def _create_network(self, vn_name, vn_type, proj_obj, ipam_obj, ipam_update, provider=None): # Check if the VN already exists. # If yes, update existing VN object with k8s config. vn_exists = False vn = VirtualNetwork(name=vn_name, parent_obj=proj_obj, address_allocation_mode='flat-subnet-only') try: vn_obj = self.vnc_lib.virtual_network_read( fq_name=vn.get_fq_name()) vn_exists = True except NoIdError: # VN does not exist. Create one. vn_obj = vn # Attach IPAM to virtual network. # # For flat-subnets, the subnets are specified on the IPAM and # not on the virtual-network to IPAM link. So pass an empty # list of VnSubnetsType. if ipam_update or \ not self._is_ipam_exists(vn_obj, ipam_obj.get_fq_name()): vn_obj.add_network_ipam(ipam_obj, VnSubnetsType([])) vn_obj.set_virtual_network_properties( VirtualNetworkType(forwarding_mode='l3')) fabric_snat = False if vn_type == 'pod-network': fabric_snat = True if not vn_exists: if self.args.ip_fabric_forwarding: if provider: # enable ip_fabric_forwarding vn_obj.add_virtual_network(provider) elif fabric_snat and self.args.ip_fabric_snat: # enable fabric_snat vn_obj.set_fabric_snat(True) else: # disable fabric_snat vn_obj.set_fabric_snat(False) # Create VN. self.vnc_lib.virtual_network_create(vn_obj) else: self.vnc_lib.virtual_network_update(vn_obj) vn_obj = self.vnc_lib.virtual_network_read( fq_name=vn_obj.get_fq_name()) VirtualNetworkKM.locate(vn_obj.uuid) return vn_obj
def _create_virtual_network(self, vn_name, proj_obj, ipam_obj, ipam_update, provider=None, subnets=None, type='flat-subnet-only', ip_fabric_snat=None): vn_exists = False vn = VirtualNetwork( name=vn_name, parent_obj=proj_obj, address_allocation_mode=type) try: vn_obj = self._vnc_lib.virtual_network_read( fq_name=vn.get_fq_name()) vn_exists = True except NoIdError: # VN does not exist. Create one. vn_obj = vn if vn_exists: return vn_obj # Attach IPAM to virtual network. # # For flat-subnets, the subnets are specified on the IPAM and # not on the virtual-network to IPAM link. So pass an empty # list of VnSubnetsType. # For user-defined-subnets, use the provided subnets if ipam_update or \ not self._is_ipam_exists(vn_obj, ipam_obj.get_fq_name()): if subnets and type == 'user-defined-subnet-only': vn_obj.add_network_ipam(ipam_obj, subnets) else: vn_obj.add_network_ipam(ipam_obj, VnSubnetsType([])) vn_obj.set_virtual_network_properties( VirtualNetworkType(forwarding_mode='l2_l3')) if not vn_exists: if provider: # enable ip_fabric_forwarding vn_obj.add_virtual_network(provider) elif ip_fabric_snat: # enable fabric_snat vn_obj.set_fabric_snat(True) else: # disable fabric_snat vn_obj.set_fabric_snat(False) # Create VN. self._vnc_lib.virtual_network_create(vn_obj) else: # TODO: Handle Network update pass vn_obj = self._vnc_lib.virtual_network_read( fq_name=vn_obj.get_fq_name()) VirtualNetworkKM.locate(vn_obj.uuid) return vn_obj
def _create_isolated_ns_virtual_network(self, ns_name, vn_name, vn_type, proj_obj, ipam_obj=None, provider=None, enforce_policy=False): """ Create/Update a virtual network for this namespace. """ vn_exists = False vn = VirtualNetwork(name=vn_name, parent_obj=proj_obj, virtual_network_properties=VirtualNetworkType( forwarding_mode='l3'), address_allocation_mode='flat-subnet-only') try: vn_obj = self._vnc_lib.virtual_network_read( fq_name=vn.get_fq_name()) vn_exists = True except NoIdError: # VN does not exist. Create one. vn_obj = vn fabric_snat = False if vn_type == 'pod-network': if self._is_ip_fabric_snat_enabled(ns_name): fabric_snat = True if not vn_exists: # Add annotatins on this isolated virtual-network. VirtualNetworkKM.add_annotations(self, vn, namespace=ns_name, name=ns_name, isolated='True') # Instance-Ip for pods on this VN, should be allocated from # cluster pod ipam. Attach the cluster pod-ipam object # to this virtual network. vn_obj.add_network_ipam(ipam_obj, VnSubnetsType([])) if provider: # enable ip_fabric_forwarding vn_obj.add_virtual_network(provider) elif fabric_snat: # enable fabric_snat vn_obj.set_fabric_snat(True) else: # disable fabric_snat vn_obj.set_fabric_snat(False) vn_uuid = self._vnc_lib.virtual_network_create(vn_obj) # Cache the virtual network. VirtualNetworkKM.locate(vn_uuid) else: ip_fabric_enabled = False if provider: vn_refs = vn_obj.get_virtual_network_refs() ip_fabric_fq_name = provider.fq_name for vn in vn_refs or []: vn_fq_name = vn['to'] if vn_fq_name == ip_fabric_fq_name: ip_fabric_enabled = True break if not ip_fabric_enabled and fabric_snat: # enable fabric_snat vn_obj.set_fabric_snat(True) else: # disable fabric_snat vn_obj.set_fabric_snat(False) # Update VN. self._vnc_lib.virtual_network_update(vn_obj) vn_uuid = vn_obj.get_uuid() vn_obj = self._vnc_lib.virtual_network_read(id=vn_uuid) # If required, enforce security policy at virtual network level. if enforce_policy: self._vnc_lib.set_tags( vn_obj, self._labels.get_labels_dict( VncSecurityPolicy.cluster_aps_uuid)) return vn_obj