def __init__(self, request):
neutron_enabled = base.is_service_enabled(request, 'network')
if neutron_enabled:
self.floating_ips = neutron.FloatingIpManager(request)
else:
self.floating_ips = nova.FloatingIpManager(request)
if (neutron_enabled and
neutron.is_extension_supported(request, 'security-group')):
self.secgroups = neutron.SecurityGroupManager(request)
else:
self.secgroups = nova.SecurityGroupManager(request)
def __init__(self, request):
# TODO(amotoki): neutron check needs to be dropped.
# The network API wrapper can depend on neutron.
neutron_enabled = base.is_service_enabled(request, 'network')
if neutron_enabled:
self.floating_ips = neutron.FloatingIpManager(request)
else:
self.floating_ips = None
if (neutron_enabled
and neutron.is_extension_supported(request, 'security-group')):
self.secgroups = neutron.SecurityGroupManager(request)
else:
self.secgroups = None
def __init__(self, request):
neutron_enabled = base.is_service_enabled(request, 'network')
if neutron_enabled:
self.floating_ips = neutron.FloatingIpManager(request)
else:
self.floating_ips = nova.FloatingIpManager(request)
# Not all qunantum plugins support security group,
# so we have enable_security_group configuration parameter.
neutron_sg_enabled = getattr(settings, 'OPENSTACK_NEUTRON_NETWORK',
{}).get('enable_security_group', True)
if neutron_enabled and neutron_sg_enabled:
self.secgroups = neutron.SecurityGroupManager(request)
else:
self.secgroups = nova.SecurityGroupManager(request)
def setup_new_project(request, project_id, project_name, data):
try:
acct_table = getattr(settings, 'ACCOUNTING', None)
if acct_table:
uid = acct_table.get('user_id', None)
roleid = acct_table.get('role_id', None)
if uid and roleid:
keystone_api.add_tenant_user_role(request, project_id, uid, roleid)
except:
LOG.error("Cannot add user for accounting", exc_info=True)
messages.error(request, _("Cannot add user for accounting"))
unit_id = data.get('unit', None)
cloud_table = get_unit_table()
if not unit_id or not unit_id in cloud_table:
return
unit_data = cloud_table[unit_id]
prj_cname = re.sub(r'\s+', "-", project_name)
flow_step = 0
try:
cinder_params = dict()
for pkey, pvalue in unit_data.items():
if pkey == 'quota_total':
cinder_params['gigabytes'] = pvalue
elif pkey == 'quota_per_volume':
cinder_params['per_volume_gigabytes'] = pvalue
elif pkey.startswith('quota_'):
cinder_params['gigabytes_' + pkey[6:]] = pvalue
if len(cinder_params):
cinder_api.tenant_quota_update(request, project_id, **cinder_params)
except:
LOG.error("Cannot setup project quota", exc_info=True)
messages.error(request, _("Cannot setup project quota"))
try:
hyper_list = unit_data.get('hypervisors', [])
if len(hyper_list):
agg_prj_cname = "%s-%s" % (unit_data.get('aggregate_prefix', unit_id), prj_cname)
avail_zone = unit_data.get('availability_zone', 'nova')
new_aggr = nova_api.aggregate_create(request, agg_prj_cname, avail_zone)
flow_step += 1
for h_item in hyper_list:
nova_api.add_host_to_aggregate(request, new_aggr.id, h_item)
flow_step += 1
all_md = { 'filter_tenant_id' : project_id }
all_md.update(unit_data.get('metadata', {}))
nova_api.aggregate_set_metadata(request, new_aggr.id, all_md)
flow_step = 0
except:
if flow_step == 0:
err_msg = _("Cannot create host aggregate")
elif flow_step == 1:
err_msg = _("Cannot insert hypervisor in aggregate")
else:
err_msg = _("Cannot set metadata for aggregate")
LOG.error(err_msg, exc_info=True)
messages.error(request, err_msg)
try:
subnet_cidr = data['%s-net' % unit_id]
prj_lan_name = "%s-lan" % prj_cname
prj_net = neutron_api.network_create(request, tenant_id=project_id, name=prj_lan_name)
flow_step += 1
net_args = {
'cidr' : subnet_cidr,
'ip_version' : 4,
'dns_nameservers' : unit_data.get('nameservers', []),
'enable_dhcp' : True,
'tenant_id' : project_id,
'name' : "sub-%s-lan" % prj_cname
}
prj_sub = neutron_api.subnet_create(request, prj_net['id'], **net_args)
flow_step += 1
if 'lan_router' in unit_data:
f_ips = [{
"ip_address" : subnet_cidr.replace('0/24', '1'),
"subnet_id" : prj_sub['id']
}]
r_port = neutron_api.port_create(request, prj_net['id'],
tenant_id=project_id,
project_id=project_id,
fixed_ips=f_ips)
neutron_api.router_add_interface(request, unit_data['lan_router'],
port_id=r_port['id'])
flow_step = 0
except:
if flow_step == 0:
err_msg = _("Cannot create network")
elif flow_step == 1:
err_msg = _("Cannot create sub-network")
else:
err_msg = _("Cannot add interface to router")
LOG.error(err_msg, exc_info=True)
messages.error(request, err_msg)
try:
subnet_cidr = data['%s-net' % unit_id]
def_sec_group = None
for sg_item in neutron_api.security_group_list(request, tenant_id=project_id):
if sg_item['name'].lower() == 'default':
def_sec_group = sg_item['id']
LOG.info("Found default security group %s" % def_sec_group)
break
flow_step += 1
sg_client = neutron_api.SecurityGroupManager(request).client
if not def_sec_group:
sg_params = {
'name': 'default',
'description': 'Default Security Group for ' + project_name,
'tenant_id': project_id
}
secgroup = sg_client.create_security_group({ 'security_group' : sg_params })
def_sec_group = SecurityGroup(secgroup.get('security_group'))
flow_step += 1
#
# Workaround: the tenant_id cannot be specified through high level API
#
port22_params = {
'security_group_id': def_sec_group,
'direction': 'ingress',
'ethertype': 'IPv4',
'protocol': 'tcp',
'port_range_min': 22,
'port_range_max': 22,
'remote_ip_prefix': "0.0.0.0/0",
'tenant_id' : project_id
}
icmp_params = {
'security_group_id': def_sec_group,
'direction': 'ingress',
'ethertype': 'IPv4',
'protocol': 'icmp',
'remote_ip_prefix': "0.0.0.0/0",
'tenant_id' : project_id
}
sg_client.create_security_group_rule({'security_group_rule': port22_params})
sg_client.create_security_group_rule({'security_group_rule': icmp_params})
except:
if flow_step == 0:
err_msg = _("Cannot retrieve default security group")
elif flow_step == 1:
err_msg = _("Cannot create default security group")
else:
err_msg = _("Cannot insert basic rules")
LOG.error(err_msg, exc_info=True)
messages.error(request, err_msg)
try:
new_tags = list()
new_tags.append(ORG_TAG_FMT % unit_data.get('organization', 'other'))
for ou_id in data.get('%s-ou' % unit_id, []):
if ou_id.strip():
new_tags.append(OU_TAG_FMT % ou_id.strip())
kclient = keystone_api.keystoneclient(request)
kclient.projects.update_tags(project_id, new_tags)
except:
LOG.error("Cannot add organization tags", exc_info=True)
messages.error(request, _("Cannot add organization tags"))
