def delete_reservedip(obj, context, **kwargs):
cls = fortinet_db.Fortinet_ML2_ReservedIP
reserved_ip = fortinet_db.query_record(context, cls, **kwargs)
if reserved_ip:
db_reservedips = fortinet_db.query_records(
context, cls, subnet_id=reserved_ip.subnet_id)
db_reservedips.remove(reserved_ip)
reserved_addresses = []
for rsrvdip in db_reservedips:
reserved_addresses.append({
'id': rsrvdip.edit_id,
'ip': rsrvdip.ip,
'mac': rsrvdip.mac
})
db_subnet = fortinet_db.query_record(context,
fortinet_db.Fortinet_ML2_Subnet,
subnet_id=reserved_ip.subnet_id)
if db_subnet:
op(obj,
context,
resources.DhcpServerRsvAddr.set,
id=db_subnet.edit_id,
vdom=reserved_ip.vdom,
reserved_address=jsonutils.dumps(reserved_addresses))
fortinet_db.delete_record(context, cls, **kwargs)
def delete_vdom(obj, context, **kwargs):
cls = fortinet_db.Fortinet_ML2_Namespace
namespace = fortinet_db.query_record(context, cls, **kwargs)
if namespace:
tenant_id = namespace.tenant_id
if not fortinet_db.query_count(context, l3_db.Router,
tenant_id=tenant_id) and \
not fortinet_db.query_count(context, models_v2.Network,
tenant_id=tenant_id) and \
not fortinet_db.query_count(context, l3_db.FloatingIP,
tenant_id=tenant_id):
try:
op(obj, context, resources.Vdom.get, name=namespace.vdom)
op(obj, context, resources.Vdom.delete, name=namespace.vdom)
except Exception as e:
resources.Exinfo(e)
fortinet_db.delete_record(context, cls, **kwargs)
else:
db_routers = fortinet_db.query_records(context,
l3_db.Router,
tenant_id=tenant_id)
db_networks = fortinet_db.query_records(context,
models_v2.Network,
tenant_id=tenant_id)
db_fips = fortinet_db.query_records(context,
l3_db.FloatingIP,
tenant_id=tenant_id)
LOG.debug(
"Keeping vdom, because existing db_routers: %(routers)s,"
"db_networks: %(networks)s, db_fips: %(fips)s", {
'routers': db_routers,
'networks': db_networks,
'fips': db_fips
})
return namespace
def sync_conf_to_db(self, param):
cls = getattr(fortinet_db, const.FORTINET_PARAMS[param]['cls'])
conf_list = self.get_range(param)
session = db_api.get_session()
records = fortinet_db.query_records(session, cls)
for record in records:
kwargs = {}
for key in const.FORTINET_PARAMS[param]['keys']:
_element = const.FORTINET_PARAMS[param]['type'](record[key])
if _element not in conf_list and not record.allocated:
kwargs.setdefault(key, record[key])
fortinet_db.delete_record(session, cls, **kwargs)
try:
for i in range(0, len(conf_list),
len(const.FORTINET_PARAMS[param]['keys'])):
kwargs = {}
for key in const.FORTINET_PARAMS[param]['keys']:
kwargs.setdefault(key, str(conf_list[i]))
i += 1
cls.init_records(session, **kwargs)
except IndexError:
LOG.error(_LE("The number of the configure range is not even,"
"the last one of %(param)s can not be used"),
{'param': param})
raise IndexError
def delete_vlink(obj, context, tenant_id):
if fortinet_db.query_count(context, l3_db.Router,
tenant_id=tenant_id) or \
fortinet_db.query_count(context, l3_db.FloatingIP,
tenant_id=tenant_id):
db_routers = fortinet_db.query_records(context,
l3_db.Router,
tenant_id=tenant_id)
db_fips = fortinet_db.query_records(context,
l3_db.FloatingIP,
tenant_id=tenant_id)
LOG.debug(
"Keeping vlink, because existing data "
"db_routers: %(routers)s, db_fips: %(fips)s", {
'routers': db_routers,
'fips': db_fips
})
return False
vdom = fortinet_db.query_record(context,
fortinet_db.Fortinet_ML2_Namespace,
tenant_id=tenant_id).vdom
vlink_vlan = fortinet_db.query_record(
context,
fortinet_db.Fortinet_Vlink_Vlan_Allocation,
vdom=vdom,
allocated=True)
if not vlink_vlan:
return False
vlink_ip = fortinet_db.query_record(
context,
fortinet_db.Fortinet_Vlink_IP_Allocation,
vdom=vdom,
vlink_id=vlink_vlan.id,
allocated=True)
if not vlink_ip:
return False
"""
delete_fwpolicy(obj, context,
vdom=const.EXT_VDOM,
srcintf=vlink_vlan.inf_name_ext_vdom,
dstintf=obj._fortigate['ext_interface'],
nat='enable')"""
gateway_ip = get_ipaddr(netaddr.IPNetwork(vlink_ip.vlink_ip_subnet), 1)
delete_routerstatic(obj,
context,
vdom=vdom,
dst=const.EXT_DEF_DST,
device=vlink_vlan.inf_name_int_vdom,
gateway=gateway_ip)
delete_vlink_intf(obj, context, vlink_vlan)
fortinet_db.delete_record(context,
fortinet_db.Fortinet_Vlink_IP_Allocation,
vdom=vdom,
vlink_id=vlink_vlan.id)
fortinet_db.delete_record(context,
fortinet_db.Fortinet_Vlink_Vlan_Allocation,
id=vlink_vlan.id)
return True
def delete_interface_ip(obj, context, **kwargs):
"""
:param context:
:param kwargs: example format as below
{
"ip": "10.160.37.20 255.255.255.0",
"name": "port37",
"vdom": "root"
}
:return:
"""
records = fortinet_db.query_records(context,
fortinet_db.Fortinet_Interface_subip,
name=kwargs.get('name'))
org_subips = [getattr(record, 'ip') for record in records]
if kwargs.get('ip') in org_subips:
org_subips.remove(kwargs["ip"])
#op(obj, context, resources.VlanInterface.set,
# name=kwargs.get('name'),
# vdom=kwargs.get('vdom'),
# secondaryips=org_subips)
fortinet_db.delete_record(context,
fortinet_db.Fortinet_Interface_subip,
**kwargs)
else:
inf_db = fortinet_db.query_record(context,
fortinet_db.Fortinet_Interface,
**kwargs)
if not inf_db:
return
if org_subips:
kwargs['ip'] = org_subips.pop()
op(obj,
context,
resources.VlanInterface.set,
name=kwargs.get('name'),
vdom=kwargs.get('vdom'),
secondaryips=org_subips)
fortinet_db.delete_record(context,
fortinet_db.Fortinet_Interface_subip,
**kwargs)
else:
kwargs['ip'] = const.EXT_DEF_DST
op(obj, context, resources.VlanInterface.set, **kwargs)
inf_db.update_record(context, inf_db, ip=kwargs['ip'])
def _delete_firewall_rule(self, context, fwp_tenant_id, **fwr):
"""
:param obj:
:param context:
:param kwargs: dictionary, firewall rule
firewall_rule: {'source_ip_address': u'192.176.10.0/24',... }
:return:
"""
# need to consider shared firewall rules
LOG.debug("# _delete_firewall_rule() called")
namespace = fortinet_db.Fortinet_ML2_Namespace.query_one(
context, tenant_id=fwp_tenant_id)
if not namespace:
return None
fwp_assed = fortinet_db.Fortinet_FW_Rule_Association.query_all(
context, fwr_id=fwr['id'])
for fwp in fwp_assed:
fortinet_db.delete_record(context,
fortinet_db.Fortinet_FW_Rule_Association,
fwr_id=fwp.fwr_id,
fortinet_pid=fwp.fortinet_pid)
utils.delete_fwpolicy(self,
context,
id=fwp.fortinet_pid,
vdom=namespace.vdom)
if fwr.get('source_ip_address', None):
srcaddr = constants.PREFIX['source_ip_address'] + fwr['id']
utils.delete_fwaddress(self,
context,
vdom=namespace.vdom,
name=srcaddr)
if fwr.get('destination_ip_address', None):
dstaddr = constants.PREFIX['destination_ip_address'] + fwr['id']
utils.delete_fwaddress(self,
context,
vdom=namespace.vdom,
name=dstaddr)
self._delete_fwr_service(context, namespace.vdom, **fwr)
def _release_floatingip(self, context, id):
"""
:param context:
:param id: the floatingip id in neutron.db.l3_db.FloatingIP.
{
tenant_id=u'3998b33381fb48f694369689065a3760',
id=u'25e1588a-5ec5-4fbc-bdef-eff8713da8f8',
floating_ip_address=u'10.160.37.111',
floating_network_id=u'1c1dbecc-9dac-4311-a346-f147a04c8dc8',
floating_port_id=u'4b4120d4-77f9-4f82-b823-05876929a1c4',
fixed_port_id=None,
fixed_ip_address=None,
router_id=None,
last_known_router_id=None,
status=u'DOWN'
}
:return:
"""
with context.session.begin(subtransactions=True):
l3db_fip = self._get_floatingip(context, id)
tenant_id = l3db_fip.tenant_id
db_namespace = fortinet_db.query_record(
context,
fortinet_db.Fortinet_ML2_Namespace,
tenant_id=tenant_id)
db_fip = fortinet_db.query_record(
context,
fortinet_db.Fortinet_FloatingIP_Allocation,
floating_ip_address=l3db_fip.floating_ip_address,
allocated=True)
if not db_fip or not db_namespace:
return
int_intf, ext_intf = utils.get_vlink_intf(self,
context,
vdom=db_namespace.vdom)
mappedip = utils.get_ipaddr(db_fip.ip_subnet, 0)
utils.delete_fwippool(self,
context,
name=mappedip,
vdom=db_namespace.vdom,
startip=mappedip)
utils.delete_fwpolicy(self,
context,
vdom=const.EXT_VDOM,
srcintf=ext_intf,
srcaddr=mappedip,
dstintf=self._fortigate['ext_interface'],
poolname=db_fip.floating_ip_address)
utils.delete_fwaddress(self,
context,
name=mappedip,
vdom=const.EXT_VDOM,
subnet="%s 255.255.255.255" % mappedip)
utils.delete_fwippool(self,
context,
name=db_fip.floating_ip_address,
vdom=const.EXT_VDOM,
startip=db_fip.floating_ip_address)
utils.delete_routerstatic(self,
context,
vdom=const.EXT_VDOM,
dst="%s 255.255.255.255" % mappedip,
device=ext_intf,
gateway=const.DEF_GW)
utils.delete_fwpolicy(self,
context,
vdom=const.EXT_VDOM,
dstintf=ext_intf,
dstaddr=l3db_fip.floating_ip_address)
utils.delete_vip(self,
context,
vdom=const.EXT_VDOM,
name=db_fip.vip_name,
extip=db_fip.floating_ip_address,
extintf='any',
mappedip=mappedip)
fortinet_db.delete_record(
context,
fortinet_db.Fortinet_FloatingIP_Allocation,
vdom=db_namespace.vdom,
floating_ip_address=db_fip.floating_ip_address,
vip_name=db_fip.floating_ip_address)
# TODO(jerryz): move this out of transaction.
setattr(context, 'GUARD_TRANSACTION', False)
super(FortinetL3ServicePlugin, self).delete_floatingip(context, id)
utils.delete_vlink(self, context, tenant_id)
utils.delete_vdom(self, context, tenant_id=tenant_id)
def delete_by_id(obj, context, cls, resource, **kwargs):
record = fortinet_db.query_record(context, cls, **kwargs)
delete_resource_with_id(obj, context, record, resource)
return fortinet_db.delete_record(context, cls, **kwargs)