def create(self, context, listener, certificate=None): default_pool = None lb_id = listener.loadbalancer_id lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) edge_id = lb_binding['edge_id'] if listener.default_pool and listener.default_pool.id: pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding( context.session, lb_id, listener.default_pool.id) if pool_binding: default_pool = pool_binding['edge_pool_id'] edge_cert_id = None if certificate: try: edge_cert_id = self._upload_certificate( context, edge_id, listener.default_tls_container_id, certificate) except Exception: with excutils.save_and_reraise_exception(): self.lbv2_driver.listener.failed_completion(context, listener) app_profile = listener_to_edge_app_profile(listener, edge_cert_id) app_profile_id = None try: with locking.LockManager.get_lock(edge_id): h = (self.vcns.create_app_profile(edge_id, app_profile))[0] app_profile_id = lb_common.extract_resource_id(h['location']) except vcns_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.listener.failed_completion(context, listener) LOG.error('Failed to create app profile on edge: %s', lb_binding['edge_id']) vse = listener_to_edge_vse(context, listener, lb_binding['vip_address'], default_pool, app_profile_id) try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_vip(edge_id, vse)[0] edge_vse_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_listener_binding(context.session, lb_id, listener.id, app_profile_id, edge_vse_id) self.lbv2_driver.listener.successful_completion(context, listener) except vcns_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.listener.failed_completion(context, listener) LOG.error('Failed to create vip on Edge: %s', edge_id) self.vcns.delete_app_profile(edge_id, app_profile_id)
def create(self, context, listener, certificate=None): default_pool = None lb_id = listener.loadbalancer_id lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) edge_id = lb_binding['edge_id'] if listener.default_pool and listener.default_pool.id: pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding( context.session, lb_id, listener.id, listener.default_pool.id) if pool_binding: default_pool = pool_binding['edge_pool_id'] edge_cert_id = None if certificate: try: edge_cert_id = self._upload_certificate( context, edge_id, listener.default_tls_container_id, certificate) except Exception: with excutils.save_and_reraise_exception(): self.lbv2_driver.listener.failed_completion(context, listener) app_profile = listener_to_edge_app_profile(listener, edge_cert_id) app_profile_id = None try: with locking.LockManager.get_lock(edge_id): h = (self.vcns.create_app_profile(edge_id, app_profile))[0] app_profile_id = lb_common.extract_resource_id(h['location']) except vcns_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.listener.failed_completion(context, listener) LOG.error(_LE('Failed to create app profile on edge: %s'), lb_binding['edge_id']) vse = listener_to_edge_vse(listener, lb_binding['vip_address'], default_pool, app_profile_id) try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_vip(edge_id, vse)[0] edge_vse_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_listener_binding(context.session, lb_id, listener.id, app_profile_id, edge_vse_id) self.lbv2_driver.listener.successful_completion(context, listener) except vcns_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.listener.failed_completion(context, listener) LOG.error(_LE('Failed to create vip on Edge: %s'), edge_id) self.vcns.delete_app_profile(edge_id, app_profile_id)
def _create_ssl_cert(self, edge_id=None): # Create a self signed certificate in the backend if both Cert details # and private key are not supplied in nsx.ini if (not cfg.CONF.nsxv.metadata_nova_client_cert and not cfg.CONF.nsxv.metadata_nova_client_priv_key): h = self.nsxv_plugin.nsx_v.vcns.create_csr(edge_id)[0] # Extract the CSR ID from header csr_id = lbaas_common.extract_resource_id(h['location']) # Create a self signed certificate cert = self.nsxv_plugin.nsx_v.vcns.create_csr_cert(csr_id)[1] cert_id = cert['objectId'] else: # Raise an error if either the Cert path or the private key is not # configured error = None if not cfg.CONF.nsxv.metadata_nova_client_cert: error = _('Metadata certificate path not configured') elif not cfg.CONF.nsxv.metadata_nova_client_priv_key: error = _('Metadata client private key not configured') if error: raise nsxv_exc.NsxPluginException(err_msg=error) pem_encoding = utils.read_file( cfg.CONF.nsxv.metadata_nova_client_cert) priv_key = utils.read_file( cfg.CONF.nsxv.metadata_nova_client_priv_key) request = { 'pemEncoding': pem_encoding, 'privateKey': priv_key} cert = self.nsxv_plugin.nsx_v.vcns.upload_edge_certificate( edge_id, request)[1] cert_id = cert.get('certificates')[0]['objectId'] return cert_id
def create_pool(self, context, pool): LOG.debug('Creating pool %s', pool) edge_id = lb_common.get_lbaas_edge_id_for_subnet( context, self.callbacks.plugin, pool['subnet_id'], pool['tenant_id']) if edge_id is None: self.lbv1_driver.pool_failed(context, pool) msg = _( 'No suitable Edge found for subnet %s') % pool['subnet_id'] raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) # If Edge appliance is used for the 1st time for LB, # enable LB acceleration if not self.is_edge_in_use(context, edge_id): lb_common.enable_edge_acceleration(self.vcns, edge_id) edge_pool = convert_lbaas_pool(pool) try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_pool(edge_id, edge_pool)[0] edge_pool_id = lb_common.extract_resource_id(h['location']) self.lbv1_driver.create_pool_successful( context, pool, edge_id, edge_pool_id) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv1_driver.pool_failed(context, pool) LOG.error(_LE('Failed to create pool %s'), pool['id'])
def create(self, context, hm): lb_id = hm.pool.loadbalancer_id lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) edge_id = lb_binding['edge_id'] pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding( context.session, lb_id, hm.pool.id) if not pool_binding: self.lbv2_driver.health_monitor.failed_completion(context, hm) msg = _('Failed to create health monitor on edge: %s. ' 'Binding not found') % edge_id LOG.error(msg) raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_pool_id = pool_binding['edge_pool_id'] hm_binding = nsxv_db.get_nsxv_lbaas_monitor_binding( context.session, lb_id, hm.pool.id, hm.id, edge_id) edge_mon_id = None if hm_binding: edge_mon_id = hm_binding['edge_mon_id'] else: edge_monitor = self._convert_lbaas_monitor(hm) try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_health_monitor(edge_id, edge_monitor)[0] edge_mon_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_monitor_binding(context.session, lb_id, hm.pool.id, hm.id, edge_id, edge_mon_id) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.health_monitor.failed_completion( context, hm) LOG.error('Failed to create health monitor on edge: %s', edge_id) try: # Associate monitor with Edge pool with locking.LockManager.get_lock(edge_id): edge_pool = self.vcns.get_pool(edge_id, edge_pool_id)[1] if edge_pool.get('monitorId'): edge_pool['monitorId'].append(edge_mon_id) else: edge_pool['monitorId'] = [edge_mon_id] self.vcns.update_pool(edge_id, edge_pool_id, edge_pool) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.health_monitor.failed_completion(context, hm) LOG.error('Failed to create health monitor on edge: %s', edge_id) self.lbv2_driver.health_monitor.successful_completion(context, hm)
def _create_ssl_cert(self, edge_id=None): # Create a self signed certificate in the backend if both Cert details # and private key are not supplied in nsx.ini if (not cfg.CONF.nsxv.metadata_nova_client_cert and not cfg.CONF.nsxv.metadata_nova_client_priv_key): h = self.nsxv_plugin.nsx_v.vcns.create_csr(edge_id)[0] # Extract the CSR ID from header csr_id = lbaas_common.extract_resource_id(h['location']) # Create a self signed certificate cert = self.nsxv_plugin.nsx_v.vcns.create_csr_cert(csr_id)[1] cert_id = cert['objectId'] else: # Raise an error if either the Cert path or the private key is not # configured error = None if not cfg.CONF.nsxv.metadata_nova_client_cert: error = _('Metadata certificate path not configured') elif not cfg.CONF.nsxv.metadata_nova_client_priv_key: error = _('Metadata client private key not configured') if error: raise nsxv_exc.NsxPluginException(err_msg=error) pem_encoding = utils.read_file( cfg.CONF.nsxv.metadata_nova_client_cert) priv_key = utils.read_file( cfg.CONF.nsxv.metadata_nova_client_priv_key) request = { 'pemEncoding': pem_encoding, 'privateKey': priv_key} cert = self.nsxv_plugin.nsx_v.vcns.upload_edge_certificate( edge_id, request)[1] cert_id = cert.get('certificates')[0]['objectId'] return cert_id
def create_pool(self, context, pool): LOG.debug('Creating pool %s', pool) edge_id = lb_common.get_lbaas_edge_id_for_subnet( context, self.callbacks.plugin, pool['subnet_id'], pool['tenant_id']) if edge_id is None: self.lbv1_driver.pool_failed(context, pool) msg = _('No suitable Edge found for subnet %s') % pool['subnet_id'] raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) # If Edge appliance is used for the 1st time for LB, # enable LB acceleration if not self.is_edge_in_use(context, edge_id): lb_common.enable_edge_acceleration(self.vcns, edge_id) edge_pool = convert_lbaas_pool(pool) try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_pool(edge_id, edge_pool)[0] edge_pool_id = lb_common.extract_resource_id(h['location']) self.lbv1_driver.create_pool_successful(context, pool, edge_id, edge_pool_id) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv1_driver.pool_failed(context, pool) LOG.error(_LE('Failed to create pool %s'), pool['id'])
def create(self, context, hm, completor): lb_id = hm['pool']['loadbalancer_id'] lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) edge_id = lb_binding['edge_id'] pool_id = hm['pool']['id'] pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding( context.session, lb_id, pool_id) if not pool_binding: completor(success=False) msg = _('Failed to create health monitor on edge: %s. ' 'Binding not found') % edge_id LOG.error(msg) raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_pool_id = pool_binding['edge_pool_id'] hm_binding = nsxv_db.get_nsxv_lbaas_monitor_binding( context.session, lb_id, pool_id, hm['id'], edge_id) edge_mon_id = None if hm_binding: edge_mon_id = hm_binding['edge_mon_id'] else: edge_monitor = self._convert_lbaas_monitor(hm) try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_health_monitor(edge_id, edge_monitor)[0] edge_mon_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_monitor_binding( context.session, lb_id, pool_id, hm['id'], edge_id, edge_mon_id) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): completor(success=False) LOG.error('Failed to create health monitor on edge: %s', edge_id) try: # Associate monitor with Edge pool with locking.LockManager.get_lock(edge_id): edge_pool = self.vcns.get_pool(edge_id, edge_pool_id)[1] if edge_pool.get('monitorId'): edge_pool['monitorId'].append(edge_mon_id) else: edge_pool['monitorId'] = [edge_mon_id] self.vcns.update_pool(edge_id, edge_pool_id, edge_pool) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): completor(success=False) LOG.error('Failed to create health monitor on edge: %s', edge_id) completor(success=True)
def create(self, context, pol, completor): # find out the edge to be updated, by the listener of this policy listener = pol['listener'] lb_id = listener['loadbalancer_id'] lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) if not lb_binding: msg = _('No suitable Edge found for listener %s') % listener['id'] raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) if (listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS or listener['protocol'] == lb_const.LB_PROTOCOL_TERMINATED_HTTPS): msg = _( 'L7 policy is not supported for %(prot)s listener %(ls)s') % { 'prot': listener['protocol'], 'ls': pol['listener_id'] } raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_id = lb_binding['edge_id'] app_rule = policy_to_application_rule(pol) app_rule_id = None try: with locking.LockManager.get_lock(edge_id): # create the backend application rule for this policy h = (self.vcns.create_app_rule(edge_id, app_rule))[0] app_rule_id = lb_common.extract_resource_id(h['location']) # add the nsx application rule (neutron policy) to the nsx # virtual server (neutron listener) vse_id = self._get_vse_id(context, pol) if vse_id: self._add_app_rule_to_virtual_server( edge_id, vse_id, app_rule_id, pol['position']) except Exception as e: with excutils.save_and_reraise_exception(): completor(success=False) LOG.error( 'Failed to create L7policy on edge %(edge)s: ' '%(err)s', { 'edge': edge_id, 'err': e }) if app_rule_id: # Failed to add the rule to the vip: delete the rule # from the backend. try: self.vcns.delete_app_rule(edge_id, app_rule_id) except Exception: pass # save the nsx application rule id in the DB nsxv_db.add_nsxv_lbaas_l7policy_binding(context.session, pol['id'], edge_id, app_rule_id) # complete the transaction completor(success=True)
def create_vip(self, context, vip, pool_mapping): LOG.debug('Create VIP %s', vip) app_profile = convert_lbaas_app_profile( vip['id'], vip.get('session_persistence', {}), vip.get('protocol')) if not pool_mapping: msg = _('Pool %s in not mapped to any Edge appliance') % ( vip['pool_id']) raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_id = pool_mapping['edge_id'] try: with locking.LockManager.get_lock(edge_id): h = (self.vcns.create_app_profile(edge_id, app_profile))[0] app_profile_id = lb_common.extract_resource_id(h['location']) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv1_driver.vip_failed(context, vip) LOG.error(_LE('Failed to create app profile on edge: %s'), edge_id) edge_vip = convert_lbaas_vip(vip, app_profile_id, pool_mapping) try: lb_common.add_vip_as_secondary_ip(self.vcns, edge_id, vip['address']) with locking.LockManager.get_lock(edge_id): h = self.vcns.create_vip(edge_id, edge_vip)[0] edge_vip_id = lb_common.extract_resource_id(h['location']) edge_fw_rule_id = lb_common.add_vip_fw_rule(self.vcns, edge_id, vip['id'], vip['address']) self.lbv1_driver.create_vip_successful( context, vip, edge_id, app_profile_id, edge_vip_id, edge_fw_rule_id) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv1_driver.vip_failed(context, vip) LOG.error(_LE('Failed to create vip on Edge: %s'), edge_id) with locking.LockManager.get_lock(edge_id): self.vcns.delete_app_profile(edge_id, app_profile_id)
def create(self, context, hm): listener = hm.pool.listener lb_id = listener.loadbalancer_id lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding( context.session, lb_id, listener.id, hm.pool.id) edge_id = lb_binding['edge_id'] edge_pool_id = pool_binding['edge_pool_id'] hm_binding = nsxv_db.get_nsxv_lbaas_monitor_binding( context.session, lb_id, listener.id, hm.pool.id, hm.id, edge_id) edge_mon_id = None if hm_binding: edge_mon_id = hm_binding['edge_mon_id'] else: edge_monitor = self._convert_lbaas_monitor(hm) try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_health_monitor(edge_id, edge_monitor)[0] edge_mon_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_monitor_binding( context.session, lb_id, listener.id, hm.pool.id, hm.id, edge_id, edge_mon_id) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.health_monitor.failed_completion( context, hm) LOG.error(_LE('Failed to create health monitor on edge: %s' ), edge_id) try: # Associate monitor with Edge pool with locking.LockManager.get_lock(edge_id): edge_pool = self.vcns.get_pool(edge_id, edge_pool_id)[1] if edge_pool.get('monitorId'): edge_pool['monitorId'].append(edge_mon_id) else: edge_pool['monitorId'] = [edge_mon_id] self.vcns.update_pool(edge_id, edge_pool_id, edge_pool) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.health_monitor.failed_completion(context, hm) LOG.error( _LE('Failed to create health monitor on edge: %s'), edge_id) self.lbv2_driver.health_monitor.successful_completion(context, hm)
def create_vip(self, context, vip, pool_mapping): LOG.debug('Create VIP %s', vip) app_profile = convert_lbaas_app_profile( vip['id'], vip.get('session_persistence', {}), vip.get('protocol')) if not pool_mapping: msg = _('Pool %s in not mapped to any Edge appliance') % ( vip['pool_id']) raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_id = pool_mapping['edge_id'] try: with locking.LockManager.get_lock(edge_id): h = (self.vcns.create_app_profile(edge_id, app_profile))[0] app_profile_id = lb_common.extract_resource_id(h['location']) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv1_driver.vip_failed(context, vip) LOG.error(_LE('Failed to create app profile on edge: %s'), edge_id) edge_vip = convert_lbaas_vip(vip, app_profile_id, pool_mapping) try: lb_common.add_vip_as_secondary_ip(self.vcns, edge_id, vip['address']) with locking.LockManager.get_lock(edge_id): h = self.vcns.create_vip(edge_id, edge_vip)[0] edge_vip_id = lb_common.extract_resource_id(h['location']) edge_fw_rule_id = lb_common.add_vip_fw_rule( self.vcns, edge_id, vip['id'], vip['address']) self.lbv1_driver.create_vip_successful(context, vip, edge_id, app_profile_id, edge_vip_id, edge_fw_rule_id) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv1_driver.vip_failed(context, vip) LOG.error(_LE('Failed to create vip on Edge: %s'), edge_id) with locking.LockManager.get_lock(edge_id): self.vcns.delete_app_profile(edge_id, app_profile_id)
def create_pool_health_monitor(self, context, health_monitor, pool_id, pool_mapping, mon_mappings): LOG.debug('Create HM %s', health_monitor) edge_mon_id = None with locking.LockManager.get_lock(pool_mapping['edge_id']): # 1st, we find if we already have a pool with the same monitor, on # the same Edge appliance. # If there is no pool on this Edge which is already associated with # this monitor, create this monitor on Edge if mon_mappings: edge_mon_id = mon_mappings['edge_monitor_id'] else: edge_monitor = convert_lbaas_monitor(health_monitor) try: h = self.vcns.create_health_monitor( pool_mapping['edge_id'], edge_monitor)[0] edge_mon_id = lb_common.extract_resource_id(h['location']) except nsxv_exc.VcnsApiException: self.lbv1_driver.pool_health_monitor_failed(context, health_monitor, pool_id) with excutils.save_and_reraise_exception(): LOG.error( _LE('Failed to associate monitor on edge: %s'), pool_mapping['edge_id']) try: # Associate monitor with Edge pool edge_pool = self.vcns.get_pool(pool_mapping['edge_id'], pool_mapping['edge_pool_id'])[1] if edge_pool['monitorId']: edge_pool['monitorId'].append(edge_mon_id) else: edge_pool['monitorId'] = [edge_mon_id] self.vcns.update_pool(pool_mapping['edge_id'], pool_mapping['edge_pool_id'], edge_pool) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv1_driver.pool_health_monitor_failed(context, health_monitor, pool_id) LOG.error( _LE('Failed to associate monitor on edge: %s'), pool_mapping['edge_id']) self.lbv1_driver.create_pool_health_monitor_successful( context, health_monitor, pool_id, pool_mapping['edge_id'], edge_mon_id)
def create(self, context, pool, completor): pool_id = pool['id'] edge_pool = { 'name': 'pool_' + pool_id, 'description': pool.get('description', pool.get('name')), 'algorithm': lb_const.BALANCE_MAP.get(pool['lb_algorithm'], 'round-robin'), 'transparent': False } lb_id = pool['loadbalancer_id'] lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) if not lb_binding: msg = _( 'No suitable Edge found for pool %s') % pool_id raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_id = lb_binding['edge_id'] try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_pool(edge_id, edge_pool)[0] edge_pool_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_pool_binding(context.session, lb_id, pool_id, edge_pool_id) if pool['listener']: listener_binding = nsxv_db.get_nsxv_lbaas_listener_binding( context.session, lb_id, pool['listener']['id']) # Associate listener with pool vse = listener_mgr.listener_to_edge_vse( context, pool['listener'], lb_binding['vip_address'], edge_pool_id, listener_binding['app_profile_id']) with locking.LockManager.get_lock(edge_id): self.vcns.update_vip(edge_id, listener_binding['vse_id'], vse) # This action also set this pool as the default pool of the # listener, so the application profile may need to be updated if pool['session_persistence']: listener_mgr.update_app_profile( self.vcns, context, pool['listener'], edge_id) completor(success=True) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): completor(success=False) LOG.error('Failed to create pool %s', pool['id'])
def create(self, context, pool, completor): pool_id = pool['id'] edge_pool = { 'name': 'pool_' + pool_id, 'description': pool.get('description', pool.get('name')), 'algorithm': lb_const.BALANCE_MAP.get(pool['lb_algorithm'], 'round-robin'), 'transparent': False } lb_id = pool['loadbalancer_id'] lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) if not lb_binding: msg = _( 'No suitable Edge found for pool %s') % pool_id raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_id = lb_binding['edge_id'] try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_pool(edge_id, edge_pool)[0] edge_pool_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_pool_binding(context.session, lb_id, pool_id, edge_pool_id) if pool['listener']: listener_binding = nsxv_db.get_nsxv_lbaas_listener_binding( context.session, lb_id, pool['listener']['id']) # Associate listener with pool vse = listener_mgr.listener_to_edge_vse( context, pool['listener'], lb_binding['vip_address'], edge_pool_id, listener_binding['app_profile_id']) with locking.LockManager.get_lock(edge_id): self.vcns.update_vip(edge_id, listener_binding['vse_id'], vse) # This action also set this pool as the default pool of the # listener, so the application profile may need to be updated if pool['session_persistence']: listener_mgr.update_app_profile( self.vcns, context, pool['listener'], edge_id) completor(success=True) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): completor(success=False) LOG.error('Failed to create pool %s', pool['id'])
def create(self, context, pol, completor): # find out the edge to be updated, by the listener of this policy listener = pol['listener'] lb_id = listener['loadbalancer_id'] lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) if not lb_binding: msg = _( 'No suitable Edge found for listener %s') % listener['id'] raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) if (listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS or listener['protocol'] == lb_const.LB_PROTOCOL_TERMINATED_HTTPS): msg = _( 'L7 policy is not supported for %(prot)s listener %(ls)s') % { 'prot': listener['protocol'], 'ls': pol['listener_id']} raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_id = lb_binding['edge_id'] app_rule = policy_to_application_rule(pol) app_rule_id = None try: with locking.LockManager.get_lock(edge_id): # create the backend application rule for this policy h = (self.vcns.create_app_rule(edge_id, app_rule))[0] app_rule_id = lb_common.extract_resource_id(h['location']) # add the nsx application rule (neutron policy) to the nsx # virtual server (neutron listener) vse_id = self._get_vse_id(context, pol) if vse_id: self._add_app_rule_to_virtual_server( edge_id, vse_id, app_rule_id, pol['position']) except Exception as e: with excutils.save_and_reraise_exception(): completor(success=False) LOG.error('Failed to create L7policy on edge %(edge)s: ' '%(err)s', {'edge': edge_id, 'err': e}) if app_rule_id: # Failed to add the rule to the vip: delete the rule # from the backend. try: self.vcns.delete_app_rule(edge_id, app_rule_id) except Exception: pass # save the nsx application rule id in the DB nsxv_db.add_nsxv_lbaas_l7policy_binding(context.session, pol['id'], edge_id, app_rule_id) # complete the transaction completor(success=True)
def create_pool_health_monitor(self, context, health_monitor, pool_id, pool_mapping, mon_mappings): LOG.debug('Create HM %s', health_monitor) edge_mon_id = None with locking.LockManager.get_lock(pool_mapping['edge_id']): # 1st, we find if we already have a pool with the same monitor, on # the same Edge appliance. # If there is no pool on this Edge which is already associated with # this monitor, create this monitor on Edge if mon_mappings: edge_mon_id = mon_mappings['edge_monitor_id'] else: edge_monitor = convert_lbaas_monitor(health_monitor) try: h = self.vcns.create_health_monitor( pool_mapping['edge_id'], edge_monitor)[0] edge_mon_id = lb_common.extract_resource_id(h['location']) except nsxv_exc.VcnsApiException: self.lbv1_driver.pool_health_monitor_failed( context, health_monitor, pool_id) with excutils.save_and_reraise_exception(): LOG.error( _LE('Failed to associate monitor on edge: %s'), pool_mapping['edge_id']) try: # Associate monitor with Edge pool edge_pool = self.vcns.get_pool(pool_mapping['edge_id'], pool_mapping['edge_pool_id'])[1] if edge_pool['monitorId']: edge_pool['monitorId'].append(edge_mon_id) else: edge_pool['monitorId'] = [edge_mon_id] self.vcns.update_pool(pool_mapping['edge_id'], pool_mapping['edge_pool_id'], edge_pool) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv1_driver.pool_health_monitor_failed( context, health_monitor, pool_id) LOG.error(_LE('Failed to associate monitor on edge: %s'), pool_mapping['edge_id']) self.lbv1_driver.create_pool_health_monitor_successful( context, health_monitor, pool_id, pool_mapping['edge_id'], edge_mon_id)
def create(self, context, pol): # find out the edge to be updated, by the listener of this policy lb_id = pol.listener.loadbalancer_id lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) if not lb_binding: msg = _('No suitable Edge found for listener %s') % pol.listener_id raise n_exc.BadRequest(resource='edge-lbaas', msg=msg) edge_id = lb_binding['edge_id'] app_rule = policy_to_application_rule(pol) app_rule_id = None try: with locking.LockManager.get_lock(edge_id): # create the backend application rule for this policy h = (self.vcns.create_app_rule(edge_id, app_rule))[0] app_rule_id = lb_common.extract_resource_id(h['location']) # add the nsx application rule (neutron policy) to the nsx # virtual server (neutron listener) vse_id = self._get_vse_id(context, pol) if vse_id: self._add_app_rule_to_virtual_server( edge_id, vse_id, app_rule_id, pol.position) except Exception as e: with excutils.save_and_reraise_exception(): self.lbv2_driver.l7policy.failed_completion(context, pol) LOG.error( 'Failed to create L7policy on edge %(edge)s: ' '%(err)s', { 'edge': edge_id, 'err': e }) if app_rule_id: # Failed to add the rule to the vip: delete the rule # from the backend. try: self.vcns.delete_app_rule(edge_id, app_rule_id) except Exception: pass # save the nsx application rule id in the DB nsxv_db.add_nsxv_lbaas_l7policy_binding(context.session, pol.id, edge_id, app_rule_id) # complete the transaction self.lbv2_driver.l7policy.successful_completion(context, pol)
def create(self, context, pool): edge_pool = { 'name': 'pool_' + pool.id, 'description': getattr(pool, 'description', getattr(pool, 'name')), 'algorithm': lb_const.BALANCE_MAP.get(pool.lb_algorithm, 'round-robin'), 'transparent': False } lb_id = pool.loadbalancer_id lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) edge_id = lb_binding['edge_id'] try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_pool(edge_id, edge_pool)[0] edge_pool_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_pool_binding(context.session, lb_id, pool.id, edge_pool_id) if pool.listener: listener_binding = nsxv_db.get_nsxv_lbaas_listener_binding( context.session, lb_id, pool.listener.id) # Associate listener with pool vse = listener_mgr.listener_to_edge_vse( pool.listener, lb_binding['vip_address'], edge_pool_id, listener_binding['app_profile_id']) with locking.LockManager.get_lock(edge_id): self.vcns.update_vip(edge_id, listener_binding['vse_id'], vse) self.lbv2_driver.pool.successful_completion(context, pool) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.pool.failed_completion(context, pool) LOG.error(_LE('Failed to create pool %s'), pool['id'])
def create(self, context, pool): edge_pool = { 'name': 'pool_' + pool.id, 'description': getattr(pool, 'description', getattr(pool, 'name')), 'algorithm': lb_const.BALANCE_MAP.get(pool.lb_algorithm, 'round-robin'), 'transparent': False } listener = pool.listener lb_id = listener.loadbalancer_id lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding( context.session, lb_id) listener_binding = nsxv_db.get_nsxv_lbaas_listener_binding( context.session, lb_id, listener.id) edge_id = lb_binding['edge_id'] try: with locking.LockManager.get_lock(edge_id): h = self.vcns.create_pool(edge_id, edge_pool)[0] edge_pool_id = lb_common.extract_resource_id(h['location']) nsxv_db.add_nsxv_lbaas_pool_binding(context.session, lb_id, listener.id, pool.id, edge_pool_id) # Associate listener with pool vse = listener_mgr.listener_to_edge_vse( listener, lb_binding['vip_address'], edge_pool_id, listener_binding['app_profile_id']) with locking.LockManager.get_lock(edge_id): self.vcns.update_vip(edge_id, listener_binding['vse_id'], vse) self.lbv2_driver.pool.successful_completion(context, pool) except nsxv_exc.VcnsApiException: with excutils.save_and_reraise_exception(): self.lbv2_driver.pool.failed_completion(context, pool) LOG.error(_LE('Failed to create pool %s'), pool['id'])