floating_ip_by_address(user_id, request.user_projects, fixed_ip_address, for_update=True) elif fixed_ip_address: ipaddress = ips.allocate_ip(network, user_id, address=fixed_ip_address) name = api.utils.get_attribute(port_dict, "name", required=False, attr_type=basestring) if name is None: name = "" security_groups = api.utils.get_attribute(port_dict, "security_groups", required=False, attr_type=list) #validate security groups # like get security group from db sg_list = [] if security_groups: for gid in security_groups: try: sg = util.get_security_group(int(gid)) except (KeyError, ValueError): raise faults.BadRequest("Invalid 'security_groups' field.") sg_list.append(sg) new_port = servers.create_port(user_id, network, use_ipaddress=ipaddress, machine=vm, name=name) log.info("User %s created port %s, network: %s, machine: %s, ip: %s", user_id, new_port.id, network, vm, ipaddress) response = render_port(request, port_to_dict(new_port), status=201) return response
def create_port(request): user_id = request.user_uniq req = api.utils.get_json_body(request) log.info('create_port user: %s request: %s', user_id, req) port_dict = api.utils.get_attribute(req, "port", attr_type=dict) net_id = api.utils.get_attribute(port_dict, "network_id", attr_type=(basestring, int)) device_id = api.utils.get_attribute(port_dict, "device_id", required=False, attr_type=(basestring, int)) vm = None if device_id is not None: vm = util.get_vm(device_id, user_id, for_update=True, non_deleted=True, non_suspended=True) # Check if the request contains a valid IPv4 address fixed_ips = api.utils.get_attribute(port_dict, "fixed_ips", required=False, attr_type=list) if fixed_ips is not None and len(fixed_ips) > 0: if len(fixed_ips) > 1: msg = "'fixed_ips' attribute must contain only one fixed IP." raise faults.BadRequest(msg) fixed_ip = fixed_ips[0] if not isinstance(fixed_ip, dict): raise faults.BadRequest("Invalid 'fixed_ips' field.") fixed_ip_address = fixed_ip.get("ip_address") if fixed_ip_address is not None: try: ip = ipaddr.IPAddress(fixed_ip_address) if ip.version == 6: msg = "'ip_address' can be only an IPv4 address'" raise faults.BadRequest(msg) except ValueError: msg = "%s is not a valid IPv4 Address" % fixed_ip_address raise faults.BadRequest(msg) else: fixed_ip_address = None network = util.get_network(net_id, user_id, non_deleted=True, for_update=True) ipaddress = None if network.public: # Creating a port to a public network is only allowed if the user has # already a floating IP address in this network which is specified # as the fixed IP address of the port if fixed_ip_address is None: msg = ("'fixed_ips' attribute must contain a floating IP address" " in order to connect to a public network.") raise faults.BadRequest(msg) ipaddress = util.get_floating_ip_by_address(user_id, fixed_ip_address, for_update=True) elif fixed_ip_address: ipaddress = ips.allocate_ip(network, user_id, address=fixed_ip_address) name = api.utils.get_attribute(port_dict, "name", required=False, attr_type=basestring) if name is None: name = "" security_groups = api.utils.get_attribute(port_dict, "security_groups", required=False, attr_type=list) #validate security groups # like get security group from db sg_list = [] if security_groups: for gid in security_groups: try: sg = util.get_security_group(int(gid)) except (KeyError, ValueError): raise faults.BadRequest("Invalid 'security_groups' field.") sg_list.append(sg) new_port = servers.create_port(user_id, network, use_ipaddress=ipaddress, machine=vm, name=name) response = render_port(request, port_to_dict(new_port), status=201) return response