def _create_iip(self, pod_task_id, vn_obj, vmi, custom_ipam=None): vn = VirtualNetworkMM.find_by_name_or_uuid(vn_obj.get_uuid()) if not vn: # It is possible our cache may not have the VN yet. Locate it. vn = VirtualNetworkMM.locate(vn_obj.get_uuid()) if custom_ipam is None: ipam_fq_name = vnc_mesos_config.pod_task_ipam_fq_name() else: ipam_fq_name = custom_ipam.split(':') pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(ipam_fq_name) # Create instance-ip. iip_uuid = str(uuid.uuid1()) iip_obj = InstanceIp(name=pod_task_id, subnet_uuid=pod_ipam_subnet_uuid) iip_obj.uuid = iip_uuid iip_obj.add_virtual_network(vn_obj) # Creation of iip requires the vmi vnc object. vmi_obj = self._vnc_lib.virtual_machine_interface_read( fq_name=vmi.fq_name) iip_obj.add_virtual_machine_interface(vmi_obj) InstanceIpMM.add_annotations(self, iip_obj, pod_task_id) self._logger.debug("%s: Create IIP from ipam_fq_name [%s]" " pod_ipam_subnet_uuid [%s]" " vn [%s] vmi_fq_name [%s]" %\ (self._name, ipam_fq_name, pod_ipam_subnet_uuid, vn.name, vmi.fq_name)) try: self._vnc_lib.instance_ip_create(iip_obj) except RefsExistError: self._vnc_lib.instance_ip_update(iip_obj) InstanceIpMM.locate(iip_obj.uuid) return iip_obj
def _create_iip(self, pod_name, pod_namespace, vn_obj, vmi): # Instance-ip for pods are ALWAYS allocated from pod ipam on this # VN. Get the subnet uuid of the pod ipam on this VN, so we can request # an IP from it. vn = VirtualNetworkKM.find_by_name_or_uuid(vn_obj.get_uuid()) if not vn: # It is possible our cache may not have the VN yet. Locate it. vn = VirtualNetworkKM.locate(vn_obj.get_uuid()) pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid( vnc_kube_config.pod_ipam_fq_name()) # Create instance-ip. display_name = VncCommon.make_display_name(pod_namespace, pod_name) iip_uuid = str(uuid.uuid1()) iip_name = VncCommon.make_name(pod_name, iip_uuid) iip_obj = InstanceIp(name=iip_name, subnet_uuid=pod_ipam_subnet_uuid, display_name=display_name) iip_obj.uuid = iip_uuid iip_obj.add_virtual_network(vn_obj) # Creation of iip requires the vmi vnc object. vmi_obj = self._vnc_lib.virtual_machine_interface_read( fq_name=vmi.fq_name) iip_obj.add_virtual_machine_interface(vmi_obj) InstanceIpKM.add_annotations(self, iip_obj, pod_namespace, pod_name) try: self._vnc_lib.instance_ip_create(iip_obj) except RefsExistError: self._vnc_lib.instance_ip_update(iip_obj) InstanceIpKM.locate(iip_obj.uuid) return iip_obj
def _create_iip(self, pod_name, pod_namespace, proj_uuid, vn_obj, vmi): # Instance-ip for pods are ALWAYS allocated from pod ipam on this # VN. Get the subnet uuid of the pod ipam on this VN, so we can request # an IP from it. vn = VirtualNetworkKM.find_by_name_or_uuid(vn_obj.get_uuid()) if not vn: # It is possible our cache may not have the VN yet. Locate it. vn = VirtualNetworkKM.locate(vn_obj.get_uuid()) if self._is_pod_network_isolated(pod_namespace): vn_namespace = pod_namespace else: vn_namespace = 'default' if self._is_ip_fabric_forwarding_enabled(vn_namespace): ipam_fq_name = vnc_kube_config.ip_fabric_ipam_fq_name() else: ipam_fq_name = vnc_kube_config.pod_ipam_fq_name() pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(ipam_fq_name) # Create instance-ip. iip_uuid = str(uuid.uuid1()) iip_name = VncCommon.make_name(pod_name, iip_uuid) perms2 = PermType2() perms2.owner = proj_uuid perms2.owner_access = PERMS_RWX iip_obj = InstanceIp(name=iip_name, subnet_uuid=pod_ipam_subnet_uuid, display_name=iip_name, perms2=perms2) iip_obj.uuid = iip_uuid iip_obj.add_virtual_network(vn_obj) # Creation of iip requires the vmi vnc object. vmi_obj = self._vnc_lib.virtual_machine_interface_read( fq_name=vmi.fq_name) iip_obj.add_virtual_machine_interface(vmi_obj) InstanceIpKM.add_annotations(self, iip_obj, pod_namespace, pod_name) self._logger.debug("%s: Create IIP from ipam_fq_name [%s]" " pod_ipam_subnet_uuid [%s]" " vn [%s] vmi_fq_name [%s]" %\ (self._name, ipam_fq_name, pod_ipam_subnet_uuid, vn.name, vmi.fq_name)) try: self._vnc_lib.instance_ip_create(iip_obj) except RefsExistError: self._vnc_lib.instance_ip_update(iip_obj) InstanceIpKM.locate(iip_obj.uuid) return iip_obj
def _create_iip(self, pod_name, pod_namespace, vn_obj, vmi): # Instance-ip for pods are ALWAYS allocated from pod ipam on this # VN. Get the subnet uuid of the pod ipam on this VN, so we can request # an IP from it. vn = VirtualNetworkKM.find_by_name_or_uuid(vn_obj.get_uuid()) if not vn: # It is possible our cache may not have the VN yet. Locate it. vn = VirtualNetworkKM.locate(vn_obj.get_uuid()) if self._is_pod_network_isolated(pod_namespace): vn_namespace = pod_namespace else: vn_namespace = 'default' if self._is_ip_fabric_forwarding_enabled(vn_namespace): ipam_fq_name = vnc_kube_config.ip_fabric_ipam_fq_name() else: ipam_fq_name = vnc_kube_config.pod_ipam_fq_name() pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(ipam_fq_name) # Create instance-ip. iip_uuid = str(uuid.uuid1()) iip_name = VncCommon.make_name(pod_name, iip_uuid) iip_obj = InstanceIp(name=iip_name, subnet_uuid=pod_ipam_subnet_uuid, display_name=iip_name) iip_obj.uuid = iip_uuid iip_obj.add_virtual_network(vn_obj) # Creation of iip requires the vmi vnc object. vmi_obj = self._vnc_lib.virtual_machine_interface_read( fq_name=vmi.fq_name) iip_obj.add_virtual_machine_interface(vmi_obj) InstanceIpKM.add_annotations(self, iip_obj, pod_namespace, pod_name) self._logger.debug("%s: Create IIP from ipam_fq_name [%s]" " pod_ipam_subnet_uuid [%s]" " vn [%s] vmi_fq_name [%s]" %\ (self._name, ipam_fq_name, pod_ipam_subnet_uuid, vn.name, vmi.fq_name)) try: self._vnc_lib.instance_ip_create(iip_obj) except RefsExistError: self._vnc_lib.instance_ip_update(iip_obj) InstanceIpKM.locate(iip_obj.uuid) return iip_obj
def test_rbac_on_back_ref(self): admin_iip_count = 10 iip_uuids = set() user_api = self._get_api_client( 'user-%s' % self.id(), 'password', 'project-%s' % self.id(), 'member') user_project = self.admin_api.project_read(id=user_api.project_id) user_vn = VirtualNetwork( 'user-vn-%s' % self.id(), parent_obj=user_project) user_ni = NetworkIpam('ni-%s' % self.id(), parent_obj=user_project) user_api.network_ipam_create(user_ni) user_vn.add_network_ipam( user_ni, VnSubnetsType( [IpamSubnetType(SubnetType('1.1.1.0', 28))])) user_api.virtual_network_create(user_vn) user_vmi_view = VirtualMachineInterface( 'user-vmi-%s' % self.id(), parent_obj=user_project) user_vmi_view.add_virtual_network(user_vn) user_api.virtual_machine_interface_create(user_vmi_view) user_iip = InstanceIp('user-iip-%s' % self.id()) user_iip.add_virtual_network(user_vn) user_iip.add_virtual_machine_interface(user_vmi_view) user_api.instance_ip_create(user_iip) iip_uuids.add(user_iip.uuid) for i in range(admin_iip_count): admin_iip = InstanceIp('admin-iip-%d-%s' % (i, self.id())) admin_iip.add_virtual_network(user_vn) admin_iip.add_virtual_machine_interface(user_vmi_view) self.admin_api.instance_ip_create(admin_iip) iip_uuids.add(admin_iip.uuid) user_iips = user_vmi_view.get_instance_ip_back_refs() self.assertEqual(len(user_iips), 1) self.assertEqual(user_iips[0]['uuid'], user_iip.uuid) admin_vmi_view = self.admin_api.virtual_machine_interface_read( id=user_vmi_view.uuid) admin_iips = admin_vmi_view.get_instance_ip_back_refs() self.assertEqual(len(admin_iips), admin_iip_count + 1) self.assertEqual({iip['uuid'] for iip in admin_iips}, iip_uuids)
except RefsExistError as ref: print >> sys.stderr, "Not creating VMI, already exists: ", str(ref) vmi_obj = api.virtual_machine_interface_read(fq_name=proj_fq_name + [vmi_name]) vmi_uuid = vmi_obj.uuid ## LINK VM TO VROUTER vrouter_obj = api.virtual_router_read(id=vr_uuid) ref_response = api.ref_update('virtual-router', vrouter_obj.uuid, 'virtual-machine', vm_obj.uuid, None, 'ADD') print >> sys.stderr, "Linked VM to vRouter:", ref_response ## CREATE INTERFACE IP iip_uuid = str(uuid.uuid1()) perms2 = PermType2() perms2.owner = proj_uuid perms2.owner_access = PERMS_RWX iip_obj = InstanceIp(name=iip_name, subnet_uuid=subnet_uuid, display_name=iip_name, perms2=perms2) iip_obj.uuid = iip_uuid iip_obj.add_virtual_network(vn_obj) iip_obj.add_virtual_machine_interface(vmi_obj) try: api.instance_ip_create(iip_obj) except RefsExistError as ref: print >> sys.stderr, "Not creating VMI IP, already exists: ", str(ref) print json.dumps({"vmiUuid": vmi_uuid, "vmUuid": vm_uuid, "vnUuid": vn_uuid})